Document Comparison
PCI-P2PE-v3.x-Technical-FAQs-04Dec2024.pdf
→
PCI-P2PE-v3.x-Technical-FAQs-30Jun2025.pdf
94% similar
21 → 22
Pages
6359 → 6808
Words
10
Content Changes
Content Changes
10 content changes. 10 administrative changes (dates, page numbers) hidden.
Added
p. 18
Q6: June 2025
• Is there additional clarity regarding the following statement in the PCI P2PE Program Guide, Appendix E, regarding the use of wildcards? “A “wildcard” element is a variable character that may be substituted for a defined subset of possible characters in an application versioning scheme.” A The following information is in addition to the information in the PCI P2PE Program Guide, Appendix E. - Reminder that wildcards can ONLY be used at the rightmost portion of the version number, and there cannot be a non-wildcard to the right of any wildcard. - A wildcard is a single character variable that can be a lowercase {‘x’, ‘y’, ‘z’}, an uppercase {‘X’, ‘Y’, ‘Z’}, or an asterisk ‘*’. Therefore, any other alphabetic characters cannot be a wildcard character.
E.g., this is NOT allowed: 12.x.36, or 1.ABx.2 - The allowable wildcard characters above cannot be used as non-wildcard characters. - More than …
• Is there additional clarity regarding the following statement in the PCI P2PE Program Guide, Appendix E, regarding the use of wildcards? “A “wildcard” element is a variable character that may be substituted for a defined subset of possible characters in an application versioning scheme.” A The following information is in addition to the information in the PCI P2PE Program Guide, Appendix E. - Reminder that wildcards can ONLY be used at the rightmost portion of the version number, and there cannot be a non-wildcard to the right of any wildcard. - A wildcard is a single character variable that can be a lowercase {‘x’, ‘y’, ‘z’}, an uppercase {‘X’, ‘Y’, ‘Z’}, or an asterisk ‘*’. Therefore, any other alphabetic characters cannot be a wildcard character.
E.g., this is NOT allowed: 12.x.36, or 1.ABx.2 - The allowable wildcard characters above cannot be used as non-wildcard characters. - More than …
Modified
p. 1
Payment Card Industry (PCI) Point-to-Point Encryption (P2PE)® Technical FAQs for use with PCI P2PE v3.x December 04 2024
Payment Card Industry (PCI) Point-to-Point Encryption (P2PE)® Technical FAQs for use with PCI P2PE v3.x June 30, 2025
Modified
p. 3
Updated Technical FAQs: General: Q2, Q3, Q4, Q7, Q8, Q9 Domain 2: Q2 New Technical FAQ(s): Domain 2, Q4 October 31 2024 New Technical FAQ: General: Q13 December 04 2024 New Technical FAQ(s): General: Q14 Domain 2: Q5
Updated Technical FAQs: General: Q2, Q3, Q4, Q7, Q8, Q9 Domain 2: Q2 New Technical FAQ(s): Domain 2, Q4 October 31 2024 New Technical FAQ: General: Q13 December 04 2024 New Technical FAQ(s): General: Q14 Domain 2: Q5 June 30 2025 Updated Technical FAQs: General: Q2 (changed to v3.2), Q9 (extended POI v6 dates) New Technical FAQ(s): General: Q15 (v3.1 to v3.2 transition) Domain 2: Q6 (use of P2PE Application version wildcards)
Removed
p. 5
- Mandatory for New Assessments of P2PE Products and Reassessments of Validated P2PE Products as of 01 Jan 2022 - Requires use of the latest v3.x P-ROVs - P2PE v3.1 does not affect the Annual Revalidation or Reassessment dates for Validated P2PE Product listings assessed to earlier versions
Modified
p. 5
Q2: Oct 2021 (Updated Oct 2024) - What is the current P2PE Standard and Program Guide? A The current/latest PCI P2PE Standard is v3.1.
