Tech moves fast! Stay ahead of the curve with Techopedia!
Join nearly 200,000 subscribers who receive actionable tech insights from Techopedia.
Point-to-point encryption (P2PE) is a process of securely encrypting a signal or transacted data through a designated "tunnel." This is most often applied to credit card information encrypted from the merchant point-of-sale (POS) entry to the final credit card processing point, often maintained by a third party. The principle of P2PE can protect sensitive data in many different ways.
In general, P2PE has to be durable enough to actually protect data. Many systems use methods like public key encryption and hashing to make sensitive data in use opaque to hackers and thieves. The need for better security is becoming a major theme in business IT.
Within P2PE, a common retailer standard called Payment Card Industry P2PE (PCI P2PE) has caused a controversy after some notable data breaches from big retailer systems. It seems that the compliance measurements were not adequate enough to actually protect data, although in a data breach, it makes a difference whether the data were stolen in the "tunnel" or when it was at rest, stored for future use in business networks.