Security is Handpoint’s number one priority in every element of its design.
Handpoint has been a pioneer in securing payments during the (r)evolution to mobile and integrated
payments. We built our platform from the bottom up with P2PE architecture in mind. The layers of our
secure solution are designed to protect merchants and cardholders -- from the setup of the terminal,
through every touchpoint of the transaction, on every day of the merchant lifecycle.
Activation & Deployment:
- Handpoint terminals are protected by remote key injection and remote software injection. When a
terminal ships, it cannot process a transaction. Only once a unique terminal is paired with a
merchant’s unique POS will the terminal connect to Handpoint and download its unique configuration,
the most up-to-date terminal software, and the specific encryption keys –- all with no merchant
- This clever remote key injection technology prevents man-in-the-middle attacks, while DUKPT key
management processes ensures that encryption keys are unique per transaction.
- P2PE security on every card reader helps protect every EMV, NFC, or MSR transaction. This means that
no vulnerable data is passed through a merchant's network or integrated software (POS) application.
Handpoint was the world's first mPOS provider to receive the coveted PCI-P2PE validation for its
payment application (software terminal). All data is always strongly encrypted, everywhere.
- Handpoint’s PCI-DSS certified platform is hosted on AWS for infinite scalability and uptime.
- Chargebacks and fraud are significantly reduced with EMV & NFC acceptance.
- Fast and simple semi-integrated APIs eliminate sensitive data from POS systems AND eliminate your
need to EMV certify POS software integrations. Our semi-integrated architecture means that the POS
is completely out of scope from the EMV payment path.
- Handpoint’s combined semi-integrated architecture and P2PE encryption eliminate any sensitive data
from the POS environment, reducing both risks from hackers and PCI audit issues, plus delivering
all the savings from chargebacks that an EMV card reader offers.
- How does it work? The POS simply tells an amount to the Handpoint card reader, and the card reader
does all the rest. Our P2PE payment application, hosted on the card reader, encrypts the entire
message with DUKPT and 3DES from the first dip, tap, or swipe. The encrypted message is routed
directly to our security service and gateway switch, utilizing PCI-mandated security protocols, and
then sent to your processor for authorization. The corresponding authorization is sent back
directly to the Handpoint card reader, which simply returns the authorization and receipt to the
- Handpoint’s unique secure key pairing process ensures that no one can swap out a terminal and route
transactions fraudulently. If a terminal is tampered with, its encryption keys are immediately
- Terminals are kept up-to-date with no merchant effort via remote terminal updates controlled by the
- Acquirers can see transaction data down to the terminal level is available in near real time
- Lost or stolen terminals can be deactivated instantly with the click of a mouse in the cloud-hosted
- And if you choose to cancel a merchant relationship, you can deactivate their processing in
No matter where your merchants transact, Handpoint security is already there.