An attended payment solution is where a sales assistant will activate the transaction. This means that the payment terminal is facing the customer. Attended payments are common in retail stores, and restaurants. This solution is based on a member of staff being present for a transaction to be completed.

An unattended payment solution is a self-service terminal where a customer is able to activate the transaction at hand. This means that a payment device needs to be securely enclosed and tamper proof for a secure self-service transaction. These unattended payment terminals are likely to be seen in train stations, car-parks, and even vending machines. Unattended payment terminals are for spaces where a member of staff does not need to be there to assist with the transaction.

SoftPOS short for Software Point of Sale, is revolutionising the way that merchants accept payments. Unlike more traditional hardware-based POS systems, SoftPOS leverages software applications on tablets or smartphones to process debit and credit card transactions.

There a lots of different types of payment solutions, and Kestronics know how important it is to find the right one.

• Mobile Payment Solutions

• Attended Payment Solutions

• Unattended Payment Solutions

• SoftPOS

A mobile payment solution accepts all major credit, debit and gift cards. These can be used to pay for goods and services. Mobile payments can allow retailers to take payments from wherever they are. This is due to the reader not being tethered or wired in to a traditional hardware Point-of-Sale. A mobile payment device is wireless and is connected to the internet through wireless, or mobile networks.

A payment gateway is a specific technology or service that facilitates online transactions. When a customer makes a purchase online, a payment gateway securely sends bank details to the acquiring bank to verify the transaction with the issuing bank, where they will approve or deny the transaction. This process helps to ensure that sensitive financial data is protected, and transactions are processed quickly.

Kestronics can help with assisting and optimising payment gateways with providing all of the hardware, software, and integration services. Kestronics can help companies choose the best gateway solution that fits needs , and ensures compatibility with existing systems. We can also offer ongoing support and maintenance helping businesses to manage payments smoothly.

A payment processor is a service that handles the secure transaction of funds between a customer's bank and a merchant's account during a transaction. This authorises payments, transmits data, and ensures that funds are available. Working with banks and payment gateways, processors manage the logistics of completing transactions and help detect fraud.

A payment gateway securely transmits payment data between the customer and merchant, acting as the online "point of sale" by encrypting and sending transaction details for approval. A payment processor, on the other hand, handles the actual transaction by communicating with banks to transfer funds, manage authorisation, and settle payments. While the gateway ensures secure data transmission, the processor completes the money transfer, and both work together to process payments smoothly.

A mobile wallet is a digital application that stores payment information, such as credit or debit card details, allowing users to make purchases through their smartphones or other mobile devices. It enables secure, contactless payments in stores, online, or within apps by using technologies like NFC (Near Field Communication) or QR codes. Popular examples include Apple Pay, Google Pay, and Samsung Pay.

Apple Pay is a mobile payment service by Apple that allows users to make secure, contactless payments using their iPhone, Apple Watch, iPad, or Mac. It uses NFC technology for in-store purchases and supports online payments within apps and websites. For security, Apple Pay uses tokenisation, replacing actual card details with a unique code for each transaction. It also supports loyalty cards, transit passes, and event tickets, making it a comprehensive digital wallet solution.

Google Pay is a mobile payment service by Google that enables secure, contactless payments using Android devices via NFC technology. It supports in-store, online, and in-app purchases while protecting card details through tokenisation. Google Pay also integrates with loyalty programs, gift cards, and transit passes for a versatile payment solution.

Card-present transactions occur when a customer physically uses their card at a payment terminal, such as during in-store purchases, making them more secure and typically associated with lower processing fees due to reduced fraud risk. In contrast, card-not-present transactions happen when the card is not physically present, such as in online or phone transactions, which are riskier and often incur higher processing fees due to the increased potential for fraud and chargebacks.

EMVCo is a global technical body that develops and maintains the EMV standards, which ensure the interoperability and security of smart card payments and related technologies. Originally created for Europay, Mastercard, and Visa, EMV standards have become the foundation for chip-based payment cards and devices worldwide. These standards enable secure and globally accepted electronic transactions by defining how payment cards, point-of-sale terminals, and ATMs communicate. EMVCo plays a crucial role in enhancing payment security, particularly by reducing fraud.

