WAKEFIELD, Mass., September 15, 2011 — The PCI Security Standards Council (PCI SSC), a global, open industry standards body providing management of the Payment Card Industry Data Security Standard (PCI DSS), PIN Transaction Security (PTS) requirements and the Payment Application Data Security Standard (PA-DSS), today announced availability of the first set of validation requirements of its point-to-point encryption program. The PCI Point-to-Point Encryption Solution Requirements document provides requirements for vendors, assessors and merchants, that wish to build and implement hardware- based point-to-point encryption solutions that support PCI DSS compliance and offer scope reduction for merchants. Hardware-based P2PE solutions utilize secure cryptographic devices for both encryption and decryption including at the point of merchant acceptance for encryption and within Hardware Security Modules (HSMs) for decryption.
Press Release
