Transaction Network Services Inc.10740 Parkridge Boulevard, Suite 100, Reston, VA 20191

866-523-0661solutions@tnsi.com

www.tnsi.com

Omni-Channel P2PE Product Suite

Retail POS Call Center Kiosk/Unattended Mobile

Data Theft is RampantIn 2016 there were 1,093 recorded data breaches - a 40% increase over 2015’s data breach number of 780. Large and small corporations fell victim to fraudsters who infiltrated POS systems and stole clear-text cardholder data. At an average cost of $159-$174 per record stolen, a data breach can put your company out of business.

Don’t let a data breach derail your business

PCI-Validated Point-to-Point Encryption | P2PE

Bluefin’s PCI-validated P2PE solutions encrypt cardholder data at the Point of Interaction (POI) in a PCI-approved P2PE device and decryption is done off-site in an approved Bluefin Hardware Security Module (HSM). Our solution prevents clear-text cardholder data from being present in a merchant or enterprise’s system or network where it could be accessible in the event of a data breach. Bluefin’s PCI-validated P2PE solution is available to all merchants and processors utilizing the TNS network.

Secure Cardholder Data

Reduce PCI Scope

Protect your Brand

© 2017 Copyright Bluefin Payment Systems.

Learn More About Bluefin and TNS’ P2PE Solution

Transaction Network Services Inc. 10740 Parkridge Boulevard, Suite 100, Reston, VA 20191www.tnsi.com | solutions@tnsi.com866-523-0661

Bluefin’s patented P2PE Manager is a 100% online system that offers merchants an easy-to-use tool to administer their P2PE activities and ensure compliance that will allow your business to get the full benefits of PCI-validated P2PE scope reduction.

The P2PE Manager enables Bluefin clients to monitor the complete lifecycle of a payment device. This includes key injection, device shipping and tracking for chain-of-custody, device state and attestation management, and a record of every decryption performed by every device.

PCI P2PE certified devices are more secure and are designed to detect tampering. If malicious activity is detected, the device is automatically deactivated, preventing a breach at the point of entry (also called point-of-interaction, or POI) device.

PCI P2PE includes a built-in “chain of custody” process for managing PCI P2PE certified devices. The Bluefin solution includes access to our proprietary P2PE Manager where you can automatically track and report on all POI devices for PCI compliance review.

All PCI-validated P2PE solution providers must abide by strict controls to protect encryption keys. Device key injection is done directly at a certified Key Injection Facility (KIF) and decryption only occurs in the Bluefin hardware environment (HSM).

Merchants that implement Bluefin’s PCI-validated P2PE solution throughout their POS environment are eligible for the 33-question SAQ P2PE-HW – a significant reduction from the 329-question SAQ D.

Device Security Strict Controls

Chain of Custody Reduced PCI Assessment

Why PCI-Validated P2PE?There are many solution providers on the market with end-to-end encryption products, but only those P2PE solutions listed on the PCI SSC website have been audited and approved by

the Council as validated solutions. Why does PCI validation matter?

We Make PCI Compliance Simple with our P2PE Manager