23 October 2017
Find out more

PCI Security Standards Council streamlines PTS requirements

13 May 2010  |  5270 views  |  0 Source: PCI Security Standards Council

Today, the PCI Security Standards Council (PCI SSC), a global, open industry standards body providing management of the Payment Card Industry Data Security Standard (PCI DSS), PIN Transaction Security (PTS) security requirements and the Payment Application Data Security Standard (PA-DSS), announced the publishing of version 3.0 of the PIN Transaction Security (PTS) Point of Interaction (POI) security requirements.

A culmination of the three-year lifecycle review process, incorporating feedback from hundreds of constituents, this latest version is designed to streamline and simplify testing and implementation by providing a single set of modular evaluation requirements for all Personal Identification Number (PIN) acceptance Point of Interaction terminals. It also includes three new modules for device vendors and their customers to secure sensitive card data. Version 3.0 is effective immediately, and version 2.0 will sunset on May 12th 2011.

Until now there were three separate sets of requirements for Point of Sale PIN Entry Devices (PED), Encrypting PIN Pads (EPP), and Unattended Payment Terminals (UPT). Version 3.0 simplifies the testing process and eliminates overlap of documentation by providing one modular security evaluation program for all terminals and a single reference listing of approved products.

In addition to strengthening and restructuring existing requirements, the latest version also introduces three new modules for evaluation requirements. The first, entitled, Open Protocols, applies to Internet Protocol (IP) or to wireless enabled devices. The Secure Reading and Exchange of Data (SRED) module facilitates testing of the secure reading and encryption of cardholder data at the point of entry, and the third module, Integration, is designed to address the integration of components in an unattended POS PIN acceptance device.

"By combining all of the requirements into one program, we have simplified one-stop shopping when it comes to secure devices, "said Bob Russo, general manager of the Council. "This new approach and additional modules make it easier for manufacturers and merchants to make sure that at any point in a transaction, account data is being protected."

Comments: (0)

Comment on this story (membership required)

Related company news

 

Related blogs

Create a blog about this story (membership required)
visit www.vasco.com Register now

Top topics

Most viewed Most shared
Mastercard to roll out blockchain APIMastercard to roll out blockchain API
19143 views comments | 28 tweets | 40 linkedin
HSBC partners Bud for open banking trialHSBC partners Bud for open banking trial
15115 views comments | 23 tweets | 32 linkedin
Sibos 2017: API or the highwaySibos 2017: API or the highway
10941 views comments | 12 tweets | 23 linkedin
Eight banks form joint venture to launch blockchain trade platformEight banks form joint venture to launch b...
8977 views comments | 14 tweets | 28 linkedin

Featured job

Find your next job