Foodservice and Restaurant Payment Processing is Evolving

restaurant-payment-processingRemember the days of accepting credit cards in a restaurant? The ever-present knucklebuster was readily available at the server station, waiting to imprint that credit card and provide the customer a faded receipt. And for foodservice operators, invoices with a 30/60 net day notice were left with accounting when the delivery was dropped off.

Today’s food industry payment solutions have become increasingly sophisticated, from kiosk touch screens in QSRs, where the customer can order – and pay, to mobile tablet solutions for delivery – where payment for a food or liquor order is quick as swiping the corporate card through the mobile payment device – to table-side payment in a sit-down restaurant enabled by a mobile terminal.

Foodservice as the New Fraud Frontier

The evolution in restaurant payment processing has brought in revenue faster and quicker than ever before, but the question is – has security kept up with this processing evolution?

The buzz around EMV and the October 2015 deadline had the foodservice industry scrambling to implement new systems and terminals. But the reality is that EMV is only part of the security solution. EMV authenticates the card being used and the consumer using the card and is designed to prevent white labeling of credit cards – where stolen credit card numbers are used to make a duplicate credit card. However, EMV does nothing to protect cardholder data once it is swiped, leaving the potential for clear-text cardholder data to exist in a foodservice operator’s system where it could be exposed if there is a data breach.

The amount of business done in major restaurants and chains can rival business done at big-box retailers – making this industry a prime target for fraudsters.

A Holistic Payment Security Approach for Foodservice

Bluefin’s PCI-validated point-to-point encryption (P2PE) solution encrypts card data in the retail, mobile and kiosk environments through a PCI-validated P2PE device. By encrypting card data upon entry, clear-text cardholder data is not available in the foodservice operators’ system or network. Decryption is only done in Bluefin’s hardware environment.

Bluefin provides our P2PE food industry payment solution through:

  • Retail terminals: PCI-validated P2PE is available via our PayConex Payment Platform as an integrated solution or available through our Decryptx partners, which provide our solution on their platform. Bluefin provides several terminal options for POS acceptance, including the Ingenico iPP320 and iPP350.
  • Mobile phone and tablet: Foodservice operators can enjoy a fully equipped mobile point of sale system for restaurant credit card processing backed by PCI-validated P2PE with our QuickSwipe product. QuickSwipe utilizes the PCI-validated P2PE Nomad 2.0 mobile device.
  • Kiosks: More and more restaurants are considering adding kiosk ordering for line-busting. Bluefin utilizes ID Tech’s PCI-validated P2PE device, the SecuRED, to equip kiosks with our PCI P2PE solution.

Securing your systems with P2PE, along with EMV and tokenization, provide your customers a truly holistic payment strategy.

Bluefin Food Service Infographic

An Ideal Solution for Foodservice Software Integration

Bluefin was the first North American-based company to receive PCI validation for a P2PE solution in 2014. With the growing number of restaurants and foodservice operators seeking to protect their systems, it is necessary for POS software providers to provide their clients a full suite of security solutions. Bluefin’s retail and mobile P2PE solutions are available for integration directly into your system through our PayConex Platform or can be enabled on your platform through Decryptx.