{"id":753,"date":"2023-01-25T14:08:34","date_gmt":"2023-01-25T13:08:34","guid":{"rendered":"https:\/\/pcihispano.com\/?p=753"},"modified":"2026-05-06T19:16:19","modified_gmt":"2026-05-06T17:16:19","slug":"que-es-pci-pin","status":"publish","type":"post","link":"https:\/\/www.pcihispano.com\/en\/que-es-pci-pin\/","title":{"rendered":"What is PCI PIN?"},"content":{"rendered":"<p><span class=\"intro-text\">In this new article of the series <a href=\"https:\/\/www.pcihispano.com\/en\/category\/que-es\/\" target=\"_blank\" rel=\"noopener noreferrer\">What is it?<\/a> a brief introduction to the standard will be made <em>Payment Card Industry<\/em> (PCI) <em>PIN Security<\/em> (PCI PIN), focused on the protection of the personal identification number (PIN) in face-to-face transactions.<\/span><\/p>\n<div class=\"su-box su-box-style-glass\" id=\"\" style=\"border-color:#000000;border-radius:5px;max-width:none\"><div class=\"su-box-title\" style=\"background-color:#333333;color:#FFFFFF;border-top-left-radius:3px;border-top-right-radius:3px\">What is it?<\/div><div class=\"su-box-content su-u-clearfix su-u-trim\" style=\"border-bottom-left-radius:3px;border-bottom-right-radius:3px\">\n<p>All articles in the series \u00ab<a href=\"https:\/\/www.pcihispano.com\/en\/category\/que-es\/\" target=\"_blank\" rel=\"noopener\">What is it?<\/a>\u2018:<\/p>\n<ul>\n<li><a href=\"https:\/\/www.pcihispano.com\/en\/que-es-pci-dss\/\" rel=\"bookmark\">What is PCI DSS?<\/a><\/li>\n<li><a href=\"https:\/\/www.pcihispano.com\/en\/que-es-pci-ssf-pci-secure-slc-pci-s3\/\" rel=\"bookmark\">What is PCI SSF\/PCI Secure SLC\/PCI S3?<\/a><\/li>\n<li><a href=\"https:\/\/www.pcihispano.com\/en\/que-es-pci-pin\/\" rel=\"bookmark\">What is PCI PIN?<\/a><\/li>\n<\/ul>\n<\/div><\/div>\n<h3>Introduction<\/h3>\n<p>The standard <em>Payment Card Industry<\/em> (PCI) <em>PIN Security<\/em> (or PCI PIN) is a security standard that establishes the requirements for the secure management, processing and transmission of <a href=\"https:\/\/es.wikipedia.org\/wiki\/N%C3%BAmero_de_identificaci%C3%B3n_personal\">personal identification number<\/a> (<em>Personal Identification Number<\/em> \u2013 PIN) during the processing of online and offline payment transactions at ATMs and unattended point-of-sale (POS) terminals. This document is part of the family of standards <strong>PCI PIN Transaction Security (PTS<\/strong>) where they are also located <a href=\"https:\/\/docs-prv.pcisecuritystandards.org\/PTS\/Standard\/PCI_HSM_Security_Requirements_v4.pdf\">PCI HSM<\/a> (Hardware Security Module) and <a href=\"https:\/\/docs-prv.pcisecuritystandards.org\/PTS\/Standard\/PCI_PTS_POI_SRs_v6-1_Final.pdf\" target=\"_blank\" rel=\"noopener noreferrer\">PCI POI<\/a> (Point of Interaction).<\/p>\n<div id=\"attachment_757\" style=\"width: 685px\" class=\"wp-caption aligncenter\"><img data-recalc-dims=\"1\" loading=\"lazy\" decoding=\"async\" aria-describedby=\"caption-attachment-757\" class=\"size-full wp-image-757\" src=\"https:\/\/i0.wp.com\/pcihispano.com\/wp-content\/uploads\/2023\/01\/PCI_PTSd93e.png?resize=675%2C291&#038;ssl=1\" alt=\"\" width=\"675\" height=\"291\" srcset=\"https:\/\/i0.wp.com\/www.pcihispano.com\/wp-content\/uploads\/2023\/01\/PCI_PTSd93e.png?w=675&amp;ssl=1 675w, https:\/\/i0.wp.com\/www.pcihispano.com\/wp-content\/uploads\/2023\/01\/PCI_PTSd93e.png?resize=300%2C129&amp;ssl=1 300w, https:\/\/i0.wp.com\/www.pcihispano.com\/wp-content\/uploads\/2023\/01\/PCI_PTSd93e.png?resize=500%2C216&amp;ssl=1 500w\" sizes=\"auto, (max-width: 675px) 100vw, 675px\" \/><p id=\"caption-attachment-757\" class=\"wp-caption-text\">Family of PCI PTS standards (PCI HSM, PCI PTS POI and PCI PIN)<\/p><\/div>\n<p>The objectives of this standard are:<\/p>\n<ul>\n<li>Identify minimum security requirements for PIN-based exchange transactions.