From 21 May to 22 June 2020, PCI SSC stakeholders can participate in a Request for Comments (RFC) on Secure Software Standard Update: Draft Terminal Software Module.
Background on the Secure Software Standard Update: Draft Terminal Software Module
The draft Terminal Software Module introduces a new security requirements “module” to the Secure Software Standard for payment software intended for deployment and operation on security-hardened, purpose-built payment terminals.
The addition of the new Terminal Software Module is another example of the Secure Software Standard’s modular requirements architecture. After the RFC is complete, the final version of the Terminal Software Module will be incorporated into the v1.1 release of the Secure Software Standard, which is anticipated for publication in late 2020.
RFC Process
The RFC will be available through the PCI SSC portal, including instructions on how to access the document and submit feedback. Primary contacts for each organization can access the Secure Software Standard Update: Draft Terminal Software Module RFC via the Portal. Eligible RFC participants will be required to accept a Non-Disclosure Agreement (NDA) to download the document.
Not a Participating Organization (PO) but want to participate in PCI SSC RFCs? Learn about membership benefits and register to become a PO here.
Per the RFC process, every piece of feedback will be reviewed and considered, and PCI SSC will prepare a summary for RFC participants showing all feedback received and how it was addressed. Please review the RFC Process Guide for more information.
Please note that PCI SSC can only accept comments that are received via the PCI SSC portal within the defined RFC period.
