SOURCE: FishNet Security

September 10, 2007 12:00 ET

FishNet Security Announces Distinguished Visa QPASC Certification

Now Authorized to Perform Payment Application Security Assessments and Audits

KANSAS CITY, MO--(Marketwire - September 10, 2007) - FishNet Security, the nation's largest and most respected Information Security Solutions Provider, announces that it has recently met all requirements to be designated as a Qualified Payment Application Security Company (QPASC) by Visa.

Visa has developed "Payment Application Best Practices" to assist software vendors create secure payment applications that help ensure merchant compliance with the PCI Data Security Standard. As such, FishNet Security is now one of only 21 companies authorized by Visa to perform Payment Application Security Assessments and Audits, nationwide.

"Our organization is excited about joining this elite list of QPASCs and in our ability to assist software vendors needing to meet the Payment Application Best Practices (PABP) standards," says Gary Fish, CEO/President of FishNet Security.

The stringent application process requires FishNet Security Qualified Security Assessor (QSA) professionals to complete two PCI On-Site Audits and pass the Visa PABP certification test prior to becoming Qualified Payment Application Security Professionals (QPASP). In addition, FishNet Security proved financial stability, industry and technical expertise, and a commitment to Visa's governing requirements to become certified as a QPASC.

All QPASCs are required to meet the following criteria:

--  Fulfill all requirements of a QSA company as defined by the PCI
    Security Standards Council to perform PCI Data Security Assessments.
--  Use a Qualified Payment Application Security Professional qualified to
    perform payment application assessments.
--  Utilize the testing procedures documented in the Payment "Application
    Best Practices" document and adhere to all QSA and QPASC requirements when
    performing a payment application assessment.
--  Provide documentation demonstrating its successful qualification by
    the PCI Security Standards Council to perform PCI Data Security
    Assessments, and its submission of a QSA professional for Payment
    Application Security Assessments.
--  Must sign the PCI SSC QSA Agreement, which requires adherence to the
    Payment Application Best Practices procedures.

FishNet Security continues to offer a proven, risk-based approach to managing the PCI compliance standards providing an efficient framework by managing risk, minimizing exposure, and sustaining compliance. FishNet Security supports the payment industry in protecting consumers by working with merchants, service providers, payment gateways, and payment applications entities to achieve compliance with the PCI Data Security Standard and by auditing and designing remediation plans to retain compliance. FishNet Security is also a Qualified PCI Onsite Security Auditor and Qualified Approved Scanning Vendor.

About FishNet Security

FishNet Security is the nation's most respected security solutions provider. Our expertise includes information security strategy, continuous risk and application assessment, planning, implementation, management, training and support -- enabling businesses to meet their unique security needs. Since 1996, we have offered information security services and products to global enterprises, government agencies, and small-medium sized businesses. For more, visit us at

Contact Information

  • Contact:
    Stacy M. Brooks
    Media Relations
    FishNet Security
    703-793-5761 Direct
    703-793-1430 Fax
    Email Contact