<\/li>\n<li>Describe the minimum acceptable requirements for securing PIN data and encryption keys.<\/li>\n<li>Assist all participants in the retail payment system in establishing guarantees that cardholder PIN data is not compromised.<\/li>\n<\/ul>\n<p>It is currently in the <strong><a href=\"https:\/\/docs-prv.pcisecuritystandards.org\/PIN\/Standard\/PCI_PIN_Security_Requirements_Testing_v3_1.pdf\" target=\"_blank\" rel=\"noopener noreferrer\">version 3.1<\/a><\/strong> published in March 2021.<\/p>\n<h3>Origin<\/h3>\n<p>Like the vast majority of standards currently managed by the <em>PCI Security Standards Council<\/em> (PCI SSC), the origin of the PCI PIN standard comes from the security program <a href=\"https:\/\/usa.visa.com\/partner-with-us\/info-for-partners\/pin-security.html\" target=\"_blank\" rel=\"noopener noreferrer\">PIN VISA<\/a>.\u00a0 In 1995 Visa developed its own set of security controls which it called <em>Visa PIN Security Requirements <\/em>and whose fulfillment was framed within the program <em>PIN Security and Key Management, <\/em>in which the types of entities that were to comply with the program and its requirements were listed, including the form of compliance reporting (using a self-assessment questionnaire <a href=\"https:\/\/pcihispano.com\/wp-content\/uploads\/2023\/01\/pcipin-saq-v2-template.docx\">(PCI PIN SAQ<\/a>) or by an on-site review by an approved auditor).<\/p>\n<p>In 2011 the <em>PCI Security Standards Council<\/em> (PCI SSC) adopted as a reference the security requirements of Visa PIN to develop the first version of the PCI PIN standard, called <em>PCI PIN Security Requirements<\/em>. This new standard was supported by ANSI (<em>American National Standards Institute<\/em>) who, through the working group X9.24, already had enough experience in the field of standardization of security controls for the protection of financial transactions, especially with the standards <span id=\"hs_cos_wrapper_post_body\" class=\"hs_cos_wrapper hs_cos_wrapper_meta_field hs_cos_wrapper_type_rich_text\" data-hs-cos-general-type=\"meta_field\" data-hs-cos-type=\"rich_text\">ANSI X9.24-<\/span>1, <span id=\"hs_cos_wrapper_post_body\" class=\"hs_cos_wrapper hs_cos_wrapper_meta_field hs_cos_wrapper_type_rich_text\" data-hs-cos-general-type=\"meta_field\" data-hs-cos-type=\"rich_text\">ANSI X9.24-<\/span>2 and <span id=\"hs_cos_wrapper_post_body\" class=\"hs_cos_wrapper hs_cos_wrapper_meta_field hs_cos_wrapper_type_rich_text\" data-hs-cos-general-type=\"meta_field\" data-hs-cos-type=\"rich_text\">ANSI X9.24-<\/span>3 (<a href=\"https:\/\/www.cryptomathic.com\/news-events\/blog\/ansi-x9.24-1-2017-understanding-the-card-payment-environment-and-the-use-of-symmetric-keys\" target=\"_blank\" rel=\"noopener noreferrer\"><em>Retail Financial Services Symmetric Key Management<\/em><\/a>). From that moment all payment brands associated with the PCI SSC (Visa, Mastercard, AMEX, JCB and Discover) began to use this standard for the protection of the PIN data of their cards.<\/p>\n<p>The <strong>Version 2.0<\/strong> from <em>PCI PIN Security Requirements<\/em> was published in 2014. In August 2018, the PCI SSC released version 3.0 of the standard. Likewise, in that year Visa discontinued the use of self-assessment questionnaires (SAQ) for reporting compliance with PIN security controls.