Visa have published a set of 10 best practices for application vendors, integrators and resellers that implement, install or manage payment-related systems on behalf of merchants. The best practices are set to compliment the Payment Card Industry (PCI) Payment Application Data Security Standard (PA-DSS). The PA-DSS was originally developed by Visa before being embraced by the industry as the PA-DSS.

"The PA-DSS provides guidance for developing secure software, while Visa's Best Practices for Payment Application Companies represents a natural companion, providing guidance on how to securely install that piece of software," said Eduardo Perez, Head of Global Payment System Security, Visa Inc.

The 10 best practices are as follows:

• Perform background checks on new employees and contractors prior to hire.
• Maintain an internal and external software security training and certification curriculum.
• Adhere to a common software development life cycle across payment applications.
• Ensure that newly released payment application versions are Payment Application Data Security Standard (PA-DSS) compliant.
• Conduct application vulnerability detection tests and code reviews against common vulnerabilities and weaknesses prior to sale or distribution.
• Actively identify payment application versions that store sensitive authentication data and/or retain critical security vulnerabilities, and notify all affected customers.
• Maintain customer service level agreements stating that only PA-DSS compliant payment application versions will be sold and supported.
• Implement an installer, integrator and reseller training and certification program that enforces adequate data security processes when supporting customers.
• Adhere to industry guidelines for data field encryption and tokenization and PAN elimination across payment applications that use these technologies.
• Support capability of dynamic data solutions across payment applications

You can find more information over on the on Visa website.

Dave

--

If you liked this article then you can:

• Subscribe to our Blog RSS feed
• Become a fan of webpayments.ie on Facebook
• Follow us on Twitter

Related Blog Posts:

• iPay API from WorldNet
• Carapay awarded Payment Institution License
• Changes to the MBNA login process

WordPress is a very popular open-source content management system (CMS). As of September 2009, it was being used by 202 million websites worldwide. The main selling points for WordPress are usability, the plugin framework and the templating system. WordPress requires a plug-in in order to function as an e-commerce website. The most popular e-commerce plugin for WordPress is ‘WP e-Commerce’.

Following on from the release of their iPhone Virtual Terminal and iPhone iPay API, WorldNet TPS have released a plugin for WP e-Commerce. This plug-in allows developers to easily integrate WordPress powered WP e-Commerce websites with WorldNet Payment Gateway. This plug-in is good news for Irish web developers as they can now easily integrate client websites with the WorldNet Payment Gateway. At present WorldNet are the only Irish payment provider who provide Web Developers with an on-going share of net revenue for all clients they refer. This referral payment is paid on a regular basis for the life time of the clients relationship with WorldNet. Depending on the number of clients and their size this can turn into a good additional revenue stream for web developers. More details on the plug-in can be found over on the WorldNet website.

Dave

--

If you liked this article then you can:

• Subscribe to our Blog RSS feed
• Become a fan of webpayments.ie on Facebook
• Follow us on Twitter

Related Blog Posts:

• US Payments Industry expert joins WorldNet TPS
• iPay API from WorldNet
• WorldNet announce online payments iPhone app