Latest changes to PCI SSC frequently asked questions.
Vendors that want to have their software assessed to the PCI Secure Software Standard initiate the process by engaging a qualified Secure Software assessor from the PCI SSC list of …
Yes, if the software in question meets all stated eligibility criteria in effect at the time of submission, software-as-a-service may be validated to the Secure Software Standard and listed on …
After 28 October 2022, all previously validated PA-DSS applications will be expired and moved to the "Acceptable Only for Pre-existing Deployments" list on the PCI SSC website. Payment application vendors …
Secure SLC Assessors are qualified by PCI SSC to validate software vendor adherence to the Secure SLC Standard.Qualified Secure SLC Assessors will have the Assessment Type of "Secure SLC" noted …
Vendors that want to have their software development processes assessed to the Secure SLC standard may initiate the process by engaging a qualified Secure SLC assessor from the PCI SSC …
The eligibility criteria for software validation to the PCI Secure Software Standard is defined in the Secure Software Program Guide, available in the Document Library. Whether an entity is …
Secure Software Assessors are qualified by PCI SSC to validate payment software adherence to the Secure Software Standard. Qualified Secure Software Assessors will have the Assessment Type of "Secure Software" …
No. Secure Software Assessors and Secure SLC Assessors in good standing do not need to report CPEs to PCI SSC. The CPEs that these Assessors are required to obtain and …
Yes, it is possible to submit multiple changes to a software listing, however, details of each change must be provided separately using Section C1 of the Change Impact Template (located …
Yes. Vendors whose software development practices have been validated to the Secure SLC Standard are added to the list of Secure SLC Qualified Vendors.
