19 August 2017
Find out more

PCI Security Standards Council streamlines PTS requirements

13 May 2010  |  5249 views  |  0 Source: PCI Security Standards Council

Today, the PCI Security Standards Council (PCI SSC), a global, open industry standards body providing management of the Payment Card Industry Data Security Standard (PCI DSS), PIN Transaction Security (PTS) security requirements and the Payment Application Data Security Standard (PA-DSS), announced the publishing of version 3.0 of the PIN Transaction Security (PTS) Point of Interaction (POI) security requirements.

A culmination of the three-year lifecycle review process, incorporating feedback from hundreds of constituents, this latest version is designed to streamline and simplify testing and implementation by providing a single set of modular evaluation requirements for all Personal Identification Number (PIN) acceptance Point of Interaction terminals. It also includes three new modules for device vendors and their customers to secure sensitive card data. Version 3.0 is effective immediately, and version 2.0 will sunset on May 12th 2011.

Until now there were three separate sets of requirements for Point of Sale PIN Entry Devices (PED), Encrypting PIN Pads (EPP), and Unattended Payment Terminals (UPT). Version 3.0 simplifies the testing process and eliminates overlap of documentation by providing one modular security evaluation program for all terminals and a single reference listing of approved products.

In addition to strengthening and restructuring existing requirements, the latest version also introduces three new modules for evaluation requirements. The first, entitled, Open Protocols, applies to Internet Protocol (IP) or to wireless enabled devices. The Secure Reading and Exchange of Data (SRED) module facilitates testing of the secure reading and encryption of cardholder data at the point of entry, and the third module, Integration, is designed to address the integration of components in an unattended POS PIN acceptance device.

"By combining all of the requirements into one program, we have simplified one-stop shopping when it comes to secure devices, "said Bob Russo, general manager of the Council. "This new approach and additional modules make it easier for manufacturers and merchants to make sure that at any point in a transaction, account data is being protected."

Comments: (0)

Comment on this story (membership required)

Related company news

 

Related blogs

Create a blog about this story (membership required)
visit www.abe-eba.euvisit www.dorsum.euvisit www.niceactimize.com

Top topics

Most viewed Most shared
Mobile contactless spending accelerating in UKMobile contactless spending accelerating i...
8794 views comments | 23 tweets | 23 linkedin
Norwegian banks and startups form fintech clusterNorwegian banks and startups form fintech...
7727 views comments | 19 tweets | 23 linkedin
RBS to bring Silicon Valley to EdinburghRBS to bring Silicon Valley to Edinburgh
7025 views comments | 10 tweets | 7 linkedin
hands typing furiouslyWhy Blockchain Might Not Be The Future For...
6381 views 1 | 5 tweets | 3 linkedin
Apple sidelined as Beijing transit system launches payments appApple sidelined as Beijing transit system...
6236 views comments | 11 tweets | 9 linkedin

Featured job

Find your next job