The PIN Transaction Security standard consolidates three formerly separate requirements for PIN-entry devices in an update released today by the Payment Card Industry Security Standards Council.
Version 3.0 of the PIN Transaction Security standard now covers point-of-sale PIN-entry devices, encrypting PIN pads and unattended payment terminals. The new standard eliminates overlapping documentation that was part of version 2.0 with the goal of simplifying the overall security-evaluation process, the council says.
The updated standard includes three modules. One module applies to wireless-enabled devices and those that use an Internet connection. Another tests the security of the reading and encryption of cardholder data at the point of entry. The third module addresses the integration of components in unattended PIN devices.
Version 2.0 of the standard expires on May 12, 2011. Manufacturers may sell version 2.0-compliant devices until 2017, but devices they make after May 12 of this year must comply with version 3.0, according to a council publication.