Business Critical Connectivity
A Guide to Point of Sale Mobile Connectivity, IoT SIM Cards & Multi-network Systems
Point of Sale (POS) systems and payment terminals are commonly used devices in retail and hospitality for authorising and charging for electronic payments. They are used in mobile, fixed, attended, stand-alone or unattended environments. POS systems are often commercialised for a range of sectors and industrialised for vending machines, ticket machines and self-service kiosks.
Some Electronic Point of Sale (EPoS) systems are connected to electronic cash registers (ECR) or sophisticated business management systems. These are commonly used in a range of industries, including at festivals and events.
EPoS systems can enable the complete running of the retail transaction process/system and be configured in a variety of forms or levels of sophistication. This can include secure cloud-based systems for extra services such as inventory management or real-time marketing.
To enable authorisation, billing and data feeds/configuration, most forms of POS and EPoS systems are connected either directly or indirectly to a communications network.
For example, this can be ubiquitous systems such as mobile networks including 2G/3G/4G/5G (using extra layers of security). While stationary or fixed-position payment terminals often rely on wired networks, such as DSL, PSTN, TCP/IP or X.25, they also often utilise secure mobile as a backup communication method.
Secure mobile is also often used as the primary communication method for fixed devices, as it removes the need and inconvenience of network cabling or the fallibility of a single landline connection.
The benefits of EPoS systems are vast, with its centralised database, tight stock control and enhanced efficiency and accuracy being key features.
Handheld POS terminals also often rely on short-range wireless connectivity solutions such as Wi-Fi or Bluetooth. Increasingly they incorporate mobile GSM to benefit from independence from unique site contexts or unsecured local networks and to provide maximum range flexibility (ibid).
Mobile Point of Sale Systems (mPoS) tend to be smaller and more portable devices that allow a smartphone or tablet to become a payment acceptance system and register via a mobile app. These are particularly popular with small business owners or those who are highly mobile and visit clients in a range of locations.
SoftPOS systems are where a phone or tablet can be converted through a secure app to become a highly flexible mPoS terminal. The phone or tablet, however, must have Near Field Communication (NFC) functionality in-built, to permit user/issuers cards to be tapped directly on the phone/tablet.
NFC functionality removes the need for an intermediary bespoke MPoS device, which can help to reduce third-party integration problems. Some view this as a long-term replacement to some forms of mPoS devices and in certain types of use cases.
It is important to remember that for security and privacy, NFC communications are used for the communication between the issuer card and the accepting device in contactless settings. This means that communications are limited to a few centimetres and restricts the possibility of mis-payment.
Contactless Payments with POS Systems
Contactless payments systems supply a convenient and trusted transaction medium for consumers in a complete range of settings.
Tapping a card or a contactless smartphone payment application clearly can provide high levels of convenience for consumers, users, retailers, and service providers. And with over 841 billion noncash transactions globally expected by the end of 2023, it’s clear to see its importance in the moden world.
Contactless payment is critical to their use as perceived usefulness and trust significantly influence a customer’s intention to use, particularly where biometrics are an authentication method for payment.
Tap and go payment terminals replacing normalised PIN entry also due to feelings of increased security and privacy, providing a ‘cleaner’ and more personal, ‘seamless’ service process; therefore, positively informing consumer’s affective responses to the buying experience.
Trust and convenience are, therefore, paramount for both consumers and retailers who rely on these systems for their primary physical customer point of contact.
As a result, contactless payments are easily now the primary method of completing face to face or unattended transactions for goods, shopping, personal services or travel experiences. To facilitate this rapid demand, 80 million EPoS terminal units were shipped in 2020 and deliveries are expected to grow to 127 million units by 2025.
Retail, Transportation and Hospitality applications are tending to lead growth and also influence the trajectory of new features. According to Berg Insight, around 47% of terminals are now being shipped with wireless connectivity in-built, and this is likely to grow moving forward as more devices need extra security, resilience and the extra convenience of untethered mobility.
Contactless and smart payment systems also create opportunities for creating new and disruptive service processes. As an example, in transportation, new ways of transacting customer journeys and their payment for them become possible.
Tapping-in and out for time or distance-based services such as transport or logistics services become more painless, intuitive, and inherently flexible. Especially compared to pre-purchase highly cognitive consumer processing systems, which by their nature and complexity typically result in the formation of unnecessary and irritating queues. For example, an inconvenience which became normalised in ticketing and parking payment machines at the busiest locations or times of day.
