diff --git a/docs/SPEC.md b/docs/SPEC.md
index 28ebf00..54c94a3 100644
--- a/docs/SPEC.md
+++ b/docs/SPEC.md
@@ -5,7 +5,7 @@ The bolt card system is built on the open standards listed below.
 - [LUD-03: withdrawRequest base spec.](https://github.com/fiatjaf/lnurl-rfc/blob/luds/03.md)
 - [LUD-17: Protocol schemes and raw (non bech32-encoded) URLs.](https://github.com/fiatjaf/lnurl-rfc/blob/luds/17.md)
 
-## Bolt card interaction
+## Bolt card and POS interaction
 
 - the point-of-sale (POS) will read an NDEF message from the card, for example
 ```
@@ -17,7 +17,8 @@ https://card.yourdomain.com?p=A2EF40F6D46F1BB36E6EBF0114D4A464&c=F509EEA788E37E3
 ```
 - your bolt card service should verify the payment request and continue the LNURLw protocol
 
-### Server side verification 
+## Server side verification
+
 - for the `p` value and the `SDM Meta Read Access Key` value, decrypt the UID and counter with AES
 - for the `c` value and the `SDM File Read Access Key` value, check with AES-CMAC