A few days ago ‘Mobile Business’, one of the leading German news portals for such businesses, published an interview with Christian Deger, Managing Director of Sales and Business Development at payworks, about the mobile point of sale solutions offered by payworks and PAY.ON.
Cause of the contained detailed description of the payworks services we decided to translate the interview into English to make it available to all of you.
Following the interview:
Mobile Business: What does payworks do?
Christian Deger: We provide companies with all the necessary components to launch their own mobile point of sale solution. In addition to providing a white label app and the necessary hardware, we operate the technical infrastructure required to process mobile payment transactions securely and in accordance with regulations. Developers with their own apps are able to easily access our mobile payment backend via application programming interfaces.
Mobile Business: How does your latest Chip and PIN solution work?
Christian: Our Chip and PIN solution involves a payment application on a mobile device, such as a smartphone or tablet, which is connected wirelessly to a credit card reader with an integrated PIN pad. Together, these are used to process the transaction. After the payment has been triggered in the app, the card reader takes over: the reader directly encrypts the payment information on the device and sends them to the respective bank via our processing gateway. The payment data is only decrypted at the receiving end, following which the transaction is processed. After the successful completion of the payment, the mobile app receives a notification from the reader and the user can, for instance, receive an electronic receipt by entering their email address.
Mobile Business: What is the advantage over using traditional card acceptance terminals?
Christian: Traditional terminals are relatively expensive and not very flexible regarding implementation. It’s also often a highly convoluted process for retailers to get them into their stores in the first place. What makes many of the providers who develop solutions on the basis of our technology stand out is that they make initial uptake for retailers far simpler, they offer a transparent pricing structure and useful extra features such as analysis or loyalty functions, which are directly integrated into their apps.
Mobile Business: How are end customers able to authenticate themselves during the payment process?
Christian: Shoppers can authenticate themselves either by entering their signature on the smartphone’s touchscreen or by entering their card’s PIN on a certified PIN pad. It is not permitted to enter the card PIN directly on a smartphone or tablet touchscreen.
Mobile Business: How do you guarantee that the transaction and the end customers’ bank details are secure?
Christian: Security is the number one priority for all our solutions. In order to avoid the security risks associated with smartphones, bank details are directly encrypted on a certified card reader and only decrypted once they are received in a secure PCI-DSS certified environment. This means that transaction and bank details cannot be read or modified by viruses or rooted smartphones.
Mobile Business: Which debit and credit cards are currently compatible with your mobile solution?
Christian: Our solution allows for all credit cards (Visa, Mastercard, Amex, etc.) and corresponding local debit cards (Girocard in Germany) to be processed in accordance with regulations. Due to different local regulations, the technical implementation varies from country to country. For instance, in some countries outside Europe our solution is used with plug-in magnetic strip readers to process Visa transactions, which is currently not possible in Germany. Instead, a certified Chip and PIN solution is required.
Mobile Business: Which end devices is the app/solution available for? How much does it cost?
Christian: Our white label app is currently available for iOS devices, with an Android version coming soon. Our mobile payment SDK payworks.connect is already available for all major platforms, offering developers simple access to our processing infrastructure. This enables mobile payment solutions to be developed without the developers having to deal with too many questions about certification and security: we take care of that. Most of our customers make the app available for free download and make their money from transaction charges.
Mobile Business: What charges do retailers have to pay for each transaction?
Christian: Most providers only charge a transaction fee rather than a base fee. In Germany, all providers charge less than 3% of total transactions. In other countries, there are examples of retailers who pay a monthly flat rate for an unlimited number of transactions.
Mobile Business: Which standards and certificates does your mobile payment solution support?
Christian: Our recently launched Chip and PIN technology is compatible with all major standards used for standard card terminals. The hardware itself is certified in accordance with PCI-PTS (PIN transaction security), EMV Level 1 and EMV Level 2. PCI-P2PE certification (point-2-point encryption) ensures that the encrypted connection between the card reader and the prescribed hardware security module (HSM) conforms with regulations. The gateway through which transactions are routed is certified in accordance with PCI-DSS. Furthermore, additional tests must be carried out with the relevant banks for all accepted payment methods before retailers are allowed to implement the solution.
Mobile Business: Can you describe a short example implementation by a local customer?
Christian: One of our clients used our white label app at this year’s Oktoberfest in the Hippodrom and Käfer tents. The Oktoberfest retailers, who sell roses, feathered caps and stuffed animals to visitors, were kitted out with our payment app and card readers so they could take card payments directly at the tables. The retailers used to have to fetch a rented device from the till, which took a long time and was very inconvenient. The feedback on the new, flexible solution was therefore very positive. As a Munich based company, this implementation of our solution naturally was very special for us.