EPoS systems also generate valuable location and time-based business data, which enables organisations to develop data analytics and processing systems to help optimise their business.
These systems will help create valuable market intelligence and reliable, timely information for warning, analysing and predicting inventory flows, user flows and changing demands, with new layers of financial, spatial and temporal meaning.
It is also worth noting that many retailers place such a high value on convenient and seamless service delivery, that they will sometimes accept low-level payments off-line if authorisation channels become unavailable. This is to keep customer transactions flowing but is ultimately at the merchant’s own financial risk.
Of course, transactions are cached and then communicated with their Merchant Services and authorised with the bank/issuer as soon as the service is resumed.
How do Point of Sale Terminals Attain a Seamless and Reliable Service?
A convenient, trusted, and seamless experience requires a fully integrated service. EPoS devices are manufactured by large OEM manufacturers for a variety of clients, with the aim of configuration changes being relatively low-level and post-manufacture.
The firmware logic that manages and controls the hardware will also manage their communications. This is more fundamental to the processing of the device, than for example configuration changes that are available to the Payment Service Provider and any display branding.
Therefore, system design is key. How hardware is selected, and the level of due diligence paid towards the operation of firmware in a range of scenarios can make the difference between a haphazard system and a secure and resilient end-to-end service.
This highlights how fundamental communications, secure protocols, API and end-to-end device encryption is to a robust service in distributed systems.
Performing due diligence is fundamental to the safety of POS systems. Without it you may run the risk of ignoring systemic problems and failures of poorly planned infrastructure and communications systems by virtue of their unexplainability or lack of quantifiability.
By taking an integrated and end-to-end approach involving device manufacturers and communications, you can ensure that the devices are designed and configured to provide the highest levels of up-time, thus reducing both dissatisfaction and financial risk for retailers.
What Roles do IoT SIM Cards Play?
‘Contactless payments’ rightly imply wireless communications are central to the payment process. This is via a variety of mechanisms, such as the NFC wireless communications used from both the payment device and smartphone.
This means that the handheld or static EPoS device or system needs to communicate upstream via fixed-line or wireless comms.
Micro business users may use a connected personal mobile phone and merchant-approved app for these purposes, utilising their phone provider’s consumer SIM card or a local Wi-Fi connection which they manage.
Larger applications, however, will require a centrally managed, secure IoT SIM card, secure, IT-managed on-premises Wi-Fi, or a secure fixed broadband connection.
For larger organisations, any Wi-Fi option needs to provide a secure and manageable connection. If not correctly set up, a simple local configuration change could render payment devices unable to authenticate or open to malicious and fraudulent interception.
Positioning of Wi-Fi routers also needs to cover all required transaction spots in the building. This can be more of a problem for providers who lack the IT skills or control the premises in their entirety.
For these reasons, payment service providers are now using IoT SIM Cards as the primary or secondary forms of communication for many of their Point-of-Sale Devices. This is not only within the payment devices themselves but increasingly as the back-haul mechanism for Wi-Fi routers.
Range problems are also overcome when payment terminals can be taken freely to consumers and are able to communicate whether the device is in range of Wi-Fi or not. It also means if there is a hardware or configuration problem with the Local Wi-Fi router, then the payment device can still communicate securely over the mobile connection.
This provides the best of both worlds in terms of reach but also provides multiple forms of communication resilience. Enabling portable and static POS devices and systems to secure their critical connectivity and eliminate single points of failure.
For deployment simplicity and resilience, many payment service providers use preloaded IoT SIM Cards in their provisioned devices. They, therefore, rely on secure multi-network mobile connectivity, providing geo-resilience in deployment and for a maximum combination of service up-time and deployment flexibility.
How Do POS Systems Make Secure Payments?
Multi-network systems enable devices to communicate using any of the locally available mobile radio mast access networks.
This means that in the UK, networks such as EE, Vodafone, O2 and 3 can rovides maximum geographic flexibility for national deployments and the ability to communicate using whichever local radio network is the strongest or most available in terms of data throughput.
