P2PE Opportunities and Challenges for Solution Providers
Developing and Executing a Successful Point-To-Point Encryption (P2PE) Strategy
The purpose of this document is to help payment processing organizations (e.g., gateways, processors, acquirers, point-of-sale providers, niche market payment enablement organizations, terminal software vendors, key injection facilities) devise a roadmap for building, releasing, and supporting payment terminal encryption services in adherence with the Payment Card Industry (PCI) point-to-point encryption (P2PE) program and supplementary guidance. Challenges facing solution and component providers are discussed, along with insight to help avoid these pitfalls to ensure successful validation and listing. Additional strategic options are also discussed to provide actionable compliance benefits for merchants through the transition, such as PCI’s guidance for Non-listed Encryption Solution Assessment (NESA).