By Graeme Zwart, PXP Information Security Compliance Officer
ANYpay has achieved P2Pe v2 Solution validation and listing on PCI SSC's latest version of Point to Point Encryption (P2PE). This is further to its recent Application listing and supports Verifone's Vx680, Vx820 and E355 devices.
P2PE removes sensitive cardholder data from your systems, leaving you with less data security stuff to worry about. It’s about being secure and protecting your brand, your reputation, your ability to trade and keep trading.
We operate P2PE as a managed service for our customers. It sits alongside our tokenisation service, which also helps protect sensitive data.
P2PE is a standard created by the PCI security standard council whereby customer card data is encrypted directly on the PIN entry device (usually the PIN pad). It remains encrypted until it reaches our secure processing environment. This way, your point-of-sale terminals and systems never see any sensitive data in the clear, minimising the impact of a data security compromise.
Each PIN entry device has a secure encryption key within it. We manage these keys from our secure datacentre and deploy them via remote key injection. So, you’re spared the logistical hassle of physical installing keys on each device. The key encrypts data on the device before sending it to our systems for processing. Your systems receive an encrypted token as a substitute for the customer data. These tokens would be useless to a fraudster if your systems were breached, as they are just random numbers. The speed of our deployment was demonstrated when we rolled out 800 stores in just 2 weeks for one international retailer.
ERP systems are used to storing card numbers. They’re used for identifying original transactions in the case of refunds, but also for identifying customers’ shopping patterns across channels. Our cross-channel tokenisation system replaces card numbers with a token of the same length. This removes sensitive data from your systems, yet still allows you to identify customers whether they shop with you online or in-store.
You can even replace existing stored card numbers with our tokens. We allow merchants to register a token without completing a transaction. The token is unique to each merchant and generating them does not significantly impact transaction speeds.
Our security solutions are secure and we understand that each customer is different when it comes to data security. You can either implement our certified P2PE application or our full P2PE solution. Both have been tested by trained P2PE assessors as required by the Payment Card Industry Security Standards Council (PCI SSC) against the standard.
If you’d like to learn more about P2PE or how PXP can help then download our free factsheets:
For a free 30-minute consultation on your payments requirements, please complete the form below or call us on 0844 209 4370.
PXP’s full PCI SSC solution listing: www.pcisecuritystandards.org/assessors_and_solutions/point_to_point_encryption_solutions