PCI Point-to-Point Encryption (P2PE)® Solutions

This listing is a resource for merchants and acquirers to use in selecting a Validated Point-to-Point Encryption (P2PE) Solution.

P2PE Solutions with an Expired Validation - These are P2PE Solutions whose validation approval has expired as described in the P2PE Program Guide. Please contact the payment brands for information regarding the use of expired P2PE Products. P2PE Solutions with an expired validation are listed separately here.

P2PE Solutions and the PIM - Each Validated P2PE Solution has an associated P2PE Instruction Manual (PIM) that is provided by the Solution Provider. The PIM provides merchants using the P2PE Solution pertinent guidance to effectively and securely manage their encryption environments and the PTS POI devices within their purview: e.g., the secure installation of PTS POI devices, monitoring PTS POI devices for signs of tampering, and appropriate incident response procedures for security incidents.

P2PE Program - For information regarding the PCI P2PE program, please click here for our document library.

P2PE Component and P2PE Application Listings - Click here for P2PE Application Listings or here for the P2PE Component Listings.

Read more

Find Point-to-Point Encryption Solutions

Click here for more information about the listings

Filter by
Export List 


Company
P2PE
Standard
Version

P2PE Assessor
Company
Annual
Revalidation
Date

Reassessment
Date
 

Dates in orange represent a P2PE Product that has not been Annually Revalidated in accordance with P2PE Program Requirements (up to 90 days overdue).

Dates in red represent a P2PE Product that has not been Annually Revalidated in accordance with P2PE Program Requirements (more than 90 days overdue).

Validated P2PE Products that have not been Annual Revalidated in accordance with P2PE Program Requirements within 180 days of their Annual Revalidation date or Reassessment date, as applicable, will be transferred to the P2PE Expired Listings.

Annually at year 1 and 2, based on the date of the P2PE Product's Acceptance, the P2PE Vendor is required to submit an updated P2PE Attestation of Validation for their Validated P2PE Product. Refer to the P2PE Program Guide for further information.

Validated P2PE Products require a Full Assessment every three years based on the date of the P2PE Product's Acceptance. Refer to the P2PE Program Guide for further information.

Indicates the P2PE Product is using a dependency (P2PE Component, P2PE Application, and/or PTS POI Device) that is not in accordance with applicable P2PE Program Requirements (e.g., Annual Revalidation, Reassessment, device expiry, etc.). Click on the Listing "Details" to find the dependency, or dependencies, that are flagged with this icon. Refer to the P2PE Program Guide for more information.