Vx810 Reference Guide VeriFone Part Number 24964, Revision A
VX810 Reference Guide © 2008 VeriFone, Inc. All rights reserved. No part of the contents of this document may be reproduced or transmitted in any form without the written permission of VeriFone, Inc. The information contained in this document is subject to change without notice. Although VeriFone has attempted to ensure the accuracy of the contents of this document, this document may include errors or omissions.
CONTENTS PREFACE . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7 Audience. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Organization . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Related Documentation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Conventions and Acronyms . . . . . . . . . . . . . . . . . . . . .
C ONTENTS CHAPTER 4 System Mode When to Use System Mode . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 31 Local and Remote Operations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Verifying Device Status . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Entering System Mode . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . File Groups . . . . . . . . . . . . . . . . . . .
C ONTENTS File Authentication Requirements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 99 Required Certificates and Signature Files . . . . . . . . . . . . . . . . . . . . . . . . . . 99 The File Authentication Process During an Application Download . . . . . . . 100 File Group Permissions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 102 Download an Operating System Update Provided by VeriFone . . . . . . . . .
C ONTENTS CHAPTER 8 Care and Additional Safety Information . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 132 Maintenance Power Adapter . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 132 Potentially Explosive Environments . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 132 CHAPTER 9 Service and Support Product Returns . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
PREFACE This guide is your primary source of information for setting up and installing the Vx810. Audience This document has two primary audiences, but is useful for anyone installing and configuring the Vx810: • Deployment Administrators who prepare multiple devices for deployment to customers, configuring the devices with applications, network configurations, phone numbers, and security.
P REFACE Related Documentation Chapter 9, Service and Support. Provides information on contacting your local VeriFone representative or service provider, and information on how to order accessories or documentation from VeriFone. Chapter 10, Troubleshooting Guidelines. Provides troubleshooting guidelines, should you encounter a problem in installation and configuration. This guide also contains appendices for System Messages, Port Pinouts, ASCII Table, and a Glossary.
P REFACE Conventions and Acronyms Acronyms The following table lists various acronyms used throughout this guide in place of the full definition.
P REFACE Conventions and Acronyms 10 VX810 REFERENCE GUIDE
CHAPTER 1 Vx810 Overview This chapter provides a brief description of the Vx810. The Vx810 is a customerfacing premium PIN pad brought about by VeriFone’s innovative Purpose Inspired Design program which focuses on real-world usage. Apart from its sleek, compact, and functional design, the Vx810 features a tripletrack, high coercivity magnetic stripe reader (MSR) and a Smart Card reader, both built and proven to perform consistently, even under the heaviest volumes.
V X 810 O VERVIEW Features and Benefits Features and Acclaimed Vx Solutions Reliability and Security Guarantees Extra Benefits Protection • Runs on Verix-based platform, proven in millions of VeriFone Vx Solutions installed worldwide. • Has exceptionally reliable magnetic stripe and smart card readers to reduce read errors. • Is PCI-PED approved for secure, reliable PIN entry on debit transactions. • Has received EMV Level 1 and 2 Type Approval for smart card transactions.
V X 810 O VERVIEW Features and Benefits Ultra Sleek PIN Pad Puts Everything at Your Customer’s Fingertips • Ergonomic shape and silver casing holds high consumer appeal. • Offers 128 x 128, high-resolution display with white backlighting for enhanced readability and branding opportunities. • MAXui design provides a large keypad and screen without wasted space. • Programmable function keys and on-screen prompts add to the Vx810’s outstanding usability.
V X 810 O VERVIEW Features and Benefits 14 VX810 REFERENCE GUIDE
CHAPTER 2 Using the Vx810 Keys Before proceeding to other tasks, familiarize yourself with the operational features of the Vx810 keypad. This section describes how to use the Vx810 keypad, which consists of four ATMstyle function keys (F1 to F4), four programmable function keys (PF1 to PF4), an ALPHA key, a main keypad (0 to 9, *, and #), and three command keys (CANCEL, CLEAR, and ENTER). Using these keys, you can perform all data-entry tasks described in this manual.
U SING THE V X 810 K EYS Data Entry Modes Data Entry Modes Before you can enter data in the form of ASCII characters, the Vx810 must be in a mode that accepts keyed data entry. There are two operating modes: • Normal mode: This is the operating mode where an application is present and currently running. • System mode: This is a special, password-controlled operating mode for performing a variety of test and configuration procedures that cannot be performed when an application is running.
U SING THE V X 810 K EYS Data Entry Modes Main Keypad The main keypad consists of the keys 0 to 9, *, and #. You can enter up to 50 ASCII characters, including the letters A–Z, the numerals 0–9, and special characters such as: (*), (,), (‘), (“), (-), (.), (#), (%), (:), (!), (+), (@), (=), (&), (space), (;), ($), (_), (\), and (/). For more information, see ASCII Table.
U SING THE V X 810 K EYS Data Entry Modes The following table lists all the ASCII characters you can type using the ALPHA key and the main keypad. Table 4 Key to Press Without Pressing ALPHA Press ALPHA One Time Press ALPHA Two Times Press ALPHA Three Times 1 QZ. 1 Q Z . 2 ABC 2 A B C 3 DEF 3 D E F 4 GHI 4 G H I 5 JKL 5 J K L 6 MNO 6 M N O 7 PRS 7 P R S 8 TUV 8 T U V 9 WXY 9 W X Y 0 -SP 0 – [space] + * ,’" * , ’ " #a # ! : ; a.
U SING THE V X 810 K EYS Data Entry Modes Command Keys The following are the command keys of the Vx810: CANCEL Key Pressing the CANCEL key in normal mode – when an application is loaded and running – terminates the current function or operation. In system mode, use CANCEL to perform a variety of functions. The most common use of CANCEL in system mode is to exit a system mode submenu and return to the main system mode menu.
U SING THE V X 810 K EYS Data Entry Modes Sound The Vx810 supports only monophonic sound capabilities. The keys produce a beeping sound when pressed. NOTE 20 VX810 REFERENCE GUIDE The OS does not contain any pre-defined tunes. This feature is handled entirely by an application. The OS merely provides an API.
CHAPTER 3 Setup This chapter describes the setup procedure for Vx810, in the following sections: Selecting Location • Selecting Location • Unpacking the Shipping Carton • Examining the Vx810 Features • Cable Connections • Using the Primary Smart Card Reader • Using the Magnetic Stripe Card Reader Use the following guidelines to select a location for the Vx810. Ease of Use • Select a location convenient for both merchant and cardholder.
S ETUP Unpacking the Shipping Carton Electrical • Considerations • • Unpacking the Shipping Carton Avoid using this product during electrical storms. Avoid locations near electrical appliances or other devices that cause excessive voltage fluctuations or emit electrical noise (for example, air conditioners, electric motors, neon signs, high-frequency or magnetic security devices, or computer equipment). Do not use the device near water or in moist conditions.
S ETUP Examining the V x 810 Features Examining the Vx810 Features Before you continue the installation process, examine the features of the Vx810. Figure 3 Vx810 Features The Vx810 has the following features: • A display. • Five types of keys: • Four ATM-style function keys (F1 to F4). • Four programmable function keys (PF1 to PF4). • ALPHA key used for entering text. • Main keypad (0 to 9, *, and #). • Three color-coded command keys (CANCEL = Red; CLEAR = Yellow; and ENTER = Green).
