PCI DSS FAQ - Payment Card Industry (PCI) Data Security Standard Discussion Forum > PA-DSS - Payment Application Data Security Standards > [PA_DSS] 11. Facilitate secure remote access to payment application

1. [PA_DSS] 11.1 The payment application must not interfere with use of a two-factor authentication mechanism. The payment application must allow for technologies such as RADIUS or TACACS with tokens, or VPN with individual certificates
2. [PA_DSS] 11.2 If the payment application may be accessed remotely, remote access to the payment application must be authenticated using a two-factor authentication mechanism
3. [PA_DSS] 11.3 If vendors, resellers/integrators, or customers can access customer's payment applications remotely, the remote access must be implemented securely

vBulletin® v3.7.4, Copyright ©2000-2009, Jelsoft Enterprises Ltd.