PABP
Payment Application Best Practices (PABP)
Visa developed the Payment Application Best Practices (PABP) in 2005 to provide software vendors guidance in developing payment applications that help merchants and agents mitigate compromises, prevent storage of sensitive cardholder data (i.e. full magnetic stripe data, CVV2 or PIN data) and support overall compliance with the PCI Data Security Standard (PCI DSS). Since 2005, hundreds vendors independently validated hundreds products against the PABP through a Qualified Security Assessor (QSA) trained in the PABP.
In 2008, the PCI Security Standards Council (PCI SSC) adopted Visa’s PABP and released the standard as the Payment Application Data Security Standard (PA-DSS). The PA-DSS now replaces PABP for the purpose of Visa’s compliance program.
Auric's Trevance application, included on Visa's PABP list since 2006:
2006:
Visa's PABP List May 2006
2007:
Visa's PABP List June 2007
Auric's CN!Express, Trevance, and PaymentVault applications, included on Visa's PABP list since
2008:
Visa's PABP List April 2008
2009:
Visa's PABP List June 2009
