PCI-Validated Point-to-Point Encryption | P2PE
Encryption to Protect POS Credit Card Payments
Bluefin is the Leading Provider of PCI-validated P2PE Solutions
In 2014, Bluefin became the first provider of a PCI-validated point-to-point encryption (P2PE) solution in North America. Today, our P2PE solutions span our product suite and are offered by over 135 processors, gateways and ISV’s operating in 36 countries. Our solutions encrypt payment data immediately upon swipe, dip or tap in the P2PE certified device, with encryption being done outside of the merchant environment by Bluefin. P2PE ensures that no clear-text cardholder data is available in the event of a data breach.
PCI-validated P2PE is the Gold Standard in POS Payment Security
There are many providers with end-to-end encryption and non-validated P2PE products, but only those P2PE solutions listed on the PCI SSC website have been audited and approved by the Council as validated solutions. Why does PCI validation matter for your encryption solution?
Reduced PCI Assessment
Merchants that implement Bluefin’s PCI-validated P2PE solution throughout their POS environment are eligible for PCI’s 33-question Selft-assassment questionnaire (SAQ) P2PE – a significant reduction from the 329-question SAQ D.
Device Security
PCI P2PE certified devices are more secure and are designed to detect tampering. If malicious activity is detected, the device is automatically deactivated, preventing a breach at the payment terminal.
Strict Controls
All PCI P2PE solution providers must abide by strict controls for the encryption and decryption processes. Device key injection is done only through certified Key Injection Facilities (KIFs) and decryption only occurs in the Bluefin hardware environment (HSM).
Cost Savings
The reduced scope of the PCI assessment to 33 questions enables significant cost savings across the security environments, with reductions seen in firewalls, penetration testing, system administration and more.
Simplified Device Management
As part of Bluefin’s P2PE solution suite, we provide the P2PE Manager®, a 100% online device management system for the tracking of devices, custodial duties, reporting and PCI attestation.