Skip to content

Software Defined Card Processing 💳

switstack moka is part of a wider corporate project that aims to bring EMV Level X into the space of software-defined solutions. In today's rapidly advancing tech landscape, the concept of software-defined plays a pivotal role in shaping infrastructures. It includes:

  1. Ressouces virtualization
  2. Automation of actions
  3. Centralized management
  4. Hardware abstraction
  5. Security
  6. Scalability

Applied to in-person payment domain, we talk about software defined card processing (SDCP).

In software development, tests are keys. And developing an EMV solution can really be a complex task to that regards. But that complexity doesn't necessarely lie on the functional specifications to implement. The ecosystem that the industry has been coping with for years is organized around hardware solutions that are expensive, and not adapted to day-to-day software developers' activities. Running reliable test sessions to validate software components should neither depend on humans nor mechanical robots. But: - Test tools were designed from a certification process perspective generating solutions that cannot be integrated through API, and consequently limiting their use cases to humans using UI; - On the other side of the spectrum, robots solutions were invented because humans didn't want to spend their time to insert/tap/swipe cards onto a terminal;

Which value do theses solutions actually create to developers? What is their actual cost beyond their costs of acquisition? That is where SDCP comes into play and what switstack moka solves.

Virtualization

Virtualization refers to creating virtual versions of physical hardware devices. By decoupling the hardware from the software, virtualization enables flexibility, efficiency, and cost savings, thereby revolutionizing data centers and enterprise IT. In the context of SDCP, switstack moka aims at virtualizing cards and terminals, and emulating testing tools to accelerate development, and qualification stages. Purchasing decks of cards, bunch of terminals, or tool licenses is too expensive and not efficient. Developers spent too much time on fixing other problems than working on their software (probe issues, cards lost, limited licenses, etc, ...).

Automation

Automation is about using technology to perform tasks with minimal human intervention. In a software-defined environment, automation enhances efficiency by streamlining repetitive tasks, reducing errors, and managing complex systems dynamically. Enterprises leverage tools like scripts, workflows, and management platforms to automate processes, thus boosting productivity and reliability. In the context of SDCP, switstack moka aims at executing EMV qualification test plans systematically along the development cycles through CI/CD pipes. Current tools are designed to be used in laboratories by EMV analysts but they are too slow to allow efficient "code"/"test"/"commit" cycles.

Centralized Management

[Out of the scope of switstack moka. See switcloud]

Centralized management provides a unified interface to monitor, control, and administer IT resources from a single location. This characteristic simplifies infrastructure management, allowing IT administrators to oversee multiple components simultaneously. Centralized management enhances coordination, reduces operational overhead, and ensures consistency across diverse systems and applications.

Hardware Abstraction

Hardware abstraction is the process of creating a layer between physical hardware and software applications. This abstraction allows applications to run without concern for the underlying hardware specifics, promoting compatibility and flexibility. It offers the freedom to upgrade or replace hardware without disrupting the software stack, leading to more resilient and adaptable systems. In the context of SDCP, it is a pretty standard approach a.k.a the HAL pattern. But, it shall be orchestrated with a global strategy that brings 100% of the functional developments and tests outside the embedded systems.

Security

Security in software-defined environments involves implementing robust protocols and practices to protect data and systems. By leveraging software controls, organizations can ensure confidentiality, integrity, and availability of resources. Security measures like encryption, access controls, and threat detection are integral to safeguarding valuable digital assets in dynamic and distributed infrastructure. In the context of SDCP, it refers to software-based security brought by softPOS solutions and all the underlying technics coming with: security architecture, whiteboxing, obfustaction, key loading, automated penetration tests, monitoring, fraud detection, ... In lign with that perspective, switstack moka promotes an efficient architecture by tackling the security requirements as soon as the design in order to simplify the PCI scope and ultimate certificaitons.

Scalability

[Out of scope of switstack moka. See switcloud]

Scalability is the capability of a system to handle growing amounts of work or enlarge when needed. In a software-defined context, scalability is achieved through flexible resource allocation and distributed computing. Organizations can dynamically scale resources up or down based on demand, ensuring performance and optimizing costs.