Skip to main content

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

Share your experience with the FAS IT-Playbook by taking this brief survey

GECO

The GSA Enhanced Check-Out (GECO) system is a Point-of-Sale (POS) and e-commerce platform used across GSA Retail Operations in both CONUS and OCONUS locations. It enables secure, efficient sales of Vendor Managed Inventory (VMI) from GSA MAS vendors, supporting both in-store and online transactions. The system consists of an order approval workflow to help agencies manage procurement budgets.

Key Business Objectives

System Architecture

GECO is a multi-tiered retail system composed of three integrated components that support in-store and online sales operations for GSA Retail Stores.

  1. GECO nPOS Website
    • Function: In-store Point-of-Sale system for processing WIWO and Referral orders.
    • Access: Internal GSA network; secured via MFA and ENT credentials or KIOSK login.
    • Services Used:
      • AAC Validation (customer eligibility)
      • GCPC Tokenization and Authorization (secure credit card processing)
    • Roles: Admins, Store Managers, Cashiers.
  2. nChannel Integration Platform
    • Function: Middleware that processes and routes orders from nPOS to GSA's OMS.
    • Location: Hosted in GSA's Irongate Data Center.
    • Workflow:
      • Receives orders from nPOS.
      • Submits to OMS and receives status updates.
      • Sends financial data to Retail Billing via SFTP.
      • Monitors and manages order workflows via nChannel Portal.
    • Roles: Admins, GSA Administrators, Approvers.
  3. GECO Store Portal
    • Function: Public-facing e-commerce site for remote order placement.
    • Access: Web-based; users request access and are approved by Admins and Store Managers.
    • Workflow:
      • Customers place orders for authorized stores.
      • Orders follow a customizable approval workflow.
      • Finalized orders are processed in nPOS like in-store orders.
    • Roles: Admins, Store Managers, Customers.

Security & Integration

Diagram exploring Security and integration

Technical Approach

The GECO platform is built on a modular, service-oriented architecture that integrates in-store POS systems, middleware for order processing, and a public-facing e-commerce portal. It leverages secure authentication, web services, and batch processing to ensure reliable and scalable retail operations across GSA stores.

  1. Modular System Design
    • Three Core Components:
      • GECO nPOS Website – In-store POS interface.
      • nChannel Integration Platform – Middleware for order routing and system integration.
      • GECO Store Portal – Public e-commerce site for remote ordering.
  2. Secure Access & Authentication
    • Multi-Factor Authentication (MFA) using GSA ENT credentials.
    • Role-Based Access Control (RBAC) across all components.
    • KIOSK login for users without PIV cards.
  3. Web Services Integration
    • AAC Validation Service – Verifies customer eligibility.
    • GCPC Tokenization Service – Secures credit card transactions.
    • OMS Integration – Submits and tracks orders with GSA's Order Management System.
  4. Order Processing Workflow
    • Orders entered via nPOS or Store Portal.
    • Validated and tokenized through web services.
    • Routed through nChannel Integration Platform to OMS.
    • Financial data batched every 15 minutes to Retail Billing via SFTP.
  5. Data Hosting & Infrastructure
    • nChannel Integration Platform hosted in GSA's Irongate Data Center.
    • Store Portal is publicly accessible but tightly controlled via email domain and store-level authorization.
  6. Error Handling & Workflow Management
    • Manual intervention tools available in nChannel Portal.
    • Customizable approval workflows in Store Portal.
    • Sync Manager ensures reliable data transmission between components.

Timelines

  1. Initial Deployment
    • GECO nPOS, Store Portal, and nChannel Integration Platform deployed across all GSA Retail Operation stores (CONUS and OCONUS).
    • Integration with GSA OMS and Retail Billing systems established.
  2. Operational Milestones
    • User Onboarding: ENT credential setup, MFA configuration, and Store Portal access approvals.
    • Order Workflow Activation: Real-time validation, tokenization, and order routing to OMS and financial systems.
  3. Upcoming Migration
    • Data Center Transition: GECO’s backend infrastructure, currently hosted at the Irongate Data Center, will be migrated to the GSA Stennis Data Center by September 2026.
      • Objective: Improve scalability, reliability, and alignment with GSA’s long-term infrastructure strategy.
      • Impact: Expected to be seamless for end users with backend enhancements and improved performance.