I had the opportunity, but my experience suggests that if there is an opportunity, it is better to use it, since it is there.
Lock, Stock and Two Smoking Barrels

About Habr already knows about how we created a network of payment terminals - we wrote about it last summer . Today we decided to tell what is inside the terminals, near the terminals and around them. And there is no intrigue inside, there is a computer and peripherals inside each MegaFon payment terminal. But when at one point, quite a lot of factors converge, which must be linked into a workable system, tricky action films occur, worthy of the attention of Guy Ritchie.

About the characteristics of the built-in terminal computer has also been written. Recall that this is a fairly productive system running Windows Embedded Standard 7

• Processor: Intel Original LGA-1155 Pentium G2130 (3 GHz)
• Motherboard: Asus P8B75-M Soc-1155 iB75 DDR3 mATX AC`97 8ch GbLAN SATA3 VGA + DVI + HDMI
• RAM: DDR3 2048Mb 1333MHz Crucial (ST25664BA1339)
• Video card: Palit PCI-E NV GF210 512Mb 32bit (TC) DDR3 625/589
')
In the past topic, habrayusers offered to make a bitcoin mining farm on them, but we did not try.

The computer is packed in a specially designed floor case with two monitors:



The case is strong, vandal-resistant, but not intended for outdoor use. It was not intended for all the street tests and works only indoors. Two monitors are needed solely for marketing purposes: firstly, to distinguish them from other terminals, and secondly, advertising is played on an additional large screen, which, again, attracts attention, and, of course, generates income from scrollable commercials.

When designing the software and hardware of the terminals, we laid out that they will be updated “on-the-air” - on the fly, without specialists leaving the site, from the “center”. Moreover, now not only the operating system itself is updated, but also the firmware of the devices of the complex - bill acceptors, for example. Entering a new function, monitoring system, financial statements - any changes are made simultaneously to the entire network. And security against fraud is also increasing.

Scene: "Lobby"

The theater begins with a hanger, a movie with a scream "Motor!", And payment terminals begin with a bill acceptor.

Our system is equipped with a CashCode validator (we will not call the exact model) a fairly well-known Canadian company Crane Payment Innovation (CPI) on the market. It is alleged that CPI in the Russian market occupies a leading place and more than 200 thousand devices have already been sold.

Proper recognition of bills is very important, one might say, the key function of the payment terminal. Despite the fact that bank cards are getting more and more prevalent, Russians still prefer to use cash. The Central Bank of the Russian Federation regularly publishes statistics on cash turnover , and, as can be seen from the graph, the amount of money, at least, does not decrease:



Some may be interested in the principle of the bill acceptor - how does the machine distinguish real money from paper? We answer: quite simply - with sensors. But, of course, the equipment is not engaged in pattern recognition in order to read the denomination of each individual bill - everything is much simpler. Bills of different denominations differ, firstly, in size and weight, secondly, by special marks visible in infrared or ultraviolet light, and, thirdly, there are magnetic marks on the notes. The process and rejection algorithms of bills are quite interesting (for example, you can read about machine-readable signs of various bills on the website of the Central Bank of the Russian Federation ) or even see , but this is not the purpose of our story - we can only say that the validators used in our terminals recognize almost all counterfeit bills. . But between fraudsters and "coin houses" there is an old, never ending war, like a shield and a sword and with varying success. We are not far behind the new products, and our devices promptly receive new data for their recognition, although fraudsters use rather sophisticated fake methods. For example, for some time there was such a way to turn one five-thousandth note into two:



We believe that the reliability of bill acceptors used in terminals is sufficient for industrial operation.

Here is the scheme of the bill validator, taken from the site of the device supplier:



The cash-in complex, it should be noted, includes not only the bill validator, but also the very necessary and useful devices attached to it, the stekker (sorter and banknote), and, of course, a special safe where the accumulated money is stored.

But it would be naive to assume that the villains will be limited to counterfeit bills - there are many more ways to deceive automatic receivers of money, which are not accepted to be distributed in the media. For example, the so-called “fishing” (abroad is also called fishing) is a fraudulent way to deceive the automation of the cash receiver, the essence of which is to pull the read bill back behind the leash line previously attached. The process of fraud is very similar to fishing. Here is the bill, prepared for the "fishing" and not the last operation:



And struggling with it in a similar way - cutting. Moreover, there are several options for fighting - rough “iron”, when special combs with sharp edges are inserted on the way of pulling the bill, which mechanically cuts unauthorized modifications of treasury tickets. The manufacturer does not provide such improvements.

