Saturday, August 14, 2010

New Mandatory Pin-Based Debit Transaction Rules

As of July 1, 2010, Visa and MasterCard requires that merchants processing PIN-based debit transactions must meet the following requirements:

PED is a Pin Entry Device. PEDs currently in use must be either pre-PCI PED (Visa PED) certified or PCI PED certified.

All PEDs must use the most up-to-date encryption standards for processing debit transactions, which requires injection of a Triple DES (TDES) key.

In other words, the Pin-Pad device that you are using must be PCI-PED compliant.

OK. What is PCI? PCI is the Payment Card Industry. So, the PCI sets the security standards for how credit and debit cards are used.

A newer certified device automatically encrypts all key codes entered into the Pin-Pad device. Older devices sent the data over in raw format which is no longer acceptable.

To read more about the mandatory pin transaction requirements go to:

As always if you have any question about this, please feel free to contact us at or call 727-916-7294