FishNet Security, the nation’s largest and most respected Information Security Solutions Provider announces that it has recently met all requirements to be designated as a Qualified Payment Application Security Company (QPASC) by Visa.

Visa has developed “Payment Application Best Practices” to assist software vendors create secure payment applications that help ensure merchant compliance with the PCI Data Security Standard. As such, FishNet Security is now one of only 21 companies authorized by Visa to perform Payment Application Security Assessments and Audits, nation-wide.

“Our organization is excited about joining this elite list of QPASCs and in our ability to assist software vendors needing to meet the Payment Application Best Practices (PABP) standards,” says Gary Fish, CEO/President of FishNet Security.

The stringent application process requires FishNet Security Qualified Security Assessor (QSA) professionals to complete two PCI On-Site Audits and pass the Visa PABP certification test prior to becoming Qualified Payment Application Security Professionals (QPASP). In addition, FishNet Security proved financial stability, industry and technical expertise, and a commitment to Visa’s governing requirements to become certified as a QPASC.

All QPASCs are required to meet the following criteria:

• Fulfill all requirements of a QSA company as defined by the PCI Security Standards Council to perform PCI Data Security Assessments.
• Use a Qualified Payment Application Security Professional qualified to perform payment application assessments.
• Utilize the testing procedures documented in the Payment Application Best Practices document and adhere to all QSA and QPASC requirements when performing a payment application assessment.
• Provide documentation demonstrating its successful qualification by the PCI Security Standards Council to perform PCI Data Security Assessments, and its submission of a QSA professional for Payment Application Security Assessments.
• Must sign the PCI SSC QSA Agreement, which requires adherence to the Payment Application Best Practices procedures.

FishNet Security continues to offer a proven, risk-based approach to managing the PCI compliance standards providing an efficient framework by managing risk, minimizing exposure, and sustaining compliance. FishNet Security supports the payment industry in protecting consumers by working with merchants, service providers, payment gateways, and payment applications entities to achieve compliance with the PCI Data Security Standard and by auditing and designing remediation plans to retain compliance. FishNet Security is also a Qualified PCI Onsite Security Auditor and Qualified Approved Scanning Vendor.