Worldpay has announced a major milestone in helping UK retailers reduce the complexity and cost associated with gaining PCI compliance by becoming the first payment acquirer to be able to offer customers a complete end to end omni-channel payments service that includes Point to Point Encryption (P2PE) Version 2 certification from the Payments Card Industry Council.
The cost of PCI Data Security Standard (PCI DSS) compliance can be significant, often meaning substantial investments of operations and resources for some of the country’s largest retailers. PCI-listed P2PE solutions can help to reduce the cost and scope of a PCI DSS audit. Through end-to-end encryption of customer card details, the information is protected, rendering it useless if intercepted by a malicious third-party.
By gaining the latest P2PE Version 2 certification for their omni-channel solution Worldpay Total, Worldpay is uniquely positioned with a single, scalable solution for UK retailers to handle payments processing and reduce the complexity of becoming PCI compliant.
Worldpay customer Neil Hodge, IT director of McColl’s Retail Group, said: “Protecting our customers’ data is paramount, so a robust PCI compliant service was an essential requirement when looking for a payments partner”.
Commenting on the milestone, Dave Hobday UK managing director, Worldpay said: “90% of large businesses suffered security breaches in 2015, with resulting costs averaging almost £1.5million. Payments data security should be high on the agenda for any business, but too often we see the ever increasing complexity of compliance becoming a burden on the financial and operational resources of retailers.
“That’s why securing P2PE certification for our award winning Worldpay Total solution has been a key area of focus for us. This puts us in the unique position to provide our UK customers with a P2PE V2 compliant solution as part of an omni-channel payments toolkit. Whilst simplifying and reducing the weight of compliance, we are also enabling retailers to accept a full range of payment methods seamlessly, at scale and across channels under a single contract.”
P2PE Version 2 is the evolution of the Point-to-Point Encryption standard from the PCI Security Standards Council, which came into effect in September 2015.
Jeremy King, international director of the PCI Security Standards Council, said: “Point-to-Point Encryption (P2PE) is a major step forward for protecting cardholder data and simplifying PCI Data Security Standard (PCI DSS) compliance. As we gather this week with payment security leaders at the PCI Europe Community Meeting, we are thrilled to highlight the work that Worldpay and other P2PE solution providers are doing to help merchants take advantage of this technology that renders card data so that it’s useless to criminals if stolen.
“PCI P2PE solutions protect account data from the point where the merchant accepts the payment card until that data reaches a secure point of decryption, reducing where and how PCI DSS requirements apply. This makes the compliance process easier and can help save time and money, but without sacrificing the security of customers’ data.”
Darren Houghton, head of IT, HMV, said: “The P2PE PCI listing for Worldpay Total is great news as it takes the burden out of ensuring we are meeting the gold standard in compliance and ensures that our customers can enjoy a seamless retail experience with best in class security”.
Worldpay’s fully managed service includes a number of additional features to help make day-to-day management easier, such as PED (Pin Entry Device) tracking and monitoring, which businesses must evidence as part of their PCI DSS assessment.