For many years, traditional Point Of Sale (POS) terminals have been rejected by micro merchants because of their high cost, long-term contractual commitments, restrictive user interfaces and PCI DSS compliance requirements. Today, there is a clear movement in the payments industry to adopt mobile Point Of Sale (mPOS) technology to either replace or complement traditional POS terminals.
- To make sure that the smartphone or tablet cannot access sensitive payment information to remove the need for the device to undergo stringent security certifications
- To secure the card data from the point of capture through to the payment gateway to ensure merchants do not fall under the scope of PCI DSS compliance
- To reduce the cost of supply and configuration of the card acceptance equipment, without compromising the expected physical security, to make it an attractive proposition for merchants with low transaction volumes
- mPOS Security: Blue Star E&E's Thales hardware security modules (HSMs), both payShield 9000 and nShield, are already assisting PSPs to provide secure mobile Point Of Sale (mPOS) solutions to large numbers of merchants. The HSM performs three important tasks for PSPs – managing keys for the card readers, decrypting encrypted transaction data received from merchants and translating PIN blocks for online PIN-based transactions.
- Compliance: payShield 9000 complies with all relevant payment security certification standards (FIPS 140-2 Level 3 and PCI HSM) along with supporting various algorithms and key management methods used in mPOS transactions. Working together with numerous partners in the mPOS ecosystem, Blue Star Engineering & Electronics empowers all PSPs to choose from a wide variety of card readers, providing a quick, efficient and proven security solution with less integration risk.
- Utilisation of the HSM to manage the mPOS card reader keys to suit the particular payment gateway requirements
- Leveraging pre-integration with a wide range of leading mPOS card readers, offering more choices for merchants
- Meeting PCI HSM and PCI P2PE requirements out-of-the-box with a hardware/software combination particularly designed for mPOS
- Minimising time needed to integrate HSM with mPOS payment gateway by utilising Thales sample code and online test environment