{"id":17503,"date":"2021-05-05T12:09:00","date_gmt":"2021-05-05T10:09:00","guid":{"rendered":"https:\/\/usd.formwandler.rocks\/?p=17503"},"modified":"2021-08-09T12:14:15","modified_gmt":"2021-08-09T10:14:15","slug":"news-secure-software-standard-version-1-1","status":"publish","type":"post","link":"https:\/\/www.usd.de\/en\/news-secure-software-standard-version-1-1\/","title":{"rendered":"Version 1.1 Extends Scope of Secure Software Standard"},"content":{"rendered":"\n<p>The PCI Security Standards Council (PCI SSC) released version 1.1 of the <strong>Secure Software Standard<\/strong> and associated Program Guide last week. This standard is part of the <a href=\"https:\/\/www.usd.de\/en\/pci-security-services\/software-security-framework\/\">PCI Software Security Framework<\/a> and will completely supersede the previous payment application standard, the PCI PA-DSS, as of October 28, 2022.&nbsp;&nbsp;<\/p>\n\n\n\n<p>The Secure Software Standard has a modular structure. Each module contains a set of requirements that address a specific use cases. This design makes the Secure Software Standard much more dynamic and adaptable for updates and changes reflecting future developments. So far, the PCI Council has published two modules: The \u201cCore\u201d module with general security requirements for all payment applications and the \u201cAccount Data Protection\u201d module, which includes specific requirements for payment applications that store, process, or transmit cardholder data or sensitive authentication data.<\/p>\n\n\n\n<p>The new version 1.1 now introduces the previously announced additional module \"<strong>Terminal Software<\/strong>\". It contains a number of requirements for payment applications intended for deployment and operation on PCI-approved card readers, for example. Explicitly excluded from this is the firmware of these devices. Applications intended for deployment and operation on other platforms are also not affected by this module.<\/p>\n\n\n\n<p>Beyond that, the <a href=\"https:\/\/www.pcisecuritystandards.org\/documents\/PCI-Secure-Software-Standard-Summary-of-Changes-v1_0-to-v1_1.pdf\" target=\"_blank\" rel=\"noopener\">revised version<\/a> sharpens some of the terms and definitions used and contains some minor corrections.<\/p>\n\n\n\n<hr class=\"wp-block-separator\" \/>\n\n\n\n<div style=\"height:20px\" aria-hidden=\"true\" class=\"wp-block-spacer\"><\/div>\n\n\n\n<div class=\"wp-block-columns is-layout-flex wp-container-core-columns-is-layout-9d6595d7 wp-block-columns-is-layout-flex\">\n<div class=\"wp-block-column is-layout-flow wp-block-column-is-layout-flow\" style=\"flex-basis:33.33%\">\n<div class=\"wp-block-image\"><figure class=\"alignright size-large is-resized\"><img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/www.usd.de\/wp-content\/uploads\/icon-symbol-orange-007.png\" alt=\"\" class=\"wp-image-2455\" width=\"142\" height=\"155\" \/><\/figure><\/div>\n<\/div>\n\n\n\n<div class=\"wp-block-column is-layout-flow wp-block-column-is-layout-flow\" style=\"flex-basis:66.66%\">\n<p><strong>Reminder:<\/strong><\/p>\n\n\n\n<p>Submissions of new payment applications for certification according to PA-DSS are only possible until <strong>30 June, 2021<\/strong>. Newly submitted payment applications must then be certified directly according to the new Secure Software Standard.<\/p>\n<\/div>\n<\/div>\n\n\n\n<p>Read how to make the transition from PA-DSS to the Secure Software Standard <a href=\"https:\/\/www.usd.de\/en\/from-pa-dss-to-secure-software-standard\/\">here<\/a>.<\/p>\n\n\n\n<p>Do you have questions about the Secure Software Standard or need assistance with transitioning? <a href=\"https:\/\/www.usd.de\/en\/contact-form-pci\/\">Get in touch<\/a>, we are happy to help.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>The PCI Security Standards Council (PCI SSC) released version 1.1 of the Secure Software Standard and associated Program Guide last week. This standard is part of the PCI Software Security Framework and will completely supersede the previous payment application standard, the PCI PA-DSS, as of October 28, 2022.&nbsp;&nbsp; The Secure Software Standard has a modular [&hellip;]<\/p>\n","protected":false},"author":96,"featured_media":17502,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_et_pb_use_builder":"","_et_pb_old_content":"","_et_gb_content_width":"","inline_featured_image":false,"footnotes":""},"categories":[373,394],"tags":[434,424,395,425,397],"class_list":["post-17503","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-news-en","category-pci-en","tag-pci-en","tag-pci-pa-dss-en","tag-pci-security-standards-council-en","tag-secure-software-standard-en","tag-software-security-framework-en"],"_links":{"self":[{"href":"https:\/\/www.usd.de\/en\/wp-json\/wp\/v2\/posts\/17503","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.usd.de\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.usd.de\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.usd.de\/en\/wp-json\/wp\/v2\/users\/96"}],"replies":[{"embeddable":true,"href":"https:\/\/www.usd.de\/en\/wp-json\/wp\/v2\/comments?post=17503"}],"version-history":[{"count":0,"href":"https:\/\/www.usd.de\/en\/wp-json\/wp\/v2\/posts\/17503\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.usd.de\/en\/wp-json\/wp\/v2\/media\/17502"}],"wp:attachment":[{"href":"https:\/\/www.usd.de\/en\/wp-json\/wp\/v2\/media?parent=17503"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.usd.de\/en\/wp-json\/wp\/v2\/categories?post=17503"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.usd.de\/en\/wp-json\/wp\/v2\/tags?post=17503"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}