News

CardConnect P2PE solution gains PCI SSC validation

The creator of CardSecure says that widespread adoption of point-to-point encryption is a necessary step in stopping malicious card data hackers.

May 21, 2015

CardConnect, a payment processing and technology solutions provider and the creator of the Card Secure encryption solution, has been listed as a validated solution and application for point-to-point encryption by the Payment Card Industry Security Standards Council, a company news release said.

To achieve validation, CardConnect's CardSecure solution was required to meet PCI SSC controls and requirements including:

• secure encryption of payment card data at the point of interaction;
• secure management of encryption and decryption devices;
• management of decryption environment and all decrypted account data; and
• use of secure encryption methodologies and cryptographic key operations, including key generation, distribution, loading-injection, administration and use.

"The data breach at retailer Target marked the beginning of a new era, and now the theft of personal and credit card data is something, sadly, the majority of us have had to deal with — sometimes multiple times," said Jeff Shanahan, president and CEO of CardConnect. "As a payments company, our goal is simple: Raise the bar for securing payments. Receiving validation from the PCI Council for CardSecure, our point-to-point encryption solution, is a testament to that. Widespread adoption of point-to-point encryption is the necessary step in stopping malicious hackers in their tracks."

CardSecure P2PE supports NFC and EMV and is currently validated to integrate with several Ingenico terminals. The company also offers an API integration extending to secure retail POS applications.