Assessment Scope

The first step in planning any assessment is documenting the scope. For PCI PIN, the scope is systems and processes that protect PINs, including protection of the cryptographic keys and devices that protect them - payment terminals, also called points-of-interaction (POI), HSMs, and other secure cryptographic devices (SCD).

We will not address requirements where you retain full responsibility because these address areas outside of the scope of the service. For example, configuration and provisioning of payment terminals. Refer to the AWS Payment Cryptography Shared Responsibility Guide for PCI PIN, available on AWS Artifact

Topics

Shared Responsibility
High-Level Network Diagrams
Key Table
Document References

Warning Javascript is disabled or is unavailable in your browser.

To use the Amazon Web Services Documentation, Javascript must be enabled. Please refer to your browser's Help pages for instructions.

Document Conventions

PIN Compliance

Shared Responsibility