Secure Your Call Center Payments Using the FAC PCI Validated Point-to-Point Encryption Solution

First Atlantic Commerce (FAC) offers PCI-validated Point-to-Point Encryption (P2PE) powered by solution provider, Bluefin Payment Systems, through its Virtual Terminal product for Call Centers. PCI-validated P2PE encrypts cardholder data at the Point of Interaction (POI) in a PC-approved P2PE device, and decryption is done off-site in an approved Bluefin Hardware Security Module (HSM). Our solution prevents clear-text cardholder data from being present in a merchant or enterprise’s system or network where it could be accessible in the event of a data breach.

FAC’s P2PE call center solution utilizes the PCI-approved P2PE ID Tech SREDKey, enabling back-office clerks to securely key enter MOTO payments.

FAC provides the first PCI-validated P2PE solution for companies in the Latin America Caribbean Region through its Virtual Terminal. The solution is also available to merchants in the U.S. and the EU. FAC can process and settle in multiple currencies around the world.

Why PCI-Validated P2PE?

There are many solution providers on the market with end-to-end encryption products, but only those P2PE solutions listed on the PCI SSC website have been audited and approved by the Council as validated solutions. Why does PCI validation matter?

Device Security

PCI P2PE certified devices are more secure and are designed to detect tampering. If malicious activity is detected, the device is automatically deactivated, preventing a breach at the point of entry (also called point-of-interaction, or POI) device.

Chain of Custody

PCI P2PE includes a built-in “chain of custody” process for managing PCI P2PE certified devices. The Bluefin solution includes access to their proprietary P2PE manager, where you can automatically track and report on all POI devices for PCI compliance review.

Strict Controls

All PCI-validted P2PE solution providers must abide by strict controls to protect encryption keys. Device key injection is done directly at a certified Key Injection Facility (KIF) and encryption only occurs in the Bluefin hardware environment (HSM).

Reduced PCI Assessment

Merchants that implement Bluefin’s PCI-validated P2PE solution throughout their POS environment are eligible for the 35-question SAQ P2PE-HW – a significant reduction from the 332-question SAQ D.