A chargeback is a particular process where a cardholder disputes a transaction, and requests a reversal of the payment made to the merchant. This usually occurs when a cardholder believes that the transaction shouldn't be authorised. Chargebacks are intended to protect consumers from fraud, or unsatisfactory purchases but can be costly for merchants due to lost revenue, fees, and potential penalties.

High-risk sectors are industries that are more prone to financial fraud, chargebacks, and regulatory challenges, making them riskier for banks and payment processors. These sectors often include gambling, adult entertainment, pharmaceuticals, travel, telemarketing, and cryptocurrency.

The Payment Card Industry Data Security Standard (PCI DSS) is a set of security standards designed to ensure that all companies that handle, process, or store credit card information maintain a secure environment. Established by major credit card companies, including Visa, MasterCard, American Express, and others, PCI DSS aims to protect cardholder data from theft and fraud. Compliance with PCI DSS is required for businesses that accept, or process card payments to safeguard customer information.

An Independent Sales Organization (ISO) is a third-party company that partners with acquiring banks to facilitate merchant accounts for businesses, enabling them to accept credit and debit card payments. ISOs act as intermediaries between merchants and payment processors, often providing sales, customer service, and technical support to merchants. They play a key role in helping businesses, especially small to medium-sized ones, get access to payment processing services. Although they are independent entities, they must be registered with the major card networks, such as Visa and MasterCard, and follow industry regulations.

A Payment Facilitator (PayFac) is a company that simplifies the process of enabling businesses, particularly small or micro-merchants, to accept credit and debit card payments. Instead of each merchant needing to open their own merchant account with a bank, a PayFac allows multiple sub-merchants to operate under its master merchant account. The PayFac handles the onboarding process, compliance, risk management, and payment processing on behalf of its sub-merchants. PayFacs are commonly used by platforms like marketplaces, software-as-a-service (SaaS) companies, and other aggregators to streamline payment processing for their users.

A Merchant Category Code (MCC) is a four-digit number assigned to businesses by credit card networks, such as Visa and MasterCard, to classify the type of goods or services they provide. Each MCC corresponds to a specific industry or category, such as retail, restaurants, travel, or healthcare. This code is used by banks, payment processors, and card issuers to identify the nature of transactions, determine applicable fees, track spending patterns, and even apply certain rewards or restrictions based on the merchant's category. MCCs also play a role in tax reporting and compliance for certain transactions.

An Electronic Point of Sale (EPOS) system is a computerized system used by businesses to manage and process sales transactions efficiently. It combines hardware, such as a touchscreen terminal, barcode scanners, and receipt printers, with software that tracks sales, inventory, and customer data in real-time. EPOS systems go beyond traditional cash registers by offering additional features like reporting, stock management, and integration with online payment methods. This helps businesses streamline operations, improve accuracy, and gain insights into sales performance. Commonly used in retail stores, restaurants, and hospitality industries for smoother, more efficient transaction handling.

The Second Payment Services Directive (PSD2) is a European regulation aimed at enhancing the security of electronic payments, promoting innovation, and fostering competition in the financial services sector. Implemented in 2018, PSD2 requires stronger customer authentication (SCA) for online payments to reduce fraud, and it mandates banks to open their payment services infrastructure to third-party providers through open banking APIs. This allows fintech companies to offer new payment and financial services by accessing customer accounts (with consent). PSD2's goal is to create a more secure, transparent, and competitive payments ecosystem in the European Union, benefiting both consumers and businesses.

Strong Customer Authentication (SCA) is a security measure required under the EU’s PSD2 directive to reduce fraud and enhance online payment security. It mandates that at least two out of three factors—something the user knows (like a password), something they have (like a mobile device), or something they are (like a fingerprint)—must be used to authenticate transactions. SCA is mainly applied to online payments in the European Economic Area (EEA), ensuring that only authorized users can complete transactions securely.