PCI Security Standards Council Bulletin: Extension of Expiration Dates for PCI PTS HSM v4 Security Requirements and Approvals, and PCI PTS HSM v3 Approvals

PCI Security Standards Council Bulletin: Extension of PCI PTS HSM v4 Security Requirements
and Device Approval Expiration Dates, and PCI PTS HSM v3 Device Approval Expiration Dates

2 March 2026

The PCI PTS HSM v4 Security Requirements were previously scheduled to be retired for use in new
device security approvals on 31 December 2025. Without modification to this date, no new device
approvals based on the PTS HSM v4 Security Requirements would be issued after that time.

As part of its established policy, PCI SSC provides a minimum 12-month overlap period between major
versions of PTS Security Requirements. This overlap is intended to allow vendors sufficient time to adapt
product designs to meet updated security requirements.

In conjunction with the expected publication of the PCI PTS HSM v5 Security Requirements in 2026, PCI
SSC is extending the use of the PTS HSM v4 Security Requirements for new device security approvals
until 30 June 2027. In addition, the PTS HSM v4 device approval expiration date is extended by 12
months, from April 2032 to April 2033.

Additionally, the PCI PTS HSM v3 device approval expiration date is extended from April 2026 to April
2028.




###