Approval Number

Approval numbers are assigned by PCI SSC at the time of approval and remain the same for the life of the device's approval.

Additional Information

This field may be used to place any additional pertinent information. For example, when a vendor has changed the status of a device to end-of-life as delineated in Section 4.3 – Fees and thus the device is no longer available for purchase except for maintenance purposes subject to payment brand rules. This will also be used for v2 HSMs to delineate whether they are approved for restricted or unrestricted usage as delineated in the HSM Security Requirements:

Approval Class

The Approval Class is used by PCI to ensure that its payment security device approvals accurately describe today's ever-evolving designs, architectures, and implementations. All POIs and HSMs approved by PCI SSC in the framework of the PCI PTS Device Security Evaluation Program, regardless of the designated Approval Class, carry PCI's full approval status. Financial institutions, or their designated agents (e.g., merchants or processors), should make sure that they understand the different classes, as they represent how the payment security device has met the PCI PTS Device Security Requirements. Detailed Approval Class Descriptions can be found in the Device Approval & Testing Guide.

Approved Components

Approved components contains, when relevant, the list of approved subcomponents that are part of the approved device, and which have successfully undergone a distinct evaluation. Each component is listed with its approval number. The use of a device with components (e.g., EPPs, card readers) that are different than that listed as an approved component for that device invalidates that device's approval.

Version

Version refers to the version of the security requirements the device has been evaluated against. Each approval class may follow its own version release schedule.

Expiry Date

The expiration date for PCI-approved devices is the date upon which the device’s approval expires. All device approvals expire
in accordance with the schedule below, except for SCRPs.
For SCRPs the approvals will expire five years after the date of approval.

Requirements Version Used
During Evaluation at Laboratory

Expiration of Requirements

Approval Expiration of Device Models

Version 5.x of PCI PTS POI Security Requirements

April 2020

April 2026

Version 3.x of PCI HSM Security Requirements

April 2020

April 2026

Version 4.x of PCI PTS POI Security Requirements

September 2017

April 2023

Version 2.x of PCI HSM Security Requirements

June 2017

April 2022

Version 3.x of PCI PTS POI Security Requirements

April 2014

April 2020

Version 1.x of PCI HSM Security Requirements

April 2013

April 2019

Version 2.x of PCI PED or EPP Security Requirements

April 2011

April 2017

Version 1.x of PCI UPT Security Requirements

April 2011

April 2017

Version 1.x PCI PED or EPP Security Requirements

April 2008

April 2014

Approvals for PCI-evaluated devices expire six years past the effective date of a subsequent update of the PCI security requirements.

PIN Support

(PED, EPP, SCR, SCRP, UPT)

"PIN Support"denotes the type of PIN entry verification that can be supported by the POI.
"Online" represents that the POI has the capability to support online PIN verification by the payment card's issuer or its designated processor. To pass testing, POIs that support online PIN entry must support the use of TDES or AES to protect the PIN. Additionally, if the PIN needs to be protected during transport in nonintegrated offline POIs, then the POI must support the use of TDES or AES for that channel. "Offline" means that the POI has the capability to support offline PIN verification by the payment card's integrated chip.

Unless otherwise noted, the "Offline" designation, without any suffix, in the PCI PTS Device Approval List represents that the POI has the capability to support both plaintext and enciphered offline PIN verification. The "Offline (p)" designation with the "(p)" as a suffix represents that the offline POI has the capability of performing only plaintext offline PIN verification.

However, under current testing, all newly evaluated offline POI devices must support both plaintext and enciphered PIN verification. SCRs or other POI devices that include an ICCR or hybrid reader must have an "Offline" designation in order to be used for offline PIN acceptance.

Note:
All newly approved offline PIN verification POIs must support both plaintext and enciphered PIN verification.

Key Management

(PED, EPP, SCRP, UPT)

"Key management" denotes whether the laboratory has successfully evaluated the payment security device to support the use of Triple DES (TDES) or AES for PIN encryption for online PIN. TDES requires use of at least a double-length key. A MK/SK (master key, session key), DUKPT, and/or Fixed designation denote that the device has been evaluated successfully to support the implementation of TDES for that particular key management scheme(s).

Where AES is used, that will be explicitly noted in conjunction with the MK/SK, DUKPT or Fixed Key methodologies.