<\/p>\n<p><img data-recalc-dims=\"1\" loading=\"lazy\" decoding=\"async\" class=\"aligncenter size-full wp-image-756\" src=\"https:\/\/i0.wp.com\/pcihispano.com\/wp-content\/uploads\/2023\/01\/PCI_PIN_Timeline783f.png?resize=675%2C255&#038;ssl=1\" alt=\"PCI PIN Standard Timeline\" width=\"675\" height=\"255\" srcset=\"https:\/\/i0.wp.com\/www.pcihispano.com\/wp-content\/uploads\/2023\/01\/PCI_PIN_Timeline783f.png?w=675&amp;ssl=1 675w, https:\/\/i0.wp.com\/www.pcihispano.com\/wp-content\/uploads\/2023\/01\/PCI_PIN_Timeline783f.png?resize=300%2C113&amp;ssl=1 300w, https:\/\/i0.wp.com\/www.pcihispano.com\/wp-content\/uploads\/2023\/01\/PCI_PIN_Timeline783f.png?resize=500%2C189&amp;ssl=1 500w\" sizes=\"auto, (max-width: 675px) 100vw, 675px\" \/><\/p>\n<p>Finally, as of 2019 formal PCI PIN compliance assessments must be developed exclusively by qualified PIN advisors (<a href=\"https:\/\/www.pcisecuritystandards.org\/assessors_and_solutions\/qpa_assessors\" target=\"_blank\" rel=\"noopener noreferrer\"><em>Qualified PIN Assessors<\/em><\/a>\u2013 QPA).<\/p>\n<h2>Who must comply with PCI PIN?<\/h2>\n<p>The PCI PIN standard is <strong>mandatory compliance<\/strong> for all acquiring institutions and agents responsible for processing PIN transactions of PCI SSC branded cards (VISA, MasterCard, AMEX, Discover and JCB) including key injection services (<em>Key Injection Facilities<\/em> \u2013 KIF) and distribution of symmetric keys using asymmetric keys (remote distribution of keys) or for those entities offering operating services of certification authorities (<em>Certification Authorities<\/em> \u2013 CA) and should be used in conjunction with other applicable industry standards (PCI DSS, PCI P2PE, etc.).<\/p>\n<p>However, each of the payment brands manages its own compliance programs. For example, the program <strong><a href=\"https:\/\/usa.visa.com\/content\/dam\/VCOM\/download\/security\/visa-pin-security-program-information.pdf\" target=\"_blank\" rel=\"noopener noreferrer\">Visa PIN<\/a><\/strong> It remains valid from the management perspective of the entities subject to compliance, but instead of using Visa's own security requirements it is based on the controls of the PCI PIN standard.<\/p>\n<p><strong>Note<\/strong>: On 1 October 2023, the Visa PIN security programme ceased to be valid. More information in the article \u00ab<a href=\"https:\/\/www.pcihispano.com\/en\/visa-informa-que-su-programa-de-seguridad-del-pin-finalizo-el-1-de-octubre-de-2023\/\" target=\"_blank\" rel=\"noopener\">Visa reports that its PIN security programme ended on 1 October 2023<\/a>\u2018.<\/p>\n<h2>How is the PCI PIN standard organized?<\/h2>\n<p>In the latest version of the standard (3.0), the PCI SSC has chosen to combine the security requirements (\u2018PIN Security Requirements\u2019) and test procedures (\u2018Test Procedures\u2019) into a single document, as separate documents had been kept in previous versions. In this way, the standard was renamed as <a class=\"\" href=\"https:\/\/docs-prv.pcisecuritystandards.org\/PIN\/Standard\/PCI_PIN_Security_Requirements_Testing_v3_1.pdf\" target=\"_blank\" rel=\"noopener noreferrer\" data-href=\"..\/documents\/PCI_PIN_Security_Requirements_Testing_v3_Aug2018.html\"><span class=\"document_name\"><strong>PIN Security Requirements and Testing Procedures<\/strong><\/span><\/a>.<\/p>\n<p>Regarding this version, one of the most representative changes is in the <strong>reorganisation of requirements<\/strong> into three main groups, each subdivided into \u2018Control Objectives\u2019:<\/p>\n<ol>\n<li><strong>Transaction Processing Operations<\/strong>: Formerly referred to as \"PIN Security Requirements\", this set of controls applies to any entity involved in purchasing and\/or processing PIN-based transactions.