What is Point-to-Point Encryption?

Definition: Point-to-point encryption (P2PE) is an encryption standard established by the PCI Security Standards Council which protects cardholder data when a payment is made.


Point-to-point encryption explained

Point to point encryption encrypts payment card data from the point of capture, such as when the card is read by a card payment terminal, until it reaches the secure decryption endpoint Once received, the payment processor decrypts the data and either approves or declines the transaction. Encryption is the process of converting the payment card data into an unintelligible form.

Point-to-point Encryption Chart

The objective of P2PE and end-to-end encryption (E2EE) is to provide a payment security solution that encrypts confidential payment card data and information into indecipherable code when the card is used, preventing hacking and fraud. Even if a hacker were to intercept a particular transaction, the information obtained would be indecipherable since it would still be in its encrypted form. In order to decrypt the information, the user must possess the encryption keys, which are only made available to authorized parties.

In an increasingly complex regulatory environment, P2PE is intended to maximize the security of payment card transactions.

In order to achieve P2PE compliance, organizations must demonstrate that all transaction information is fully encrypted, that any hardware involved in the offering is securely managed, and that any cryptographic keys used in the process are generated, transmitted, and stored securely. Protecting keys within HSMs provides optimal security.



Blog posts

Blog posts

Related products

Related products

Contact us

We look forward to answering your questions.

How can we help you?

Talk to one of our specialists and find out how Utimaco can support you today.
You have selected two different types of downloads, so you need to submit different forms which you can select via the two tabs.

Your download request(s):

    By submitting below form you will receive links for your selected downloads.

    Your download request(s):

      For this type of documents, your e-mail address needs to be verified. You will receive the links for your selected downloads via e-mail after submitting below form.

      Your collection of download requests is empty. Visit our Downloads section and select from resources such as data sheets, white papers, webinar recordings and much more.