Cardsecure Point to Point Encryption P2PE
The Cardsecure point to point encryption is an omnichannel solution that will instantly encrypt sensitive card data at the point of sale. Your customer's credit card number will never be stored in your software application. All encrypted cardholder information is stored in our 100% PCI compliant cardconnect vault cloud environment. Our unique tokenization process is mathematically irreversible which offers consumers total protection from identity theft. These intelligent tokens will comply with data integrity checks such as the Luhn test and those performed by various ERP systems. CardSecure P2PE payment processing terminals are malware protected which means if the POS system is compromised the device is instantly disabled thus preventing an attack from taking place.
Cardsecure supports storage of any data type, including any Personally Identifiable Information (PII). It will support Birth Date, Account Numbers, Social Security Number, and any other data through custom types. Cardsecure provides tools for the generation of Data Encrypting Keys, that can be managed using the application. The system can “Rollover” encrypted data from an older Data Encrypting Key to a new one to avoid disruptions when a new key is used.
P2PE Ingenico Bolt Payment System API
iPP320 / iPP350
Ingenico iSC Touch 250
Please Contact me with More Information
The Cardsecure server has an available HTTPS server service that can only tokenize cardholder data. Any other request it will return an HTTP Bad Request (400) response code. When used on a payment details web page it may eliminate real customer PAN’s from ever reaching the customers website.
The Web Tokenizer can be accessed via a merchant’s web browser by entering a card number into the web application screen and invoking an HTTPS call to the CardSecure server to tokenize the card number. The token value can then be used to process a transaction via the CardConnect gateway. Initiated from a web browser to eliminate customer primary account numbers (PANs) from ever touching the merchant’s application.
Tokenization of payment card numbers prior to being pasted into an Enterprise Program removes the application and the supporting systems infrastructure from the scope of the Payment Card Industry Data Security Standard (PCI-DSS) which results in considerable cost avoidance. A combination of tokenization and integrated hardware PANpad and P2PE terminals help take a business out of PCI scope which will reduce security requirements and cost of compliance.
There are certain tokenization methods in the industry that produce vulnerable multi-use tokens for multiple merchants. The Cardsecure tokens are single use and unique to each merchant and safeguarded against security risks. Bring the security benefits of Cardsecure tokenization to any website or software application with our intuitive API.
Every merchant account will have to stay compliant by completing a SAQ Self Assessment Questionnaire every year or they will be charged a monthly PCI non compliance fee.