<\/li>\n<li>\n<div><strong>Normative Annex A \u2013 Symmetric Key Distribution using Asymmetric Keys<\/strong>: Specific requirements for acquiring entities involved in the implementation of symmetric key distribution processes using asymmetric keys (remote key distribution) or for those entities that offer certification authorities (CA) operation services used for these purposes. Its implementation depends on the tasks performed by the entity concerned:<\/div>\n<ul>\n<li>In the case of an acquiring entity that also performs remote key distribution functions, the controls of the \u2018Transaction Processing Operations\u2019 group and the controls in Annex A shall apply to it.<\/li>\n<li>In the case of service providers or manufacturers of point-of-interaction (POI) or HSM devices operating key distribution systems acting on behalf of an acquiring entity, they must comply with all the controls in Annex A.<\/li>\n<\/ul>\n<\/li>\n<li>\n<div><strong>Normative Annex B \u2013 Key-Injection Facilities<\/strong>: Requirements for entities operating acquirer key injection services on devices used for PIN data capture.<\/div>\n<\/li>\n<li><strong>Normative Annex C \u2013 Minimum and Equivalent Key Sizes and Strengths for Approved Algorithms<\/strong>: Describing algorithms and key lengths that can be used in PIN transactions, aligned with the standard <strong><a href=\"https:\/\/csrc.nist.gov\/publications\/detail\/sp\/800-57-part-1\/rev-5\/final\" target=\"_blank\" rel=\"noopener\">NIST SP 800-57 Part 1<\/a><\/strong>.<\/li>\n<\/ol>\n<p>At this point, it should be noted that the standard <strong>PCI PIN specifies controls on keys linked to processes that specifically affect the PIN<\/strong>. Any key used for the protection of other card data (PAN, for example) or used for MAC functionalities is outside the scope of the document.<\/p>\n<p>On the other hand, depending on the tasks performed, each entity may be subject to the applicability of requirements from different sections or to the full standard. Appendix A of the standard includes a new matrix indicating the applicability of each requirement according to the work carried out.<\/p>\n<p>The list of changes between version 3.0 and 3.1 can be found in the document <a href=\"https:\/\/docs-prv.pcisecuritystandards.org\/PIN\/Supporting%20Document\/PIN_Security_Rqrmts_Modifications_v3.1_-_Summary_of_Changes.pdf\" target=\"_blank\" rel=\"noopener noreferrer\"><span class=\"document_name\">PIN Security Requirements Modifications and Testing Procedures: Summary of Changes<\/span><\/a>.<\/p>\n<p><span style=\"text-decoration: underline;\"><strong>Deadlines for the withdrawal of fixed 3DES keys (TDES) for PIN encryption and support for PIN block format 4:<\/strong><\/span><\/p>\n<p>In this version of the standard the following deadlines have been stipulated for the use of 3DES fixed keys (TDES) used for PIN encryption and the use of PIN block format 4 (<a href=\"https:\/\/www.eftlab.co.uk\/index.php\/site-map\/knowledge-base\/261-complete-list-of-pin-blocks-in-payments\" target=\"_blank\" rel=\"noopener noreferrer\"><strong>ISO PIN block format 4<\/strong><\/a>):<\/p>\n<ul>\n<li>From <strong>1 January 2023<\/strong> all 3DES fixed keys (TDES) used for PIN encryption at points of interaction (POI) and host-to-host connections will not be allowed.<\/li>\n<\/ul>\n<p><strong>With the release of the PCI PIN v3.1 standard in March 2021, the stipulated dates for ISO Format 4 PIN Block (AES) support have been suspended until further notice. \u00a0 <\/strong><\/p>\n<p><span style=\"text-decoration: underline;\"><strong>Deadlines for the implementation of key blocks for symmetric encryption keys:<\/strong><\/span><\/p>\n<p>Similarly, the following dates have been defined for symmetric encryption keys to be handled in \u201c<a href=\"https:\/\/www.pcihispano.com\/en\/la-guia-definitiva-de-bloques-de-claves-criptograficas-key-blocks\/\">key blocks<\/a>\u201d (additional controls to protect the integrity of encryption keys).