Frequently Asked Questions

< Back to search page

Can PCI-listed P2PE v3 components be used as part of a P2PE v2 solution?

FAQ Response

Only the PCI-listed P2PE v3 component types that also exist in P2PE v2 may be used in a P2PE v2 solution assessment, which are:
  • Encryption Management
  • Decryption Management
  • KIF
  • CA/RA
The new P2PE v3 component types (POI Deployment, POI Management, Key Management, Key Loading) can only be used as part of a P2PE v3 component or solution assessment.
 

May 2020
Article Number 1478

Related Articles

Who can use SAQ P2PE?

What effect does the use of a PCI-listed P2PE solution have on a merchant’s PCI DSS validation?

How do PCI PTS-approved POI device expiry dates affect a PCI-listed P2PE solution?

Are P2PE Products (P2PE Solutions, P2PE Components, P2PE Applications) on the P2PE Expired Listings still considered “validated” per the P2PE Program Guide?

Can merchants use encryption solutions not listed on the PCI Council’s website to reduce their PCI DSS validation effort?