Ensuring the payment security of our customers and the end-users is our top priority, and we take this responsibility seriously. We are proud to be the only payment processor in South Africa that offers a bank agnostic fully PCI P2PE-validated solution. Whilst all payment processors are PCI DSS certified, it’s important to note that P2PE adds an extra layer of payment compliance and protection.
The PCI SSC (Payment Card Industry Security Standards Council) is a global forum that continuously evaluates, streamlines and publishes industry-influencing guidelines, assisting those institutions that comply with these guidelines to provide payment solutions that customers can trust.
P2PE (Point-to-Point Encryption) is a standard established by the PCI Security Standard Council. It protects both the merchant and end-user. End-user card data is encrypted from the point of insertion (POI) such as a card reader, effectively rendering the information it gathers useless to skimming attacks that target the data at its point of entry. The encrypted data is safe to transfer over the networks on its way to our environment, where we will be able to securely pass the data on to the bank to complete the transaction.
Because cardholder data is immediately encrypted and then transferred to the bank, it never needs to be handled by the merchant. If the merchant stored this sensitive data within their systems, that would widen their scope for PCI compliance dramatically.
The data can only be decrypted in a PCI validated cardholder data environment and requires the same encryption key loaded on the POI device and in the decryption zone. The keys for encryption and decryption are never available to a merchant, making sensitive card data entirely invisible to the retailer.
- The securing of cardholder data using established strong encryption processes gives our customers (and theirs) peace of mind that sensitive card data is protected from breaches.
- A simplification of the overall PCI validation process due to significant scope reduction benefits.
- Reduction in the number of SAQ-D questions on a merchant’s PCI Assessment from 332 to 33 using SAQ-P2PE.
- Significant cost savings to our customers in association with its own PCI compliance requirements by indicating that its solution is validated by the PCI Security Standards Council.
We don’t cut any corners when it comes to safeguarding our customers and the end-users, and we are committed to providing the highest level of payment security. We invite you to ask us any questions you may have about our P2PE validated platform.
Please don’t hesitate to contact us at 021 525 3100 or sales@switch.tj. We look forward to hearing from you!