Validated Point-to-Point Encryption

Overview

Clearent’s layered security approach uses Point-to-Point Encryption (P2PE) to protect sensitive card data in transit until it reaches its final destination.

Customer data is encrypted as soon as a card is swiped, dipped, keyed or tapped and remains encrypted until it reaches Clearent’s PCI-compliant data center. This prevents hackers and thieves from deciphering sensitive card information in the event of a breach.

Clearent’s P2PE solution is PCI-validated. This means that our encryption, injection processes and key management processes have been through a rigorous review and validation process by the PCI Security Standards Council. 

What does that mean for you? It means you can eliminate PCI DSS scope for your platform and make PCI compliance faster and easier for your merchants. When your merchants use encrypted payment devices, they no longer have to run vulnerability scans or conduct penetration testing. They are also able to take the shortest self-assessment questionnaire, SAQ P2PE, which significantly reduces your merchants self-assessment questionnaire from 80+ questions to 32 questions.

How it works

Encryption is the process of encoding sensitive information. The only way to access the sensitive information is to unlock it with a key or password. In the event of a breach, encrypted data is useless to a hacker without the key. 

clearent-p2pe

P2PE is a type of encryption technology that protects sensitive card data until it reaches a safe decryption environment. PCI-validated P2PE is the gold standard for data encryption and reduces business owners’ PCI scope.

Clearent’s Layered Security Approach

PCI-validated P2PE

Tokenization

Quick Chip for EMV

PCI Compliance