This website uses cookies to ensure you get the best experience on our website. Learn more

Contact Us |
Home |About Us | Blog | Global Encryption Standard Has Hit a Tipping Point: It Might Be Time for Your Business by Marc White, Chief Security Officer, Optomany

Mention the Payment Card Industry Data Security Standard (PCI DSS) to any retailer and they’ll probably heave a sigh. Although it’s a crucial piece of industry regulation designed to improve card data security, compliance can be extremely time- and resource-consuming, especially for those businesses with less cash to throw at the problem.

That’s why the PCI’s latest point-to-point encryption standard, known as P2PE v2, is such a win for the industry, reducing compliance costs and in-scope data. The good news is that there are now over 200 payment systems worldwide certified with P2PE v2, offering more choice for businesses all over the globe. It could be time for you to take a look.

A global first

At Optomany we’re always looking for ways to improve payments for our clients and their customers. That could be via a range of innovative in-store card machines, our online analytics and management portal, or even by enhancing security. Our leadership in this space saw Optomany’s axept® platform on PAX terminals achieve a global first with P2PE v2 approval, now also extended to Worldline terminals. Our solution was validated by partner Foregenix, the global cyber security experts that has validated nearly half (47%) of all global systems with the new PCI standard.

Retailers remain an attractive target for cyber-criminals, who view them as a one-stop-shop for customer card data. In fact, the sheer volume of stolen card data flooding the dark web is such that cards can be bought by fraudsters for as little as £4 each. That’s why PCI DSS was created, to mandate a strict set of security requirements for keeping that data safe and locked away from hackers.

Unfortunately, compliance can be onerous and not a merchant’s core competence. And with fines on average amounting to £134 per stolen record, even those who process only a few thousands transactions per year could be faced with major bill if their security is found wanting. The advent of GDPR makes the need to protect data an even greater priority.

How it works

This is where P2PE comes in handy. It’s designed to ensure all card data is encrypted according to industry standard algorithms from the moment it is entered into a chip and PIN device in your store to the moment it’s decrypted in a secure environment outside your organisation. Usually this environment is run by a payment processor like Optomany or an acquiring bank.

This means that even if cyber crooks get their hands on that data, for example by inserting malware onto a POS system, they won’t be able to read or use it. Because it securely encrypts this data, rendering it unintelligible to any third-party, P2PE also reduces the number of PCI requirements a retailer must follow, from over 300 to fewer than 35.

To find out more about how Optomany can help you reduce your PCI DSS compliance costs and scope, whilst improving card security, get in touch today.

we can help you find the best solution
to suit your business

Give us a call on
+44 (0)208 102 8000

email us at