CenPOS, a universal payment processing platform, now supports point-to-point (P2P) encryption with MagTek retail point of sale and mobile credit card reader devices. P2P encryption and end-to-end encryption are terms often bandied about with different meanings.
In P2P encryption, the card data is encrypted at the swipe and is decrypted at another point before going on to a credit card processor. This reduces the risk of compromising data-in-flight. For example, if a merchant has a keyboard emulation card reader connected to a virtual terminal or point of sale software, and the computer has malware, there is the risk of the card data being intercepted before getting to the next point. By opening up a text program, a person can swipe a card reader and all the data will dump onto the page, increasing internal security risk. With encryption at the card reader, any data intercepted cannot be accessed because only the intended recipient has the decryption key.
The term end-to-end encryption has become a catchall for the encryption and delivery of sensitive cardholder data from the point of sale entry point through each of the various organizations and networks in the payments process all the way to the card issuer. However, while the swipe device is clearly an end point, the destination is not. There are several points where card data may need to be opened in the process, including the merchant acquirer/ processor, card brands, loyalty card services, and the card issuer. All of which create complexities that could cause problems for an authorization approval. Thus, to ensure a higher rate of approvals, end to end encryption is just a misnomer, as decryption usually takes place at point the sensitive data is released to the processor.
With the CenPOS SaaS and Magtek hardware solution, data is encrypted at the swipe head, decrypted at CenPOS, and then routed per the merchant rules. (Again, some companies define this as end-to-end encryption because there are no hard and fast rules defining it the payments world.) This added layer of protection can bring extra peace of mind to CenPOS merchants concerned with data security. There is no additional cost for the service, however, merchants must have devices injected with the CenPOS encyrption code at a secure POS distributor terminal facility.
Above: compatible Magtek devices. To accept credit cards, merchants need a high speed internet connection, compatible card reader, merchant account, and a CenPOS account, which includes a virtual terminal and payment gateway, among other solutions.
Contact Christine Speedy, CenPOS sales at 954-942-0483 for additional information.