TR 39 Audit is Now Unified PIN Security Standard

Intersec offers a multitude of industry specific compliance audits. For financial institutions, ISOs, ESOs, multi-lane retailers, and any other organizations dealing with PINs (Personal Identification Numbers), it’s often essential that PIN handling processes are audited. While the TR-39 technical report was the required audit in the past, the Accredited Standards Committee X9 Inc. (ASC X9) and the PCI Security Standards Council (PCI SSC) have replaced the TR-39 with the Unified PIN Security Standard.

A PCI PIN assessment may be required for retailers and similar businesses that contract from an Electronic Funds Transfer (EFT) or debit network for a bank. Banks and key loading facilities may also need to be audited and brought into compliance.

If you are unsure whether you need such an audit, contact us today. Our friendly staff will guide you through some questions about your business and help you determine whether you need a PCI PIN assessment. We will then explain your options for ensuring PCI PIN security compliance.


Features Of Intersec’s TR 39 Audit / Unified PIN Security Standard Services / PCI PIN

In alignment with the changes implemented by the PCI SSC, Intersec’s rigorous TR39 has been replaced with equally robust Unified PIN Security Standard services. Our audit provides a thorough report on a business’s controls surrounding PIN-based transactions. The audit looks at encryption, key management, and key protection.

Intersec’s TR 39 / Unified PIN Security Standard services can include:

  • Asymmetric and symmetric encryption controls
  • Key inventory and ceremony
  • Datacenter inspection
  • Hardware security modules (HSMs)
  • Point of Sale systems
  • Physical safes