Blackbaud MobilePay follows the PCI SSC standards for point-to-point encryption. It encrypts payment card data swiped through the magnetic stripe reader at the time of the swipe. Our hardware is tamper-proof and has melt-down components. There are no third-parties involved in our decryption chain.

Currently, no Payment Card Industry (PCI) specifications for magnetic stripe-only hardware exist. Magnetic stripe card readers (MSRs), like these, are not certified. When we introduce new hardware in the future, we intend on having that validated. In the meantime, we will continue to follow all PCI Council guidelines.

Blackbaud Payment Service (BBPS), our vaulting and tokenizing service, is PCI certified. Please see our information here regarding PCI compliance: