Bluefin, AvantCom Payments to provide PCI-Validated P2PE to Oracle clientele

Payment security provider Bluefin today announced a partnership with AvantCom Payments to provide Bluefin’s PCI-validated P2PE solution to enterprises utilizing AvantCom Payments’ Oracle payment integration with CyberSource.

AvantCom Payments is a recognized Oracle Gold Partner specializing in EBS solutions using the CyberSource PCI-compliant APIs. AvantCom provides solutions for processing credit cards in Oracle to large enterprises, universities and a multi-national open source software company.

Through the partnership with Bluefin, AvantCom Payments can now provide their clients with Bluefin’s PCI-validated P2PE solution directly through their CyberSource integration, enhancing security and reducing PCI scope with no change to the payment transaction flow.

Bluefin enables PCI-validated P2PE on partner platforms with their Decryptx Decryption-as-a-Service (DaaS) product, which allows gateways, applications, and processors to direct connect to Bluefin for the P2PE service. Bluefin and CyberSource partnered in 2017 to provide PCI-validated P2PE to merchants and integrated providers, such as AvantCom Payments, that utilize the CyberSource gateway to process client payments.

Greg Cornwell

“2017 closed out with a record 1,339 data breaches in the U.S. and over 174 million consumer records compromised,” said Greg Cornwell, head of global sales. “And if 2017 taught us anything it is that fraudsters don’t care if you are a restaurant, retailer, healthcare organization or enterprise. As long as you process credit card payments, you are their target. Bluefin’s P2PE solution is ideal for any company or organization looking to secure their in-person, mobile and call centre credit card and debit card payments. We are very pleased to partner with AvantCom Payments and bring this solution to their Oracle base.”

Bluefin’s PCI-validated P2PE solution secures credit and debit card transactions by encrypting all data within a PCI-approved point of entry device, preventing clear-text cardholder data from being available in the device or the merchant’s system where it could be exposed to malware. Data decryption is only done offsite in a Bluefin hardware security module.

“Sensitive payment data is still being gathered in the open in call centres. These environments are within Payment Card Industry Data Security Standard (PCI DSS) scope and remain vulnerable,” said Larry Simmons, AvantCom Payments, Vice President. “The AvantCom Payments and Bluefin solution encrypts cardholder data at the point of data entry using a PCI-approved P2Pe device. Decryption and storage of sensitive cardholder information are performed off-site and removes clear-text cardholder data from the call centre.

“This is especially important to our Oracle customers who are seeing a significant reduction in the PCI compliance footprint without disruption to normal Oracle EBS payment processes. Being on the forefront of P2PE technology means Oracle EBS customers will not have to wait for future versions of Oracle to secure their call centre.”