Ingenico's 5000-series payment terminals, seen here at the Cartes show near Paris on Nov. 19, 2015, have a large touch-screen and can run web apps to perform functions in addition to taking payments. Credit: Peter Sayer
There's an app for everything, it seems, and increasingly an app on everything: phones, TVs, robots... and soon even the payment terminals used with chip-based bank cards.
Chip-based payment cards that require a PIN rather than a swipe and a signature are only just reaching the U.S., but they've been around for decades in Europe.
On gas pumps and at supermarket checkouts, it seems many of the payment terminals the cards slot into have barely changed in all that time: Their cramped displays and minimalist keypads do nothing but process payments.
French company Ingenico sees this as a missed opportunity for retailers, which could be using the ubiquitous terminals to show customers special offers, operate loyalty programs or take orders in a restaurant.
Its new 5000 series of payment terminals swap the classic two-line LCD for a full-color, touch-sensitive 320-by-480-pixel screen. Ingenico showed the terminals at the Cartes secure connections show near Paris this week, and is rolling them out to its first customers.
Behind the terminals' bigger display is a 600MHz ARM Cortex A5 processor with 512MB each of RAM and flash, running a webkit-based HTML5 browser on top of Ingenico's own Linux-based operating system. Hardware options include 3G, Wi-Fi or Bluetooth connections, and built-in cameras and printers.
The browser is used to run apps from an online store, and it can exchange information with the payment-processing side of the machine. With the state of web security today, what could possibly go wrong?
Well, nothing much, say Ingenico's Yannick Menet, product manager for Telium Tetra, the payment terminal OS the company has built around Linux.
If apps try to break these barriers, "Exceptions are escalated to the marketplace. If there are doubts about an app, we can deactivate it," Menet said.
Web apps and payments run in separate processes with their own access rights and privileges, and can only communicate through a software bus that enforces those rights. The payment level can access card details or the payment kernel, Menet said, but the Web app can't access the card.