top of page
DatJP.jpg

PCI Point To Point Encryption

​

PCI Point To Point Encryption

 

 

Point to point encryption (PCI P2PE) provides the most secure and effective solution to protect sensitive cardholder data in combination with EMV and Tokenization, while potentially reducing the cost and scope of PCI DSS and PA-DSS. Encrypted cardholder data has no value if stolen, as only JollyPayments can decrypt the data. Our PCI P2PE solution means developers, ISVs and VARs have a powerful tool that helps protect their merchants from breaches.

 

​

How does P2PE work?

 

 

PCI P2PE ensures no actual cardholder data is exposed at any time during a transaction. It does this by encrypting the data inside the card reader or payment device, making it useless and void of any value if a skimming attack is attempted. Using the payment industry standard encryption algorithm, DUKPT (Derived Unique Key Per Transaction), a key is injected securely into each card reader or payment device when it’s manufactured and is used to encrypt every single transaction. Each transaction remains encrypted until received by JollyPayments, where we then pass on the decrypted information via our secure payment gateway to the bank or processor for authorization

​

1. At the point of card acceptance, i.e. within the card reader or payment device, the card data is securely encrypted. 

​​

2. It can then be passed freely over standard public networks to the payment gateway and processor.

​

3. Once within the secure data zone of NMI’s PCI DSS certified payment gateway, it is decrypted and passed to the bank           processor for authorization.

​

​

​

P2PE Benefits

​

  • Easy integration through the use of our ChipDNA SDK

​

  • Reduce scope, complexity and compliance cost of PCI DSS

​

  • Simplified PA-DSS for equipment manufacturers

​

  • Mitigate the risk of cardholder data fraud

​

  • Reduce financial liability

​

  • Reduce software development cost

​

  • Increased cardholder data protection

​

  • Simplified payment processing architecture

 

 

P2PE vs. PCI P2PE

 

 

Only PCI validated and listed P2PE solutions, such as ChipDNA, Customer-Present Cloud can reduce the scope of the cardholder data environment, which helps simplify compliance efforts for merchants with PCI DSS.

​

Implementation

 

 

JollyPayments Gateway Platform ChipDNA PCI P2PE certification covers multiple EMV chip card payment devices often used in retail and hospitality, as well as self-service applications commonly seen in parking, vending or transportation environments.

​

​

PCI P2PE can help protect you from:

​

  • Loss of cardholder data in the event of a breach

​

  • Brand and reputation damage

​

  • Loss of revenues

​

  • Payment brand penalties

​

  • PCI fines

​

​

P2PE Partners

 

 

This omni-channel device support is made possible through close collaboration between JollyPayments Gateway Platform and the manufacturers’ distribution partners Hemisphere West Europe, Secure Retail, UCP, and The Phoenix Group.

​

bottom of page