For years now, the Payment Card Industry Security Standards Council (PCI SSC) has been the driving force behind the definition, articulation, and enforcement of security requirements for the payments industry. The PCI SSC has developed several standards, including the PCI Data Security Standard (PCI DSS), Payment Application Data Security Standard (PA-DSS), and PIN Transaction Security (PTS) requirements.
The same organization also defined PCI Point-to-Point Encryption (P2PE) standards. Through these standards, the PCI SSC details how providers of P2PE solutions can validate their solutions, and how, by leveraging these validated solutions, merchants can reduce the scope of their PCI DSS assessments.
Larger merchants may have hundreds or thousands of stores, which will mean there are thousands of point-of-sale (POS) systems and PIN entry devices (PEDs) that will be in scope and must be brought into compliance. Achieving and maintaining compliance is a complex, time consuming and costly process.
Simply by deploying a P2PE-compliant PED devices, merchants can effectively remove their stores from the scope of PCI DSS compliance. Consequently, for the vendors that serve the merchant community, delivering P2PE-compliant offerings to market can present a massive opportunity.
The P2PE standard includes a number of requirements relating to the use of Hardware Security Modules (HSM) for encryption, decryption, and key management. Only a small number of vendors have the ability to offer P2PE-compliant solutions, and the SafeNet Payment HSM has played a key role in helping these vendors bringing their P2PE solutions to market.
SafeNet Payment HSM (formerly Luna EFT) is a network-attached hardware security module (HSM) designed for retail payment system processing environments for credit, debit, e-purse and chip cards, as well as internet payment applications.
In developing the Solve DataShield offering, it was vital that we effectively comply with all the relevant PCI P2PE standards, including robust key management policies. Gemalto SafeNet Luna EFT HSMs delivered all the security capabilities that were required, while providing a platform that we could deploy quickly and manage efficiently.- Nick Stacey, Dir. of Business & Market Operations at The Logic Group
Payment Card Industry Point-to-Point Encryption (P2PE)
standards provide detailed guidelines for building payment
processing solutions that safeguard payment data at all times.
The Logic Group is a leading provider of multichannel payments and customer loyalty solutions to large corporate organisations in Europe. Because of SafeNet’s Luna EFT HSMs, The Logic Group’
Considering the growing exposure and potential
ramifications of information incidents – such as failed
regulatory audits, fines, litigation, breach notification
costs, market set-backs
Thank you for your interest in our products. Please fill out and submit the form to receive more information about Gemalto
or to be contacted by a Gemalto specialist.
By submitting this form I agree to receive information from Gemalto and its affiliates as described in our Privacy statement.