In 2019, PCI (Payment Card Industry) announced new revisions for PCI PIN security requirements. PCI’s function is to set standards that ensure secure handling of customer PINs and data. PCI planned for a phased implementation of updates to provide a more secure method of transferring encryption keys from an ATM’s host processor to the ATM. Circumstances, such as Covid-19, resulted in an update to the compliance deadline dates. The dates below reflect these changes.
PCI PIN Security Requirement Dates:
- December 31, 2022: Replace ATMs or upgrade EPP for ATMs with PCI PTS v1 or older
(v1 EPPs are Less secure technology)
- January 01, 2025: EPP hardware, firmware and software uses TR31 Phase 3 “Key Blocks”
Are your ATMs compliant?
In order to ensure the integrity of your ATMs, the current hardware and software needs an update. Failure to do so leaves your ATMs vulnerable. These vulnerabilities include risk of fraud, security attacks, data compromises and loss of revenue. As an ATM owner, the ATM networks consider you liable for any fraud or data breach involving your ATM. You could assess penalties or have any non-compliant ATMs shut down.
What actions should you take to ensure your ATMs are ready?
Prior to January 1, 2025, all ATMs will require, at a minimum, a software update. In addition, you may be required to replace your electronic PIN pad (EPP) or your ATM entirely. If you own or operate an ATM, do not leave this to chance. Contact the team at Edge One at 800-423-3343(EDGE). We will help audit your ATM fleet to ensure you are updated and compliant.