S ETUP Installing/Replacing MSAM Cards • A SAM (Security Access Module) compartment, built into the back side of the device. The Vx810 can have up to 3 Micromodule-size SAM (MSAM) cardholders to support multiple stored-value card programs or other merchant card requirements. NOTE Installing/ Replacing MSAM Cards CAUTION VeriFone ships variants of the Vx810 for different markets. Your device may have a different configuration.
S ETUP Installing/Replacing MSAM Cards 3 Remove the locking screw from the MSAM card compartment door, and then open the MSAM card compartment door. Figure 4 Removing the MSAM Compartment Door 4 Remove any previously installed MSAM card by sliding the card out. 5 Install an MSAM card by sliding it into the numbered slots. The MSAM card has a notch on one corner to ensure correct positioning of the MSAM card when inserted. The correct card position is also indicated on the MSAM card slot.
S ETUP Options Options VeriFone ships variants of the Vx810 for different markets. Your device may have a different configuration. Additionally, these variants can be ordered with different options. Privacy Shield Example of an installed privacy shield.
S ETUP Cable Connections RS-232 Connection A special dongle cable is used, where one end of the cable plugs into the Vx810 with External Power while the other end terminates to a female DB-9 connector housing (which is used Brick to connect to an RS-232 serial port). On the housing, a DC jack is provided to connect to an external power brick. This is the generic cable for all RS-232-based hosts.
S ETUP Cable Connections USB Download This cable option comes with a junction box that provides a mini-style Type B USB Support with socket for connecting to the USB-based host and a DC jack for external power External Power connection. Brick In addition, a Type A USB socket is provided on the junction box to support application download via a USB flash drive. Figure 11 NOTE USB with Download Support The Vx810 only supports download functions from a USB flash drive.
S ETUP Power Supply Ethernet Connection with External Power Brick This cable option has a junction box that provides a standard RJ-45 LAN socket and a DC jack. However, since most hosts do not support peer-to-peer LAN connection to a PIN pad, an additional RJ-45 socket is provided on the junction box to allow a direct connection between Vx810 and the host.
S ETUP Using the Primary Smart Card Reader Using the Primary Smart Card Reader The smart card transaction procedure can vary depending on the application. Verify the proper procedure with your application provider before performing a smart card transaction. To conduct a smart card transaction: 1 Position a smart card with the gold contacts facing upward. 2 Insert it into the smart card reader slot in a smooth, continuous motion until it seats firmly.
CHAPTER 4 System Mode This chapter describes a category of VFI device functions called system mode operations. • Press F2 and F4 at the same time and enter the password to invoke system mode. See Entering System Mode. • Assign files and applications to groups for access control. See File Groups. • Use the system and file group passwords to secure applications and information on the Vx810. See Passwords.
S YSTEM M ODE Local and Remote Operations Local and The system mode operations available on a Vx810 can be divided into the Remote following two categories or types: Operations • Local operations address a stand-alone device and do not require communication or data transfers between the device and a host computer or another VFI device. Perform local system mode operations to configure, test, and display information about the device.
S YSTEM M ODE File Groups File Groups The Vx810 operating system implements a file system in non-volatile, batterybacked SRAM, and in non-volatile flash ROM memory. Files are assigned to one of 15 groups for access control. Each group has a separate CONFIG.SYS file, and each group is protected by a separate password. Groups are referred to as Group n or GIDn throughout this manual. The following rules apply to the Vx810 file group system: • The primary application must be downloaded onto Group 1.
S YSTEM M ODE Passwords System Mode The default, factory-set password for System Mode is “Z66831.” Use the following Password key sequence to enter this password: 1 ALPHA ALPHA 6 6 8 3 1 then press ENTER File Group The default, factory-set password for file group 1 (GID1) is also “Z66831.” For file Passwords groups 2-15 (GID2-GID15), password is by default. Password The OS supports two methods by which passwords can be changed.
S YSTEM M ODE Passwords Manual Password Change A user can change the System Mode password or any GID password from the Passwords submenu in System Mode. The user must choose a password at least five characters long and no more than ten characters long.
S YSTEM M ODE Passwords For operations which do not require a password, the OS will continue to operate normally and any applications loaded on the device will be unaffected. CAUTION It is possible for a download server to change a password to one which can not be entered on the Vx810 keypad. In this case, the device could be rendered unusable, depending on which password is changed and the specific configuration of the device. NOTE Some application downloads can automatically reset the system password.
S YSTEM M ODE System Mode Menus System Mode Menus The Vx810 has 3 system mode menus. Table 5 System Mode Menus SYS MODE MENU 1 SYS MODE MENU 2 SYS MODE MENU 3 EDIT PARAMETERS F2 DOWNLOAD F3 MEMORY FUNCTIONS F2 CONTRAST F2 TERMINAL INFO F3 PASSWORDS F3 RESTART F4 CLOCK F4 IPP KEY LOAD F4 On successful entry of the system password, SYS MODE MENU 1 appears. To return to a previous menu, press the PF1 key (below the up arrow). To go to the next menu, press the PF2 key (below the down arrow).
S YSTEM M ODE System Mode Menus The Display column indicates what appears on the display screen at each step of the procedure. Please note the following conventions used in this column: • If a prompt or message appears on the screen exactly as it is described, it is shown in Arial bold font and ALL CAPS. For example, DOWNLOAD NEEDED. • If text is enclosed in parentheses, the actual text or message may vary depending on the application installed.
S YSTEM M ODE System Mode Menus Entering System The following describes how to enter system mode after you have turned on the Mode Vx810. NOTE On successful completion, some operations automatically exit system mode and restart the device. Other operations require that you exit system mode and restart the device. To manually exit system mode, select RESTART (F4) in SYS MODE MENU 1.
S YSTEM M ODE System Mode Menus Table 7 Entering System Mode (continued) Display Action SYSTEM MODE ENTRY PASSWORD __________ If an application prompt appeared and you chose to enter system mode, you are prompted to type the system password. If DOWNLOAD NEEDED appeared, use the default password “Z66831.” This password is entered as: 1 ALPHA ALPHA 6 6 8 3 1, then press ENTER. If you enter an incorrect password, the device exits the SYSTEM MODE ENTRY screen. Verify your password and re-enter it.
S YSTEM M ODE System Mode Menus Menu 1 In this menu you can edit system parameters, perform downloads, and restart the device. Table 8 System Mode Menu 1 Display Action SYS MODE MENU 1 To edit system parameters, select EDIT PARAMETERS EDIT PARAMETERS F2 DOWNLOAD F3 RESTART F4 ª (F2) To download an application to your device, select DOWNLOAD (F3). To restart the device, select RESTART (F4). To go to the next system mode menu, press PF2 or ENTER.
S YSTEM M ODE System Mode Menus Table 8 System Mode Menu 1 (continued) Display Action GID 1: NOT EMPTY Do one of the following: NEW (F1) PARAMETER: ¹GO _ _ _ _ _ _ _ _ _ FIND (F2) VALUE: F : VX81 . OUT EDIT (F3) CLEAR (F4) © • To create a new parameter, select NEW (F1). Enter a name for the parameter, then press ENTER. Enter a value for the parameter, then press ENTER. • To look for an existing parameter, select FIND (F2). Type the name of the parameter, then press ENTER.
