Secure Financial Application for POS terminals
CASE STUDY
Customer
Name: Company X (name of customer can't be disclosure due to terms of NDA)
Industry: Card Processing Services
Country: USA, Canada
Description: Company X provides credit, debit and merchant card processing, e-banking, check risk
management and check cashing services to some thousands financial institutions, hundred thousands retailers
and hundred million consumers worldwide. Headquartered in USA maintains a strong global presence with
operations in the United States, Canada, UK, Ireland, France, Chile, Brazil, Australia and New Zealand.
Problem Statement
The customer looked for professional software company to outsource development of POS terminal application,
what allows getting payments via cashier's check. The existing application doesn't satisfied modern more
complex business requirements. Another issue was to develop the application to run under new 32-bit
multitasking OS Unicapt32 because existing software can't be executed on most new models of POS terminals.
The application should process operations (authorization, transactions) with checks having magnetic ink
information (MICR line) or simple (no magnetic ink). Check operations can include retrieving of information
from driver's license or other identification documents - either manually, or by reading magnetic stripe, or by
reading bar codes.
Solution
The project was started from requirements clarification and system design phase. During intensive interaction
with customer the following main technical requirements were formulated:
o
Check's data input manually or read from MICR line using external check readers eN Check 2500 and
Ingenico 2600. The latter allows storing check image as well;
o
Additional information for payer authentication might be also read from driving license using magnetic
stripe reader on the terminal or external barcode reader E-Seek or DCM;
o
Check and barcode readers are connected to the POS terminals' RS232 communication ports;
o
Check data sending on transaction host via dial-up (special protocol) or Ethernet (TCP/SSL);
o
If the check reader allows storing check image, the image is sent to RDM image archive via FTP. ISP
connection for TCP and FTP interaction can be done via dial-up or Ethernet (if the terminal has Ethernet
card);
o
Application should work under 32-bit multitasking OS Unicapt32;
o
Target terminals are Ingenico 5100 and 5310;
o
Radio terminals Ingenico 7780 should be supported as well (one base with communication devices, up
to 7 handsets);
o
Application allows to upload updated modules and updated configuration parameters via Zontalk
protocol from VeriCentre server;
The system was designed taking into consideration both technical requirements and new requirements to
business logic. After acceptance of design documents system was developed and tested in Astrosoft
development center in Russia using Ingenico terminals emulator. The release of software was delivered to
customer for acceptance procedure which includes full-cycle testing on real terminals. After successful
completion of acceptance procedure the customer started to install software on new terminals.