Can software-based POS encryption improve PCI compliance?

In the wake of the recent Verizon report that shows that 80 percent are out of PCI DSS compliance between audits, some vendors are urging the PCI Council to consider approving software-based point-to-point encryption, in addition to the current hardware-based standard.

PCI-approved, hardware-based P2PE allows merchants to drastically shrink the systems subject to compliance, reducing both risks and costs, and will make it easier to stay compliant.

Self-destructing hardware is a “security bonus,” but in general, hardware-based P2PE technology is not as useful for merchants, says Shift4 CEO Dave Oder, whose company is one of the largest software-based P2PE providers.

To read this article in full or to leave a comment, please click here