S YSTEM M ODE System Mode Menus Table 8 System Mode Menu 1 (continued) Display Action SYS MODE DOWNLOAD Gnn FULL F3 PARTIAL F4 SYS MODE DOWNLOAD Gnn For a full download, select FULL (F3). For a partial download, select PARTIAL (F4). To return to SYS MODE MENU 1, press the PF1 key. Select the download source, COM 2 (F3). COM2 F3 SYS MODE DOWNLOAD Gnn UNIT RECEIVE MODE The device is ready to receive a download from the selected source.
S YSTEM M ODE System Mode Menus Menu 2 In this menu, you can perform memory functions, view device configuration information, or set the device clock. Edit Keyed Files A keyed file is a collection of individual records that contain ASCII data and are identified by unique search keys. You can edit the ASCII data directly from the keypad using the device’s built-in keyed file editor. Each record has two parts: a key name and a key value.
S YSTEM M ODE System Mode Menus Table 9 System Mode Menu 2 Display Action SYS MODE MENU 2 MEMORY FUNCTIONS F2 To perform memory functions, select MEMORY TERMINAL INFO F3 CLOCK F4 © ª FUNCTIONS (F2). To view device configuration information, select TERMINAL INFO (F3). To set the device clock, select CLOCK (F4). To go to the previous system mode menu, press PF1. To go to the next system mode menu, press PF2 or ENTER.
S YSTEM M ODE System Mode Menus Table 9 System Mode Menu 2 (continued) Display Action MEMORY FUNCTIONS X DIRECTORIES SYS MODE MENU 2 MEMORY FUNCTIONS F2 TERMINAL INFO F3 To perform memory functions, select MEMORY FUNCTIONS (F2). To abort any action at any step, press CANCEL. CLOCK F4 © ª SYS MODE MEM FUNCS RAM: 2048 FLASH: 4096 USAGE F2 This screen shows the amount of installed SRAM and flash ROM memory. To view directory information, select DIRECTORIES (F3).
S YSTEM M ODE System Mode Menus Table 9 System Mode Menu 2 (continued) Display Action SYS MODE MEMORY To continue, enter the required password. If you enter an incorrect password, the following message appears: GROUP nn PASSWORD __________ SYS MODE PASSWORD Gnn PLEASE TRY AGAIN Press ENTER to try again. Re-enter your password. SYS MODE MEMORY CLEAR CONFIG . SYS F2 CLEAR Gnn FILES F3 CLEAR ALL GROUPS F4 SYS MODE MEMORY CLEAR ALL F2 KEEP PROTECTED VARIABLES F3 To clear the CONFIG.
S YSTEM M ODE System Mode Menus Table 9 System Mode Menu 2 (continued) Display Action SYS MODE TERM INFO SERNO 303-000-040 Selecting SYSTEM INFO (F2) shows the following information: 12000000 • Device Serial Number (9-character, numeric code) PTID PART M28150302DMO REV 1 OS VER QG000829 ª • Permanent Device ID Number (8-character, numeric code) • Device Part Number (12-character alphanumeric code) • Hardware Revision Number (2-character numeric code) • System OS Version (8-character alph
S YSTEM M ODE System Mode Menus Table 9 System Mode Menu 2 (continued) Display Action TERMINAL INFO X DIAGS AND LOGS SYS MODE MENU 2 MEMORY FUNCTIONS F2 To view device configuration information, select TERMINAL INFO (F3). TERMINAL INFO F3 To abort any action at any step, press CANCEL. CLOCK F4 © ª SYS MODE MENU SYSTEM INFO F2 To perform system diagnostic tests and view log information, select DIAGS AND LOGS (F3).
S YSTEM M ODE System Mode Menus Table 9 System Mode Menu 2 (continued) Display Action TERMINAL INFO X DIAGS AND LOGS X SMART CARD DIAG SYS MODE MENU 2 MEMORY FUNCTIONS F2 To view device configuration information, select TERMINAL INFO (F3). TERMINAL INFO F3 To abort any action at any step, press CANCEL. CLOCK F4 © ª SYS MODE MENU SYSTEM INFO F2 To perform system diagnostic tests and view log information, select DIAGS AND LOGS (F3).
S YSTEM M ODE System Mode Menus Table 9 System Mode Menu 2 (continued) Display Action SAM 1 POWER UP: PASSED GET ATR: PASSED SAM 2 POWER UP: FAILED This is the screen that is displayed when an inserted SAM card is successfully tested. This is the screen that is displayed when there is no inserted SAM card in the slot being tested. TERMINAL INFO X DIAGS AND LOGS X KEYBOARD DIAG SYS MODE MENU 2 MEMORY FUNCTIONS F2 To view device configuration information, select TERMINAL INFO (F3).
S YSTEM M ODE System Mode Menus Table 9 System Mode Menu 2 (continued) Display Action SYS MODE DIAGS SMART CARD DIAG F2 KEYBOARD DIAG F3 MAG CARD DIAG F4 To run a test on the keypad, select KEYBOARD DIAG (F3). Pressing a key on the device, will return a corresponding keycode. These are listed as follows: ª SYS MODE KBD TEST KEYCODE 00 TERMINAL INFO X DIAGS AND LOGS X MAG CARD DIAG SYS MODE MENU 2 MEMORY FUNCTIONS F2 To view device configuration information, select TERMINAL INFO (F3).
S YSTEM M ODE System Mode Menus Table 9 System Mode Menu 2 (continued) Display Action SYS MODE When you swipe a magnetic stripe card through the MSR slot, a successful read would indicate VALID DATA for each track. TRK 1: VALID DATA TRK 2: VALID DATA TRK 3: VALID DATA An unsuccessful read may indicate any one of the following: • NO START • PARITY ERR TERMINAL INFO X DIAGS AND LOGS X SCREEN DIAG SYS MODE MENU 2 MEMORY FUNCTIONS F2 To view device configuration information, select TERMINAL INFO (F3).
S YSTEM M ODE System Mode Menus Table 9 System Mode Menu 2 (continued) Display Action TERMINAL INFO X DIAGS AND LOGS X IPP DIAG SYS MODE MENU 2 MEMORY FUNCTIONS F2 To view device configuration information, select TERMINAL INFO (F3). TERMINAL INFO F3 To abort any action at any step, press CANCEL. CLOCK F4 © ª SYS MODE MENU SYSTEM INFO F2 To perform system diagnostic tests and view log information, select DIAGS AND LOGS (F3).
S YSTEM M ODE System Mode Menus Table 9 System Mode Menu 2 (continued) Display Action SYS MODE DIAGS To perform remote diagnostic tests, select REMOTE REMOTE DIAGS F2 DEBUGGER F3 © ª DIAGS (F2). This option is reserved for VeriFone use only, and requires the loading of a Device Management Agent. TERMINAL INFO X DIAGS AND LOGS X DEBUGGER SYS MODE MENU 2 MEMORY FUNCTIONS F2 To view device configuration information, select TERMINAL INFO (F3).
S YSTEM M ODE System Mode Menus Table 9 System Mode Menu 2 (continued) Display Action TERMINAL INFO X DIAGS AND LOGS X ERROR LOG SYS MODE MENU 2 MEMORY FUNCTIONS F2 To view device configuration information, select TERMINAL INFO (F3). TERMINAL INFO F3 To abort any action at any step, press CANCEL. CLOCK F4 © ª SYS MODE MENU SYSTEM INFO F2 To perform system diagnostic tests and view log information, select DIAGS AND LOGS (F3).
