Approval Number

Approval numbers are assigned by PCI SSC at the time of approval and remain the same for the life of the device's approval.

Additional Information

This field may be used to place any additional pertinent information. For example, when a vendor has changed the status of a device to end-of-life (EOL), as delineated in 5.4, "Approval-Listing Fee," and thus the device is no longer available for purchase except for maintenance purposes. Devices with EOL status are no longer supported by the vendor and no deltas are processed for those devices. The date and month of the EOL will be listed on the Website

This will also be used for v2, v3 and v4 HSMs to delineate whether they are approved for restricted or unrestricted usage as delineated in the HSM Security Requirements:

Devices supporting ISO PIN Block Format 4 (AES) will be noted here. For additional information on whether the MK/SK, DUKPT or Fixed Key methodologies are supported for AES PIN Blocks, see the Key Management section. POI v5 and higher devices supporting online PIN and HSM v4 and higher devices supporting PIN processing are required to support ISO PIN Block Format 4.

This field will also be used for notation for POI v6 and higher devices supporting Bluetooth and/or Wi-Fi that have been architected and evaluated to support unauthenticated wireless communications using those technologies.

In addition, v4 HSMs that meet additional criteria to support remote-e.g., non-console-administration for configuration and cryptographic key loading, will be noted here as "Remote-managed HSM." Requirements for Remote-managed HSMs are a subset of those for Multi-tenant HSMs.

Devices must support key blocks using the ANSI X9.143 key-derivation methodology for TDES keys; and for AES keys, must support either the X9.143 methodology or the ISO 20038 methodology. In either case, equivalent methods can be used where subject to an independent expert review and where that review is publicly available. The link to be provided here is where a vendor who implements a proprietary method has had that method validated per PCI-prescribed criteria as equivalent.

For v5 and higher POI devices, the POI has been evaluated to determine if it supports PQC. And for v3 and higher HSM devices, the HSM has been evaluated to determine if it supports PQC. Specifically, the support in the API and/or processing of the device of cryptographic algorithms that are considered secure against a cryptanalytic attack by a quantum computer. The details of the PQC implementation are stated in the security policy, including the specifics for all cryptography and associated critical security parameters (CSPs). These are included in the relevant tables in the Security Policy. This includes both the encapsulation and signature algorithms implemented and available through functional calls. This notation is for the existence of PQC support. Details of the degree of post-quantum readiness can be obtained from the device vendor.

Approval Class

The Approval Class is used by PCI to ensure that its payment security device approvals accurately describe today's ever-evolving designs, architectures, and implementations. All POIs and HSMs approved by PCI SSC in the framework of the PCI PTS Device Security Evaluation Program, regardless of the designated Approval Class, carry PCI's full approval status. Financial institutions, or their designated agents (e.g., merchants or processors), should make sure that they understand the different classes, as they represent how the payment security device has met the PCI PTS Device Security Requirements. Detailed Approval Class Descriptions can be found in the Device Approval & Testing Guide.

Approved Components

(PED, RAP, UPT)

"Approved components" contains, when relevant, the list of approved components that are part of the approved device, and which have successfully undergone a distinct evaluation. Each component is listed with its approval number.

The use of a device with components e.g., EPPs, card readers that are different than that listed as an approved component for that device invalidates that device's approval.

RAP devices may be listed as an approved component of one or more associated HSMs. For v4 and higher HSMs, the HSM must be validated to the Remote-Managed HSM requirements.

Version

Version refers to the version of the security requirements the device has been evaluated against. Each approval class may follow its own version release schedule.

Expiry Date

The expiration date for PCI-approved devices is the date upon which the device's approval expires. All device approvals expire
in accordance with the schedule below, except for SCRPs.
For SCRPs the approvals will expire five years after the date of approval.

Requirements Version Used
During Evaluation at Laboratory

Expiration of Requirements

Approval Expiration of Device Models

Version 7.x of PCI PTS POI Security Requirements

June 2029

April 2035

Version 4.x of PCI HSM Security Requirements

December 2025

April 2032

Version 6.x of PCI PTS POI Security Requirements

June 2026

April 2032

Version 5.x of PCI PTS POI Security Requirements

June 2021

April 2027

Version 3.x of PCI HSM Security Requirements

December 2022

April 2026

Version 4.x of PCI PTS POI Security Requirements

September 2017

April 2024

Version 2.x of PCI HSM Security Requirements

June 2017

April 2022

Version 3.x of PCI PTS POI Security Requirements

April 2014

April 2021

Version 1.x of PCI HSM Security Requirements

April 2013

April 2019

Version 2.x of PCI PED or EPP Security Requirements

April 2011

April 2017

Version 1.x of PCI UPT Security Requirements

April 2011

April 2017

Version 1.x PCI PED or EPP Security Requirements

April 2008

April 2014

PCI SSC device approvals expire six years past the effective date of a subsequent major (5.0, 6.0, etc.) update of the applicable Security Requirements.

POI v6 or higher firmware expires three years from the date of approval but shall not expire past the overall approval expiration of the device.

PIN Support

(EPP, PED, SCR, SCRP, UPT)

"PIN Support"denotes the type of PIN entry verification that can be supported by the POI.
"Online" represents that the POI has the capability to support online PIN verification by the payment card's issuer or its designated processor. To pass testing, POIs that support online PIN entry must support the use of TDES or AES to protect the PIN. Additionally, if the PIN needs to be protected during transport in nonintegrated offline POIs, then the POI must support the use of TDES or AES for that channel. "Offline" means that the POI has the capability to support offline PIN verification by the payment card's integrated chip.

