|
About the [RETIRED] PA-DSS v.1.x Questions and Answers category
|
|
0
|
83
|
January 23, 2023
|
|
[PA-DSS] 2.4 If disk encryption is used (rather than file- or column-level database encryption), log
|
|
1
|
6911
|
November 11, 2013
|
|
[PA-DSS] 12.1 If the payment application sends, or facilitates sending, cardholder data over public
|
|
1
|
13536
|
June 7, 2011
|
|
[PA-DSS] 3.3 Encrypt payment application passwords during transmission and storage, using strong cry
|
|
1
|
10529
|
August 30, 2010
|
|
[PA-DSS] 5.2.4 Insecure direct object references (do not expose internal object references to users)
|
|
1
|
2972
|
June 30, 2010
|
|
[PA-DSS] 2.5 Payment application must protect encryption keys used for encryption of cardholder dat
|
|
8
|
7561
|
May 24, 2010
|
|
[PA-DSS] 14.2.1 Update the training materials on an annual basis and whenever new payment applicatio
|
|
1
|
10069
|
February 2, 2010
|
|
[PA-DSS] 12.2 The payment application must never send unencrypted PANs by end-user messaging technol
|
|
0
|
3874
|
March 18, 2007
|
|
[PA-DSS] 14.1 Develop, maintain, and disseminate a PA-DSS Implementation Guide(s) for customers, res
|
|
0
|
3116
|
March 18, 2007
|
|
[PA-DSS] 5.2.10 Failure to restrict URL access (consistently enforce access control in presentation
|
|
0
|
1582
|
March 18, 2007
|
|
[PA-DSS] 5.3 Software vendor must follow change control procedures for all product software configur
|
|
0
|
1518
|
March 18, 2007
|
|
[PA-DSS] 13.1 Instruct customers to encrypt all non-console administrative access using technologies
|
|
0
|
10274
|
March 18, 2007
|
|
[PA-DSS] 14.2 Develop and implement training and communication programs to ensure payment applicatio
|
|
0
|
2277
|
March 18, 2007
|
|
[PA-DSS] 5.2.8 Insecure cryptographic storage (prevent cryptographic flaws)
|
|
0
|
1846
|
March 18, 2007
|
|
[PA-DSS] 5.4 The payment application must not use or require use of unnecessary and insecure servic
|
|
0
|
1769
|
March 18, 2007
|
|
[PA-DSS] 11.3 If vendors, resellers/integrators, or customers can access customer's payment applicat
|
|
0
|
2472
|
March 18, 2007
|
|
[PA-DSS] 5.3.2 Management sign-off by appropriate parties
|
|
0
|
1374
|
March 18, 2007
|
|
[PA-DSS] 14.1.2 Includes a review at least annually and updates to keep the documentation current wi
|
|
0
|
1882
|
March 18, 2007
|
|
[PA-DSS] 10.1 If payment application updates are delivered via remote access into customers' systems
|
|
0
|
11166
|
March 18, 2007
|
|
[PA-DSS] 11.1 The payment application must not interfere with use of a two-factor authentication mec
|
|
0
|
11323
|
March 18, 2007
|
|
[PA-DSS] 11.2 If the payment application may be accessed remotely, remote access to the payment appl
|
|
0
|
3854
|
March 18, 2007
|
|
[PA-DSS] 6.2 For payment applications using wireless technology, payment application must facilitate
|
|
0
|
2470
|
March 18, 2007
|
|
[PA-DSS] 5.2.9 Insecure communications (properly encrypt all authenticated and sensitive communicat
|
|
0
|
1586
|
March 18, 2007
|
|
[PA-DSS] 7.1 Software vendors must establish a process to identify newly discovered security vulnera
|
|
0
|
10628
|
March 18, 2007
|
|
[PA-DSS] 6.1 For payment applications using wireless technology, the wireless technology must be imp
|
|
0
|
9665
|
March 18, 2007
|
|
[PA-DSS] 5.2.7 Broken authentication and session management (properly authenticate users and protect
|
|
0
|
2980
|
March 18, 2007
|
|
[PA-DSS] 5.3.4 Back-out or product de-installation procedures
|
|
0
|
1506
|
March 18, 2007
|
|
[PA-DSS] 14.1.1 Addresses all requirements in this document wherever the PA-DSS Implementation Guide
|
|
0
|
2286
|
March 18, 2007
|
|
[PA-DSS] 8.1 The payment application must be able to be implemented into a secure network environmen
|
|
0
|
10194
|
March 18, 2007
|
|
[PA-DSS] 5.3.3 Testing of operational functionality
|
|
0
|
1355
|
March 18, 2007
|