Why is PCI P2PE compliance important?
P2PE (Point to Point encryption) is a secure way to process POS payments. The moment the card is swiped, the P2PE system converts information into a code that’s unreadable to the observer. This means the business taking the payment never holds customer card data in a format that could be accessible to thieves.
About PCI P2PE compliance
The payment card industry has its own independent Security Standards Council, which aims to protect businesses and consumers from the consequences of data theft. To make it easier for businesses to keep data secure, they recommend systems and practices that maximise security in payment services. It’s important to follow these recommendations for the financial safety of your customers, and therefore your business.
Safety for your customers
If you’re PCI P2PE compliant, customers can be confident that their card and bank account details are secure. P2PE card data storage systems ensure that even if a third party did manage to steal the data, it would be a string of meaningless code, unusable for fraudulent purposes. The transaction remains accessible by the merchant, but the data is never visible, so a query or refund could be carried out without anyone but the customer ever actually seeing any of their sensitive data.
Safety for your business
A compliant P2PE system means your business is at a much lower risk of fraud and data breaches. Fraud can have a devastating impact on any type of business, causing not only an immediate financial loss, but also loss of customer confidence and loyalty. Issues such as these can continue to cost a company money for years after the actual event.
PCI P2PE Compliance and PCI DSS
Any business that takes payments using point of sale technology must be assessed annually to ensure that they are compliant with DSS – the payment card industry’s Data Security Standard. If you are PCI P2PE compliant, this simplifies the process, as several of the criteria needed for a successful DSS assessment are automatically met by being P2PE compliant.
Compliance with PCI P2PE means you could save not just paperwork headaches, but also your money, and your customers’ money.
March 7, 2019