Please ensure Javascript is enabled for purposes of website accessibility

All you need to know about payment security and then some.

Security is First American’s main priority, and we’ve invested significantly in PCI-compliant solutions to protect your data and that of your customers. 1stPaySecure, our proprietary suite of solutions, includes encryption, tokenization and complementary products.

Point-to-Point Encryption

P2PE is point-to-point encryption, an advanced security method designed to conceal credit card data from the point of sale and throughout transit, all the way through to authorization. We apply P2PE for every transaction and complement it with tokenization, a process in which we replace personal data with a randomly generated code that has no value to external enterprise systems.

All data is stored in our secure vault and is only decrypted when it reaches its final destination.


PCI DSS stands for Payment Card Industry Data Security Standard. This set of security standards ensures that all companies accepting, processing, or storing credit card information maintain a secure environment.  

There are 12 levels of PCI compliance. Each level is mandated and monitored by the credit card issuers, and independently audited on an annual basis. Merchants are assigned to a level based upon the number of credit transactions they process each year. 

Reducing Risk and Liability

Merchants who accept credit cards are ultimately responsible for protecting their customers’ cardholder data, regardless of where it is processed, stored or transmitted. First American’s secure process of handling this sensitive credit card data and storing it on our PCI-compliant server instead of the merchant’s, reduces both the risk and liability to merchants.  


Additional support for merchants, click here.


EMV cards are designed to prevent fraudulent transactions when someone physically swipes a counterfeit credit card at a payment terminal. The cardholder’s account information is stored on a microchip embedded in the card. This information is encrypted each time it is accessed, making it more difficult for potential fraudsters to access sensitive data.