How does P2PE protect your customers card data?

Posted by Lisa Middleton on Jul 28, 2017 12:00:00 PM

how_does_P2PE_protect_your_customers_card_data1.jpgP2PE removes sensitive cardholder data from your systems, leaving you with less data security stuff to worry about. It’s about being secure and protecting your brand, your reputation, your ability to trade and keep trading.

We operate P2PE as a managed service for our customers. It sits alongside our tokenisation service, which also helps protect sensitive data.

P2PE is a standard created by the PCI security standard council whereby customer card data is encrypted directly on the PIN entry device (usually the PIN pad). It remains encrypted until it reaches our secure processing environment. This way, your point-of-sale terminals and systems never see any sensitive data in the clear, minimising the impact of a data security compromise.

Behind the scenes, each PIN entry device has a secure encryption key within it. We manage these keys from our secure datacentre and deploy them via remote key injection. To spare you the logistical hassle of physically installing keys on each device the key encrypts data on the device before sending it to our systems for processing. Your systems receive an encrypted token as a substitute for the customer data. These tokens would be useless to a criminal if your systems were breached, as they are just random numbers.

ERP systems are used to storing card numbers. They’re used for identifying original transactions in the case of refunds, but also for identifying customers’ shopping patterns across channels. Our cross-channel tokenisation system replaces card numbers with a token of the same length. This removes sensitive data from your systems, yet still allows you to identify customers whether they shop with you online or in-store.

You can even replace existing stored card numbers with our tokens. We allow merchants to register a token without completing a transaction. The token is unique to each merchant and generating them does not significantly impact transaction speeds.

Our data security solutions are secure. We prioritise security over compliance and understand that each customer is different when it comes to data security.

Want to learn more? Simply complete the short form below to download your free copy of: Point to point encryption (P2PE): Application or Solution?.

Contact Us

Subscribe by Email

Payments jargon buster