Adapting financial technology standards to blockchain platforms

Document Type

Conference Proceeding

Publication Date


Publication Title

ACMSE 2019 - Proceedings of the 2019 ACM Southeast Conference

First Page


Last Page



Application security, Blockchain, Compliance, Financial technology, Payment card industry, Privacy, Security frameworks, Security standards, Smart contracts, User data


© 2019 Copyright held by the owner/author(s). Traditional payment systems have standards designed to keep transaction data secure, but blockchain systems are not in scope for such security standards. We compare the Payment Application Data Security Standard’s (PA-DSS) applicability towards transaction-supported blockchain platforms to test the standard’s applicability. By highlighting the differences in implementation on traditional and decentralized transaction platforms, we critique and adapt the standards to fit the decentralized model. In two case studies, we analyze the QTUM and Ethereum blockchain platforms’ industry compliance, as their payment platforms support transactions equivalent to that of applications governed by the PA-DSS. We determine QTUM’s and Ethereum’s capabilities to properly ensure secure data handling with respect to current security standards. After adapting the PA-DSS and analyzing the QTUM and Ethereum platforms, we revise the new set of standards to create a set of best-practices for ensuring data security on both traditional and blockchain payment systems. We report the security gaps identified on each platform based on the final revision of the standards, presenting a conclusive perspective that neither platform is suitable for business adoption based on the PA-DSS standard’s results. Finally, we discuss open research issues.

This document is currently not available here.