About the client and requirement:
Our customer in the Mass Transit industry wanted to customize the SoM (System on Module) or CoM (Computer on Module) that can be used in building card reader and help them to accelerate payment processes. At the same time, they wanted to ensure maximum reliability. Whether contact or contactless, these readers are now used in an extremely wide range of applications in the mass transit. These readers must support the international standards and clear the criteria for EMVCo and PCI DSS certification for reliable data exchange.
These product series had to ensures secure payment transactions in validators and onboard solutions for buses and trains just as effectively as for ticket machines and access systems. These series should be ideal for installation in point of sale, self-service kiosk where quick payment helps to avoid long queues.
Customer came up with requirement of customizing our own brand of Trucrux’s iMX6 SOM, where we need to support the requirement of the above. It had to support the requirements of reader for the BSP and hardware with maximum cost-efficiency and timely bound ecosystem.
There are many challenges in customizing the SOM when ecosystem has time, security, and power criticality. Building reader that is highly secure and has functionality of tamper proofing is itself a big deal, in which the SOM must support the time and power bound requirement.
The tamper interface provides a mechanism to detect any unauthorized attempt to access the system, such as the opening of the enclosure. The tamper support given in the iMX6UL is implemented with custom SOM should allow to:
- Detect tamper events through a maximum of two IO pins. Tamper detection should work even in low power modes, including power off, if battery backup (coin cell) is provided.
- Register tamper event(s) in the non-volatile memory of the board.
- Alert the host CPU (IRQ, wake up, etc.) when a tamper event occurs.
- Respond to a tamper attack with actions such as erasing a critical data partition of the flash.
Other challenge for such customization is building and managing payments data for which the Payment Card Industry Data Security Standard (PCIDSS) must be adhered. Payments data must be secure and cannot be open in any format that can be intercepted in plain text format. Supporting the cryptography processing, and card authentication mechanism validates the legitimacy of the payment type being used.
The most crucial aspect was to keep the bills of material (BOM) to be half of the cost of the SoM available in market. Without that, there won’t be a business case to develop their own computing module.
Trunexa helped in developing the platform that can support contactless card reading, financial transaction processing and secure communications technologies together in a single, flexible module. Trunexa developed a customized SOM which is based on NXP iMX6 UL processor.
We helped in developing SDKs, drivers and supported framework which can help client to achieve contact less payments and NFC wallets for payment and ticketing.
Trunexa helped in designing the system on module for handheld hybrid terminal, which is optimized for POS terminal applications, allowing to achieve compliance for EMVCo 3.0 and implementing a high-power NFC front-end functionality of NXP IC PN5180 supporting Yocto-Linux Platform.
The three key aspects we have considered while customizing a platform for new ticketing infrastructure:
- Scope of the ecosystem
- Cost reduction
- Security, time, and power requirement criticality
Business use and Benefits:
Our client understood the benefits of having their own customized SoM. As the volume of their product is high, it made complete sense for them to build customized SoM and keep the cost down. Below are the benefits in detail:
- Savings: Trunexa developed a customized SoM that is 51% less in per unit cost compared to the market price, which in result provided a competitive edge to the client.
- Scalability: no matter how many units they require in future, the unit price is in their control.
- Independent: there is no dependency on 3rd party SoM providers.
- Product’s lifetime: Since there is no dependency on external party, there is no threat of discontinuation of product.
- Versions: different versions of SoM are possible as per the different requirement.
- Peace of mind: Our client’s team does not have to waste time and energy dealing with different vendors as Trunexa was responsible for the entire development and compatibility with their product.