How File Authentication Works - VeriFone VX 680 Reference Manual

Hide thumbs Also See for VX 680:

Installation manual (66 pages)

User manual (15 pages)

Quick reference manual (2 pages)

Table Of Contents

100

101

102

103

104

105

106

107

108

109

110

111

112

113

114

115

116

117

118

119

120

121

122

123

124

125

126

127

128

129

130

131

132

133

134

135

136

137

138

139

140

141

142

143

144

145

146

147

148

149

150

151

152

153

154

155

156

157

158

159

160

161

162

163

164

165

166

167

168

169

170

171

172

173

174

175

176

177

178

179

180

181

182

183

184

185

186

187

188

189

190

191

192

Table of Contents

NOTE

Only one sponsor certificate is permitted per terminal. An application cannot be

loaded without both a Sponsor and signer certificate.

•

The required sponsor and signer certificates must either have been previously

downloaded and authenticated on the terminal, or they must be downloaded

together with the new signature and target files to authenticate.

Signer Private Keys Are Issued to Secure the File Signing Process

Signer private keys are loaded onto a smart card. This smart card is securely

delivered to the business entity that the terminal sponsor has authorized to sign,

download, and authenticate applications to run on the sponsor's terminal.

NOTE

The signer private keys loaded onto the smart card is the only copy of the private

key.

The Verifone CA can also issue additional sets of sponsor and signer certificates,

signer private keys to support multiple sponsors, and multiple signers for a

specific platform.

To establish the logical security of applications to download to a VX 680 terminal,

the designated signer uses the signer private key issued by the Verifone CA as

this is a required input to the VeriShield File Signing Tool.

A signature file is generated using a signer private key. Successful authentication

depends on whether the signer private key used to sign the target file matches the

signer certificate stored in the terminal's certificate tree.

How File

File authentication consists of three basic processes:

Authentication

Works

A sponsor certificate is authenticated under a higher-level system certificate,

called the application partition certificate.

Signer certificate: Certifies the right to sign and authenticate files for terminals

belonging to the sponsor.

A signer certificate is authenticated under the authority of a higher-level client

certificate (the sponsor certificate).

Development: The VeriShield File Signing Tool creates a signature file for

each application file to authenticate.

Pre-deployment: An optimal certificate structure is determined, and the

necessary certificates and keys are created.

Deployment: The development and pre-deployment processes, once

complete, are used in combination to prepare a terminal for deployment.

ILE

UTHENTICATION

Introduction to File Authentication

VX 680 R

EFERENCE

UIDE

Table of Contents

Show Quick Links

Quick Links:
Passwords
System Password

Hide quick links:

Table of Contents

How File Authentication Works - VeriFone VX 680 Reference Manual

Hide quick links:

Related Manuals for VeriFone VX 680

Related Content for VeriFone VX 680

Table of Contents