PIN Security Program

PIN Security Program

Visa is simplifying and unifying PIN security compliance validation across all regions.

Welcome to Visa® PIN Security website. The information on this site describes Visa's global Personal Identification Number (PIN) Security program designed to assist organizations in maintaining the highest level of PIN security. This website contains timely NEWS articles about PIN topics as well as Important Visa PIN Information for anyone involved with PIN processing.

If you have any questions pertaining to PIN security at Visa, contact your regional Visa Risk Representative or send an email to pin@visa.com.

NEWS

Changes to PIN Security Program Go Into Effect - 1 January 2014 NEW

Visa is updating its PIN Security Program, simplifying and unifying PIN security compliance validation across all Visa Inc. regions. The modifications will drive PIN security through a risk-based, prioritized approach that focuses on entities that process PIN data or perform key management activities on behalf of Visa clients.

Visa PIN Security Program changes go into effect 1 January 2014.

Read more about the program changes:

For information on the PIN Security Program modifications, contact your regional Visa Risk Representative.

Important Visa PIN Information

PIN Entry Device (PED) Usage, Sunset and Expiration Dates NEW

Visa's PIN Entry Device (PED) requirements have been updated.

Know key dates and best practices to consider when developing PED acquisitions, usage and deployment strategies for your organization. Answers to PED frequently asked questions and information about PCI PTS V1.x devices expiring on April 30, 2014 is included.

Compromised PIN Entry Device (PED) List NEW

Visa's maintains a list of older PIN Entry Devices (PED) reported as compromised and may be vulnerable to attacks.

All organizations are encouraged to review this list to identify if listed devices are deployed in your environment and what actions you should take to protect your organization from loss.

Know What is Secure - Approved PIN Acceptance Device List

The PCI Security Standards Council (PCI-SSC) PIN Transaction Security (PTS) Point of Interaction (POI) Security Requirements provides a single set of evaluation requirements for all PIN acceptance devices.

The listing of PCI Approved PTS Devices and other information are available from the Council's website at www.pcisecuritystandards.org.

Don't Be A Victim of Card Skimming - PIN Entry Devices and Best Practices

All merchants need to read Skimming Prevention: Best Practices for Merchants. This document will assist and educate merchants regarding security best practices and defenses against skimming attacks.

Best Practices for Issuer PIN Security

The Issuer PIN Security Guidelines provides best practices and recommendations for Issuers managing PINs within their environment. Visa highly encourages Issuers to review and follow these guidelines to protect PIN data within Issuers domains.

For more information on Visa PIN Security Program, contact your regional Visa Risk Representative at the following e-mail addresses: