Bluefin Payment Systems is making point-to-point encryption available to large merchants that use Heartland Payment Systems as a processor, a key move as U.S businesses grapple with the migration to chip cards.

Through the partnership, Heartland will provide clients with web-delivered encryption through Bluefin's application interface. Bluefin will handle decryption of the card data in its hardware security module environment, while Heartland continues to process the transactions.

Businesses can use a combination of Bluefin's Decryptx and the Heartland platform to obtain Payment Card Industry-validated P2P encryption without changing the relationship with their merchant acquirer, Bluefin said in a Feb. 17 press release.

Decryptx encrypts all data within a PCI-approved point of entry swipe or keypad device, preventing clear-text cardholder data from being available in the device or the merchant's system where it could be exposed to malware, Atlanta, Ga.-based Bluefin said.

Security experts consider P2P encryption services a vital complement to the introduction of EMV chip cards in the U.S. payments market.

Encryption secures data as it flows through a network, while EMV creates a unique cryptogram for each transaction that will not allow data swiping at the point of sale or through stolen cards, which is common with easy-to-duplicate mag-stripe technology.

“Cyberattacks will never go away," John M. Perry, CEO of Bluefin, stated in the release.

"Stolen credit card data is too valuable to a fraudster, whether used at the point of sale or in the e-commerce environment."

A holistic security approach to payments – which includes PCI-validated P2PE – must be adopted to render card data useless, Perry added.

Subscribe Now

Authoritative analysis and perspective for every segment of the payments industry

14-Day Free Trial

Authoritative analysis and perspective for every segment of the industry