uCrypto is an embedded hardware module and its integration requires the development of bespoke transaction processing software. Although a significant technical project, building your own solution delivers control, flexibility and cost-savings. Nonetheless, off-the-shelf systems are also available from our third-party partners – contact us for an introduction.
uCrypto comes with EMV-certified firmware. There is no file system or operating system, which means that the reader can be shut down or booted fast without corruption of keys or losing configurations. The reader communicates via serial interface – RS232 or UART logic levels, or USB CDC. Communication with the host (POS computer or telemetry terminal) is carried by a proprietary Block Framing Protocol, wrapped in an API.
The reader is highly secure: it incorporates a cryptographic engine and secure key storage as required by the Payment Card Industry. It does not allow any arbitrary code to run in the firmware. Its firewall protects cardholder data and security keys from unauthorised access by closed loop applications. As a result of this design, the host and other systems are completely outside of the PCI PTS scope, which makes PCI DSS and P2PE schemes easier to certify.
A unique feature is the clear split between open loop and closed loop applications. While EMV payment (open loop) is processed within the firmware as certified by EMVCo, Visa and Mastercard, closed loop schemes, for example Mifare cards or the transport schemes ITSO and Calypso, are executed by the host via the reader’s Pass-through mode.