Bluefin Payment Systems, the leading provider of secure, integrated,
cloud-based payment solutions for Independent Software Vendors (ISVs)
and SaaS providers, announced today that its PayConexTM P2PE
solution has been validated by a P2PE
assessor approved by the PCI Security Standards Council, as having
met the rigorous controls defined in the PCI SSC P2PE Standard for the
protection of payment card data. The P2PE Standard specifies the
requirements necessary for merchants to reduce the scope of their
cardholder data environment (CDE) through use of a P2PE solution.
Point-to-Point Encryption (P2PE) technology can help merchants simplify
their PCI DSS compliance programs by removing clear-text cardholder data
from a merchant's environment and reducing the scope of PCI DSS
requirements. The PCI Security Standards Council's P2PE program provides
a method for vendors to validate their P2PE solutions and applications,
and for merchants to reduce the scope of their cardholder data
environment by implementing validated P2PE solutions.
By providing a PCI SSC Validated P2PE Solution, Bluefin Payment Systems
helps secure the payment ecosystem for merchants that utilize P2PE
solutions to support their PCI DSS compliance.
PayConex P2PE encrypts credit and debit card data in a secure point of
entry device before it is transmitted into a merchant's point-of-sale
(POS), virtual terminal or payment application. Encrypting cardholder
data within the device ensures that clear-text cardholder data does ot
reach the merchant's POS systems and networks where it could be exposed
"The building blocks of a strong security program are people, processes
and technology. The PCI Standards help businesses address these core
components to protect their payment card data," said Bob Russo, general
manager, PCI Security Standards Council. "By validating its P2PE
Solution, Bluefin Payment Systems is demonstrating its commitment to
supporting merchants' PCI DSS compliance efforts through secure
deployment of point-to-point encryption technology."
"When the Council announced the P2PE standards in 2011, we recognized
the importance of P2PE as a major step forward in protecting cardholder
data and merchants from breach as part of a comprehensive payment
security program including EMV and tokenization," said Ruston Miles,
Founder & Chief of Production Innovation at Bluefin. "We see P2PE as an
elegant and powerful solution for encrypting cardholder data so that it
can securely flow through an organization, and we are very pleased to be
the first North American company to receive PCI validation for our P2PE
Security Standards Council is an open, global forum that is
responsible for the development, management, education and awareness of
the PCI Data Security Standard (PCI
DSS) and other standards that increase payment data security.
Founded in 2006 by the major payment card brands American Express,
Discover Financial Services, JCB International, MasterCard Worldwide and
Visa Inc., the Council has more than 700 Participating Organizations
representing merchants, banks, processors and vendors worldwide. To
learn more about playing a part in securing payment card data globally,
please visit: pcisecuritystandards.org.
Connect with the PCI Council on LinkedIn: http://www.linkedin.com/company/pci-security-standards-council.
Join the conversation on Twitter: http://twitter.com/#!/PCISSC
Bluefin Payment Systems is the leading provider of secure, integrated,
cloud-based payment technology for Independent Software Vendors (ISVs)
and SaaS providers. Bluefin's innovative and proprietary PayConex
platform powers feature-rich integrated payments and security solutions
including PayConex P2PE, QuickSwipe Mobile, tokenization, and
international payments. Bluefin is headquartered in Atlanta, with
offices in New York, Chicago and Tulsa.
[ Back To NFVZone's Homepage ]