Point-to-Point Encryption

Point-to-point encryption (P2PE) is the Payment Card Industry (PCI) standard for cryptography to securely collect and exchange payment information from an in-person device or terminal.

PCI-validated Point-To-Point Encryption (P2PE) drastically reduces your PCI scope for card-present payments and unifies payment data across all channels and processors. An in-person payment solution is not considered P2PE unless it has been reviewed and validated by the PCI council. Solutions that are not PCI-validated are not considered P2PE and will incur additional PCI scope.

How it Works

Payment card information is encrypted on the payment device using IXOPAY encryption keys.

The encrypted codes are then sent to IXOPAY for decryption. 

Once the data is decrypted back to the original card information, it is sent to the appropriate payment processor. 

The merchant then receives a notification if the payment is accepted or rejected. This notification includes a Universal Token that the merchant can store. 

Universal Tokens are generated specifically for the merchant and represent the original transaction. The merchant can use the universal token to refer back to the transaction or even refund the customer without the customer’s card information.