MachoPOS — Payment Architecture

Comprehensive Payment Flow Diagram

Annotated security layers, NFC proof-of-security, P2P transfers & all payment rails

NFCMoMoQRBankP2P

📲

NFC Tap-to-Pay

Smartphone becomes the terminal — zero extra hardware

Steps

MERCHANT

CUSTOMER

SECURITY

MACHOPOS

NETWORK

SETTLEMENT

🔒 Security annotation

▸ Tap for technical detail

MERCHANTMerchant Opens App▸

Opens MachoPOS on any NFC-enabled Android or iPhone. Enters sale amount. App activates the phone's built-in NFC antenna — no dongle, no reader hardware needed.

CUSTOMERCustomer Taps Card / Phone▸

Customer holds their contactless card or mobile wallet (Apple Pay / Google Pay) within 4 cm of the merchant's phone. NFC radio field wakes the card chip.

🔒

RANGE LOCK:NFC operates at 13.56 MHz over ≤4 cm. Interception at distance is physically impossible.

SECURITYTokenization + Cryptogram▸

The customer's device generates a one-time token (never the real card number) paired with a dynamic EMV cryptogram unique to this single transaction. This happens inside the Secure Element — an isolated, tamper-proof chip.

🔒

TOKENIZATION:Real PAN never leaves the card. A substitute number + single-use cryptogram are created. Even if intercepted, the data is useless for any other transaction.

Technical Detail

This is the core security breakthrough. Magnetic stripe cards broadcast the same static number every time (vulnerable to skimming). NFC generates cryptographically unique data per tap. The token is bound to a specific merchant + transaction amount + timestamp — it cannot be replicated or reused.

SECURITYBiometric Gate (Mobile Wallets)▸

If the customer pays via Apple Pay or Google Pay, their device requires Face ID, fingerprint, or PIN before transmitting any data. A stolen phone cannot be used without this gate.

🔒

BIOMETRIC AUTH:Identity confirmed before any payment data is released. Second factor beyond possession of the device.

MACHOPOSEncrypted Relay to PSP▸

MachoPOS receives the token + cryptogram (never raw card data) and forwards it over TLS 1.3 to the tokenized PSP partner SDK. MachoPOS never stores or decrypts card information.

🔒

PCI SCOPE MINIMISATION:MachoPOS operates outside the Cardholder Data Environment. Hosted/tokenized flows mean raw PAN never touches MachoPOS servers.

NETWORKCard Network Authorisation▸

The PSP routes the token to Visa / Mastercard, which forwards to the issuing bank. The bank validates the cryptogram, checks balance, and returns approval — all in under 2 seconds.

🔒

REAL-TIME VALIDATION:The issuing bank verifies the dynamic cryptogram. Replayed or forged data will fail cryptographic validation instantly.

SETTLEMENTConfirmation + Ledger Entry▸

Approval flows back to MachoPOS. Merchant sees instant confirmation. Transaction auto-populates the built-in ledger. Funds settle to the merchant's MachoPOS wallet on T+1.

🛡️Security Summary — NFC Tap-to-Pay

RANGE LOCK

NFC operates at 13.56 MHz over ≤4 cm. Interception at distance is physically impossible.

TOKENIZATION

Real PAN never leaves the card. A substitute number + single-use cryptogram are created. Even if intercepted, the data is useless for any other transaction.

BIOMETRIC AUTH

Identity confirmed before any payment data is released. Second factor beyond possession of the device.

PCI SCOPE MINIMISATION

MachoPOS operates outside the Cardholder Data Environment. Hosted/tokenized flows mean raw PAN never touches MachoPOS servers.

REAL-TIME VALIDATION

The issuing bank verifies the dynamic cryptogram. Replayed or forged data will fail cryptographic validation instantly.

📋NFC Security — Stakeholder Proof Sheet

✓ Card number is never transmitted

Tokenization replaces PAN with a single-use token before any data leaves the card chip or Secure Element.

✓ Cannot be intercepted remotely

NFC range is ≤4 cm (physical contact required). Long-range skimming is physically impossible at 13.56 MHz.

✓ Each transaction is unique

Dynamic EMV cryptogram changes every tap. Replayed data fails cryptographic validation at the issuing bank.

✓ Stolen phone can't be used

Mobile wallet payments (Apple/Google Pay) require biometric or PIN before releasing any payment data.

✓ MachoPOS never sees card data

Hosted SDK tokenization keeps raw PAN outside MachoPOS's environment. PCI scope is minimised to SAQ level.

✓ Industry standard, globally trusted

Same technology used by Apple Pay, Google Pay, and 500M+ contactless transactions daily worldwide.

machopos.com · All flows annotated with security layers · Tap each step for technical detail