Find out how to get your PIN solution PCI compliant

PIN Audit

PIN Security Audit


Meet your PIN data requirements without business interruption.

PIN Assessment Overview

The PIN program is required for companies involved in processing PIN transactions. Typically, this involves acquirers as well as companies that act as a gateway between the acquirer and the issuer processing a PIN transaction for encryption service providers. The purpose of a PIN assessment is to assess if an organization is securely handing the encryption of PINs in their transactions, such as POS devices, where customers enter their PINs. Businesses that need to have PIN assessments are a small subset of those who fall under the PCI umbrella.

Process Overview

SecurityMetrics PCI PIN Audit helps you meet PCI PIN security requirements by guiding you through a consulting, pre-audit, and onsite phase. SecurityMetrics simplifies your PIN audit experience by assisting with remediation and submitting your final validation report for you.

PCI PIN Security Requirements Process

The PIN assessment process begins with a gap analysis to determine the work that needs to be done. This initial process includes a consulting phase and a pre-audit phase where you are prepared for the on-site assessment. Your scope is discussed, and all the logistical details of the assessment are determined. Then you would experience the onsite PIN assessment phase.

Finally, you enter the remediation phase, where you are guided through becoming PIN compliant. The PIN assessment process finishes when SecurityMetrics submits your final validation report. Card brands require that assessments are performed every two years. 

Get the Attention Your Assessment Deserves

SecurityMetrics QPAs are never overbooked, allowing you to get the proper attention your audit requires. With step-by-step guidance, you will receive education and answers to your questions from expert QPAs. Each portion of your PCI PIN Assessment will be assessed and reviewed thoroughly. QPAs guide you through your PIN assessment preparation, onsite assessment, data flow processes, key-management processes, and solution remediation. You will also receive any assistance you need to submit your final PIN assessment report on validation submission to the card brands

Lady Typing on Computer

Individualized, Adaptive Service

Get an accurate and comprehensive assessment from experienced, easy to work with QPAs.  Remediation assistance is also provided once sources of non-compliance are located. SecurityMetrics QPAs have decades of PCI experience and will work with you to create logical solutions for your business. With step-by-step guidance, you will feel confident in your PIN Assessment experience.

Alt Text

Full-Service PCI Expertise

SecurityMetrics is one of a few companies who hold credentials in all aspects of PCI DSS compliance. SecurityMetrics data security professionals have expertise in: 

With an in-depth understanding of the PCI landscape and assessment methods, you can experience responsive guidance before, during, and after your PIN assessment.

Qualifications Graphic
Four Step Process

Simple PIN Assessment Process

SecurityMetrics has developed a smooth and easy PIN assessment process that focuses on responsiveness and timeliness.

Remediation Assistance

SecurityMetrics doesn't just tell you if your payment application is compliant. Our QPAs work with you to patch non-compliant items and help guide your payment platform into PCI PIN compliance.

Brick Wall With Cracks

Let's Partner For Your Compliance And Data Security

Credit Card Icon

Experienced And Approachable QPAs

SecurityMetrics' QPAs have an in-depth understanding of the PCI landscape and effective PCI assessment methods. Unlike other vendors that rely on assembly line assessments passed from auditor to auditor, SecurityMetrics assigns your organization a dedicated assessor to provide expert guidance during your PIN validation efforts.


Clock Icon

Step-By-Step Guidance

SecurityMetrics QPAs review and assess each portion of your PIN Assessment while also educating you about the process. QPAs will guide you through assessment preparation, your onsite assessment, and your final validation report. 

Person Icon

Straightforward Pricing

SecurityMetrics pricing is simple–your scope is evaluated based on your needs, giving you a custom quote and avoiding unnecessary add-on charges.




Timer Icon

Meet Your Deadlines

SecurityMetrics QPAs know you have an impending deadline to be listed as PCI compliant. All assessors will perform your assessment as quickly as possible while still maintaining thoroughness. 

Here's what you need to know about us

We are a PCI certified Qualified P2PE Assessor (P2PE QSA), Approved Scanning Vendor (ASV), Qualified Security Assessor (QSA), Certified Forensic Investigator (PFI), and Managed Security provider with 20 years of data security experience. From local shops to some of the world’s largest brands, we help all businesses achieve data security through managed services and compliance mandates (PCI, HIPAA, GDPR). We have tested over 1 million systems for data security and compliance.

Qualifications Graphic Full

Request a Quote for a PIN Audit

Get started on your path towards PIN compliance and get a unique quote for your business. Our team takes time to understand your situation, timeline, and specific needs. 

We Strive To Fulfill Privacy Requirements And Protect Your Data (read about it below)

We want to send you emails containing educational and promotional information. You can unsubscribe at any time. By submitting your personal data, you give us permission to send you emails. We will not share your data with anyone. The SecurityMetrics data retention policy is to keep data for five years after no further activity from you. You have the right to control the data you submit, lodge a complaint to a supervising authority, and to unsubscribe or withdraw consent at any time. You are not required to give us your data. We use marketing automation to match our solutions with your interests. See our privacy policy for more info. If you are unfamiliar with GDPR, you can learn about it on our blog.

Related Articles

  • White Paper How to Prepare for a PCI Audit White Paper

    In this white paper, Qualified Security Assessors (QSAs) from SecurityMetrics offer their best recommendations on how you can save time on your next PCI DSS audit and maintain PCI compliance.

  • Academy SecurityMetrics Academy

    Academy contains videos, quizzes, and external resources on topics like security policies and encryption. Our intent is to help SMBs like franchisees, small merchants, and healthcare practices address specific cybersecurity risks businesses may face.

  • Guide SecurityMetrics Guide to PCI DSS Compliance

    The SecurityMetrics Guide to PCI DSS Compliance will help you understand current PCI requirements and trends, so that you can better protect data from inevitable future attacks.

  • Podcast SecurityMetrics Podcast

    This podcast is intended to help businesses of all sizes as well as individuals–whether security professionals or not. We want to break security concepts down well enough that anyone can understand the top cybersecurity threats and how to deal with them.

  • Resource Center Threat Intelligence Center Feed

    SecurityMetrics Threat Intelligence Center analysts monitor current cybercriminal trends to give you weekly news reports and trending threat insights straight to your inbox, including: bi-monthly cybersecurity video-podcast, current data breaches, cybersecurity news, and technical advice to keep your system hacker-free.

  • Blog What are the 12 requirements of PCI DSS Compliance?

    No matter where you are in your PCI DSS compliance journey, you'll need a reference to help you get headed in the right direction. We hope this article will serve as your “jumping off point” as you start to address the 12 requirements of the PCI DSS.