Reducing security risks
and frauds
Reducing security risks
and frauds
by geobridge

Point to Point Encryption (P2PE)

For decades the only sensitive data encrypted in a payment transaction had been the Personal Identification Number. GEOBRIDGE has been the market leader in PIN encryption techniques for over 20 years. So, it’s only natural that the market would look to GEOBRIDGE for guidance on how to apply the same level of expertise to all sensitive data. Fields are longer and the data is utilized differently. Routing decisions must be made based on the protected data. Translations must occur without compromising the data being relayed. Organizations don’t have the time and money to implement solutions through trial and error they have to get it right the first time.

Point-to-point encryption solutions in payments refer to systems where sensitive customer Personal information (PI) is encrypted at the point of entry, and remains encrypted until received by the entry requiring the information for transaction processing.

Protected data can include:

• Entire card track 1 and 2 data
• PAN data
• Expiration date
• CVV/CVC/CSC values
• Transaction-specific data (merchant, transaction amount)

Properly implemented, point-to-point encryption solutions provide significant customer protection and transaction security.

P2PE is a necessity to maintain a competitive advantage in today’s payment marketplace. The transmission of any unprotected sensitive data is no longer acceptable in modern payment networks. Independent of certifications and compliance mandates, the continued viability of any payment processor relies on the security associated with point-to-point encryption solutions. GEOBRIDGE has assisted dozens of companies in the effective deployment of P2PE solutions along with numerous companies that achieved PCI P2PE certifications.

Let GEOBRIDGE help to ease the burden of preparing for PCI audits. GEOBRIDGE has been an active participant with the PCI SSC since 2008, as well as an active participant in ASC X9 that creates many standards leveraged by PCI. We know the requirements and how to satisfy them. Let us take the worry and confusion out of the audit process; we can perform pre-audits that identify what areas of your network and P2PE solution are non-compliant, and suggest the most cost-effective remediation. We’ll guide you to prepare the required documentation, and review it prior to the auditor arriving at your door. We’ll help you to create the procedures and logs that simplify and clarify those dreaded “Documented procedures are in place and implemented…” requirements.

An effective point-to-point encryption solution requires:

PCI P2PE-enabled terminals: GEOBRIDGE works with all major terminal vendors to ensure that we understand terminal requirements, and enable secure P2PE key loading.

Compliant Key Injection Facilities: GEOBRIDGE works hard to guarantee that the KeyBRIDGE key injection tool is the heart of a KIF that is easy to use and PCI P2PE-compliant. KeyBRIDGE is the best-in-class de-facto standard tool of choice for terminal key management – it supports over 300 POI devices, with more added each month.

PCI P2PE-compatible HSMs: A P2PE solution is incomplete without compatible, compliant HSMs to perform decryption at the transaction acquirer. GEOBRIDGE’s partnership with Thales assures that we can provide effective application guidance when you are integrating the payShield into your P2PE processing, and assist with custom command design should your P2PE solution require it.

GEOBRIDGE possesses experience and demonstrated expertise on both ends of a transaction. The KeyBRIDGE appliance has been developed to support the secure key delivery for any key usage to over 300 unique devices. On the acquiring end of the transaction GEOBRIDGE deploys and supports hundreds of HSMs throughout the world. As a systems integrator, GEOBRIDGE works beyond the technology to understand the interdependencies of all involved systems to ensure the highest security and compliance.

Establishing longstanding customer relationships.