User's Manual Part 4
FILE AUTHENTICATION
Introduction to File Authentication
O
MNI 3600 REFERENCE MANUAL 109
Customer-specific sponsor and signer certificates are usually downloaded to an
Omni 3600 terminal as part of the standard application download procedure
performed by a deployment service. In this operation, the new sponsor and signer
certificates replace the development sponsor certificate that is part of the factory
set of certificates, as shown in Figure 38.
When the sponsor and signer certificates are downloaded and successfully
authenticated, the terminal is ready to deploy.
Ultimately, it is the sponsor’s decision how to implement the logical security
provided by file authentication on a field-deployed terminal. Additional certificates
can be obtained from the VeriFone CA any time, to implement new sponsor and
signer relationships in deployment terminals.
Figure 38 Certificate Trees in Development and Deployment Terminals
Permanency of the Certificate Tree
The data contained in a digital certificate is stored in the terminal’s certificate tree
when the certificate is authenticated, and the certificate file itself is erased from
RAM.
The certificate tree file is stored in a reserved area of non-volatile memory and is
therefore relatively permanent. New certificate data can be added to the existing
certificate tree (up to a maximum of 21 certificates).