Point-to-point Encryption


Point-to-point encryption technology evolved in response to emergence of new types of credit card fraud. Although SSL protection is always there, at communication level, point-to-point encryption provides additional protection layer for cardholder data.

There is no unified opinion as to which algorithm is the best one when it comes to point-to-point encryption. Some businesses use symmetric encryption keys and encrypt the data with triple-DES algorithm, while others choose asymmetric keys and such encryption\decryption algorithms as PGP.

Implementation of encryption logic and implementation decryption logic are the key issues to consider when it comes to some particular point-to-point encryption solution.

Decryption can be performed either at hardware or at software level. Hardware security modules (HSM) are often used for decryption. The advantage of HSM-based approach is that the encryption key never gets exposed, as it resides within a special hardware device.

Encryption can be performed at the point of card entry (or point of swipe), within a payment terminal, or outside the terminal (by a DLL library).

 Although security considerations provide the key reason for point-to-point encryption implementation, some merchants implement the approach, because it allows them to stay (or get) out of PCI scope. Often point-to-point encryption and tokenization are used “side-by-side”.

 More detailed information on point-to-point encryption is available on #Paylosophy.

Point-to-point Encryption обновлено: January 14, 2016 автором: Katherine Pensatori

About UniPay Gateway

UniPay Gateway is the accomplished payment gateway software, being flexible and customizable it meets the requirements of the most demanding clients.

The choice of UniPay gateway is the choice of the reliable, time and industry tested payment solution, which can help your business to become more competitive and profitable.

Request Demo

Recent Press Releases