- Reply rate:
- -
- Availability:
- Hourly ($/hour)
- Age:
- 37 years old
- Location:
- Noida, Uttar Pradesh, India
- Experience:
- 13 years
Sarabjeet Singh
Solutions Architect
Noida, India •- •-• in/sarabjeet-singh-/
SKILLS
Hard Skills: Application Solution Design & Architecture, Cloud Solution Design & Arcitecture, REST API Design, ,
Security protocols implementation, NEXO solutions, Android Application Development, Microservices,
Cryptography, MQTT, WebSocket, IT Management, Consulting.
Techniques: Business Analysis, IT Strategy, Requirements Analysis, Project Delivery, Software Development.
Tools: Confluence, JIRA, GIT, Notion, MIRO, Swagger/Open API, Docker, Postman, Insomnia, JCOP,
Specifications: EMV, Global platform (Contact, Contactless, Amendment, A,B,C,D,E), NEXO Specifications, ISO Standards,
WORK EXPERIENCE
Ingenico India International Private Limited, Noida, India
11/2022 – Present
Solutions Architect
●
●
●
●
●
Android POS Solutions Architecture.
Cloud Applications Architecture, API design, Open API Specification
REST API security design, Security protocols ((TLS, MTLS, Machine to Machine authentication based
upon Certificate chain and PKI, OAuth 2.0, API Keys, Bearer tokens, SSL)
Solution design based upon MQTT, Web socket communication protocols
Documentation, Sequence diagrams, UML flows, technical requirements documents
Girmiti Software Private Limited, Bangalore, India
09/2018 – 10/2022
Associate Director - Technology (05/2021 – 09/2022) | Manager - Technology (08/2020 - 04/2021) |
Lead-Technology (09/2018 – 03/2021)
●
●
●
●
●
Requirement gathering and design for POS applications projects
Work closely with the development team to ensure requirement are fully understood and provide
assistance with overcoming obstacles faced during development.
Overall responsibility of delivering the projects.
Accomplishes human resource objectives by recruiting, selecting, orienting, training, assigning,
scheduling, coaching, counselling, and disciplining employees; communicating job expectations;
planning, monitoring, appraising, and reviewing job contributions; planning and reviewing
compensation actions; enforcing policies and procedures.
Track operational measures and take remedial steps/decisions to correct any variations from targets
Subex Limited, Bangalore, India
06/2017 – 08/2018
Technical Anchor/System Analyst
●
●
Development and design of Spring/Hibernate/GWT applications & modules.
Development and solution design for java card applications for customer experience tracking
Idemia (fka: Smartchip), Noida, India
08/2011 – 06/2017
Senior Software Engineer (06/2013 – 06/2017) | Software Engineer (AUG 2011 – MAY 2013)
●
●
●
EMV Payment Application architectural design and development
Java Card/Smart Card domain Expert
Architecture and development of javavard applications
EDUCATION
Lovely Professional University, Punjab, India
Masters of Computer Applications
08/2008 – 05/2011
PROJECT CONTRIBUTIONS
Cloud Connector Solution Design
Cloud connector solution allows Clients (Payment Terminal Applications and Point of Sale solutions) to connect
over WebSocket protocol with security based upon JWT/Machine to Machine authentication based upon
Certificates.
●
Cloud connector solution design based upon WebSocket
●
Scalability management using Http proxy to manage 200K clients connections simultaneously
●
Proof of Concept for solution viability
MQTT Client (JAVA/C++) Solution design and development
MQTT Client allows applications (JAVA/C++) to use MQTT protocol (3.1) to connect with MQTT broker and
publish/subscribe topics to allow exchange of messages using PUB-SUB model.
●
MQTT Architecture design based upon EMQX broker
●
MQTT Client development
●
Scalability management using Http proxy to manage 200K clients connections simultaneously
●
Proof of Concept for solution viability
Pre-Auth Transaction solution architecture based upon NEXO
Nexo based pre-auth transaction handling with ECR and Terminal application.
●
MQTT/HTTPS hybrid Architecture design based upon EMQX broker for Terminal Application
and ECR connectivity
●
Scalability management using Http proxy
●
Swagger/Open API development for NEXO retail API
Pay@Table Transaction solution architecture based upon NEXO
Nexo based Pay@Table transaction handling with ECR and Terminal application with split payments.
