Mobile POS systems, or mPOS systems, are dedicated portable devices or apps that are installed on phones or tablets. mPOS is used to process sales, take payments, and perform other point-of-sales (POS) tasks from the convenience of a mobile device.
This guide explains mPOS, the differences to traditional ePOS (electronic point-of-sales), and what your business should consider when choosing the hardware and software you’ll rely on to process transactions and payments.
What are mobile POS/mPOS systems?
mPOS is provided as either a dedicated device supplied by a payment processor or POS platform, or as an app you can install on your own portable devices. Its functionality generally focuses on customer sales and payments rather than other ePOS functions like reporting, which are handled by other connected platforms or web interfaces. mPOS is wireless, connecting to the internet via Wi-Fi or a cellular network.
mPOS running on dedicated hardware has several advantages: devices are more locked-down, and additional hardware features that aren’t common on consumer devices can be included, such as credit card readers, keypads for faster input, and more robust enclosures that are resistant to spills, drops, or greasy customer hands. Dedicated devices are also less attractive targets for theft.
These hardware features aren’t required for some use-cases, where cost is a more important factor. For these situations, mPOS may be provided as an app that can be installed on an existing mobile device (for example, an iPhone or Android tablet). This allows for greater flexibility and for the device to be used for other purposes, and reduces the amount of dedicated hardware required by small businesses and sole traders.
How mPOS changes retail and service workflows
A mobile POS terminal differs significantly from traditional fixed ePOS terminals in both form-factor and use cases.
For retail, mPOS offers a low barrier to entry. mPOS delivered from an app requires no dedicated hardware (or space to house it), and handheld devices can be readily adopted by businesses that operate pop-up shops, or primarily operate from their vehicle or home, for example, plumbers, electricians, or other contractors.
For the service industry, mPOS allows greater flexibility, enabling front-of-house hospitality staff to serve customers at their tables. Roaming staff can also take orders from customers while they queue, speeding up service, or operate mPOS devices from small kiosks or food carts where fixed hardware is unsuitable.
mPOS makes customer service more flexible and provides the opportunity to remove service bottlenecks and increase sales. However, there are some tasks less suited for mPOS: cash-heavy businesses may prefer fixed ePOS terminals with secure cash drawers, and management tasks like reporting, refunds, transaction reconciliation, and other administrative tasks like employee timekeeping are often better suited to larger screens.
Operational considerations for mPOS adoption
mPOS creates unique challenges that must be considered when planning its adoption:
- Batteries and charging: mPOS devices rely on batteries. mPOS devices running out of charge during peak business hours will frustrate customers and result in monetary loss for your business.
- Network connectivity: Spotty Wi-Fi or poor cellular coverage can result in failed transactions and payments
- Physical security: Mobile devices are easily misplaced.
Ownership is key to solving these problems. Staff must be trained to return mPOS devices to their charging cradles when not in use so that they are easy to locate and ready at a moment’s notice. Businesses may deploy an extra device than required (or keep spare batteries on hand if they are interchangeable in dedicated mPOS devices), or maintain a fixed ePOS terminal as a backup.
Security and compliance implications of mobile POS systems
mPOS devices must be kept both physically and digitally secure. Even with secure contactless payment methods, protected personally identifiable information may be supplied, and compromised devices may tamper with the transaction process, leaving your business and customers vulnerable. mPOS devices should be secured both at the device and network level, with measures that meet compliance standards such as PCI DSS, or your regional equivalent.
Devices used for mPOS should restrict who can install apps and make configuration changes, to prevent malicious code from running on the same device used to handle sensitive data. Security controls provided by the mPOS platform should also be leveraged to ensure staff only have access to the functions and data they require.
Solving mPOS operational and governance challenges
Mobile device management (MDM) and network monitoring assist with these security and compliance concerns: MDM can be used by IT departments and MSPs to enforce security policies and restrict devices (for example, using kiosk mode to lock the device to only the mPOS app), while network monitoring can alert on suspicious activity. Managed devices can also be remotely locked and wiped if lost or stolen.
Effective patch management is also critical for keeping mPOS fleets secure and operational. Patches must be regularly deployed to reduce cybersecurity threats, however they must be tested and deployed outside of business hours to avoid interruption.
The flexibility offered by mPOS can cause confusion and make coordination of management tasks difficult if there are no clear policies and procedures in place for how devices are to be handled. IT documentation software assists with this, providing a centralized location for policies that can be self-serviced by staff.
Common mPOS adoption pitfalls
There are several pitfalls that commonly stymie ePOS deployment and prevent businesses from getting the full value from it immediately:
- Treating mPOS simply as a hardware refresh: Failing to take advantage of the mobile form-factor to improve the customer experience is a wasted investment.
- Neglecting to update workflows: Customer service falters if workflows are not updated to account for mPOS-specific factors such as battery charging and ensuring that connectivity reaches all service areas.
- Not setting clear ownership of devices: Staff on the ground should be trained in device usage, with a clear owner of each device across the service period to prevent accountability gaps that result in devices becoming unavailable at critical moments.
- Leaving security as an afterthought: IT teams should be part of the planning and deployment of mPOS devices to ensure that they are not a cybersecurity blind spot.
Being proactive is key to seeing the sales and service advantages of mPOS for the use cases it is suited for and remaining secure and compliant.
Hybrid mPOS and ePOS deployments
mPOS and ePOS do not have to be used in isolation. Hybrid deployments are frequently used for businesses with multiple sites and even within the same retail location. For example, a café chain may maintain fixed terminals at its brick-and-mortar locations, while deploying mPOS to its fleet of coffee carts and trucks. Within a single location, fixed terminals may be used to serve take-away customers, while seated diners are conveniently served by staff using mPOS devices.
This hybrid approach can either be supported by a single POS platform or by mixing platforms and consolidating reporting using automation.
Monitoring, managing, and securing mPOS devices with NinjaOne MDM
NinjaOne MDM allows you to remotely manage Apple, Android, and Windows mobile devices, no matter where they are or how they are connected. You can use NinjaOne to deploy policies that restrict how mPOS devices are used and where they can connect, ensuring that they are only used for their appropriate point-of-sales tasks. Built-in network monitoring and automation allows you to detect suspicious activity and receive alerts when devices fall offline, allowing for proactive measures to be taken to ensure that sales channels are always open and running at capacity.
With NinjaOne, you can maintain full visibility over your entire IT infrastructure and eliminate the blind spots that mobile devices often present. NinjaOne maintains compliance with an increasing number of data protection frameworks, making it suitable for many use cases where protected data is processed.
