VeriFone V200c Reference Manual Download Page 35 | Manualshive

Page: 35 / 66

VeriFone V200c Reference Manual Download Page 35

F

ILE

A

UTHENTICATION

Introduction to File Authentication

V200

C

R

EFERENCE

G

UIDE

35

A sponsor certificate is authenticated under a higher-level system certificate,
called the application partition certificate.

•

Signer certificate: Certifies the right to sign and authenticate files for terminals
belonging to the sponsor.

A signer certificate is authenticated under the authority of a higher-level client
certificate (the sponsor certificate).

The required sponsor and signer certificates must either have been previously
downloaded and authenticated on the terminal, or they must be downloaded
together with the new signature and target files to authenticate correctly.

Signer Private Keys Are Issued to Secure the File Signing Process

Signer private keys are loaded onto a smart card. This smart card is securely
delivered to the business entity that the terminal sponsor has authorized to sign,
download, and authenticate applications to run on the sponsor’s terminal.

The Verifone CA can also issue additional sets of sponsor and signer certificates,
signer private keys to support multiple sponsors, and multiple signers for a
specific platform.

To establish the logical security of applications to download to a terminal, the
designated signer uses the signer private key issued by the Verifone CA as this is
a required input to the VeriShield File Signing Tool. Every signature file contains
information about the signer private key used to sign it.

When a signature file is generated using a signer private key. Successful
authentication depends on whether the signer private key used to sign the target
file matches the signer certificate stored in the terminal’s certificate tree.

How File

Authentication

Works

File authentication consists of three basic processes:

1

Certificate Request:

An optimal certificate structure is determined, and the

necessary certificates and keys are created.

2

Development:

The file signing software tool creates a signature file for each

application file to authenticate.

3

Deployment:

The development and pre-deployment processes, once

complete, are used in combination to prepare a terminal for deployment.

NOTE

Only one sponsor certificate is permitted per terminal.

«
...
33
34
35
36
37
...
»

Summary of Contents for V200c

Page 1: ...Verifone Part Number DOC420 004 EN B Revision B V200c Reference Guide...

Page 2: ...efore placing the software into productive use This document including without limitation the examples and software programs is supplied As Is Verifone Inc 1 800 VERIFONE www verifone com Verifone Par...

Page 3: ...Descriptions 12 CHAPTER 3 System Mode When to Use System Mode 15 Local and Remote Operations 15 Verifying Terminal Status 16 Entering System Mode 16 Exiting System Mode 17 Passwords 18 System Password...

Page 4: ...ures 46 Direct downloads 46 DDL Command Line Syntax 46 DDL Command Line File 47 DDL Example 47 Downloading without an Onboard Application 47 Network Download Utility 48 File Signing and Signature File...

Page 5: ...ion module of the VeriShield security architecture and describes how to use the file signing utility VeriShield File Signing Tool to generate signature files Chapter 5 Performing Downloads Presents pr...

Page 6: ...roll of thermal sensitive paper in the printer Courier The courier typeface is used while specifying onscreen text such as text that you would enter at a command prompt or to provide an URL RetrieveC...

Page 7: ...g Diode MIB Management Information Block MRA Merchandise Return Authorization MSAM Micromodule Size Security Access Module NFS Network File System PAN Personal Area Network PED PIN Entry Device PCI Pa...

Page 8: ...PREFACE Conventions and Acronyms 8 V200C REFERENCE GUIDE...

Page 9: ...ssing with a fast internal thermal printer ITP and clear color TFT LCD display Connectivity 2 SAM ports standard size MOD 10 2 in 1 I O port USB port Telco port 56K modem Ethernet Port Performance 600...

Page 10: ...m diameter paper rolls prints at 30 lines per second LPS The triple track high coercivity card reader handles most magnetic stripe cards Countertop Performance in a Hand Over Design The 32 bit process...

Page 11: ...ey Telco style keypad with three color coded keys below the keypad Using these keys you can perform all data entry tasks described in this manual For added convenience the keypad is automatically back...

Page 12: ...the zero number key 0 With the smaller case character selected using the hash key press the asterisk or the zero number key continuously until the desired character is displayed Some of the special ch...

Page 13: ...pressing the Clear key depends on the currently active System mode menu Enter Key In normal mode the Enter key is generally used in the same way as the enter key on a PC that is to end a procedure con...

Page 14: ...USING THE TERMINAL KEYS The Keypad 14 V200C REFERENCE GUIDE...

Page 15: ...wnloads by telephone To perform the subset of tasks that corresponds to a job select the appropriate System mode menu s and execute the corresponding procedure s Local and Remote Operations The System...

Page 16: ...inal s flash an application specific prompt appears The application runs and the unit is in normal mode Entering System Mode With an application loaded use the following procedure to enter System Mode...

