Cybersecurity Insights | Blog | Foregenix

The PCI Software Security Framework (SSF) is taking off!

Written by Flavio Bonfiglio Sorans | 12/17/20 10:32 AM

As previously anticipated during the PCI North America Community Meeting 2020, Mastercard has announced that the Software Security Framework (SSF) will be incorporated to their Site Data Protection (SDP) Program Standards in Q1 2021.

Mastercard currently has its PA-DSS mandate, which requires all merchants and service providers to only use third party-provided payment applications that are compliant with the PCI PA-DSS (should they be eligible per PA-DSS Program Guide).

In Q1 2021, Mastercard will add the Secure Software Standard and strongly recommend that merchants and service providers only use software vendors that comply with the Secure Software Lifecycle (Secure SLC) Standard.

 

How we can help

Foregenix has the most experienced SSF team globally. Thanks to our expertise in the PCI SSF, accumulated since its inception, our participation in the PCI SSC Software Task Force, where the PCI SSF challenges are periodically reviewed, and our vast PA-DSS experience, involving projects with the largest Processors, Financial Institutions, Banks, Gas/Oil, Terminal Manufacturers and Retail Merchants worldwide, clients are able to leverage our knowledge and expertise to significantly streamline their PCI SSF Secure Software projects.

We have established a strong methodology for PA-DSS to SSF Secure Software Standard migration that early detects deviations and allows us to provide detailed walkthrough guidance to achieve compliance.

Our Migration Strategy setups achievable milestones from scoping to compliance based on our experienced Secure Software Assessors, who will guide companies through the process upon project completion.

Remember, new PA-DSS submissions will be accepted until 30 Jun 2021.

 

For more information

Read more about the the PCI SSF and each standard on our The PCI Software Security Framework (SSF) blog post. Stay tuned as we will publish another article with a comparison of the two (2) standards and their benefits very soon.

 

Get in touch

To know more about how Foregenix can help you align and achieve compliance with the new PCI Software Security Framework (SSF), email us at hello@foregenix.com or call +44 845 309 6232.