Bluefin to provide P2PE payments encryption for Etix


US-based payments security payments Bluefin has partnered with Etix , a ticketing service provider for the entertainment, travel, and sports industries

US-based payments security payments Bluefin has partnered with Etix , a ticketing service provider for the entertainment, travel, and sports industries. Through the partnership, Bluefin will provide their ticketing clients integrated payment processing capabilities backed by PCI-validated point-to-point encryption (P2PE).

Specialising in PCI-validated P2PE solutions that secure credit and debit card transactions by encrypting all data within a PCI-approved point-of-entry device, Bluefin prevents clear-text cardholder data from being available in the device or the merchant’s system where it could be exposed to malware. Data decryption is only done offsite in a Bluefin hardware security module (HSM). What will Bluefin provide to Etix Bluefin’s PayConex platform provides integrated and stand-alone face-to-face, mobile, unattended, MOTO and ecommerce payment processing, backed by PCI-validated P2PE and tokenization of PII, PHI, payment and ACH account data entered online.

Additional features include 3D-Secure (3DS) for ccommerce payments, anti-fraud scoring, chargeback management, account updater and ACH verification. Aaron Bare, Chief Marketing Officer of Etix stated in the press release that not only does the partnership provide the reduced PCI scope and security of validated P2PE, but also the benefits of integrated payments through the Etix platform. Etix is an international web-based ticketing service provider for the entertainment, travel and sports industries, and operates in 40 countries on four continents.

Etix provides secure access control ticketing infrastructure solutions, ticket marketing services, and ecommerce fulfilment capabilities. Etix clients include venues, arenas, festivals, fairs, performing arts centers, and multi-use facilities. The ABC of  PCI Validated Point-to-Point Encryption According to PCI DSS Guide, P2PE, or point-to-point encryption, is a security standard developed by the Payment Card Industry (PCI) to ensure that payment card data is encrypted from the start to the finish of a transaction.

Many companies provide data encryption services, but not all of them are created equal. By definition, P2PE maintains merchant communication channels that tokenization cannot do between the payment device and the processing network in card environments, including traditional and mobile points of sale. P2PE will encrypt sensitive payment card data during transmission.

As explained in the guide, payment data remains encrypted until it reaches a secure decryption environment. P2PE adds an additional security layer to the payment process and protects consumers’ payment information from various attacks, including malware infections on the POS terminal or system. The guide specifies that encryption helps secure sensitive data.

P2PE refers specifically to the technology that uses encryption at the point of payment card acceptance up to the point where the payment transaction is made. In addition to a P2PE solution provider, new hardware solution requirements and testing procedures can affect point-of-interaction (POI) manufacturers, application developers, third parties, vendors, and integrators. P2PE can protect payment data in the event of a breach.

It also lowers the data’s value, so the data cannot be used even if it is stolen. This way, companies build a way to reduce the risk of a breach and limit its financial risk. .


Aug 31, 2022 13:05
Original link