Payment service providers, banks, and fintech companies face a fundamental challenge when scaling their terminal networks. They need hardware that accepts every payment method, software that stays secure and updatable, and a management layer that keeps thousands of devices under control without sending a technician to every location.
The SUNMI payment ecosystem was built to address all three requirements in a single, integrated platform. This guide breaks down every component, explains how the pieces fit together, and covers what PSPs in the United States and Canada need to know before deploying.
What Is the SUNMI Payment Solution?
The SUNMI payment ecosystem is an end-to-end platform that combines Android-based payment hardware, a purpose-built operating system, cloud-based terminal management, secure key injection, and application distribution into one unified stack. Rather than sourcing hardware from one vendor, an OS from another, and a management console from a third, PSPs get a vertically integrated platform where every layer is designed to work together.
The solution includes six components:
- P-Series payment terminals (P2, P2 SE, P2 LITE SE, P3, P3H) covering handheld, countertop, and mobile form factors
- SUNMI OS for Payment, an Android-based operating system with PCI PTS and EMV certification built in
- TMS (Terminal Management System) for remote fleet management, deployable on private cloud infrastructure
- RKI (Remote Key Injection) for secure, over-the-air cryptographic key distribution
- FSK (App Store/Distribution) for centralized application deployment across your terminal fleet
- SoftPOS capability that turns select SUNMI devices into tap-to-pay terminals using the built-in NFC reader
When we deploy SUNMI payment terminals for banking clients, the most common reaction is surprise at how much is included out of the box. The typical alternative requires stitching together four or five separate vendor relationships to achieve the same coverage.
How SUNMI OS for Payment Differs from Standard Android
SUNMI OS for Payment is a hardened, Android-based operating system engineered specifically for financial transactions. Unlike stock Android or generic commercial builds, it strips out consumer-facing features and adds layers of payment-grade security that meet PCI PTS and EMV certification requirements.
Key capabilities include:
- PCI PTS compliance: The OS meets Payment Card Industry PIN Transaction Security standards, ensuring cardholder data is protected during every transaction
- EMV L1 and L2 certification: Both the contactless reader interface (Level 1) and the payment kernel (Level 2) pass certification from Mastercard, Visa, American Express, JCB, and other card networks
- Kiosk mode: Locks the device to a single application, preventing end users from exiting the payment app or accessing the Android desktop
- Default application startup: Configure which app launches automatically when the terminal powers on
- OTA update support: Push operating system updates remotely without physical access to the device
One practical advantage we see in the field is how kiosk mode eliminates support tickets caused by employees accidentally navigating away from the payment application. For a PSP managing thousands of terminals across restaurant and retail chains, that translates to measurably lower support costs.
It is worth noting that SUNMI OS is exclusive to SUNMI hardware. You cannot install it on third-party devices, which means the tight hardware-software integration is both its strength and its limitation. PSPs evaluating the platform should factor this vendor commitment into their procurement strategy.
The P-Series: Payment Hardware For Every Deployment Scenario
SUNMI’s P-Series terminals are purpose-built payment devices that support chip and PIN, chip and signature, magstripe, contactless (NFC), QR code payments, and mobile wallets including Apple Pay and Google Pay. Every P-Series device runs SUNMI OS and shares a common EMV kernel, which simplifies certification when adding new models to your fleet.
Here is a practical breakdown of the lineup:
| Model | Form Factor | PCI PTS Version | Key Use Cases |
|---|---|---|---|
| P2 SE | Handheld with printer | PCI PTS 6.0 | Table-side payments, delivery, field service |
| P2 LITE SE | Compact handheld | PCI PTS 5.x | Cost-sensitive deployments, pop-up retail |
| P3 | Handheld with large display | PCI PTS 6.2 | Full-service restaurants, retail counters |
| P3H | Countertop with dock | PCI PTS 6.x | Fixed checkout, bank branches, kiosks |
The shared EMV Common Kernel across all P-Series devices is a significant advantage for PSPs. SUNMI’s shared EMV Common Kernel allows new P-Series models to inherit EMV Level 3 certification coverage under the existing family certification, reducing the time and cost of bringing additional hardware to market. Note: The PCI Security Standards Council sunset the standalone POSRouter certification program in 2023. EMV L3 certification is now handled through the standard PCI device certification process.
For PSPs evaluating SUNMI payment hardware, the P-Series covers the full spectrum from budget-friendly handheld devices to premium countertop terminals with large touchscreens.
US and Canada Payment Certification
Payment terminal certification requirements differ between the US and Canada:
- United States: PSPs typically work with acquirers and processors (such as Fiserv, Worldpay, or First Data) for EMV L3 certification. The PCI PTS requirements are the same, but the approval workflow and testing labs may differ by acquirer.
- Canada: Canadian PSPs must account for Interac acceptance in addition to Visa, Mastercard, and Amex. Interac has specific terminal certification requirements that must be validated. Many Canadian deployments also involve Moneris or Global Payments as the primary processor, each with their own certification timelines.