S YSTEM M ODE System Mode Menus Table 9 System Mode Menu 2 (continued) Display Action This first screen displays the following: • TYPE (Error Type), where the error type code is: 1 = Data abort: attempt to access data at an invalid address 2 = Program abort: attempt to execute code at an invalid address 3 = Undefined abort: attempt to execute an illegal instruction • TASK (Task Number): indicates type of task that was currently executed: 1 = Data abort: attempt to access data at an invalid address 2 =
S YSTEM M ODE System Mode Menus Table 9 System Mode Menu 2 (continued) Display Action SYS MODE DIAGS To view the tamper logs, select TAMPER LOG (F3). ERROR LOG F2 TAMPER LOG F3 © TAMPER LOG 18-OCT-05 23:10 TAMPER CODE 0 00 04 10-OCT-05 12:05 TAMPER CLEAR The Tamper Log screen displays a list of possible tamper events. The list is sorted from the most current tamper event to the oldest event. The date is displayed in DD-MON-YY format, while the time is displayed as a 24-hour clock.
S YSTEM M ODE System Mode Menus Table 9 System Mode Menu 2 (continued) Display Action SYS MODE DATE Selecting EDIT DATE (F3), will prompt you to enter new date values. Enter the new date in MM/DD/YY format, then press ENTER. CURRENT DATE: 06 / 15 / 07 NEW DATE: __/__/__ SYS MODE CLOCK TIME AND DATE After adjusting the time or date, the new time and date setting is displayed.
S YSTEM M ODE System Mode Menus Menu 3 In this menu you can adjust screen contrast, change passwords, or perform IPP key loading. Table 10 System Mode Menu 3 Display Action SYS MODE MENU 3 CONTRAST F2 To adjust screen contrast, select CONTRAST (F2). PASSWORDS F3 IPP KEY LOAD F4 © To change passwords, select PASSWORDS (F3). To perform IPP key loading, select IPP KEY LOAD (F4). To go to the previous system mode menu, press PF1. To go to the next system mode menu, press PF2 or ENTER.
S YSTEM M ODE System Mode Menus Table 10 System Mode Menu 3 (continued) Display Action SYS MODE PASSWORD FILE GROUP nn F2 To change the password for a file group, type the Group ID (valid values are 1 to 15) of the group whose password you want to change. Then select FILE GROUP nn (F2). SYS MODE ENTRY F3 To change the password for System Mode Entry, select SYS MODE ENTRY (F3). To continue, enter the required password. SYS MODE PASSWORD GROUP nn PASSWORD The default group password is “Z66831.
S YSTEM M ODE System Mode Menus Table 10 System Mode Menu 3 (continued) Display Action SYS MODE PASSWORD GROUP nn PASSWORD To continue, enter the required password. __________ SYS MODE PASSWORD Gnn PLEASE TRY AGAIN The default group password is “Z66831.” This is entered as: 1 ALPHA ALPHA 6 6 8 3 1, then press ENTER. This message appears if you enter an incorrect password. Press ENTER to try again. Re-enter your password.
CHAPTER 5 File Authentication This chapter discusses the VeriShield file authentication security architecture, VeriShield file authentication module, and the organizational infrastructure that supports it (see Introduction to File Authentication).
F ILE A UTHENTICATION Introduction to File Authentication Special Files Used The following specially formatted files support the file authentication process: in the File • A digital certificate is a digital public document used to verify the signature of Authentication a file. Process • A digital signature is a piece of information based on both the file and the signer’s private cryptographic key. The file sender digitally signs the file using a private key.
F ILE A UTHENTICATION Introduction to File Authentication Certificates Contain Keys That Authenticate Signature Files • A sponsor certificate certifies a client’s sponsorship of the device. It does not, however, convey the right to sign and authenticate files. To add flexibility to the business relationships that are logically secured under the file authentication process, a second type of certificate is usually required to sign files.
F ILE A UTHENTICATION Introduction to File Authentication How File File authentication consists of three basic processes: Authentication 1 Development: The VeriShield File Signing Tool creates a signature file for Works each application file to authenticate. 2 Pre-deployment: An optimal certificate structure is determined, and the necessary certificates and keys are created.
F ILE A UTHENTICATION Introduction to File Authentication The following diagram describes the development process. Figure 17 The Development Process Pre-Deployment Process In this process: 1 A sponsor goes to the VeriFone CA Web site and requests certificates for deployment devices. 2 Based on information provided by the sponsor through the VeriFone CA Web site, the VeriFone CA determines the required certificate structure.
F ILE A UTHENTICATION Introduction to File Authentication The following diagram describes the pre-deployment process. Figure 18 The Pre-Deployment Process Deployment Process In this process: 1 The sponsor provides the application file (from the development process), the smart card, and smart card PIN (from the pre-deployment process) as inputs to VeriShield. 2 VeriShield extracts the signer key, signer certificate, and sponsor certificate from the smart card.
F ILE A UTHENTICATION Introduction to File Authentication c If a matching application file is found, the operating system compares the signature file’s signature against the values stored in the application file’s calculated signature. d If these values match, the operating system marks the application file “authenticated” and allows it to run.
F ILE A UTHENTICATION Introduction to File Authentication Planning for File File authentication is an integral part of every Vx810 device. To safeguard the Authentication device’s logical security, the file authentication module requires that any executable code file must be successfully authenticated before the operating system allows it to execute on the device.
F ILE A UTHENTICATION Introduction to File Authentication It is not mandatory to always download a signature file and its target application file at the same time. For example, you can download the corresponding signature file in a separate operation.
F ILE A UTHENTICATION Introduction to File Authentication For non-executable files, it is the application that will confirm that all of the files it uses is successfully authenticated on download completion, and when the application executes the first time following a restart. Each successfully authenticated file is also write-protected. That is, the file’s read-only attribute is set.
F ILE A UTHENTICATION Introduction to File Authentication A development set of higher-level certificates is downloaded onto each Vx810 device upon manufacture. When you take a new Vx810 device out of its shipping carton, certificate data is already stored in the device’s certificate tree. In this just-out-of-the-box condition, the Vx810 is called a development device. Typically, a sponsor requests an additional set of digital certificates from the VeriFone CA to establish sponsor and signer privileges.
F ILE A UTHENTICATION Introduction to File Authentication Development Devices A development device is a Vx810 still maintaining the original factory set of certificates in its certificate tree. This set of certificates includes several higherlevel system certificates and a special client certificate called a default signer certificate.
F ILE A UTHENTICATION Introduction to File Authentication Ultimately, it is the sponsor’s decision how to implement the logical security provided by file authentication on a field-deployed device. Additional certificates can be obtained from the VeriFone CA anytime to implement new sponsor and signer relationships in deployment devices. VeriShield allows for multiple sponsors and signing certificates in a device. This allows the flexibility of unique signatures for each executable or data files.
F ILE A UTHENTICATION Introduction to File Authentication Required Inputs to the File Signing Process The required inputs to the file signing process are somewhat different for development devices than deployment devices. Table 13 Differences Between Required Inputs Development Device Deployment Devices Manufacturing inputs to the file signing process are included, together with the VeriShield File Signing Tool in the Vx810 SDK.
