Point-to-Point Encryption (P2PE) Service – Technology preview
Protecting payment transaction data in motion
P2PE is deployed to protect vulnerable zones or segments in the payments infrastructure. In point of sale (POS) environments, it protects data from the point of capture in the merchant environment to the next point of processing which is normally a payment gateway or acquirer.
P2PE encrypts data at the point of capture (i.e. at the POS terminal or mPOS reader) and this data is maintained in an encrypted state thereafter and is only ever able to be decrypted inside the secure compound of a Hardware Security Module (HSM), leveraged typically by a service provider or gateway in the transaction processing value chain.
The key benefit to using P2PE is that the merchant cannot decrypt the data without authorised access to the cryptographic keys. Traditional POS systems are increasingly adopting P2PE to avoid vulnerabilities relating to the cleartext transmission of magnetic stripe and chip card track data. Mobile point-of-sale (mPOS) solutions inherently deploy P2PE because they involve untrusted devices (mobile phones or tablets) and untrusted networks (the internet) and the risk of mobile malware having access to cleartext account data is unacceptably high.
Working from our deep roots in the payment processing industry, Thales recognised the growing need for payment in the cloud services, and has added a P2PE service as part of the broader payShield Cloud Services portfolio within our flagship Data Protection on Demand (DPoD) platform.
The P2PE Service is now offered as a technology preview and is available with the free evaluation of DPoD.
Security and protection
Easy to integrate
Easy to manage
Technology Preview P2PE is deployed to protect vulnerable zones or segments in the payments infrastructure. In point of sale (POS) environments, it protects data from the point of capture in the merchant environment to the next point of processing which is normally a payment...