DEFINITIONS

What are the differences between Point of Sale (PoS),EPoS,MPoS and SoftPOS Systems?

Point of Sale (POS) payment terminals and systems are commonly used devices in retail and hospitality for authorising and charging for electronic payments. They are used in mobile, fixed, attended, stand-alone or unattended environments. Often commercialised for a range of sectors and industrialised for vending machines, ticket machines and self-service.

Some Electronic Point of Sale (EPoS) systems are connected to electronic cash registers (ECR) or sophisticated business management systems. EPoS systems can enable the complete running of the retail transaction process/system and be configured in a variety of forms or levels of sophistication. This can include secure cloud-based systems for extra services such as inventory management or real-time marketing.

To enable authorisation, billing and data feeds/ configuration, most forms of POS and EPoS systems are connected either directly or indirectly to a communications network. For example, this can be ubiquitous systems such as mobile networks including 2G/3G/4G/5G (using extra layers of security). While stationary or fixed-position payment terminals often rely of wired networks such as DSL, PSTN, TCP/IP or X.25, they also often utilise secure mobile as a back-up communication method (Fagerberg, 2021). Secure mobile is also often used as the primary communication method for fixed devices, as it removes the need and inconvenience of network cabling or the fallibility of a single landline connection (ibid). Handheld POS terminals also often rely on short-range wireless connectivity solutions such as Wi-Fi or Bluetooth. Increasingly they incorporate mobile GSM to benefit from independence from unique site contexts or unsecure local networks and to provide maximum range flexibility (ibid).

Mobile Point of Sale Systems (mPoS) tend to be smaller and more portable devices that via a mobile app allow a smart phone or tablet to become a payment acceptance system and register. These are particularly popular will small business owners or those who are highly mobile and visiting clients in a range of locations.

SoftPOS systems are where a phone or tablet can be converted through a secure app to become a highly flexible mPoS terminal. The phone or tablet, however, must have Near Field Communication (NFC) functionality in-built, to permit user/issuers cards to be tapped directly on the phone/tablet. This removes the need for an intermediary bespoke MPoS device, which can help to reduce third-party integration problems. Some view this as a long-term replacement to some forms of mPoS devices and in certain types of use cases.

It is important to remember that for security and privacy, NFC communications are used for the communication between the issuer card and the accepting device in contactless settings. This means that communications are limited to a few centimetres and restricts the possibility of mis-payment.

MARKET BACKGROUND & TRENDS

What are the Reasons for the RapidAdoption of EPoS and mPoS Systems?

Contactless payments systems supply a convenient and trusted transaction medium for consumers in a complete range of settings. This is critical to their use as perceived usefulness and trust significantly influence a customer’s intention to use, particularly where biometrics are an authentication method for payment (Sulaiman & Almunawar, 2021).

Tapping a card or a contactless smartphone payment application clearly can provide high levels of convenience for consumers, users, retailers, and service providers. Their adoption was also accelerated, however, by widely held fears of virus transmission during the COVID-19 pandemic via touching shared surfaces (Fagerberg, 2021). Tap and go payment terminals replacing normalised PIN entry also due to feelings of increased security and privacy, providing a ‘cleaner’ and more personal, ‘seamless’ service process; therefore, positively informing consumer’s affective responses to the buying experience (Oloveze, et al., 2021). Trust and convenience are, therefore, paramount for both consumers and retailers who rely on these systems for their primary physical customer point of contact.

As a result, contactless payments are easily now the primary method of completing face to face or unattended transactions for goods, shopping, personal services or travel experiences. To facilitate this rapid demand, 80 million EPoS terminal units were shipped in 2020 and deliveries are expected to grow to 127 million units by 2025 (Fagerberg, 2021). Retail, Transportation and Hospitality applications are tending to lead growth and also influence the trajectory of new features (Grand View Research, 2022). According to Berg Insight, around 47% of terminals are now being shipped with wireless connectivity in-built, and this is likely to grow moving forward as more devices need extra security, resilience and the extra convenience of untethered mobility (Fagerberg, 2021).

