PCI-Validated Point-to-Point Encryption | P2PE

Encryption to Protect POS Credit Card Payments

Bluefin is the Leading Provider of PCI-validated P2PE Solutions

In 2014, Bluefin became the first provider of a PCI-validated point-to-point encryption (P2PE) solution in North America. Today, our P2PE solutions span our product suite and are offered by 130+ processors, gateways and ISV’s operating in over 30 countries. Our solutions encrypt payment data immediately upon swipe, dip or tap in the P2PE certified device, with encryption being done outside of the merchant environment by Bluefin. P2PE ensures that no clear-text cardholder data is available in the event of a data breach.

PCI-validated P2PE is the Gold Standard in POS Payment Security

There are many providers with end-to-end encryption and non-validated P2PE products, but only those P2PE solutions listed on the PCI SSC website have been audited and approved by the Council as validated solutions. Why does PCI validation matter for your encryption solution?

Reduced PCI Assessment

Merchants that implement Bluefin’s PCI-validated P2PE solution throughout their POS environment are eligible for PCI’s 33-question Selft-assassment questionnaire (SAQ) P2PE – a significant reduction from the 329-question SAQ D.

Device Security

PCI P2PE certified devices are more secure and are designed to detect tampering. If malicious activity is detected, the device is automatically deactivated, preventing a breach at the payment terminal.

Strict Controls

All PCI P2PE solution providers must abide by strict controls for the encryption and decryption processes. Device key injection is done only through certified Key Injection Facilities (KIFs) and decryption only occurs in the Bluefin hardware environment (HSM).

Cost Savings

The reduced scope of the PCI assessment to 33 questions enables significant cost savings across the security environments, with reductions seen in firewalls, penetration testing, system administration and more.

Reduced PCI Assessment

Merchants that implement Bluefin’s PCI-validated P2PE solution throughout their POS environment are eligible for PCI’s 33-question Selft-assassment questionnaire (SAQ) P2PE – a significant reduction from the 329-question SAQ D.

Device Security

PCI P2PE certified devices are more secure and are designed to detect tampering. If malicious activity is detected, the device is automatically deactivated, preventing a breach at the payment terminal.

Strict Controls

All PCI P2PE solution providers must abide by strict controls for the encryption and decryption processes. Device key injection is done only through certified Key Injection Facilities (KIFs) and decryption only occurs in the Bluefin hardware environment (HSM).

Cost Savings

The reduced scope of the PCI assessment to 33 questions enables significant cost savings across the security environments, with reductions seen in firewalls, penetration testing, system administration and more.

PayConex™

Get payment processing through the Bluefin gateway with PCI-validated P2PE for retail, mobile, call center and kiosks.

Learn More

Decryptx®

Get P2PE only through our network of healthcare, retail, higher education, non-profit, event and government partners.

Learn More

QuickSwipe

Enable mobile payments backed by PCI-validated P2PE with our QuickSwipe mPOS solution, available for iOS devices and tablets.

Learn More

Simplified Device Management

As part of Bluefin’s P2PE solution suite, we provide the P2PE Manager®, a 100% online device management system for the tracking of devices, custodial duties, reporting and PCI attestation.

Bluefin’s P2PE Resources

PCI Validated Point to Point Encryption P2PE
P2PE

PCI-Validated vs. Non-Validated P2PE: The Difference

P2PE Devices

Widest Selection of P2PE Devices

P2PE FAQ’S

P2PE FAQ

Get a P2PE Solution for Your Business

  • This field is for validation purposes and should be left unchanged.