User's Manual
Table Of Contents
- VX 675
- Contents
- Preface
- Terminal Overview
- Terminal Setup
- Selecting Terminal Location
- Unpacking the Shipping Carton
- Examining Terminal Features
- Examining Connection Ports
- Installing the Paper Roll
- Installing the SIM Card
- Installing the SD Card
- Using the Battery
- Battery Behavior (No Power Pack)
- Connecting the Terminal Power Pack
- Charging the Battery
- Using the VX 675 Base Stations
- Powering Up the Base
- Docking the Terminal on the Base
- Undocking the Terminal from the Base
- Conducting Wireless Transactions
- Conducting Smart Card Transactions
- Using the Magnetic Card Reader
- Connecting to USB Host
- VX 675 ECR (Fiscal Module) Support
- VX 675 3G and GPS Support
- Using the Terminal Keys
- Verix Terminal Manager
- File Authentication
- Performing Downloads
- Downloads and Uploads
- Download Methods
- Download Tools
- Download Content
- Full and Partial Downloads
- Support for Multiple Applications
- Use of I: drive and F: drive
- File Authentication Requirements
- Required Certificates and Signature Files
- The File Authentication Process During an Application Download
- File Group Permissions
- Download an Operating System Update Provided by VeriFone
- File Authentication for Back-to-Back Application Downloads
- Timing Considerations Due to the Authentication Process
- Support for File Compression
- Effect of Downloads on Existing Files and Data
- Direct Operating System Downloads
- Back-to-Back Application Downloads
- Specifications
- Maintenance
- VeriFone Service and Support
- System Messages
- Troubleshooting Guidelines
- Port Pinouts
- ASCII Table
- VX 675 Battery Information
- Glossary
- Application ID
- Application program
- Application prompt
- ASCII
- Back-to-back application download
- Baud
- Bit
- Block
- Boot loader
- Buffer
- Byte
- Calendar/clock chip
- Card reader
- Carrier
- Certificate
- Character
- CONFIG.SYS file
- CPU
- Data
- Data entry
- Data packet
- Default
- Delete
- Diagnostics
- Direct download
- Display
- Download
- File authentication
- Firmware
- Fixed prompt
- Flash memory
- Host computer
- Input
- Interface
- Keyed file character set
- Keyed file editor
- Keyed file record
- Keypad
- Local functions
- Manual transaction
- Memory
- Messages
- Non-volatile memory
- Normal Mode
- Packet
- Packet-switched networks
- Parameter
- Password
- PC
- Peripheral terminal
- Port
- POS terminal
- Power pack
- Prompt
- Protocol
- PTID
- RAM
- Remote host computer
- Scroll
- Search key
- Serial port
- Signature file
- mDRAM
- Subroutine
- Swipe
- Verix Terminal Manager
- Verix Terminal Manager password
- Terminal
- Terminal ID
- Terminal-to-terminal application upload
- Track 1, 2, or 3 data
- Transaction
- Variable
- Volatile memory
- Index
- Contact VeriFone
FILE AUTHENTICATION
Introduction to File Authentication
VX 675 R
EFERENCE GUIDE 77
A sponsor certificate is authenticated under a higher-level system certificate,
called the application partition certificate.
• Signer certificate: Certifies the right to sign and authenticate files for terminals
belonging to the sponsor.
A signer certificate is authenticated under the authority of a higher-level client
certificate (the sponsor certificate).
The required sponsor and signer certificates must either have been previously
downloaded and authenticated on the terminal, or they must be downloaded
together with the new signature and target files to authenticate.
Signer Private Keys Are Issued to Secure the File Signing Process
Signer private keys are loaded onto a smart card. This smart card is securely
delivered to the business entity that the terminal sponsor has authorized to sign,
download, and authenticate applications to run on the sponsor’s terminal.
The VeriFone CA can also issue additional sets of sponsor and signer certificates,
signer private keys to support multiple sponsors, and multiple signers for a
specific platform.
To establish the logical security of applications to download to a VX 675 terminal,
the designated signer uses the signer private key issued by the VeriFone CA as
this is a required input to the VeriShield File Signing Tool.
A signature file is generated using a signer private key. Successful authentication
depends on whether the signer private key used to sign the target file matches the
signer certificate stored in the terminal’s certificate tree.
How File
Authentication
Works
File authentication consists of three basic processes:
1 Development: The VeriShield File Signing Tool creates a signature file for
each application file to authenticate.
2 Pre-deployment: An optimal certificate structure is determined, and the
necessary certificates and keys are created.
3 Deployment: The development and pre-deployment processes, once
complete, are used in combination to prepare a terminal for deployment.
NOTE
Only one sponsor certificate is permitted per terminal. An application cannot be
loaded without both a Sponsor and signer certificate.
NOTE
The signer private keys loaded onto the smart card is the only copy of the private
key.