Contactless and smart payment systems also create opportunities for creating new and disruptive service processes. As an example, in transportation, new ways of transacting customer journeys and their payment for them become possible. Tapping-in and out for time or distance-based services such as transport or logistics services become more painless, intuitive, and inherently flexible. Especially compared to pre-purchase highly cognitive consumer processing systems, which by their nature and complexity typically result in the formation of unnecessary and irritating queues. For example, an inconvenience which became normalised in ticketing and parking payment machines at the busiest locations or times of day.

EPoS systems also generate valuable location and time-based business data, which enables organisations to develop data analytics and processing systems to help optimise their business (Marques, et al., 2022). Creating valuable market intelligence and reliable, timely information for warning, analysing and predicting inventory flows, user flows and changing demands, with new layers of financial, spatial and temporal meaning (ibid).

It is also worth noting that many retailers place such a high value on convenient and seamless service delivery, that they will sometimes accept low-level payments off-line if authorisation channels become unavailable. This is to keep customer transactions flowing but are ultimately at the merchant’s own financial risk. Of course, transactions are cached and then communicated with their Merchant Services and authorised with the bank/issuer as soon as the service is resumed.

SYSTEM DESIGN

How do Point of Sale (POS)Terminals Attain a Seamless and Reliable Service?

A convenient, trusted, seamless and frustration-free service, requires a fully integrated system. EPoS devices are manufactured by large OEM manufacturers for a variety of clients, with the aim of configuration changes being relatively low-level and (where possible) completed post manufacture. The firmware logic that manages and controls the hardware will also manage their payment communications. This is more fundamental to the correct functioning of the device in use, than, for example, superficial or cosmetic user or merchant configuration changes such as threshold parameters or display branding.

System design is, therefore, key to creating a robust solution. How hardware is selected, and the level of due diligence paid towards the operation of firmware in a range of scenarios can make the difference between an unreliable system and one that is fully considered, secure and resilient in providing a complete end-to-end service.

In distributed systems, communications, secure protocols, API and end-to-end device encryption are clearly fundamental to a robust service. Methods of communication and their understanding of, however, can sometimes be assumed to be out of a service provider’s control. This can be a miscalculation, however, as the construction or utilisation of available and alternative forms of local and wide-area communications are determinable with transparent and flexible partners. It can mean the difference between focussing on device hardware failures and ignoring more systemic problems such as poorly planned infrastructure or communications systems. This can be by virtue of their perceived unexplainability or difficulty in providing metrics and some level of quantifiability.

This diligence is fundamental to business-critical mobile communications services and are crucial in successfully delivering business and financial critical communications systems. Only by taking an integrated, end to end approach involving device manufacturers and communications experts can payment devices be designed and configured to provide the highest levels of up-time, thus reducing dissatisfaction and financial risk for retailers, merchants and service providers.

NETWORK QUALITY

What Roles do IoT SIM Cards Play?

‘Contactless payments’ rightly imply wireless communications are central to the payment process. This is via a variety of mechanisms.

For example, the communication between the payment card, smart phone and device uses NFC wireless communications in very close proximity to each other.

The handheld or static EPoS device or system, however, then needs to communicate upstream via fixed-line or wireless comms.

Micro-business users may use a connected personal mobile phone and merchant approved app for these purposes, utilising their phone providers consumer SIM card or a local Wi-Fi connection which they manage.

Larger applications, however, will require a centrally managed, secure IoT SIM card, secure IT services which are managed on-premises [including Wi-Fi], and/or a securely managed fixed broadband connection.

For bigger organisations and payment service providers, Wi-Fi connectivity needs to provide a secure, manageable and predictable connection across a broad range of sites (including third-party sites). If these are not correctly set up, a simple local configuration change could easily render payment devices unable to authenticate/bill or be open to malicious/fraudulent interception.

Positioning of Wi-Fi routers also needs to cover all required transaction spots in the building. This can be more of a problem for providers who lack the IT skills or who don’t control the premises in their entirety.

For these reasons, payment service providers are now using IoT SIM Cards as the primary or secondary forms of communications for many of their Point-of-Sale Devices. This is not only within the payment devices themselves, but increasingly as the back-haul mechanism for Wi-Fi routers. These technologies help to overcome range problems where payment terminals are taken to the consumer’s point of consumption.

