PIN Security Assessment Overview

Looking for more information on our Security solutions?Request Information

Are you accepting or protecting cardholder PIN?

If so, you are likely in-scope for a PIN security assessment.

Merchants, acquiring participants, KIFs, CAs/RAs and other support entities may be responsible for having a PIN security assessment performed. Your acquirer will inform you if you must obtain a certification, which must generally be performed every other year. Whether you’ve been through this process a dozen times, or this is your first year, ControlScan has your back.

PIN assessments address the need to manage devices, encryption keys, and handling of PIN as it moves between the cardholder and the debit and credit networks (STAR, Pulse, NYCE; Visa, Mastercard, Discover, American Express, JCB). Issuers may also choose to certify to PCI PIN to ensure protection of these sensitive data.

Learn more about how ControlScan can streamline your PIN assessment:

Qualified PIN Assessor

Your ControlScan Qualified PIN Assessor (QPA) will conduct an onsite review of all in-scope systems and security process, draft a full report, perform quality assurance, and deliver the PIN ROC and AOC—generally in less than 3 months. We can also work with your team to address any PIN security gaps.

P2PE & PIN Consolidated Audit

Entities that must certify for both PIN and P2PE, such as KIFs, CAs/RAs and processors, find that hiring one auditor to conduct both audits simultaneously can save their organization significant time and money. We've got your back.