Taking the POS out of PA-DSS since 2010.
Heartland offers a suite of data security solutions to help keep software shielded from cardholder data, whether in motion or at rest.
End-to-End Encryption™ (E3)Read More
Secure SubmitRead More
Your application may need to support one or more of these technologies which are exposed through Heartland's comprehensive SDKs.
If your application stores, processes, or transmits cardholder data in clear-text then it is in scope for the PCI Payment Application Data Security Standard (PA-DSS).
If your app is hosted, or sensitive data otherwise enters directly into your company, then both the app and company are in scope for full PCI DSS audits as either a merchant or service provider.
Many Heartland SDKs and APIs also support the transmission of cleartext cardholder data over a TLS-secured channel. Developers whose applications handle cleartext cardholder data will be expected to demonstrate compliance with the PCI PA-DSS. Likewise, third party developers who are planning on handling cardholder data on behalf of other merchants will be expected to demonstrate PCI DSS compliance as a Service Provider prior to completing certification with Heartland.