Bluefin expands their growing payment security patent portfolio with their first patent granted in Europe
January 15, 2019 – Atlanta, GA – Bluefin, the leading provider of payment security technologies and PCI-validated Point-to-Point Encryption (P2PE) solutions for retail, hospitality, healthcare, and higher education, today announced the grant of their first patent in Europe, EP3120593, on systems and methods for creating fingerprints of encryption devices.
The patent covers aspects of Bluefin’s P2PE solutions, including Decryptx®, the company’s Decryption as a Service (DaaS) product, and the P2PE Manager, Bluefin’s 100% online management system for P2PE device tracking, chain of custody and PCI attestation. Decryptx enables any PCI/DSS provider, including payment gateways, processors, and ISV’s, to enhance their platform and offer Bluefin’s PCI-validated P2PE solution via a simple integration. Keyed, swiped, and EMV data from point of sale (POS) systems is protected via PCI-validated controls and encryption.
The issued patent relates to systems and methods for a P2PE management system (Bluefin’s P2PE Manager®) that has been configured to receive information from a plurality of point of interaction (POI) devices.
“P2PE is fast becoming the worldwide standard for payment card data protection. For example, Bluefin supports 10 connected partners in the European theater that represent over 10,000 protected endpoints,” said Ruston Miles, Bluefin’s Chief Strategy Officer. “Bluefin’s worldwide portfolio of patents protect the intellectual property behind our P2PE program management platform and unique service delivery methods. This supports our worldwide partners’ commercial efforts by providing competitive differentiation and best-in-class security products.”
Fingerprinting, or associating unique attributes of an encryption device, is critical in the validated P2PE process. Bluefin’s fingerprinting process is used to validate every transaction from each payment terminal. A “fingerprint” of each device is stored in Bluefin’s P2PE Manager and every transaction from each device is verified against the devices initial fingerprint. If this verification fails, this is an indication of potential device compromise. Bluefin’s P2PE Manager will mark the device as malfunctioning and suspend processing from the device in question pending research and resolution.
Bluefin was awarded its first U.S. patent in June 2016 on “Systems and Methods for Creating Fingerprints of Encryption Devices” and its second U.S. patent in October 2016 on “Systems and Methods for Decryption as a Service.” The company has since received an additional 8 U.S. patents, 4 Japanese patents, and the latest patent in Europe, with 17 additional patents pending.
Bluefin’s patent portfolio covers both Decryptx and the company’s P2PE Manager. Bluefin’s Decryptx network currently includes 92 connected partners in 59 countries, with over 120 devices/applications and 9 Key Injection Facilities (KIFs), as well as remote key injection services (RKI).