<\/p>\n<ul>\n<li><strong>Phase I:<\/strong> Key blocks functionality must be implemented for all internal connections and key storage within service provider environments (this may include all applications and databases connected to HSM). Effective Date: <span style=\"color: #ff0000;\"><strong>1 June 2019<\/strong><\/span>.<\/li>\n<li><strong>Phase II<\/strong>: Key blocks functionality must be implemented for all external connections to associations and networks. Effective Date:\u00a0<span style=\"color: #ff0000;\"><strong>1 January 2023<\/strong><\/span>.<\/li>\n<li><strong>Phase III<\/strong>: Key blocks should be extended to all merchant hosts, point-of-sale terminals (POS\/TPVs) and ATMs. Effective Date:\u00a0<strong>1 January 2025.<\/strong><\/li>\n<\/ul>\n<p>More information about Key blocks can be found in the article \u00ab<a href=\"https:\/\/www.pcihispano.com\/en\/la-guia-definitiva-de-bloques-de-claves-criptograficas-key-blocks\/\" target=\"_blank\" rel=\"noopener noreferrer\">The Ultimate Guide to Cryptographic Key Blocks<\/a><strong>\u2018<\/strong>.<\/p>\n<h3>Who can perform a formal PCI PIN compliance assessment?<\/h3>\n<p>Formal PCI PIN compliance assessments can only be performed by PCI PIN approved advisors (<strong>Qalified PIN Assessor \u2013 QPA<\/strong>).<\/p>\n<p>The list of approved advisors can be found on the PCI SSC website: <a href=\"https:\/\/www.pcisecuritystandards.org\/assessors_and_solutions\/qpa_assessors\" target=\"_blank\" rel=\"noopener noreferrer\">https:\/\/www.pcisecuritystandards.org\/assessors_and_solutions\/qpa_assessors<\/a><\/p>\n<h3>Other additional considerations<\/h3>\n<p>Finally, the following additional criteria have been established:<\/p>\n<ul>\n<li>All entities affected by the standard must maintain a <strong>inventory of all cryptographic keys used in the environment<\/strong>, including its name, its use, the algorithm used and its length. Similarly, a<strong> Schematic Network Flow Diagram<\/strong> to facilitate the review of safety requirements.<\/li>\n<li>The use of personal computers for key loading, where secrets in clear text and\/or private keys and\/or their components may exist in unprotected memory outside the security perimeter of the SCD device is planned to be removed at future dates.<\/li>\n<li>The use of clear text secret injection or private key material in an SCD is being planned to be withdrawn at future dates. Only the injection of encrypted keys will be allowed.<\/li>\n<li>In relation to the use of certain models or updates of POI devices, it will be the payment brands themselves that define the deployment criteria and expiration and replacement periods of these equipment in the field in accordance with the PCI PTS standard.<\/li>\n<li>It is important to clarify that <strong>it is the brands (and not the PCI SSC) that are responsible for the definition and management of compliance programs associated with this standard<\/strong>, so each brand will stipulate the dates of compliance, fines and form by which the compliance report will be made, <strong>as well as listings of companies that can perform formal assessments of compliance with the standard<\/strong>.