Encryption has been around for a long time, dating back to Egypt nearly 4,000 years ago, when hieroglyphs were used on tombs to obscure text. Since then, encryption has evolved, from coding invaluable military information in World Wars to being used in the beginning of the computer age. Today, in the modern world of online payments, encryption is a key tool in data protection and pci compliance.
For organizations that accept credit, debit and other forms of electronic payments, the threats from cyber fraud and data breaches are real. Globally, over 30,000 websites are attacked daily – that’s a cyber-attack every 39 seconds. With 64 percent of companies having experienced a cyber-attack worldwide, it has never been more important to implement a security strategy that includes data encryption.
Point-to-Point Encryption – The Gold Standard
The options for solutions can be daunting. With a myriad of methods, types and standards surrounding encryption, how can businesses ensure they are choosing the best payment solution?
Datacap Systems, a leading integrated payments middleware and gateway provider, recently discussed the first line of defense in protecting sensitive payment data – point-to-point encryption (P2PE) technology.
One of the most important tools for protecting payment data is point-to-point encryption. It replaces plain text with code only those with the key can decipher. Furthermore, it protects payment data, in transit and at rest, from the moment the consumer inserts the card into the card reader until transaction approval.
Established by the Payment Card Industry (PCI) Security Standards Council, PCI-validated P2PE is considered the gold standard in encryption technology, requiring payment card data be encrypted immediately upon use with the merchant’s point-of-sale terminal and cannot be decrypted until securely transported to and processed by the payment processor. Every merchant that accepts credit card payments must be in compliance with the Payment Card Industry Data Security Standards (PCI DSS).
Emphasizing the need to educate technical and sales teams on what P2PE can do for your business, Datacap understands that P2PE is an important piece of a comprehensive security strategy. Additional technologies, such as EMV and tokenization also play a vital role.
Encryption is an effective tool for protecting payment data, but it’s only part of a comprehensive security strategy. P2PE solutions work with EMV and tokenization to further fortify a payments environment. Ideally, EMV solutions verify the authenticity of credit or debit cards to protect against duplicate or stolen cards, tokenization enables businesses to “remember” a customer’s account information for easy reuse without re-entry for future purchases, and P2PE ensures that data in transit is protected and secure.
Bluefin, a trusted partner of Datacap, became the first provider of a PCI-validated point-to-point encryption (P2PE) solution in North America. Today, Bluefin’s integrated P2PE and tokenization solutions protect Personally Identifiable Information (PII), Protected Health Information (PHI) and account and payment data entered online for some of the world’s foremost organizations.
Read Datacap’s article here. Learn how Bluefin’s solutions can help you secure your payment data today.