In today’s environment of highly publicized credit card breaches and increased regulatory requirements, mitigating the risk of a data breach in the payment stream is critical – from authorization and settlement through business processes such as charge-backs, loyalty or repeat payments. Merchants and processors must be able to reliably protect credit card data at rest and in transit within their environment, and reduce PCI scope without impacting business.
HPE SecureData Payments provides complete point-to-point encryption and tokenization for retail payment transactions, enabling PCI scope reduction.
HPE Format-Preserving Encryption (FPE)
With HPE FPE, credit card numbers, track data and other types of structured information are protected without the need to change the data format. Merchants can preserve existing processes such as BIN routing or use of the last 4 digits of the card for receipt printing, while protecting sensitive digits from the browser or terminal to the payment processor.
HPE Identity-Based Encryption (IBE)
HPE IBE eliminates the complexity of traditional key management systems, significantly reducing implementation and management costs. No digital certificates or keys are required to be injected or synchronized. Encryption keys are securely generated on demand and not stored, POS devices are not subject to key injection and key rotation.
HPE Secure Stateless Tokenization (SST)
Point-to-point encryption can easily be combined with HPE SST to provide merchants with a complete solution for reducing PCI audit scope. HPE SST replaces PAN data after authorization with randomly-generated tokens, which reduces the risk of data theft and removes merchant systems from PCI scope without the cost and complexity of maintaining a token vault database.
HPE SecureData Payments Terminal SDK
Can easily be implemented with any mobile or terminal SDK and payment processing systems. Already integrated into leading payment card reading devices and pin-pads, offering merchants the flexibility to support the hardware of their choice.
HPE SecureData Payments Host SDK
Supports a wide variety of platforms, including Windows, Linux, HPE NonStop, Stratus VOS, and IBM z/OS, enabling maximum protection and efficiency.
HPE SecureData and HPE Atalla HSM Integration
Extends end-to-end data protection through the combined, integrated solutions of HPE SecureData Payments and HPE Atalla Hardware Security Module (HSM). By joining data-centric data protection with a tamper-reactive hardware security module, companies are able to neutralize data breaches by protecting data while storing the master secret in a hardened storage device, rendering it useless to attackers.