Validated Products

The easiest way to comply with the Visa and MasterCard security requirements is to use validated products (card readers, terminals, Electronic Cash Registers, etc.) that cannot release or do not handle cardholder data. PNC and our members, in collaboration with product vendors, have listed the products that have been validated to fulfil all necessary security requirements.

The products that have been validated by vendors and/or independent third-party auditors are found in the lists below.

All upgraded software versions must be listed. If you as vendor cannot find your product or software version on the list below, please go to Validation.

Please note: As a merchant, your payment solution also has to comply with the specific requirements of your acquiring company (usually your bank). Please contact your acquirer or payment service provider for further assistance regarding specific technical or security requirements.

Terminals and Electronic Cash Registers (ECR)

  • List 1 : Terminals that cannot release cardholder data (E2EE)
  • List 2 : Electronic Cash Registers that do not handle any cardholder data (No cardholder data handling)

Alternatively global Point to Point Encrypted solutions - Terminals and Electronic Cash Registers that cannot release cardholder data (P2PE).

For more information on Point to Point Encrypted solutions see PCI Security Standard Council webpage: P2PE At-a-Glance

Products on the list below have been certified to handle cardholder data according to the PCI standards. However, products on List 1 and List 2, or Point to Point Encrypted solutions (P2PE) are the acquirers preferred option since they are the easiest way to comply with the Visa and Mastercard security requirements.

  • Terminals and Electronic Cash Registers that handle cardholder data (list)

Unattended Payment Terminals (UPT)

  • List 3 : Secure terminal components for unattended environments (E2EE)
  • List 4 : UPT Software that do not handle any cardholder data. (No cardholder data handling)
  • List 5 : Secure exterior shield (Exterior shield)

Security design for terminals, encrypting PIN pad and encrypting card readers

  • List 6 : Terminals, encrypting PIN pads and encrypting card readers that have been validated to fulfil the Security Design requirements (Security Design)