PCI Secure Software Framework Uptake Tracker

I’ve written elsewhere about the initial uptake of the PCI Secure Software Framework. We’re rapidly approaching the point in time where the PCI PA-DSS will close for new submissions, and the PCI SSF will be the only show in town for PCI software vendors.

This page will be updated on approximately a monthly basis, to track adoption of the new standard over time. The initial update is mid-May 2021, which is a month after the previous article was written. What I would expect over the next 6-9 months is a significant uptick in registrations after June. It’s been known for some time that the old PA-DSS is being would down, and so it’s reasonable to expect that organizations are currently going through SSF assessments for existing software.

Without access to private data at various assessor companies it’s hard to gauge exactly how the SSF rollout is going at this point. But by tracking month on month I hope to provide some visibility into this.

Tracking Data

The following data is collected mid-month. It should suffice for illustrating the underlying trends and rates of adoption.

MonthSecure SLCPayment Software
2021-0412
2021-0512