Updates to the PCI PIN Program: Introducing the New PCI PIN Listing

Heads up! The PCI Security Standards Council (PCI SSC) has recently rolled out some significant changes to the PCI PIN Program that you need to be aware of. The most notable development is the launch of the PCI SSC's PIN Listing Program.

This new program brings a centralized and publicly accessible way to view information about PIN Service Providers. 

What are the Main Changes with the PCI PIN Program?

The core of this update is the new PCI PIN Listing Program. Here's what you need to know:

• Publicly Viewable Listings: This new list will be available on the PCI SSC website.
• Key Information Displayed: Each listing will include:
  • The PIN Service Provider (that's you, the Client).
  • The specific PIN Standard version the assessment was against.
  • The Qualified PIN Assessor (QPA) Company that performed the PIN Assessment (e.g., Foregenix).
  • The validation and expiry date of the listing.
• Listing Validity: Listings will be valid for two years from the date the QPA signs the Attestation of Compliance (AOC).

How Can You Get Listed in the PCI PIN Listing?

It's important to note that inclusion in this new PCI PIN Listing is optional for PIN Service Providers.

If you choose to be listed, there are two ways to go about it. Submissions can be made either by your QPA company (like Foregenix) or directly by you, the PIN Service Provider. The PCI SSC will review submissions based on the PIN AOC only, meaning there's no need to submit the full PIN Report on Compliance (ROC).

Here are the two options:

Option 1: Submission by Your QPA Company (e.g., Foregenix)

• Your QPA will use a new tab in the SSC Portal to submit your PIN AOC (and Vendor Release Agreement (VRA), if applicable) on your behalf.
• Foregenix can submit the PIN AOC for existing clients in the SSC Portal or can create a new entry for a PIN Service Provider if needed.
• The PCI SSC will issue an invoice for the listing fee (see prices below). Once you (the Client) have paid this invoice, the SSC will add your details to the listing.
  
  

Option 2: Submission Directly by You (the PIN Service Provider)

• If you don't already have one, you'll first need to register for an account on the SSC Portal via the registration link on the PIN Listing page: https://programs.pcissc.org/pinsp_registration.aspx
• Crucially, you will be required to accept the terms of the PIN Service Provider Release Agreement before any submission is accepted by the PCI SSC.
• Once your account is set up, you can submit your PIN AOC and signed VRA (if applicable).
• Similar to Option 1, the PCI SSC will issue an invoice for the listing fee. Upon your payment, your listing will be updated.

Talk to us today – we can help!

What Are the Costs for the PCI PIN Listing?

Here's a breakdown of the pricing for the PCI SSC to publish the PCI PIN Listing:

• PIN Service Provider Submission (as of January 1, 2026): $2,500 USD
• PIN Service Provider Revalidation: $2,500 USD
• Promotional Offer! PIN Service Provider Submission (until December 31, 2025): $950 USD

Where Can You Find the PCI PIN Service Provider List?

The official list can be accessed here: https://www.pcisecuritystandards.org/assessors_and_solutions/pin-service-providers

Next Steps for Our Valued Clients

Please reach out to us to discuss these changes further and how we can assist you with the listing process.

If you have any questions, please don't hesitate to contact us.