U.S. customers are no stranger to the PIN when it comes to debit transactions while they shop with large retailers. These retailers are using full POS solutions with PIN pads or touchscreen PIN entry to securely process its transactions. What’s less common here — but is widely accepted in the U.K. and Europe — is paying with a credit card and PIN.
While supporting this payment technology won’t be a challenge to large retailers, it could be for small businesses and micromerchants — think the person who cuts your hair, or the artisan selling goods at a street fair, or the operator of your favorite taco truck. How will they support EMV chip and PIN transactions securely and affordably?
The answer is an emerging payment technology called PIN on Mobile, which lets small businesses use consumer-off-the-shelf (COTS) mobile smartphones or touchscreen tablets for their POS solution. It may feel like the same experience as tapping your PIN onto the touchscreen of a mobile POS terminal tableside at your favorite restaurant, but the behind-the-screen technology is vastly different.
Though this technology is widely talked about in the payments industry, there is still some confusion about the terms used to discuss it. Some call it PIN on Mobile, some call it PIN on Glass. To add to the mix-up, PIN on Terminal also gets thrown around. Before we dive into the details on PIN on Mobile, let’s clear up the confusion about terminology.
What is PIN on Terminal?
PIN on Terminal refers to PIN entry on a payment acceptance device that is PCI PTS approved and includes card readers or smart terminals with physical PIN pads. This includes many of the devices you see in the wild today.
When customers pay with a debit card or PIN-enabled credit card, the PIN entry takes place on the keypad built into the payment acceptance device. This PIN along with the card information is securely transmitted to the issuer for authentication. Once the issuer gives the green light on the information provided, the payment request is accepted.
What is PIN on Glass?
Pin on Glass refers to entering a PIN on the touchscreen of a PCI PTS-approved payment device — typically part of a full-service POS solution. The security here is also baked into the device itself, which is only used as part of that POS system.
What is PIN on Mobile?
PIN on Mobile specifically refers to transactions where the PIN is entered on a merchant’s consumer-grade touchscreen tablet or smartphone. With EMV and PIN transactions becoming more common in the U.S., merchants need an affordable mobile solution that can securely accept PIN payments. Unlike the previous two examples, the PIN entry in this scenario takes place on a device that is not approved by PCI.
How does PIN on Mobile work?
PIN on Mobile is a software-based technology that allows micro-merchants and small businesses to securely accept electronic payments using a commercial off-the-shelf (COTS) mobile phone or tablet and a secure card reader. It’s one of the more significant changes seen in the payment industry in 2019, made possible by the PCI Software-Based PIN Entry Standard, and is also known as PIN on COTS.
The consumer-grade mobile device that is used as a POS system, in this case, is not PCI certified like a full POS solution would be. Since the PIN entry is taking place on the tablet/smartphone, PIN on Mobile uses software to make sure the sensitive authentication information remains secure. This software application accepts the PIN without letting the mobile device’s system interfere, thus ensuring security.
The card readers used in this solution are also PCI certified. PIN on Mobile eliminates the need for the card reader to include a physical PIN pad, which means the device is typically smaller, less expensive and ideal for small and micro-merchants who don’t have the budget for a more comprehensive, enterprise-grade solution.
While we are yet to see large scale PIN on Mobile implementations in the U.S., it is definitely a topic that comes up a lot in our conversations. If you are interested in learning more about PIN on Mobile or other mobile POS solutions, get in touch with us.
Ryan Ahern is the Payments Solutions Manager at Ingenico Group, North America