Frequently Asked Question
What software is eligible for validation to the PCI Secure Software Standard?
Whether an entity is required to use software validated to the Secure Software Standard is determined by individual payment brand mandates, and not by PCI SSC. For information about payment brand requirements for use of Secure Software validated applications, please contact the payment brands directly. Payment brand contact details can be found in FAQ 1142 How do I contact the payment card brands?
See also the following FAQs:
FAQ 1538: What is the process to initiate a software evaluation to the PCI Secure Software Standard?
FAQ 1539: Who is qualified to perform assessments to the PCI Secure Software Standard?
Featured FAQ Articles
Most Recently Updated
Is the expectation that any PFI investigation initiated must result in a PFI Final Report?
Can SAQ eligibility criteria be used for determining applicability of PCI DSS requirements for assessments documented in a Report on Compliance?
Do PCI DSS requirements for keyed cryptographic hashing apply to previously hashed PANs?