PXP: P2PE Solution listed on PCI Security Standards Council Site

Posted by Franco Del Basso on May 19, 2017 12:00:00 PM

PXP P2PE Solution listed on PCI Security Standards Council Site.jpgPXP is now listed on the PCI SSC site as a full Point 2 Point Encryption (P2PE) solution provider. We’ve spent the last two years successfully offering secure card processing to customers globally with the PXP P2PE certified application, helping merchants reduce their PCI scope.

How does P2PE work?

P2PE removes sensitive cardholder data from your systems, leaving you with less data security stuff to worry about. It’s about being secure and protecting your brand, your reputation, your ability to trade and keep trading. 

We operate P2PE as a managed service for our customers. It sits alongside our tokenisation service, which also helps protect sensitive data. 

P2PE is a standard created by the PCI security standard council whereby customer card data is encrypted directly on the PIN entry device (usually the PIN pad). It remains encrypted until it reaches our secure processing environment. This way, your point-of-sale terminals and systems never see any sensitive data in the clear, minimising the impact of a data security compromise. 

Each PIN entry device has a secure encryption key within it. We manage these keys from our secure datacentre and deploy them via remote key injection. So, you’re spared the logistical hassle of physical installing keys on each device. The key encrypts data on the device before sending it to our systems for processing. Your systems receive an encrypted token as a substitute for the customer data. These tokens would be useless to a fraudster if your systems were breached, as they are just random numbers. The speed of our deployment was demonstrated when we rolled out 800 stores in just 2 weeks for one international retailer.

ERP systems are used to storing card numbers. They’re used for identifying original transactions in the case of refunds, but also for identifying customers’ shopping patterns across channels. Our cross-channel tokenisation system replaces card numbers with a token of the same length. This removes sensitive data from your systems, yet still allows you to identify customers whether they shop with you online or in-store.

You can even replace existing stored card numbers with our tokens. We allow merchants to register a token without completing a transaction. The token is unique to each merchant and generating them does not significantly impact transaction speeds. 

Our security solutions are secure and we understand that each customer is different when it comes to data security. You can either implement our certified P2PE application or our full P2PE solution. Both have been tested by trained P2PE assessors retained by the Payment Card Industry Security Standards Council (PCI SSC) against the standard. 

If you’d like to learn more about P2PE or how PXP can help you reduce your PCI self-assessment questionnaire scope from 12 sections to 4, and 329 controls to just 35 then download our free factsheets:

Point to Point encryption (P2PE): Application or Solution?

Point to Point Encryption explained

PCI-DSS FAQ

For a free 30-minute consultation on your payments requirements, please complete the form below or call us on 0844 209 4370. 

PXP’s full PCI SSC solution listing: www.pcisecuritystandards.org/assessors_and_solutions/point_to_point_encryption_solutions

Contact Us

Subscribe by Email

New Call-to-action
Payments jargon buster