by Gürel Yıldız
We can define the term ‘terminal’ as ‘devices that can accept payment’. We can say non-electronic credit card imprinters were used as the first terminal card machines since the 1950s. These devices provided the rapid copying of credit card information by means of carbon paper receipts. Customers were required to sign carbon papers consisting of two copies. By the 1970s, Magnetic Stripe cards had been invented. The magnetic stripe field of the card contained the cardholder’s name, card number, card’s authorization code, and expiry date. In order to be able to read this information from the magnetic stripe area of the card, the first electronic payment terminals were developed. Again, in order to complete the transaction, customers had to sign receipts.
While these developments were taking place with payment cards and terminals that accept payment, fraudulent transactions made using the weak points of these technologies increased significantly. The information in the magnetic stripe areas of the cards could be copied with other readers, and the signatures of the customers could be forged. Is the card a real payment card? Is the terminal a real terminal device? Is the card holder the right person? The answers to these questions could be determined sometime after the purchase had been completed. With “Chip Cards“, also known as “Smart Cards“, invented since the 1990s, the PIN feature came to cards. Thanks to the instant approval, security control and PIN verification of contact cards with chips, fraudulent transactions decreased significantly.
The next step was the introduction of contactless cards into our lives with Near-Field Communication (NFC) technology. Alongside these developments in cards, terminal types that accept contact and contactless cards such as reader, POS, validator, ATM, kiosks, PIN-PADS and vending machines were developed in terminals. With the widespread use of NFC-enabled smartphones, mPOS and SoftPOS mobile solutions joined the terminal family. Now, people can use their smart watches or smart phones as contactless cards or accept payments with their smart phones. These developments in contact and contactless payments are not only caused by advances in hardware technology, but also by bank applications & systems, card scheme networks, and institutions that define the rules that support, build and manage them.
In order for a device to be a terminal that can accept payments other than its hardware features, it basically needs to consist of three levels. These levels are Level 1 (L1), Level 2 (L2) and Level 3 (L3). EMV L1, L2, L3 certifications are made, and compliance with the specifications of EMVCo and Card Schemes (Mastercard, Visa, American Express, Discover…) is tested. EMV Level 1 certification can be made with contact for IFM readers and contactless for PCD readers. Certification tests basically consist of analog and digital tests.
The EMV Level 2 certification tests whether the functions of the payment application, together with L1, are working according to the requirements in the specifications. Level 3 certification tests whether the terminal configurations meet the requirements of the board diagrams. These certifications are made in accredited laboratories with special test tools and confidential card and mobile test sets. Specifically, the scope of Level 2 Kernel certifications varies according to the card scheme. For example, the Mastercard L2 Kernel certification consists of functional, performance, combination and integration tests. The number of functional tests varies according to the configuration and features to be supported. If even a single test is failed during the official certification (Type Approval) tests in the laboratory, the whole test session fails and all tests are started from scratch.
For terminal manufacturers, this situation poses a risk both in terms of money and time. At this point, PayCore has been offering many domestic and international card schemes such as Contact EMV, Contactless Mastercard, Visa qVSDC only & VCTKS, American Express, Discover connect, ZIP and D-PAS, JCB, CUP, Rupay, PURE and TROY cards since 2001. It provides L2 Kernel solutions and services for schematics. If we look at the distinctive features of the PayCore L2 Kernel solution: it is always compatible with the latest version of EMVCo and Card schema standards; it supports all features and configurations defined in the Implementation Conformance Statement (ICS) form; it provides hardware and operating systems’ independent integration with the Hardware Abstraction Layer (HAL); it has low memory requirements. In contactless performance tests, it can be summarized as offering an end-to-end process that gives the fastest results and provides consultancy from an expert team from the beginning of the project to certification.