All new PIN entry devices must obtain PCI approval

PCI approval focuses on PIN security and related subjects.

PCI approval has superseded PED approval. It is a joint effort between Visa, MasterCard and JCB. Since October 1, 2005, all new PIN entry devices must obtain PCI approval; Visa PED approval is no longer accepted. From 1/5-2014 all new deployments of payments solutions has to have at least PCI 2.x to be compliant.

Device classes
There are different approvals for online and offline devices. There are also different device classes, such as:

  • POS pinpads (attended use)
  • EPP pinpads without display (typically for ATMs)
  • ATMs
  • UPTs (unattended payment terminals)

Security levels for online devices
For the online devices, security levels differ depending on the cryptography used:

  • DUKPT (Least demanding)
  • MK/SK (More demanding)
  • Fixed Key (Most demanding)

Read about the security requirements and approved devices here: PCI Security Standards

All Crypteras PCI approved devices can be found on the following website: Approved PIN Transaction Security (PTS) Devices.