Bluefin and Payway Partner to Provide P2PE Processing Solutions

Clients utilizing the Payway platform can now get the security, reduced PCI compliance scope, and brand protection of PCI P2PE.

Bluefin, the leading provider of payment security technologies, and Payway, an integrated payment processing solution, have announced today a partnership to provide Bluefin’s PCI-validated Point-to-Point Encryption (P2PE) solution to clients utilizing the Payway platform.

Payway® offers a cloud-based SaaS payment solution designed to give organizations total transparency into their card-not-present transactions. They have decades of experience in managing recurring payments and providing their customers with technology designed to keep them at the forefront of a rapidly changing payments landscape.

The Bluefin/ Payway P2PE offering secures credit and debit card transactions by encrypting all data within a PCI-approved point of entry device. This prevents clear-text cardholder data from being available within the device, or in the merchant’s system where exposure to malware is possible. Data decryption always occurs offsite in a Bluefin hardware security module (HSM), ensuring the highest level of security.

“While P2PE has been around for many years, only PCI Validated P2PE technologies have been tested to rigorous standards and should be trusted to reduce risk and PCI DSS scope at a merchant,” said Daniel Nadeau, principal and co-owner, Payway. “With Payway’s P2PE solution you can keep your customer’s data safe while also reducing the cardholder data environment, which lessens the scope of PCI assessments, so you spend less time, resources and budget on audits and more on getting business done.”

Bluefin enables PCI-validated P2PE on partner platforms using their Decryptx® Decryption as a Service (DaaS) product, which allows gateways, ISV’s, and processors to connect directly to Bluefin for the P2PE service.

“PCI-validated P2PE is a crucial payment security technology for any business or organization that processes card present credit card and debit card transactions,” said Greg Cornwell, Chief Revenue Officer, Bluefin. “We are excited to bring the security, reduced PCI scope and brand protection of PCI P2PE to Payway’s clients.”

Benefits of the P2PE solution include reducing PCI scope from 329 to a 33-question P2PE self-assessment questionnaire (SAQ), online management of the P2PE device process with Bluefin’s P2PE Manager®, and a variety of P2PE certified devices.

About Bluefin
Bluefin processing specializes in payment and data security technologies that protect point-of-sale (POS) and online transactions. Our security suite includes PCI-validated point-to-point encryption (P2PE) for retail, call center, mobile and unattended payments, and our ShieldConex® data security platform for the protection of personally Identifiable Information (PII), Personal Health Information (PHI), and payment data entered online. Bluefin is a Participating Organization (PO) of the PCI Security Standards Council (SSC) and is headquartered in Atlanta, with offices in Chicago and Waterford, Ireland. For more information, please visit


Every post in your inbox