●
MQTT/HTTPS hybrid Architecture design based upon EMQX broker for Terminal Application
and ECR connectivity
●
Split payment solution design and implementation
●
Scalability management using Http proxy
●
Swagger/Open API development for NEXO retail API
MTLS solution design for third party terminals
TLS based authentication solution design for third party terminals based upon Client Id/Secret to retrieve access
tokens
●
Swagger/Open API development for NEXO retail API
●
TLS Rest API Design
Remote Desktop from PPaaS Portal
Solution design and architecture design for performing remote desktop activities for maintaining merchant
terminals remotely.
●
SSO Login design
●
Security architecture to access Payment terminal remotely from portal
VERIFONE PAYMENT SDK DEVELOPMENT (ANDROID) – NEXO FAST
FOR EUROPAN MARKET | AUGUST 2020 TO SEPT 2020(Full TIME)
●
This project included development and integration of payment SDK in Nexo-Fast Payment
Application. The project included following tasks:
•
Init Kernel (CAPK, Other Kernel Parameter)
•
Implement EMV Bridge (Chip, CTLS, MSR)
•
Handle Call-backs
•
Handle Fall-backs
•
Online PIN (Cardholder Data)
•
EMV Implementation:
•
NFC Process
•
IC Process
•
Magnetic Process
•
Transaction handling (Gateway implementation for Acquirer authorization requests)
•
Implement Printer Manager (integrate OEM API to wrapper class)
SUNMI PAYMENT SDK DEVELOPMENT (ANDROID) – NEXO FAST
LAVAGO (OFF SITE) | MARCH 2020 TO JULY 2020(Full TIME)
●
This project included development and integration of payment SDK in Nexo-Fast Payment
Application. The project included following tasks:
•
Init Kernel (CAPK, Other Kernel Parameter)
•
Implement EMV Bridge (Chip, CTLS, MSR)
•
Handle Call-backs
•
Handle Fallbacks
•
Online PIN (Cardholder Data)
•
EMV Implementation:
•
NFC Process
•
IC Process
•
Magnetic Process
•
Transaction handling (Gateway implementation for Acquirer authorization requests)
•
Implement Printer Manager (integrate OEM API to wrapper class)
Trusted Service manager
DISCOVER (OFF SITE) | JAN 2019 TO DEC 2019(Full TIME)
●
Trusted service manager is SPRING BOOT Microservices based REST Service platform that
provides the issuers and providers of payment card services to perform Different activities on
CARDS (Payment cards: Credit, debit cards, loyalty and reward point cards). The activities
include:
•
Loading, Installing and Deleting payment applications (Credit debit applications,
Loyalty applications, wallet applications)
•
Personalization of payment data to manage different activities with application
•
Vendor onboarding (New vendor or merchant creation, update, deletion etc)
•
Payment Transaction management and settling
•
User management activities
Q-Sparc NPCI Payment Application(Java-Card)
MCT (OFF SITE) | JAN 2019 TO SEP 2019(FULL TIME) – V 2.0
IDEMIA (OFF SITE) | JAN 2016 TO JUNE 2016 (Full TIME) – V 1.0
●
EMV based specification (qSPARC) for a Dual Interface Card application, which will be used
for supporting standard payments as well as low value payment segments such as transit,
loyalty, parking, toll etc.
●
Key features of qSPARC Chip Card are mentioned below:
•
Standard Payment: Standard EMV based retail payments through contact and
contactless interfaces at Merchant POS terminals
•
Transit:
•
Cashless and contactless ticketing across various transit operators
•
Service Compartments: Merchants and Operators can create and use their own
space on the Card, referred to as ‘Service Compartment’. There may be multiple
independent service compartments on the same Card catering to different business
implementations. Merchants and Operators may build their own specific programs,
such as transit and loyalty, on these areas as per their business agreements with
the card Issuer.
•
Multi-level Wallets: qSPARC specification supports the creation of wallets in the
Card at two different levels: (1) Global, i.e. at Card level, and (2) Local, i.e. at
Service level. The Global balance is maintained by Issuers and the Local balance is
maintained by Merchants and Operators. While the Local balance may be utilized
for transactions only at service provider specific outlets, the Global balance may be
utilized for payments at all outlets where RuPay chip cards are accepted.
