In this article we explore changes in the so called “card present” payment methods that are used to process payments at point of sale and the ways in which the Payment Card Industry Security Standards Council has embraced mobile technologies in particular Soft POs technology.
From swipe & sign to chip & PIN
In-person debit and credit card payments were once processed at point of sale using mag-stripe technology. This involves customers swiping their cards in the POS terminal and signing to authenticate themselves as the card owner. Magstripe methods are inherently vulnerable to fraud as the data on mag-stripe debit and credit cards is easily stolen and re-produced for fraud through a method known as skimming, today we are moving towards NFC payments on smart devices.
To assure the security of point of sale payments, today’s payments use EMV chip and PIN security, the leading global fraud prevention technology, which is defined and managed by EMVCo LLC, a consortium which comprises MasterCard, Visa, Europay, China UnionPay, American Express, Discover and others.
EMV chip cards are either inserted into or tapped onto the payment terminal to process a transaction. Customers enter their personal identification number (PIN) to authenticate themselves. Countries that have implemented EMV chip and PIN have all but eliminated fraud at point of sale. Major benefits include:
- Improved security. EMV cards are equipped with unique security chips and use advanced data encryption schemes to secure payments. Cards are extremely difficult to hack or clone.
- PIN-authentication. Physically stolen cards cannot be used for high value fraud as larger payments typically require customer PIN, which is only known to the customer themselves.
- Enables fast tap and go (contactless) payments via the latest duel interface EMV cards.
- Reduces merchant fraud liability exposure, as the chargeback liability is held by the card issuer.
Embracing the Soft POS
A promising development in a rapidly growing mobile point of sale technology market, in recent years, the Payment Card Industry Security Standards Council has implemented various new standards to open the door to chip and PIN transactions on consumer grade mobiles. New standards support the emerging SoftPOS applications, which are a software-only solution for enabling contactless payment acceptance on mobiles, without external dongles.
Contactless Payments on COTS
One of the new standards released is the PCI Contactless Payments on COTS (CPoC™) Standard. Applications complying with this new standard allow merchants to accept contactless payments using a commercial off-the-shelf (COTS) mobile device (e.g., smartphone or tablet) with near-field communication (NFC). In simple terms it means businesses can now accept NFC-based customer payment on their phone by downloading an app and tapping cards against their phone. This offers merchants all the convenience of tap and go payments, directly on their mobile.
Software-based PIN entry on COTS
The so called “SPOC” standard enables software-based PIN acceptance on consumer grade mobiles and tablets – known in the industry as PIN on mobile. The SPOC standard is designed to work in conjunction with an external card reader. The introduction of software based PIN acceptance shows a willingness for the industry to open the door for PIN based cardholder verification methods on consumer grade devices.
Felix is the answer to EMV on mobile
By transforming smartphones into contactless terminals, Felix simplifies card payments for businesses looking to take payments on mobile. Felix delivers a software-based solution that completely integrates card-present payment authentication on mobile.
The future of mPOS is Soft POS a downloadable app. Kissing dongles goodbye and making your phone your POS. The Soft POS revolution is just beginning.Contact Felix