PCI-DSS is the standard for merchants and service providers to protect cardholder data.

The PA-DSS and PTS (formerly PED) device security requirements support the overall implementation of PCI-DSS by allowing Merchants to choose from Council-certified payment applications and PTS devices to further cardholder data security.

PA-DSS and PTS are not Merchant initiatives. Rather, they are geared toward the application providers and PTS device manufacturers who must submit their applications and devices for testing against the standards. That said, Merchants that utilize these applications and PTS devices must validate that they are using Certified Applications/Approved Devices when asked to do so by their Merchant Acquirer (credit card processor).