Shared Responsibility

AWS Payment Cryptography is an Encryption and Support Organization (ESO) and a PIN-Acquiring Third-Party Servicer (TPS), as defined by the Visa PIN Security Program and listed on the Visa Global Service Provider Registry, under “Amazon Web Services, LLC”. This means that the service is allowed by Visa to be used by PIN-Acquiring Third-Party VisaNet Processor (VNP), PIN-Acquiring Client VisaNet Processor Acting as a Service Provider, and other TPS and ESO providers without requiring further assessment by customer PIN assessors (PCI Qualified PIN Assessors or PCI QPA).

Other card brands or payment network providers may rely on the Visa PIN Security Program or have their own programs. Contact AWS Support for questions about service compliance for other payment network programs.

AWSprovides the PCI PIN Security attestation of compliance (AOC) and Shared Responsibility Guide for AWS Payment Cryptography in AWS Artifact. Use of service providers in PIN processing has be common for many years, however, the PCI PIN Security Standard, up through version 3.1, does not address third party service provider management. Neither does the Visa PIN Security Program. Customer QPA have followed the model established with the PCI DSS AOC and Shared Responsibility Guide of referring to AWS’ compliance as successful the test for applicable requirements.

Warning Javascript is disabled or is unavailable in your browser.

To use the Amazon Web Services Documentation, Javascript must be enabled. Please refer to your browser's Help pages for instructions.

Document Conventions

Assessment Scope

High-Level Network Diagrams