Stripe Terminal encryption

Businesses using Terminal for in-person payments can choose between two levels of encryption. All payments using Terminal are securely encrypted using end-to-end encryption (E2EE) by default. Businesses in certain industries, such as healthcare and education, can also use the PCI-audited point-to-point encryption (P2PE) solution from Stripe.

P2PE standards, which are developed by the PCI Council, add an additional decryption step through HSMs (hardware security modules) before Stripe sends payment data to card networks. Our P2PE solution can save businesses time and money by simplifying PCI compliance and reducing PCI audit scope and audit costs. It’s validated by a third party, ensuring compliance with PCI P2PE standards, and doesn’t require any additional integration to get started.

If you’ve enabled P2PE, consult the P2PE Instruction Manual (PIM) for detailed guidance. This manual provides instructions on how to properly implement our validated P2PE solution.