<\/li>\n<\/ul>","protected":false},"excerpt":{"rendered":"<p>In this new article in the What is it? series, a brief introduction will be made to the Payment Card Industry (PCI) PIN Security (PCI PIN) standard, focused on the protection of the personal identification number (PIN) in face-to-face transactions. Introduction The standard [\u2026]<\/p>","protected":false},"author":2,"featured_media":6017,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_jetpack_newsletter_access":"","_jetpack_dont_email_post_to_subs":false,"_jetpack_newsletter_tier_id":0,"_jetpack_memberships_contains_paywalled_content":false,"_jetpack_memberships_contains_paid_content":false,"footnotes":"","jetpack_post_was_ever_published":false},"categories":[330,53],"tags":[104,128,109,100,133,125,132,127,130,131,129,102,126],"class_list":["post-753","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-pci-pin","category-que-es","tag-aes","tag-hsm","tag-key-block","tag-key-blocks","tag-pci-hsm","tag-pci-pin","tag-pci-pts","tag-pin","tag-pos","tag-pts","tag-scd","tag-tdea","tag-visa-pin"],"jetpack_featured_media_url":"https:\/\/i0.wp.com\/www.pcihispano.com\/wp-content\/uploads\/2023\/01\/PCI_PIN.png?fit=1915%2C1075&ssl=1","jetpack-related-posts":[{"id":11760,"url":"https:\/\/www.pcihispano.com\/en\/cambios-en-pci-pts-hsm-v5-0-a-quienes-afectan-y-que-significa-para-el-futuro-de-los-pagos\/","url_meta":{"origin":753,"position":0},"title":"Cambios en PCI PTS HSM v5.0: \u00bfA qui\u00e9nes afectan y qu\u00e9 significa para el futuro de los pagos?","author":"David Acosta","date":"mayo 20, 2026","format":false,"excerpt":"El 18 de mayo de 2026, el PCI SSC public\u00f3 la versi\u00f3n 5.0 del est\u00e1ndar PCI PTS HSM (o simplemente PCI HSM). Este est\u00e1ndar incluye numerosos cambios que pueden afectar, directa o indirectamente, el cumplimiento de otros est\u00e1ndares del PCI SSC. Aqu\u00ed te contamos los detalles. Introducci\u00f3n a PCI PTS\u2026","rel":"","context":"In &quot;Contenido general&quot;","block_context":{"text":"Contenido general","link":"https:\/\/www.pcihispano.com\/en\/category\/contenido\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/www.pcihispano.com\/wp-content\/uploads\/2026\/05\/HSM.png?fit=1200%2C674&ssl=1&resize=350%2C200","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/www.pcihispano.com\/wp-content\/uploads\/2026\/05\/HSM.png?fit=1200%2C674&ssl=1&resize=350%2C200 1x, https:\/\/i0.wp.com\/www.pcihispano.com\/wp-content\/uploads\/2026\/05\/HSM.png?fit=1200%2C674&ssl=1&resize=525%2C300 1.5x, https:\/\/i0.wp.com\/www.pcihispano.com\/wp-content\/uploads\/2026\/05\/HSM.png?fit=1200%2C674&ssl=1&resize=700%2C400 2x, https:\/\/i0.wp.com\/www.pcihispano.com\/wp-content\/uploads\/2026\/05\/HSM.png?fit=1200%2C674&ssl=1&resize=1050%2C600 3x"},"classes":[]},{"id":1918,"url":"https:\/\/www.pcihispano.com\/en\/recordatorio-pci-pin-cambia-el-proceso-de-carga-de-claves-desde-el-1-de-enero-de-2024\/","url_meta":{"origin":753,"position":1},"title":"Recordatorio PCI PIN: Cambia el proceso de carga de claves desde el 1 de enero de 2024","author":"David Acosta","date":"diciembre 14, 2023","format":false,"excerpt":"De acuerdo con las Preguntas T\u00e9cnicas de Uso Frecuente de PCI PIN (PCI PTS PIN Security Requirements \u2212 Technical FAQs for use with Version 3), a partir del 1 de enero de 2024 el proceso de carga de claves en dispositivos HSM empleando componentes en texto claro cambia de forma\u2026","rel":"","context":"In &quot;Noticias&quot;","block_context":{"text":"Noticias","link":"https:\/\/www.pcihispano.com\/en\/category\/noticias\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/www.pcihispano.com\/wp-content\/uploads\/2023\/12\/PIN_Carga_Claves.png?fit=1200%2C675&ssl=1&resize=350%2C200","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/www.pcihispano.com\/wp-content\/uploads\/2023\/12\/PIN_Carga_Claves.png?fit=1200%2C675&ssl=1&resize=350%2C200 1x, https:\/\/i0.wp.com\/www.pcihispano.com\/wp-content\/uploads\/2023\/12\/PIN_Carga_Claves.png?fit=1200%2C675&ssl=1&resize=525%2C300 1.5x, https:\/\/i0.wp.com\/www.pcihispano.com\/wp-content\/uploads\/2023\/12\/PIN_Carga_Claves.png?fit=1200%2C675&ssl=1&resize=700%2C400 2x, https:\/\/i0.wp.com\/www.pcihispano.com\/wp-content\/uploads\/2023\/12\/PIN_Carga_Claves.png?fit=1200%2C675&ssl=1&resize=1050%2C600 