We’re a series B funded startup in Palo Alto building the world’s first Smart Payment Terminal. Our mission is to build an affordable future-proof Payment Terminal for every small business with an open commerce platform that enables connected commerce.
We’re looking for full-time Android, Web and Firmware engineers that are highly motivated in building and maintaining:
- awesome in-store checkout experiences for merchants and consumers
- Poynt OS - our secure version of Android,
payments firmware as per EMV and PCI requirements
- web and mobile apps for merchants, partners and developers.
We’re a team of Xooglers, Ex-Amazonians and Ex-PayPals. We have commitments for all across the world to replace the traditional (brick-looking) single purpose payment terminals with our Poynt Smart Payment Terminals.
If you’re interested in joining us as an early engineer, or interested in learning more about what we do, please drop a note here or send an email to careers@poynt.com.
Hi - I work for Poynt on the PoyntOS and Payment interfaces - so maybe I can provide some clarity without going into too much of our IP. As mentioned on our site (https://getpoynt.com/specs), we have two separate subsystems - one for Android and the other for secure payment processing.
All the payments (EMV/NFC/MSR), secure key (including acquirer keys) management, P2PE encryption, EMV/PCI, etc. are handled by the secure processor. There are no other applications that can run on this secure processor other than the signed and certified applications.
On the Android side, Poynt's Secure service is the only service that's capable of communicating with the Payment Processor to initiate card reading (EMV/NFC/MSR/others) and pass through the encrypted data it receives to the merchant's acquirer. All the 3rd party applications run independent of the Poynt's Secure Service and when they need to collect a payment, they do so through our Poynt Payment Fragments to facilitate the Payment flows. (See here for information on how it works: https://getpoynt.com/developers/terminal#2.3 Poynt Payment Fragments).
So as you can see, we are able to keep the security domains separate and thereby able to handle PCI certification in a much more graceful way. Obviously they are some complexities but choosing a certifiable payment processor board was one of many ways we are able to deliver a secure solution.
Are any team members from automotive? This sounds similar to automotive head unit designs. Consumer-facing processor + OS and secure processor (or core) with separate OS.
I'm nervous about the Android part of this product. I've seen some poor implementations of devices that want to use Android because it's 'easy' to get a lot of features up and running but then struggle with the quality of the middleware layers or Android-specific UI patterns that they try to strip out.
Otherwise, I think the dual screen and industrial design looks good! I hope the LCD looks as good as the renderings.
How are you securing the PIN entry? It looks like that happens on the same screen as the random 3rd-party apps get to run on, leaving open the potential for an app to intercept the PIN. As i understand the PCI stuff, anything that the PIN hits is fully in-scope.
We designed a solution to keep the switching logic between standard touch and PIN entry within PCI scope such that PIN entry is not even visible at the lowest levels of Android (and thus 3rd-party apps). Also, 3rd parties do not get to run on or take control of that screen.
A rogue app asking for PIN on the merchant facing screen ? not sure there's anything much we can do about that other than making sure we catch that during the review process. Whenever there is a need for the consumer PIN entry, it's driven by the second payment processor - not from the android side.
Should be able to prevent PIN information from getting accepted by any means other than your locked-down PIN entry screen. So, any app that wants to grab people's PIN entry would either require them to enter their PIN twice, or block the transaction from going through, which should be very visible.
it's actually in the front of the device as you see on the website (https://getpoynt.com/) and the button to open the printer door is on the side. The door opens forward and you can load the paper from the front (no need to turn it upside down). We will try to post videos of the paper loading as soon as we can.
Hi, I work for Poynt on the PoyntOS and applications. First thing first, Poynt Smart Terminal is a Secure Payment Terminal at the core that provides credit card payment processing functionality to any merchant that needs to accept payments in their stores. This is analogous to the traditional payment terminals that you might probably notice every day at a lot of merchant stores (cafes, salons, grocery stores, etc.). Poynt Smart Terminal enhances the credit card payment processing functionality by supporting more payment methods (MSR/NFC/EMV/QR Code/etc.) so the merchant doesn't need to worry about carrying multiple devices in the store and be able to serve more customers. In addition to that, Poynt Smart Terminal runs on Secure PoyntOS (powered by Android) to provide an application platform and framework for developers to build apps and solutions for the merchants and distribute through Poynt. Developers can take advantage of the PoyntOS to build unified solutions for the merchants that run on the same device where they are used to process payments (unlike various solutions today in the market that require additional hardware like ipads, dongles, etc.). Shopify is an online platform that allows developers to build solutions for their merchants hosted online or on devices. Now with Poynt Smart Terminal, developers can build PoS apps using Shopify platform that run on Poynt Smart Terminal too. So I would probably say they are complementary, not competing.
Should definitely highlight (at least to the HN crowd) that this is an Android device and you're exposing some APIs that can be built on. This is really cool.
Hi - 2 separate things I guess. One can still pay with a credit card directly without requiring a PayPal account (we call it guest payment) but in most cases it depends on how the merchant has configured his payment options. But that said there are a few corner cases where we cannot allow direct credit card payments (eg. Preapprovals in Adaptive Payments) due to credit card policies.
Regarding accepting payments from countries that are outside of PayPal networks, it really comes down to what is allowed by the local govt authorities around cross border transactions.
We’re a series B funded startup in Palo Alto building the world’s first Smart Payment Terminal. Our mission is to build an affordable future-proof Payment Terminal for every small business with an open commerce platform that enables connected commerce.
We’re looking for full-time Android, Web and Firmware engineers that are highly motivated in building and maintaining: - awesome in-store checkout experiences for merchants and consumers - Poynt OS - our secure version of Android, payments firmware as per EMV and PCI requirements - web and mobile apps for merchants, partners and developers.
We’re a team of Xooglers, Ex-Amazonians and Ex-PayPals. We have commitments for all across the world to replace the traditional (brick-looking) single purpose payment terminals with our Poynt Smart Payment Terminals.
If you’re interested in joining us as an early engineer, or interested in learning more about what we do, please drop a note here or send an email to careers@poynt.com.