What is 'Point-To-Point Encryption (P2PE)'

Point-To-Point Encryption (P2PE) is an encryption standard established to provide a robust security solution for electronic financial transactions.

BREAKING DOWN 'Point-To-Point Encryption (P2PE)'

Point-To-Point Encryption (P2PE) is an encryption standard established by PCI Security Standards Council designed to provide a robust security solution for electronic financial transactions.  Under P2PE, transaction data is encrypted using the PCI standard from the time customer data is captured at the point of sale until it is transmitted to the payment processor, which decrypts the data and approves the transaction.

P2PE encryption provides increased security to electronic financial transactions. With this robust encryption in place, both merchants and consumers are at decreased risk of exposing personal and financial data during a transaction.

The encrypted data is indecipherable to third parties, so even in the event of a data breach the data is useless to any party without the encryption keys. Encryption keys are never made available to the retailer. While many there are many solutions available to protect customer data and transaction data, including tokenization and EMV authentication for chip-card transactions, P2PE is rated highly by industry stakeholders because it is administered via the PCI Security Standards Council.

P2PE providers include third-party hardware and software encryption solutions, including acquirers, payment gateways and card processors. P2PE providers are required to provide reliable, instantaneous service in electronic transactions in order to maintain P2PE certification.

P2PE and the PCI Security Standards Council

While there are other forms of encryption available on the market to secure transmissions of electronic information, only P2PE solution providers meet the standards set by PC! Security Standards Council.

To meet PCI standards, a P2PE solution must meet the following requirements:

  • Secure encryption of payment card data at the point of interaction
  • P2PE validated applications at the point of interaction
  • Secure management of encryption and decryption devices
  • Management of the decryption environment and all decrypted account data
  • Use of secure encryption methodologies and cryptographic key operations, including key generation, distribution, loading/injection, administration and usage.

The PCI Security Standards Council is a global forum for the financial transaction industry established to develop and enhance security standards in financial transactions. The PCI Security Standards Council was founded by five payment brands, including American Express, Discover Financial Services, JCB International, MasterCard and Visa to establish and deploy the PCI Data Security Standard. While the Council is governed by the five founding members as well as Strategic Members, enforcement of compliance with the standards, as well as determination of penalties for non-compliance, is the responsibility of individual payment brands instead of the Council.

RELATED TERMS
  1. Encryption

    Encryption is a means of securing digital date using an algorithm ...
  2. PCI Compliance

    Payment card industry (PCI) compliance represents the operational ...
  3. Secure Electronic Transaction (SET)

    Secure electronic transactions are early e-commerce protocols ...
  4. Data Anonymization

    Data anonymization seeks to protect private or sensitive data ...
  5. Cloning

    Cloning is copying stolen credit or debit card information to ...
  6. HTTPS

    Hypertext Transfer Protocol Secure (HTTPS) is a secure form of ...
Related Articles
  1. Tech

    Explaining the Crypto in Cryptocurrency

    Ever wondered about the cryptography involved in cryptocurrencies?
  2. Investing

    Symantec in First Benelux Partnership With Xolphin

    The Mountain View, Calif.-based cybersecurity pioneer strengthens its alliance with the Dutch firm.
  3. Tech

    Prevent Employees From Hacking You Computer System

    Cyber security attacks from a current or ex-employee can cause a lot of pain. Here is how to avoid such attacks.
  4. Insights

    Detailed Ways to Protect Digital Data

    Knowing how to protect digital data has become a big concern these days. Here are four easy ways to keep your personal information safe.
  5. Tech

    Protect Your Small Business from Cybercrime

    Small business owners are a growing target for cyber-attacks; protect yourself and your clients.
  6. Insights

    What Is the Dark Net?

    The Dark Net (or Darknet) is a subset of secret websites that exist on an encrypted network.
  7. Investing

    Apple, FBI Escalate Face-Off In Full Public View (AAPL)

    Monday morning, Apple Inc. CEO Tim Cook fired back again in the company's standoff with U.S. officials.
  8. Tech

    The Highest-Rating, Best-Selling Online Security Apps

    Online security apps are a big deal in this post-Snowden world. Here is a look at five of the highest-rated, best-selling secure messaging apps available.
  9. Tech

    What Is Cold Storage For Bitcoin And Why Does It Matter?

    With increasing incidents of hacking in the world of digital currency, cold storage offers a safe place for the cryptocurrency owners.
  10. Tech

    Russia Bans Telegram After Encryption Dispute

    A Russian court banned Telegram, the popular encrypted messaging app, after an 18-minute hearing on Friday.
RELATED FAQS
  1. What is the electronics sector?

    Learn more about the electronics sector, including the challenges and opportunities presented to electronics companies by ... Read Answer >>
  2. How is standard deviation used to determine risk?

    Understand the basics of calculation and interpretation of standard deviation, and how it is used to measure and determine ... Read Answer >>
Trading Center