Frequently Asked Question
What software is eligible for validation to the PCI Secure Software Standard?
The eligibility criteria for software validation to the PCI Secure Software Standard is defined in the Secure Software Program Guide, available in the Document Library.
Whether an entity is required to use software validated to the Secure Software Standard is determined by individual payment brand mandates, and not by PCI SSC. For information about payment brand requirements for use of Secure Software validated applications, please contact the payment brands directly. Payment brand contact details can be found in FAQ 1142 How do I contact the payment card brands?
See also the following FAQs:
FAQ 1538: What is the process to initiate a software evaluation to the PCI Secure Software Standard?
FAQ 1539: Who is qualified to perform assessments to the PCI Secure Software Standard?