The concept of accepting card payments on a mobile device via NFC interface is not at all new with some actors working on the development of such solutions as far back as 2017.
Fast forward to 3 years later, in August 2020, none other than Apple announced the acquisition of a Canadian start-up Mobeewave which specialised in software-based payment acceptance. This, of course, led to a launch of a new iOS feature, which we now know as Tap to Pay on iPhone. This fact alone has strengthened the credibility of SoftPOS solutions overnight. Today, the technology is fully endorsed by payment schemes, PCI SSC, tech giants like Apple, and it is quickly becoming a trend in the in-store payments space.
Without a doubt (at least in our mind) SoftPOS has the potential to transform the in-store payments landscape, not only for micro-merchants but also for high-street retailers and luxury stores.
The promise of SoftPOS technology is to offer the flexibility to be deployed across many device types, from smartphones and tablets to professional business-oriented COTS devices. This will enable various use cases for merchants across all verticals.
This technology can create opportunities for FinTechs that already provide financial services to businesses. By integrating NFC payment acceptance functionality into their existing business applications, they are suddenly tapping into new revenue streams while creating a one-stop-shop experience for their merchants.
Launching your SoftPOS service based on white-label standalone solution
Dejamobile is enabling Acquirers and Merchant Service Providers to launch their SoftPOS service using ReadyToTap Payment for Merchants, a white-label solution that comes with a standalone SoftPOS application as well as service administration web portals for the Merchant Service Provider (Card Acquirer, ISO, PF, etc.) and its Merchants.
What are the advantages of relying on an off-the-shelf solution when launching a SoftPOS service?
When choosing ReadyToTap Payment for Merchants as a standalone solution, you can benefit from a turnkey service that includes a fully customisable white-label application, as well as service administration and management web portals, which are available for the use by your own teams, and your Merchants. This configuration can enable you to go to market much faster, as most of the components of the SoftPOS service are available off-the-shelf. This approach enables you to use the time saved in development to experiment with the technology in the field, so that you can better understand the exact needs of your merchants and shape the vision for the future development of your SoftPOS service.
This configuration perfectly address the needs of smaller merchants that are under-equipped when it comes to their ability to accept contactless payments, meaning they would benefit from both; a SoftPOS app which can be installed on their existing mobile device(s), and a dedicated web portal allowing them to view their activity and sales dashboards.
An integrated SoftPOS service: SDK or App-to-App
Another option when building an app with software-based payment acceptance functionality is to integrate an SDK or opt-out for an app-to-app implementation. Compared to the standalone option which relies on the white-label solution, the integrated configuration requires more time for implementation and time-to-market. However both SDK and app-to-app integrations have their own specificities.
While integrating an SDK will undoubtedly offer the most frictionless user experience, there could be another way of achieving a similar result with significantly faster time-to-market and lower implementation cost. You may have guessed it, we are, of course, talking about an Android Intents-based app-to-app integration.
What are the differences between the two approaches? In case of an app-to-app integration, the user will have to download and install two apps (payment acceptance app and an ECR or PoS app) while with SDK integration they would only need one. While having two apps can create some friction in the merchant onboarding journey, this is where the differences tend to end. That’s assuming the app-to-app integration is done the right way, of course.
So, if SDK integration provides the most frictionless user experience, why would you even consider an app-to-app approach? The answer lies with the current regulatory and certification landscape. As things are today, if you are integrating an SDK, your app would fall within the scope of a security evaluation from the payment schemes and PCI CPoC. Obtaining such certifications could add months to time-to-market not to mention associated costs.
On the other hand, with an app-to-app approach, we can completely bypass the need to carry out a security certification. Assuming the SoftPOS solution provider you are working with, can offer a white-label app that is appropriately certified.
So, to summarise, if you go with an app-to-app-based solution today, you could be saving yourself a considerable amount of time and investment while coming to market faster than competition. The otherwise wasted time and resources could be used to pilot the solution and learn from the real-life experiences of your merchants.
How to leverage the PCI MPoC standard when building your SoftPOS service
If you are willing to integrate an SDK to launch your own SoftPOS service, you should consider the PCI MPoC standard as this is another standard you’d need to comply with in the not-so-distant future. That’s not to mention the fact that PCI MPoC will offer a modular certification approach that will significantly simplify the certification path for applications that leverage certified SDKs.
The long-awaited PCI MPoC standard has been published in November 2022 and is designed to support the evolution of mobile payment acceptance solutions. As defined by PCI SSC, PCI Mobile Payments on COTS (MPoC) builds on the existing PCI Software-based PIN Entry on COTS (SPoC) and PCI Contactless Payments on COTS (CPoC) Standards, which individually address security requirements for solutions that enable merchants to accept cardholder PINs or contactless payments using a smartphone or other commercial off-the-shelf (COTS) mobile devices. The PCI MPoC Standard aims to provide increased flexibility not only in how payments are accepted, but in how COTS-based payment acceptance solutions can be developed, deployed, and maintained.
Dejamobile’s ReadyToTap is a future proof SoftPOS solution. If you choose either ReadyToTap standalone app or app-to-app integration, you may transition to a POS app integrated with an SDK and benefit from the more straightforward certification path that the new MPoC standard is offering. The transition between an app-to-app implementation to an SDK should be completely invisible to your merchants, and relatively straightforward for you.