The PCI Point to Point Encryption (P2PE) standard relates to hardware-based point-to-point encryption (P2PE) services. These services, provided by acquiring processors and payments gateways, utilizing PCI Point of Interaction (POI) validated terminals to provide encryption of cardholder data from the retail establishment through to the acquirer. The standard is also applicable to institutions that provide some part of the P2PE value chain including Key Injection Facilities, Certificate Authorities, and Software Developers that develop software for POI devices. PSC provides P2PE assessments service, as a qualified P2PE QSA and P2PE PA-QSA, certified by the PCI Security Standards Council.
For Acquiring Processors and Payment Gateways, PSC provides a turnkey Point-to-Point Encryption assessment service, as a qualified P2PE QSA and P2PE PA-QSA, certified by the PCI Security Standards Council.
Our approach utilizes three phases:
For Certificate Authorities, Software Developers and other vendors wishing to seek validation to only specific sections of the P2PE requirements or wishing to receive a P-ROV on an application, please contact PSC to discuss your requirements.