When you advise your merchant clients about transitioning to EMV-compliant solutions, one of their options is using a semi-integrated solution, which can have benefits for them as well as for you as a VAR or ISV.
Rhonda Boardman, VP of business development, acquiring channel for Ingenico, explained in a typical retail environment, cardholder data flows from card reader, to point of sale (POS), and then to the merchant’s back office and then to the processor’s back office. “The transaction flows all the way and back through all of those touchpoints from a security perspective,” she said. Under the Payment Card Industry Data Security Standard (PCI DSS), the POS terminal is a part of the system that must comply with the standard.
With a semi-integrated solution, the POS terminal still initiates the transaction, however, cardholder data bypasses the POS terminal and merchant’s back office and is transmitted directly from the card reader to the processor or gateway. The processor then communicates back to the terminal whether the sale is approved or declined. In this case, the POS terminal and the merchant’s back office are removed from PCI scope and cardholder data, because it never enters the POS system, is more secure.
With the push from ISVs and VARs to help their merchant IT clients transition to EMV, especially now, after October 1 when liability for fraudulent card transactions has shifted to the party with the least EMV-compliant technology, you could be looking for ways to avoid hurdles to certification and time delays in queues for approval.
Boardman says Ingenico’s Telium Semi-Integrated (TSI) payment solution provides an option for retail IT solutions providers to help their clients migrate to EMV, and also encrypts consumer data from the point of acceptance before routing it to the card processor or gateway.
Click below for a demonstration of TSI from application partner iMobile3, the first custom application to integrate with the solution.
Boardman says other benefits of semi-integrated solution are lower cost and time savings for ISVs and solutions providers to complete the integration. “From the third-party perspective, we provide libraries that they can code to the API. The application is already EMV certified. All they have to do is code to that application and EMV integration is done,” she explains.