1

The systems i have seen, when i go to the shops have separate EFT units connected to the POS application and the application sends the amount due to the EFT machine. But i'm always curious how it works. so i have the following question, assume i'm developing an POS application in C# windows apps:

  1. what information do i send to the EFT machine?
  2. Are there any sample code available to demonstrate answer to question 1?

I have heard that when the customer pays his due from debit card or credit card, only the Invoice no. amount paid is sent to the bank (bank of the merchant).

3.Could anyone here verify above statement and explain in details the information send to the bank (bank of the merchant)?

4, i'm a bit confused of EFT process and how developers handle these EFT transactions, so any one please be kind enough to explain how EFT process works and how developers handle it and provide some sample code?

thanks

AndrewMC
  • 261
  • 1
  • 3
  • 16

2 Answers2

2

The answer would also rely on the country you're from. For example, in Australia (and I'm sure there would be an equivalent in USA and everywhere else just unsure of the name) there are companies called "payment gateway providers" that provide the pinpad terminals and software/hardware architecture to enable EFT payments in your POS application.

Usually it's better to go through a gateway provider as they should have already done the legwork in being certified as secure with all the major banks and save you that hassle, and also it should be cheaper (theoretically) as you would have economies of scale in terms of transaction processing fees.

Finally as to the architecture, and this is based off the architecture I've used in my POS app, and is fairly typical of most setups is that there's a "server" that acts as a gateway for the store to the banks and it runs a service that enables that communication to occur in a secure manner. Then on each of the registers there's another service, the "client", that's configured to communicate with the in-store server and (ideally) in a secure manner also.

Note that the "server" and "client" may actually be on the same physical computer depending on the size of the store.

The EFT pinpads are connected to the register machine and communicate with the "client".

Where your POS application comes in is via an API that communicates with the pinpad to tell it to perform certain tasks such as:

  • Log on to the bank to establish communications for the session/day.
  • Check for loss of connectivity from previous sessions.
  • Perform a transaction, aka "take $39.95".
  • Display prompts, notifications and other feedback from the pinpad/client/server.
  • Perform settlements to finalise the transactions for the session.

Plus whatever else your specific payment gateway provider requires of you.

Banks won't let you just plug a pinpad in and just fire zeroes and ones down the line. They will want to know you're legit and aren't going to be ripping your customers off (you could argue that's the bank's job, but you get my gist ;-)

The payment gateway provider is usually your best/quickest bet, I would definitely start there.

Good luck!

Fooksie
  • 480
  • 7
  • 25
  • thanks I was hoping for an descriptive answer like this : ) but I have one last question how do they check the EFT with the POS application, do they use some kind of dummy credit cards or dummy information to send across the wire? – AndrewMC Apr 04 '14 at 16:05
  • 1
    I actually use my real credit card and/or debit card, what we use is a dummy bank instead :) – Fooksie Apr 07 '14 at 23:00
  • real credit card, I suppose this is in your private time development, not when you work as an employee – AndrewMC Apr 08 '14 at 02:15
  • No, this is my day job. – Fooksie Apr 08 '14 at 02:41
  • one more thing I would like to ask from the one who have replied to this, I haven't seen an API of a Payment Gateway provider. I assume that they provide certain .DLL to and the developer add them as references to their POS project. I haven't seen a sample API of a Payment gateway provider not even code project website. But im sure the experts at code project and here have seen plenty of APIs of payment gateway providers but could any here be kind enough to show me some sample methods of those API classes or links to a website that shows samples of those API classes and methods : ) – AndrewMC Apr 08 '14 at 09:42
  • 1
    Sorry Andrew, but I can't help you with that...as it relates to money and because I'm contracting with my client, there's all sorts of agreements that I'm bound by to not provide access to code or API's outside of their consent... If you contact a payment gateway provider, for example in Australia lookup Quest Payment Systems, they would be able to assist you in integrating their API into your solution. Sorry mate, good luck! – Fooksie Apr 08 '14 at 21:47
  • well that's fine, I know developers are bound to policies, I just thought that maybe the open source community has something equivalent at least a parallel API to those paid API, I was wondering if some might know it, would like to share it. and did not ask for the paid versions : ) . but thanks for sharing insights :) – AndrewMC Apr 09 '14 at 01:20
  • 1
    @AndrewMC - You have to pay for the merchant services, the API's come with it, there's no getting around paying for it.. it's useless without the service to authenticate against. – Erik Funkenbusch Jun 13 '14 at 08:50
1

If by EFT machine you mean the terminal that's used to swipe a credit card, these are often called Credit Card Terminals, Merchant Services Terminals, etc...

Nowadays, in the wake of the Target terminal breach, these devices will be encrypted and send encrypted data streams. You will likely have to use an API of some kind that will be specific to a manufacturer.

Erik Funkenbusch
  • 92,674
  • 28
  • 195
  • 291
  • so even in 2010 they were just sending important data without encryption? – RadioSpace Mar 30 '14 at 05:16
  • @RadioSpace - I think you're confused about what I mean. I'm not talking about when the device talks to the merchant. I'm talking about when the device talks to the POS terminal. – Erik Funkenbusch Mar 30 '14 at 05:19
  • ohhhh.. almost lost faith in the system there for a sec. ;) – RadioSpace Mar 30 '14 at 05:22
  • EFT machine is the hardware on which you wipe the card : ) – AndrewMC Mar 30 '14 at 05:39
  • Now there are two message transfer one message is from POS app to EFT terminal Then the second message occurs once you swipe card and press "Enter/OK" button on EFT machine. Are there any sample codes that will demonstrate these processes? – AndrewMC Mar 30 '14 at 05:42
  • i have added some question in the comments section of the reply by "Erik Funkenbusch". In addition to that, assume i have a connected the POS application with EFT machine, How do i check if i swipe a credit card the EFT machine sends the information to the bank and verify card and debit / credit? i'm sure that my boss would not give the company credit card to test the POS application and EFT machine. thanks – AndrewMC Mar 30 '14 at 06:17