Unless otherwise noted, the "Offline" designation, without any suffix, in the PCI PTS Device Approval List represents that the POI has the capability to support both plaintext and enciphered offline PIN verification. The "Offline (p)" designation with the "(p)" as a suffix represents that the offline POI has the capability of performing only plaintext offline PIN verification.

However, under current testing, all newly evaluated offline POI devices must support both plaintext and enciphered PIN verification. SCRs or other POI devices that include an ICCR or hybrid reader must have an "Offline" designation in order to be used for offline PIN acceptance.

Note:
All newly approved offline PIN verification POIs must support both plaintext and enciphered PIN verification.

PIN Encryption Key Management

(EPP, PED, SCRP, UPT, SCR)

"PIN encryption key management" denotes whether the Laboratory has successfully evaluated the payment security device to support the use of Triple DES (TDES) or AES for PIN encryption for online PIN. TDES requires use of at least a double-length key.

A MK/SK (master key, session key), DUKPT, and/or Fixed designation denote that the device has been evaluated successfully to support the implementation of TDES for that particular key-management method(s).

Where AES is used, that will be explicitly noted in conjunction with the MK/SK, DUKPT and/or Fixed Key methodologies.

Note: DUKPT is the only unique key per transaction (UKPT) algorithm (ANSI X9.24) that PCI SSC recognizes and approves; all other forms of UKPT tested by the Laboratory will not be depicted in the approval letter or on "Approved PTS Devices" on the Website.

Note: POI v5 and v6 devices used for online PIN must support ISO PIN Block Format 4 (AES).

Note: Fixed Key is not allowed for POI v6 and higher devices.

This is for POI devices supporting the entry of online PINs, and in general, this will be N/A for devices in the Non-PED or SCR approval classes and will be N/A for offline PIN-only devices. SCRPs can indirectly support online PIN in connection with mobile-based solutions via PIN translation.

PIN Encryption Key Management is only applicable for SCRs where the SCR does PIN translation in connection with sending the PIN online to a host.

SRED Key Management

(EPP, PED, SCR, SCRP, UPT)

"SRED key management" denotes whether the Laboratory has successfully evaluated the payment security device to support the use of Triple DES (TDES) or AES for Account Data encryption. TDES requires use of at least a triple-length key or DUKPT for account data encryption.

A MK/SK (master key, session key), DUKPT and/or Fixed designation denote that the device has been evaluated successfully to support the implementation of TDES for that particular key-management method(s).

Where AES is used, that will be explicitly noted in conjunction with the MK/SK, DUKPT and/or Fixed Key methodologies.

Note: Fixed Key is not allowed for POI v6 and higher devices.

Format-preserving encryption (FPE) shall be denoted where one of the ANSI, ISO or NIST approved algorithms are used.

Note: The FPE notation is only presented for POI v6 and higher devices.

Prompt Control

(PED, EPP, UPT)

Vendor-controlled: The end-user, acquirer, or reseller cannot modify the POI's firmware or POI's payment application to make changes to the device's prompts or PIN-entry controls. Only the POI's original equipment manufacturer has the capability to modify the prompts and controls for PIN entry.

Acquirer-controlled: The original equipment manufacturer has shipped the POI with mechanisms for controlling the POI display and its use in place. These mechanisms can be employed to unlock the POI for updates of the prompts by the acquirer, using proper cryptographically controlled processes as defined in the applicable POI security requirement. The reseller or end-user, if authorized by the acquirer, can also make updates using proper cryptographically controlled processes.

Not applicable for devices without a display.

Devices must be deployed locked. In any case, the acquiring customer is always responsible to ensure that appropriate processes and documented procedures are in place to control the POI display and usage.

PIN-entry Technology

(PED, EPP, UPT)

"PIN-entry technology" denotes which technology is implemented in order to capture the cardholder PIN. The value for this field can be:

A device cannot support both a physical keypad version and a touchscreen version under the same approval where both can be used for PIN entry. It may support a device that has both interfaces in connection with providing support for national or local disability laws.

Functions Provided

(EPP, HSM, Multi-tenant HSM, non-PED, PED, SCR, SCRP, UPT)

"Functions provided" denotes which of the following functions are supported by the device. One or more of the following may apply, depending on the implementation:

Note: Contactless readers are only considered compliant for P2PE usage if the device in question has been validated to SRED. Furthermore, some device approvals may have versions validated to SRED and some that are not. Where such a mix occurs, only devices using a firmware version designated for SRED are validated to meet the contactless reader Security Requirements. For devices with contactless readers using firmware that is not validated to SRED, the contactless readers are not validated to any Security Requirements.

Company Approval Number More Information Product Type Version More Information Expiry Date More Information PIN Support More Information PIN Encryption Key Management More Information SRED Key Management More Information Prompt Control More Information PIN Entry
Technology More Information
Functions Provided More Information Additional Information More Information
Thales DIS CPL USA, Inc.
payShield Trusted Management Device (TMD)
Hardware #: 2.00.xx
Firmware #: SP: 3650100x, AP: xx13-5500000-xxx, SP: 3651100x
Applic #:
Approved Components More Information:
4-40285 3.x 30 Apr 2026 N/A TDES:
N/A

AES:
N/A
TDES:
N/A

AES:
N/A

FPE:
N/A
N/A N/A