Bluefin, AvantCom Payments to provide PCI-validated P2PE to Oracle clients

Payment security provider Bluefin is partnering with AvantCom Payments to provide Bluefin’s PCI-validated P2PE solution to enterprises utilizing AvantCom Payments’ Oracle payment integration with CyberSource.

AvantCom Payments is a recognized Oracle Gold Partner specializing in EBS solutions using the CyberSource PCI-compliant APIs. AvantCom provides cost-effective, secure solutions for processing credit cards in Oracle to large enterprises.

Through the partnership with Bluefin, AvantCom Payments can now provide their clients with Bluefin’s PCI-validated P2PE solution directly through their CyberSource integration, enhancing security and reducing PCI scope with no change to the payment transaction flow. Bluefin enables PCI-validated P2PE on partner platforms with their Decryptx Decryption as a Service (DaaS) product, which allows gateways, applications, and processors to direct connect to Bluefin for the P2PE service. Bluefin and CyberSource partnered in 2017 to provide PCI-validated P2PE to merchants and integrated providers, such as AvantCom Payments, that utilize the CyberSource gateway to process client payments.

Greg Cornwell

“2017 closed out with a record 1,339 data breaches in the U.S. and over 174 million consumer records compromised,” said Greg Cornwell, head of global sales. “And if 2017 taught us anything it is that fraudsters don’t care if you are a restaurant, retailer, healthcare organization or enterprise. As long as you process credit card payments, you are their target. Bluefin’s P2PE solution is ideal for any company or organization looking to secure their in-person, mobile and call center credit card and debit card payments.”

Bluefin’s PCI-validated P2PE solution secures credit and debit card transactions by encrypting all data within a PCI-approved point of entry device, preventing clear-text cardholder data from being available in the device or the merchant’s system where it could be exposed to malware. Data decryption is only done offsite in a Bluefin hardware security module (HSM).

“Sensitive payment data is still being gathered in the open in call centers,” AvantCom Payments vice-president Larry Simmons said. “These environments are within Payment Card Industry Data Security Standard (PCI DSS) scope and remain vulnerable.

“The AvantCom Payments and Bluefin solution encrypts cardholder data at the point of data entry using a PCI approved P2PE device. Decryption and storage of sensitive cardholder information is performed off-site, and removes clear-text card holder data from the call center. This is especially important to our Oracle customers who are seeing significant reduction in the PCI compliance footprint without disruption to normal Oracle EBS payment processes.

“Being on the forefront of P2PE technology means Oracle EBS customers will not have to wait for future versions of Oracle to secure their call center.”