Page 17: ...screen displays If the password is not entered correctly the error password was entered incorrectly displays and the login screen will be displayed again Figure 3 System Mode Exiting System Mode Afte...

Page 18: ...hrough a complete System mode operation in the following sequence 1 At the idle System mode screen select an operation using the navigation keys 2 Complete the operation CAUTION Without the password y...

Page 19: ...using the keypad in response to a prompt or message Provides additional explanations or information about the steps of that particular System mode menu A submenu row indicates a specific menu evoked...

Page 20: ...n System Mode User Interface Display Action At startup the unit displays the Vault AppM VFSRED and VFOP information These information appear for three seconds while the device is starting up Please wa...

Page 21: ...gins and enter the system password to login The home screen is displayed after successful login Table 3 Main System Mode User Interface Display Action supervisor level1 level2 maintenance Users Prod I...

Page 22: ...rmation from the main System mode menu and then select the Basic information panel Scroll through the screen using the up and down arrow keys provided at the top portion of the screen The sample scree...

Page 23: ...Information Software To view installed software driver information select Information from the main System mode menu and then select the Software panel Scroll through the screen using the navigation k...

Page 24: ...tion select Information from the main System mode menu and then select the Memory panel The sample screen provided on the left displays the total used and available SDRAM and NAND flash memory Table 4...

Page 25: ...Sample Tamper log screen Table 4 System Mode Submenus continued Display Action Tamper Logs Install Logs NextGen Vault Tamper Log File 6 SBF 06 ENC_SRC_REG FFFFFFFF Status 000000 01 01 5 SBF 06 ENC_SR...

Page 26: ...ain System mode menu and then select the Counter panel Table 4 System Mode Submenus continued Display Action Install Thu Jan 1 00 00 19 1970 999 999 999 Secure Install Thu Jan 1 00 00 19 1970 Adding r...

Page 27: ...rom the main System mode menu and then select the Update panel The following options will be available To transfer files via NFS select NFS To transfer file via the USB memory device select USB Memory...

Page 28: ...view the key status for Master Session DUKPT User VRK VSS Feature Licenses and ADE select Key Status To allow user to expire change and manage passwords select Password Manager This option provides op...

Page 29: ...reader If a card is present when the test is run the first few bytes of the ATR is displayed For manufacturing test purposes only Contactless Reader The card details are read by placing the card over...

Page 30: ...into the unit and then select Printer A test receipt is printed and then the unit displays PRINTER TEST HAS FINISHED SUCCESSFULLY Press enter to go back to the Diagnostics menu To perform a diagnosti...

Page 31: ...log off current user profile from System mode select Exit Home Run Applications To run installed applications select Run Applications A sample screen display is provided here Table 4 System Mode Subme...

Page 32: ...SYSTEM MODE System Mode Menus 32 V200C REFERENCE GUIDE...

Page 33: ...s a security architecture called VeriShield which has both physical and logical components The logical security component of the VeriShield architecture which is part of the unit s operating system so...

Page 34: ...gnized by their filename extensions All digital certificates are generated and managed by the Verifone CA and are distributed on request to terminal clients either internally within Verifone or extern...

Page 35: ...ditional sets of sponsor and signer certificates signer private keys to support multiple sponsors and multiple signers for a specific platform To establish the logical security of applications to down...

Page 36: ...rt card containing a set of certificates and private key b Smart card PIN 4 Verifone CA sends the smart card and smart card PIN to the sponsor 5 The sponsor uses the smart card and smart card PIN as i...

Page 37: ...er certificate and sponsor certificate from the smart card 3 VeriShield uses the extracted data along with the application file to create a signature file p7s 4 VeriShield creates files suitable for d...

Page 38: ...ys a critical role on system and application startup as well as authenticating and installing all components application system and OS VERISHIELD FILE SIGNING TOOL PRE DEPLOYMENT PROCESS DEVELOPMENT P...

Page 39: ...signature as part of the download Otherwise the installation fails To ensure a target file successfully authenticated after a download confirm that all downloaded files are installed If an applicatio...

Page 40: ...nal at manufacture When you take a new device out of its shipping packaging certificate data is already stored in the terminal s certificate tree Typically a sponsor requests an additional set of digi...

Page 41: ...ation development process is being completed and while the new application is being tested on a development device a sponsor can order specific sponsor and signer certificates from the Verifone CA to...

Page 42: ...access the private key on the card ROOT OPERATING SYSTEM APPLICATION PARTITION DEPLO SPO CERTI VALI BY APPLI PART CERTI ROOT DEPLO CERTI VALIDA THE SP CERTI APPLI PART DEVELOPMENT SPONSOR CERTIFICATE...

