PayConex PCI-Validated Point-to-Point Encryption (P2PE)
Bluefin’s PayConex P2PE is a PCI-validated, hardware-based solution for point-to-point encryption (P2PE).
In March 2014, Bluefin became the first North American-based company to receive Payment Card Industry (PCI) validation for a P2PE solution – and today is just one of six providers globally with this validation.
PayConex P2PE encrypts cardholder data within a PCI P2PE approved point of entry device so it does not reach the enterprise or merchant’s system or network as clear-text cardholder data – where it could be accessible to a fraudster in the event of a data breach. Decryption of this data is not possible until the data has reached Bluefin’s hardware security module (HSM) outside of the merchant or enterprise’s environment.
On December 22, 2014, Bluefin became the first North American-based company to receive PCI validation for P2PE with a mobile payment system. While mobile payment technology brings increased convenience at the POS, it can also bring new risks to the security of cardholder data – and this payment acceptance method is growing at a rapid clip. Javelin Strategy & Research predicts that mobile POS sales will rise to $5.4B by 2018, which demonstrates the rapid merchant adoption of mobile payments – and underscores the need for P2PE in mobile to protect cardholder data.
Bluefin’s P2PE product suite includes:
- PayConex P2PE Enhanced Gateway: Merchants and enterprises process payment transactions through Bluefin’s PayConex payment gateway with the enhanced security of P2PE. P2PE is available through our gateway via our Virtual Terminal, retail point of sale, and through our Salesforce AppExchange integration.
- Decryptx: Introduced in November 2014, Decryptx is Bluefin’s Decryption as a Service (DaaS) product for large enterprises and Tier 1 and Tier 2 merchants. Companies get the benefit of our PCI-validated P2PE solution with no change to their current acquiring or processing relationship.
- QuickSwipe Mobile Point of Sale: Bluefin’s newest addition to our P2PE suite interfaces with our QuickSwipe Mobile Point of Sale (mPOS) system, utilizing Infinite Peripherals’ PCI P2PE approved Prima M mobile swipe device.
Download our newly released white paper on mobile P2PE.
Not only does PayConex P2PE reduce cardholder data loss in the event of a data breach but because it is a PCI-validated solution, it enables companies to significantly reduce their PCI scope and yearly assessments. (For example, merchants that adopt PCI-validated P2PE throughout their organization are eligible for the 35-question P2PE SAQ.)
In this the age of cyber-attacks and security breaches, secure payment solutions across POS, MOTO, and mobile are absolutely mandatory. Our PCI-validated P2PE product suite safeguards cardholder data, decreases risk, reduces PCI compliance and scope, and protects the corporate brand.