3x"},"classes":[]},{"id":1519,"url":"https:\/\/www.pcihispano.com\/en\/visa-informa-que-su-programa-de-seguridad-del-pin-finalizo-el-1-de-octubre-de-2023\/","url_meta":{"origin":753,"position":2},"title":"Visa informa que su programa de seguridad del PIN finaliz\u00f3 el 1 de octubre de 2023","author":"David Acosta","date":"octubre 30, 2023","format":false,"excerpt":"En una decisi\u00f3n que ha tomado por sorpresa a todo el ecosistema de medios de pago, Visa anunci\u00f3 que su programa de Seguridad del PIN (Visa PIN Security Program) finaliz\u00f3 el 1 de octubre de 2023. En un escueto comunicado publicado recientemente en su p\u00e1gina web corporativa, Visa anunci\u00f3 que,\u2026","rel":"","context":"In &quot;Noticias&quot;","block_context":{"text":"Noticias","link":"https:\/\/www.pcihispano.com\/en\/category\/noticias\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/www.pcihispano.com\/wp-content\/uploads\/2023\/10\/Visa_Program_october.png?fit=1200%2C676&ssl=1&resize=350%2C200","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/www.pcihispano.com\/wp-content\/uploads\/2023\/10\/Visa_Program_october.png?fit=1200%2C676&ssl=1&resize=350%2C200 1x, https:\/\/i0.wp.com\/www.pcihispano.com\/wp-content\/uploads\/2023\/10\/Visa_Program_october.png?fit=1200%2C676&ssl=1&resize=525%2C300 1.5x, https:\/\/i0.wp.com\/www.pcihispano.com\/wp-content\/uploads\/2023\/10\/Visa_Program_october.png?fit=1200%2C676&ssl=1&resize=700%2C400 2x, https:\/\/i0.wp.com\/www.pcihispano.com\/wp-content\/uploads\/2023\/10\/Visa_Program_october.png?fit=1200%2C676&ssl=1&resize=1050%2C600 3x"},"classes":[]},{"id":11211,"url":"https:\/\/www.pcihispano.com\/en\/la-fecha-de-expiracion-de-pci-hsm-version-3-x-se-acerca-30-abril-2026-que-va-a-pasar-con-los-dispositivos-afectados\/","url_meta":{"origin":753,"position":3},"title":"La fecha de expiraci\u00f3n de PCI HSM versi\u00f3n 3.x se acerca (30 abril 2026), \u00bfQu\u00e9 va a pasar con los dispositivos afectados?","author":"David Acosta","date":"febrero 12, 2026","format":false,"excerpt":"El 30 de abril de 2026 es la fecha estipulada para la expiraci\u00f3n de los dispositivos criptogr\u00e1ficos validados seg\u00fan PCI HSM versi\u00f3n 3.x. Si no tienes definida tu estrategia de migraci\u00f3n, este art\u00edculo te interesa. NOTA: El PCI SSC ha extendido la fecha de expiraci\u00f3n de dispositivos PCI HSM v3.x\u2026","rel":"","context":"In &quot;Criptograf\u00eda&quot;","block_context":{"text":"Criptograf\u00eda","link":"https:\/\/www.pcihispano.com\/en\/category\/criptografia\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/www.pcihispano.com\/wp-content\/uploads\/2026\/02\/HSM.png?fit=1200%2C675&ssl=1&resize=350%2C200","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/www.pcihispano.com\/wp-content\/uploads\/2026\/02\/HSM.png?fit=1200%2C675&ssl=1&resize=350%2C200 1x, https:\/\/i0.wp.com\/www.pcihispano.com\/wp-content\/uploads\/2026\/02\/HSM.png?fit=1200%2C675&ssl=1&resize=525%2C300 1.5x, https:\/\/i0.wp.com\/www.pcihispano.com\/wp-content\/uploads\/2026\/02\/HSM.png?fit=1200%2C675&ssl=1&resize=700%2C400 2x, https:\/\/i0.wp.com\/www.pcihispano.com\/wp-content\/uploads\/2026\/02\/HSM.png?fit=1200%2C675&ssl=1&resize=1050%2C600 3x"},"classes":[]},{"id":6546,"url":"https:\/\/www.pcihispano.com\/en\/hardware-security-module-hsm-que-es-y-para-que-sirve\/","url_meta":{"origin":753,"position":4},"title":"Hardware Security Module (HSM): \u00bfQu\u00e9 es y para qu\u00e9 sirve?","author":"David Acosta","date":"julio 16, 2025","format":false,"excerpt":"Uno de los principales problemas derivados del uso de la criptograf\u00eda para la protecci\u00f3n de datos sensibles durante su almacenamiento y