Security News > 2021 > May > PCI SSC publishes PCI Secure Software Standard 1.1 and supporting program documentation

PCI SSC publishes PCI Secure Software Standard 1.1 and supporting program documentation
2021-05-03 02:30

Version 1.1 of the PCI Secure Software Standard introduces the Terminal Software Module, a new security requirements module for payment software intended for deployment and operation on PCI-approved PIN Transaction Security Point-of-Interaction devices.

"The PCI Secure Software Standard is designed to offer a more flexible approach to how we test the security and integrity of payment software," said Emma Sutcliffe, SVP Standards Officer, PCI Security Standards Council.

"The modular nature of the Standard allows for broader inclusion to accommodate various software management approaches and support a larger set of payment software architectures, functions, and software development methodologies."

The new Terminal Software Module is the third module to be incorporated into the PCI Secure Software Standard's modular requirements architecture.

The two existing modules in the PCI Secure Software Standard are the "Core" module, which includes general security requirements applicable to all payment software, and the "Account Data Protection" module, which includes additional security requirements for payment software that stores, processes, or transmits clear-text account data.

The PCI Secure Software Standard 1.1 also addresses errata, adds minor clarifications, and aligns key terms and definitions across the Standard and program documentation.


News URL

http://feedproxy.google.com/~r/HelpNetSecurity/~3/7yNYqnXs_XM/