PCI PIN Transaction Security (PTS) Requirements
All devices used for Visa, Mastercard, American Express, JCB or Discover payments must meet PCI PTS requirements and be approved by the PCI Security Standards Council (PCI SSC). The requirements serve to protect against fraud and ensure the secure entry and transmission of PIN and account data. SRC is a PCI Security Standards Council (PCI SSC) accredited evaluation laboratory that performs the evaluation required for approval.
With PCI PTS version 3.0, all previous security requirements have been integrated into only two requirement catalogs. A modular set of requirements is defined for Point of Interaction (POI) devices. It contains the three previously separate requirements for POS PIN Entry Devices (PED), Encrypting PIN PEDs (EPP) and Unattended Payment Terminals (UPT). This can also be used to evaluate OEM components that are built into other devices. These include Encrypting PIN PEDs (EPP), POS PIN Entry Devices (PED), IC Card Readers (ICCR) and Magnetic Stripe Readers (MSR). The ability to certify OEM components leads to cost savings because they do not have to be reconsidered when a compound device uses them.
Another set of security requirements are provided for the Hardware Security Modules (HSM), which perform cryptographic operations on PIN and transaction data.
Services of SRC
SRC offers you advice in the run-up to an evaluation and assists you in fulfilling PCI PTS requirements. As a PCI-accredited evaluation laboratory, SRC performs evaluations of all devices listed in the previous section.
Synergy effects are of particular advantage to you when your payment system components are simultaneously evaluated by SRC in accordance with the requirements of the German Banking Industry (DK) or the Open Standards for Security and Certification (OSeC)/ Joint Interpretation Library Terminal Evaluation Methodology Subgroup (JTEMS). The tests are then carried out in such a way that the results can be used for all certification schemes. You benefit from the broad experience of SRC and the long-term cooperation with the various schemes.