PCI Compliance is a tough topic in the world of e-commerce. Shops struggling to comply and legislature struggling to protect adds facets to the discussion daily. Here is a good article that discusses PA-DSS, another realm of security discussion. PA-DSS stands for Payment Application Data Security Standard and has been around since 2007, as the article points out, and the deadline for certification is in July of 2010. While no one can be sure what the card companies will do about e-commerce sites NOT being certified by then, it definitely looks like most won’t be.

Here’s the problem:

There is currently only one shopping cart that is PA-DSS certified: PDG Commerce. Additionally, Magento Enterprise, Miva Merchant, and X Cart are scheduled to become PA-DSS certified. Other than that, no other carts have announced that they will be, or are planning on becoming PA-DSS certified before the deadline of July 2010. There’s still time to get certified, but 4 of the thousands of shopping cart providers is not a promising number.

We highly recommend you read the article no matter which shopping cart you use or hope to use.