Frequently Asked Question

When must validated payment software be revalidated?
Subject to early expiry and the terms of the Software Security Framework Vendor Release Agreement (VRA), validations to the Secure Software Standard are valid for three years. Further information on revalidations and the process for managing changes to validated payment software can be found in the Secure Software Program Guide. Both the VRA and Secure Software Program Guide are available in the Document Library.
November 2021
Article Number: 1541
Related
-
Does PCI SSC provide a list of software vendors whose software development process(es) have been validated to the Secure SLC Standard?
-
Can multiple changes for a Secure Software listing be submitted within a single change submission?
-
Are there prerequisite PCI SSC program requirements to meet before qualifying as an SSF Assessor Company?