Our team has implemented and followed the best practices with respect to payment systems for backend systems, mobile applications, readers and other application related to financial payment product in the open and closed environments

Process

PA-DSS consists of a set of 14 best practices that payment application developers should follow if their applications are to maintain a high level of security.

We ensure that all payment applications comply with the following guidelines:

  • Do not retain full magnetic stripe or CVV2 data.

  • Protect stored data.

  • Provide secure password features.

  • Log application activity

  • Develop secure applications

  • Protect wireless transmissions

  • Test applications to address vulnerabilities.

  • Facilitate secure network implementation.

  • Cardholder data must never be stored on a server connected to the Internet.

  • Facilitate secure remote software updates.

  • Facilitate secure remote access to application

  • Encrypt sensitive traffic over public networks

  • Encrypt all non-console administrative access.

  • Maintain instructional documentation and training programs for customers, resellers & integrators

Our commitment is to develop secure application, strictly, following the PCI-DSS and PA-DSS guidelines and standards.

Our PA-DSS development guidelines in achieving this goal are as follows:

  • Develop applications based on secure coding guidelines.

  • Disable or remove unnecessary and insecure services and protocols.

  • Follow change-control procedures for all product configuration changes.

  • Develop software applications based on industry best practices and incorporate information security throughout the software development life cycle.

  • Ensure that all Web-facing applications are protected against known attacks either by having all custom application code reviewed for common vulnerabilities by third-party experts or by installing an application-layer firewall in front of Web-facing applications

Girmiti Software drills down even further. For example, Clause 5.1 urges companies to develop Web applications based on secure coding guidelines such as the Open Web Application Security guidelines and which we implement.

For more information, please contact us at info@girmiti.com

Contact Us