Sydney, 3rd June 2020 Risk Associates Europe Ltd (ra), a leading provider of cybersecurity consulting and assessment services, has been accredited by PCI Standard Security Council (PCI SSC) as one of the few Software Security Framework (SSF) Accessor companies.
SSF is a collection of related software security standards, associated validation, and listing programs that introduce an objective-based approach for securely designing, developing, and maintaining existing and future payment applications. The SSF replaces the Payment Application Data Security Standard (PA-DSS) with modern requirements that support a broader array of payment software types, technologies, and development methodologies.
SSF comprises of the following two standards:
The Secure SLC Standard (SSLC) defines a set of security requirements, and associated test procedures for software vendors to validate how they properly manage the security of payment software throughout the software lifecycle. Validation against the Secure SLC Standard illustrates that the software vendor has mature and secure software lifecycle management practices in place. This helps ensure its payment software is designed and developed to protect payment transactions and data, minimize vulnerabilities, and defend against attacks.
The Secure Software Standard (SSS) defines a set of security requirements and associated test procedures to help ensure the payment application adequately protects the integrity and confidentiality of payment transactions and data.
“PCI SSF is a great initiative to ensure that mission critical payment applications are difficult to compromise as it embeds security into each phase of the software development lifecycle," said Dr. Aftab Rizvi, CEO of ra. We are well-positioned to support our customers to overcome the challenges of new standards.
Risk Associates (ra) is an internationally recognized cybersecurity firm supporting businesses in securing their environments against cyber threats and security breaches for over a decade. We take pride in providing Advisory, Compliance, Testing, and Management services with integrity and professionalism. For more information click here
About PCI SSC
The PCI Security Standards Council (PCI SSC) is a global forum that brings together payment industry stakeholders to develop and drive the adoption of Data Security Standards and resources for safe payments worldwide.