Frequently Asked Question

No.  When validating payment application compliance through a Report on Validation (ROV) you may not 'combine' requirements from multiple versions of the standard – your assessment must be to one version in its entirety. Please also note that PA-DSS validations must follow the instructions in the corresponding Program Guide.  For example, applications validated under PA-DSS version 2 must use version 2.x of the PA-DSS Program Guide, and version 3.x validations must use PA-DSS Program Guide version 3.x.