Q2: Oct 2021 (Updated Jun 2025) - What is the current P2PE Standard and Program Guide? A The current/latest PCI P2PE Standard is v3.2.
Modified
p. 5
The current/latest PCI P2PE Program Guide is v3.1.
The current/latest PCI P2PE Program Guide is v3.1, which is used for all v3.x of the P2PE Standard.
Modified
p. 11
Q9: Aug 2020 (Updated Oct 2024) - How do PCI-approved PTS POI device expiry dates affect a Validated P2PE Product? A Validated P2PE Solutions, P2PE Applications, and applicable P2PE Components are allowed to reassess their existing Validated P2PE Product with expired PTS POI devices for up to, but not exceeding, 5 years past the PTS POI device expiry dates (as listed on the PCI Approved PTS Devices list) for the PTS POI device types used in the P2PE Product.
Q9: Aug 2020 (Updated Jun 2025) - How do PCI-approved PTS POI device expiry dates affect a Validated P2PE Product? A Validated P2PE Solutions, P2PE Applications, and applicable P2PE Components are allowed to reassess their existing Validated P2PE Product with expired PTS POI devices for up to, but not exceeding, 5 years past the PTS POI device expiry dates (as listed on the PCI Approved PTS Devices list) for the PTS POI device types used in the P2PE Product.
Modified
p. 11
PCI PTS POI version PTS POI Expiry Date P2PE Reassessment End-date for Expired PTS POI Devices1 1.x Expired 2014 N/A
• v1.x devices are not P2PE eligible 2.x Expired APR 2017 29April2022 3.x Expired 30April2021 29April2026 4.x Expired 30April2024 29April2029 5.x 30April2026 29April2031 6.x 2,330April2031 29April2036 1 There may be regional variations
• please check with the respective payment brands to determine any variances in the dates shown above.
• v1.x devices are not P2PE eligible 2.x Expired APR 2017 29April2022 3.x Expired 30April2021 29April2026 4.x Expired 30April2024 29April2029 5.x 30April2026 29April2031 6.x 2,3
• please check with the respective payment brands to determine any variances in the dates shown above.
PCI PTS POI version PTS POI Expiry Date P2PE Reassessment End-date for Expired PTS POI Devices1 1.x Expired 2014 N/A
• v1.x devices are not P2PE eligible 2.x Expired APR 2017 29April2022 3.x Expired 30April2021 29April2026 4.x Expired 30April2024 29April2029 5.x 30April2026 29April2031 6.x 2,3 30April2032 29April2037 1 There may be regional variations
• please check with the respective payment brands to determine any variances in the dates shown above.
• v1.x devices are not P2PE eligible 2.x Expired APR 2017 29April2022 3.x Expired 30April2021 29April2026 4.x Expired 30April2024 29April2029 5.x 30April2026 29April2031 6.x 2,3 30April2032 29April2037 1 There may be regional variations
• please check with the respective payment brands to determine any variances in the dates shown above.
Modified
p. 15
Q2: Mar 2024
• Thecurrent v3.1 P2PE Standard states the following regarding sampling (examination and functional testing) of eligible PTS POI devices:
• The
Q2: Mar 2024
• The v3.1 P2PE Standard states the following regarding sampling (examination and functional testing) of eligible PTS POI devices:
• The v3.1 P2PE Standard states the following regarding sampling (examination and functional testing) of eligible PTS POI devices:
Modified
p. 21 → 22
• Effective 01 January 2024, the injection of clear-text secret or private keying material must not be allowed for entities engaged in key injection on behalf of others. This applies to new deployments of PTS POI v5 and higher devices. Subsequent to that date, only encrypted key injection shall be allowed for PTS POI v5 and higher devices.
• Effective 01 January 2024, the injection of clear-text secret or private keying material must not be allowed for entities engaged in key injection on behalf of others. This applies to new deployments of PTS POI v5 and higher devices. Subsequent to that date, only encrypted key injection shall be allowed for PTS POI v5 and higher devices. (past)