Powered by Soft Space Sdn. Bhd.
201201002345 (975870-D)
www.softspace.com.my

SDK Components

SDK Components

Fasstap™ consists of several components that provide services to accept contactless payment swiftly.

Tips

Refer to SDK Integration for the complete list of component service library files.

The components key functionalities are detailed in below.

Contactless Kernel

  • Contactless kernel or SDK for respective schemes such as JCB, VISA, MasterCard, UPI, Diners Club, Discover, AMEX, EFTPOS, MADA, NAPAS, and MyDebit to process corresponding EMV cards.

Attestation Module

  • Collect COTS device environment information and verify against attestation service resided in Back-end Server.
  • COTS device environment information collected approved by schemes include but not limited to:
    • Mandatory access control
    • System baseline such as OS version and supported platform
    • Security patches or updates version
    • Device root or jail broken
    • Developer options
    • Debugging mode
    • Emulator mode
    • Device IMEI or Android ID which unique per factory reset
    • Installer source
    • App signature
    • Result commands to be executed at COTS
    • Suspicious application(s) installed in COTS
    • SDK Version

Secured PIN Pad

  • A secure module to process PIN-based transactions.

Back-end Components

Fasstap™ is comprehended by the back-end services or components in compliance of the security standard other than payment processing. The back-end components key functionalities are detailed in below.

Payment Server

  • Merchant on-boarding
  • Transaction management
  • Integration to acquirers

Attestation & Monitoring Server

  • Validate against a series of attestation processes in every 5 minutes interval, upon application installation, and prior to perform a transaction.
  • Identify any potential or malicious attacks to prevent transactions from running on untrusted or dangerous devices.
  • Checking if the attestation request comes from a legit app (by checking against the registered Application ID and the application’s signature).

Payment HSM

  • Used to secure and manage sensitive cryptographic keys and perform cryptographic operations.
  • Designed to provide a high level of security and tamper resistance.
  • Additional features such as secure key generation, key import, etc.