Frequently Asked Question

Are there any restrictions on the form-factor that can be used for HSMs in P2PE solutions?

The PCI P2PE Standard does not define specific form factors nor does it restrict the type of form factor that can be used for an HSM in P2PE solutions. However, all form factors used in a P2PE solution must meet the requirements as defined in Domains 5 and 6, including the following:

The HSM must be validated to either FIPS 140-2 Level 3 (or higher) or PTS HSM
If FIPS-approved HSMs are used:
All functions used for the P2PE solution, including all cryptographic algorithms, data-protection mechanisms, and key-management processes.
The HSM must be configured to operate in the FIPS-approved mode for all operations (including algorithms, data protection, key management, etc.), according to the FIPS140-2 Level 3 (or higher) certification.

February 2016

Article Number: 1250

Frequently Asked Question

Frequently Asked Question

Are there any restrictions on the form-factor that can be used for HSMs in P2PE solutions?

Featured FAQ Articles

Featured

Most Popular

Most Recently Updated

Copyright © 2006 – 2024 PCI Security Standards Council, LLC. All rights reserved. Terms and Conditions.

Frequently Asked Question

Are there any restrictions on the form-factor that can be used for HSMs in P2PE solutions?

Related

Featured FAQ Articles

Featured

Most Popular

Most Recently Updated

Copyright © 2006 – 2024 PCI Security Standards Council, LLC. All rights reserved. Terms and Conditions.