The Challenge: Card Acceptance Needs To Be Simple, Secure And Available Anywhere
With the decline of cash payments, merchants of all sizes are increasingly looking for a flexible, cost effective and secure payments solution to accept EFTPOS (electronic funds transfer at point of sale) and credit card transactions on the go. It is no longer just the established bank acquirers and third party processors that want to offer card-based payment solutions to merchants, with telcos and other service providers looking to integrate card payments into their solutions or expand their current offerings. Together with the increasing desire for integrators to develop payment functions into their mobile apps, a solution supporting secure card acceptance without the traditional merchant POS device installation, configuration and security audit complexity is urgently needed.
The Solution: Flexibility and Security Powered by Thales HSMs
In order to address these issues, Mint Payments chose Thales hardware security modules (HSMs) to provide high assurance encryption and key management functionality as an integral part of their PCI DSS compliant data center.
Mint’s mobile card acceptance solution uses a small portable card reader that connects via Bluetooth to a merchant-owned smartphone or tablet. The device is magnetic stripe, EMV Chip and contactless enabled, allowing the merchant to accept “customer present” payments securely. Tight control of the remotely initiated key injection process for card reader activation, encryption of the payment data at the point of capture and the use of hardware security modules (HSMs) at the payment platform level, enables mPOS solution providers like Mint to attain PCI DSS compliance and delivers a clear win for all participants in the value chain.
Thales payShield 9000 hardware security modules (HSMs) are used in the Mint infrastructure for a variety of purposes, including:
The Mint Solution for mPOS using Thales HSMs is Comprised of Three Main Product Offerings:
Mint offers a complete and modular solution for mobile card acceptance, enabling many players in the value chain to leverage its proven bank grade payments infrastructure rather than having to invest in their own. All components of the solution meet relevant PCI, EMV and card scheme standards and certifications, provide simple integration and enable live deployments within weeks rather than months. The combined Mint Payments and Thales solution expands card acceptance in a flexible and secure way, delivering clear benefits for the various adopters.
Minterprise (for Enterprises):
Mint mPOS (For Merchants):
About the Solution
Thales PayShield 9000: proven, Scalable Payment System Security
Designed specifically for payments applications, payShield 9000 performs tasks such as PIN protection and validation, transaction processing, payment card issuance, and key management. Used in an estimated 80% of all payment card transactions, payShield 9000 is the most widely deployed payment HSM in the world. The HSM’s design benefits from over 25 years of Thales experience with payment system security, giving organizations confidence in a state-of-the-art solution that delivers an ideal combination of security and operational ease.
The cryptographic functionality and management features of payShield 9000 meet or exceed the card application and security audit requirements of the major international card schemes, including American Express, Discover, JCB, MasterCard, Union Pay and Visa. payShield 9000 is certified to FIPS 140-2 level 3 and is also available in configurations certified to the PCI HSM specification as published by the PCI Security Standards Council.Download