Compliance Control логотип

PIN Security

We are VISA PIN Security Assessor (PIN SA)

PCI PIN Security preaudit

Gap assessment

We perform initial gap assessment according to PCI PIN Security Requirements 2.0 following methodology developed by VISA and provide you with detailed remediation plan

PCI PIN Security prepare

Remediation

During all remediation process we provide you with required consultation support and helps to implement required procedures and formal policies (including templates)

PCI PIN Security certify

Certification

Will complete the audit according PCI PIN Security Requirements 2.0 and inform VISA about successful results.

About PCI PIN Security

General information

PCI PIN Security Requirements is requirements set for the secure management, processing, and transmission of personal identification number (PIN) data during online and offline payment card transaction processing at ATMs and attended and unattended point-of-sale (POS) terminals.
It consists of 33 requirements and special notes for Symmetric Key Distribution using Asymmetric Techniques and for Key-Injection Facilities

Two-year cycle for all regions

Since 2014 only approved by VISA Inc. Security Assessor are responsible for validation.

Who must comply

• PIN-Acquiring Third-Party VisaNet Processor (VNP) - A third-party entity that is directly connected to VisaNet and provides acquiring PIN processing services to clients.
• PIN-Acquiring Client VisaNet Processor Acting as a Service Provider - A Visa client or client- owned entity that is directly connected to VisaNet and provides PIN-acquiring processing services to clients and merchants.
• PIN-Acquiring Third-Party Servicers (TPS) - A PIN-acquiring agent that stores, processes or transmits Visa account numbers and PINs on behalf of Visa clients.
• Encryption and Support Organization (ESO) - An entity deploying ATM, point-of-sale (POS) or kiosk PIN acceptance devices that process and accept cardholder PINs and/or manage encryption keys (i.e., key injection facilities).
Other third-party entities that are not identified above but that perform PIN translation, key management and/or manage ATM or POS devices for Visa clients may also be subject to the PIN Security Program requirements.

Ask expert

Ask us about PIN Security compliance