Element’s Hosted Payments is Validated to Take ISVs out of PCI Scope Removing the Need for PCI PA-DSS Assessment

Share Article

Trustwave Holdings, Inc. confirms scope eliminating ability of Element Payment Services’ Hosted Payments in a third-party assessment

Element Payment Services

Element Payment Services

This third party validation will allow ISVs to provide reassurance to customers that out-of-scope processing is an industry-accepted alternative to PA-DSS/PCI DSS validation for software applications.

Element Payment Services, Inc. the industry leader in PCI compliant payment processing, announced today that their Hosted Payments solution, an integration option to Element’s Express Processing Platform, has been validated by Trustwave Holdings, Inc. for its ability to remove software applications from the scope of the Payment Card Industry Data Security Standard (PCI DSS). The objective of the assessment was to determine the applicability of the PCI DSS and PA-DSS to software applications integrated to Express via Hosted Payments. Through this independent evaluation, Trustwave confirmed that Hosted Payments eliminates integrated software vendor’s (ISV’s) applications from the scope of PCI DSS and PA-DSS compliance requirements when implemented according to Element’s specification.

Hosted Payments removes the need for software applications to handle cardholder data as part of authorization and settlement while preserving the benefits associated with integrated payments. Because PCI DSS only applies in environments where credit card numbers are stored, processed or transmitted, Trustwave validated that ISVs leveraging Hosted Payments, assuming they (or their applications) do not otherwise store, process or transmit cardholder data, are eliminated from PCI scope and compliance costs.

Additionally, Trustwave confirmed that Hosted Payments meets the definition of a hosted application, as defined by the Payment Card Industry Security Standards Council (PCI SSC). As a hosted application, ISVs with integrated distributed software applications that utilize Hosted Payments to process payments are not required to undergo a PCI PA-DSS audit.

“The payments industry and our ISV partners have recognized the scope removing attributes of Hosted Payments since market availability in 2008. This third party validation will allow ISVs to provide reassurance to customers that out-of-scope processing is an industry-accepted alternative to PA-DSS/PCI DSS validation for software applications,” said Sean Kramer, CEO and president, Element Payment Services.

Hosted Payments removes scope by shifting the responsibility of handling sensitive card data to Element’s PCI DSS compliant Express Processing Platform. Software vendors not only avoid the hassle and cost of achieving PCI DSS and PA-DSS compliance, but because the Hosted Payments solution is integrated with Element’s Level 1 PCI DSS compliant Express Processing Platform, merchants and consumers also receive the highest level of protection from cardholder data compromises.

To date, more than 100 software applications have certified to the Express via Hosted Payments. To learn more about Element’s Hosted Payments and other PCI scope removing/reducing technologies contact us.

About Element Payment Services
Headquartered in Phoenix, Arizona, Element Payment Services, Inc. is the industry-leading provider of fully integrated PCI DSS compliant payment processing solutions for merchants and business management software providers. Engineered using service-oriented architecture, Element's Express Processing Platform allows for easy integration, supports advanced technologies and manages more than $6 billion in transaction volume annually.

Element's TransForm™ approach to payment processing is built on a simple idea – remove the value and accessibility of cardholder data to eliminate the risk. Leveraging advanced point-to-point encryption and tokenization, Element’s suite of payment solutions transform how payments are secured in a simplified way-delivering optimal security that not only meets but exceeds PCI DSS/PA-DSS compliance requirements. Element's innovative technology, Hosted Payments, was the first payment processing solution on the market to take software providers out of scope for PA-DSS/PCI DSS compliance requirements.

More information about Element Payment Services can be found at http://www.elementps.com.

# # #

Share article on social media or email:

View article via:

Pdf Print

Contact Author

Brock Robertson
Visit website