P2PE – Point to Point Encryption

Instantly make your office 100% PCI compliant with our fully-integrated payment gateway & P2PE Point to Point Encyption devices.

PCI-Certified Devices  |  Point of Service  |  Card Not Present

PCI Certified

We offer one of the only PCI certified P2PE solutions, making compliance easier and faster.

Protect Against Malware

Designed and known for strong, reliable security.

Encrypt Data

Assign unique encryption keys to each transaction before it ever reaches the POS system.

Reduce PCI Scope

See an instant 90% decrease in PCI requirements. Reduce liability and save resources.

What is P2PE?


P2PE devices are PCI-validated technology that can take your business network out of scope for a PCI audit and protect your customer’s credit card data.

PCI certified P2PE devices are made for security, designed to detect tampering, and abide by strict controls to protect encryption keys. When you implement a PCI certified P2PE solution like ours, you get a 90% drop in PCI requirements. Instantly.

Strengthen the security of your organization with our PCI-certified P2PE solutions.

U.S. data breaches in 2016

Records exposed

Lost per record

Our PCI-certified P2PE solution guards against data breaches.

Be On Guard.

Around 90% of all data breaches are through malware, placing any data handled in-house at risk. The PCI Security Standards Council (SSC) calls Point-to-Point Encryption (P2PE) the most effective way to prevent data breaches via malware.

PCI certified P2PE devices are made for security and designed to detect tampering. If malicious activity is detected, the device is automatically deactivated, preventing a breach at the point of entry (also called point-of-interaction, or POI) device.

Encryption Is Key.

P2PE works by injecting millions of unique encryption keys to each payment processing device and assigning a new key to each transaction before it ever reaches the POS system, network, or any other merchant system, effectively removing your internal network and infrastructure out of scope of PCI. Device key injection is done directly at a certified Key Injection Facility (KIF) and decryption only occurs in the Bluefin hardware environment (HSM).
Keep payment data encrypted with a comprehensive encryption process.
Perform comprehensive tracking reports for PCI Compliance reviews.

Shrink Your Scope.

P2PE includes a built-in “chain of custody” process for managing certified devices. Automatically track and report on all POI devices for PCI compliance review. Merchants that implement Bluefin’s PCI-validated P2PE solution throughout their POS environment are eligible for the 35-question SAQ P2PE-HW – a 90% drop from the 332-question SAQ D.

P2PE Features


Users, Partners, Clients, Locations


Device Deployment, Activation, Termination (end of life)


Transactional, Device, User History



Management, Device, Shipment, Transactional Reports, Easy Export/Download

Want to see more?