While scanning though my RSS feeds this morning (Which I have neglected in the past few weeks), I ran into a PABP product release. Let me just include the relevant portions here and not list the company name.
_______________ is a PCI PABP v1.4 (Payment Application Best Practices) validated payment application, Visa USA accepted _______________ as validated based on the review by Trustwave, a well known QSR. _______________ runs on Windows 98 through Windows Vista and supports _________________________________________________________.
Two things that struck me.
- Trustwave is a QSA ( actually PA-QSA in this role) not a QSR – (Quick Service Restaurant ? )
- Windows 98 ? Windows 98 is not secure, and is at End-of-Life (July 2006), does not receive new security patches, and is not something that I would recommend to anyone implementing a new payment application.
How can a a payment application be PABP compliant on an non-secure, not supported, EOL’ed OS ? Interesting….