Independent software vendors (ISVs) have many considerations when selecting an integrated payments partner, from financial benefits of the relationship to ongoing service and support. A critical component is how card readers integrate to the ISV’s software. There are three possibilities for integrating card terminals at the point-of-sale (POS) – fully integrated, semi-integrated, and non-integrated payments. How do these three options compare and contrast? Here’s an overview of each.
Payments are non-integrated when the POS system and card readers are not connected. A typical checkout scenario for non-integrated payments entails an employee ringing up a customer at the POS and manually keying the sale amount into the card terminal. The customer then pays with a chip, swiped, or contactless card. The transaction is sent for processing directly from the card reader, returned as an authorization or a decline, and a receipt is printed from the card terminal. The employee then keys the transaction back into the POS or record keeping system.
This lack of connection results in a longer, less efficient checkout process that can negatively impact the customer experience. In addition, the extra steps required to initiate and close a sale require several points of manual data entry, opening the possibility for human error.
As opposed to non-integrated payments, semi-integrated payments create a connection between the POS system and card readers. In this scenario, an employee rings up the sale at the POS and the card terminal receives sale information from the POS. This information is combined with the customer’s payment card data and sent out for processing directly from the terminal. The transaction data is replaced by a meaningless token, protecting the underlying information from theft or misuse.
A key benefit of semi-integrated payments is the transmission of payment information from card terminals rather than the POS. Cardholder data is tokenized and sent directly from the terminal, ensuring that sensitive information never enters the business’s systems. This not only reduces the merchant’s scope of PCI DSS compliance, but also provides business owners peace of mind in the event of a security breach or data compromise.
Like semi-integrated payments, fully integrated payments also create a connection between the POS system and card readers. However, in this scenario the payment information is pulled from the terminal into the POS, combined with the sale information, and sent out for processing directly from the POS.
Unlike semi-integrated payments, sensitive cardholder information passes through the merchant’s systems. Therefore, both the business and the POS system are in-scope for PCI DSS compliance. Merchants can employ security measures like data encryption to help reduce risk, but fully integrated payments don’t provide the same level of data protection as semi-integrated payments.
It depends on the needs of the ISV and the customers it serves. Paystri specializes in payment integrations that are designed for the unique needs of software developers and their users. We customize solutions for each ISV to ensure efficient payment processing that reduces PCI DSS compliance scope.
Click here to learn more about our approach to integrated payments.