Another way is more civilized: an attempt to pull out a bill after reading it is fixed by a special sensor, and the automation gives a strong impulse to the motor of the rollers - all kinds of “leashes” just breaks off, while the bill is not taken into account in the amount of credited funds. In addition, the actual bill also fits into the reader in a special way, excluding its withdrawal - note that the validator is pulled down. The bill is first pulled forward, and then at a sharp angle - down. Pull back it will be difficult.

Scene "Bar"

Guy Ritchie's heroes not only steal (not in the most productive way, in fact), but also cheat on taxes. MegaFon terminals are very law-abiding in this respect - a fiscal receipt is issued to the user for each operation. Checks are printed on a special thermal printer, and all transactions are recorded on the fiscal registrar. Printer brand: VKP-80II, and the fiscal registrar - PayVKP-80K.

In fact, this is a fairly simple device, which, however, can be talked about for quite some time:



But the device is quite famous and common. More interesting is the rule of working with fiscal checks accepted in our company. MegaFon reports on each transaction, each payment, and all transactions are recorded in EKLZ (stands for Electronic Control Tape Secure) - a special black box registered with the FTS, which is installed in each terminal and registers all transactions without being able to change them, provides a reliable mechanism for reporting.

First, a check is an official document with which you can report, for example, in the accounting department. Therefore, in case a ribbon runs out in a specific terminal, it stops accepting payments.

Secondly, in the event of a failure or error (have you ever made a mistake when entering a phone number?), The check serves as a document that will be reconciled and all problems are resolved - the check is the primary document. Therefore, each check contains a unique number for each transaction, by which it will be possible to resolve misunderstandings that may occur.

Thirdly, on the check there are contact phone numbers of technical support, where the user will be helped with the resolution of payment problems.

And fourthly, we ensure the implementation of all laws of the Russian Federation related to the receipt of cash. Today, there are still payment terminals that do not provide fiscal checks, which is a violation of federal law of May 22, 2003 N 54- “On the use of cash registers in cash payments and (or) payments using payment cards”. We honor the laws and fulfill all their requirements.

Of course, the terminal device is not limited to a printer and a bill acceptor. The terminal still contains an autonomous power source, which, according to regulations, supports device operation for at least four hours. There is a communication module in addition to the standard Ethernet - GSM / GPRS-modem, there is a small keyboard for entering digital data (pin-pad).

But we are coming to a close.

Scene: Shooting

Edd has been playing cards since he was able to raise a deck. He soon discovered that he had a huge advantage. The point is not that he is a good player and not what he thinks well when playing, the fact is that he perfectly follows people's reactions, no matter how they hid them, but everyone has reactions, especially when it comes to money .
Lock, Stock and Two Smoking Barrels

Payment system terminals a lot. They are different and from different operators. The difference between the MegaFon network of terminals is that in addition to simple payments using cash in favor of the telecom operator (by the way, we accept payments for other operators and no commission), or payment for other services, our terminals are able to work with public transit cards. transport. You can replenish the balance of the transport card "Troika" for travel in public transport in Moscow and the Moscow region.

For the replenishment of the Troika card there are two options that can be called “direct” and “remote” replenishment. Both options are available at MegaFon terminals.

Direct replenishment

It is very simple to replenish “directly” the “Troika”: 1. or enter the card number in the terminal, 2. or bring the card to the reader of the terminal, deposit money and, voila! - You can go about their business.

Just in words, but difficult inside: to interact with transport cards using NFC technology ( Near field communication ).

The principle of operation of contactless RFID cards, which are the Troika cards, is as follows:



"Reader" creates an alternating magnetic field of a given frequency. The contour of the card brought to the reader, tuned to resonance, creates an emf and a current appears in the circuit. This current is rectified by the diode and accumulated by the capacitor C2. The energy stored on capacitor C2 is used to power the chip, which contains a microprocessor and memory.

Energy, I must say, is enough to light up a simple LED:



The oscillatory circuit consisting of the capacitor capacitance C1 and the antenna inductance is controlled by a field-effect transistor, to the gate of which the chip transmits control pulses. But unlike the reader, the card does not have enough power to create a reciprocal electromotive force that the reader could catch. Therefore, the field-effect transistor simply “slows down” the oscillating circuit, and the reader receives information as a result of increasing losses in its own active oscillating circuit.

