Cubic Transportation Systems announced June 10 that the latest version of their Cubic Payment Application (CPA 3.0) has been successfully “Validated According to PA-DSS v2.0” by the PCI Security Standards Council, and is listed as “Acceptable for New Deployments” on the Payment Card Industry Data Security Standards (PCI-DSS) website .
“Today, merchants accepting credit and debit cards are required by their acquiring banks to comply with PCI DSS,” said Janet Koenig, Cubic Transportation Systems’ director of central systems. “CPA 3.0, an integral component of our NextCity suite, provides a secure payment gateway directly to merchant acquiring banks or other financial institutions. PA-DSS certification of CPA helps transport operators and authorities to achieve PCI DSS certification by providing one less step for them to worry about.”
CPA 3.0 is architected to provide optimum performance for securely processing legacy closed-loop payments (such as agency issued transit smartcards) as well as emerging forms of payment including open-loop (bank-issued contactless cards), mobile and EMV payments. Key features of CPA 3.0 include support for:
• Account-based payments, as processed by Cubic’s NextAccount, which is essential for open payments, mobile, parking and tolls.
• European and North American adoption of global EMV payments standards
• Emerging transit-specific transaction authorization and processing policies
• Concurrent connections to multiple acquirers
Previous versions of CPA, including CPA 2.0101, have also been certified as a Validated Payment Application.