The problem of selecting the best mobile EMV solution is extremely relevant for merchants, POS software vendors, and payment gateway providers. From the standpoint of a POS software provider, the task is to integrate a card-present solution into a mobile app. If a merchant’s mobile device is connected to a card reader, it can function as a mobile POS system. However, there are several issues which have to be taken into account in this context. If EMV cards are not involved, the most serious issue is PCI compliance of the POS system. However, in the EMV world, beside PCI compliance, there are EMV regulations, intended to preserve the integrity of EMV kernel of the POS system and the EMV card. These regulations require the whole EMV path to be certified. EMV certification is a complex and time-consuming process, which, among other things, requires the purchase of a special EMV toolkit.
Types of Mobile EMV Solution
- Fully integrated solutions, based on encrypted card readers, work perfectly well for ordinary magnetic stripe cards. They allow the merchant to get the mobile POS app out of PCI scope, but not out of the scope of EMV regulations. EMV path has to be certified initially and re-certified every time some changes are introduced into the system.
- A standalone solution is based on a special independent EMV-certified application, provided, for instance, by a payment gateway. It allows the merchant’s POS system (mobile app) to remain out of EMV regulations scope.
- A semi-integrated solution requires the development of an autonomous EMV-certified embeddable component, which handles basic payment operations and transmits the data to the payment gateway. This solution allows the merchant to exclude the POS system from the EMV path; it is more flexible and more complicated than the other two.
Read more about mobile EMV solutions in the respective article on Paylosophy.com.