PCI Point-to-Point Encryption (P2PE)® Components
Validated Point-to-Point Encryption (P2PE) Components have been assessed by a qualified P2PE Assessor Company to confirm adherence to the PCI P2PE Standard and Program. The assessment and validation are documented by the P2PE Assessor in a P2PE Report on Validation (P-ROV). The PCI Security Standards Council (PCI SSC) urges entities to use Validated P2PE Components in their payment environments.
Although PCI SSC reviews these reports for quality management purposes, PCI SSC does not independently confirm the reports or the data or information they contain, nor does PCI SSC perform any testing or analysis of software, products, functionality, performance, suitability or compliance with the Standard.
P2PE Components with an Expired Validation - These are P2PE Components whose validation approval has expired as described in the P2PE Program Guide. Please contact the payment brands for information regarding the use of expired P2PE Products. P2PE Components with an expired validation are listed separately here.
P2PE Program - For information regarding the PCI P2PE program, please click here for our document library.
P2PE Solution and P2PE Application Listings - Click here for P2PE Solution Listings or here for the P2PE Application Listings.
Click here for more information about the listings
Filter by
Dates in orange represent a P2PE Product that has not been Annually Revalidated in accordance with P2PE Program Requirements (up to 90 days overdue).
Dates in red represent a P2PE Product that has not been Annually Revalidated in accordance with P2PE Program Requirements (more than 90 days overdue).
Validated P2PE Products that have not been Annual Revalidated in accordance with P2PE Program Requirements within 180 days of their Annual Revalidation date or Reassessment date, as applicable, will be transferred to the P2PE Expired Listings.
Annually at year 1 and 2, based on the date of the P2PE Product's Acceptance, the P2PE Vendor is required to submit an updated P2PE Attestation of Validation for their Validated P2PE Product. Refer to the P2PE Program Guide for further information.
Validated P2PE Products require a Full Assessment every three years based on the date of the P2PE Product's Acceptance. Refer to the P2PE Program Guide for further information.
Indicates the P2PE Product is using a dependency (P2PE Component, P2PE Application, and/or PTS POI Device) that is not in accordance with applicable P2PE Program Requirements (e.g., Annual Revalidation, Reassessment, device expiry, etc.). Click on the Listing "Details" to find the dependency, or dependencies, that are flagged with this icon. Refer to the P2PE Program Guide for more information.