Steve McAllister, President, McAllister Payment Solutions
Point-to-point encryption (P2PE) ensures sensitive credit and debit card data is protected from first card swipe, while in transit, all the way to the payment processor. This technology is also referred to as end to end encryption, or E2EE.
State of the art encrypting devices scan and encrypt cardholder information prior to performing an electronic payment transaction. These sophisticated devices use Triple DES Encryption and DUKPT key management technology to encrypt and transmit cardholder data securely over any network. The encrypted cardholder data being transmitted is NOT equivalent to the original cardholder data in any way. Even if the data were to be intercepted, it would be useless to data thieves.
Over the last year, hackers have focused increasingly on stealing credit card data in transit. Visa recently issued a warning against "packet sniffing," a form of cardholder data theft where computer hackers use malicious software to compromise data while it is in transit. To mitigate against a packet sniffing attack, Visa has published a list of recommended best practices which include data encryption protocols.
The PCI Security Standards Council (PCI SSC) has confirmed that point-to-point encryption technology is the direction that processors, software providers and merchants should be moving.
The Element Express Processing Platform supports the most advanced encrypting devices, allowing for point-to-point encryption of cardholder data. The payment processing platform also utilizes TransForm® tokenization technology combined with authentication, making it one of the most secure payment products on the market.
Open a test account or view our specifications to experience how easy it is to integrate with the Element Express Payment Platform. Or watch our video on point-to-point encryption to learn more about this emerging technology.