ATLANTA--(BUSINESS WIRE)--Bluefin Payment Systems, the leading provider of secure, integrated, cloud-based payment solutions for Independent Software Vendors (ISVs) and SaaS providers, announced today that its PayConexTM P2PE solution has been validated by a P2PE assessor approved by the PCI Security Standards Council, as having met the rigorous controls defined in the PCI SSC P2PE Standard for the protection of payment card data. The P2PE Standard specifies the requirements necessary for merchants to reduce the scope of their cardholder data environment (CDE) through use of a P2PE solution.
Point-to-Point Encryption (P2PE) technology can help merchants simplify their PCI DSS compliance programs by removing clear-text cardholder data from a merchant’s environment and reducing the scope of PCI DSS requirements. The PCI Security Standards Council’s P2PE program provides a method for vendors to validate their P2PE solutions and applications, and for merchants to reduce the scope of their cardholder data environment by implementing validated P2PE solutions.
By providing a PCI SSC Validated P2PE Solution, Bluefin Payment Systems helps secure the payment ecosystem for merchants that utilize P2PE solutions to support their PCI DSS compliance.
PayConex P2PE encrypts credit and debit card data in a secure point of entry device before it is transmitted into a merchant’s point-of-sale (POS), virtual terminal or payment application. Encrypting cardholder data within the device ensures that clear-text cardholder data does not reach the merchant’s POS systems and networks where it could be exposed to malware.
“The building blocks of a strong security program are people, processes and technology. The PCI Standards help businesses address these core components to protect their payment card data," said Bob Russo, general manager, PCI Security Standards Council. “By validating its P2PE Solution, Bluefin Payment Systems is demonstrating its commitment to supporting merchants' PCI DSS compliance efforts through secure deployment of point-to-point encryption technology.”
“When the Council announced the P2PE standards in 2011, we recognized the importance of P2PE as a major step forward in protecting cardholder data and merchants from breach as part of a comprehensive payment security program including EMV and tokenization,” said Ruston Miles, Founder & Chief of Production Innovation at Bluefin. “We see P2PE as an elegant and powerful solution for encrypting cardholder data so that it can securely flow through an organization, and we are very pleased to be the first North American company to receive PCI validation for our P2PE Solution.”
The PCI Security Standards Council is an open, global forum that is responsible for the development, management, education and awareness of the PCI Data Security Standard (PCI DSS) and other standards that increase payment data security. Founded in 2006 by the major payment card brands American Express, Discover Financial Services, JCB International, MasterCard Worldwide and Visa Inc., the Council has more than 700 Participating Organizations representing merchants, banks, processors and vendors worldwide. To learn more about playing a part in securing payment card data globally, please visit: pcisecuritystandards.org.
Connect with the PCI Council on LinkedIn: http://www.linkedin.com/company/pci-security-standards-council. Join the conversation on Twitter: http://twitter.com/#!/PCISSC
Bluefin Payment Systems is the leading provider of secure, integrated, cloud-based payment technology for Independent Software Vendors (ISVs) and SaaS providers. Bluefin’s innovative and proprietary PayConex platform powers feature-rich integrated payments and security solutions including PayConex P2PE, QuickSwipe Mobile, tokenization, and international payments. Bluefin is headquartered in Atlanta, with offices in New York, Chicago and Tulsa.