F ILE A UTHENTICATION File Authentication and the File System Replace a Sponsor Certificate A sponsor may need to clear the current sponsor certificate from a device so that a new sponsor can load certificates and applications. To do this, the original sponsor must order a Clear Smart Card from the VeriFone CA. The Clear Smart Card is specific to the requesting sponsor.
F ILE A UTHENTICATION File Authentication and the File System This system of partitions and sub-partitions makes it possible to store multiple applications into a device’s memory and prevent these applications from overlapping or interfering with each other’s operation. There are a total of 16 file groups. Group 0 is the name of the operating system partition. Group 1 is reserved for the main application. Groups 2–14 are available for related executable files or secondary applications.
F ILE A UTHENTICATION File Authentication and the File System • An application stored in Groups 2–15 can only access files stored in its own file group and in Group 15. For example, an application authorized by the sponsor to be authenticated in Group 4 can only access files and libraries stored in Group 4 and Group 15. • If multiple applications (main and secondary) are to run on the same device, each .OUT and shared library file must have its own matching signature file.
F ILE A UTHENTICATION File Authentication and the File System If the signature file authenticates its target file and the *FA variable is present in the config.sys file of the target file group and is set to 0, the signature file is erased when its target file is authenticated. NOTE Normally signature files are retained in the device even after being used to authenticate executable (code) or data files. This is to facilitate back-to-back downloads, as described in Chapter 6.
F ILE A UTHENTICATION VeriShield File Signing Tool VeriShield File Signing Tool To generate the signature files required for file authentication, you must sign all executable files and other files to be logically protected using the VeriShield File Signing Tool. This section discusses the use of this tool, which is included in the Vx810 Verix V DTK. The VeriShield File Signing Tool generates a formatted file called a signature file, recognized by the filename extension *.p7s.
F ILE A UTHENTICATION VeriShield File Signing Tool The following image shows the FileSign dialog box. Figure 23 NOTE FileSign Dialog Box If the entry of a signer password is a required input, a secondary dialog box is displayed to enter and confirm the password. Please also note that a signer password is required for a deployment device, but not for a development device.
F ILE A UTHENTICATION VeriShield File Signing Tool Table 15 Command-Line Mode Switches for VeriShield File Signing Toola Switch Description Requirements -F, -f Name of the application file to sign (*.out, *.lib, or other file type). Required for development devices and for deployment devices. -S, -s Name of the signature file (*.p7s) for the VeriShield File Signing Tool to generate for the target application file. Required for development devices and for deployment devices.
F ILE A UTHENTICATION VeriShield File Signing Tool Command-Line In the following VeriShield File Signing Tool command-line entry example, note Mode Syntax that the syntax used applies to a Vx810 development device with the factory set of Example certificates, and not to a deployment device.
VeriShield File Signing Tool • Press ALT+F or click the [...] button to the right of the File to be signed field to locate and select the application file (*.out, *.lib, or other) to sign. If necessary, the filename can also be modified. To store the file in flash ROM memory upon download to the device, check the Stored in Flash check box. This adds the F: prefix to the target file name. • Press ALT+S or click the [...
VeriShield File Signing Tool 86 VX810 REFERENCE GUIDE
CHAPTER 6 Performing Downloads This chapter contains information and procedures to allow you to perform the various types of data transfers required to: • Develop applications for the Vx810. • Prepare the Vx810 for deployment. • Maintain Vx810 installations in the field. • Transfer data to/from Vx810 devices. In this chapter, information pertaining to file authentication is only discussed in the context of procedures while performing file downloads.
P ERFORMING D OWNLOADS Download Tools • NOTE USB downloads: Files and data are transferred from a USB-connected drive. The device searches for the VeriFone.zip file on the drive and downloads data from it. The device will automatically download the file VeriFone.zip from a USB flash drive without the user having to go through System Mode under the following conditions: • The USB flash drive is connected before the device is turned on.
P ERFORMING D OWNLOADS Download Content • DDL.EXE: Downloads files and data from a development system or another host computer, directly to a Vx810 over a serial cable connection. DDL.EXE is a Windows program included in the Verix V DTK (Verix V Developer’s Toolkit). NOTE Download Content No special software tool or utility is required to perform back-to-back application downloads. Only a serial cable connected between the two devices is required.
P ERFORMING D OWNLOADS Full and Partial Downloads Full and Partial Downloads When preparing to initiate a download procedure, choose either a full or partial download and the COM 2 port, through the system mode menu options (refer to Chapter 4). Depending on the type of files you are downloading and the download method you are using, there are some restrictions on whether a full or partial download is permitted.
P ERFORMING D OWNLOADS Full and Partial Downloads Table 16 Download Type Full operating system download Types of Full and Partial Downloads (continued) Download Methods Supported Description and Effects An entire OS version transfers from a host PC to the Vx810. Files related to file authentication and device configuration settings can be included in a full OS download. During this process, SRAM is cleared. • Direct downloads Note: Full back-to- back OS downloads are not supported.
P ERFORMING D OWNLOADS Support for Multiple Applications • Partial OS downloads are performed mainly by VeriFone for development purposes and are rarely performed in the field. • Partial downloads are routinely performed by many applications. This procedure, which can be automated by an application running on a remote host computer, permits the host application to update data files and device configuration settings in a Vx810 and return control to the main application.
P ERFORMING D OWNLOADS Use of SRAM and Flash ROM Memory The Main The main application stored in GID1 is the controlling application for the device. Application is Any function call that invokes a related program or a secondary application stored Always Stored in in GIDs 2–14 must be initiated by the GID1 application. GID1 An application stored in a file group other than GID1 is limited in that it can only access executables and files stored in its own file group and in GID15.
P ERFORMING D OWNLOADS Use of SRAM and Flash ROM Memory In a typical download procedure, all files are loaded onto the SRAM file system of the target group selected in system mode. Specific files included in the download package must be redirected, as necessary, to the flash ROM file system of the target group or to the SRAM or flash ROM file system of another file group. To redirect files during a download procedure, see the following sections.
P ERFORMING D OWNLOADS Use of SRAM and Flash ROM Memory To redirect a file from the SRAM of the target group to the flash ROM memory of the same file group, insert the zero-length SETDRIVE.F file into the batch of application files to download. All files that follow the SETDRIVE.F file in the download list automatically load into the flash ROM memory (F:) of the target group. If you do not insert a SETDRIVE.
P ERFORMING D OWNLOADS Use of SRAM and Flash ROM Memory Redirecting Files to GID1 is the default system mode setting for performing downloads. Using the Other File Groups system mode menu options, you can select another file group (GID 2–15) as the target group for the application download. If you select another group, files download directly into the SRAM of that file group.
P ERFORMING D OWNLOADS Use of SRAM and Flash ROM Memory If FOO.OUT is authenticated, the GID1 application, FOO.OUT, executes as specified by the *GO variable when the device restarts following successful file authentication. The function library stored in GID15 can be shared by both applications, as both Group 1 and Group 2 applications can access Group 15. FOO.OUT FOO.P7S *GO=FOO.OUT SETGROUP.2 GOO.OUT GOO.P7S SETGROUP.15 COMN.LIB COMN.P7S NOTE You can only use zero-length SETGROUP.
P ERFORMING D OWNLOADS Use of SRAM and Flash ROM Memory File Redirection in When performing an operating system download, you must download the OS files Operating System into Group 1 SRAM and not into flash ROM memory or into another file group. Downloads OS files are downloaded onto Group 1 SRAM because it is not possible to download these files directly into Group 0. OS files are redirected to Group 0 depending on if you perform a full or partial download.
