Architecture

Get Central (TPV-PC) operates as an intermediary layer between a merchant's local business logic and the Redsys payment infrastructure. This architecture is designed to offload the complexities of hardware management and financial security from the main Point-of-Sale (POS) application.

System Components

The ecosystem consists of three main architectural tiers that work in synchronization to process a transaction.

1. The Merchant Application (POS)

The high-level software where the business logic resides. It is responsible for initiating transaction requests by sending structured XML payloads to the middleware. The POS application does not handle raw card data, which significantly reduces its security compliance requirements.

2. The Get Central Middleware

This component acts as the "brain" of the integration. It exists either as a native library (DLL/SO) or a local service. It manages the physical connection to the PIN Pad via serial or USB ports, orchestrates the SSL/TLS handshake with the Redsys hosts, and enforces the business rules defined in the XML protocol.

3. The PIN Pad (Hardware)

The physical device where the customer interacts with their card and enters their PIN. In this architecture, the PIN Pad serves as a secure entry point, encrypting sensitive data at the source before transmitting it through the middleware to the financial network.

Data Flow Lifecycle

A typical data cycle begins when the POS application sends an XML request to the middleware. The middleware validates the XML structure and translates it into hardware-level instructions for the PIN Pad.

Initiation: POS sends XML command.
Interaction: Middleware wakes the PIN Pad; Customer inserts card/PIN.
Encryption: PIN Pad encrypts sensitive data (P2PE) and passes it to the Middleware.
Transmission: Middleware opens a secure SSL channel to Redsys and transmits the payload.
Response: Middleware receives the authorized/denied response, updates the PIN Pad display, and returns a parsed XML result to the POS.

Benefits of the Architecture

This architecture provides Decoupled Logic by separating business rules from payment processing for easier software updates and hardware swaps, along with Scope Reduction since sensitive data is encrypted within the PIN Pad, keeping the POS workstation out of scope for many PCI-DSS requirements. Additionally, a Unified Protocol ensures that the XML-based communication remains consistent regardless of whether the underlying hardware is a desktop terminal or an unattended kiosk.