A recent article aimed at convenience store owners talks about PCI (Payment Card Industry) security compliance, in light of increasingly sophisticated hacking groups turning to “ easier systems, including those of small non-profit agencies and family businesses.”
For store owners — though this applies to any business owner who accepts credit, debit, and prepaid cards for purchases — the article mentions options that have been previously touched on here, including the eventual coming of “smart cards,” and ways to further secure the data on the magnetic strip of customers’ cards.
But the article also mentions “P2PE” — short for “point-to-point encryption,” which ensures that “card data is protected from the initial card swipe and all the way to the payment processor.” It can “completely eliminates the need for the retailer to secure customers’ magnetic-stripe data because the retailer never has possession of it.”
This process can help reduce costs for PCI compliance, which can often determine liability when there is a security breach.
But how does it work? VISA just announced their own encryption initiative, and summarizes the process by saying “the data can only be accessed, or unscrambled, with decryption keys held securely by the acquirer, gateway or Visa” and that “”Merchants large and small have expressed an interest in encryption as a way to protect cardholder data in their payment systems and simplify their security protocols.”
If you’re one of those merchants, and are interested in both simplifying and increasing the security of your customers’ — and your — charge transactions, contact your AVPS rep to find out more.