Intelligent, SIM card enabled payment terminals are thus able to communicate whether the device is in range of Wi-Fi or not. It also means if there is a hardware or configuration problem with the Local Wi-Fi router, then the payment device can still communicate securely over its multi-network mobile connection.

This provides the best of both worlds in terms of reach, but also provides multiple forms of communication resilience. Enabling portable and static POS devices and systems to secure their critical connectivity and eliminate single points of failure across their geographical deployments and site contexts.

For simplicity and resilience of deployment, most payment service providers use pre-installed IoT SIM Cards in their devices. Relying on secure multi-network mobile connectivity and the geo-resilience that it provides, together with maximum service up-time, flexibility and safeguarding measures.

DEVICE COMMUNICATIONS

How do Multi-Network IoT SIM Cards Help Payment Systems Work More Securely and Reliably?

Multi-Network systems enable devices to communicate using any of the locally available mobile radio mast access networks. For example, in the UK, this would mean EE, Vodafone, O2 and 3; or a subset of these depending upon price and availability. This provides maximum geographic flexibility for national deployments and the ability to communicate using whichever local radio network is the strongest or most available in terms of data throughput. Normal consumer SIMs do not allow this and are fixed to one provider. This means that if a signal from a network provider is poor in a location or attenuated due to building conditions, or is suffering a local or national outage, then a point of sale device loaded with an IoT SIM card can hop to another network.

To work reliably, however, it is important to select payment devices that can intelligently select the most appropriate network for their needed type of communications and the forms of network systems available.

Payment devices are manufactured with integrated modems, which support a variety of GSM radio frequencies and protocols for certain types of mobile communications. If, for example, the device modem only supports 4G LTE communications and not 2G or 3G, but the strongest signal available is a 2G one, then if the payment device (as many are) is only configured in firmware to select the strongest signal (dBm), it could mean the point-of-sale device selecting the 2G [very low or no data] network, when a slightly lower strength 4G signal but much higher data-bandwidth one is available. It is not unknown for devices to hang onto these 2G networks as devices will usually only switch if the 2G network signal strength (dBm) drops below a certain preconfigured signal (not data) threshold. This can be particularly catastrophic as the device may never have cause to try another network and is unable to communicate as a result when needed.

It is important, therefore, (for multi-network SIM cards to work effectively), that manufacturers and payment service providers configure their network selection processes in consultation with IoT SIM card providers and experts.

MULTI-NETWORK SIM CARDS

Dual-SIM Options

Multi-network IoT SIM cards deliver significant resilience and performance benefits over single-network SIM cards when used in EPoS payment systems. Dual discrete-pathway multi-network IoT SIM cards, however, can also be selected and integrated as an even more resilient option.

Multi-network SIM cards provide access to all radio access mobile networks locally available. The signalling pathways for all traffic over these networks must, however, be authorised by a single IoT roaming agreement provider using their core infrastructure and Home Location Register (HLR). The highest quality systems are designed for high resilience, geo redundancy and are supported by sophisticated Network Operation Centres (NOC). Even the highest quality systems, however, can sometimes suffer temporary outages or suffer service degradation during pre-warned maintenance windows. If the core systems are interrupted for some reason (although rare), then data sessions cannot be authorised. Two SIM cards by two different and discrete IoT core infrastructure roaming providers, therefore, offers the potential for complete end to end and temporal resilience as it is highly unlikely that both network roaming provider’s core infrastructure would degrade at exactly the same time.

For the absolute maximum possible theoretical levels of resilience, two IoT Multi-Network SIM cards can be used as the primary/back up, independently or in conjunction with Wi-Fi or wired LAN communications. This, however, requires intelligent dual SIM support in the payment terminal hardware (i.e., intelligent dual SIM selection capability to be implemented within the payment device’s hardware and firmware). It can also sometimes be helpful to enable the selection of preferred switching or cost loading parameters. For example, implementing a Dual SIM approach means the hardware and firmware of the device must support and manage the utilisation of both SIM cards. In some cases, two SIM slots may be supported in the hardware, but this does not mean that the device manufacturer has implemented the firmware to support both. They may not have also implemented software that intelligently manages switching between the two SIM cards based during normal use and every-day real life scenarios. Switching SIM cards unnecessarily, could create problems. For example, during a successful transaction. If one of the selected cost plans is more expensive. It might be preferred that the device reverts to the lower cost SIM card plan when in normal use.

