PCI SSC has released new requirements for their P2PE (point to point encryption) on hardware or terminal based solutions.  The document is approximately 100 pages and includes the requirements for terminal based P2PE solutions that have the PCI DSS compliance.

Some of the information provided in this document includes the relationship of the P2PE validation requirements and illustrations of how the encryption hardware is used.

This is only the beginning for the new hardware requirements.  The General Manager of PCI, Bob Russo, has said that there is expected to be much more added to this list of requirements in the following months.  There will be a new list of validated P2PE solutions released in 2012.  Russo has added that all the standards of normal PCI DSS still apply.  Merchants still have to maintain PCI compliancy to protect the data of its customers.

The new PCI P2PE requirements are located at the following link:

www.pcisecuritystandards.org/documents/nb59Y8Qqv/P2PE_Hardware_Solution_%20Requirements_Initial_Release.pdf.