As part of an ongoing programme to validate its PAYware Ocius managed payments service against the latest PCI point-to-point encryption (P2PE) standard, VeriFone Systems, Inc. has successfully fulfilled the necessary Domain 3 requirements, which cover the management of encryption devices and any applications in the UK and Ireland.
All VeriFone PCI PTS 3.x payment devices dispatched in these countries as part of the PAYware Ocius managed service from September 2013 will be 'P2PE ready.' This includes VeriFone's VX Evolution portfolio of NFC-enabled PIN pad, portable and countertop devices. VeriFone is one of the first U.K. payment service providers to be able to supply Domain 3 ready devices which, when used in conjunction with a validated P2PE solution, can reduce PCI scope for merchants.
"Availability of P2PE ready devices will allow merchants to future proof their payment platform for P2PE validation, ultimately simplifying their journey towards achieving PCI DSS compliance," said Robert McLaughlin, vice president and general manager, VeriFone U.K. and Ireland. "Our pre-certified units will be capable of upgrade in the field and will not be required to be returned to VeriFone for re-configuration once a validated P2PE solution is implemented. Progress is now well underway to meet the requirements of all six separate Domains within the PCI's P2PE standard, and we can expect to see fully P2PE validated managed payments solutions available by early next year."
"VeriFone has achieved a major milestone in becoming one of the first U.K. payment service providers to supply P2PE ready devices to the market," said Benjamin Hosack, director at Foregenix. "These P2PE-ready devices, as a part of a P2PE compliant solution, will enable merchants to significantly reduce their PCI scope, risk and costs. VeriFone's focus and effort in achieving this milestone is to be commended and represents a significant step forward for the industry."