Case Study: Halo Dot achieves EMV L2‑compliant, fraud‑protected Tap‑on‑Phone SoftPOS with Zimperium MAPS

Why SoftPOS Vendors Are Embracing Zimperium's Application Security

Halo Dot is a Tap‑on‑Phone SoftPOS provider that enables merchants to accept contactless card payments on Android consumer devices and is certified for Visa, Mastercard and American Express. Facing the unique fraud risks of running payment applications on COTS devices and the need to meet EMV Level 2 and PCI security expectations, Halo Dot partnered with Zimperium and adopted its Mobile Application Protection Suite (MAPS) to protect sensitive keys and cardholder data on‑device.

Zimperium delivered layered protection—white‑box cryptography (zKeyBox) to conceal keys and Application Shielding (zShield) to prevent reverse engineering—plus MAPS telemetry and tooling to support assessments. By using Zimperium, Halo Dot strengthened its defenses against on‑device key extraction and cloning, demonstrated the controls required by PCI/EMV evaluators, and was able to deliver a competitive SoftPOS app and SDK that reduces fraud risk, lowers merchant acceptance costs, and helps build trust with global customers and card schemes.

Halo Dot