PCI-validated P2PE providers, including processors, payment gateways and ISV’s, can now provide Bluefin’s 100% online device management system to their merchants
December 4, 2018 – Atlanta, GA – Bluefin, the leading payment security provider specializing in PCI-validated Point-to-Point Encryption (P2PE) solutions for processors, payment gateways and ISV’s, today announced the availability of the company’s patented P2PE Manager® as a stand-alone P2PE device management, chain of custody and device attestation solution.
To remain compliant with the P2PE standard, merchants must track their payment devices, maintain chain of custody, and report on device attributes such as status, location and device integrity. Bluefin introduced the P2PE Manager in 2014, in conjunction with PCI validation for their P2PE solution in March 2014, to provide a simple to use, online management system that would help merchants reduce the complexity of compliance by using a single source P2PE program management system.
Bluefin’s P2PE Manager is a 100% online management system for PCI-validated P2PE device management, chain of custody and annual PCI compliance reporting. The P2PE Manager is part of Bluefin’s PCI P2PE solution package, allowing merchants and Bluefin partners to monitor the complete device lifecycle that includes key injection, shipping, device state, custodians, transactions and much more.
Now, Bluefin is extending the ease of use, simplicity and efficiency of the P2PE Manager to processors, payment gateways and ISV’s with their own PCI-validated P2PE solution.
“Bluefin was the first North American provider of a PCI-certified P2PE solution in March 2014 and we quickly realized that in order to simplify the chain of custody requirements for our merchants, we had to build an online system where our clients could track, activate and retire their P2PE devices, as well as easily produce their attestation reports,” said Ruston Miles, Bluefin’s Chief Strategy Officer. “Today, we have more than 90 partners that have connected to Bluefin for our P2PE solution and we believe that decoupling our P2PE Manager from our overall solution will greatly benefit other P2PE providers, who may not offer any sort of device tracking or P2PE program management system at all.”
Bluefin’s P2PE Manager addresses PCI chain of custody requirements and automatically logs all records needed to generate reports for PCI compliance assessments, eliminating the use of spreadsheet-based manual tracking. Today, the Manager works with all major device manufacturers and is integrated to 9 Key Injection Facilities (KIFs) and growing. In September, Bluefin also added capabilities to track and facilitate the Remote Key Injection (RKI) of devices. RKI allows for devices already deployed in the field to be injected onsite with secure P2PE keys rather than taken out of service and shipped to a KIF for injection.
Bluefin’s P2PE Manager, along with the company’s Decryptx product, is covered by several U.S., European and Japanese patents.
On December 11th, Bluefin will host a free webinar on the data breaches of 2018, the security and benefits of PCI-validated P2PE, and Bluefin’s P2PE solutions for merchants, processors, payment gateways and ISV’s. Register here for the webinar.