Frequently Asked Question

What is a point-to-point encryption (P2PE) solution?

A point-to-point encryption (P2PE) solution is provided by a third party solution provider, and is a combination of secure devices, applications and processes that encrypt data from the point of interaction (for example, at the point of swipe or dip) until the data reaches the solution provider's secure decryption environment.

A PCI P2PE solution must include all of the following: ∑
  • Secure encryption of payment card data at the point-of-interaction (POI) ∑
  • P2PE-validated application(s) at the point-of-interaction ∑
  • Secure management of encryption and decryption devices ∑
  • Management of the decryption environment and all decrypted account data ∑
  • Use of secure encryption methodologies and cryptographic key operations, including key generation, distribution, loading/injection, administration and usage.
Please refer to the P2PE Standard and P2PE Program Guide for further information.
Article Number: 1160

Featured FAQ Articles