Document Comparison

Q16: Jan 2026 - The current v3.x P2PE Standard and Program accounts for ‘Remote Key Distribution using Asymmetric Techniques’; however, does it account for remote key distribution using symmetric techniques? A The current v3.x P2PE Standard and Program do not explicitly account for remote key distribution using symmetric techniques; however, it is not prohibited from being supported in a P2PE Solution or from being included in the scope of a P2PE assessment. There is not a Listing attribute tag to denote alternative remote key distribution methods supported by the P2PE Product.

Entities interested in key distribution methods of P2PE Solution Providers are encouraged to contact those Providers to discuss the key distribution methods they support, and if they included those methods in the scope of their P2PE assessment.

Q7: Jan 2026• What are the options available for a P2PE Application Vendor when performing a P2PE Application Reassessment with regard to the P2PE Application listing that is being replaced or superseded? A There are two options for a Vendor regarding an eligible P2PE Application Reassessment where the listing for the new P2PE Application (“P2PE_App_New”) will replace or supersede the existing P2PE Application listing (“P2PE_App_Previous”). The P2PE Application Assessor will be required to select the Vendor-chosen option in the Portal upon submission of the P2PE Application Reassessment:

Option 1: Leave P2PE_App_Previous on the Validated list and let it expire as per the P2PE Program (upon 180 days after the Reassessment Date), at which time it will move to the Expired List. This may result in both P2PE_App_Previous and P2PE_App_New coexisting on the Validated list until such time as P2PE_App_Previous moves to the Expired list. However, they are unique [separate] listings with …