blog-breadcum

CASE STUDY

breadcum-strip

How Trunexa helped in building contactless payment terminal for Automatic Fare Collection while meeting security compliance

blog

About the requirement: 
Our customer is one of the leading Automatic Fare Collection (AFC) providers globally.  Their requirement was to utilize Near Field Communication (NFC) and 2D barcode scanner to design a contactless public transport ticketing terminal which can support open-loop credit cards and closed-loop technology. For that, they needed a secure Android platform to develop their applications which are PCI 5.1 and EMVCo compatible.
 
The terminal is required to support various applications such as card detection, payment card applications (for Visa, MasterCard, etc.), or a proprietary application. For each application, the software should be developed and installed distinctly, just like loading an application on a smartphone. Moreover, this needs to be done carefully, as changes to one application could lead to retest the complete reader or terminal. 
 
Challenges:
To manage the payments related data, the Payment Card Industry Data Security Standard (PCI-DSS) must be met. Data must be secure and cannot be open in a format that can be intercepted in plain text format.

Developers need to prototype the platform and test the complex processing that the terminal must aid. This incorporates activating the card, deny-list processing, selection of the correct application, and other administration processes expected to follow PCI-DSS compliance. Also, it must support the 2D barcode. The high cost of certification is the reason developers seek to minimize the attempt of submitting the system, both initially and when changes are made to specifications and code.

As contactless EMV is getting ubiquitous and older technologies are phasing out, there are many challenges in building handheld terminals that are rich in user interface and accept cards from several schemes. Moreover, these mobile terminals should facilitate onboarding and execute faster payments.

Solutions: 
Trunexa has played a key role in bringing contactless card reader, financial transaction processing, and secure communications technologies together in a single, secure Android platform. We developed software development kits (SDKs), drivers, and supported framework which can help the client to achieve contactless payments and NFC wallets for payment and ticketing. Trunexa helped in interfacing 2D barcode scanners to support the ecosystem of mass transit. 

With other peripherals like rich capacitive display, WiFi, BT, GPS, 4G connections, and support of old technologies like SAM, has made this device a one-stop solution for all mass transit-related requirements for handheld devices. Trunexa helped in designing the handheld hybrid terminal, which is optimized for POS terminal applications, allowing to achieve compliance for EMVCo 3.0 and implementing a high-power NFC front end functionality of NXP IC PN5180 supporting Android 5.1. This is the ideal way to add new fare media with rich UI/UX. 

The Android platform supports the microprocessor embedded in a plastic card or a mobile NFC device to connect to an EMV point-of-sale (POS) using contact or contactless interface. Supporting the cryptography processing, and card authentication mechanism validates the legitimacy of the payment type being used.

The three key aspects we have considered while customizing a platform for new ticketing infrastructure:

  • Scope of the ecosystem 
  • Cost minimization
  • Interoperability

Business use and Benefits:
The key to profitability in the mass transit domain is the ability to have standardized and interoperable transport applications. As the convergence of payment methods begins, getting organized payment card schemes and transport operators, many institutional issues need to be addressed. But in the long term, convergence is expected to benefit all stakeholders and of course passengers. This hybrid terminal is PCI PTS and EMVCo compliant and supports contactless payment cards ranging from MasterCard, RuPay, VISA, American Express, Discover, and many more. This does not limit closed loop cards like MIFARE, ITSO, etc, and mobile NFC wallets too. 

  • We helped the client to minimize expenditure close to 70% by designing and building applications on Android and packaging them once for multiple targets.
  • The flexible API approach ensures scalability as it allows the client to easily scale their offering as new clients/devices to come on board.