Jump to content

WHMCS PCI SSF (PA-DSS successor) validation


EAP

Recommended Posts

Hi all,

First post here as there's an increasing interest at work to migrate from our current billing/hosting management software to WHMCS.

Considering WHMCS processes credit cards, even if a tokenized gateway is used, I'm interested to know if there are any plans getting PCI SSF validation in the near future.

PCI SSF (Software Security Framework) will replace PA-DSS (Payment Application Data Security Standard) in October 2022 and it's designed to validate security of applications (like WHMCS) that store, process or transmit cardholder data. Not to be confused with PCI DSS (Data Security Standard) that applies to companies (like WHMCS customers) processing/storing sensitive data. More information:
https://blog.pcisecuritystandards.org/understanding-the-pci-software-security-framework-new-educational-resources
https://blog.pcisecuritystandards.org/part-one-conceptual-differences-between-ssf-and-pa-dss
https://www.pcisecuritystandards.org/assessors_and_solutions/payment_applications

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

By using this site, you agree to our Terms of Use & Guidelines and understand your posts will initially be pre-moderated