Paya Connect Desktop Integrators Guide
Paya Connect Desktop SDK
Paya Connect Desktop's Integrator Guide
Below are important updates regarding the most current Integrators guide, which is available below.
The current version is 1.4 and was updated as of 10/21/2019.
- Paya connect desktop does not provide non-console administrative access functionality and does not maintain user accounts for any administrative access to the application. The integrator/reseller is not required to take any action concerning the PCI Security Council standard PA-DSS 12.1. PA-DSS 12.1 requires that non-console administrative access use strong cryptology.
Integrator/Reseller Annual Training and Integrator Guide updates
- PA-DSS 3.2 program changes and updates are provided to the Paya Security team by the PCI Council as they occur. These changes will be incorporated into the Paya Connect Desktop's Integrator Guide when they are received. Our security team will share these updates with the Paya Connect Desktop Integrators / Resellers. Updates to this knowledgebase article will occur for each PA-DSS program change. The link to the article and the revised Integrator Guide will be emailed to Integrators / Resellers as these changes occur.
- Annual training for the Paya Connect Desktop's Integrator Guide will occur in August.
Vulnerability Monitoring and Scoring
As a software development company, we keep abreast of the relevant security concerns and vulnerabilities in our area of development and expertise. We accomplish this by monitoring the following resources in the security field:
- MSDN: Microsoft Developer Network
- Microsoft Technet Example
- PCI Perspectives - PCI Security Standards Council Blog. Which can be visited here.
- DHS US Cert
- Mitre CVEs
Once we identify a relevant vulnerability from the sources above (they follow the Common Vulnerability Scoring System (CVSS) framework), we determine the criticality of the vulnerability based on CVSS Framework and start to develop & test a patch that helps protect Paya Connect Desktop against that specific new vulnerability.
If you have questions or require additional information, please contact us, and we will be in touch with you shortly.