PCI PTS

PCI PTS -- Payment Terminal Security Standard

PCI PIN Transaction Security (PCI PTSPCI PTSCompliancePayment industry standard for PIN entry device security.Click to view →) is a certification program developed by the PCI Security Standards Council that defines security requirements for devices that handle cardholder PINs during EMV payment transactions. PCI PTS covers Point-of-Interaction (POI) terminals, HSMs, and PIN entry devices, ensuring that the cardholder's PIN is protected from capture or disclosure throughout the transaction chain.

Device Categories

PCI PTS evaluates three device categories. POI terminals (card readers, mobile payment devices) must protect the card data and PIN from the point of entry to the point of encryption. HSMs must safeguard cryptographic keys used for PIN translation and verification in the payment network. Secure Card Readers for PIN (SCR/PIN) must encrypt the PIN at the point of capture before transmitting it to the payment application. Each category has specific requirements for physical tampering resistance, cryptographic key management, and device software security.

Security Requirements

PCI PTS requirements mandate that PIN entry devices implement tamper-responsive mechanisms -- if the device is physically attacked (opened, drilled, or probed), the device must immediately erase all stored keys and render itself inoperable. Encryption of the PIN block must use 3DES or AES with DUKPT (Derived Unique Key Per Transaction) or equivalent key management. The standard also requires that no software running on the terminal can access the plaintext PIN, enforcing strict separation between the secure PIN-entry module and the application processor.

Relationship to Smart Cards

While PCI PTS certifies the terminal rather than the smart card itself, the standard directly impacts smart card transaction security. The terminal's PCI PTS certification ensures that when a cardholder inserts an EMV contact or taps an EMV contactless card, the PIN entered on the terminal keypad is immediately encrypted within the certified secure boundary. The terminal also validates the card's APDU response codes and offline data authentication results, working in concert with the card's own security mechanisms to complete the EMVCo transaction protocol.