Card Payments with Time & Materials Android Application

Marina Astapchik
IT Trends Research Specialist
May 9, 2012

Introduction

Time and Materials application for Android tablet is a mobile point of sale (POS) application. It is a part of a complex payment solution which has the following components:

1. Time and Materials application running on an Android tablet;
2. PIN Entering Device (PED);
3. Payment gateway;
4. Accounting server.

Card payment process

In this article I will describe the implementation of the card payment process in the Time and Materials application. PED, ATM and Payment Gateway take part in this card payment.The payment process consists of the following steps:

1. Time and Materials application sends initial payment request to PED.
2. PED reads the card and the user PIN input, and sends this information to ATM.
3. The PED communication module extracts the required information pieces (EMV or magnetic card, card number, PIN block, EMV tags, etc.) from the PED-specific message and uses them to construct a payment request message in ISO 8583 format. j8583 library is used for ISO8583 message generation / parsing. The payment request message is then sent to the payment gateway.
4. The payment gateway processes the message, communicates with bank network and sends a response message to ATM containing the information whether the transaction was approved and optional EMV tags.
5. ATM parses the gateway response message and sends the approval status and optional EMV tags back to the PED.

The requirement was to have the ability to support different PEDs, so a generic PED interface was developed and used in the application's PED communication logic. This approach makes specific PED support implementation easier, allows different PED connection options (currently Bluetooth and USB), and also makes PED change transparent to the application. Currently supported PEDs are:

1. PED Simulator — in early stages of development we had no PED, so a PED Simulator application was developed to simulate basic operations with magnetic cards, such as swipe card, approve the amount and enter PIN number. It runs on Android smartphones and uses Bluetooth for communication with T&M.
2. SP30 — supports magnetic stripe and EMV cards, uses RS232 port for communication. A USB-to-serial adapter is used to connect this device to the Android tablet.
3. MPED400 — a more up to date device with magnetic stripe and EMV card support. It can connect via Bluetooth or serial port.

Conclusion

The part of the time and materials application that is responsible for card payment processing acts like an adapter between PED and Payment Gateway, converting the PED messages in proprietary format to ISO 8583 format that is used by Payment Gateway, and vice versa. The development of generic PED interface unifies and simplifies new device support and also allows easy PED interchange.

Figure 1 provides a simplified graphical representation of the architecture.


Figure 1: Application architecture

Figure 2 demonstrates the payment process:


Figure 2: Card payment process

Industries and Technology Areas:

Industries: payment card industry

Technology Areas: digital payment technologies, Time and Materials application, PIN Entering Device (PED), ATM, software development, Android. tablet

LATEST ARTICLES

How to Choose the Right Warehouse Management System

Question. What is the warehouse? According to some common yet biased opinions, a warehouse is a sort of the black sheep of an enterprise. It is regarded as a place that generates nothing but additional costs, freezes working capital and complicates the work of a business. This is the reason...
READ ARTICLE

How FinTech Makes Traditional Banking a Better Place for Humans

Online banking, mobile money transfer applications, cryptocurrency - these new ways to carry out customary banking operations and financial services made all the possible headlines in 2018. However, the question is how to find the right angle to observe what’s going on without bias. For instance, are we witnessing the...
READ ARTICLE

The State of Cybersecurity in Healthcare

Given the fact that nowadays there are serious issues with cybersecurity within various industries, it’s fair to say that high-tech yet susceptible equipment might be hacked at literally any moment. The survey by Ponemon Institute claims that in 2017, the average number of breached records by country reached 24.089, with...
READ ARTICLE