Bluefin Payment Systems Launches PCI-Validated P2PE Sub-Listing Opt for Decryptx Partners

November 08, 2017 – Atlanta, GA – Bluefin Payment Systems, the leader in payment security, today announced the launch of their PCI P2PE sub-listing option for Decryptx® partners. By partnering with Bluefin’s PCI P2PE Assessor, Coalfire, the company has developed a security and compliance program that streamlines the adoption of a validated, listed P2PE solution and provides Decryptx® partners a path to P2PE offerings at a fraction of the cost and time of a typical listing.

Decryptx is Bluefin’s Decryptions as a Service (DaaS) offering, which enables processors, payment gateways and software platforms to provide Bluefin’s PCI-validated P2PE solution direct to their clients through a simple API connection – with no change to a client’s payment processing relationship.

Through Decryptx, the only part of the transaction that Bluefin requires is the P2PE payload, which contains the swiped, keyed or EMV card data encrypted within the PCI-validated device. Bluefin decrypts the data then sends the decrypted payload back to the processor or gateway for authorization. Bluefin currently has more than 45 processors, gateways and software providers enabled for Decryptx.

Providers that introduce their own PCI-validated P2PE solutions are listed on the P2PE solution provider page of the PCI SSC website. The option of sub-listing under Bluefin’s PCI P2PE solution provides the companies’ Decryptx partners the opportunity to list their own branded solution under Bluefin’s master listing – which helps the P2PE offering to transition seamlessly into the partner’s product line and increase merchant adoption. From an assessment perspective, a sub-listing clearly informs the Qualified Security Assessor (QSA) community of the PCI scope reduction that will be applied to your merchants using P2PE. 

Decryptx provides any processor, gateway or integrated software provider, globally, the ability to extend the security, cost reduction and PCI compliance scope reduction benefits of Bluefin’s P2PE solution directly to their clients – with absolutely no change in the processor relationship and no change in how merchants accept payments today,” said Ruston Miles, Chief of Strategy for Bluefin. “Making our validated P2PE solution available to partners means that these companies do not need to spend the money and resources themselves to achieve full PCI P2PE validation. They can simply utilize our solution through a quick API integration to Decryptx – with the benefit of providing their merchants this important and highly-demanded service immediately.”

“Bluefin created this program around PCI’s ground-breaking P2PE Standard 2.0, which componentized the solution into a subset of services. This approach enables providers like Bluefin to offer individually listed components of the overall solution. We are happy to work with Coalfire to list providers seeking this simplified sub-listing approach. For a live example, see Merchant Link’s TransactionShield Validated listing on the PCI P2PE Solutions listing webpage,” added Miles.

To date, Bluefin is the only company providing a DaaS P2PE service and sub-listing option, along with the company’s patented P2PE Manager®, which tracks, catalogs and reports on all of a merchant’s P2PE devices, locations and users.

“We proved the model of Decryptx with our first partners – who really were security trailblazers in recognizing the importance of PCI P2PE to their clients. Starting in mid-2016, interest in joining our Decryptx network grew significantly, especially in the higher education space,” said Greg Cornwell SVP, Sales at Bluefin. “We are very excited to now count more than 45 of some of the largest gateway and processing companies as Decryptx partners, and are looking forward to adding another 15 partners by the end of this year.”

Bluefin was issued its first patent on Decryptx in June 2016 and currently holds 6 issued patents with one 1 international patent allowed on its products, with additional patents pending in the US and internationally.

For more information about Decryptx, visit A list of select Decryptx partners can also be seen at

About Bluefin Payment Systems

Bluefin Payment Systems is the leader in payment security. We specialize in PCI-validated Point-to-Point Encryption (P2PE) integrated and stand-alone solutions for retail, mobile, call center and kiosk/unattended environments, and secure Ecommerce technologies including transparent redirect, payment iFrame and tokenization. Bluefin is a Participating Organization (PO) of the PCI Security Standards Council (SSC) and is headquartered in Atlanta, with offices in New York, Chicago, Tulsa and Waterford, Ireland. For more information, please visit

Other Point of Sale News: