Document Comparison
PCI_SSC_P2PE_Bluefin-CHOA_Case_Study.pdf
→
PCI_SSC_P2PE_Bluefin-PriceSmart_Case_Study.pdf
8% similar
2 → 2
Pages
1155 → 1171
Words
5
Content Changes
Content Changes
5 content changes.
Added
p. 1
What does P2PE accomplish for PriceSmart? PriceSmart: Previous to adopting Bluefin’s P2PE solution, our call center operations were entering credit card information through computer keyboards and not through a dedicated payment keypad. Bluefin’s P2PE solution gave our operators a secure, easy-to-use payment keypad to safely enter customer card data. We are now are capable of capturing renewal payments from five different countries in a single location without having to worry about security issues.
Bluefin: PriceSmart implemented keypads at each contact center desk. As part of Bluefin’s P2PE solution, these keypads encrypt the card number as it is entered into the workstation. This process devalues the payment data rendering it useless to hackers in the event of a breach.
Was the cost of compliance a factor in your decision? PriceSmart: There are always costs in establishing a new call center
• including resources and manpower to ensure that the call center complies with all …
Bluefin: PriceSmart implemented keypads at each contact center desk. As part of Bluefin’s P2PE solution, these keypads encrypt the card number as it is entered into the workstation. This process devalues the payment data rendering it useless to hackers in the event of a breach.
Was the cost of compliance a factor in your decision? PriceSmart: There are always costs in establishing a new call center
• including resources and manpower to ensure that the call center complies with all …
Removed
p. 1
What does P2PE achieve for Children’s Healthcare of Atlanta? CHOA: Due to the complexity of our hospital network, we wanted to implement a solution that would provide our customers with the most secure method of processing a payment card transaction at our 45 locations. We implemented a PCI-listed P2PE Solution to reduce the number of PCI DSS requirements that apply to our cardholder data environment (CDE), to secure our patients payment data and to mitigate the risk of a payment data breach.
Bluefin: To achieve their goal to down-scope and secure their payment systems, CHOA set two objectives: reduce the overall size of their cardholder data environment (CDE) and reduce the number of applicable PCI DSS requirements. Implementing our P2PE solution accomplished both of these objectives swimmingly. CHOA was able to remove entire networks from the scope of their PCI DSS assessment and qualify for the PCI P2PE Self-Assessment Questionnaire (SAQ) …
Bluefin: To achieve their goal to down-scope and secure their payment systems, CHOA set two objectives: reduce the overall size of their cardholder data environment (CDE) and reduce the number of applicable PCI DSS requirements. Implementing our P2PE solution accomplished both of these objectives swimmingly. CHOA was able to remove entire networks from the scope of their PCI DSS assessment and qualify for the PCI P2PE Self-Assessment Questionnaire (SAQ) …
Modified
p. 1
CASE STUDY Validated Point-to-Point Encryption (P2PE)™ Solution Putting patients and their personal information first.
CASE STUDY Validated Point-to-Point Encryption (P2PE)™ Solution Working to safeguard customer payment data from cyber criminals Let’s hear from the merchant and the P2PE solution provider.
Removed
p. 2
Why did you opt for Bluefin’s P2PE Solution? CHOA: We researched the PCI-listed P2PE Solution providers to clearly understand their respective technologies and from an integration perspective, how it would best fit into our current environment with the least amount of interruption to our business process. Bluefin’s hands-on approach and service level was key in our decision making process. Bluefin offered an array of device options and integration points that CHOA could implement while providing the most secure processing environment for the organization.
What technology or adoption issues did you have to overcome to implement P2PE? CHOA: During project planning, we identified the largest potential roadblock for CHOA as the integration and deployment of the P2PE devices. With 45 locations housing various departments within each location, it really became a master project to ensure that we serviced all the areas within the organization that processed card data. As it turned out, …
What technology or adoption issues did you have to overcome to implement P2PE? CHOA: During project planning, we identified the largest potential roadblock for CHOA as the integration and deployment of the P2PE devices. With 45 locations housing various departments within each location, it really became a master project to ensure that we serviced all the areas within the organization that processed card data. As it turned out, …
Modified
p. 2
CASE STUDY Validated Point-to-Point Encryption (P2PE)™ Solution Payment Card Industry Security Standards Council, LLC www.pcisecuritystandards.org Card Network **** *** *** P2PE simplifies our PCI DSS compliance program by devaluing cardholder data (CHD) which frees up our security resources to focus on protecting Personally Identifiable Information (PII) and Electronic Health Records (EHR). So, both directly and indirectly, using this PCI-listed P2PE Solution has greatly improved CHOA’s entire security posture.
CASE STUDY Validated Point-to-Point Encryption (P2PE)™ Solution Payment Card Industry Security Standards Council, LLC www.pcisecuritystandards.org Point-to-Point Encryption (P2PE) is a trademark of PCI Security Standards Council.