Taking Hardware Out of Contactless Payment Solutions

September 17, 2021  |  Andrew Dvirnyk

Recently, we have covered some of our contactless solutions in action for the transportation sector, as well as best practices for implementing contactless solutions. Today, we are digging a little deeper into how contactless payments operate for businesses. And how they lower costs and create opportunities for smaller businesses, as well as the large-scale organizations we have looked at previously.

To begin, let’s examine some of the terminology around payment solutions. We will also take a moment to outline how standards protect privacy and promote safety in the contactless space.

What is PCI CPoC?

As an industry, we refer to Payment Card Industry Contactless Payments on Commercial off-the-shelf device as a PCI CPoC.

PCIPoC makes it possible to turn any NFC-enabled handset into a payment terminal. Effectively, it enables a business (even a one-person business) to have a Point of Sale instrument without having to buy a costly POS device.

The NFC (near-field communication)-enabled device makes it possible for two devices (such as a customer’s smartphone and a retailer’s smartphone) to exchange data with each other.

Using software (specifically a mobile application), rather than any additional hardware, that retailer can process payments without the burden of equipment maintenance, or the overhead of equipment purchase.

What is the PCI CPoC Standard for Contactless Payment Solutions?

Certainly, this is good news for any business (no matter the size) that wants to make payment collection efficient and cost effective. However, it is also easy to imagine some hesitation on the part of businesses and consumers who are faced with utilizing mobile devices to complete transactions.

A host of safety and privacy concerns spring to mind. That is why there is a PCI CPoC Standard. The PCI Security Standards Council, a global council whose objective is to “increase payment security by providing industry-driven, flexible and effective data security standards and programs that help businesses detect, mitigate and prevent cyberattacks and breaches [of the] PCI CPoC Standard.”

In 2019, the PCI Security Standards Council issued an updated security standard for contactless payments The updated PCI CPoC Standard includes requirements that protect payment data. It also ensures that software and back-end systems are “independent from the COTS device and support monitoring, integrity checks and payment processing.”

PCI Security Standards Council

PCI Security Standards for contactless payment providers are rigorous. At this time, less than a dozen companies worldwide have been able to meet all requirements laid out in the PCI CPoC Standard.

Recently, the PCI Security Standards Council informed IBA Group that our solution has been certified by the Council. The letter of Attestation and Validation confirmed that IBA Group’s tapXphone is certified as meeting the standard.


Bringing tapXphone to the market has been a long journey for the Development Team at IBA Group. We are excited to report that tapXphone has joined the field of global leaders in accepting contactless payments.

TapXphone leverages the power of contactless payment solutions to reduce costs for businesses accepting contactless payments. And it maximizes ease of use for customers.

To learn more about tapXphone for your business, contact us.

Continue Reading
Continue Reading

    Access full story Please give your company email to get a file.

      Subscribe Please give your company email to subscribe.

      Privacy Preference Center