PCI Watch

Tracking changes across the Payment Card Industry
ℹ️
Reference Content: This is a copy of content from the PCI Security Standards Council FAQ database, preserved for tracking changes over time.
View Original →
FAQ #1164 Published

Is the P2PE Standard applicable for merchants that have developed/implemented their own encryption solution?

The P2PE v1.1 standard applies only to third-party P2PE solutions, where all encryption and decryption operations, and all cryptographic keys, are managed by a third party solution provider, and the merchant has no access to clear-text account data or to the P2PE cryptographic keys.

For the P2PE v2 standard and merchant-managed solutions, see Frequently Asked Questions (FAQ) for Validation Processes for Merchant-Managed Solutions on the PCI SSC website.
.

View original on PCI SSC website View all versions Back to recent changes

Disclaimer: This FAQ has been processed for display on this website and may contain errors. Please check the original FAQ on the PCI SSC website for the authoritative version.