Bluefin is the recognized integrated payments leader in encryption and tokenization technologies that protect payments and sensitive data. Their product suite includes solutions for contactless, face-to-face, call center, mobile, eCommerce and unattended payments and data in the healthcare, higher education, and government industries. The company protects $130 billion in annual payments on behalf of 35,000 connected enterprise and software clients operating in 60 countries.
In 2014, Bluefin led the payment security industry into the cloud and built a suite of unique capabilities, such as a la carte services for gateway connectivity, PCI-validated point-to-point encryption (P2PE) and vault-less tokenization. iFrame and APIs are used for tokenization; the client never stores, transmits, or processes sensitive data, reducing security scope and improving privacy compliance. The outsourcing of annual compliance inspection and ongoing responsibility from the customer to Bluefin achieves initial cost savings of $500K-$1 million in setup and $100k-$250k per annum maintenance fees for enterprises.
Bluefin has been awarded 39 patents to date for, and is the pioneering service provider in, the specialized PCI-validated encryption and payment security vertical. Overall, Bluefin’s world class security and customer service addresses a $11 billion domestic payment security market which is less than 15% penetrated.
Bluefin’s integration friendly approach has empowered enterprise clients to achieve meaningful operational efficiencies, such as a 90% reduction in compliance expense with Bluefin’s solutions. The implementation of Bluefin’s unique encryption and tokenization services at the point-of-sale (POS) and eCommerce channel enables the modern economy to function in a near frictionless environment. What’s more, Bluefin improves threat protection, reduces business risk, increases transaction availability, and speeds up time to market for new service introductions.
Bluefin’s services are predominately sold by resellers (software vendors and technology companies) and, in some cases, directly to enterprise customers on a bundled basis, with security subscriptions and payment transaction fees. Business retention is very high, leading to 99% annual recurring revenue and multi-year top line visibility. Sample of the 300 partner list includes Visa, NCR, Moneris, Mastercard, Verifone, Gilbarco and Comdata.
Service Breakdown
PayConex™: Bluefin’s flagship service with omnichannel payment processing and P2PE/EMV/Tokenization protection. Available to resellers (software vendors and technology companies) and Bluefin direct to merchants.
Decryptx®: Non-PCI compliant ISVs, gateways and enterprises may become compliant by directly connecting to, and using, Bluefin’s services and reselling to merchants.
ShieldConex®: Secures Personally Identifiable Information (PII), Protected Health Information (PHI) and cardholder data (CHD).
- ShieldConex (Healthcare) won the 2022 Fortress Cyber Security award in data protection and the 2021 Cybersecurity Breakthrough Award.
The Basics
Security 101: Point-to-point encryption, or P2PE, is an algorithm which protects information in motion, like electronic payment transactions traveling between a POS device and a merchant acquirer or gateway.
Tokenization is used to protect data at rest like retailers who store CHD, or healthcare providers with PII or PHI.