Approval Number

Approval numbers are assigned by PCI SSC at the time of approval and remain the same for the life of the device's approval.

Approval Class

The Approval Class is used by PCI to ensure that its payment security device approvals accurately describe today's ever-evolving designs, architectures, and implementations. All POIs and HSMs approved by PCI SSC in the framework of the PCI PTS Device Security Evaluation Program, regardless of the designated Approval Class, carry PCI's full approval status. Financial institutions, or their designated agents (e.g., merchants or processors), should make sure that they understand the different classes, as they represent how the payment security device has met the PCI PTS Device Security Requirements. Detailed Approval Class Descriptions can be found in the Device Approval & Testing Guide.

Approved Components

Approved components contains, when relevant, the list of approved subcomponents that are part of the approved device, and which have successfully undergone a distinct evaluation. Each component is listed with its approval number. The use of a device with components (e.g., EPPs, card readers) that are different than that listed as an approved component for that device invalidates that device's approval.


Version refers to the version of the security requirements the device has been evaluated against. Each approval class may follow its own version release schedule.

Expiry Date

The expiration date for PCI-approved devices is the date upon which the device's approval expires.

Requirements Version Used
During Evaluation At Laboratory

Expiration of

Approval Expiration Of Device Models

Version 4.x of PCI PTS POI Security Requirements

April 2017

April 2023

Version 2.x of PCI HSM Security Requirements

April 2016

April 2022

Version 3.x of PCI PTS POI Security Requirements

April 2014

April 2020

Version 1.x of PCI HSM Security Requirements

April 2013

April 2019

Version 2.x of PCI PED or EPP Security Requirements

April 2011

April 2017

Version 1.x of PCIUPT Security Requirements

April 2011

April 2017

Version 1.x PCI PED or EPP Security Requirements

April 2008

April 2014

Pin Support

"PIN Support" denotes the type of PIN entry verification that can be supported by the POI.

"Online" represents that the POI has the capability to support online PIN verification by the payment card's issuer or its designated processor. To pass testing, POIs that support online PIN entry must support the use of TDES or AES to protect the PIN. Additionally, if the PIN needs to be protected during transport in nonintegrated offline POIs, then the POI must support the use of TDES or AES for that channel. "Offline" means that the POI has the capability to support offline PIN verification by the payment card's integrated chip.

Unless otherwise noted, the "Offline" designation, without any suffix, in the PCI PTS Device Approval List represents that the POI has the capability to support both plaintext and enciphered offline PIN verification. The "Offline (p)" designation with the "(p)" as a suffix represents that the offline POI has the capability of performing only plaintext offline PIN verification.

However, under current testing, all newly evaluated offline POI devices must support both plaintext and enciphered PIN verification. SCRs or other POI devices that include an ICCR or hybrid reader must have an "Offline" designation in order to be used for offline PIN acceptance.

Note: All newly approved offline PIN verification POIs must support both plaintext and enciphered PIN verification

Key Management

"Key management" denotes whether the laboratory has successfully evaluated the payment security device to support the use of Triple DES (TDES) or AES for PIN encryption for online PIN.TDES requires use of at least a double-length key.

A MK/SK (master key, session key), DUKPT, and/or Fixed designation denote that the device has been evaluated successfully to support the implementation of TDES for that particular key-management scheme(s).

Where AES is used, that will be noted in conjunction with the MK/SK or Fixed methodologies.

Note: DUKPT is the only "unique key per transaction" (UKPT) algorithm (ANSI X9.24) that PCI recognizes and approves; all other forms of UKPT tested by the laboratory will not be depicted in the approval letter or on the PCI PTS website.

Prompt Control

Vendor-controlled: The end-user, acquirer, or reseller cannot modify the attended POS POI's firmware or POI's payment application to make changes to the device's prompts or PIN-entry controls. Only the POI's original equipment manufacturer has the capability to modify the prompts and controls for PIN entry.

Acquirer-controlled: The original equipment manufacturer has shipped the attended POS POI with mechanisms for controlling the POI display and its use in place. These mechanisms can be employed to unlock the POI for updates of the prompts by the acquirer, using proper cryptographically controlled processes as defined in the applicable POI security requirement. The reseller or end-user, if authorized by the acquirer, can also make updates using proper cryptographically controlled processes.

Not applicable for devices without a display.

Devices must be deployed locked. In any case, the acquiring customer is always responsible to ensure that appropriate processes and documented procedures are in place to control the POI display and usage.

PIN-entry Technology

"PIN-entry technology" denotes which technology is implemented in order to capture the cardholder PIN. The value for this field can be:

Functions Provided

"Functions provided" denotes which of the following functions are supported by the device. One or more of the following may apply, depending on the implementation:

Company Approval Number Approval Class Version Expiry Date PIN Support Key Management Prompt Control PIN Entry Technology Functions Provided Additional Information
Equinox Payments
L5200, L5300, L5400
Hardware #: L501xx (SRED), L300xx (SRED), L502xx (SRED), 1200xx, L500xx, 1300xx, 1301xx, 1302xx, 1400xx, 1401xx, (Non-SRED), 1402xx, L301xx, L401xx, L503xx, L504xx, L302xx, L402xx, L505xx, L303xx, L506xx, L304xx
Firmware #: FPE 6.P.0xx, FPE 6.P.1xx, FPE 6.P.2xx, FPE 7.P.0xx, FPE 7.P.1xx, FPE 7.P.2xx, FPE 7.P.317, FPE 7.P.400, FPE 7.P.401, FPE 7.P.405, FPE 7.P.406, FPE 7.S.3xx, FPE 7.S.400, FPE 7.S.401, FPE 7.S.405, FPE 7.S.406, Hyc_Dst v1.0.xx xxxxxxxx, Hyc_Dst v1.1.xx xxxxxxxx, Hyc_Dst v1.2.xx xxxxxxxx, Hyc_Dst v1.3.xx xxxxxxxx, L5x-OS-v01.xx-xxxxxxxx-2, L5x-OS-v02.xx-xxxxxxxx-2, L5x-OS-v04.xx-xxxxxxxx-2, L5x-OS-v04.xx-xxxxxxxx-3, L5x-OS-v05.xx-xxxxxxxx-2, L5x-OS-v05.xx-xxxxxxxx-3, FPE 7.P.408, FPE 7.S.408, FPE 7.S.409, FPE 7.P.409, SRED:FPE 7.S.0xx, L5x-OS-v03.xx-xxxxxxxx-2, 5P00-00500xx, 5S00-00500xx(SRED), 5S00-00510xx(SRED), 5P00-00510xx, 5P00-00520xx, 5S00-00520xx (SRED), 5P00-00530xx, 5S00-00530xx(SRED), L5x-OS-v06.xx-xxxxxxxx-2, L5x-OS-v06.xx-xxxxxxxx-3, 5S00-00540xx (SRED), 5P00-00540xx, L5x-OS-v07.01-xxxxxxxx-2, FPE 7.P.412, FPE 7.S.412, 5S00-00550xx(SRED), 5P00-00550xx, L5x-OS-v07.xx-xxxxxxxx-2, 5S00-00570xx (when operating in SRED mode), 5P00-00570xx (when operating in non-SRED mode), 5S00-00571xx (when operating in SRED mode), 5P00-00571xx (when operating in non-SRED mode)
Applic #:
Approved Components:
4-60108 PED 2.x 30 Apr 2017 Online & Offline TDES:

Acquirer-controlled Both Display,ICCR,MSR,CTLS,PIN Entry,OP,SRED