PCI Watch

Tracking changes across the Payment Card Industry
ℹ️
Reference Content: This is archived content from PCI Security Standards Council bulletins, preserved for tracking changes over time.
View Original →

PCI Security Standards Council Bulletin: Extension of Expiration of the Approval of PCI PTS POI v3 Devices

PDF


















PCI Security Standards Council Bulletin: Extension of Expiration of the Approval of PCI
PTS POI v3 Devices

10 March 2020


Due to supply-chain disruptions related to the coronavirus , the PCI Council has extended the expiration date of PIN
Transaction Security Point-of-Interaction (PTS POI) v3 devices from 30 April 2020 to 30 April 2021.

For those countries and entities no t impacted by the coronavirus, we strongly encourage the deployment and use of
next generation solutions such as devices approved to PTS POI v4 or v5 and migrating to POI v6 devices when the
standard is released later this year.

On advisement from our industry stakeholders, the Council has determined the preventive controls to stop the spread of
the coronavirus will impact previously planned rollouts of POI v3 devices . While recognizing that earlier versions of POI
devices may be less robust in withstanding certain of the latest generations of attacks, we do not believe that this
limited one-year extension of the approval expiry date for POI v3 devices will materially impact that risk.

The PCI SSC advises merchants, financial institutions, vendors and other users of PTS POI v3 devices, specifically v3
PEDs (PIN entry devices), non-PEDs, EPPs (encrypting PIN pads), UPTs (unattended payment terminal), and SCRs
(Secure Card Readers) to contact their device vendors regarding the availability of more recently approved models to
use as replacements and in new deployments. Effective 30 April 2021, the affected devices will be removed from the
approved POI devices list on the PCI SSC website and listed separately here
.