Payment terminal

Point-to-point encryption is a credit card fraud prevention measure, providing and additional protection layer on top of SSL. Sometimes point-to-point encryption allows a merchant to get out of PCI scope, and this is one of the reasons why some companies are willing to use the approach. The main aspects to be considered before implementation of some particular encryption solution concern decryption and encryption mechanisms. Decryption logic can be implemented either via software, or via hardware security module (HSM). Encryption logic can be implemented either inside or outside of a payment terminal.

The best thing to do if you need to minimize the path, which unencrypted cardholder data has to travel, is to encrypt the data as close to the point of card entry (or point of swipe) as possible, and decrypt it on the payment processor’s end (or payment gateway’s end).

More information on point-to-point encryption mechanisms can be found in the respective article on #Paylosophy.