PA-DSS Validation for version 3.0

The goal of every PA-DSS validation project is the same - to get a clean Report on Validation (ROV) that is accepted by the PCI Security Standards Council and listed on their site as a validated application.   The path to that goal makes all the difference. The PCI SSC has recently updated the PA-DSS, affecting Payment Applications. Coalfire's Navis Rapid PA-DSS service has been updated with these new requirements released in the PA-DSS 3.0 standard.

The Coalfire PA-DSS process with Navis Rapid PA-DSS is the best in the business. We start working with you when you're still architecting your application and help you build in compliance from the start. We do that by giving you tools to document your application and close compliance gaps before you hand it off to our lab. We call it the ‘no surprises’ ROV - you get a comprehensive and accurate assessment, but together, we will have pre-validated everything so you can reasonably expect a passing ROV on budget and on schedule.

Rapid PA-DSS

Navis Rapid PA-DSS, Coalfire's SaaS solution for PA-DSS validation, includes working with a Coalfire senior assessor who is assigned to your project. That assessor will set you up with Navis Rapid PA-DSS access and walk through the process with you answer questions you have and providing guidance. Navis Rapid PA-DSS currently reflects the PA-DSS 3.0 requirements for payment applications.  Payment application vendors will have to submit compliance validation reports to the 3.0 standard starting January 1, 2015. Existing payment applications certified to the 2.0 standard face expiration at the end of 2015.

Rapid PA-DSS for PCI 3.0 will help you:

  • Identify gaps from the 2.0 to the 3.0 standard, presenting an opportunity to remediate gaps before the assessment begins
  • Manage multiple lines of payment applications
  • Become familiar with the PA-DSS standard
  • Create the documentation and evidence you’ll need to get the application tested
  • Remediate gaps and/or develop compensating controls
  • Securely create, store and transmit the reports you’ll need to submit to the Council

Not all ROVs are the same

Coalfire has been a PA-QSA firm since the inception of the PA-DSS standards and we complete more ROVs than any other independent assessor firm. More than 90% of our clients continue to work with us after their initial assessment, and we are increasingly taking on new clients who come to us for a fresh, independent assessment.  We are closely aligned with the PCI SSC and actively participate on working committees responsible for updating the standards and testing procedures.