Welcome to Decryptx
Integrate to Bluefin's Decryptx and offer our P2PE solution directly to your clients.
Decryptx® is Bluefin’s Payment Card Industry (PCI) validated point to point encryption (P2PE) solution which enables processors, payment gateways and software platforms to universally connect to Bluefin and offer our P2PE solution directly to your clients.
To date we are the only validated solution provider that offers Decryption as a Service (DaaS) decoupled from payment processing.
Our white label solution affords you the ability to offer security and scope reduction of PCI-validated P2PE encryption to your clients, while still giving you the freedom to maintain your brand.
Decryptx API Requirements
Before you can use the Decryptx platform and its APIs, certain requirements must be met and certain security configurations enforced, as described below:
You must be approved by Bluefin to use Decryptx.
You must use an appropriate PCI PED/PTS-compliant injected payment terminal.
Applications that integrate with our Decryptx APIs must be capable of TLS1.2 (HTTPS) communications and must store access credentials securely.
The software application, any service provider or host that is transmitting, storing, or processing cardholder data, and the merchant, must all be compliant with the appropriate security standards, including:
- Payment Card Industry Security Standards Council (PCI SSC) security initiative,
- Payment Card Industry Data Security Standard (PCI-DSS) for merchants and service providers, or,
- Payment Application Data Security Standard (PA-DSS) for software vendors.
PCI compliance for the application and merchant are the responsibility of the merchant and its application partners.
For customers who want to ensure their PCI compliance, Bluefin provides an array of compliance services as part of
our added service lines. Please contact your sales representative for more information.
For PCI compliance and security reasons, merchants must not store cardholder data for any reason. Bluefin offers tokenization as part of the P2PE decryption process or as a stand-alone service providing the option to have decrypted data tokenized.
Updated 12 months ago