Page 43: ...le Signing Tool 2 Log in Dual logon is required to sign files 3 Click Sign File and follow the wizard 4 Click Next at the Welcome screen 5 Select Sign Files with new settings and click Next at the set...

Page 44: ...tall packages with FST 3 Combine one or more install packages and package signatures into a bundle 4 The bundle may also contain signer certificates and a remove file to remove previous version of the...

Page 45: ...e SD device Refer to sample screen display in Table 4 Home Update for more information Serial download can also be done without using an onboard application please refer to Downloading without an Onbo...

Page 46: ...wn on Line 1 of the display with nnn showing the number of blocks downloaded Line 2 indicates the percent complete of the download where each asterisk represents 10 DDL Command Line Syntax The format...

Page 47: ...ake all cable connections 2 Launch the DDL application on the host PC 3 Enter System mode using a secure password 4 Select Update panel on the main System mode menu 5 Select Serial panel tab to perfor...

Page 48: ...st be configured and then the transfer starts by selecting Netloader under Transfer File Signing and Signature Files File signing is required File signing is performed with the VeriShield File Signing...

Page 49: ...le downloaded to the terminal File authentication module processes File compression module use messages from the VeriCentre DMM terminal management and download tool Error Messages The following error...

Page 50: ...word exceeded the number of characters set for the user Password must be at least seven characters This error appears when the user failed to enter his password within 60 seconds or within the set tim...

Page 51: ...ssword This error is displayed when the password entered by user did not meet the password requirements KLD new or pending passwords must be at least seven characters Select OK and re enter password T...

Page 52: ...the download update option again This message is displayed once Netloader is selected and System mode is unable to detect connection to the server Select OK to close the error message check cable and...

Page 53: ...elect OK to close the error message and enter new password Key Dump error is displayed when there is no external storage found Select OK to close the error message and ensure that the external storage...

Page 54: ...hen the terminal is in System Mode Table 7 Information Messages Display Action KEYPAD DIAGNOSTICS INFORMATION This screen displays the number of times a key is pressed during a keyboard diagnostics se...

Page 55: ...s valid data For more information about magnetic card error messages refer to the VOS Operating System Programmers Manual VPN DOC00501 Contactless DIAGNOSTICS INFORMATION Sample screen display for con...

Page 56: ...SYSTEM MESSAGES Information Messages 56 V200C REFERENCE GUIDE...

Page 57: ...No connection 6 RXD Receive data 7 NC No connection 8 NC No connection 1 8 Connector PIN Function Description 1 VUSB 5 V USB power 500 mA 2 PORTPWR Port power 11 6 V typ 500 mA 3 NC No connection 4 NC...

Page 58: ...1 Portpwr 9 to12 V DC Port power 11 6 V typ 500 mA 2 NC No connection 3 NC No connection 4 GND Power ground 5 RXD Receive data 6 TXD Transmit data 7 NC No connection 8 NC No connection 1 8 NOTE This R...

Page 59: ...ENCE GUIDE 59 USB Mini B Pinout Connector PIN Function Description 1 5 V 0 5 V USB Power 2 DATA USB Device Signal 3 DATA USB Device Signal 4 5 GND USB Ground Receptacle Plug 1 5 1 5 NOTE This USB Mini...

Page 60: ...PORT PINOUTS V200c Port Pinout Definitions 60 V200C REFERENCE GUIDE...

Page 61: ...9 i 10 0A LF 42 2A 74 4A J 106 6A j 11 0B VT 43 2B 75 4B K 107 6B k 12 0C FF 44 2C 76 4C L 108 6C l 13 0D CR 45 2D 77 4D M 109 6D m 14 0E SO 46 2E 78 4E N 110 6E n 15 0F SI 47 2F 79 4F O 111 6F o 16 1...

Page 62: ...ASCII TABLE The ASCII Table 62 V200C REFERENCE GUIDE...

Page 63: ...ial up line requires that one party dial the other party before a connection can be made File authentication A process through which one proves and verifies the origin of a file the identity of the se...

Page 64: ...direction The user must hold the card so that the magnetic stripe is faces in and towards the keyboard Track 1 2 or 3 data Information stored on tracks 1 2 or 3 of a debit or credit card magnetic stri...

Page 65: ...GLOSSARY V200C REFERENCE GUIDE 65...

Page 66: ...V200c Reference Guide Verifone Part Number DOC420 004 EN B Revision B Verifone Inc 1 800 VERIFONE www verifone com...

Reviews:

No comments

Brands by name

0 1 2 3 4 5 6 7 8 9 A B C D E F G H I J K L M N O P Q R S T U V W X Y Z

Popular brands

Load more brands