Friday, October 21, 2011
The update to the PTS DSS, a companion to the overarching Payment Card Industry DSS, provides guidelines for the testing of any card acceptance device to determine if it can be used with P2PE technology. The PCI SSC said that, until now, the PTS DSS applied to PIN acceptance devices only. But with the release of version 3.1 of the PTS DSS, any device used for the acceptance of electronic payments can now be tested for its compatibility with P2PE technology.
Additionally, the new version of PTS DSS addresses secure card readers (SCRs) – devices that encrypt card data at the point of swipe, such as mag-stripe reading "sleeves" and dongles that fit on smart phones to transform them into payment acceptance devices. "Merchants looking to use magnetic stripe readers (MSRs) or MSR plug-ins now can ensure these devices have been tested and approved to encrypt data on the reader before it reaches the device," the PCI SSC said.
The council hopes the release of the update will promote the use of open payment platforms, exemplified by smart phone payment systems. PCI SSC General Manager Bob Russo said, "We know how eager the market is to implement P2PE. By releasing these updated requirements now, merchants using any type of card acceptance device will have the ability to encrypt data at the point of interaction and ensure its protection. Additionally, we've opened the standard up to address mobile devices – another area of great interest to our stakeholders."
Version 3.0 of PTS DSS was released in April 2010. The October 2011 update, v3.1, can be accessed at www.pcisecuritystandards.org/documents/PCI_PTS_POI_SRs_v3_1.pdf and includes these new features:
The PCI SSC will host two free webinars outlining PTS DSS v3.1, followed by live Q&As. The webinars will be held Nov. 8 and Nov. 10, 2011.
The Green Sheet Inc. is now a proud affiliate of Bankcard Life, a premier community that provides industry-leading training and resources for payment professionals. Click here for more information.
Notice to readers: These are archived articles. Contact names or information may be out of date. We regret any inconvenience.