User's Manual
Table Of Contents
- VX 675
- Contents
- Preface
- Terminal Overview
- Terminal Setup
- Selecting Terminal Location
- Unpacking the Shipping Carton
- Examining Terminal Features
- Examining Connection Ports
- Installing the Paper Roll
- Installing the SIM Card
- Installing the SD Card
- Using the Battery
- Battery Behavior (No Power Pack)
- Connecting the Terminal Power Pack
- Charging the Battery
- Using the VX 675 Base Stations
- Powering Up the Base
- Docking the Terminal on the Base
- Undocking the Terminal from the Base
- Conducting Wireless Transactions
- Conducting Smart Card Transactions
- Using the Magnetic Card Reader
- Connecting to USB Host
- VX 675 ECR (Fiscal Module) Support
- VX 675 3G and GPS Support
- Using the Terminal Keys
- Verix Terminal Manager
- File Authentication
- Performing Downloads
- Downloads and Uploads
- Download Methods
- Download Tools
- Download Content
- Full and Partial Downloads
- Support for Multiple Applications
- Use of I: drive and F: drive
- File Authentication Requirements
- Required Certificates and Signature Files
- The File Authentication Process During an Application Download
- File Group Permissions
- Download an Operating System Update Provided by VeriFone
- File Authentication for Back-to-Back Application Downloads
- Timing Considerations Due to the Authentication Process
- Support for File Compression
- Effect of Downloads on Existing Files and Data
- Direct Operating System Downloads
- Back-to-Back Application Downloads
- Specifications
- Maintenance
- VeriFone Service and Support
- System Messages
- Troubleshooting Guidelines
- Port Pinouts
- ASCII Table
- VX 675 Battery Information
- Glossary
- Application ID
- Application program
- Application prompt
- ASCII
- Back-to-back application download
- Baud
- Bit
- Block
- Boot loader
- Buffer
- Byte
- Calendar/clock chip
- Card reader
- Carrier
- Certificate
- Character
- CONFIG.SYS file
- CPU
- Data
- Data entry
- Data packet
- Default
- Delete
- Diagnostics
- Direct download
- Display
- Download
- File authentication
- Firmware
- Fixed prompt
- Flash memory
- Host computer
- Input
- Interface
- Keyed file character set
- Keyed file editor
- Keyed file record
- Keypad
- Local functions
- Manual transaction
- Memory
- Messages
- Non-volatile memory
- Normal Mode
- Packet
- Packet-switched networks
- Parameter
- Password
- PC
- Peripheral terminal
- Port
- POS terminal
- Power pack
- Prompt
- Protocol
- PTID
- RAM
- Remote host computer
- Scroll
- Search key
- Serial port
- Signature file
- mDRAM
- Subroutine
- Swipe
- Verix Terminal Manager
- Verix Terminal Manager password
- Terminal
- Terminal ID
- Terminal-to-terminal application upload
- Track 1, 2, or 3 data
- Transaction
- Variable
- Volatile memory
- Index
- Contact VeriFone
FILE AUTHENTICATION
Introduction to File Authentication
76 VX 675 REFERENCE GUIDE
Special Files Used
in the File
Authentication
Process
The following specially formatted files support the file authentication process:
• A digital certificate is a digital public document used to verify the signature of
a file.
• A digital signature is a piece of information based on both the file and the
signer’s private cryptographic key. The file sender digitally signs the file using
a private key. The file receiver uses a digital certificate to verify the sender’s
digital signature.
• Signer private keys (*.key files) are securely conveyed to clients on smart
cards. The secret passwords required by clients to generate signature files,
using signer private keys, are sent as PINs over a separate channel such as
registered mail or encrypted e-mail.
Some files, such as private key files, are encrypted and password protected for
data security. Others, such as digital certificates and signature files, do not need
to be kept secure to safeguard the overall security of VeriShield Retain.
Within the VeriShield File Signing Tool tool, you can recognize the special file
types that support the file authentication process by the filename extensions listed
in Table 7.
All digital certificates are generated and managed by the VeriFone CA, and are
distributed on request to VX 675 clients—either internally within VeriFone or
externally to sponsors.
All certificates issued by the VeriFone CA for the VX 675 platform, and for any
VeriFone platform with the VeriShield Retain security architecture, are
hierarchically related. That is, a lower-level certificate can only be authenticated
under the authority of a higher-level certificate.
The security of the highest-level certificate, called the platform root certificate, is
tightly controlled by VeriFone.
Certificates Contain Keys That Authenticate Signature Files
• Sponsor certificate: Certifies a client’s sponsorship of the terminal. It does not,
however, convey the right to sign and authenticate files. To add flexibility to
the business relationships that are logically secured under the file
authentication process, a second type of certificate is usually required to sign
files.
Table 7 VeriShield File Signing Tool Filename Extensions
File Type Extension
Signature *.p7s
Private key *.key
Digital certificate *.crt