There are ambiguities with P2PE, and our industry is giving mixed messages to the merchant community
Merchants need to join the P2PE debate before it is too late, say Anderson Zaks
Anderson Zaks, a leading independent supplier of international card payment solutions has today published an article outlining the current situation regarding the Point-to-Point-Encryption (P2PE) element of the PCI card payment regulations. P2PE is not compulsory, however, Iain High, Managing Director at Anderson Zaks believes that many businesses are not aware of this. As a result many are coming under increasing pressure to purchase more complex card payment solutions than they really need as their first generation of chip and PIN terminals reach end of life.
While it has been around for a couple of years P2PE (which ensures that card information is passed securely from the point of payment to the acquirer/bank and that the merchant does not hold card information) is still in the early stages of market adoption, and different solutions that address various requirements are still evolving. The consensus of a recent meeting of Vendorcom members was that the future direction of P2PE is not yet defined, and therefore, a more open debate with merchants and retailers about the direction that the technology may take is to be welcomed and encouraged.
Where exactly is the ‘point’ within the merchant’s system from which the data needs to be encrypted? This gives rise to different opinions and different approaches. Device manufacturers build encryption into their PINpads, whereas software solution providers claim that their solutions encrypt or mask card data within the merchant’s systems and pass limited details back thus equally reducing the scope of PCI for the merchant.
The article goes on to explain the various options for P2PE, and stresses that while UK acquirers are not insisting on P2PE, merchants must be able to show that any card data held is secure.
Iain High stated; “There are ambiguities with P2PE, and our industry is giving mixed messages to the merchant community. No wonder they are confused and getting increasingly annoyed with card payments and what it entails”.
The fifth annual PCI SSC European Community Meeting is being held in Dublin from 22 – 24 October.
For a copy of the article please contact Andreina West, PR Artistry, +44 (0) 1491 639500 or email: email@example.com
NOTES to EDITORS
About Anderson Zaks
Anderson Zaks is a leading independent payment solution provider based in the UK, supplying integrated transaction processing software to deliver reliable and cost-effective electronic payments to many thousands of merchants.
Anderson Zaks RedCard software and managed services process card transactions for enterprises in the UK and worldwide. Catering to customers ranging from small corner shops through to multi-national corporations, Anderson Zaks supports transactions with acquiring banks and payment processors globally.
Anderson Zaks, a Level 1 Service Provider, is certified PCI DSS compliant.
For more information about Anderson Zaks and RedCard please visit: www.andersonzaks.com
For further information, please contact:
t. +44 (0)1344 317910
t. +44 (0) 1491 639500
This press release was distributed by ResponseSource Press Release Wire on behalf of PR Artistry Limited in the following categories: Business & Finance, Computing & Telecoms, for more information visit https://pressreleasewire.responsesource.com/about.