What Goes Inside a PIN on Mobile Solution?

Text

Small business and micro-merchants across the U.S. are looking for a solution that helps them securely accept payment without compromising on security and burning a hole in their pockets. An answer to their call seems to be brewing up in the industry with PIN on Mobile technology. In my first blog post in this series, I discussed the basics of what a PIN on Mobile solution is all about and how does it work. In the second post, I explored which vertical benefits the most from this technology and how. For my third blog post in the series, I am taking a technical route and am looking to talk about the different components of a PIN on Mobile solutions. This is again a common question that I get when I talk about this subject.

What are the components in a PIN on Mobile solution?

A PIN on Mobile solution is comprised of a smart card reader that includes a software library for PIN entry, a software app on the merchant’s mobile device and a back-end solution that monitors the integrity of the merchant device’s execution environment before PIN entry.

  • Smart card reader: The PIN on Mobile solutions needs a smart card reader that accepts EMV and NFC/contactless This reader also needs to include a software library for PIN entry which helps in integrating the device with the merchant’s smartphone or tablet that used for entering a PIN. Based on the standards PCI released earlier this year for PIN on Mobile, the payment card reader cannot have magstripe acceptance which most devices today in the market have.
  • PIN on mobile app: A PIN on Mobile solution also needs a software application that allows secure entry of a PIN on the merchant's mobile device without compromising on the customer’s buying experience. This application ensures the secure PIN data does not come into contact with other non-sensitive data on the mobile device.
  • Back-end system: The final piece to this PIN on Mobile puzzle is a back-end system that monitors the integrity of the merchant device’s execution environment before PIN entry. This ensures that a customer can securely enter a PIN on the merchant’s mobile device without it being compromised.

Why can’t PIN on Mobile readers use magstripe?

One of the most important aspects of this solution is that the card reader does not accept magstripe transactions. The reason why magstripe is not used here is because of certain security vulnerability that increases when magstripe card verification is used. To address this, PCI excluded magstripe readers from their standard released earlier this year. EMV contact and EMV contactless card verification methods were approved because they offer much stronger security for both the merchants and customers.

Hope you found this blog post helpful. Feel free to ask your PIN on Mobile related questions in the comments section below or you can also submit your questions on our Ask an Expert section.

 

Irfan Nasir is the Head of Solutions Development & Deployment at Ingenico Group, North America

 

Related Blog Posts:

Author
Irfan Nasir_0.png

Irfan Nasir

CPO, Head of Solutions Delivery at Ingenico

Ingenico US

Blog Tags

Also in Customer experience

29 Oct 24
Elevate Banking Experiences with Next-Generation PIN Pad Technology
14 Oct 24
How Unattended Payments Are Transforming Commerce Across Industries
08 Oct 24
What to Consider to Tailor Payment Solutions to Merchants’ Operations
23 Sep 24
Take the Complexity Out of Payments Integration with Hardware Devices
03 Sep 24
The Outlook for Contactless Payment Adoption
19 Aug 24
What Acquirers Need to Look for in an Android Terminal
05 Aug 24
Payment Device Asset Tracking: The Easy Way to Know Exactly Where All Your PIN Pads Are
22 Jul 24
Hot Topics for ISVs and VARs at RetailNOW 2024
prev next