Bluefin Payment Systems and Merchant Link Announce the Availability of PCI-Validated P2PE on the Merchant Link Platform

Tuesday, September 13, 2016

bluefinMerchant Link clients can now get the security and scope reduction of PCI P2PE through their current integration with Merchant Link

Bluefin Payment Systems, the leading provider of PCI-validated Point-to-Point Encryption (P2PE) solutions for retail, restaurants, healthcare, and education, and Merchant Link announced today the availability of Bluefin’s P2PE solution on the Merchant Link platform.

Merchant Link specializes in gateway and data security solutions for over 400,000 hotel, restaurant and retail locations, enabling more than 6 billion transactions annually. With Bluefin’s Decryptx Decryption as a Service (DaaS) product, Merchant Link can now provide PCI-validated P2PE through their current TransactionLink™ integrations – requiring no change to a merchant’s transactional flow or processing relationship.

“PCI-validated P2PE is a premier security solution. Not only does it encrypt card data at the point of entry at the terminal, but because the solution has been validated by the PCI Security Standards Council (SSC), it offers our clients significant cost and efficiency savings from reduced PCI scope – which you just can’t get with a non-validated solution,” said Scott Carcillo, CIO, Merchant Link.

“Prior to Bluefin’s Decryptx product, the only way for a merchant to get PCI-validated P2PE was to switch their payment processing to the handful of gateways that offered it. You could not decouple payment processing and PCI-validated P2PE before Decryptx. Now our TransactionLink clients can get Bluefin’s solution with absolutely no change to how they process transactions through Merchant Link today. It is a huge value add,” added Mr. Carcillo.

Bluefin’s PCI-validated P2PE solution secures card transactions by encrypting all data within a PCI-approved point of entry swipe or keypad device, preventing clear-text cardholder data from being available in the device or the merchant’s system where it could be exposed to malware. Data decryption is only done offsite in a Bluefin hardware security module (HSM).

The University of California San Diego (UCSD) Starbucks campus location was the first client to take advantage of the combined Merchant Link/Bluefin solution using the PCI P2PE approved Ingenico iSC 250 terminal, with both PCI-validated P2PE and EMV. Bluefin and Merchant Link will be releasing a case study on the implementation in September 2016.

“A survey released by KPMG on August 23rd found that 20% of consumers would not continue shopping at a retailer that suffered a data breach, no matter what they do to remediate the situation. This goes to show that prevention is much more important than reaction,” said Greg Cornwell, SVP, Security Solutions, Bluefin. “Merchant Link counts some of the largest retailers, hospitality providers and restaurants as clients. While P2PE cannot prevent a hacker from breaking into a network or point of sale system, it can ensure that clear-text cardholder data is not available for the hacker to steal. By providing PCI-validated P2PE on their platform as a security option, Merchant Link is ensuring that it is offering clients the gold standard of payment encryption to protect their reputation and customer base.”



« Back to press releases