Point to Point Encryption
P2PE Ingenico Bolt Payment System API
The Ingenico credit card EMV chip machine equipment communicates using our Bolt API through a gateway directly to a processor which creates a semi integrated environment. The terminal integration uses point to point encryption or P2PE through a secure application which will keep the software developer out of the scope of PCI compliance. Integrate a payment processing device with a custom POS software.
iPP320 / iPP350
Ingenico iSC Touch 250
I'd like more documentation on the Ingenico Bolt API
Payment Tokenization API
Cardsecure is an API solution for programming that will instantly encrypt sensitive card data at the point of sale. The credit card numbers will never be stored in your software application. All encrypted cardholder information is tokenized and stored in a PCI compliant cloud server called the cardconnect vault. Cardsecure supports storage of any data type, including any Personally Identifiable Information (PII). It will support Birth Date, Account Numbers, Social Security Number, and any other data through custom types.
I'd like more documentation on Cardsecure Tokenization
The Cardsecure server has an available HTTPS server service that can only tokenize cardholder data. Any other request it will return an HTTP Bad Request (400) response code. When used on a payment details web page it may eliminate real customer PAN’s from ever reaching the customers website.
The Web Tokenizer can be accessed via a merchant’s web browser by entering a card number into the web application screen and invoking an HTTPS call to the CardSecure server to tokenize the card number. The token value can then be used to process a transaction via the CardConnect gateway. Initiated from a web browser to eliminate customer primary account numbers (PANs) from ever touching the merchant’s application.
Tokenization of payment card numbers prior to being pasted into an Enterprise Program removes the application and the supporting systems infrastructure from the scope of the Payment Card Industry Data Security Standard (PCI-DSS) which results in considerable cost avoidance. A combination of tokenization and integrated hardware PANpad and P2PE terminals help take a business out of PCI scope which will reduce security requirements and cost of compliance.
There are certain tokenization methods in the industry that produce vulnerable multi-use tokens for multiple merchants. The Cardsecure tokens are single use and unique to each merchant and safeguarded against security risks. Bring the security benefits of Cardsecure tokenization to any website or software application with our intuitive API.
Every merchant account will have to stay compliant by completing a SAQ Self Assessment Questionnaire every year or they will be charged a monthly PCI non compliance fee.