Blackbaud MobilePay provides point-to-point encryption, which means that it encrypts payment card data swiped through the magnetic stripe reader at the time of the swipe. Our hardware is fully encrypted, tamper proof, and has melt-down components. In addition, the hardware and encryption models are handled in house and no third-party is involved in our decryption chain.

Regarding Payment Card Industry (PCI) compliance, there are currently no specifications for magnetic stripe-only hardware by the PCI Council so no magnetic stripe card readers (MSRs) of this kind are certified. However, when Blackbaud introduces new hardware subject to PCI-compliance certification, we will have that hardware validated. In the meantime, we will continue to follow all PCI Council guidelines.

While our magnetic stripe readers are P2PE compliant, Blackbaud Payment Service (BBPS)—our secure vaulting and tokenizing service—is PCI compliant and falls under our audit. Here are several links that may be of interest to you: