No Change to Your Payment Processing
Bluefin is currently the only PCI P2PE provider that has decoupled P2PE from payment processing so that companies can easily benefit from our validated solution through their current payment provider. Processors, payment gateways and ISVs simply complete an API connection with Bluefin to provide our validated solution on their platform – with no change to your processing environment required. View our full listing of partners.
Why PCI-Validated P2PE?
PCI P2PE certified devices are more secure and are designed to detect tampering. If malicious activity is detected, the device is automatically deactivated, preventing a breach at the point of entry (also called point-of-interaction, or POI) device.
Chain of Custody
PCI-validated P2PE includes a built-in “chain of custody” process for managing PCI P2PE certified devices. The Bluefin solution includes access to our online P2PE Manager where you can track and report on all POI devices for PCI attestation and compliance.
All PCI-validated P2PE solution providers must abide by strict controls to protect encryption keys. Device key injection is done directly at a certified Key Injection Facility (KIF) and decryption only occurs in the Bluefin hardware environment (HSM).
Reduced PCI Assessment
Simplified Device Management
Every merchant that utilizes the Bluefin P2PE solutions have access to our P2PE Manager®, a 100% online system that enables merchants to monitor the complete lifecycle of each payment device while administering P2PE activities and ensuring compliance.
- Manage: Users, Partners, Clients, Locations
- Devices: Device Deployment, Activation, Termination
- Shipments: Track Device Shipping (chain of custody)
- Equipment: Deploy New Equipment, Order Inventory
- Transactions: Transactional, Device, User History
- Attestations: Create or Upload Attestations