PayPalm

paypalm

Key Features

  • Supports Visa, Mastercard, UnionPay and other cards according to ISO8583 / EMV /PCIDSS standards.
  • Fujitsu PalmSecure‑F scanner with 99.999% accuracy.
  • PayPalmTMS: remote management and updating of terminals, online monitoring, single customer account.
  • Integration with SmartVista FE banking software and any processing via REST and ISO gateway.
  • Kiosk mode: compatible with PayCenterKungaroo.

1. Who is PayPalm suitable for?

  • Retail stores and cafes – when speed of service is important.
  • Gas stations, sports clubs, amusement parks – the visitor only needs the palm of their hand, no need to take out their wallet.
  • Self-service kiosks – copiers, coworking spaces, vending machines without a cashier.
  • Banks and payment providers – expansion of the acquiring service line with a new convenient channel.

[Illustration 2 – Photo: PalmSecure‑F scanner connected to PAX A‑series terminal]

2. Why pay with your palm?

Simple. The client does not need to carry anything with them: no card, no phone, no watch.

Fast. The palm is read in a split second, the receipt is printed faster than with card contact.

Hygienic. No contact with the surface: the palm “hovers” above the sensor.

Inclusive. Suitable for people who do not use smartphones or forget their wallet.

Reliable. The vein pattern is inside the hand, it cannot be photographed or copied.

3. Market problem → PayPalm solution

Store problem What PayPalm gives
Long lines Payment time ≈2 seconds, revenue grows by 5-15%
Fraud and disputes The palm is unique, the probability of fraud tends to zero
Complex integration ISO8583 and REST API standards, SDK for popular languages ​​
High support costs PayPalmTMS updates and configures devices remotely

4. How it works

  1. Registration. The client scans their palm once and links the card in a secure interface.
  2. Recognition. During the next visit, the sensor recognizes the palm in 0.8 s.
  3. Payment. PayPalm automatically initiates the EMV transaction, the cash register prints a receipt.

5. System architecture

Main components

  1. PAX terminal (A77 / A920 / IM30) under PayDroid OS with the PayPalmTerminal application (connector to ABS and SmartVistaFE processing systems).
  2. Fujitsu PalmSecure‑F scanner — connects to the terminal via USB‑C.
  3. PayPalTMS server — device fleet management, OTA updates, logging.
  4. Biometric template database — encrypted storage of vein patterns.
  5. API gateway — REST interaction with PayPalmTMS.
  6. Web account (workstation for operators and administrators) — device setup, reports, client management.

6. Security

Data exchange security (TMS API)

  • Two-way digital signature. Each message from the terminal (Point) to the TMS server is signed with the Point's private key; the signature is transmitted in the X-Sign HTTP header.
  • Point identification. The X-Point-Id header contains the external identifier; the server takes the corresponding public key from its database and verifies the signature.
  • Server response signature. All TMS server responses are signed with its private key; the client verifies the X-TMS-Sign header using the server's public key.
  • Key generation upon registration. When the point's software is first launched, it creates an RSA-4096 pair, sends a CSR and receives registration confirmation.
  • Channel encryption. All data is transferred over TLS 1.3 with mandatory certificate verification.

Configuration and transaction management

  • Receiving and monitoring the point's configuration, registering/receiving customers, payment methods and transactions are only possible through signed requests.
  • The server stores biometric templates in an encrypted database and never gives them out in the open.

ARM password policy

  • At least 8 characters that do not resemble a login or e-mail, are not on the list of common passwords and do not consist only of numbers.
  • Password storage — one-way hashing PBKDF2‑SHA256 with salt and 200,000 iterations.
  • Configurable forced password change (disabled by default, can be enabled via TMS).
  • 2-factor authentication (TOTP/SMS) and RBAC with distinction between the roles of "Operator" and "Administrator".

Cryptography and standards compliance

  • HSM modules for generating and storing card encryption keys.
  • Full compliance with PCIDSSLevel1 and EMVL2 certification.
  • Software integrity control: all firmware and service packs are signed and verified upon installation.
  • Integration with SIEM and continuous monitoring of security events; regular penetration tests.

7. Implementation Economics Implementation Economics

Indicator Before PayPalm With PayPalm
Average payment time 19 sec 11 sec
Repeat visits 23 % 37 %
Share of disputed payments 0.4 % ≈0%
Payback (20 cash registers) < 8 months

8. Scaling and management

  • A single web-cabinet for device profiles, keys and interface appearance.
  • Horizontal server scalability up to 10,000 terminals.
  • An open API allows you to connect third-party kiosks and software.

9. What's included

  • Hardware: PAX terminal + PalmSecure‑F scanner + mount.
  • Software: PayPalmTerminal, PayPalmTMS, ARM (web-cabinet).
  • Documentation: diagrams, ISO and REST protocol descriptions.
  • 24x7 support and 99.95% SLA.

10. How to get started

  1. Submit a demo request.
  2. Launch a pilot on one checkout in 14 days.
  3. Reach your KPI and scale with us.

Get in touch

Contact information

Email

sale@cashcom.net

Write to us