PCI SSC updates standard for payment devices to protect cardholder data

Thursday 18 June 2020 11:46 CET | News

The PCI Security Standards Council (PCI SSC) has streamlined the standard for payment devices to empower stronger protections for cardholder data.

According to Help Net Security, the PCI PIN Transaction Security (PTS) Point-of-Interaction (POI) Modular Security Requirements 6.0 will boost security controls to defend against physical tampering, and the insertion of malware that can compromise card data during payment transactions.

Moreover, PTS POI Version 6.0 is set up to protect PINs and the cardholder data stored on the card – on the magnetic stripe, or the chip of an EMV card – or used in conjunction with a mobile device. Therefore, PTS POI Version 6.0 reorganises the requirements, while introducing changes such as:

Restructuring modules into Physical and Logical, Integration, Communications and Interfaces, and Life Cycle to reflect the diversity of devices supported under the standard and the application of requirements based upon their individual characteristics and functionalities.
Limiting firmware approval time frames to three years to help ensure ongoing protection against evolving vulnerabilities.
Requiring devices that accept EMV enabled cards to support Elliptic Curve Cryptography (ECC) to help facilitate the EMV migration to a more robust level of cryptography.
Enhancing support for the acceptance of magnetic stripe cards in mobile payments using solutions that follow the Software-Based PIN Entry on COTS (SPoC) Standard.

More: Link

Free Headlines in your E-mail

Every day we send out a free e-mail with the most important headlines of the last 24 hours.

Subscribe now

Keywords:	PCI Security Standards Council, PCI PTS, malware, cards, card data, cardholder, EMV card, Elliptic Curve Cryptography, ECC, magnetic stripe cards, mobile payments, Software-Based PIN Entry on COTS Standard, SPoC
Categories:	Payments & Commerce
Companies:
Countries:	World

This article is part of category

Payments & Commerce

::: more

Free Headlines	::: subscribe now
RSS	::: follow ThePaypers via RSS ::: connect
LinkedIn	::: connect with ThePaypers on LinkedIn ::: connect
Twitter	::: follow ThePaypers on Twitter ::: follow
Facebook	::: like ThePaypers on Facebook ::: like

PCI SSC updates standard for payment devices to protect cardholder data

Free Headlines in your E-mail

Payments & Commerce

Voice of the Industry

Navigating the ISO 20022 migration: Insights and strategies

The threats and opportunities of the AI revolution in compliance

Frictionless payments: adopting technological advancements to tackle security concerns

Shaping the future of the payments industry: key insights from MPE 2024

A bumpy road to becoming an open identity infrastructure: MOSIP Connect 2024 in retrospect

Interviews

Presenting crypto payments trends – a CoinsPaid perspective

Key ecommerce and payments trends in 2024

AML/sanctions compliance: A vital lifeline for Banking-as-a-Service partnerships' survival

The agility of the Electronic Money Institution: paving the way for instant, low-cost payments around the globe

Countdown to IFGS 2024: Unveiling trends shaping fintech's next decade

Industry Events

The Paypers

This Site

Contact Information

Legal Information