← Frameworks / Payment Security

PCI PIN Security Requirements v3.1

PCI requirements for the secure management of PINs and cryptographic keys used in payment transactions. Covers Hardware Security Module (HSM) physical and logical security, key management lifecycle, PIN entry device validation, PIN transmission encryption (ISO 9564), key injection ceremonies, DUKPT key derivation, and certificate management. Mandatory for acquirers, processors, and their agents handling PIN-based transactions.

Clauses: 10

Avg Coverage: 74.0%

Publisher: PCI Security Standards Council Version: 3.1

PCI HSM → SP 800-53 SP 800-53 → PCI HSM Coverage Analysis

Clause	Title	SP 800-53 Controls
1	PIN Security Management	PL-01 PL-02 AC-01 AC-05 AC-06 PS-01 PS-02 PS-06 PM-01 PM-02
2	PIN Entry Devices	PE-03 CM-08 SR-09 SR-10 SR-11 SA-04
3	PIN Transmission	SC-08 SC-12 SC-13 SC-23 AC-04 AC-17
4	PIN Processing	SC-12 SC-13 CM-03 CM-05 AC-03 AC-06
5	Key Management	SC-12 SC-13 AC-05 AC-06 PS-06 CM-03 MP-04 MP-06
6	Key Loading	PE-03 PE-02 PE-06 AC-05 PS-06 PS-07 SC-12 AU-02 AU-12
7	HSM Physical Security	PE-01 PE-03 PE-04 PE-05 PE-06 PE-09 PE-13 PE-15 PE-18 SR-09
8	HSM Logical Security	CM-02 CM-03 CM-06 SI-07 AC-03 AC-06 AU-02 AU-03 AU-06 AU-12
9	Certificate and Asymmetric Key Management	SC-12 SC-13 SC-17 IA-05 IA-08 CM-03
10	Audit and Compliance	CA-02 CA-05 CA-07 AU-01 AU-06 AU-11 IR-01 IR-04 IR-06 PM-06