Point-to-point Encryption. Decoded!

Share Article

YESpay now offers Point-to-Point Encryption - the latest technology that allows simple and secure payments through credit/debit cards at retail outlets while de-scoping PCI-DSS (payment card industry data security standard) certification process. This is achieved by simplifying the validation process by encrypting cardholder data at the time it enters a PINPAD/PED payment system and transporting it securely to payment processors, where it is decrypted, all within milliseconds! In today’s retail environment, where card data security is a major concern, Point-to-Point Encryption is emerging as an indispensible PCI-DSS solution.

YESpay logo

“Point-to-Point encryption saves retailers from frauds and keeps cardholder’s data safe while also relieving them of the hassle of keeping their systems updated with the PCI council PCI-DSS requirements”

Point-to-point Encryption – Maximum security for card payments across the globe
Point-to-Point Encryption (PTPE) ensures highest levels of security of cardholders’ data and hence eliminates possibilities of card data breaches at the merchant level. A cleverly PTPE designed solution also brings down the PINPAD/PED logistic costs involved at the merchant’s end along with the time involved in the payment process.

YESpay has taken a strategic initiative to make its payment solution global by being already live in over 35 countries in the European and the North American continents. This globalization enables the Company to offer a full cross-border and cross-continent solution to all multi-channel retailers using retail POS, unattended kiosks, wireless hospitality, Internet and mobile payments, all across the globe!
Getting to the bottom of it!

“Point-to-Point encryption saves retailers from frauds and keeps cardholder’s data safe while also relieving them of the hassle of keeping their systems updated with the PCI council PCI-DSS requirements”, quotes Chandra Patni, CEO and CTO, YESpay International Ltd.

The PCI council is now pushing the payment industry to adopt Point-to-Point Encryption as a requirement to be achieved by larger retailers throughout the payment process to achieve maximum security. Since it is a massive and expensive process most retailers want a solution that can help them descope PCI from their systems.

YESpay is certified to the highest level of security standards, PCI-DSS (level 1) and PA-DSS. The Company has also acquired PA-DSS certifications for its EasyV-suite of POS payment clients that links to the Point-of-Sale application in card present environments. As part of the PCI council’s new recommendations the data needs to be encrypted from the PINPAD/PED that is linked to the retail system all the way through to the payment gateway. To offer comprehensive solutions to our retailers YESpay provides two kinds of encryption:
Network-level Point-to-Point Encryption where YESpay encrypts the data from the PINPAD/PED to the remotely YESpay hosted payment client at the payment gateway. This solution is used mostly with retail POS and kiosks reliably connected via the Internet to the YESpay EMBOSS payment gateway. YESpay has implemented this solution for Fujifilm recently for its self-service kiosks. The solution has been able to overcome several challenges faced by FujiFilm like difficulty in keeping the kiosk computer secure from virus, limitation on the number of tills accepting payments, meeting quick merchant kiosk deployment, de-scoping PCI-DSS for the merchant, etc. Network level encryption enables Fujifilm merchants to achieve Point-to-Point Encryption from the kiosk or retail POS PINPAD/PED to the YESpay EMBOSS datacenter, thus eliminating full PCI-DSS certification.

Some retailers may require card data-level encryption supporting off-line payment processing depending on the nature and volume of their card payments. So YESpay is now proposing Data-level Point-to-Point Encryption, which supports card data level encryption from the PINPAD/PED to the EMBOSS datacenter. The card data gets encrypted using Format Preserving Encryption (FPE) all the way from the PINPAD/PED through EasyV without any decryption straight away into YESpay’s payment gateway, EMBOSS, which decrypts the data before onward transfer to the card acquirers for authorization and settlement.

Both Network-level and Data-level Point-to-Point Encryption solutions ensure that at no single point in time does credit or debit card data transfer through the retail network in an unencrypted manner, which every retailer desires!
3 further key advantages to using YESpay PTPE solution are:

  •     YESpay does not rely on software level encryption. Instead, at the EMBOSS host, YESpay uses the fastest and most robust HSMs (Hardware Security Modules) by Futurex, which manages high volume transactions for large retailers. Futurex has more than 30 years of history in the cryptographic security business with more than 15,000 customers worldwide. Our HSM is the world’s fastest with a speed of about 2,250 TPS, supports NEW DCDK command for Point-to-Point PAN decryption using DUKPT keys, supports all EMV card transactions and has redundant power supplies and Ethernet ports.
  •     There is no requirement to write new software each time the solution has to be implemented for a new retailer. The encryption is done within PED manufacturer OS (operating system) level and hence can be universally used.
  •     All PINPAD/PED key injections are remotely done from YESpay’s datacenters online, and thus retailers can avoid this key loading process happening in secure key-injection facilities.

What makes YESpay a good choice?

  •     24x7 100% fault tolerance because YESpay payment gateways are based on a Cloud Computing Architecture which provides 100% availability of credit and debit card authorization processing through its cloud dual datacenters. Indeed, offered as a SaaS (Software as a Service) model, the key to the success of YESpay’s fully EMV Chip & PIN, PCI- DSS (Level 1) and PA-DSS certified EMBOSS payment service is its unique ‘Cloud ACTIVE-ACTIVE computing architecture’, which delivers its reliability, security and service quality. YESpay’s commitment to card security does not stop here, as it supports a free feature called Tokenization wherein “tokens” are linked to credit/debit card details within EMBOSS compliant environment and then provided to merchants.
  •     YESpay’s solution uses hardware based encryption solution (HSM) as opposed to software encryption, which makes it a very safe choice. With multiple HSMs operating in real time there is no chance of a single point failure. HSMs are far more resilient, cost-effective and provide a universal solution as against a software encryption solution.
  •     YESpay has used only industry standard technologies like FPE (Format Preserving Encryption) , DUKPT, SSL instead of going down the proprietary key management and cryptography route. This is why YESpay’ solution is more compliant with the mandates and recommendations of the PCI Council.
  •     All retailers who are looking at just retail point-of-sale are certainly looking for strategies to enable them to extend their capabilities to new channels in the coming times. And YESpay is a multi-channel vendor! From POS, Kiosk, Hospitality, Internet to now Mobile Payments!
  •     YESpay is the only company that provides remote online key management. YESpay authenticates the PINPAD/PED from the retail store directly with the datacenter and re-initializes it too. This voids the need to use any key-injection facility such as a secure room, which reduces the management and swapping costs and overall hassles for the retailers.

About YESpay International Limited:     
YESpay International Ltd. provides highly secure and scalable EMV Chip & PIN and Interac credit/debit, contactless, e-commerce and gift card payment services to merchants in Europe and North America. Through EMBOSS, YESpay’s payment gateway, merchants can accept integrated card payments within EPOS, MOTO and e-commerce systems with minimal capital investment and low services costs. EMBOSS has been generically pre-accredited by major Card Acquirers in Europe and North America (including First Data Merchant Service, Chase Paymentech) ensuring merchants can upgrade their retail systems within 2-4 weeks without further bank approvals. Besides, EMBOSS is end to end PCI DSS Level 1 certified and supports enhanced security features such as Point-to-Point encryption and tokenization, making sure that no card data is exposed to the merchant or transmitted over unsecure networks.
PR Contact: Nitasha Jain, Marketing Manager, ext.402, nitasha.jain(at)yes-pay(dot)com

Share article on social media or email:

View article via:

Pdf Print

Contact Author

Nitasha Jain
+44 (0)871 221 9510 402
Email >
Visit website