PCI S3 (Secure Software Standard) is a standard under the PCI Software Security Framework (SSF), a collection of standards and programs for the secure design and development of payment application software.

PCI SSC qualifies companies and individuals within those companies to perform SSF assessments. SSF Assessor Company qualification is open to any company that meets the qualification requirements. Companies can qualify to perform Secure SLC assessments, Secure Software assessments, or both.

validation within the PCI Software Security Framework. More information on eligibility can be found in the Secure individual payment brand mandates, and not by PCI SSC. For information about payment brand requirements for use of PA-DSS validated a plications, please contact the payment brands directly. Payment brand contact details can b

ftware Standard (“PCI Secure Software Standard”) Defines a baseline set of specific technical requirements and assessment procedures against which Payment Software must be successfully validated to be qualified by PCI SSC as Valid.

Version 1.1 of the PCI Secure Software Standard introduces the Terminal Software Module, a new security requirements module for payment software intended for deployment and operation on PCI-approved PIN Transaction Security (PTS) Point-of-Interaction (POI) devices.

Oct 1, 2018 · The S3 Framework is a new set of standards that support certification listings and validation programs. This is considered a security improvement in the development and design of payment...

Dec 18, 2024 · Discover how PCI SSF's Secure Software Standard (S3) secures payment software through design, development, testing, and data protection.

PCI SSC published new resources on the PCI Software Security Framework (SSF). The SSF At-a-Glance and the Transitioning from PA-DSS to SSF Resource Guide.

Oct 1, 2018 · The PCI SSC is taking a different development approach with the S3 Framework. It released a draft document of the Software Security Standard (S3) Framework and declared an …

To address this challenge the PCI SSC is developing a PCI Software Security Framework, a new set of standards, supporting validation programs and certification listings for the secure design and development of payment software.