Is my pinpad pci compliant? A complete list of approved pin entry devices is maintained at the PCI Security Standards Council web site. Be sure to read the legal conditions and restrictions regarding PCI PED approval as well.
Effective 1 July 2010, all attended POS PIN acceptance device models must have passed testing by a PCI-recognized laboratory and have been approved by Visa.
Effective 1 July 2010, Cardholder PINs must be TDES encrypted from all Points-of-Transaction to the Issuer. However, each Visa Region’s TDES dates will supersede the global TDES date whenever the Visa Region’s date precedes the global date.
Many PED units on the market today, including almost anything over two years old, do not meet this requirement and will have to be replaced.
Those with older pinpad devices that don’t meet the 2010 standard will have to replace them. Merchant services providers are sending out messages now so that merchants will have adequate time review equipment changes they need to make.
Do not assume that if you bought your pin entry device in the last year that it is compliant. It could have been an older model. Another way to check if yours meets the new compliance standard is to go to the manufacturer web site.