PCI Security Standards Secure Software Standard and Program Version 1.1

PCI Security Standards Secure Software Standard and Program Version 1.1

By Nancy Rand
Posted in Security
On May 18, 2021

The PCI Security Standards Council, PCI SSC, published a new version of the Secure Software Standard and its supporting program documentation on 4/29/2021. https://www.pcisecuritystandards.org/about_us/press_releases/pr_04292021

This version includes a new Terminal Software Module that contains requirements for software used on PCI-approved PIN Transaction Security (PTS) Point-of-Interaction (POI) devices.

There are currently two other modules in this Standard:

  • The “Core” module that contains security requirements applicable to all payment software.
  • The “Account Data Protection” module that focuses on securing payment software that stores, processes, or transmits account data in clear text.

Additional modules are expected in the future.

The link above contains links to the following information:

  • PCI Secure Software Standard v1.1
  • Summary of Changes from PCI Secure Software Standard v1.0 to v1.1
  • PCI Secure Software Program Guide v1.1
  • PCI Secure Software Report on Validation (ROV) template v1.1
  • PCI Secure Software Attestation of Validation (AOV) v1.1
Nancy Rand

Nancy Rand

Nancy has more than 20 years’ experience in information technology and security, solving business issues and implementing best-practice solutions that support organizational objectives. Her expertise includes leveraging, optimizing, and implementing diverse technology platforms, and management of large-scale technology projects.