he PCI Security Standards Council on Wednesday published its new software security standards and said the existing standard will be retired in 2022.
The new set of requirements actually has two major components—The PCI Secure Software Standard and the PCI Secure Lifecycle Standard—and is under the umbrella of what the Wakefield, Mass.-based PCI Council calls its new Software Security Framework. The Council has been working on updating software security for more than a year, and indicated last month that new standards would be published in early 2019.
“Innovation in payments is moving at an incredible pace,” PCI Council chief technology officer Troy Leach said in a news release. “The new PCI Secure Software Standard and PCI Secure SLC Standard support this evolution in payment-software practices by providing a dynamic way for developers to demonstrate their software protects payment data for the next generation of applications.”