eLearningClasses.com
Editorial & Advertiser Disclosure Global Banking And Finance Review is an independent publisher which offers News, information, Analysis, Opinion, Press Releases, Reviews, Research reports covering various economies, industries, products, services and companies. The content available on globalbankingandfinance.com is sourced by a mixture of different methods which is not limited to content produced and supplied by various staff writers, journalists, freelancers, individuals, organizations, companies, PR agencies Sponsored Posts etc. The information available on this website is purely for educational and informational purposes only. We cannot guarantee the accuracy or applicability of any of the information provided at globalbankingandfinance.com with respect to your individual or personal circumstances. Please seek professional advice from a qualified professional before making any financial decisions. Globalbankingandfinance.com also links to various third party websites and we cannot guarantee the accuracy or applicability of the information provided by third party websites. Links from various articles on our site to third party websites are a mixture of non-sponsored links and sponsored links. Only a very small fraction of the links which point to external websites are affiliate links. Some of the links which you may click on our website may link to various products and services from our partners who may compensate us if you buy a service or product or fill a form or install an app. This will not incur additional cost to you. A very few articles on our website are sponsored posts or paid advertorials. These are marked as sponsored posts at the bottom of each post. For avoidance of any doubts and to make it easier for you to differentiate sponsored or non-sponsored articles or links, you may consider all articles on our site or all links to external websites as sponsored . Please note that some of the services or products which we talk about carry a high level of risk and may not be suitable for everyone. These may be complex services or products and we request the readers to consider this purely from an educational standpoint. The information provided on this website is general in nature. Global Banking & Finance Review expressly disclaims any liability without any limitation which may arise directly or indirectly from the use of such information.

HOW TO CUT COSTS WITH A VALIDATED P2PE SOLUTION

Jon Banks, Director of Payments & Customer Loyalty, The Logic Group

The last few years have been a challenging time for retailers, yet it looks like things may finally be on the up: official figures show that recent growth has taken the UK economy past the pre-recession peak. This is without doubt very welcome news for British businesses and long overdue.

Retailers can see that they can’t afford to just rest on their laurels and expect to simply reap the rewards of the economic upturn. They must find ways of streamlining operational costs so as to ensure they stay competitive and maximise profitability. However, competition for customers remains as fierce as ever, meaning they need to do so in such a manner that it doesn’t diminish the overall customer experience, which is paramount to on-going customer loyalty.

Jon Banks
Jon Banks

Thankfully, the cost of compliance is one that can be significantly reduced for many retailers, and done so without having a negative impact on customer experience. The implementation of a Payment Card Industry (PCI) validated Point to Point Encryption (P2PE) solution for in-store card payments, allows businesses to cut their on-going costs and drastically reduce the time associated with their annual audit.

A PCI-validated P2PE solution is the only way a retailer can take in-store cardholder data out of scope, with card data being encrypted before it even reaches their retailer Point of Sale (POS). The corollary of this is that the business’ annual PCI audits are streamlined substantially, with the total number of questions included being reduced from over 250 to a much more manageable 18. Consequently, businesses can make huge resource saving, creating a much more efficient process. In fact, it is estimated that the correct implementation of a PCI-validated P2PE solution can reduce on-going costs by around 50%.

Above all else, P2PE gives retailers the ability to minimise their risk of a data breach, where customer cardholder data would be compromised. For customer confidence, such an incident could   damage the consumer’s relationship with a brand beyond repair.

Although Point to Point Encryption is already on the agenda of many retailers’, at PCI London on 1st July it was clear that there is some confusion as to whether they have PCI-validated P2PE solution in place already. This would seem to stem from the fact that while P2PE solutions have been available from vendors for some time, the PCI Council only issued its guidelines and began validating solutions in 2011 with the first of these validated solutions being available just last year. Retailers may believe they have a fully validated P2PE solution but in actuality, this is often not the case. Consequently, they aren’t receiving the cost and resource savings that a fully PCI-validated solution brings. Our clear advice to retailers seeking to realise these savings through a P2PE solution is to check whether their solution is validated on the PCI website.

This alone should be enough of a reason for businesses to ensure their solutions are validated; they are also actually putting themselves at risk of incurring additional costs in the form of fines from their acquirers by not having one in place.

Once a business has their validated P2PE solution in place, the next step is to ensure it is accredited by their industry Qualified Security Assessor (QSA). One requirement of this will is that they adhere to a Solution Provider’s P2PE Instruction Manual (PIM). The PIM outlines the processes a business should implement to maintain compliance, such as the proper handling of PIN Entry Devices (PED). The PIM also includes a provider’s suggestions for operational procedures and best practice for using a P2PE solution.

In May 2013, the PCI SSC announced that The Logic Group was the first company worldwide to achieve P2PE application validation and in November 2013, our Solve DataShield P2PE solution achieved global validation by the Payments Card Industry Security Standards Council (PCI SSC). At present we offer one of only three PCI-validated P2PE solutions on the market.

If a business is looking to minimise its operating costs, P2PE solutions are a great option, but only if they are implemented correctly. If your business opts for a solution that isn’t PCI-validated you’re both missing out on significant savings and putting yourself at risk of additional costs. However, if you want to see how a comprehensive P2PE solution can help you save both time and money so that you can focus on delivering products and experiences that meet and surpass your customers’ expectations, come speak to The Logic group.