P ERFORMING D OWNLOADS File Authentication Requirements File Authentication Requirements Chapter 5 provided a general introduction to the file authentication process. Now we become more task-oriented and see how the file authentication process affects how to perform the various download procedures.
P ERFORMING D OWNLOADS File Authentication Requirements The File In the following example of a typical file authentication process, it is assumed that: Authentication x Process During an • An application is being downloaded to prepare a V 810 deployment device for deployment. That is, a sponsor certificate and a signer certificate are Application downloaded in batch mode to GID1 SRAM of the receiving device, together Download with the application to authenticate.
P ERFORMING D OWNLOADS File Authentication Requirements If one or more certificates fail to authenticate, the ensuing file authentication process based on signature files also fails, resulting to an application not authenticated and not allowed to execute on the device. When a certificate file is authenticated, the data it contains is added to the certificate tree and the certificate file is deleted from the SRAM.
P ERFORMING D OWNLOADS File Authentication Requirements When the signature file successfully authenticates its target file, it is automatically moved to the same file system and file group as the target file it authenticates (that is, if *FA = 1). The processing routine gives visible and audible indications when a specific signature file authenticates successfully.
P ERFORMING D OWNLOADS File Authentication Requirements Download an Operating System Update Provided by VeriFone NOTE Because the operating system software for the Vx810 is developed and controlled by VeriFone for its customers, VeriFone provides the necessary certificates and signature files to ensure the authenticity and integrity of the operating system update as part of the download package. Operating system files can only be transferred to a Vx810 device using a PC-todevice direct download procedure.
P ERFORMING D OWNLOADS File Authentication Requirements • While the new OS is being processed, there is no visible indication on the device display of the progress of processing. When the new OS is processed (this usually takes a few moments), the device restarts automatically and the OS download procedure is complete. CAUTION If the power supply to the receiving device is accidentally cycled during an operating system download procedure, the device may permanently lock up.
P ERFORMING D OWNLOADS File Authentication Requirements • Downloaded certificates (receiving device) must synchronize with the certificate data present in the certificate tree. “Synchronized” means that the certificate tree of the receiving device can be no more than one revision out-of-sync with the certificate tree on the sending device or the files on the receiving device do not successfully authenticate.
P ERFORMING D OWNLOADS Effect of Downloads on Existing Files and Data Optimize Available One certificate file or signature file requires approximately 400 bytes of memory Memory Space for space. The application designer must account for the extra memory required to Successful download and store these special files. Downloads When planning your download procedure, carefully consider the total amount of memory space required to store certificates and signature files and the application files.
P ERFORMING D OWNLOADS Set Up the Download Environment • NOTE Set Up the Download Environment All current passwords are retained on the receiving device during an application or operating system download (direct and back-to-back). These include the system mode password and file group passwords. If required, you can replace existing file group passwords with new values as part of the data transfer operation. Always modify the system mode password in a separate, securely-controlled operation.
P ERFORMING D OWNLOADS Set Up the Download Environment Cable Connection A special dongle cable, VPN 08362-01-R, is provided for direct downloads. This is for Direct the generic cable for all RS-232-based hosts. Downloads The following steps describe how to establish the cable link between the sending host computer and the receiving Vx810 device using the special dongle cable: 1 Connect the 14-pin header end of the cable to the Vx810.
P ERFORMING D OWNLOADS Set Up the Download Environment Direct Application This section provides the hardware and software checklist needed for direct Downloads application downloads. The procedure for direct application downloads is also discussed. Hardware Checklist The correct cable connects the download computer serial port (COM2) to the RS232 serial port (COM2) of the Vx810. Software Checklist Download Manager, VeriCentre, or DDL.EXE running on the host computer.
P ERFORMING D OWNLOADS Set Up the Download Environment Checklist for Effects on Files and Settings in the Receiving Device Protected records in the CONFIG.SYS files of the receiving device – keyed records that begin with * or # – are not erased. The bootloader, OS, and other firmware on the receiving device are not modified as a result of the application download.
P ERFORMING D OWNLOADS Set Up the Download Environment Table 17 Common Steps to Start a Download (continued) Step Display Action 2 (Application Prompt) If an application already resides on the device, an application-specific prompt is displayed. If no application resides on the device, the following message is displayed: or DOWNLOAD NEEDED ¹GO FILE NOT FOUND DOWNLOAD NEEDED To enter system mode from this screen, simultaneously press F2 and F4.
P ERFORMING D OWNLOADS Set Up the Download Environment Table 17 Common Steps to Start a Download (continued) Step Display Action 4 SYS MODE MENU 1 SYS MODE MENU 1 is the first menu displayed. To cycle through to the other menus, press the PF2 key or press ENTER until you reach the desired menu. EDIT PARAMETERS F2 DOWNLOAD F3 RESTART F4 © ª To perform download operations, select DOWNLOAD (F3). To abort any action at any step, press CANCEL.
P ERFORMING D OWNLOADS Set Up the Download Environment Table 18 Direct Application Download Procedure (continued) Step Display Action 5 SYS MODE DOWNLOAD Gnn Select the download source, COM 2 (F3). COM2 F3 SYS MODE DOWNLOAD Gnn UNIT RECEIVE MODE The device is ready to receive a download from the selected source. WAITING FOR DOWNLOAD SYS MODE DOWNLOAD Gnn ¹¹¹_ _ _ _ _ _ _ DOWNLOADING NOW During download, a line of asterisks appears that shows the percentage of completion.
P ERFORMING D OWNLOADS Set Up the Download Environment Table 18 Direct Application Download Procedure (continued) Step Display Action 7 **VERIFYING FILES** COMPARE SIGNATURE The file authentication module continues to authenticate any new signature files downloaded with the OS files. FILENAME.P7S FILENAME.OUT **AUTHENTIC** or --- FAILED --- When the signature file authentication routine starts, the status display informs you of the progress of the authentication process.
P ERFORMING D OWNLOADS Direct Operating System Downloads Direct Operating System Downloads This section provides the hardware and software checklist needed for direct operating system downloads. The procedure for direct operating system downloads is also discussed. Hardware Checklist The correct cable connects the download computer serial port (COM2) to the RS-232 serial port (COM2) of the Vx810 device (refer to Cable Connection for Direct Downloads).
P ERFORMING D OWNLOADS Direct Operating System Downloads The certificate tree that exists on the receiving device is not modified unless one or more new certificate files required to authenticate the new OS are being downloaded onto the device. When new certificates authenticate on the receiving device, the data they contain is stored in the certificate tree and the certificate files are deleted from the Group 1 SRAM.
P ERFORMING D OWNLOADS Direct Operating System Downloads Table 19 Direct Operating System Download Procedure Step Display Action 4 SYS MODE DOWNLOAD Gnn FULL F3 PARTIAL F4 5 SYS MODE DOWNLOAD Gnn For a full download, select FULL (F3). For a partial download, select PARTIAL (F4). To return to SYS MODE MENU 1, press the PF1 key. Select the download source, COM 2 (F3). COM2 F3 6 SYS MODE DOWNLOAD Gnn UNIT RECEIVE MODE The device is ready to receive a download from the selected source.
