# Stripe Terminal encryption

This article explains how Stripe Terminal protects card data through encryption, and the difference between the default end-to-end encryption (E2EE) and the optional point-to-point encryption (P2PE) solution.
## How Terminal encryption works
Stripe Terminal encrypts sensitive card information the moment a customer presents their card to the reader. The reader sends the card information to Stripe through end-to-end encryption and tokenizes it. The Terminal SDKs, and by extension your point-of-sale (POS) application, only receive a Stripe payment token, never sensitive card information. As a result, the POS application using Stripe Terminal can't handle card data and is out of scope for PCI compliance.
## E2EE vs. P2PE
Terminal securely encrypts all payments with end-to-end encryption (E2EE) by default. Businesses in certain industries, such as healthcare and education, may choose to use Stripe's PCI-audited point-to-point encryption (P2PE) solution.
P2PE standards, developed by the PCI Council, add a decryption step through HSMs (hardware security modules) before Stripe sends payment data to card networks. A third party validates it, ensuring compliance with PCI P2PE standards. P2PE can save businesses time and money by simplifying PCI compliance and reducing audit scope and costs, and doesn't require any additional integration.
Stripe P2PE is an optional, paid feature, and pricing is available at [stripe.com/pricing](https://stripe.com/pricing). Reach out to your sales representative or [contact sales](https://stripe.com/contact/sales) to discuss whether P2PE is a good fit.
## Related articles
* Stripe Terminal encryption and tokenization
* Stripe Terminal payments and PCI compliance