You can rest assured that nCourt is secure. Our PCI DSS Level 1 certification is the highest level attainable. And we will greatly reduce your PCI scope, costs, and liability through point-to-point encryption (P2PE) and tokenization.
nCourt Ensures Security of Every Transaction by Providing:
P2PE and PCI Compliance
- nCourt’s P2PE payment solution prevents an organization from enduring high PCI DSS cost, liability, and risk associated with network segmentation. All data transmitted through the POS device is deemed unreadable to the organization (and to thieves). Cardholder data is never transmitted in clear text. The confidentiality and integrity of the data is transmitted securely point-to-point. P2PE addresses the possibility of data interception during transmission between the POS device and payment processor.
- To become PCI DSS compliant, it is a requirement to complete form SAQ-P2PE OR SAQ-C and keep it on file for merchants that require it (download it here).
Encryption
- Encryption is used to protect the cardholder data at the start of every transaction. All tracked data, including account number and expiration date, is obscured so that the data cannot be decrypted without the corresponding decryption keys. Using P2PE, card data is encrypted at the time of reading (swipe, insert or manual entry) and stays encrypted until received and decrypted by the payment processor.
Tokenization
- When card information needs to be retained for future transactions, tokens are used instead of cardholder data. Since each transaction is unique, encrypted card data stored from a previous transaction is unusable. So, when a transaction is performed, the bank or payment processor may return a token, which can be stored and used at a later date for subsequent transactions. Most importantly, the token cannot be reversed to retrieve any cardholder data.