Security Consulting
PCI Council | Secure Application | Cyber Security Services

PCI Council Payment Application Assessment (PA-DSS)


AMajor payment card brands require payment applications to be certified for compliance with the PCI Security Standards Council's Payment Application Data Security Standard (PA-DSS). The PA-DSS is a stringent regulation that helps to ensure the security of payment cardholder data against theft and online fraud. Payment applications that must comply with the regulation include online shopping carts, recurring billing apps and Web storefronts. Most organization's developers, skilled at creating better and faster business applications, have neither the time nor experience needed to perform time- and resource-intensive security and compliance checks and many applications vendors can't affords to hire in-house PA-DSS experts. To bridge the gap, applications development companies form relationships with partners that can provide expert PA-DSS assessments and certification services.


Secure Application's information security consultants provide expert assessment services that certify your payment applications as compliant with the PA-DSS. After your development team creates a cutting-edge payment application that will enable online transactions to take place faster and with minimal interruptions, our experienced professionals assess your applications, identify non-compliant code and provide recommendations on how to achieve compliance. Once our PA-DSS assessment is complete, your customers are assured that when they license your latest application, online transactions will be secure and compliant.

  • Rapid PA-DSS certification services that speed the go-to-market process for new payment applications
  • Cost-effective PA-DSS assessments that respond to your organizations' budgetary constraints
  • Secure Application PA-DSS certified consultants leverage our methodologies in Application Security, PCI-DSS and Forensics to provide industry leading PA-DSS assessment results

Secure Application services for PA-DSS are built around a gap analysis and certification review against the PA-DSS. Secure Application conducts the PA-DSS review, identifying issues that need to be addresses, and submits a Report on Validation (ROV) to the PCI Security Standards Council to confirm that your payment applications comply with the regulation.
This review includes the following phases:

  • Application discovery and examination
  • Exam application documentation/design
  • Forensic validation of cardholder data storage
  • PCI/PA-DSS gap analysis
  • Gap report including remediation steps to take
  • Verification of remediation
  • PA-DSS certification and a report on validation (ROV)