PCI Point-to-Point Encryption (P2PE)® Applications

PCI Point-to-Point Encryption (P2PE)® Applications

p2pe.jpg

Validated Point-to-Point Encryption (P2PE) Applications have been assessed by a qualified P2PE Assessor Company to confirm adherence to the PCI P2PE Standard and Program. The assessment and validation are documented by the P2PE Assessor in a P2PE Report on Validation (P-ROV). The PCI Security Standards Council (PCI SSC) urges entities to use Validated P2PE Applications in their payment environments.

Although PCI SSC reviews these reports for quality management purposes, PCI SSC does not independently confirm the reports or the data or information they contain, nor does PCI SSC perform any testing or analysis of software, products, functionality, performance, suitability or compliance with the Standard.

P2PE Applications with an Expired Validation - P2PE Applications with expired validation, listed separately here, are P2PE Applications whose validation has expired. Contact the payment brands for information regarding the use of expired P2PE Products.

P2PE Program - For information regarding the PCI P2PE program, please click here for our document library.

P2PE Solution and P2PE Component Listings - Click here for P2PE Solution Listings or here for the P2PE Component Listings.

Click here for more information about the listings

Filter by

 

Dates in orange represent a P2PE Product that has not been Annually Revalidated in accordance with P2PE Program Requirements (up to 90 days overdue).

Dates in red represent a P2PE Product that has not been Annually Revalidated in accordance with P2PE Program Requirements (more than 90 days overdue).

Validated P2PE Products that have not been Annual Revalidated in accordance with P2PE Program Requirements within 180 days of their Annual Revalidation date or Reassessment date, as applicable, will be transferred to the P2PE Expired Listings.

Annually at year 1 and 2, based on the date of the P2PE Product's Acceptance, the P2PE Vendor is required to submit an updated P2PE Attestation of Validation for their Validated P2PE Product. Refer to the P2PE Program Guide for further information.

Validated P2PE Products require a Full Assessment every three years based on the date of the P2PE Product's Acceptance. Refer to the P2PE Program Guide for further information.

Indicates the P2PE Product is using a dependency (P2PE Component, P2PE Application, and/or PTS POI Device) that is not in accordance with applicable P2PE Program Requirements (e.g., Annual Revalidation, Reassessment, device expiry, etc.). Click on the Listing "Details" to find the dependency, or dependencies, that are flagged with this icon. Refer to the P2PE Program Guide for more information.

Wildcard characters are substituted for a defined set of possible characters in the P2PE Application version, per the P2PE Vendors' wildcard schema. Refer to the current P2PE v3.x Program Guide and P2PE Technical FAQs in the PCI SSC Document Library for acceptable use of wildcard characters. The highlighting of wildcard characters in a P2PE Application version is a visual feature applied as of P2PE Standard v3.2 Listings.