Recent FAQ Changes RSS
Latest changes to PCI SSC frequently asked questions.
Which PCI PTS point-of-interaction (POI) devices can be used in a validated P2PE solution?
A Council-listed P2PE solution must use a PCI-approved point-of-interaction device (POI), which has been evaluated and approved via the PCI PTS program with SRED (secure reading and exchange of data) …
Are third-party storage providers storing only encrypted cardholder data in scope for PCI DSS?
Generally, encrypted cardholder data stored at a third-party storage provider remains the responsibility of the storage provider's customer who is storing the data. However, determining which party is responsible for …
Can PCI PED 1.x devices receive SRED validation and be used in a P2PE solution?
No, PCI PED 1.x devices are not eligible for SRED validation, and therefore cannot be used in a PCI P2PE solution.
Are merchants using Council-listed P2PE solutions out of scope for PCI DSS?
No. While use of a validated, listed P2PE solution can help to reduce the scope of a merchant's cardholder data environment, it does not remove the need for PCI DSS …
What is a P2PE solution provider?
The P2PE solution provider is a third-party entity (for example, a processor, acquirer, or payment gateway) that has overall responsibility for the design and implementation of a specific P2PE solution, …
What is a point-to-point encryption (P2PE) solution?
A point-to-point encryption (P2PE) solution is provided by a third party solution provider, and is a combination of secure devices, applications and processes that encrypt data from the point of …
What is the Point-to-Point Encryption (P2PE) Standard?
The PCI Point-to-Point Encryption (P2PE) Standard contains detailed security requirements and testing procedures for application vendors and providers of P2PE solutions to ensure that their solutions can meet the necessary …
How do I contact the payment card brands?
Contact details for the payment brands are provided below:
American Express
- Website: www.americanexpress.com/datasecurity
- Email: AmericanExpressCompliance@trustwave.com
Discover
- Website: http://www.discovernetwork.com/merchants/data-security/index.html - For questions about the …
How do I contact the payment card brands?
Contact details for the payment brands are provided below:
American Express
- Website: www.americanexpress.com/datasecurity
- Email: AmericanExpressCompliance@trustwave.com
Discover
- Website: http://www.discovernetwork.com/merchants/data-security/index.html - For questions about the …