Verifone and Bluefin Partner on Encryption Tech

Companies working to implement multiple configurations and processing options

SAN JOSE, Calif. -- Verifone, a worldwide provider of payments and commerce solutions, and Bluefin, a global payment security platform, are partnering to provide Bluefin’s Payment Card Industry (PCI)-validated Point-to-Point Encryption (P2PE) security solution to merchants through Verifone’s Point or Retail Transaction Switch (RTS) solutions. PCI is a security standards council for payments made up of representatives from merchants, financial institutions, processors and more.

The Verifone Validated P2PE solution, which can now be viewed on the PCI P2PE Solution website, is an incremental offering within Verifone’s industry-leading payment security product line. It will be available to meet the needs of merchants of all sizes, and it offers multiple configurations and processing options.

“Merchants around the globe are looking to fully certified PCI P2PE solutions for protection from threats to consumer and card data,” said John M. Perry, CEO of Bluefin. “In partnership with Verifone, we are delighted to protect retailers and merchants with the best-in-breed security solution that offers PCI DSS scope relief and secures cardholder data.”

To be certified as a PCI-validated P2PE solution requires that the payment solution adopts specific physical, logical and operational security controls. The implementation of these controls is ultimately reviewed by a special P2PE Qualified Security Assessor (QSA) and then again by PCI prior to a solution being deemed “Validated P2PE Certified.” The purpose of this process is to ensure that an encrypting payment solution has been implemented in a way which truly reduces data compromise risk.

“We are a client-first company, and with this new partnership, we give merchants greater peace of mind, freeing them to focus on running their business and serving their customers,” said Joe Mach, president of North America for Verifone. “Our mission is to bring simplicity to doing business today by looking for new ways to ease the points of friction in payments and commerce.”

The partnership helps secure credit- and debit-card transactions by encrypting all data within a PCI-approved point-of-entry device. This prevents clear-text cardholder data from being available within the device, or in the merchant’s system where exposure to malware is possible. Data decryption always occurs off-site in a Bluefin hardware security module (HSM), ensuring the highest level of security.

San Jose, Calif.-based Verifone works with more than 30 million payment and commerce devices in more than 150 countries. The company works with a variety of organizations, from retail brands to financial institutions and payment providers. Verifone is currently being acquired by an investor group led by Francisco Partners, a technology-focused private-equity firm.

Bluefin Payment Systems, Atlanta, is a provider of secure payment technology for independent software vendors (ISVs), enterprises, retailers, financial institutions and small- to medium-sized businesses worldwide. Its proprietary PayConex platform features PCI-validated P2PE, the QuickSwipe mobile POS system, tokenization, transparent redirect and more.


More from our partners