DISCOVER DPAS CONTACTLESS MOBILE PAYMENT APPLET
DISCOVER (Onsite) | Sep 2018 to Sep 2019 (Full Time)
●
Dual Interface EMV APPLICATION capable of MS Mode, ZIP Mode, UICC Mode along with
45 profile management for different transactions.
EMV Application Perso and Validation Tool
DISCOVER (Onsite) | Sep 2018 to Mar 2019 (Full Time)
●
Python based EMV PAYMENTS APPLICATIONS (VISA CARD, EMV) PERSONALIZATION
AND TRANSACTION VERIFICATION TOOL.
Contract management - Contrct lines
Optus | jan 2017 to july 2018 (Full Time)
●
This Module is used to add different contract lines in a contract. Based upon different types of
contracts, different contract lines can be added. The contracts can be Goods and Services
contracts, Service contracts or Support Services contracts
Entity import & export
Optus | oct 2017 to jan 2018 (Full Time)
●
This Module performs different imports and export functions on Metrics configured in the
system. The metrics includes, Capacity KPIs of network, Blending KPIs for network
monitoring, Capacity Hotspots, Capacity Utilizations and different Business Rules. The
exported data can then be imported in any other system.
●
This module is used during migration of Systems or Upgrade of data to port all entities and
their relations collectively.
Asset Assurance (KPI Blending)
Optus (India: Offsite) | Jun 2017 to Oct 2017 (Full Time)
●
Kpi Blending includes: Normalization of different data sets received from different cells and
nodes places in different cities Calculation of Utilization, threshold etc based upon the data to
provide data analytics about under or over utilized nodes/cells.
GSMA Mobile connection Authentication Application
MORPHO (India: Onsite) | Feb 2016 to Apr 2016 (Full Time)
●
The aim of the Mobile Connect Authentication application is to provide Service Providers with
a range of authentication options, each authentication mechanism being mapped and certified
to a defined set of Levels of Assurance based on ISO/IEC 29115 Clause 6.
●
This application implements authentication mechanisms based upon the three authentication
modes have been identified and mapped to the LoA levels in GSMA CPAS8 SIM Applet
Authentication Specification. There are different journeys supported by the application namely:
●
Click OK Journey: Simply ask the user to Click OK to authenticate, authorise or consent to a
transaction
●
The Personal Code journey: Require users to authenticate, authorise a transaction by entering
their Personal Code.
●
Personal Code Creation Journey: Card Authentication Application will allow
registration/update/authentication of user with Personal Code.
Mobile World Congress Demo for GSMA Authentication Application
MORPHO (India: Onsite) | Dec 2015 to Jan 2016 (Full Time)
●
This project comprises two parts:
•
Web Portal to manage User profile and subscriptions via Client-Server Architecture
•
Authentication Applet that manages user authentication, sensitive data and
communication with the server
DNS Resolver for global platform amendment B Polling application
MORPHO, EE (INDIA: Onsite) | Oct 2015 to Nov 2015 (Full Time)
●
This application was developed as a Component for Global Platform Amendment B Polling
application that help it in resolving domain names to initiate HTTPs handshaking with server
and Admin Agent. It exposes Global platform SCP 81 communication to resolve domain
names according to RFC 1034 DOMAIN NAMES - CONCEPTS AND FACILITIES and RFC
DOMAIN NAMES - IMPLEMENTATION AND SPECIFICATION. It initiates the domain name
resolution process with a Fully Qualified Domain name query process and resolves with
names with FQDN response received from DNS Server
GLOBAL PLATOFORM - AMND. B Polling
MORPHO (INDIA: Onsite) | AUG 2015 to SEP 2015 (Full Time)
●
This application was developed to initiate ADMIN AGENT and SERVER Handshaking using
SCP81 (HTTPs) communication protocol. It takes advantage of Global Platform HTTPs
Administration, Application and Personalization interfaces and classes to initiate the
Handshaking process. Global Platform 2.2 specification is utilized to Open channel for
communication using Bearer Independent Protocol parameters defined in ETSI TS 102 124
Transport Protocol for UICC based Applications.
