Paul Hampton, Product Manager, SafeNet
Everyday consumers assume that when making a purchase, online or in-store, their card data is handed off to a trusted source, with security in place to protect them. However protecting these transactions and the retail payment ecosystem has become increasingly complex, with recent data breaches of large retailers testament to the vulnerabilities.
In addition, compliance with PCI DSS fails to address some of these vulnerabilities resulting in potential exploitation with disastrous consequences. To address these security gaps the scope of security needs extending from the merchant, acquirer, switch and bank or card issuers to include the manufacturers of payment terminals at the point of sale and developers of payment application software.
Join your fellow professionals to understand how by using Point-to-Point Encryption, card data is encrypted from the earliest possible moment of its capture, and ensures that data remains in an encrypted state consistently until it arrives at the payment gateway.
Then understand why many merchants are considering P2PE not only to secure vulnerabilities, but also because it can effectively remove some of the merchant’s own security infrastructures from the scope of compliance with regulations such as PCI DSS. Lastly understand why encryption is only as secure as the encryption keys as when cryptography is used to protect valued data, the risk is transferred from the data to the keys.