|
About the [RETIRED] PA-DSS v.1.x Questions and Answers category
|
|
0
|
7
|
January 23, 2023
|
|
[PA-DSS] 2.4 If disk encryption is used (rather than file- or column-level database encryption), log
|
|
1
|
6830
|
November 11, 2013
|
|
[PA-DSS] 12.1 If the payment application sends, or facilitates sending, cardholder data over public
|
|
1
|
13410
|
June 7, 2011
|
|
[PA-DSS] 3.3 Encrypt payment application passwords during transmission and storage, using strong cry
|
|
1
|
10453
|
August 30, 2010
|
|
[PA-DSS] 5.2.4 Insecure direct object references (do not expose internal object references to users)
|
|
1
|
2878
|
June 30, 2010
|
|
[PA-DSS] 2.5 Payment application must protect encryption keys used for encryption of cardholder dat
|
|
8
|
7510
|
May 24, 2010
|
|
[PA-DSS] 14.2.1 Update the training materials on an annual basis and whenever new payment applicatio
|
|
1
|
9987
|
February 2, 2010
|
|
[PA-DSS] 5.3 Software vendor must follow change control procedures for all product software configur
|
|
0
|
1454
|
March 18, 2007
|
|
[PA-DSS] 14.2 Develop and implement training and communication programs to ensure payment applicatio
|
|
0
|
2208
|
March 18, 2007
|
|
[PA-DSS] 12.2 The payment application must never send unencrypted PANs by end-user messaging technol
|
|
0
|
3795
|
March 18, 2007
|
|
[PA-DSS] 14.1.1 Addresses all requirements in this document wherever the PA-DSS Implementation Guide
|
|
0
|
2182
|
March 18, 2007
|
|
[PA-DSS] 5.2.9 Insecure communications (properly encrypt all authenticated and sensitive communicat
|
|
0
|
1528
|
March 18, 2007
|
|
[PA-DSS] 5.2.8 Insecure cryptographic storage (prevent cryptographic flaws)
|
|
0
|
1787
|
March 18, 2007
|
|
[PA-DSS] 5.2.10 Failure to restrict URL access (consistently enforce access control in presentation
|
|
0
|
1495
|
March 18, 2007
|
|
[PA-DSS] 5.3.3 Testing of operational functionality
|
|
0
|
1287
|
March 18, 2007
|
|
[PA-DSS] 13.1 Instruct customers to encrypt all non-console administrative access using technologies
|
|
0
|
10205
|
March 18, 2007
|
|
[PA-DSS] 5.2.7 Broken authentication and session management (properly authenticate users and protect
|
|
0
|
2901
|
March 18, 2007
|
|
[PA-DSS] 7.2 Software vendors must establish a process for timely development and deployment of secu
|
|
0
|
2284
|
March 18, 2007
|
|
[PA-DSS] 11.1 The payment application must not interfere with use of a two-factor authentication mec
|
|
0
|
11257
|
March 18, 2007
|
|
[PA-DSS] 10.1 If payment application updates are delivered via remote access into customers' systems
|
|
0
|
11101
|
March 18, 2007
|
|
[PA-DSS] 6.2 For payment applications using wireless technology, payment application must facilitate
|
|
0
|
2395
|
March 18, 2007
|
|
[PA-DSS] 5.3.4 Back-out or product de-installation procedures
|
|
0
|
1443
|
March 18, 2007
|
|
[PA-DSS] 14.1 Develop, maintain, and disseminate a PA-DSS Implementation Guide(s) for customers, res
|
|
0
|
3057
|
March 18, 2007
|
|
[PA-DSS] 11.3 If vendors, resellers/integrators, or customers can access customer's payment applicat
|
|
0
|
2344
|
March 18, 2007
|
|
[PA-DSS] 7.1 Software vendors must establish a process to identify newly discovered security vulnera
|
|
0
|
10572
|
March 18, 2007
|
|
[PA-DSS] 6.1 For payment applications using wireless technology, the wireless technology must be imp
|
|
0
|
9604
|
March 18, 2007
|
|
[PA-DSS] 14.1.2 Includes a review at least annually and updates to keep the documentation current wi
|
|
0
|
1813
|
March 18, 2007
|
|
[PA-DSS] 5.4 The payment application must not use or require use of unnecessary and insecure servic
|
|
0
|
1696
|
March 18, 2007
|
|
[PA-DSS] 8.1 The payment application must be able to be implemented into a secure network environmen
|
|
0
|
10126
|
March 18, 2007
|
|
[PA-DSS] 11.2 If the payment application may be accessed remotely, remote access to the payment appl
|
|
0
|
3779
|
March 18, 2007
|