It helps merchants and service providers select applications developed by other parties that will aid in their compliance with PCI DSS, and allows those application vendors to market their applications as capable of meeting the necessary security requirements. That said, an application’s PA-DSS compliance will not address all of the user organization’s security or compliance needs, and PADSS applies to a certain set of payment applications only and not all applications in general. In this paper, we will consider the scope and purpose of PA-DSS, discuss the elements of a PCI PA-DSS validation, and address the ways which merchants or service providers can use an application validated for PA-DSS compliance.