Request for Comments: PCI Secure Software Standard v1.2.1 

2 months ago AndyC

From 11 March to 11 April, eligible PCI SSC stakeholders are invited to review and provide feedback on the currently published version of the PCI Secure Software Standard during a 30-day request for c

Request for Comments: PCI Secure Software Standard v1.2.1 

From 11 March to 11 April, eligible PCI SSC stakeholders are invited to review and provide feedback on the currently published version of the PCI Secure Software Standard during a 30-day request for comments (RFC) period.    

The RFC will be available through the PCI SSC portal, including instructions on how to access the documents and submit feedback. Eligible stakeholders will also receive instructions via email. As a reminder, participants are required to accept a Non-Disclosure Agreement (NDA) to download the document. Please review the RFC Process Guide for more information.    

Please note that PCI SSC can only accept comments that are submitted via the PCI SSC portal and received within the defined RFC period.    

Background on the PCI Secure Software Standard 

PCI SSC is planning a revision to the currently published version of the Secure Software Standard v1.2.1 and its supporting Program documentation. The PCI Secure Software Standard is one of two standards in the PCI Software Security Framework (SSF). The PCI Secure Software Standard and associated security requirements help ensure that payment software is designed, developed, and maintained in a manner that protects payment transactions and data, minimizes vulnerabilities, and defends the software from attacks. 

 Access the PCI SSC Portal and Provide Comments

About Author

AndyC

Andy Curtis is an award-winning security consultant, researcher and public speaker. He has been working in the computer security industry since the early 1990s, having been employed by state and federal government, leading healthcare and banking providers across three continents. He has given talks about computer security for some of the world’s largest companies, worked with law enforcement agencies on investigations into hacking groups, and is a regular voice on TV and radio explaining IT security threats.

See author's posts

Tags: , , , , , , , , , , , , ,

More Stories

Resource Guide: Earn Continuing Professional Education Credits Through the Council

Resource Guide: Earn Continuing Professional Education Credits Through the Council

4 days ago AndyC

Giving NIST Digital Identity Guidelines a Boost: Supplement for Incorporating Syncable Authenticators

5 days ago AndyC
PCI DSS v4: What’s New with Self-Assessment Questionnaires

PCI DSS v4: What’s New with Self-Assessment Questionnaires

1 month ago AndyC
Spotlight On: HUMAN Security, a New Principal Participating Organization

Spotlight On: HUMAN Security, a New Principal Participating Organization

1 month ago AndyC
Coffee with the Council Podcast: A Reflection on 40 Years in the Payments Industry

Coffee with the Council Podcast: A Reflection on 40 Years in the Payments Industry

1 month ago AndyC

Protecting Model Updates in Privacy-Preserving Federated Learning

1 month ago AndyC

You may have missed

Hackers may have accessed thousands of accounts on California state welfare platform

Hackers may have accessed thousands of accounts on California state welfare platform

9 hours ago AndyC

Major phishing-as-a-service platform disrupted – Week in security with Tony Anscombe

12 hours ago AndyC
Brokewell supports an extensive set of Device Takeover capabilities

Brokewell supports an extensive set of Device Takeover capabilities

15 hours ago AndyC
Ukraine Targeted in Cyberattack Exploiting 7-Year-Old Microsoft Office Flaw

Ukraine Targeted in Cyberattack Exploiting 7-Year-Old Microsoft Office Flaw

15 hours ago AndyC
Bogus npm Packages Used to Trick Software Developers into Installing Malware

Bogus npm Packages Used to Trick Software Developers into Installing Malware

21 hours ago AndyC

Subscribe To InfoSec Today News

You have successfully subscribed to the newsletter

There was an error while trying to send your request. Please try again.

World Wide Crypto will use the information you provide on this form to be in touch with you and to provide updates and marketing.