NFC, Contactless EMV Payment App


IDTech VP3300, Bluetooth, Contactless, Portico, NFC, EMV L3 Contactless, Unattended Certification, Brand Cert, Visa, Mastercard, Interac, UL, B2 test kit, AES Encryption, SoapUI, Web Services, PCI-PA, PCI-DSS, Mobile Payments, Contactless payments

Tech Stack

IDTech, USDK, Android, Java, Android, XML, JSON, TLV

Project Details

As we are moving towards a cashless society and loose change becomes more and more scarce, charity businesses that are based on small donations started to suffer. Collecting donations and gratuities in person should be as smooth and frictionless as giving your loose change. 

For this project, we designed, certified, and deployed a solution that would replace the traditional donation boxes with a contactless, mobile point of sale system. It was certified for the standalone, unattended environment for contactless payments from the following card brands:

  • Visa ADVT 7.0
  • Mastercard M-TIP 2.0
  • Interac Interoperability 1.5 Contactless
We chose IDTech VP3300 card reader that has EMV L1 and L2 kernels for the above card brands and also supports Bluetooth/USB connection to any host unit. We developed a solution whereby the IDTech VP3300 card reader would pair via Bluetooth to any Android phone. We use the Android phone both as a host unit as well as the display for presenting the donation amounts. We developed and certified the payment application as an Android app that could be white-labeled for any charity organization that wanted to use our solution.
ONTAB was responsible for the technical requirements, app architecture design, UI/UX design, user flows, project plan, development, signing, EMV L3 certification, and documentation.

The Biggest Challenge

In order to simplify the user experience with donating and remitting small donations, the solution has to tackle all the technical and non-functional complexities. Aside from the high degree of technicalities in developing and certifying a payment app, the most challenging part of this project to make sure card and payment data were secured on any generic Android device. Therefore, we implemented an end-to-end encryption solution to ensure card data were protected from the moments it was collected by the NFC reader and submitted to the Android phone for processing.