The Value of Point-to-Point Encryption in POI Environments

White Paper
Topics Covered
- What is P2PE
- PCI P2PE-validated solutions
- Non-listed Encryption Solution Assessments (NESA)
- POI threat landscape
- How criminals obtain access to payment card data
- P2PE compliance management and scope reduction benefits
- The roles of EMV and tokenization in payment security
- SAQ P2PE
- A semi-integrated approach
- Conclusion: Conquer the challenges
Malicious hackers continue to adversely impact every industry. Threat actors attempt to steal data from POS systems using payment card skimmers, POS intrusions and web app attacks – taking advantage of organizations that fail to reduce the size of their attack surfaces. While organizations cannot stop all security breaches, they can prevent or at least mitigate the possibility of sensitive data being compromised.
This paper reviews the benefits of PCI-validated P2PE solutions in point-of-interaction (POI) environments. In addition to highlighting the various compliance management and scope reduction benefits, it explores the POI threat landscape, detailing how criminals obtain access to cardholder data (CHD), while also examining the merits of a layered approach to data security and fraud prevention, combining technologies such as EMV, P2PE and tokenization.