Bluefin today announced the release of a white paper titled “PayConex P2PE PCI Point-to-Point Encryption Solution.”
The white paper is based on an independent review of Bluefin’s PayConex PCI P2PE Solution by Coalfire Systems Inc., a respected PCI P2PE Qualified Security Assessor (QSA) company. On March 18th, Bluefin introduced the first, and to date the only, PCI-validated solution for point-to-point encryption (P2PE) in North America.
The white paper examines the benefits of using a listed PCI P2PE Solution and details how Bluefin’s P2PE Solution fits together with other important security technologies, specifically EMV and tokenization. The white paper also discusses how PayConex P2PE seeks to reduce risk and minimize PCI DSS (Data Security Standard) compliance requirements for merchants.
“All merchants are responsible for all PCI DSS controls at all times. However, the controls remaining for the merchant to manage are more significantly reduced by using Bluefin’s PCI P2PE Solution than any other Solution currently available in North America,” stated author Dan Fritsche, Director Solution Validation, CISSP, QSA (P2PE), PA-QSA (P2PE), Coalfire. “Any merchant desiring to avoid the pain, expense and reputational harm inherent as a result of a data breach should seriously consider PayConex P2PE, along with EMV and tokenization, as the best way to protect their business.”
PayConex P2PE encrypts credit and debit card data in a secure point of entry device, ensuring that clear-text cardholder data does not reach the merchant’s POS systems and networks where it could be exposed to malware. The white paper delves into the technology and security differences between P2PE, EMV and tokenization, as well as implementation and cost considerations of each product.
“Our goal with this review was to help bring clarity to the three primary security options available today that protect merchants from data breach – P2PE, EMV and tokenization – and to examine the value that a PCI Council-listed P2PE Solution brings to merchants over non-validated solutions,” said Ruston Miles, Chief Innovation Officer, Bluefin. “Our Solution has already been fully validated by a PCI P2PE Assessor, but we wanted to provide readers with an unbiased, independent review of PayConex P2PE by a well-respected P2PE QSA firm that was not a part of our initial validation. And we feel that Coalfire’s white paper is an excellent educational tool for any merchant, acquirer, or software vendor seeking the optimal solution to secure their processing environment.”
The white paper is available for download at here.