PIN on Glass consulting, approval and certification

        What is PIN on Glass?

        PIN on Glass is the name for Software-based PIN entry on COTS (Commercial-Off-The-Shelf). It is intended to preserve security while streamlining merchant experience when a payment acceptance solution relies on:


        • A standard mobile device (smartphone or tablet).

        • A software PIN-entry solution app on the device using the touchscreen for PIN entry.

        • A Secure Card Reader-PIN (SCRP) attached to the mobile device, which has to be tested as PCI PTS compliant not PCI SpoC.

        • Back-end systems and environments that perform attestation, monitoring, payment and online PIN processing.

        ​Example of PIN on Glass architecture​

        FIME works in partnership with its clients to address payment terminal security requirements from initial set-up and throughout development and integration.

        Our offer includes support through to compliance with PCI PTS requirements, including:

        • A product design review resulting in an action plan, focused on your design documentation in order to identify any hardware or software security gap with PCI PTS compliance.

        • Follow-up and support services including advice in the hardware and software security design of your payment terminal, whether a POS or an mPOS.

        • Pre-assessment security testing in order to assess the resistance of your payment terminal before the official security evaluation.

        Security approval and certification


        Source: PCI Software-based PIN Entry on COTS, Security Requirements, v1.0

        PCI SpoC* requirements have been set out by the Payment Card Industry - Security Standards Council (PCI SSC), whose members are American Express, Discover, JCB, Mastercard and Visa.

        *Official security evaluation services are provided by an accredited partner.

        Security consulting, approval and certification

        FIME is able to:

        • Help you with improving the security of your PIN on Glass payment solution.

        • Provide you with support to perform security evaluation services against PCI SPoC to demonstrate your compliance to the payment schemes. It includes both software and backend security testing.

        • Assist you on functional testing services to achieve compliance to the payment schemes.

        Please refer to PCI PTS for Secure Card Reader-PIN (SCRP) security approval and certification.

        Preparing a pilot for a contactless payment acceptance solution?

        • On a mobile device.

        • Using a purely software solution.

        • No hardware attachment (no SCRP).

        It is a Tap on Phone solution.

        To meet payment schemes’ requirements, please contact us; we can also help you.

        PIN on Glass


        Request a quote and product details