su transmisi\u00f3n es la complejidad en la gesti\u00f3n del ciclo de vida de las claves de encriptaci\u00f3n (generaci\u00f3n, almacenamiento, importaci\u00f3n\/exportaci\u00f3n, distribuci\u00f3n, rotaci\u00f3n, remplazo, copias de seguridad, revocaci\u00f3n, suspensi\u00f3n, destrucci\u00f3n,\u2026","rel":"","context":"In &quot;Criptograf\u00eda&quot;","block_context":{"text":"Criptograf\u00eda","link":"https:\/\/www.pcihispano.com\/en\/category\/criptografia\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/www.pcihispano.com\/wp-content\/uploads\/2025\/05\/HSM.png?fit=1200%2C675&ssl=1&resize=350%2C200","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/www.pcihispano.com\/wp-content\/uploads\/2025\/05\/HSM.png?fit=1200%2C675&ssl=1&resize=350%2C200 1x, https:\/\/i0.wp.com\/www.pcihispano.com\/wp-content\/uploads\/2025\/05\/HSM.png?fit=1200%2C675&ssl=1&resize=525%2C300 1.5x, https:\/\/i0.wp.com\/www.pcihispano.com\/wp-content\/uploads\/2025\/05\/HSM.png?fit=1200%2C675&ssl=1&resize=700%2C400 2x, https:\/\/i0.wp.com\/www.pcihispano.com\/wp-content\/uploads\/2025\/05\/HSM.png?fit=1200%2C675&ssl=1&resize=1050%2C600 3x"},"classes":[]},{"id":6640,"url":"https:\/\/www.pcihispano.com\/en\/pci-ssc-pin-listing-program-todo-lo-que-necesitas-saber\/","url_meta":{"origin":753,"position":5},"title":"PCI SSC PIN Listing Program: Todo lo que necesitas saber","author":"David Acosta","date":"mayo 20, 2025","format":false,"excerpt":"En mayo de 2025 el PCI SSC anunci\u00f3 la publicaci\u00f3n de un listado de entidades que cumplen con el est\u00e1ndar PCI PIN. Dicho listado - a diferencia de los listados anteriores que eran gestionados por las propias marcas de pago, como era el caso de VISA PIN - ser\u00e1 gestionado\u2026","rel":"","context":"In &quot;Noticias&quot;","block_context":{"text":"Noticias","link":"https:\/\/www.pcihispano.com\/en\/category\/noticias\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/www.pcihispano.com\/wp-content\/uploads\/2025\/05\/PINPAD.png?fit=1200%2C675&ssl=1&resize=350%2C200","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/www.pcihispano.com\/wp-content\/uploads\/2025\/05\/PINPAD.png?fit=1200%2C675&ssl=1&resize=350%2C200 1x, https:\/\/i0.wp.com\/www.pcihispano.com\/wp-content\/uploads\/2025\/05\/PINPAD.png?fit=1200%2C675&ssl=1&resize=525%2C300 1.5x, https:\/\/i0.wp.com\/www.pcihispano.com\/wp-content\/uploads\/2025\/05\/PINPAD.png?fit=1200%2C675&ssl=1&resize=700%2C400 2x, https:\/\/i0.wp.com\/www.pcihispano.com\/wp-content\/uploads\/2025\/05\/PINPAD.png?fit=1200%2C675&ssl=1&resize=1050%2C600 3x"},"classes":[]}],"jetpack_sharing_enabled":true,"_links":{"self":[{"href":"https:\/\/www.pcihispano.com\/en\/wp-json\/wp\/v2\/posts\/753","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.pcihispano.com\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.pcihispano.com\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.pcihispano.com\/en\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.pcihispano.com\/en\/wp-json\/wp\/v2\/comments?post=753"}],"version-history":[{"count":1,"href":"https:\/\/www.pcihispano.com\/en\/wp-json\/wp\/v2\/posts\/753\/revisions"}],"predecessor-version":[{"id":11739,"href":"https:\/\/www.pcihispano.com\/en\/wp-json\/wp\/v2\/posts\/753\/revisions\/11739"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.pcihispano.com\/en\/wp-json\/wp\/v2\/media\/6017"}],"wp:attachment":[{"href":"https:\/\/www.pcihispano.com\/en\/wp-json\/wp\/v2\/media?parent=753"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.pcihispano.com\/en\/wp-json\/wp\/v2\/categories?post=753"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.pcihispano.com\/en\/wp-json\/wp\/v2\/tags?post=753"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}