Velocity is at the forefront of helping ISVs and merchants become EMV compliant by offering fully pre-certified SIS that is cost-effective, flexible and helps reduce their PCI burden.
With the SIS approach, messages between the terminal and the merchant’s POS system are limited to non-sensitive data and prevent card information from getting into the POS system. Instead, the card data is encrypted and routed directly from the terminal to the payment processing stack, completely away from the merchants electronic cash register system and back-office infrastructure. When you take the POS system out of the PCI equation, the semi-integrated solution reduces the compliance requirements and overall costs of adding an EMV-ready solution at a merchant’s place of business.
With Velocity’s implementation of SIS, the integration for adding a pre-certified EMV enabled smart terminal to your POS System can be seamless for ISVs and merchants using a simple cross platform SDK with support for Windows, Linux, Android, and iOS.
Decrease certification bottlenecks by routing sensitive data around the POS System, eliminating the role and scope of these systems in the EMV migration process, thus drastically reducing time, cost, and resources.
Eliminate card holder data from the POS, keeping secure data out of the merchant’s environment reduces their vulnerability to hackers, and protects their customers and brand. SIS additionally helps provide a seamless path to P2PE and tokenization.
Saving money and time to market by reducing the footprint a merchant has with regards to cardholder data in their system. SIS directly limits the scope a merchant has to PCI security standards and increases the chances of successful audit.
Within a traditional integrated retail environment, a physical connection is maintained between the ECR (Electronic Cash Register) and the payment terminal. In the diagram below, you can see that in a traditional authorization path, the card data passes through the ECR and the merchant’s back-office systems on its way to the host(s) or gateway.
Within a semi-integrated architecture, the communications are limited between the terminal and the ECR system to non-sensitive commands. Card data never enters the ECR; instead it is encrypted and routed directly from the terminal to the intended processing host/s or gateway.
* All free equipment requires a merchant services agreement through NAB Velocity.