PCI SSC updates the PCI Secure Software Program v1.2

The latest security software standard, PCI SSF Secure Software Program v1.2, is designed to protect businesses from data breaches and cyberattacks. This program is the first of its kind, and it has been designed with the latest technology and security protocols to ensure that businesses can keep their customer’s data safe and secure. It is essential for companies to understand the new standard and how it works if they are to successfully protect their customers and their data.

Overview of the new program

The Payment Card Industry Security Standards Council (PCI SSC) has released its latest version of the Secure Software Program v1.2, which sets out updated security requirements for software that stores, processes, or transmits payment card data. This new update introduces New Security Requirements Module for Web Software and includes a number of changes aimed at strengthening the security of software used to process payments. The Web Software Module is a set of supplemental security requirements to address the most common security issues related to the use of internet-accessible payment technologies.

New High Level Requirement areas in the Web Software Module

The new PCI SSC Secure Software Program v1.2 offers a range of benefits, including:

• Documenting and tracking the use of open-source and third-party software components and APIs in payment software
• Controlling access to payment software web APIs and other critical assets
• Mitigating common web attacks
• Protecting communications between web-based payment software components

The PCI SSF is designed to provide a consistent, comprehensive set of guidelines for developing secure software, as well as a continuous improvement path to ensure the security of payment systems. The module is designed to help organizations identify and prioritize risk mitigation strategies, as well as implement software security best practices. It also includes resources such as prescriptive requirements, and informative guidance to help organizations secure their payment systems. With the Web Software Module, PCI SSC is providing the industry with an expanded framework for a stronger and more consistent approach to secure software development for the payments industry.

The new standard version 1.2 provides security guidance to software vendors and developers on how to protect software from malicious attacks, cyber threats, and other vulnerabilities. The new version includes updated recommendations on security best practices, such as secure development lifecycle processes, code review and testing, secure deployment and operations. The council has updated the document library with the revised:

• PCI Secure Software Standard v1.2
• Summary of Changes from PCI Secure Software Standard v1.1 to v1.2,
• PCI Secure Software Program Guide v1.2
• PCI Software Security Framework Qualification Requirements for Assessors v1.2
• PCI Software Security Framework Glossary v1.2
• PCI Software Security Framework Frequently Asked Questions for v1.2 Release

In conclusion, the new standard released by the PCI SSC Secure Software Program v1.2 is an important step forward in data security and a great opportunity for organizations to update their security systems and ensure the secure and efficient transmission of information. It is important to understand the changes and how they will affect your organization’s security. With the proper knowledge and implementation, you can make sure your organization is compliant and up to date with the latest data security standards.

For more details : https://www.pcisecuritystandards.org/about_us/press_releases/pci-security-standards-council-publishes-version-1-2-of-the-secure-software-standard-and-program/