P ERFORMING D OWNLOADS Direct Operating System Downloads Table 19 Direct Operating System Download Procedure Step Display Action 7 **VERIFYING FILES** CHECK CERTIFICATE When the OS download is complete, the device restarts automatically. The file authentication module on the receiving device begins to check for new certificate (*.crt) and signature (*.p7s) files included in the download. These special files process one at a time; certificates process first, then signature files. (FILENAME.
P ERFORMING D OWNLOADS Direct Operating System Downloads Table 19 Direct Operating System Download Procedure Step Display Action 8 **VERIFYING FILES** COMPARE SIGNATURE The file authentication module continues to authenticate new signature files downloaded with the OS files. FILENAME.P7S FILENAME.OUT **AUTHENTIC** or --- FAILED --- When the signature file authentication routine starts, the status display informs you of the progress of the authentication process.
P ERFORMING D OWNLOADS Back-to-Back Application Downloads Back-to-Back Application Downloads Hardware Checklist This section provides the hardware and software checklist needed for back-toback application downloads. The procedure for back-to-back device downloads is also discussed. The correct serial cable connects the RS-232 serial ports of the sending and receiving Vx810 devices (refer to Cable Connection for Back-to-Back Application Downloads).
P ERFORMING D OWNLOADS Back-to-Back Application Downloads The OS software on the receiving device is not affected by a back-to-back application download. Note: OS files cannot be downloaded on a back-to-back operation. An application upload does not overwrite the existing certificate tree on the receiving device. Any downloaded certificate files are authenticated and added to the tree.
P ERFORMING D OWNLOADS Back-to-Back Application Downloads Download Application Files to Receiving Device 1 Configure a sending device for an application download operation to a deployment device: • If the *FA variable (if present in the application) is set to 0, you can reset it to 1. For more information on the *FA variable, refer to the Verix V Programmers Manual. • Ensure that the download is exactly what you want your receiving devices to receive.
P ERFORMING D OWNLOADS Back-to-Back Application Downloads The following diagram describes the procedure for a back-to-back application download from a sending Vx810 device to a receiving Vx810 device.
P ERFORMING D OWNLOADS Back-to-Back Application Downloads Back-to-back downloads require that one device, the sending device, be loaded with the required applications. The receiving device is the receiving device. The procedure assumes the following: NOTE • The receiving device has no applications loaded. • There is enough memory in the receiving device to complete the download. The receiving device does not display an error message if there is not enough memory to complete the download.
P ERFORMING D OWNLOADS Back-to-Back Application Downloads Table 20 Step Back-to-Back Application Download Procedure Display Action SYS MODE DOWNLOAD Gnn To abort the download, select CANCEL DOWNLOAD (F3). ¹¹¹¹WARNING¹¹¹¹ ALL FILES WILL BE CLEARED FROM GROUP 1 To proceed with the download, select CONTINUE (F4). CANCEL DOWNLOAD F3 CONTINUE F4 SYS MODE DOWNLOAD Gnn Select COM2 (F3) as the download source.
P ERFORMING D OWNLOADS Back-to-Back Application Downloads 126 VX810 REFERENCE GUIDE
CHAPTER 7 Specifications This chapter describes the technical specifications for the Vx810 device. Product Specifications Model Vx810 Processor 200 MHz Samsung S3C2410 ARM920 32-bit microprocessor Flash ROM 4MB installed (expandable to 8MB or 16MB) SRAM 2MB installed (expandable to 4MB) Operating System Verix V platform. Built specifically to provide true and secure multi-application capability, as well as dynamic memory allocation and file authentication. Display 128 x 128 pixel (2.
S PECIFICATIONS Environmental, Regulatory and Performance Specifications Supported Memory SD Memory Card Media • Sandisk SD: SDSDB-512 / SDSDB-256 / SDSDB-128 USB Flash Drive • Sandisk Cruzer Mini: SDCZ2-256-A10 • Memorex Thumbdrive: 32507725 • Kingston DataTraveler: KUSBDTI256 • PNY USB Flash: PFD256U20RF • Lexar USB Pro: JD256-80-231 Security 3DES encryption, Master / Session and DUKPT key management. PCI-PED approved. VeriShield file authentication.
S PECIFICATIONS Environmental, Regulatory and Performance Specifications Immunity Standards This device is compliant to the following immunity standards for information technology equipment: Electrostatic Discharge (ESD) Immunity (EN/IEC 61000-42:1998), Radiated Immunity (EN 61000-4-3:1998), Electrical Fast Transients (EFT) Burst Immunity (EN/IEC 61000-4-4:1995), Surge (EN/IEC 61000-4-5:1995), Conducted Immunity (EN/IEC 61000-4-6:1996), Magnetic Field Susceptibility (EN/ IEC 61000-4-8:1993), Voltage Dips (
S PECIFICATIONS Environmental, Regulatory and Performance Specifications 130 VX810 REFERENCE GUIDE
CHAPTER 8 Care and Maintenance Your Vx810 device is a product of superior design and craftsmanship and should be treated with care. The following suggestions will help you protect your warranty coverage. • Keep the device dry. Precipitation, humidity, and all types of liquids or moisture can contain minerals that will corrode electronic circuits. If your device does get wet, switch off the power, and allow the device to dry completely before replacing it.
C ARE AND M AINTENANCE Additional Safety Information Additional Safety Information The following are additional information for your safety in using this device. Power Adapter Use only the power adapter that came with your device. Adapters for other electronic devices (including other VFI devices) may look similar, but they may affect your device’s performance or damage it.
CHAPTER 9 Service and Support For problems concerning your Vx810 device, contact your local VeriFone representative or service provider. For Vx810 product service and support information: Product Returns • USA – VeriFone Service and Support Group, 1-800-VERIFONE (837-4366), Monday - Friday, 8 A.M. - 7 P.M. EST • International – Contact your VeriFone representative Before returning a Vx810 device to VeriFone, you must first obtain a Merchandise Return Authorization (MRA) number.
S ERVICE AND S UPPORT Product Returns 2 Obtain the MRA numbers by doing one of the following: a Call VeriFone toll-free within the United States at 1-800-VERIFONE (837-4366) and follow the automated menu options. • Select the MRA option from the automated message. The MRA department is open Monday to Friday, 8 A.M. - 7 P.M. EST. • Give the MRA representative the information you gathered in Step 1 and describe the problem that you are having with each Vx810 device.
S ERVICE AND S UPPORT Accessories and Documentation Accessories and Documentation Power Pack Connectivity Cables VeriFone produces the following accessories and documentation for the Vx810. When ordering, please refer to the part number (VPN). • VeriFone online store at www.store.verifone.com • USA – VeriFone Customer Development Center, 800-VeriFone (837-4366), Monday - Friday, 7 A.M. - 8 P.M.
S ERVICE AND S UPPORT Accessories and Documentation 136 VX810 REFERENCE GUIDE
CHAPTER 10 Troubleshooting Guidelines The troubleshooting guidelines provided in the following section are included to assist you to successfully install and configure your Vx810 device. If you have problems operating your Vx810 device, please read through these troubleshooting examples. If the problem persists even after performing the outlined guidelines or if the problem is not described below, contact your local VeriFone representative for assistance.
