Posted August 23, 2019 by Bernard Clary

Stop Hackers Finding Gold in Your Data: A Quick Guide to P2PE

With so many touchpoints in the customer sales journey, it’s getting harder to lock-down retail payment chains against fraudsters (losses on UK-issued cards totalled £671.4 million in 2018). For many physical retailers, PCI compliance alone is no longer enough to ensure data security, protect customers and safeguard their business and reputation. That’s where point-to-point encryption (P2PE) comes in.

Why is P2PE important?

P2PE provides merchants with one of the most significant ways to minimize the risk of criminals stealing their cardholders’ data during in-store, face-to-face, card-present transactions.

What does it do?

P2PE protects credit card data from the point of sale (POS) as it travels through a merchant’s local network and across the internet before it reaches the payment processing system at the acquirer’s end.

How does it work?

It does this by encrypting data immediately upon entry from a payment terminal connected to the POS device to the third party secure environment where it is decrypted before authorization – from the starting point to the end point – hence its name. This encryption method utilizes complex encryption keys controlled by a P2PE solution provider, ensuring the merchant, or any third party, has no means of accessing the data traversing the network.

Why does this help?

Encrypting card data in this manner, means that even if a fraudster manages to capture it, they are unable to access the user’s ID or card data, without the relevant encryption/decryption keys. So, sensitive payment data can be safely sent through the entire payment chain without risk of compromise.

What about PCI Compliance?

P2PE is like a booster for PCI DSS – it goes further, is more exacting and safer than PCI DSS alone. And it makes achieving PCI compliance much simpler and less expensive too! That’s because it effectively takes the POS system and payment platform out of PCI scope, reducing time, effort and cost of compliance (but only if you use a PCI approved P2PE solution and provider, and follow the correct operational procedures).

Will it stop retail fraud?

No, it doesn’t prevent fraud using lost or stolen cards, but it does prevent criminals from accessing card data at the point of sale or while the cardholder data is in-transmission from the POS device to the payment processor.

Does it stop merchants using transaction data?

Not if you use it in tandem with a tokenization solution such as FreedomPay CardStorTM . This replaces the cardholder’s primary account number (PAN) with a ‘token’. Retailers can use tokens to identify the customer – for loyalty programs or automated form filling – and to supply transaction-based information to CRM systems and for business intelligence.

Is it hard or expensive to implement?

It can normally be integrated easily as part of your payment solution or platform using a PCI P2PE toolkit to provide the relevant encryption keys/pathways. If in doubt speak to your authorized payment provider. Any additional costs can often be quickly offset against time, effort and cost savings from PCI scope and audit reduction.

Still need to be convinced?

Here’s a quick summary of the benefits:

1. Simplifies PCI DSS compliance, reduces scope and cost
2. Extra data security without compromising customer experience
3. Minimizes risk of fraud, data breaches and subsequent fines, loss of custom and reputation
4. Data protection that keeps payment services simple
5. Used with tokenization, won’t affect loyalty programs or other commerce platforms
6. Software-based, easy to integrate – especially with FreedomPay.

Read more about payment security here.

SHARE NOW
Posted April 17, 2019 by FreedomPay

Where Has it Gone Wrong for the Brick and Mortar Retailers?

It is always sad to see an iconic British high street name like Debenhams fall by the wayside as several have done in the last few years. While there could still be hope for Debenhams, the latest in this sorry roll call, with a number of players vying to take control and turn it around, it has sent yet another warning message to other high street stores hoping to ride out brick and mortar’s decline.

It is abundantly clear that the brick and mortar model has been struggling for a number of years. Shrewd merchants have been adapting their strategy to compete with e-commerce and align with the ever-changing retail landscape, and those who haven’t adapted fast enough have felt the hit.
The convenience and speed at which online purchases can be made have been key factors in the migration of large chunks of market share from high street to online. Enormous overheads from rising rents (£4.3bn in operating lease commitments in Debenhams’ case) and the need for high numbers of staff, equates to high (and rising) costs with decreasing sales – a formula that even the best chief executives might struggle to work with.

While it would be foolish to say that all brick and mortar businesses are doomed, it is imperative for decision makers to review their strategy even if, so far, it has been working for the last 50 years; consumer needs and wants are rapidly evolving and loyalty programs need to keep pace with their expectations.
FreedomPay believes that connected commerce and customer centricity are the pillars of retail and loyalty programs today and tomorrow.

The importance of personalization and digital data

In order to entice the customer, one has to understand the identity of each person. For example, a vegan may not buy into 50% off sausage rolls. This can be done by analyzing the spending habits on an individual basis, for example, using your systems data to identify who your top-spending customers are and rewarding them. Not only that but by crunching the data to see what they buy from you and when, you can reward them in a way that they will actually value highly, perhaps by offering discounts on the products they buy most often and not the ones they aren’t buying, i.e. the sausage rolls.

The megalithic online retailers understand the mantra and place the customer at the centre of their business operations. For brick and mortars, the ‘shopping experience’ is an asset they will always have to trump online retailers and should be utilized to assert an advantage. Aesthetically pleasing interiors and helpful employees are simple but effective examples. The experience is complemented by the ability to earn discounts, free samples, exclusive treatment and VIP access to entertainment. A loyalty card can drive repeat purchases and incentivize shoppers to come to stores and the website alike. Loyalty programs have proven to be a powerful experience for customers but it should be evolving to better please customers and retailers need to invest in modern data architecture that helps build a new personalized, customer centric loyalty model.

Find out more about customer centric models, by downloading the whitepaper: Personalization and Digital Identity: The Keys To Unlock Loyalty.

SHARE NOW
Posted September 01, 2016 by FreedomPay

Commitment to Service: FreedomPay Customers Leverage Our Expertise

October of 2015 marked a big month for FreedomPay customers – it represented the deadline for merchants to transition more than one billion payment cards to the EMV standard, and upwards of 12 million credit card terminals at merchant locations.  FreedomPay’s advanced commerce platform made the transition easy, and merchants are lauding the service expertise FreedomPay provided along the way.

16107292990_9b0e0df1be_b “Ensuring the security of consumer payment data is a top priority for merchants across all industries,” said Chris Kronenthal, Chief Technology Officer of FreedomPay. “Working with leading organizations in lodging, gaming, retail, foodservice, healthcare and higher education to implement PCI best practices including EMV, tokenization and Validated P2PE, FreedomPay is helping merchants secure their payment environment, prevent EMV liability exposure and reduce scope for PCI compliance.”

While FreedomPay’s innovative technology is the key to making transactions easier and more secure for customers, providing service that goes the extra mile is what sets us apart. This emphasis on service is why we offer on-site support for our stored-value program rollouts.  Clients of all sizes benefit from hands-on training and support for product launches.  For instance, we spend one day a week at the headquarters of one of our largest foodservice clients to ensure that we are meeting their needs as a partner.

We supply day-to-day account management to merchants to ensure their satisfaction. Our ten-person management team delivers expertise and experience in the payment industry, assisting our partners to solve for multifaceted challenges on demand.

Here at FreedomPay, we take pride in the fact that all members of the product support department are passionate about solving problems and finding technical solutions that truly address the needs of our customers.

We understand that our merchants aim to provide quality customer service, which is why we provide the same in return – especially during industry shifts like the transition to EMV.

When you partner with FreedomPay, you can rest assured that our team will provide exceptional, ongoing support to ensure that the products and services you use are deployed to your full satisfaction and are 100% operational.

Need help with anything? Our support team is available to current customers, partners, and future prospects. Visit FreedomPay online to learn more about our phenomenal customer service!

SHARE NOW