What is the difference between PED security requirements and PIN security requirements?
Both the PIN (Personal Identification Number) and PED Security Requirements have the common overall objective of protecting the cardholder’s PIN during a financial transaction. PED Security Requirements (managed by the PCI-SSC) are primarily concerned with device characteristics impacting the security of the PIN Entry Device used by the cardholder during a financial transaction. The requirements also include device management up to the point of initial key loading, but the evaluation process only addresses device characteristics. The PIN Security Requirements (managed by MasterCard and Visa) consist of 32 security requirements divided into seven logically related groups, which are referred to as Control Objectives. The PIN requirements are about process management-primarily dealing with the secure management of cryptographic keys throughout their lifecycle (key creation, conveyance, loading, usage, and administration). This results in a complete set of requirements for the secure manag
