Bluefin, Verifone Partnership Provides PCI-Validated P2PE

Press enter to search
Close search
Open Menu

Bluefin, Verifone Partnership Provides PCI-Validated P2PE

07/12/2018

 


Verifone, a provider of payments and commerce solutions, and Bluefin, a global payment security platform have partnered to provide Bluefin’s PCI-validated Point-to-Point Encryption (P2PE) security solution to merchants using either Verifone’s POINT or Retail Transaction Switch (RTS) solutions. Through this partnership, merchants can reduce not only the cost and effort they incur when trying to comply with PCI PA DSS requirements, but also mitigate the risk associated with face-to-face payments.

 The Verifone Validated P2PE solution, which can now be viewed on the PCI P2PE Solution website, is an incremental offering within Verifone’s industry-leading payment security product line. This Validated P2PE solution will be available to meet the needs of merchants of all sizes and offers multiple configurations and processing options.

The partnership comes at a time when merchants around the globe are looking to fully certified PCI P2PE solutions for protection from threats to consumer and card data. 

To be certified as a PCI-validated P2PE solution requires that the payment solution adopts specific physical, logical and operational security controls. The implementation of these controls is ultimately reviewed by a special P2PE Qualified Security Assessor (QSA) and then again by PCI prior to a solution being deemed “Validated P2PE Certified.” The purpose of this process is to ensure that an encrypting payment solution has been implemented in a way which truly reduces data compromise risk. 

The combination -- Verifone’s industry payment devices and solutions, and Bluefin’s decryption and operational capabilities -- secures credit and debit card transactions by encrypting all data within a PCI-approved point of entry device. This prevents clear-text cardholder data from being available within the device, or in the merchant’s system where exposure to malware is possible. Data decryption always occurs offsite in a Bluefin hardware security module (HSM), ensuring the highest level of security.

For merchants, the benefits of the Bluefin / Verifone P2PE solution include reducing PCI scope from 329 to a 33 question P2PE self-assessment questionnaire (SAQ), managing chain of custody using the Bluefin P2PE Manager online device management system, and integration with Verifone’s line of payment solutions.