Latest changes to PCI SSC frequently asked questions.
No, they are no longer considered validated. However, please contact the payment brands regarding the use of P2PE Solutions on the P2PE Expired List (How do I contact the …
Yes, P2PE solutions with dates shown as red or orange are considered validated P2PE solutions and meet the eligibility criteria for SAQ P2PE. Dates shown in colors on the PCI …
P2PE solutions on the PCI list of Point-to-Point Encryption Solutions with Expired Validations are no longer considered "validated" per the P2PE Program Guide. Because these P2PE solution providers did not …
SAQ P2PE is intended for SAQ-eligible merchants or merchant environments (as determined by the individual payment card brands), that process cardholder data only via a validated PCI-listed P2PE solution. Whether …
No, they are no longer considered validated. However, please contact the payment brands regarding the use of P2PE Solutions on the P2PE Expired List (How do I contact the …
Contact the payment brands and/or acquirer (merchant bank) for more information about PCI compliance programs.
Contact details for the payment brands are provided below:
| American Express | …
Attestation documents, including AOCs, AOVs, and program-related attestations, that are provided by the PCI SSC require an assessor's signature. The assessor's signature signifies the individual has knowledge, approval, and acceptance …
P2PE v2 Program Guide: Used for the assessment and management of P2PE v2 solutions, applications, and components.P2PE v3 Program Guide: Used for the assessment and management of P2PE v3 …
Yes. P2PE solutions validated to P2PE v3.0 can contain P2PE components and applications validated using P2PE v2.0. Note, the P2PE v2 components are governed by the P2PE v2 Program Guide. …
Only the PCI-listed P2PE v3 component types that also exist in P2PE v2 may be used in a P2PE v2 solution assessment, which are:
