Bluefin Announces the Grant of its European Patent on Systems and Methods for Creating Fingerprints of Encryption Devices
January 15, 2019 – Atlanta, GA – Bluefin, the leading provider of payment security technologies and PCI-validated Point-to-Point Encryption (P2PE) solutions for retail, hospitality, healthcare, and higher education, today announced the grant of their first patent in Europe, EP3120593, on systems and methods for creating fingerprints of encryption devices.
The patent covers aspects of Bluefin’s P2PE solutions, including Decryptx®, the company’s Decryption as a Service (DaaS) product, and the P2PE Manager, Bluefin’s 100% online management system for P2PE device tracking, chain of custody and PCI attestation. Decryptx enables any PCI/DSS provider, including payment gateways, processors, and ISV’s, to enhance their platform and offer Bluefin’s PCI-validated P2PE solution via a simple integration. Keyed, swiped, and EMV data from point of sale (POS) systems is protected via PCI-validated controls and encryption.
The issued patent relates to systems and methods for a P2PE management system (Bluefin’s P2PE Manager®) that has been configured to receive information from a plurality of point of interaction (POI) devices.
“P2PE is fast becoming the worldwide standard for payment card data protection. For example, Bluefin supports 10 connected partners in the European theater that represent over 10,000 protected endpoints,” said Ruston Miles, Bluefin’s Chief Strategy Officer. “Bluefin’s worldwide portfolio of patents protect the intellectual property behind our P2PE program management platform and unique service delivery methods. This supports our worldwide partners’ commercial efforts by providing competitive differentiation and best-in-class security products.”
Fingerprinting, or associating unique attributes of an encryption device, is critical in the validated P2PE process. Bluefin’s fingerprinting process is used to validate every transaction from each payment terminal. A “fingerprint” of each device is stored in Bluefin’s P2PE Manager and every transaction from each device is verified against the devices initial fingerprint. If this verification fails, this is an indication of potential device compromise. Bluefin’s P2PE Manager will mark the device as malfunctioning and suspend processing from the device in question pending research and resolution.
Bluefin was awarded its first U.S. patent in June 2016 on “Systems and Methods for Creating Fingerprints of Encryption Devices” and its second U.S. patent in October 2016 on “Systems and Methods for Decryption as a Service.” The company has since received an additional 8 U.S. patents, 4 Japanese patents, and the latest patent in Europe, with 17 additional patents pending.
Bluefin’s patent portfolio covers both Decryptx and the company’s P2PE Manager. Bluefin’s Decryptx network currently includes 92 connected partners in 29 countries, with over 80 devices/applications and 9 Key Injection Facilities (KIFs), as well as remote key injection services (RKI).
Bluefin provides the leading payment security platform that supports payment gateways, processors and ISV’s in 29 countries. Bluefin’s secure payment platform is key to the holistic approach to data security. Designed to complement EMV and tokenization, Bluefin’s PCI-validated Point-to-Point Encryption (P2PE) solutions provide a solid security defense against current and future data breaches. Bluefin supports point of sale solutions for retail, mobile, call center and kiosk/unattended environments, and secure Ecommerce technologies. Bluefin is a Participating Organization (PO) of the PCI Security Standards Council (SSC) and i