Point-to-Point Encryption Standard

E192645

The Point-to-Point Encryption Standard is a PCI SSC security framework that defines requirements for encrypting payment card data from the point of capture to the secure decryption endpoint to reduce fraud and PCI DSS scope.

All labels observed (3)

How this entity was disambiguated

Statements (48)

Predicate Object
instanceOf PCI SSC standard
encryption framework
security standard
abbreviation P2PE
appliesTo cardholder data
payment card data
benefit limits exposure of cardholder data in merchant systems
reduces number of PCI DSS controls applicable to merchants using validated P2PE solutions
supports secure processing of card-present transactions
defines requirements for encrypting payment card data from point of capture to secure decryption endpoint
developedBy PCI Security Standards Council
domain data encryption
payment card security
encryptionEndPoint secure decryption environment
encryptionStartPoint point of capture
focusesOn end-to-end protection of cardholder data
point-to-point encryption of payment data
fullName Point-to-Point Encryption Standard self-link
governingBody PCI Security Standards Council
includes requirements for decryption environments
requirements for encryption devices
requirements for incident response
requirements for key management
requirements for physical security controls
requirements for secure application development
objective ensure that clear-text account data is not available in merchant environments
segregate encrypted data from decryption keys
support PCI DSS compliance
primaryGoal protect payment card data during transmission
reduce PCI DSS scope for merchants
reduce payment card fraud
publisher PCI Security Standards Council
relatedTo PCI DSS
surface form: PCI Data Security Standard

PCI PIN Transaction Security
surface form: PCI PIN Transaction Security requirements
requires documented security policies and procedures
secure generation and storage of cryptographic keys
segregation of duties for key management
tamper-resistant encryption devices
use of PCI-approved cryptographic algorithms
scope card-present payment environments
securityProperty ensures that decryption occurs only in controlled environments
minimizes exposure of clear-text primary account numbers
targetAudience acquirers and payment processors
solution providers seeking PCI P2PE validation
usedBy merchants
payment service providers
solution providers
validationProgram PCI P2PE solution validation program

How these facts were elicited

Referenced by (4)

Full triples — surface form annotated when it differs from this entity's canonical label.

PCI Security Standards Council developsStandard Point-to-Point Encryption Standard
PCI PIN Transaction Security relatedTo Point-to-Point Encryption Standard
this entity surface form: PCI Point-to-Point Encryption
Point-to-Point Encryption Standard fullName Point-to-Point Encryption Standard self-link
P2PE fullName Point-to-Point Encryption Standard
this entity surface form: Point-to-Point Encryption