Control of or influencing the hardware and firmware design of devices becomes imperative for both security and resilience. It is important for the payment device to not only make informed decisions in-session and between sessions, but also to ensure that the device is monitoring and selecting networks in-between transactions or during device down-times to ensure that the device is connected and ready for use as soon as it is needed. Any significant attenuation or loss of a particular network would therefore be dealt with proactively and in advance of the service for the consumer and the retailer being interrupted. For example, implementing heartbeats can mean that any significant network problems can be dealt with proactively, but also based upon the surety of an appropriate number of retries before SIM switching. Having a sophisticated implementation also means that the data plans for each SIM card become more predictable.

Where a dual SIM hardware/firmware option does exist, it is important, therefore, to test the functionality based upon a number of live-use scenarios. As a guide, switching core networks can take anything from 15 seconds to well over a minute. It is, therefore, best to only switch SIM slots under known and controlled circumstances, i.e., when a catastrophic connection failure is detected and verified by the device.

REFERENCES

Alay, O., A. Lutu, R. G. & Peon-Quir, M., 2020. MONROE: Measuring Mobile Broadband Networks in Europe. s.l.:Simula Research Laboratory, IMDEA Networks, Celerway Communications, Karlstad University, Politecnico di Torino, Nextworks, Telenor Research.

Fagerberg, J., 2021. POS Terminals and Wireless M2M - Fifth Edition, s.l.: Berg Insight.

Fida, M. & Marina, M. K., 2018. Impact of Device Diversity on Crowdsourced Mobile Coverage Maps. Rome, 14th Grand View Research, 2022. Contactless Payment Market Size & Share Report, 2021-2028. [Online] Available at: https://www. grandviewresearch.com/industry-analysis/contactlesspayments-market International Conference on Network and Service Management (CNSM), pp. 348-352.

Jarvis, C., Midoglu, C., Lutu, A. & Alay, O., 2018. Visualizing Mobile Coverage from Repetitive Measurements on Defined Trajectories. Vienna, 2018 Network Traffic Measurement and Analysis Conference (TMA), pp. 1-6.

Koutroumpis, P. & Leiponen, A., 2016. Crowdsourcing mobile coverage. Telecommunications Policy, 40(6), pp. 532-544.

Marina, M., Radu, V. & Balampekos, K., 2015. Impact of indooroutdoor context on crowdsourcing based mobile coverage analysis. s.l., Proceedings of the 5th Workshop on All Things Cellular: Operations, Applications and Challenges, pp. 45-50.

Marques, C., Guedes, A. & Bento, R., 2022. Tracking changes in tourism demand with point-of-sale data: The case of Portugal. Tourism and Hospitality Research, p. 14673584221075175.

Oloveze, A., Oteh, O., Nwosu, H. & Obasi, R., 2021. How user behaviour is moderated by affective commitment on point of sale terminal. Rajagiri Management Journal.

Perlman, L. & Wechsler, M., 2019. Mobile Coverage and its Impact on Digital Financial Services. s.l.:s.n. Sen, S. et al., 2011. Can they hear me now? A case for a clientAssisted approach to monitoring wide-Area wireless networks. s.l., Proceedings of the 2011 ACM SIGCOMM conference on Internet measurement conf.

Sulaiman, S. & Almunawar, M., 2021. The adoption of biometric point-of-sale terminal for payments. Journal of Science and Technology Policy Management.

Zhang, P., Durresi, M. & Durresi, A., 2018. Mobile privacy protection enhanced with multi-access edge computing. s.l., 2018 IEEE 32nd International Conference on Advanced Information Networking and Applications (AINA). IEEE, pp. 724-731