- Digital twins are optimizing supply chains and more. Here's why enterprises should care
- Getting Out in Front of Post-Quantum Threats with Crypto Agility
- Join Sam's Club for $15 - the lowest price we've seen. Here's how
- Meta's new $299 Quest 3S is the VR headset most people should buy this holiday season
- Get Microsoft Office 2019 for Windows or Mac for $25
Request for Comments: PTS POI Modular Security Requirements v6.1
From 5 October to 3 November 2021, eligible PCI SSC stakeholders are invited to review and provide feedback on the PTS POI Modular Security Requirements v6.1 draft during a 30-day request for comments (RFC) period. The full list of stakeholders eligible to participate can be found on the PCI SSC RFC webpage.
The RFC will be available to primary contacts through the PCI SSC portal, including instructions on how to access the document and submit feedback. Eligible stakeholders will also receive instructions via email. As a reminder, participants are required to accept a Non-Disclosure Agreement (NDA) to download the document. Please review the RFC Process Guide for more information.
Please note that PCI SSC can only accept comments that are submitted via the PCI SSC portal and received within the defined RFC period.
Background on the PTS POI Modular Security Requirements v6.1
The PCI PTS POI Modular Security Requirements enhances security controls to defend against physical tampering and the insertion of malware that can compromise card data during payment transactions. The updates in the RFC are designed to address industry needs by:
- Updated criteria on PAN truncation/encryption to accommodate 8-digit BINs
- Added criteria for use of unauthenticated wireless communications
- Updated cryptographic check value language
- Added EdDSA as an approved cryptographic algorithm for digital signatures
Please review the RFC Process Guide and our resource guide: What to Know Before Participating in a PCI SSC RFC for more information on the PCI SSC RFC process.
