The Payment Card Industry (PCI) Standards Council has published the latest version of its security requirements...
for card-based transactions.
The PCI Standards Council is a global, open industry standards body providing management of the Payment Card Industry Data Security Standard (PCI DSS), PIN Transaction Security (PTS) security requirements and the Payment Application Data Security Standard (PA-DSS).
The council said version 3.0 of the PIN Transaction Security (PTS) Point of Interaction (POI) security requirements is a culmination of the three-year lifecycle review process, incorporating feedback from hundreds of users.
The council claims the latest version will streamline and simplify testing and implementation by providing a single set of requirements for all personal identification number (pin) terminals.
Previous versions had different requirements for point of sale devices, encrypting pin pads and unattended payment terminals.
The council has also introduced tougher requirements for wireless protocols, secure reading and encryption of cardholder data, and the integration of components in an unattended point of sale.
This new approach and additional modules make it easier for manufacturers and merchants to make sure that at any point in a transaction, account data is being protected, said Bob Russo, general manager of the PCI Standards Council.