Supported Card Readers & Encryption
In this article
Supported Card Readers
Kiosk Pro Enterprise currently integrates the SDK for several card readers:
- IDTech's Shuttle and UniMag II, both of which connect to the device's audio jack.
- IDTech's iMag Pro II with Lightning connector.
- MagTek iDynamo 5 with Lightning connector.
- Socket Mobile D600 NFC scanner, connects via Bluetooth
The IDTech card readers are available as both unencrypted and encrypted readers that can be encrypted with keys from various payment processors. The MagTek iDynamo 5 is only available as an encrypted reader.
Encryption
The way card readers handle data depends on encryption. Card readers can be purchased as unencrypted or encrypted.
Unencrypted Readers
When using an unencrypted reader, our API returns the information from a card swipe as plain text directly to your HTML page through a JavaScript function. We generally recommend only using unencrypted readers for cards that do not contain sensitive information, like loyalty or membership cards. If you are considering using these for credit cards, your code would have to secure and parse the information returned and submit it to some sort of merchant account to create a charge.
Encrypted Readers
Encrypted readers should be used for credit card transactions where the encrypted string is passed directly to the card processor who then handles unencryption. Kiosk Pro is not designed to unencrypt card data.
If you are considering accepting credit cards through the app, we also recommend the MercuryPay Payment Processing, which allows you to process card transactions that are encrypted from the moment the card is swiped until it reaches MercuryPay's servers for processing.
This solution is both PCI-compliant and more secure, but is only able to process payments inside the U.S. The MercuryPay integration is compatible with the IDTech Shuttle and MagTek iDynamo 5 card readers; please note that the card reader must be encrypted specifically for MercuryPay's servers.
To use encrypted processing with other processors, you'd need to work directly with that processor to determine how the encrypted card swipe could be submitted to their servers for processing.