This is for POI devices supporting the entry of online PINs, and in general, this will be N/A for devices in the Non-PED or SCR approval classes, and by definition, will be N/A for offline PIN only devices.

Note:
DUKPT is the only unique key per transaction (UKPT) algorithm (ANSI X9.24) that PCI recognizes and approves; all other forms of UKPT tested by the laboratory will not be depicted in the approval letter or on the PCI PTS website.

Note: POI v5 devices used for online PIN must support ISO PIN Block Format 4 (AES).

Prompt Control

(PED, EPP, UPT)

Vendor-controlled: The end-user, acquirer, or reseller cannot modify the attended POS POI's firmware or POI's payment application to make changes to the device's prompts or PIN-entry controls. Only the POI's original equipment manufacturer has the capability to modify the prompts and controls for PIN entry.

Acquirer-controlled: The original equipment manufacturer has shipped the attended POS POI with mechanisms for controlling the POI display and its use in place. These mechanisms can be employed to unlock the POI for updates of the prompts by the acquirer, using proper cryptographically controlled processes as defined in the applicable POI security requirement. The reseller or end-user, if authorized by the acquirer, can also make updates using proper cryptographically controlled processes.

Not applicable for devices without a display.

Devices must be deployed locked. In any case, the acquiring customer is always responsible to ensure that appropriate processes and documented procedures are in place to control the POI display and usage.

PIN-entry Technology

(PED, EPP, UPT)

"PIN-entry technology" denotes which technology is implemented in order to capture the cardholder PIN. The value for this field can be:

Functions Provided

(PED, EPP, UPT, SCR, SCRP, non-PED)

"Functions provided" denotes which of the following functions are supported by the device. One or more of the following may apply, depending on the implementation:

Note: Contactless readers are only considered compliant for P2PE usage if the Approval Class in question has been validated to SRED.
Furthermore, some device approvals may have versions validated to SRED and some that are not. Where such a mix occurs, only devices using a firmware version designated for SRED are validated to meet the contactless reader security requirements. For devices with contactless readers using firmware that is not validated to SRED, the contactless readers are not validated to any security requirements.

Company Approval Number Approval Class Version Expiry Date PIN Support Key Management Prompt Control PIN Entry Technology Functions Provided Additional Information
Thales E-Security
payShield 9000
Hardware #: 1600A466.01.X.X.X.X.X.X, 1600B466.01.X.X.X.X.X.X, 1600A466.04.X.X.X.X.X.X, 1600B466.04.X.X.X.X.X.X, 1600D466.04.X.X.X.X.X.X, 1600A466.05.X.X.X.X.X.X, 1600B466.05.X.X.X.X.X.X, 1600D466.05.X.X.X.X.X.X, 1600A466.06.X.X.X.X.X.X, 1600B466.06.X.X.X.X.X.X, 1600D466.06.X.X.X.X.X.X
Firmware #: Bootstrap Version 1.10.2, Boot Manager Versions 1.16.12, 1.16.8, 1.18.2
Applic #: 1346-1905 (Version 2.1c) including Bootstrap, Boot Manager, HSM Manager 4.1.x,. 1346-1907 (Version 2.1d) including Bootstrap, Boot Manager, HSM Manager 4.1.x,. 1346-1914 (Version 2.3c) including Bootstrap, Boot Manager, HSM Manager 5.x.x,. 1346-1917 (Version 2.3f) including Bootstrap, Boot Manager, HSM Manager 5.x.x,. 1407-1902 (Version 3.1a) including Bootstrap, BootManager, payShield Manager, . 1407-1905 (Version 3.1d) including Bootstrap, BootManager, payShield Manager, . 1435-1901 (Custom) including Bootstrap, BootManager Version, payShield Manager, . 1407-1908 (Version 3.2c) including Bootstrap, BootManager, payShield Manager. 1407-1911 (Version 3.3b) including Bootstrap, BootManager, payShield Manager. ,1407-1911 (Version 3.3b) including Bootstrap, BootManager, payShield Manager
Approved Components:
4-40069 HSM 1.x 30 Apr 2019 Online & Offline TDES:
Fixed,MK/SK,DUKPT

AES:
MK/SK
N/A N/A N/A Operating System: QNX