PCI Security Standards Council bulletin on the expiration of the approval of PCI PTS POI version 3 devices

PCI Security Standards Council bulletin on the expiration of the approval of PCI PTS POI
v3 devices


10 MARCH 2020 UPDATE : Due to supply-chain disruptions related to the coronavirus, the PCI Council has extended
the expiration date of PIN Transaction Security Point -of-Interaction (PTS POI) v3 devices from 30 April 2020 to 30 April
2021. Read the Bulletin Here.


3 February 2020

PCI Security Standards Council (PCI SSC) approval of devices validated against version 3.0 of the PCI PIN Transaction
Security Point of Interaction (PTS POI) requirements expires 30 April 2020, as delineated in the Expiry Dates section of
the PTS Device Testing and Approval Program Guide. This expiration indicates devices may not be able to withstand the
latest generations of attacks and should therefore be replaced as soon as feasible. Effective 30 April 2020, the affected
devices will be removed from the approved POI devices list on the PCI SSC website and listed separately here.

The PCI SSC advises merchants, financial institutions, vendors and other users of PTS POI v3 devices, specifically v3
PEDs (PIN entry devices), non-PEDs, EPPs (encrypting PIN pads), UPT s (unattended payment terminal) , and SCRs
(Secure Card Readers) to contact their device vendors regarding the availability of more recently approved models to
use as replacements and in new deployments.

Users of such devices should also contact the applica ble acquiring financial institution or payment brand(s) for specific
requirements on the deployment, replacement and retirement of devices after the expiration of their approval by the PCI
SSC. Payment brand contact details can be found here.