Validated P2PE

Safeguard Payments With
Validated Point to Point Encryption

For Secure Omnichannel Card-Present and Agent-Entered Payments

Employ Validated Point to Point Encryption (VP2PE) Solutions

VP2PE protects credit and debit card payments by encrypting payment data within a device certified under the PCI PIN Transaction Security (PTS) program for Secure Reading Exchange of Data (SRED).

No clear-text cardholder data is accessible in the device, in transit, or within a merchant’s system. Encrypting at the point of interaction makes sensitive information undecipherable and useless to hackers. By eliminating clear text cardholder data from a merchant’s environment, VP2PE can diminish PCI DSS scope and keep cardholder data, even in its encrypted state, from entering other systems and networks.

 

TC Safe® is validated as compliant with the Payment Card Industry Point-to-Point Encryption Standard.

The PCI P2PE provides rigorous technical and operational requirements and guidelines for all entities that provide VP2PE solutions.

Risk Reduction

PCI DSS Scope Reduction

Brand Protection

FEATURED WHITEPAPER

TrustCommerce VP2PE Solution Whitepaper

Learn how VP2PE works within several environments and with other technologies, and how the TrustCommerce VP2PE solution can be used to reduce risk and scope at retail environments and call centers. See a challenging healthcare use case that shows how VP2PE provides an exceptional solution to PCI DSS and credit card security issues.

Here’s How It Works

  • Data is encrypted at the device, no clear-text in POS— swiped, dipped and hand keyed transactions.
  • Encryption takes place at the point of interaction, whether mobile, storefront or back office.
  • Devices are tamper resistant to mitigate skimming.
  • Merchant does not have keys to decrypt the data.

Use with EMV and tokenization solutions for maximum protection and fraud reduction.

Frequently Asked Questions

Validated Point to Point Encryption solutions have been tested and validated to meet an exceptionally high bar. Some of the required security features include:

  • Usage of approved hardware devices with approved encryption methods
  • Using or developing secure applications that have had their source code reviewed by a security specialist
  • Creation of a hardened decryption service that uses hardware security modules to manage keys and decrypt card data. There is a lengthy and challenging audit that validated P2PE solutions have successfully passed.
  • Complete chain of custody tracking to ensure devices are not tampered with during the shipping and delivery process.

Validated P2PE solutions represent the most effective way of protecting card-present

and agent-entered credit card transactions.

Yes, you can view TC Safe® on the PCI SSC P2PE Solutions listing here.