PIN Security
The PIN Security Standard is intended for the secure management, processing, and transmission of personal identification numbers (PINs) and associated cryptographic keys.
The PIN requirements validate the secure management of cryptographic keys throughout their lifecycle (key creation, conveyance, loading, usage, and administration), the use of secure PIN-processing methodologies, and the management and use of secure equipment for that processing.
Intended Audience
Acquiring institutions and agents responsible for PIN transaction processing on payment card industry participants’ denominated accounts.
Listings
There are no product listings for PIN Security Standard.
Professionals
Qualified PIN Assessors (QPAs) are qualified and trained by PCI SSC to perform independent assessments of environments where PINs are processed against the PIN Security Requirements and in accordance with the QPA Program Guide.
Resources
Training Information
The Qualified PIN Assessor course provides instruction on how to perform assessments of entities in accordance with the PCI PIN Security Requirements and Testing Procedures (PCI PIN Standard).
Knowledge Training courses are designed to bridge the knowledge gap between organizations and assessors by providing learning opportunities for individuals to take the same training and exam as the Assessor. Upon successful completion of training, learners will be given an acknowledgement of completion as well as the option to complete the exam and receive a digital badge.
Whether an entity is required to comply with or validate compliance to a PCI SSC standard is at the discretion of organizations that manage compliance programs, such as a payment brand, acquirer, or other entity. Visit our FAQ page for more information.