Normal consumer SIMs do not allow this and are fixed to one provider. This means that if a signal from a network provider is poor in a location or attenuated due to building conditions, or is suffering a local or national outage, then a device loaded with an IoT SIM card can hop to another network.
But to work reliably, it is important to select payment devices that can intelligently select the most appropriate network for their needed type of communications and based upon network availability.
Payment devices are manufactured with integrated modems which support a variety of GSM radio frequencies and protocols for certain types of mobile communications.
If, for example, the device modem only supports 4G LTE communications and not 2G or 3G, but the strongest signal available is a 2G one, then the payment device if (as many are) configured in firmware to select the strongest signal (dBm) would therefore select the 2G [very low or no data] network, when a slightly lower strength 4G signal but higher data bandwidth network is available.
It is not unknown for devices to hang onto these 2G networks as devices will usually only switch if the 2G network signal strength (dBm) drops below a certain threshold. This can be particularly catastrophic as the device may never have cause to try another network.
For multi-network IoT SIM cards to work effectively, it is therefore imperative that manufacturers configure their network selection processes in consultation with IoT SIM card providers and experts.
Are There Dual-SIM Options for POS Systems?
Multi-network IoT SIM cards deliver significant resilience over single-network SIM card performance for EPoS payment systems. But dual discrete-pathway multi-network IoT SIM cards can also be selected for an even more resilient option.
Multi-network SIM cards provide access to all radio access mobile networks locally available. However, the signalling pathways for all traffic over these networks must be authorised by a single IoT roaming agreement provider using their core infrastructure and Home Location Register (HLR).
The highest quality systems are designed for high resilience, geo redundancy and are supported by sophisticated Network Operation Centres (NOC). But unfortunately, even the highest quality systems can sometimes suffer temporary outages or suffer service degradation during pre-warned maintenance windows.
If the core systems are interrupted for some reason (although rare), then data sessions cannot be authorised. Therefore, two SIM cards by two different and discrete IoT core infrastructure roaming providers offer the potential for complete end to end and temporal resilience as it is highly unlikely that both network roaming provider’s core infrastructure would degrade at exactly the same time.
For the absolute maximum possible theoretical levels of resilience, two IoT Multi-Network SIM cards can be used as the primary/back up, independently or in conjunction with Wi-Fi or wired LAN communications.
This, however, requires intelligent dual SIM support in the payment terminal hardware and intelligent dual SIM capability and network selection to be implemented within the payment device’s hardware and firmware.
It may also require remote configuration for the client to select their preferred parameters. For example, implementing a Dual SIM approach means the hardware and firmware of the device must support and manage the utilisation of both SIM cards.
In some cases, two SIM slots may be supported in the hardware, but this does not mean that the device manufacturer has implemented the firmware to support both. They may not have also implemented software that intelligently manages switching between the two SIM cards based upon fully thought through real life scenarios.
Switching SIM cards unnecessarily, could create problems, especially during a successful transaction.
Control of or influencing the hardware and firmware design of devices becomes imperative for both security and resilience. It is important for the payment device to not only make informed decisions in-session and between sessions, but also to ensure that the device is monitoring and selecting networks in-between transactions or during device down-times to ensure that the device is connected and ready for use as soon as it is needed for transactions.
Any loss of a particular network would therefore be dealt with proactively and in advance of the service for the consumer and the retailer being interrupted. For example, implementing heartbeats can mean that any significant network problems can be dealt with proactively, but also based upon the surety of an appropriate number of retries before SIM switching. Having a sophisticated implementation also means that the data plans for each SIM card become more predictable and creates a more cost-effective cost plan environment for each.
Where a dual SIM hardware/firmware option does exist, it is important, therefore, to test the functionality based upon a number of live-use scenarios. As a guide, switching core networks can take anything from 15 seconds to well over a minute. It is, therefore, best to only switch SIM slots under known and controlled circumstances; i.e. when a catastrophic connection failure is detected and verified by the device.
Experience IoT’s Potential
Thank you for reading our guide on Point of Sale mobile connectivity. We hope you learnt something new.
Caburn Telecom is an industry leader in IoT solutions, working with a range of global companies to ensure long lasting connectivity.
POS Terminals and systems are just one of the many ways IoT is revolutionising industries across the globe. That’s not to mention smart cities, IoT based environmental monitoring and lone worker protection.
Contact us today to learn more about IoT and how it could enhance your business.