Security & PCI

sproutPOS® keeps you protected by tokenizing every payment. We are also PCI compliant and offer Secure Socket Layer (SSL) encryption and Point-to-Point (P2PE) encryption.

What is Tokenization?

sproutPOS tokenization service encrypts every piece of confidential payment data your customer supplies and stores it on PCI-Level 1 certified servers. Tokens are great because they mitigate risks associated with storing credit card numbers. Further, tokens can be invalidated without exposing any cardholder data.

PCI Compliance

sproutPOS is powered by Beanstream, a PCI Level 1 (the highest level) certified service provider. This means we hold to the highest industry standards for data protection and network security. Your business and cardholder data is safe with us.

As part of our ongoing security program we perform rigorous checks of our systems, both internally and via independent third-parties, to ensure we meet or exceed card association requirements. View the full standards here.

SSL Encryption

Secure Socket Layer is a standard technology for establishing an encrypted link between a server (Beanstream) and a client (a merchant). With SSL both the link and the data being transmitted (payment ex. credit card information) are encrypted.

Point to Point Encryption

When card data is tapped, dipped, swiped or manually entered into sproutPOS it is immediately encrypted. The encrypted data is then sent over a Secure Socket Layer to Beanstream’s PCI-Level 1 compliant gateway. Beanstream then sends the encrypted data to the acquiring bank via Secure Socket Layer. The acquiring bank decrypts the data, processes payments and then sends Beanstream a token representing the data. All of this ensures Point-to-Point encryption.