Skip to main content

PCI PIN Services

Securing PIN data during card present transactions

Speak with an Expert

Throughout the processing of online and offline payment card transactions at ATMs and POS terminals, the management, processing and transmission of personal identification number (PIN) data must meet the security requirements as specified in the PCI PIN security standard.

The key injection facilities (KIFs) who load cryptographic keys into the POS and ATM terminals, the certification authorities (CA) and registration authorities (RAs) who might be needed to authenticate cryptographic keys used in remote key loading methods, must also manage the cryptographic keys as per the PCI PIN security standard.

The latest PCI PIN security standard (i.e. PCI PIN V3) is a result of collaboration between PCI SSC and the Accredited Standards Committee (ASC X9) to create one unified PIN Security Standard for payment stakeholders.

UL is a PCI SSC Qualified PIN Assessor (QPA) company. As a QPA, UL can assist you with your Visa PIN, TR-39 and PCI PIN assessments of your SPoC (Software-based PIN entry on COTS) solution using the latest version of the PCI PIN security standard.


Depending on your role in the payment ecosystem, you may need to comply to more than one PCI program.

As the sole security industry expert offering the most number of PCI services globally, UL helps you simplify all of your PCI compliance needs for a cohesive risk management program.