Bluefin Payment Systems, which offers point-to-point encryption (P2PE) solutions to several industries, including retail and health care, said on Tuesday (May 3) that it will also add the Visa Data Secure Platform (DSP) to its portfolio, through its Decryption-as-a-Service P2PE Solution.
The firm said that its technology first encrypts cardholder data within a PCI-compliant, P2PE-ready device, which helps prevent readable text from being seen across systems or networks, thus thwarting the chance for a data breach. The data itself is of no value to would-be hackers, and it is not decrypted until it reaches the Bluefin platform.
In reference to the Visa expansion, the movement to embrace more merchants comes from payment gateway partners that include Echosat, Merchant Link, USAePay, TNS, 3Delta Systems, WorldNet, Anywhere Commerce and several hundred other ISV, ERP, SaaS and POS players.
PCI Security Standard Council-approved firms must be aware of and meet what Bluefin termed strong custody requirements. Those firms that meet the requirements within the POS environment then become eligible for the 35-question SAQ P2PE — which, according to the release, marks a significant reduction from the 332-question SAQ D.
In a statement that accompanied the release, Bluefin Chief Innovation Officer Ruston Miles said: “The EMV liability shift deadline passed in Oct. 2015. With EMV, merchants now have a tool to combat fraud in the form of counterfeit cards. According to the 2015 Verizon Data Breach Investigations Report, five malware events occur every second, which totals 170 million malware attacks per year."
“With counterfeit card fraud in the rearview mirror,” he added, “we are seeing merchants refocus on data security to protect their POS systems from leaking card data to malware. Bluefin's PCI-validated P2PE Solution and Visa’s DSP come together to provide an industry-leading solution.”