New Generation of WAY4 Switch is Fully Compliant with PA-DSS

At the beginning of 2015, new generation of the switching solution developed by OpenWay, a recognized leader in software for bankcard issuing and acquiring, payment processing, financial transaction routing, and omni-channel, successfully passed a payment solution security audit (PA-DSS).

The new WAY4 Switch is based on a Java messaging platform allowing OpenWay clients to customize their host-to-host interfaces and routing rules easily using new industry-standard scripting languages. Certification confirms new switching solution compliance with PA-DSS requirements. The entire WAY4 platform including WAY4 CMS & Switch is successfully certified. Past years the WAY4 CMS and Switch components of the WAY4 platform regularly passed PA-DSS audits. A PA-DSS certificate is proof that the WAY4 software platform guarantees banks and processing companies secure processing of card data and makes it possible to implement these solutions in PCI DSS-compliant IT infrastructure.

WAY4 is the only processing platform in the world with an integrated front and back office. This unique structure allows OpenWay clients to run smart online services that consider a product's business logic and client and channel specifications. Services can be launched quickly based on unified business objects and flexible rules. Working with WAY4, the bank does not bear the risks and expenses linked with integrating the processing system's back and front offices. This is because all card and client data is available in real time on a single platform. The WAY4 processing platform thereby enables financial organisations to innovate and cut costs.

The PA-DSS audit covers all of the WAY4 platform components for issuing, acquiring, switching, e-commerce, loyalty programmes, business analysis, risk management, dispute management, workbenches, merchant portal, SMS banking, and others. The full list of certified solutions on the WAY4 platform is available on the official PCI DSS website. 

Alain Vansnick, Sales Director EMEA and Americas, at OpenWay says: "We are regularly certified and believe that PA-DSS compliance of a vendor's payment solutions is mandatory in our business. Only by offering a product that complies with all security requirements can we ensure that it will enable the client to profit and compete in the market".

WAY4 Has Become the First PA-DSS Certified CMS

WAY4 from OpenWay has become the first card and merchant management solution ever certified for PA-DSS – Payment Application Data Security Standards. TrustWave, a leading Qualified Security Assessor, completed the audit in 2 months. Banks and processing companies worldwide using WAY4 will find this certificate helpful while passing their own PCI DSS audit.

PA-DSS consolidate the most effective and time-proven security policies of the major international payment systems – MasterCard, Visa, AmEx, Discover, JCB. From July 2010 PA-DSS non-compliant software will be denied by card industry players. Still, most solutions comply only with the outdated set of standards, Visa’s PABP. According to the PCI SSC website, only 11% of payment applications have PA-DSS certificate, and WAY4 is among these leaders. 

“PA-DSS impose strict requirements for the solution architecture, software development techniques, quality assurance procedures and many other aspects. Balance between the security requirements and business needs is challenging for any vendor. Since OpenWay has always attached special importance to security, our PA-DSS validation was quick and successful”, commented Wim Pardon, Director of OpenWay Belgium.


Trustwave is the leading provider of on-demand and subscription-based information security and payment card industry compliance management solutions to businesses and government entities throughout the world. For organizations faced with today's challenging data security and compliance environment, Trustwave provides a unique approach with comprehensive solutions that include its flagship TrustKeeper® compliance management software and other proprietary security solutions. Trustwave has helped thousands of organizations—ranging from Fortune 500 businesses and large financial institutions to small and medium-sized retailers—manage compliance and secure their network infrastructure, data communications and critical information assets. Trustwave is headquartered in Chicago with offices throughout North America, South America, Europe, Africa, China and Australia.