Shared PROXY Javacard applet
Oberthur, MORPHO (INDIA: Onsite) | Jun 2015 to Jul 2015 (Full Time)
●
This application was developed with Client Server architecture to Help integrate Oberthur's
Application with S@T Browser on MORPHO CARD. It takes advance to Shareable feature of
JAVACARD to provide a shared interface mechanism to Oberthur's applications to trigger the
S@T browser component and applications of MORPHO smart cards. MORPHO S@T browser
Shared PROXY application was developed as an intermediate which triggered Oberthur's
applications and also trigger MORPHO S@T browser when Oberthur's application triggers
shared method present in PROXY application.
Android Access Rule Application for Secure Element
MORPHO (INDIA: Onsite) | Mar 2014 to Apr 2014 (Full Time)
●
The Access Rule Application (ARA) on the Secure Element stores the Access Rules. The ARA
consists at least of the unique Access Rule.
●
Application Master (ARA-M) and may contain several Access Rule Application Clients (ARAC).
●
All Access Rules stored in the ARA are accessed by the Access Control Enforcer via the ARAM.
●
Developed applet according to GP spec Secure Element Access Control v1.0 |
GPD_SPE_013.
ISO-1 Pin Block plugin
MORPHO (Offsite) | Oct 2013 to Nov 2013 (Full Time)
●
This plug-in format the PIN value entered by User into ISO 1 format. The ISO-1 PIN block
format Plug-in supports a PIN from 4 to 12 digits in length. A PIN that is longer than 12 digits is
truncated on the right. The first nibble (which identifies the block format) has the value 1. Then
the plugin encrypts the ISO1 pin format using AES encryption with 128 bits key.
WIB Browser plugin
MORPHO (INDIA: Offsite) | Aug 2013 to Sep 2013 (Full Time)
●
This project has multiple plug-in Development for various functionalities incorporation in
Wireless Integrated Browser:
●
Date Check: check date from Year 1900 onwards including Y2k Issue
●
Check USSD: format USSD data and send to server
●
LUHN algorithm: check integrity of IMEI of the Handset by implementing LUHN algorithm to
calculate Check digit
●
Display Text plug-in: Display Response of USSD command received from server and handle
various data format (8 Bit Data, UCS2 Data, 7-bit packed Alphabet format Data)
●
DATA Packing plug-in: This plugin packs/unpacks user data for USSD command and SMS
into 7-bit packed format.
ADN lookup WIB Browser plugin
MORPHO (INDIA: Offsite) | Jun 2013 to Jul 2013 (Full Time)
●
ADN Lookup WIB plugin provides following features:
●
Provide Phonebook manipulation facility in a WIB byte code application
●
Search Phonebook
●
Update/Delete/Add names in phonebook
●
Sort phonebook
Vodafone Extended phonebook
Vodafone (INDIA: Offsite) | May 2013 to May 2013 (Full Time)
●
This application provides users and extended phonebook option to save contacts. Traditional
SIM card provides support for maximum of 254-55 contacts saving capability (limited due to
ADN file records number limitation). This application has proprietary files on card with similar
structure to ADN file and allows uses to save upon 500 contacts and along with following
options directly from STK menu:
•
Search a contact
•
Update contact
•
Delete contact
•
Automatic Sorting of contacts.
Airtel Money Sim Toolkit Application
Airtel (INDIA: Offsite) | Mar 2013 to Apr 2013 (Full Time)
●
This Sim toolkit application provides users to transfer money from:
•
one mobile number to other mobile number,
•
One bank account to other
•
Withdraw money from bank account
•
Add Beneficiaries to a bank account
•
Delete Beneficiaries
•
Update Beneficiaries
MULTI-IMSI
MORPHO (INDIA: Onsite) | Jan 2013 to Feb 2013 (Full Time)
●
Multi IMSI based application allows mobile users to change their MNO's without changing of
their SIM (or UICC).
●
An API was created to switch necessary files of UICC with the files of a particular MNO, with
which user wish to connect.
●
Switching is based upon different identifiers of MNO, which are completely configurable using
OTA Interface.
●
This API can be used as a core of any UICC application which requires Multi-IMSI based
approach
