Point-to-Point Encryption (P2PE) is the latest payment technology that the PCI council has released a standard for. By implementing a validated P2PE solution a merchant can simplify their PCI compliance by eliminating clear-text cardholder data from their environment and reducing the scope of PCI DSS requirements.
It works by encryption keys being injected securely into the payment terminal, so when a card is inserted or swiped, the card details are automatically secured with encryption. They do not get unencrypted until they reach the payment service provider, allowing you to eliminate many Qualified Security Assessor (QSA) costs and enhance your security to further reduce breach risks.
Format Preserving Tokenisation
Our sophisticated but easy to use tokenisation solution can greatly improve your customer experience, by allowing you to recall previous card transactions securely across all channels without storing the card data yourself. This can lead to easy refund and recharge across any sales channel your customer wishes to use. PXP creates tokens using
Payment Card Industry – Data Security Standard
PCI level I
PCI DSS compliance is a mandatory requirement for any business that handles and stores cardholder payment data and is assesses on an annual basis. To view our PCI-DSS Level 1 and PA-DSS compliant listings, visit:
PXP is audited by Foregenix, an independent, specialised information security business, headquartered in the United Kingdom, with a global service delivery capability. Foregenix provides specialist services relating to PCI DSS, PA DSS, Forensic Investigations, Penetration Testing and Security Consulting. For more information, please visit Foregenix.
At PXP Solutions we take information security very seriously. As a payment service provider we are required to meet the exacting standards of the
The new GDPR has put a slightly different perspective on the controls and governance procedure we already have in place. Because of this, PXP Solutions have decided to incorporate the IASME audit and certification process as a means of providing our customers with the additional assurance that all their data, not only the credit card data, is protected to the highest possible standards, and complies with the GDPR.
To demonstrate our compliance with the GDPR, PXP Solutions have completed the IASME Governance assessment. Successful completion of the IASME Governance assessment demonstrates adherence to industry best practices for Information Technology Governance and Information Security Management and addresses the specific requirements mandated by the GDPR. To view our IASME listing showing Cyber Essentials, IASME and GDPR certification, please visit the IASME site: www.iasme.co.uk/certified-organisations
SOC 2 TYPE II
PXP Solutions also have a successful Service Organisation Control (SOC) 2 Type II report providing our merchants with the added assurance that our systems are designed, implemented and operated to the very highest standards. The SOC 2 Type II report is produced by an American Institute of Certified Public Accountants security auditing company following a rigorous audit covering the trust services criteria of security, availability, processing integrity and confidentiality.
Request a consultation
Request a free consultation with one of our payments experts.