Heartland Payment Systems, one of the nation's largest payments processors, is developing "E3™", an end-to-end encryption solution that is being designed to provide the highest degree of security in the marketplace.
Once completed, E3 is expected to protect sensitive cardholder and payment account information so it is never in the clear — from card swipe through transmission to the card brands. E3 protection is being designed to operate across the five zones involved in the flow of a transaction:
From data entry/card read at a business location to the payments processor's authorized network.
From entry to that network and throughout the entire processor/sub-contractor network where data is in motion.
While the data resides in a central processing unit (CPU) or a host security module (HSM). A HSM is a specialized server that locks down information.
In storage where data is at rest.
From the processor's network to card brand's authorization and settlement centers. Heartland is actively engaging with the card brands to allow encryption through Zone 5.
E3 is being designed to be more than just a terminal. Heartland is developing an entire product line and solution set that includes a software developer kit and API's for electronic commerce and MOTO transactions (mail orders and telephone orders or card not present transactions) signature capture devices, secure keypads keyboards and more.
"Part of what Heartland intends to offer through E3 is that the merchant will never have the ability to decrypt a card, potentially reducing the scope of PCI."
– Steve Elefant, chief information officer,
Heartland Payment Systems