The SSF replaces the Payment Application Data Security Standard (PA-DSS) with modern requirements that support a broader array of payment software types, technologies, and development methodologies.

Companies and individuals wishing to become qualified by PCI SSC to perform Secure Software Assessments should first consult the Payment Card Industry (PCI) Software Security Framework Qualification Requirements for Assessors on the Website (the “SSF Qualification Requirements”).

Software Security Framework (SSF) Assessor companies are independent security organizations that have been qualified by the PCI Security Standards Council to validate a vendor’s payment software and/or to evaluate a vendor’s software lifecycle.

Aug 2, 2021 · To assist stakeholders in their migration from PA-DSS to the Software Security Framework, PCI Security Standards Council (PCI SSC) is publishing a series of blog posts to guide payment software vendors and assessors through the …

The SSF At-a-Glance and Transitioning from PA-DSS to SSF Resource Guide provide key information to increase awareness and understanding of the SSF, its benefits and impact to the Payment Application Data Security Standard (PA-DSS) and Program.

Jan 18, 2023 · PCI SSF compliance is critical to mitigating data breach risks from impacting the data you process. As a Qualified Security Assessor (QSA) and an Approved Scanning Vendor (ASV), RSI Security is equipped to help you become and remain compliant with the PCI SSF.

The list of SSF Assessor Companies on PCI SSC’s website identifies entities that are qualified as a Secure Software Assessor Company. that A Yes. Upon successful validation to the Secure Software Standard, payment software is added to the List of Validated Payment Software on the PCI SSC website.

To support a broader array of payment software types, technologies, and development methods, PCI SSC announced the release of the new PCI Software Security Framework (SSF) in 2022. After October 2022, PCI SSC planned the official retirement of PA DSS, the benchmark standard.

The PCI SSC’s at-a-glance document provides an overview on how SSF replaces the PA-DSS with modern requirements that support a broader array of payment software types and technologies.

The Software Security Framework (SSF) was created by the PCI Software Security Council as an evolution of the Payment Application Data Security Standard (PA-DSS).