The first universal standard protecting credit card data is now dead.
Visa developed the Payment Application Best Practices (PABP) in 2005 to provide software vendors guidance in developing payment applications that help merchants and agents mitigate compromises, prevent storage of sensitive cardholder data and support overall compliance with the PCI Data Security Standard (PCI DSS).
The PCI Security Standards Council has announced that PABP validated applications will expire today.
The six year old PABP standard has been superseded by the much more secure “Payment Application – Data Security Standard” or PA-DSS. The PA-DSS was created in 2008 and is now on version 2.0.
Merchants using software validated against the PABP standard should have long ago moved to more secure systems. Unfortunately, they have not.
What good are all of the new standards and new software, if no one is forced to use them?
Will the PCI Council force merchants to use the new standards?
Will Visa, Mastercard, American express or the other card brands?
How about the banks and processors?
The restaurant brands or franchisors?
Mr. Merchant, Who will stand by you when you have a breach and you are running an expired payment application?
Bunt Software is the maker of SMPLink™; a PA-DSS validated credit card interface software developed specifically for Panasonic System Manager Pro (SMP) users that integrates seamlessly with Merchant Link’s TransactionVault® – a system that stores sensitive cardholder data in a secure vault – not on your back office computer.
SMPLink™ is the ONLY PA-DSS compliant credit interface for the Panasonic System Manager Pro (SMP) pos system.
Find SMPLink™ on the PCI Council List of Validated Payment Applications.