Use of the Toolkit framework makes it substantially easier to develop applications that comply with new security mandates. Specifically, Commerce Toolkit for Applications provides out-of-the-box support for the Payment Card Industry (PCI) Data Security Standard, and performs much of the heavy lifting associated with the new Payment Application Data Security Standard (PA-DSS).
Toolkit Diagram
Client applications that are commerce-enabled with Commerce Toolkit for Applications can deliver a rich set of payment services by leveraging the IP Commerce Platform, and comply with Payment Applications Best Practices.
These built-in compliance helper components ease the burden of new compliance requirements – helping software companies quickly conform to payment application security standards and reducing the time and cost for compliance by over 40%.
The Commerce Safe Rapid Compliance Program provides software companies with web-based assessment tools, critical artifact templates, and built-in milestone reviews designed to promote compliance and expedite validation under new PA-DSS requirements. As an integral part of Commerce Lab’s proprietary integration process, the Commerce Safe Rapid Compliance Program allows software companies to manage integration and compliance efforts simultaneously – saving valuable time and money.
Compliance Mandates
7/1/08 - VNPs and agents must only certify new payment applications to their platforms that are PABP (PA-DSS)-compliant.
10/1/08 - Newly boarded Level 3 and 4 merchants must be PCI DSS compliant or use PABP (PA-DSS)-compliant applications.
10/1/09 - VNPs and agents must decertify all vulnerable payment applications.
7/1/10 - Acquirers must ensure their merchants, VNPs and agents use only PABP (PA-DSS)-compliant applications.
source: usa.visa.com