If you run a business taking credit card payments, you likely have a point-of-sale (POS) system that needs to be connected to a credit card reader. There are two types of software that your business might be using.
The first type is native software, which requires installation and runs on your computer. The second type is software as a service (SaaS), which is web-based, runs through a browser and communicates through the cloud.
Traditionally middleware, also known as software drivers, was needed to connect your POS system to your card reader to take transactions. Middleware is an additional piece of software downloaded to the computer you run transactions on. Because it’s on your computer, it puts the computer running it within PCI scope. This means the computer and network running the middleware is responsible for adhering to PCI compliance and is subject to the following:
- Annual PCI audits to evaluate systems and check for security vulnerabilities
- Potential quarterly scans on security systems that store cardholder data
As an added piece of software, middleware comes with its own installation and troubleshooting, and it makes already complex EMV transactions even more involved, slowing down transaction times.
How EMV Middleware Delays Chip Card Processing
EMV middleware runs outside the credit card reader’s hardware whereas the Level 2 kernel, which transmits payment information, is securely situated in the terminal. This means the middleware has to communicate with the Level 2 kernel to pass transaction information to the terminal, then the POS system and finally the processor for every transaction. In the case of EMV, a code is sent and confirmed with the cardholder’s bank as well. That’s partly why EMV transaction speeds are so slow — most Merchant Account Providers use middleware with their customers.
Middleware is an option for businesses that use native software applications but not for SaaS-based solutions as these browser-based platforms cannot connect to middleware on the business network. Instead, SaaS-based POS systems require a cloud-based solution. Enter PayJunction’s EMV API and semi-integrated solution — which works for native-based application as well.
PayJunction Bypasses EMV Middleware
PayJunction built its product using its own API. Software developers looking to become EMV Level 3 certified and remain outside of the scope of PCI DSS can do so easily while maintaining all the functionality of PayJunction’s Virtual Terminal.
Our proprietary Smart Terminal connects to your computer via Ethernet, not middleware. Our terminal is cloud controlled, rather than downloaded onto your computer. It communicates with any native or SaaS-based POS system while never storing cardholder data on your computer.
We take care of PCI DSS — in fact, we’re PCI Level 1 compliant — and help you reach EMV Level 3 certification with no work on your end. Integration is fast and simple, which is why hundreds of software systems have done so already.
Transactions are faster, too. EMV middleware is bypassed, which is one reason among many why the Smart Terminal is one of the fastest credit card terminals in the market — processing EMV transactions in just 3.61 seconds. That’s nearly four times faster than the average EMV terminal.
Because cloud-controlled terminals exist, there’s no good reason to use EMV middleware. It makes transactions inefficient and opens your business up to PCI audits and compliance.
Are you within PCI scope with your current provider?Learn what defines PCI scope
Does your terminal connect to your POS system via middleware? Are you able to currently accept EMV payments? Share your experience processing chip cards with a middleware-dependent terminal in the comments section below. We’d love to hear about your experiences.