Use Case Overview:
Enable card-present payment acceptance within an existing payment application — across SoftPOS (COTS) and PCI-PTS terminals — without managing an EMV Level 2 stack or lengthy certification process.
Who it’s for: Payment application teams, embedded payments teams, commerce platforms, ISVs
Why it matters?
- Add in-store payments without building EMV infrastructure
- Scale globally and support new hardware with no added certification
- Avoid vendor SDK limitations and retain full control over the customer experience
- Accelerate time-to-market and reduce compliance overhead
- Enable flexible in-store strategies (Tap-to-Pay, dedicated terminals, self-checkout)
The Challenge
Payment platforms often need to add in-store card acceptance to support omnichannel commerce. But EMV L2 compliance and integration across varied hardware environments introduces major complexity:
- SoftPOS requires MPoC certification and ongoing attestation
- PCI-PTS terminals require coordination with kernel vendors or custom L2 development
- Certification timelines can span 12–18 months
- Hardware-specific SDKs limit control over UX, flow logic, and architecture
- Expanding into new markets is dependent on third party vendors
As a result, many teams outsource this layer to a vendor — but lose flexibility, control, and scalability.
Why Switstack
Switcloud provides a managed, software-defined L2 infrastructure layer that abstracts hardware and compliance complexity. Teams integrate Switcloud’s SDK into their app and delegate the L2 execution, attestation, and certification handling to Switstack:
- Unified SDK supports Android Tap-to-Pay (COTS) and PCI-PTS terminals
- Pre-certified L2 for COTS (moka included) with no additional certification required for PCI-PTS devices.
- MPoC-compliant components including attestation, monitoring, and data security
- Terminal-agnostic deployment via the same Payments API for all device types
- Cloud-managed estate tools handle config, EMV parameters, and monitoring at scale
Benefits
Single Integration, Multiple Devices
One L3 app and API powers both COTS and PCI-PTS terminals — no new dev cycles per terminal.
No EMV Team Needed
Switcloud handles kernel logic, L2 certification, attestation, and updates — removing the need to hire EMV experts.
MPoC-Certification Ready
Avoid the 12–18 month effort to implement compliant SoftPOS infrastructure. Switcloud includes all required MPoC components — from attestation to secure key handling.
Faster In-Store Rollouts
Pre-certified and pre-integrated L2 eliminates delays associated with SoftPOS or traditional terminal onboarding.
Terminal Choice & BYOD Support
Teams can support merchant-preferred terminals or new markets without re-certifying or changing app logic.
