The payment terminal is where the abstract becomes physical — a certified, tamper-responsive device that reads the card, captures the PIN and talks to the acquirer. Understand the terminal estate and you understand a huge chunk of an acquirer’s cost and risk.
A POS (point-of-sale) terminal is the device that accepts a card at a physical merchant: it reads the chip, magstripe or NFC tap, captures the PIN where required, encrypts the data and sends an authorisation request to the acquirer. mPOS (mobile POS) is the same job in a smaller, cheaper, phone-tethered form factor aimed at micro and mobile merchants.
The reason a terminal is not just “a card reader” is the security envelope. PINs and card data must be protected from the moment of entry. That demands tamper-responsive hardware that zeroises its keys if opened, and a chain of certifications. The terminal is the most heavily regulated piece of consumer electronics most people touch daily without noticing.
The core component is the PIN-entry device (PED) — the secure keypad and card reader, certified under PCI PTS POI (PIN Transaction Security, Point of Interaction; current requirements are at v6.x). The PTS POI standard covers PEDs, encrypting PIN pads, unattended payment terminals, and secure card readers including the SCRP variant designed to pair with off-the-shelf phones and tablets.
Terminals split along an integration axis:
| Type | How it connects | Where it fits |
|---|---|---|
| Standalone | Self-contained; merchant keys the amount, prints its own slip | Small merchants, no till integration, fast deployment |
| Integrated (ECR) | Wired/Bluetooth to an electronic cash register or POS software | Retail with inventory, the amount flows from the till |
| Unattended (UPT) | Vending, parking, fuel forecourts — no cashier | Self-service, hardened against the open environment |
| mPOS dongle/sled | A card reader paired to a merchant’s phone over Bluetooth | Micro-merchants, field sales, pop-up retail |
mPOS unbundles the terminal: a small certified card reader (dongle or sled) handles the secure functions — reading the chip, capturing or encrypting the PIN — while a consumer phone or tablet running the merchant app handles the screen, connectivity and receipt. The economics are the draw: a dongle is a fraction of a full terminal’s cost, which is what opened card acceptance to spaza shops, market traders and informal merchants across Africa.
The reader still carries the PCI PTS certification — the phone is explicitly outside the secure boundary. This is the architectural line that separates mPOS from SoftPOS, where there is no dedicated reader at all and the phone itself does the tap.
PIN and card data are protected inside the certified dongle, never trusted to the consumer phone.
Low device cost and app-based onboarding put acceptance in reach of micro-merchants who could never justify a full terminal.
Uses the merchant’s mobile data — resilient where fixed lines are absent, but at the mercy of signal.
An acquirer or ISO does not own ten terminals; it owns tens or hundreds of thousands, scattered across merchants, each needing configuration, key injection, software updates, certification tracking and fault management. That is the job of a Terminal Management System (TMS) — the remote control plane for the estate.
TMS handles parameter downloads (which schemes, which floor and CVM limits, which AIDs), software and kernel updates, remote key loading, and health monitoring. It is also a compliance surface: PCI guidance is explicit that where a terminal is managed via a third-party TMS, responsibilities must be split clearly between the TMS operator and the merchant, or assessment gaps appear.
A deployable terminal carries layered approvals: EMV Level 1 (hardware/RF), EMV Level 2 (kernel), PCI PTS POI (the device security), and per-acquirer/per-scheme Level 3 / end-to-end certification of the actual processing path. Each expires; each is scheme- and version-specific. The TMS is where you discover, ideally before the auditor does, which devices have drifted out of certification.
SoftPOS (also “Tap to Pay on phone”) removes the dedicated reader entirely: a commercial off-the-shelf phone, using its own NFC, becomes the contactless acceptance device, governed by the PCI MPoC (Mobile Payments on COTS) standard rather than PTS POI. No dongle, no sled — just an app and a tap.
The trade is real. SoftPOS is contactless-only (no chip insert, no physical PIN pad — PIN, where needed, is entered on-glass under MPoC controls), and it leans entirely on software-based attestation rather than tamper-responsive hardware. mPOS keeps a hardware secure boundary; SoftPOS trades it for zero incremental hardware. For many micro-merchants SoftPOS is the end state, but it is not a drop-in replacement for an attended high-value terminal.
Devices keep transacting after a kernel or PTS approval expires. Everything “works,” but liability and scheme compliance quietly lapse until an audit or a chargeback surfaces it.
Remote key loading and rotation is hard. Estates that inject keys manually or never rotate them carry an outsized breach blast radius.
When a TMS is outsourced, both parties assume the other owns patching or monitoring. PCI assessments fail in exactly these seams.
They sit under different PCI standards (PTS POI vs MPoC) with different security models. Procurement that conflates them buys the wrong risk profile.
mPOS and SoftPOS depend on the merchant’s mobile data. In low-coverage areas, store-and-forward and offline limits matter more than the glossy spec sheet admits.
Use a standalone terminal for small attended merchants who need card acceptance with no till integration and want a device that is someone else’s problem to maintain. Use integrated/ECR where the merchant already runs POS software and you want the amount to flow from the basket, not be re-keyed — the integration cost pays back in fewer errors and reconciliation pain.
Use mPOS to reach price-sensitive micro and mobile merchants who need a hardware secure boundary but cannot justify a full terminal — the African informal-trade story is overwhelmingly mPOS and SoftPOS. Reach for SoftPOS when even a dongle is friction and the volume is contactless, low-ticket and software-onboarded. Keep dedicated PEDs for high-value, PIN-heavy, or unattended environments.
Cost of being wrong: over-buy hardware and you saddle a thin-margin merchant base with terminal costs that kill adoption — the single most common reason card acceptance fails to penetrate informal markets. Under-secure (treat SoftPOS as equivalent to a hardware PED for high-value attended retail) and you take on fraud and PCI exposure the cheaper device was never scoped to carry. And under-invest in TMS and your estate’s certification quietly rots until an auditor finds it for you.