by Paul Brennecker
Merchants can enhance data protection and simplify compliance efforts by adopting the PCI-approved point-to-point (P2PE) Standard v 2. Simpler to adhere to than the original version, the P2PE Standard v2 not only cryptographically protects account data from the moment the merchant accepts a payment but also brings greater flexibility for integration.
The PCI Security Standards Council describes the benefits of P2PE as providing ‘the strongest encryption protection’ for businesses while also stating that PCI-listed P2PE solutions ‘reduce where and how PCI DSS requirements apply’.
For merchants, P2PE solutions reduce where and how PCI DSS requirements apply, saving time and money in overall compliance without sacrificing security. As well as making account data unreadable by unauthorised parties it ‘de-values’ account data so that it cannot be abused if data is stolen.
The new P2PE Self-Assessment Questionnaire now includes only 26 PCI DSS requirements helping merchants to simplify compliance efforts. And with a recent upgrading of the P2PE standard in the PCI’s Version 2, the PCI has also made P2PE not only simpler but also more flexible. Version 2 still ensures that account data is protected but provides many more options for merchants and solution providers to work with.
For solution providers, the new flexibility of P2PE v2 is key, particularly when it comes to providing components for integration with P2PE solutions.
To ensure best adoption of the new standard, contact us.