PCI Security Standards Council Announces Availability of PIN Entry Device (PED) Approval Listings


    The PCI Security Standards Council, a global, open industry
    standards body providing management of the Payment Card Industry Data
    Security Standard (DSS), PCI PIN Entry Device (PED) Security
    Requirements and the Payment Application Data Security Standard
    (PA-DSS), today announced that PCI PED equipment approval listings and
    security requirements documents are available on the Council´s website
    at https://www.pcisecuritystandards.org/pin/. With today´s
    announcement, the PCI SSC has finalized this important phase of its
    mission to assume responsibility as a single source of information and
    requirements for PED. PED was previously jointly administered by JCB,
    MasterCard Worldwide and Visa, Inc.

    The PED Security Requirements are designed to ensure the security
    of personal identification number (PIN)-based transactions globally
    and apply to devices that accept PIN entry for all PIN-based
    transactions. The Council has not only taken over responsibility of
    the PED Security Requirements, but also now maintains the listing of
    all approved devices and supporting documents for device makers
    seeking to ensure their equipment meets this key standard. It also
    provides merchants and service providers with a single source of
    information on PED equipment that can be used immediately.

    "The Council has now completed this important step in improving
    security for cardholder data by making available the PED Security
    Requirements, list of approved devices and all supporting documents.
    This will ease the burden on merchants, vendors and service
    providers," said Bob Russo, General Manager, PCI Security Standards
    Council. "We are simplifying processes and have removed conflicting
    requirements to ensure a level playing field for the device
    marketplace."

    As previously announced in September 2007, with the PED Security
    Requirements administered by the Council, all founding payment brands
    recognize PED certification and streamlined device testing processes.
    This is intended to reduce costs for vendors and merchants and lead to
    the proliferation of a wider set of PED products. PED manufacturers
    submitting devices for security testing are now able to rely on a
    single set of requirements, ensuring cardholder security and providing
    opportunities for faster deployment.

    For More Information:

    If you would like more information about the PCI Security
    Standards Council or would like to become a Participating Organization
    please visit pcisecuritystandards.org, or contact the PCI Security
    Standards Council at info@pcisecuritystandards.org.

    About the PCI Security Standards Council

    The mission of the PCI Security Standards Council is to enhance
    payment account security by driving education and awareness of the PCI
    Data Security Standard and other standards that increase payment data
    security.

    The PCI Security Standards Council was formed by the major payment
    card brands American Express, Discover Financial Services, JCB,
    MasterCard Worldwide and Visa Inc. to provide a transparent forum in
    which all stakeholders can provide input into the ongoing development,
    enhancement and dissemination of the PCI Data Security Standard (DSS),
    PIN Entry Device (PED) Security Requirements and the Payment
    Applications Data Security Standard (PA-DSS). Merchants, banks,
    processors and point of sale vendors are encouraged to join as
    Participating Organizations.