In today’s environment of highly publicized credit card breaches and increased regulatory requirements, mitigating the risk of a data breach in the payment stream is critical – from authorization and settlement through business processes such as charge-backs, loyalty or repeat payments. Merchants and processors must be able to reliably protect credit card data at rest and in transit within their environment, and reduce PCI scope without impacting business.
HP SecureData Payments provides complete point-to-point encryption and tokenization for retail payment transactions, enabling PCI scope reduction.
HP Format-Preserving Encryption (FPE)
With HP FPE, credit card numbers, track data and other types of structured information are protected without the need to change the data format. Merchants can preserve existing processes such as BIN routing or use of the last 4 digits of the card for receipt printing, while protecting sensitive digits from the browser or terminal to the payment processor.
HP Identity-Based Encryption (IBE)
HP IBE eliminates the complexity of traditional key management systems, significantly reducing implementation and management costs. No digital certificates or keys are required to be injected or synchronized. Encryption keys are securely generated on demand and not stored, POS devices are not subject to key injection and key rotation.
HP Secure Stateless Tokenization (SST)
Point-to-point encryption can easily be combined with HP SST to provide merchants with a complete solution for reducing PCI audit scope. HP SST replaces PAN data after authorization with randomly-generated tokens, which reduces the risk of data theft and removes merchant systems from PCI scope without the cost and complexity of maintaining a token vault database.
HP SecureData Payments Terminal SDK
Can easily be implemented with any mobile or terminal SDK and payment processing systems. Already integrated into leading payment card reading devices and pin-pads, offering merchants the flexibility to support the hardware of their choice.
HP SecureData Payments Host SDK
Supports a wide variety of platforms, including Windows, Linux, HP NonStop, Stratus VOS, and IBM z/OS, enabling maximum protection and efficiency.
HP SecureData Payments Securing Sensitive Data
HP SecureData Payments is a complete payment transaction protection framework, built on two breakthrough technologies: HP Format-Preserving Encryption (FPE) and HP Identity-Based Encryption (IBE). Payment data is protected point-to-point, from swipe through to the payment processor. By protecting the data itself, HP SecureData Payments eliminates security gaps that exist between networks, databases and applications when traditional security solutions are used. HP SecureData Payments protects data at rest, in use, and in motion, securing sensitive data point-to-point.
“Heartland developed a complete end-to-end encryption solution designed to protect cardholder data at all stages of a transaction; from card swipe through delivery to the card brands. Together with HP Security Voltage, we are developing a comprehensive solution that currently does not exist.”