Point to Point Encryption (P2PE) enhances the security of account data by encrypting it between a Point of Interaction (POI) device and the decryption environment. Starting with version 2.02.021, Simplify can be implemented as part of an Elavon PCI-validated P2PE solution. This will allow Simplify customers to reduce the scope of their PCI audits.
The principal purpose of this chapter is to serve as a guide to inform users on the role of Simplify in Elavon’s PCI-validated P2PE solution. Customer requirements for PCI-validated P2PE can be summarized as follows:
Ingenico Telium or Tetra PIN Pads using On-Guard encryption. See Versioning for more information.
All general requirements for secure communications must be followed. Network security must be reviewed periodically.
Any PCI-sensitive data received by the POS (encrypted or unencrypted) must be securely deleted when no longer needed.
Printing must conform with PCI and TPP rules for masking.
Informational Prompt messages (see Informational Prompting) must not be used to request PCI-sensitive data from the customer.