Press release BoxID: 269423 (atsec information security)
  • atsec information security
  • Steinstr. 70
  • 81667 München
  • Contact person
  • Andreas Fabis
  • +1 (512) 615-7317

PCI Security Standards Council Certifies atsec as PA-QSA

atsec adds Payment Application Data Security Standard testing and consulting to its portfolio

(PresseBox) (München, ) The PCI Security Standards Council certified atsec information security as a Payment Application Qualified Security Assessor, which enables the company to perform assessments of payment applications to ensure compliance with the PA-DSS. atsec successfully passed the PA-QSA validation process and fulfilled all the requirements (business, capability and administrative) set forth by the PCI SSC.

The goal of PA-DSS is to help software vendors and others to develop secure payment applications that do not store prohibited data, such as full magnetic stripe, other sensitive authentication data or PIN data, and ensure their payment applications support compliance with the PCI DSS. PA-DSS requirements apply to payment applications that are sold, distributed or licensed to third parties.

Fiona Pattinson, Director Business Development and Strategy, commented:
"We are proud to have achieved this certification as the requirements for attaining PA-QSA status are detailed and complex - for both the company and individuals. We are looking forward to work with our customers and the PCI SSC to improve application security."

atsec has a high level of expertise in consulting clients on how to apply and implement IT security standards, as well as in evaluating IT operations, products and systems against standardized criteria.

- atsec is a qualified security assessor (QSA) accredited by the PCI SSC to perform third party PCI security assessments in the U.S., Europe and China.
- atsec has specialist expertise in the conduct of source code review, FIPS 140-2 testing, algorithm validation, SCAP and penetration testing.
- atsec has conducted a large number of security audits and assessments for customers of varying sizes, including customers in the telecommunications, energy, financial and defense sectors, which results in a wide practical experience in assessing applications and systems.
- atsec is an accredited laboratory in three national schemes (U.S., Germany, Sweden) to perform Common Criteria (ISO/IEC 15408 and 18045) evaluations.

For more information about the PA-DSS and atsec please take a look at the PCI DSS Payment Application Data Security Standard (PA-DSS) or contact atsec about PA-DSS Testing and Consulting

atsec information security

atsec information security is an independent, standards-based information technology security services company that combines a business-oriented approach to information security with in-depth technical knowledge and global experience. atsec was founded in Munich (Germany) in 2000 and has extensive international operations with offices in the U.S., Germany, Sweden and China.

atsec offers secure code review, ISO/IEC 27001 ISMS consulting, and penetration testing and scanning services as well as being a QSA and ASV.
atsec also offers evaluation and testing services leading to formal certification for IT security including evaluation under Common Criteria schemes in the U.S., Germany, and Sweden; cryptographic module and algorithm testing under the Cryptographic Module Validation Program of the National Institute of Standards and Technology (NIST) in the U.S. and Communications Security Establishment Canada (CSEC) in Canada.

atsec works with leading global companies such as IBM, Apple, Microsoft, Hewlett-Packard, Oracle, Cray, BMW, SGI, Vodafone, Swisscom, RWE, and Wincor-Nixdorf.