TMS: Managing Thousands of Terminals from a Single Dashboard
SUNMI’s Terminal Management System (TMS) is a cloud-based platform that gives PSPs centralized control over their entire device fleet. TMS handles everything from initial device registration through end-of-life recycling, covering the complete terminal lifecycle.
The most important TMS capabilities for payment service providers include:
- Private cloud deployment: TMS can be deployed on customer-specified servers (AWS, Microsoft Azure, or Alibaba Cloud) or on SUNMI’s own cloud infrastructure. For banks with strict data residency requirements, the private deployment option is essential
- Branch management: Supports tiered organizational structures where a parent company can manage sub-institutions, regional offices, and individual merchant locations from a single console
- App distribution: Push specific application versions to targeted device groups, branches, or individual terminals with controlled release processes
- Remote device control: Monitor device status, reboot, power off, and adjust settings without dispatching a technician
- Bulk configuration: Deploy transaction parameters and terminal settings across hundreds or thousands of devices with a single click
- Kiosk mode enforcement: Lock devices remotely to prevent unauthorized use
When we help ISV partners set up their TMS environments, the branch management feature consistently delivers the highest ROI. A payment processor serving hundreds of merchant locations across multiple states or provinces can segment their fleet by region, assign different application configurations per branch type, and push updates to specific groups without affecting the rest of the network.
Data Residency: US and Canada Considerations
Canadian PSPs and banks operating under PIPEDA (Personal Information Protection and Electronic Documents Act) must ensure that transaction data, device logs, and terminal management traffic are stored on Canadian servers or servers with adequate cross-border data agreements. SUNMI TMS supports private cloud deployment on Azure Canada (Canadian Central region) and AWS Canada (ca-central-1), enabling full compliance with Canadian data residency requirements.
RKI: Eliminating the Cost and Risk of Manual Key Injection
Remote Key Injection (RKI) is a cloud-to-terminal system that securely delivers cryptographic encryption keys to payment terminals over the air. SUNMI’s RKI solution has achieved PCI PIN and P2PE certification at both the CA/RA (Certificate Authority/Registration Authority) and KIF (Key Injection Facility) component levels.
Traditional key injection requires shipping every terminal to a certified key injection facility before deployment. For a PSP deploying 1,000 new terminals, that means 1,000 round trips to a facility, adding weeks of lead time and significant logistics costs.
With SUNMI RKI, keys are injected or rotated remotely:
- Initial key injection: New terminals receive their encryption keys during first boot, eliminating the need for pre-deployment facility visits
- Key rotation: Update encryption keys across your fleet on schedule or on demand, meeting compliance requirements without physical access
- Lower operating costs: SUNMI estimates that RKI reduces key management costs by removing the per-device facility fee that traditional injection requires
The PCI PIN and P2PE certification is critical here. Without these certifications, a remote key injection system would not meet the security requirements of major card networks and acquiring banks. SUNMI’s certified RKI provides a secure, compliant path that satisfies auditors.
One honest caveat: RKI requires reliable internet connectivity at the terminal location during the injection process. For deployments in areas with unstable connectivity, PSPs may still need to pre-inject keys at a facility for a subset of terminals.
SoftPOS: Turning SUNMI Devices into Contactless Payment Terminals
SoftPOS technology allows merchants to accept contactless payments using only the device’s built-in NFC reader, without a separate card reader attachment. Select SUNMI devices, including the V3 Mix and V2s series, support SoftPOS integration through partner applications.
This is particularly relevant for three deployment scenarios:
- Mobile merchants: Food trucks, market vendors, and field service technicians who need a lightweight, all-in-one payment device
- Backup payment acceptance: Retail locations that want a secondary payment terminal without the cost of dedicated hardware
- Rapid deployment: New merchant onboarding where speed matters more than full-feature payment acceptance
SoftPOS on SUNMI devices works with GMS-certified Android hardware and integrates with third-party SoftPOS providers. The merchant’s customers simply tap their card, phone, or smartwatch on the SUNMI device screen, and the transaction processes through the SoftPOS application.
SoftPOS in Canada: Interac Contactless
Canadian merchants expect Interac contactless support alongside Visa and Mastercard. When evaluating SoftPOS solutions for the Canadian market, PSPs should verify that the SoftPOS provider supports Interac Flash, Canada’s domestic contactless payment standard. Not all SoftPOS providers offer Interac certification, which can be a deal-breaker for Canadian deployments.
It is important to understand that SoftPOS typically supports contactless payments only. Chip-and-PIN and magstripe transactions still require a dedicated payment terminal from the P-Series. PSPs should position SoftPOS as a complement to, not a replacement for, traditional payment hardware.
Why PSPs Choose SUNMI Over Proprietary Terminal Vendors
Payment service providers evaluating the SUNMI payment platform against proprietary terminal vendors should consider several structural advantages:
Open Android ecosystem: SUNMI terminals run Android, which means PSPs can develop or commission custom payment applications using standard Android development tools. Proprietary terminals often require specialized SDKs, vendor-specific programming languages, or expensive certification processes for each software update.
