Many large merchants with complex POS systems choose to enable EMV using middleware that integrates their EMV card readers with their POS system. A well-designed middleware solution will isolate card data so that it never touches the POS. The POS (“selling system”) reaches out to the middleware with a request for payment, and then the middleware directs the actions of the EMV card reader through the completion of the transaction. If the combination of middleware plus EMV card readers (the “selling system”) are the only components ever touching card data, the POS is no longer a part of the payment transaction, offering significant PCI scope reduction.
The diagram below is from a more detailed presentation illustrating the benefits of a “Next Generation Payment Architecture” to optimize card data security as illustrated by the National Retail Federation’s ARTS division:
Following the design above, integrating a complex POS to new EMV card readers via middleware is an excellent option to consider, because middleware makes it easier to connect the selling system to the payment system in either a “semi-integrated” or “fully-integrated” fashion. Typical “semi-integrated” solutions for EMV use middleware that runs inside an EMV card reader. Merchant Link spent quite a bit of time evaluating options for enabling integrated EMV and chose to keep the middleware independent of the EMV card reader, which is the same technique many large retailers use.
Running the EMV middleware independently from the PINpad or card reader provides many advantages over solutions that use the PINpad CPU to run the middleware. Three top reasons to consider PINpad-agnostic middleware solutions interfaced to a secure payment gateway are that the solution is:
- EMV card reader/PINpad Independent
- Payment Processor Independent
- Forms Independent (“forms” control the customer-facing display screen on the EMV terminal)
EMV card reader/PINpad Independent: There are a variety of vendors including Verifone, Ingenico, MagTek, Equinox, and others that make many different models of EMV-ready terminals. Having the integration middleware run independently from the EMV device lets you mix and match devices across different stores, or even within the same store when combined with a secure payment gateway. This flexibility can be important for merchants that already own a variety of EMV-ready equipment, or for those that prefer a combination of different makes and models of EMV equipment. One simple integration to the payment system middleware can be designed to support many different makes and models of EMV terminals.
Payment Processor Independent: When interfaced with a secure payment gateway, EMV middleware can enable point-to-point-encryption (P2PE) and tokenization across multiple payment processors. A well-designed integrated or semi-integrated solution with middleware can isolate the POS from ever touching card data, significantly reducing PCI scope and breach liability. If your locations plan to move from one payment processor to another on occasion, make sure your integrated EMV solution allows the PINpad devices to be remotely reconfigured to work with the new processor. The last thing you want is to ship your PINpads to a service facility for firmware and software changes each time a site switches from one processor to another.
Forms Independent: Forms are used to control the customer-facing display screens on most EMV terminals. Keeping the middleware off of the EMV device allows you to control the imagery and display conversation with your customer during the payment process independent of device manufacturer. This is important for multimedia terminals with larger displays, especially if you have sites that already built advertising and graphics to run on EMV-ready terminals. Middleware that’s running independently of the terminal can layer-on additional EMV capabilities without causing the existing imagery and advertising work to be lost.
Those are three top reasons to consider using PINpad-agnostic middleware with a secure payment gateway for integrated EMV. They all work together to provide additional flexibility to customers that are not ready to limit their options to one particular terminal hardware vendor or one specific payment processor. Merchant Link chose to follow this approach when engineering our TransactionLink™ middleware solution for EMV. Our customers wanted the security of P2PE and tokenization with the ability to choose from various devices and processors today, and the freedom to change those selections in the future.
