PCI P2PE

Your certification according to the
point-to-point encryption standard

The PCI P2PE (Point-to-Point Encryption) standard ensures that credit card data is encrypted from the point of entry to the endpoint and that the transmission paths and intermediate components provide the best possible support for merchants in complying with the PCI DSS security requirements. PCI P2PE solutions are validated according to the strict security requirements of the PCI P2PE standard and are listed on the website of the PCI Security Standards Council (PCI SSC).

usd AG is officially accredited by the PCI SSC as an assessor for P2PE solutions. Read more about our latest P2PE certification project here .

Your P2PE Assessment

Phase 1: Planning and Preparation

Based on the audit scope, we determine the detailed procedure for the PCI P2PE audit and coordinate this with the responsible parties in your company..

Phase 2: Onsite und Offsite Audit

The onsite and offsite audit is a formal audit process. Our auditor in charge will check all matters relevant to PCI P2PE at your premises. A distinction is made between the P2PE application (on the POI) and the P2PE solution.

The audit takes the form of interviews with your responsible employees, site inspections, document reviews, the inspection of all relevant P2PE components, the POI device and your application.

Phase 3: Audit Results and Follow-Up

Any deviations from the PCI P2PE identified during the audit are documented by us on a daily basis in the Audit Connect ticket system, including the necessary, concrete recommendations for correcting the identified deviations.

You use Audit Connect to correct the identified deviations.
We then carry out a follow-up audit.

Phase 4: Report Creatin and Submission

The usd assessor prepares the Application Report on Validation (P-RoV) and the P2PE Solution Report on Validation (Solution P-ROV) in accordance with the PCI P2PE specifications to verify compliance with the credit card organizations.

This final report describes the concrete implementation of the individual PCI P2PE requirements at your company in detail and documents the assessor's procedure for checking the respective requirement in a comprehensible manner for the credit card organizations.

Finally, we coordinate the two P-ROVs with you and submit them to the PCI SSC together with the P2PE Solution Attestation of Validation (AoV) and the P2PE Application Attestation of Validation (AoV).

PCI P2PE Certificate and Seal

Once the P2PE P-ROVs have been approved by the PCI SSC, we will issue you with your PCI P2PE certificate.

What our Customers Say

PCI Beratung

"We are very proud to have achieved the certification of the BS PAYONE P2PE Solution within the scheduled time frame with the professional support of usd AG" Marc-André Faber, P2PE Project Manager BS PAYONE

Contact

 

Please contact us with any questions or queries.

Phone: +49 6102 8631-190
Email: sales@usd.de
PGP Key
S/MIME
Contact Form

 

Benedikt Krümmel
usd Technical Sales Consultant,
PCI Professional