Businesses using Terminal for in-person payments can choose between two levels of encryption. All payments using Terminal are securely encrypted using end-to-end encryption (E2EE) by default, but businesses in certain industries, such as healthcare and education, may choose to use the PCI-audited point-to-point encryption (P2PE) solution from Stripe.
P2PE standards, which are developed by the PCI Council, add an additional decryption step through HSMs (hardware security modules) before payment data is sent from Stripe to card networks. Our P2PE solution can save businesses time and money by simplifying PCI compliance and reducing PCI audit scope and audit costs. It is validated by a third party, ensuring compliance with rigorous PCI P2PE standards, and does not require any additional integration to get started.
Stripe P2PE is an optional, paid feature, and pricing is available at stripe.com/pricing. Please reach out to your sales representative, or get in touch if you would like to discuss whether P2PE would be a good fit for your business.