PCI Security Standards Council Certifies atsec as PA-QSA

atsec Adds Payment Application Data Security Standard Testing and Consulting to
Its Portfolio 
AUSTIN, Texas--(Business Wire)--
The PCI Security Standards Council certified atsec information security as a
Payment Application Qualified Security Assessor, which enables the company to
perform assessments of payment applications to ensure compliance with the
PA-DSS. atsec successfully passed the PA-QSA validation process and fulfilled
all the requirements (business, capability and administrative) set forth by the
PCI SSC. 

The goal of PA-DSS is to help software vendors and others to develop secure
payment applications that do not store prohibited data, such as full magnetic
stripe, other sensitive authentication data or PIN data, and ensure their
payment applications support compliance with the PCI DSS. PA-DSS requirements
apply to payment applications that are sold, distributed or licensed to third
parties. 

Fiona Pattinson, Director Business Development and Strategy, commented: "We are
proud to have achieved this certification as the requirements for attaining
PA-QSA status are detailed and complex - for both the company and individuals.
We are looking forward to work with our customers and the PCI SSC to improve
application security." 

atsec has a high level of expertise in consulting clients on how to apply and
implement IT security standards, as well as in evaluating IT operations,
products and systems against standardized criteria.

* atsec is a qualified security assessor (QSA) accredited by the PCI SSC to
perform third party PCI security assessments in the U.S., Europe and China. 
* atsec has specialist expertise in the conduct of source code review, FIPS
140-2 testing, algorithm validation, SCAP and penetration testing. 
* atsec has conducted a large number of security audits and assessments for
customers of varying sizes, including customers in the telecommunications,
energy, financial and defense sectors, which results in a wide practical
experience in assessing applications and systems. 
* atsec is an accredited laboratory in three national schemes (U.S., Germany,
Sweden) to perform Common Criteria (ISO/IEC 15408 and 18045) evaluations.

For more information about the PA-DSS and atsec please take a look at the PCI
DSS Payment Application Data Security Standard (PA-DSS) or contact atsec about
PA-DSS Testing and Consulting. 

About atsec information security

atsec information security is an independent, standards-based information
technology security services company that combines a business-oriented approach
to information security with in-depth technical knowledge and global experience.
atsec was founded in Munich (Germany) in 2000 and has extensive international
operations with offices in the U.S., Germany, Sweden and China. 

atsec offers secure code review, ISO/IEC 27001 ISMS consulting, and penetration
testing and scanning services as well as being a QSA and ASV. 

atsec also offers evaluation and testing services leading to formal
certification for IT security including evaluation under Common Criteria schemes
in the U.S., Germany, and Sweden; cryptographic module and algorithm testing
under the Cryptographic Module Validation Program of the National Institute of
Standards and Technology (NIST) in the U.S. and Communications Security
Establishment Canada (CSEC) in Canada. 

atsec works with leading global companies such as IBM, Apple, Microsoft,
Hewlett-Packard, Oracle, Cray, BMW, SGI, Vodafone, Swisscom, RWE, and
Wincor-Nixdorf. For more information please visit www.atsec.com. 



atsec information security
Andreas Fabis, 512-615-7317
Marketing Director
fabis@atsec.com


Copyright Business Wire 2009