Search post

PCI validated P2PE

0

Image result for Bluefin decryptx logo png

 

Security has always been a concern in credit card payments, and Worldnet Payments solutions are all PCI compliant and provide a high level of security for our customers.

For customer in industries and verticals which require the very highest level of security for POS credit card payments, , we also offer Validated P2PE through our partner Bluefin.

 

What is Validated P2PE?

It is important to understand that there are many solution providers on the market with end-to-end encryption and non-validated P2PE products, but only those P2PE solutions listed on the PCI SSC website have been audited and approved by the Council as validated solutions. Why does PCI validation matter?

  •  Device Security
  •  Strict Controls
PCI P2PE certified devices are more secure and are designed to detect tampering. If malicious activity is detected, the device is automatically deactivated, preventing a breach at the point of entry (also called point-of-interaction, or POI) device. All PCI-validated P2PE solution providers must abide by strict controls to protect encryption keys. Device key injection is done directly at a certified Key Injection Facility (KIF) and decryption only occurs in the Bluefin hardware environment (HSM).
  • Chain of Custody
  • Reduced PCI Assessment
PCI-validated P2PE includes a built-in “chain of custody” process for managing PCI P2PE certified devices. The Bluefin solution includes access to our online P2PE Manager where you can track and report on all POI devices for PCI attestation and compliance. Merchants that implement Bluefin’s PCI-validated P2PE solution throughout their POS environment are eligible for the 33-question SAQ P2PE-HW – a significant reduction from the 329-question SAQ D.


 

Image result for Bluefin decryptx logo png

Decryptx: PCI-Validated P2PE by Bluefin

 

Bluefin’s PCI-validated P2PE solutions encrypt cardholder data at the Point of Interaction (POI) in a PCI-approved P2PE device and decryption is done off-site in an approved Bluefin Hardware Security Module (HSM). Bluefin's solutions prevents clear-text cardholder data from being present in a merchant or enterprise’s system or network where it could be accessible in the event of a data breach.

Decryptix Flow

decryptx

 

 


 

 

 

About Bluefin

 

Bluefin were the first North American provider of a PCI-validated Point-to-Point Encryption (P2PE) solution in March 2014, introducing Decryptx®, the industry’s only P2PE Decryption as a Service (DaaS), in October 2014. Bluefin are headquartered in Atlanta, with offices in Tulsa, Chicago, New York  and Waterford, Ireland.

 


 

For latest supported devices, please visit: Supported P2PE Devices on the Bluefin website.

If you would like to learn more commercial or technical details of Validated P2PE, please provide us your details on our contact page, and our team will get in touch with you.

Challenges faced by independent software vendors (ISVs) in the payments industry
Card Payment Solutions for Faith Based Organisations

About Author

John Clarke
John Clarke

John Clarke is the CEO of Worldnet Payments. He is a founder of the company, and can be found in Dublin, Ireland whenever he's not in Atlanta or New York or San Francisco or Las Vegas ....

Related Posts
Worldnet Devices and Compatibility Matrix
Unattended And Automated Point of Sale
Integrated Payments

Comment

Contact Us Today

Contact Us Today