Single-vendor integration: Hardware, OS, TMS, RKI, and app distribution all come from one provider. This eliminates the finger-pointing that happens when a terminal issue spans multiple vendor relationships.
Shared EMV kernel: All P-Series devices use the same certified payment kernel. Adding a new terminal model to your fleet does not require a separate EMV certification process.
Total cost of ownership: Android-based payment terminals typically reduce total cost of ownership by 30-50% compared to legacy proprietary hardware over a five-year lifecycle. The savings come from lower per-unit hardware costs, a broader developer talent pool (Android developers are more available than proprietary platform specialists), and remote management capabilities that reduce field service visits.
North American inventory and support: SUNMI terminals are deployed in over 200 countries globally. For PSPs operating in the US and Canada, local inventory and support is available through Rosper, an Authorized SUNMI Distributor with 8 warehouses across both countries. Most orders arrive in 2-7 business days.
How to Source SUNMI Payment Terminals in the US and Canada
For payment service providers, banks, and fintech companies in North America, SUNMI payment terminals are available through Rosper, an Authorized SUNMI Distributor with 8 warehouses across the United States and Canada. This local presence means PSPs can expect most orders to arrive in 2-7 business days rather than waiting weeks for international shipping.
Key procurement advantages include:
- Volume pricing: Competitive rates for PSPs deploying terminals at scale
- 3-year warranty: All SUNMI devices ship with SUNMI Care Standard, a 3-year manufacturer warranty. Rosper assists with warranty claims by helping you connect with SUNMI faster
- Technical consultation: Rosper’s team helps PSPs select the right mix of P-Series terminals for their specific deployment needs
- Inventory availability: US and Canadian warehouse stock eliminates supply chain delays
To start a conversation about your terminal deployment, request a quote with your estimated volume and deployment timeline.
Deployment Considerations and Best Practices
Successfully deploying the SUNMI payment platform requires planning beyond just hardware procurement. Here are the practical considerations we share with every PSP client:
Network requirements: SUNMI terminals require reliable internet connectivity for TMS communication, RKI key injection, and OTA updates. Plan for Wi-Fi, Ethernet (via dock), or cellular (4G LTE) connectivity at every deployment location.
Application certification: If you are developing a custom payment application, budget time for EMV Level 3 certification. SUNMI’s shared kernel accelerates this process, but certification timelines still vary by card network and acquirer. PSPs working with ISV partners should align certification timelines early.
Pilot before scale: Deploy a small batch of 50-100 terminals in a controlled environment before rolling out to your full fleet. This catches configuration issues, connectivity problems, and application bugs before they affect thousands of merchants.
TMS organizational structure: Set up your TMS hierarchy to mirror your actual business structure (regions, branches, merchant types) before deploying terminals. Restructuring a TMS environment after thousands of devices are registered is significantly more complex.
Security auditing: Schedule regular reviews of your RKI key rotation policies and TMS access controls. SUNMI provides the tools, but the security configuration is ultimately the PSP’s responsibility.
For PSPs exploring deployment options, review Rosper’s SUNMI V3 series comparison for a practical example of how different form factors serve different use cases.
Frequently Asked Questions
What is included in the SUNMI Payment Solution?
The SUNMI payment ecosystem includes P-Series Android payment terminals, SUNMI OS for Payment (PCI and EMV certified), TMS for remote fleet management, RKI for secure key injection, FSK for app distribution, and SoftPOS capability on select devices. Together, these components form a complete platform for payment service providers.
Is the SUNMI Payment Solution PCI certified?
Yes. SUNMI OS is PCI PTS certified, and individual P-Series terminals carry PCI PTS certifications ranging from version 5.x to 6.2 depending on the model. The RKI system holds PCI PIN and P2PE component certifications. EMV L1 and L2 certifications cover all major card networks including Mastercard, Visa, American Express, and JCB.
Can I deploy SUNMI TMS on my own servers?
Yes. SUNMI TMS supports private cloud deployment on customer-specified servers, including AWS, Microsoft Azure, and Alibaba Cloud. For Canadian deployments, Azure Canada Central and AWS ca-central-1 are supported for PIPEDA data residency compliance. Both single-server and cluster deployment options are available.
How does SUNMI RKI reduce deployment costs?
SUNMI RKI eliminates the need to ship terminals to a certified key injection facility before deployment. Encryption keys are injected remotely during first boot and can be rotated over the air on schedule. This removes per-device facility fees, reduces lead times, and simplifies ongoing key management compliance.
Where can I buy SUNMI payment terminals in the US and Canada?
Rosper is an Authorized SUNMI Distributor with 8 warehouses across the US and Canada, including a Canadian warehouse in Brampton, Ontario. PSPs can expect 2-7 business day delivery, volume pricing, and a 3-year warranty (SUNMI Care Standard) on all devices. Visit rospertech.com to request a quote.