Learn how Point to Point Encryption (P2PE) can protect your customers’ card data and help reduce card payment fraud.
How does P2PE work?
Essentially, point to point encryption (P2PE) securely encrypts data from one point (such as the PIN entry device) to another (a secure data centre). The data remains encrypted as it travels through your systems and network, and is only decrypted when it reaches a secure environment using the appropriate keys. In this way, P2PE helps to keep sensitive customer card data secure.
What are the benefits of P2PE to my organisation?
As the data is scrambled from the moment it enters your system, you never see sensitive cardholder data in the clear, which has several benefits, including but not restricted to, helping reduce:
- Your risk if your systems were breached, because the data would be unreadable and useless to criminals
- Your PCI scope and the associated time, resource and cost outlay in audits and assessments
- Your exposure to other costs associated with data security breaches, including lost revenue, productivity and ability to trade; legal, technical and forensic advice; loss of brand, reputation and trust, and loss of commercial contracts
What are the different ways to implement P2PE?
PXP Financial offer P2PE as a managed service for customers. You can either implement our certified P2PE application or our full P2PE solution. Both have been tested by trained P2PE assessors retained by the Payment Card Industry Security Standards Council (PCI SSC) against the standard. At a high level, the P2PE application is a software service centred around the device and connection out to PXP Financial. The full P2PE solution is an end-to-end service and includes business processes for securing your terminal estate. For example, provisions around terminal deployment, security (physical and logical), maintenance and storage.
How do I become P2PE Complaint?
As your provider of a P2PE certified service, PXP Financial can provide you with an instruction manual for P2PE, which details your operational responsibilities. This will help you on your way to becoming P2PE compliant. At the same time, however, it is important to set P2PE compliance within the bigger data security picture. Ensuring that sensitive customer card data is never stored in your systems or network in plain text will go a good way to reducing your PCI scope and risk exposure. It should, however, be regarded as only one part of a multi-layered approach to data security.
For a free consultation on your payments requirements, please complete the form below or call us on 0844 209 4370.
PXP Financial full PCI SSC solution listing: www.pcisecuritystandards.org/assessors_and_solutions/point_to_point_encryption_solutions
PXP Financial
The End-to-end payment platform
PXP Financial provides a single unified payments platform to accept payments online, on mobile and at the point of sale. Powered by inhouse global acquiring, 200+ alternative payment methods & financial services, PXP Financial processes over EUR 16 billion annually through our unified gateway.
Whatever your business needs today or tomorrow, PXP Financials’ innovative payment platform will support your business growth with all the payment services you will ever need from one source, wherever your business takes you.