Last summer, we explored the importance of PCI and P2PE for retailers on our blog. To recap, the Payment Card Industry Data Security Standard, or PCI DSS for short, is a worldwide standard set up to help businesses process card payments securely and reduce card fraud, through tight controls surrounding the storage, transmission and processing of cardholder data that businesses handle. Due to the sensitivity of the data that is handled in this process, it’s seen as a high priority for retailers to adopt PCI DSS. If a Retailer isn’t PCI DSS compliant and loses customer card data, they risk the possibility of incurring Card Scheme fines, and may also be liable for the fraud losses incurred against these cards and the operational costs associated with replacing the accounts. You can read the full blog here. P2PE encrypts card data from PED to acquirer, and therefore significantly reduces the DSS target for evaluation, and so many retailers are also adopting P2PE to simplify and streamline the process to implement DSS.
As this continues to be a business critical consideration for many retailers in 2016, we felt it would be helpful to provide an update on the key challenges and developments we’ve seen taking place with regards to PCI and P2PE.
Demand continues to rise
The end of 2015 saw a flurry of activity on the P2PE front, with a number of new enquiries. We also received orders to rollout P2PE PEDs into a well known newsagent with both high street and airside presence, as well as a well known national builders merchants and a national shoe retailer. These projects include refreshing some 4,000 PEDs to bring them up to P2PE standard, as well as deploying a further 2,000 (new devices.
Google Pay and Samsung Pay add to the pressure
The successful rollout of Apple Pay in 2015 is being closely followed in 2016 by Google Pay and Samsung Pay, and we are expecting a further surge in enquiries and orders from retailers of all types, as well as Payment Service Providers (PSPs), who will need a service provider like Barron McCann to both deploy and support their national and international estates of P2PE PEDs.
Demand continues to diversify
As well as enquiries from our traditional retail marketplace, we are now seeing increasing interest from financial services organisations following our successful deployment and ongoing support for Skipton Building Society (click here for recent Case Study), as well as the hospitality sector following the signing of our first major support contract in this sector with Nando’s.
A bright outlook for 2016
As we enter a new financial year, we are reviewing our internal processes to upgrade and standardise them. Each set of services is tailored to the specific requirements of the individual client’s P2PE Instruction Manual (PIM) and their QSA. We aim to develop “best of breed” services that take the highest elements of each PIM and standardise these, to make it easier to on-board customers and make our service delivery more efficient. We are also pleased to confirm our company’s PCI DSS QIR (Qualified Integrator & Reseller) accreditation – Barron McCann is the only UK Company to have committed to and achieved this accreditation, again demonstrating our leading position in the payment device marketplace.
As we develop stronger ties with both retailers, manufacturers, PSPs, systems integrators and consultants, Barron McCann continues to lead the marketplace in providing P2PE compliant deployment and support services.
For further information, please click here to visit our dedicated web page.