PCI Secure SLC Certification

The Secure SLC Standard verifies that your software design and execution methodology is compatible with the security policies and controls. This is not a technical examination rather, we are validating processes, policies, and procedures.

On the other hand, the Secure Software Standard examines the overall security of a particular piece of software.

As a result, your company may be certified for having a Secure Software Lifecycle and may also receive individual Secure Software Standard validations for each payment software product you create.

The PCI Secure SLC Standard is developed for software vendors that develop payment software. The security standard states requirements that help software vendors conform to best practices throughout the development cycle of the payment software.

The PCI Software Security Framework is separate and independent from PA-DSS. While the PCI Software Security Framework includes elements of PA-DSS, the Framework represents a new approach for securely designing and developing both existing and future payment software.

PA-DSS was designed specifically for payment applications used in a PCI DSS environment. The PCI Software Security Framework is designed to support a broader array of payment software types, technologies, and development methodologies in use today and also support future technologies and use cases.

The Secure Software Standard and Secure SLC Standard are two separate, independent standards. While both standards address some of the same concepts, each standard approaches those concepts from a different perspective (i.e., secure software development processes in the Secure SLC Standard, secure functionality and security features in the Secure Software Standard).