P2PE encryption or point to point, as it is sometimes called , can also be called IEEE or encryption end- to-end . P2PE with the card data is encrypted from the time the input data also comes from a terminal point of sale to the final location , where it is decrypted.
The final location is usually external to the dealer `s environment, and is associated with others, such as payment processors . Encryption is to minimize the risk of transmission of unauthorized data interception P2PE.
Hackers devote a lot of attention to the interception of data while in transmission. P2PE the technique known as packet detection involves the use of software that intercepts data in transit.
P2PE is perhaps the most popular solution of the payment card industry , and to comply with the conditions of the card data security standards in the industry , which is commonly known as PCI DS. Also suitable for corporate environments, because of the flexibility it offers .
Point solutions encrypted points are usually taken by others, and when applied to marketing companies that can be used to reduce the number and extent of credit cards that are exposed through the use of scanners with technology coding , P2PE if the data is encrypted before even reaching the point of sale device . Figures now becomes useless to unauthorized infections or even malware that may be incorporated into the POS terminal interception .
To be compatible solution should include the following elements.
• The data must be securely encrypted and P2PE validated at the point of origin or known as the interaction of POI .
• All devices encryption and decryption must be handled safely.
• All decrypted data must be handled and managed in a secure environment .
• The encryption methods and key operations such as distribution , administration, and the charge injection and the use must be P2PE addressed in secure environments.
Point to Point Encryption can reduce the amount of resources needed for safety. Most commands can be applied to a centralized background where decryption occurs in opposition to the application of solutions to multiple outputs P2PE. This reduces the number of networks and systems to meet the requirements of compliance with the PCI DS.
Point to Point Encryption slowly gaining greater acceptance as security technology , such as the limited number of products that meet the increase guidelines . Experienced respecting compliance guidelines , the delay is also one of the limitations P2PE because it often requires a considerable investment. Investment often includes updating existing software and hardware.
It is also important to note that P2PE is not a panacea, and is in no way intended to replace the security checks. Furthermore the use of encryption point to point, there should also have a very solid foundation for key management key encryption policies .
The only devices that need access to the keys used for the protection of confidential information are not listed as part of the process, otherwise the solution becomes easily useless P2PE.
 

