The Payment Card Industry Security Standards Council maintains the PCI-SSF, which it published in 2008 as a replacement for Visa’s Payment Application Best Practices (PABP) standard.
To achieve PCI-SSF compliance, a software provider must have its applications audited by a Payment Application Qualified Security Assessor (PA-QSA) and revalidated whenever any major changes are made.
Compliance Wing’s PA-QSA’s assist you in adhering to The PCI Software Security Framework (PCI-SSF) requirements and Security Assessment Procedures define security requirements and assessment procedures for software vendors of payment applications.
PCI-SSF is a set of requirements that are intended to ensure software suppliers develop secure payment applications that support PCI DSS compliance. PCi-SSF applies to third party applications that store, process or transmit payment cardholder data as part of an authorization or settlement. Software applications that are developed for the use of one merchant only are exempt from PCI-SSF but must comply with PCI DSS.
Compliance Wing was founded by the team of Information Security experts with years of experience in the field of payment systems as fully independent security assessors.
© 2023 Compliance Wing Private Limited.