TROUBLESHOOTING G UIDELINES Device Does Not Dial Out Device Does Not If the device does not dial out: Dial Out • Check the telephone line connections. • Check that the telephone line is working by plugging it into a working telephone and listening for a dial tone. • Replace the telephone cable that connects the device with a cable you know is working correctly. • If the problem persists, contact your local VeriFone service provider.
APPENDIX A System Messages This appendix describes system messages, which are grouped into two categories: error messages and information messages. Error Messages ALREADY DEBUGGING FLASH CHKSUM ERROR PLEASE TRY AGAIN RAM CHKSUM ERROR ** UNZIP ERROR N XXXXXX YYYYYY The following error messages may appear when the Vx810 device is in system mode. This message displays when DEBUGGER F5 in SYS MODE MENU 2 is selected and the debugging monitor program, DBMON.OUT, is already running on the device.
S YSTEM M ESSAGES Information Messages Information Messages DOWNLOAD NEEDED LOAD DBMON.OUT LOAD TERMINAL MANAGEMENT AGENT The following information messages may appear when the Vx810 device is in system mode. The operating system is unable to start the application specified in the *GO variable for the following reasons: • Application is not resident in the device. • The *GO variable is not set in the Group 1 CONFIG.SYS file.
S YSTEM M ESSAGES Information Messages SYS MODE CLEAR CLEARING RAM PLEASE WAIT This message is displayed when you select RAM FILES F2 in SYS MODE MENU 1 and select CLEAR GROUP_NN F2 or CLEAR ALL FILES F3 to clear files from the SRAM of a specific file group (Group 1–15) or from the entire SRAM. This message remains until the files within the file group or all files in SRAM are deleted.
S YSTEM M ESSAGES Information Messages SYS MODE KBD TEST KEYCODE NN SYS MODE PASSWORD FILE GROUP NN SYS MODE ENTRY SYS MODE PASSWORD NEW AGAIN PASSWORD CHANGED SYS MODE UPLOAD UPLOADING NOW TRK1: TRK2: TRK3: This message is displayed when you initiate a local diagnostic test of the device keyboard through KEYBOARD DIAG F1 in SYS MODE MENU 3. When invoked, the decimal ASCII keycode of each key pressed appears to the right of KEYCODE.
Information Messages UNZIP STUFF.ZIP MYPROG.OUT MYDATA.TXT 6X8.FON 10X14.FON ... ** VERIFYING FILES ** CHECK CERTIFICATE FILENAME.CRT ** AUTHENTIC ** or ---FAILED--- ** VERIFYING FILES ** COMPARE SIGNATURE MYFILE.P7S MYFILE.OUT ** AUTHENTIC ** or ---FAILED--- If you are using the file compression module in DMM, information similar to that displayed appears when a compressed file archive downloaded onto the device decompresses (unzipped), and the files extract from the archive.
Information Messages 144 VX810 REFERENCE GUIDE
APPENDIX B Port Pinouts The tables in this appendix list pinouts for the Vx810 device, dongles, and cable connectors.
P ORT P INOUTS COM Port 146 VX810 REFERENCE GUIDE
APPENDIX C ASCII Table An ASCII table for the Vx810 is presented below.
Vx810 ASCII Table Table 21 148 Dec Hex ASCII Dec Hex ASCII Dec Hex ASCII Dec Hex ASCII 26 1A SUB 58 3A : 90 5A Z 122 7A z 27 1B ESC 59 3B ; 91 5B [ 123 7B { 28 1C FS 60 3C < 92 5C \ 124 7C | 29 1D GS 61 3D = 93 5D ] 125 7D } 30 1E RS 62 3E > 94 5E ^ 126 7E ~ 31 1F US 63 3F ? 95 5F _ 127 7F DEL VX810 REFERENCE GUIDE
GLOSSARY Application ID An alphanumeric code that identifies an application downloaded onto a device from a download computer. For ZonTalk 2000 application downloads, the application ID is stored in the CONFIG.SYS record which begins with the *ZA key. A Vx810 application ID can be up to 21 characters long. For VeriCentre Download Management Module, the application ID, as well as other CONFIG.SYS variables, may differ from those used for ZonTalk 2000.
G LOSSARY Default A value, parameter, option, or attribute that Input The process of entering data into a is assigned by the program or system when another has not been assigned by the user. processing system or a peripheral device such as a PIN pad terminal, or the data that is entered. Delete To remove a record, field, or item of data. Interface A common boundary between two Diagnostics Techniques employed for detection systems, devices, or programs. Also, to interact with a device.
G LOSSARY Non-volatile memory A memory or storage POS terminal A device used at the point of sale, medium that retains data in the absence of power so that the data is available when power is restored. For the Vx810, application files and data files can be stored in battery-backed RAM or non-volatile flash memory, according to the requirements of the application. which is usually at a merchant site where a customer pays for goods or services received.
G LOSSARY Remote host computer A host computer Vx810 modem dongle over a dial-up connected to a telephone line to download files or data, or to process transactions. The opposite of remote is local. temporarily disables normal mode operations, allowing you to perform local functions such as downloads, diagnostics, and other operations that cannot be performed while the application is running.
G LOSSARY Terminal ID An alphanumeric code that identifies a terminal to a download computer. In this way, the download computer can determine what data or applications to download to that terminal. For ZonTalk 2000 downloads, the Vx810 terminal ID is stored in the *ZT record in the CONFIG.SYS file. This variable should not exceed 10 characters in length.
G LOSSARY 154 VX810 REFERENCE GUIDE
INDEX Numerics 3DES 12, 128 A accessories 135 B back-to-back application downloads 120 effects on files and settings 120 hardware checklist 120 procedure 121 software checklist 120 back-to-back downloads 87, 121 C Certificate Authority, VeriFone 63 cleaning kit 135 D data entry modes normal mode 16 system mode 16 device status verifying 32 digital certificate 64 digital signature 64 direct application downloads 109 effects on files and settings 110 hardware checklist 109 procedure 110 software checklist
I NDEX H special files 64 digital certificate 64 signer certificate 65 sponsor certificate 65 digital signature 64 signer private keys 64 file groups 33 H host computer downloads 87 K keypad command keys 19 cancel key 19 clear key 19 enter key 19 data entry modes 16 normal mode 16 system mode 16 keys 15 programmable function keys 19 M magnetic stripe card reader how to use 30 MSAM cards installing 24 replacing 24 N normal mode 16 P PCI-PED 12, 128 power pack 22, 135 primary smart card reader how to us
I NDEX T system mode 16 entering 32, 39 menus 37 menu 1 41 DOWNLOAD 42 EDIT PARAMETERS 41 RESTART 43 menu 2 44 MEMORY FUNCTIONS 45 CLEAR MEM 46 DIRECTORIES 46 USAGE 45 TERMINAL INFO 47 CLOCK 58 DIAGS AND LOGS 49 DEBUGGER 55 ERROR LOG 56 IPP DIAG 54 KEYBOARD DIAG 51 MAG CARD DIAG 52 REMOTE DIAGS 54 SCREEN DIAG 53 SMART CARD DIAG 50 TAMPER LOG 57 SYSTEM INFO 47 menu 3 60 CONTRAST 60 IPP KEY LOAD 61 PASSWORDS 60 operations 32 local operations 32 remote operations 32 passwords 33 file group passwords 34 mainte
VeriFone, Inc. 2099 Gateway Place, Suite 600 San Jose, CA, 95110 USA Tel: (800) VeriFone (837-4366) www.verifone.
