Datacap Logo

How to set-up PCI-Validated P2PE with Datacap and Bluefin

Datacap offers both non-validated End-to-End Encryption and PCI-Validated Point-to-Point Encryption. Benefits of PCI-Validated P2PE include:

  • PCI-validated P2PE solution secures transactions by encrypting all data within a PCI-approved point of entry device, preventing clear-text cardholder data from being available.
  • Reduced PCI scope for the merchant (reducing SAQ questions by 90%).
  • Available to Datacap POS partners without integration changes.

Setting up PCI-Validated P2PE requires some additional steps compared to a standard Datacap install that utilizes End-to-End Encryption. To set-up PCI-Validated P2PE with Datacap, follow the steps below:

Note: PCI-Validated P2PE with Datacap requires NETePay Hosted

1 In PSCS, create a NETePay Hosted deployment and select "Enable" for BlueFin Validated P2PE Support.

Bluefin Validated

2 Order your devices via BlueFin's P2PE Manager

2A Once logged in, from the home page, click on "Device Requests".

Device Requests

Create a new order by clicking on the “create new order” button.

Create New ORder

Notes: All fields marked with an asterisk (*) are required for new requests

  • If that data is not initially available, you can save the record but you will not be able to submit the record.
  • The save button will not be available if the order has already been submitted.
  • The submit button will not be available if there are no devices on the request or if there are missing fields that are required

A list of missing fields will display below the submit button.

2B After completing the required account/custodian information, add the required devices.

Click on the “Add a Device” button

Add devices

Select Device, Quantity and Comm Type. Click “Save”. Repeat for additional devices

New Device order form

Note: Cables and/or other accessories that are automatically included will be listed in the Included Accessories section below the Selected Devices

2C Submit your device request by clicking on the "Submit" button. Once submitted, you can no longer edit the request. Contact your BlueFin sales rep if changes need to be made after it was submitted.

3 After receiving your order, confirm devices were not tampered with and confirm the identity of any third-party personnel.

Tamper Bag
POI Device in tamper evident bag with a tamper evident sticker on it

Notes: When the POI devices arrive at the customer location, the employee listed as the contact for the location logs into the P2PE Manager and starts the process for confirming the device they received. The merchant employee manually keys (or scans) in the serial number of the device, and the serial number from the tamper seal into the P2PE Manager, and if they both match the injection and shipment records recorded by the KIF, then the device is marked as being eligible for use (see P2PE Manager Device Activation v3.0 below).

If the serial number of the device and the serial number on the tamper bag do not match, the device is programmatically barred from use. Without the validation of those two authenticating serial numbers, substituted devices could not be put into use.

P2PE Manager Device Activation v3.0

Specific steps for activating a device within P2PE Manager can be found in your P2PE Manager User Guide or via the following video link: https://vimeo.com/182772442/30b87f999e

4 Ensure your Point of Sale is referencing the appropriate Datacap Secure Device ID that corresponds with your device. See chart below for some PCI-Validated P2PE-specific Secure Device ID examples.

DeviceSecure Device ID
PAX A920Pro+EMV_A920PRO_DATACAP_BLUEFIN
PAX A30+EMV_A30_DATACAP_BLUEFIN
PAX A35+EMV_A35_DATACAP_BLUEFIN
PAX A77+EMV_A77_DATACAP_BLUEFIN
PAX Aries8+EMV_ARIES8_DATACAP_BLUEFIN
PAX IM30+EMV_IM30_DATACAP_BLUEFIN
Verifone P400EMV_P400_DATACAP_BLUEFIN
Verifone P400 for Global CanadaP400GlobalDatacapBlueFin
Ingenico Move/5000EMV_MOVE5000_DATACAP_ONGUARD
Ingenico Link/2500EMV_LINK2500_DATACAP_ONGUARDD
Ingenico Lane/3000EMV_LANE3000_DATACAP_ONGUARD
Ingenico Lane/5000EMV_LANE5000_DATACAP_ONGUARD
Ingenico Lane/7000EMV_LANE7000_DATACAP_ONGUARD
Ingenico Lane/8000EMV_LANE8000_DATACAP_ONGUARD
ID Tech AugustaEMV_AUGUSTA_MONETARY
ID Tech VP6800EMV_VP6800_DATACAP_BLUEFIN

+ DC Direct P2PE support on these devices only

To search for the appropriate Secure Device ID value, refer to Datacap’s compatible devices and choose a device. On the NETePay Hosted Secure Device IDs section, look for the row or rows that are labeled (PCI-Validated P2PE).

PAX A920Pro Secure Devices
Example of Secure Device Chart on PAX A920Pro device page

Still need help?

How can we help?

Call us (215-997-8989) or Send us a message