The subtlety of working with such cards is that the chip card's memory is very limited - the Mifare Classic (or Mifare Plus) cards used are only 7 bytes for the unchanged unique card code and another 1 or 4 KB (depending on the card type) user and map configuration data. For protection, the crypto -1 proprietary encryption algorithm is used, which turned out to be too simple and poorly protected against falsification. Experiments on the security of the Troika cards have already been described by Habrazhiteli.

The protection of the entire system was eventually carried out at several levels, and above all, in organizational measures and with the help of permanent monitoring of card use.

Therefore, the replenishment of Troika through the MegaFon payment terminal takes place according to a special algorithm that takes into account the security requirements.

So, the card contains a unique crypto-identifier and a memory bank, which may contain the number of tickets and / or a sum of money. The map stores only numerical indicators, and the information itself is contained on the servers of the transport system. Therefore, the replenishment of the card occurs only online, and, while from the terminal you can only replenish the balance. For tickets you will still have to contact the Moscow Metro ticket offices. But we are working together with the Metropolitan to expand the capabilities of the service.

To replenish the balance of "Troika", the user puts the card to the NFC reader and the terminal receives the card indicators.



Next, the authorization of the actual terminal on the transport system server, and authentication of a specific card occurs. The response comes the following information:

Amount of funds on the card
Number of trips
Write permission for a specific card
The maximum amount to write.

The first two points are clear and simple, but the third and fourth need to be explained. "Write permission" is associated with the fight against fraud. If a particular card is simply suspected of fraud, it is immediately blocked. Now it is impossible to record any information on it - the system blocks. The user is printed a special receipt (remember about the printer?), With which you need to contact the Metro cash desks for the relevant details. There are a lot of reasons for blocking, for example, cloning, which is calculated by an attempt to re-use the card faster than the system has installed, or if the user is too fast, according to the system, moves around the city, some of them were discussed in the article that we cited earlier . Enough "unusual behavior" and the system can put your card on the "black list".

The maximum amount of the record is the limit for card replenishment. Currently, it is set at 3000 rubles for all cards - the system will not allow a large amount to be recorded.

After all information about a specific card has been received by the terminal, the following happens:

The interface shows the amount that can be accepted on the card (not exceeding the limit).
User enters recharge amount.
The amount to be credited, plus the agreed amount already on the card is sent to the Metro server.
The Troika system responds to the terminal with the approval of the transaction and sends the bitmap that needs to be written to the memory of the card.
In case of an error (for example, the card was removed before the bitmap recording process was completed) - the terminal displays an error check. Unfortunately, you can correct the error only in the passenger agency e.

Remote replenishment

The card "Troika" can be replenished and remotely. No, this does not mean that you will not need to contact the terminal at all - to be able to work offline when calculating in public transport, where there is no permanent connection with the Metropolitan transport system, you need to write the “e-ticket” bitmap to the memory card. And this can only be done by physically lifting the card to the reader. But the money on the card account can be transferred using modern telecommunications means - using SMS or using popular payment systems.

The principle of “remote replenishment” is the following: we transfer money to the Troika virtual account in the Metropolitan system, and then write the refill to the card later, when visiting the Metro or in MegaFon saloon on the way to the bus stop.

You can recharge the card via the web interface on the Troika website .

And in order to replenish the "Troika" from the personal account of a cellular subscriber, you need to send an SMS to the number 3116 with the text:

troika <card number> <top up amount>

This process looks like on your phone:

1. We send the card number and the amount of "troika ..."



2. In response, an SMS comes with a variable code, which must be confirmed in the response message. This is done to protect your money from accidental cancellation:



3. After a short time, an SMS arrives with the message that the payment has been formed:



The money will be debited from the personal account of the MegaFon subscriber and will be credited to the Troika system without a fee.

4. The final stage - we approach the MegaFon terminal or the Metropolitan Information Terminal, and write the generated bitmap to the card. No additional information is required - the system already knows the unique card number and the amount to be credited.

Our terminal:



Moscow Metro:



While the terminal remains the most usual way of replenishment, which can be used without going down the subway, for example, on the way to a bus or tram stop, which makes using the Troika much more accessible.

By the way, our terminals are installed in almost every MegaFon store. You can find the nearest salon on the map or by requesting a list using the USSD command * 123 #

Final Scene "Apartment after disassembly"

Not all peripheral devices that are available inside the MegaFon payment terminal are listed. While we have not told you about how we plan to use NFC to communicate with mobile phones and you can use a barcode scanner.

We will tell about them a little later in our Habrablog.