Q&A: Cash In On PCI Compliance Opportunities

By Mike Monocello, Business Solutions magazine.

What trends are you seeing with ISVs concerning the July 1, 2010 deadline?
Sean Kramer, president and CEO, Element Payment Services: First, PA-DSS (Payment Application Data Security Standard) was launched with a two-pronged approach: one targeting new merchants, or merchants that switch processors, and the other targeting merchants that have been processing on the same platform before the adoption of PA-DSS (these merchants were grandfathered in). On Oct. 1, 2008, newly boarded Level 3 and 4 merchants were required to be PCI DSS-compliant or use PA-DSS-compliant applications. The July 1 date is significant because it will require all merchants (not just those who switch processing providers) to use only PA-DSScompliant payment applications or software applications that are out of scope.