Thales HSMs Secure Mobile Point-Of-Sale Solutions From Mint Payments

How An Innovative Leader In mPOS Solutions Ensures That Cardholder Data And PINs Are Protected At All Times

The Challenge: Card Acceptance Needs To Be Simple, Secure And Available Anywhere

With the decline of cash payments, merchants of all sizes are increasingly looking for a flexible, cost effective and secure payments solution to accept EFTPOS (electronic funds transfer at point of sale) and credit card transactions on the go. It is no longer just the established bank acquirers and third party processors that want to offer card-based payment solutions to merchants, with telcos and other service providers looking to integrate card payments into their solutions or expand their current offerings. Together with the increasing desire for integrators to develop payment functions into their mobile apps, a solution supporting secure card acceptance without the traditional merchant POS device installation, configuration and security audit complexity is urgently needed.

The Solution: Flexibility and Security Powered by Thales HSMs

In order to address these issues, Mint Payments chose Thales hardware security modules (HSMs) to provide high assurance encryption and key management functionality as an integral part of their PCI DSS compliant data center.

Mint’s mobile card acceptance solution uses a small portable card reader that connects via Bluetooth to a merchant-owned smartphone or tablet. The device is magnetic stripe, EMV Chip and contactless enabled, allowing the merchant to accept “customer present” payments securely. Tight control of the remotely initiated key injection process for card reader activation, encryption of the payment data at the point of capture and the use of hardware security modules (HSMs) at the payment platform level, enables mPOS solution providers like Mint to attain PCI DSS compliance and delivers a clear win for all participants in the value chain.

Thales payShield 9000 hardware security modules (HSMs) are used in the Mint infrastructure for a variety of purposes, including:

  • Generating keys for the card readers
  • Decrypting card data
  • PIN block translation at the payment platform prior to sending the transaction into the acquirer network for authorization

How Mint and Thales deliver the win-win for corporates and merchants

The Mint Solution for mPOS using Thales HSMs is Comprised of Three Main Product Offerings:

  • Minterprise: a branded mobile payments platform for enterprises and banks, customizable to their needs
  • Mintegrate: a program supporting a set of SDKs and APIs that allow developers to seamlessly integrate payments into third- party software while leveraging Mint’s PCI capabilities
  • Mint mPOS: a solution comprising a mobile app and card reader combination that allows merchants of all sizes to accept contactless, chip and PIN-based card payments securely, anytime and anywhere.

Mint offers a complete and modular solution for mobile card acceptance, enabling many players in the value chain to leverage its proven bank grade payments infrastructure rather than having to invest in their own. All components of the solution meet relevant PCI, EMV and card scheme standards and certifications, provide simple integration and enable live deployments within weeks rather than months. The combined Mint Payments and Thales solution expands card acceptance in a flexible and secure way, delivering clear benefits for the various adopters.

Minterprise (for Enterprises):

  • Accepts a wide range of global/regional/national credit and debit card brands using smartphones and tablets supporting iOS and Android
  • Utilizes the bank grade security infrastructure hosted by Mint, eliminating the need for banks, telcos and service providers to create their own in-house PCI DSS compliant mPOS payment gateway
  • Offers white label, custom branded or integrated solutions generating strong brand awareness and tight integration where necessary

Mint mPOS (For Merchants):

  • Enables merchants to offer secure mobile card acceptance to customers as an alternative to cash
  • Eliminates clear text payment data from the merchant environment (and hence PCI DSS compliance overhead) through the use of point-to-point encryption (P2PE)
  • Benefits from an easy, quick on-boarding process as well as simple pricing options

About the Solution

Thales PayShield 9000: proven, Scalable Payment System Security

Designed specifically for payments applications, payShield 9000 performs tasks such as PIN protection and validation, transaction processing, payment card issuance, and key management. Used in an estimated 80% of all payment card transactions, payShield 9000 is the most widely deployed payment HSM in the world. The HSM’s design benefits from over 25 years of Thales experience with payment system security, giving organizations confidence in a state-of-the-art solution that delivers an ideal combination of security and operational ease.

The cryptographic functionality and management features of payShield 9000 meet or exceed the card application and security audit requirements of the major international card schemes, including American Express, Discover, JCB, MasterCard, Union Pay and Visa. payShield 9000 is certified to FIPS 140-2 level 3 and is also available in configurations certified to the PCI HSM specification as published by the PCI Security Standards Council.