Diff: FAQ #1246

Can a QSA that is not also a P2PE Assessor validate an encryption solution meets P2PE Requirements?

Earlier Version
2016-06-01T00:00:00+00:00

Later Version
2024-05-10T14:15:40+00:00

Removed

Added

No. Only P2PE Assessors are qualified by the PCI Security Standards Council to evaluate P2PE Solutions, P2PE Components and P2PE Applications. Note that only a ~~QSA~~P2PE ~~(P2PE)~~Assessor is qualified to evaluate P2PE Solutions (including Merchant-Managed Solutions) and P2PE Components, while a ~~PA-QSA~~P2PE ~~(P2PE)~~Application Assessor is additionally qualified to evaluate P2PE Applications.

Disclaimer: This FAQ has been processed for display on this website and may contain errors. Please check the original FAQ on the PCI SSC website for the authoritative version.