PCI Watch

Tracking changes across the Payment Card Industry
ℹ️
Reference Content: This is archived content from PCI Security Standards Council bulletins, preserved for tracking changes over time.
View Original →

PCI Security Standards Council Bulletin: Extension of Expiration of the PCI PTS POI v5 and PTS HSM v3 Security Requirements

PDF


















PCI Security Standards Council Bulletin: Extension of Expiration of the PCI PTS POI v5 and
PTS HSM v3 Security Requirements


26 March 2020


The PTS POI v6 Security Requirements are currently undergoing comment review and feedback from the second round
Request for Comment (RFC) process and will be published upon completion. Similarly, work on the PTS HSM v4
Security Requirements will begin later this year. However, the existing PTS POI v5.1 and PTS HSM V3.0 Security
Requirements are scheduled to be retired from use for new device approvals 30 April 2020. This would mean there
would be no new evaluations that result in a new approval number using these requirements after 30 April 2020.

Current PCI SSC processes allow for a 12 month overlap period between major versions of PTS security requirements.
This allows PTS vendors time to adjust their product designs to facilitate meeting the updated security requirements.
Therefore, to support PTS vendor device submissions and approvals, PCI SSC is extending the POI v5.1 and HSM
v3.0 Security Requirements expiration dates.

The PTS POI v5.1 Security Requirements usage for new device security approvals will be extended to expire 12
months from date of publication of the PTS POI V6 requirements. The PCI HSM v3.0 Security Requirements usage for
new device security approvals will be extended to expire 12 months from the date of publication of the PCI HSM v4
Security requirements. The exact expiration timing will be fixed upon publication of the respective documents.