VeriFone Vx810 Reference Manual
  1. Manuals
  2. Brands
  3. VeriFone Manuals
  4. Touch terminals
  5. DUET Vx810
  6. Reference manual

VeriFone Vx810 Reference Manual

Hide thumbs Also See for Vx810:
Table of Contents

Advertisement

Quick Links

Download this manual See also: Installation Manual
x
V
810
Reference Guide
VeriFone Part Number 24964, Revision B

Advertisement

Table of Contents
loading

Related Manuals for VeriFone Vx810

Summary of Contents for VeriFone Vx810

  • Page 1 Reference Guide VeriFone Part Number 24964, Revision B...
  • Page 2 VeriFone, Inc. The information contained in this document is subject to change without notice. Although VeriFone has attempted to ensure the accuracy of the contents of this document, this document may include errors or omissions. The examples and sample programs are for illustration only and may not be suited for your purpose.

  • Page 3: Table Of Contents

    ONTENTS ........7 R E F A C E Audience.
  • Page 4 Introduction to File Authentication ........67 The VeriFone Certificate Authority ....... . 67 Special Files Used in the File Authentication Process .
  • Page 5 File Group Permissions ........106 Download an Operating System Update Provided by VeriFone ..107 File Authentication for Back-to-Back Application Downloads .
  • Page 6 VeriFone Cleaning Kit ........

  • Page 7: Preface

    Vx810 Overview. Provides an overview of the V 810. Chapter Using the Vx810 Keys. Explains the operational features of the V and describes how to use the V 810 keys to perform all the data entry or system mode tasks described in this manual.

  • Page 8: Related Documentation

    REFACE Related Documentation Chapter Service and Support. Provides information on how to contact your local VeriFone representative or service provider, and information on how to order accessories or documentation from VeriFone. Chapter Troubleshooting Guidelines. Provides troubleshooting guidelines, should you encounter a problem in installation and configuration.

  • Page 9: Acronyms

    REFACE Conventions and Acronyms Table 1 Document Conventions Convention Meaning Example The caution symbol indicates The device is not waterproof or CAUTION hardware or software failure, or dustproof, and is intended for loss of data. indoor use only. The lighting symbol is used as a Due to risk of shock do not use WARNING warning when bodily injury might...
  • Page 10 REFACE Conventions and Acronyms Table 2 Acronyms Acronym Definitions Secure Sockets Layer SRAM Static Random Access Memory Universal Serial Bus 810 R EFERENCE UIDE...

  • Page 11: Hapter

    This chapter provides a brief description of the V 810. The V 810 is a customer- facing premium PIN pad brought about by VeriFone’s innovative Purpose Inspired Design program which focuses on real-world usage. Apart from its sleek, compact, and functional design, the V...

  • Page 12: Features And Benefits

    Features and Acclaimed Vx Solutions Reliability and Security Guarantees Extra Protection Benefits • Runs on Verix-based platform, proven in millions of VeriFone V Solutions installed worldwide. • Has exceptionally reliable magnetic stripe and smart card readers to reduce read errors.
  • Page 13 810 O VERVIEW Features and Benefits Ultra Sleek PIN Pad Puts Everything at Your Customer’s Fingertips • Ergonomic shape and silver casing holds high consumer appeal. • Offers 128 x 128, high-resolution display with white backlighting for enhanced readability and branding opportunities. •...
  • Page 14 810 O VERVIEW Features and Benefits 810 R EFERENCE UIDE...

  • Page 15: Using The V

    HAPTER Using the V 810 Keys Before proceeding to other tasks, familiarize yourself with the operational features of the V 810 keypad. This section describes how to use the V 810 keypad, which consists of four ATM- style function keys (F1 to F4), four programmable function keys (PF1 to PF4), an ALPHA key, a main keypad (0 to 9, *, and #), and three command keys (CANCEL, CLEAR, and ENTER).

  • Page 16: Data Entry Modes

    810 K SING THE Data Entry Modes Data Entry Before you can enter data in the form of ASCII characters, the V 810 must be in a Modes mode that accepts keyed data entry. There are two operating modes: • Normal mode: This is the operating mode where an application is present and currently running.

  • Page 17: Main Keypad

    810 K SING THE Data Entry Modes Main Keypad The main keypad consists of the keys 0 to 9, *, and #. You can enter up to 50 ASCII characters, including the letters A–Z, the numerals 0–9, and special characters such as: (*), (,), (‘), (“), (-), (.), (#), (%), (:), (!), (+), (@), (=), (&), (space), (;), ($), (_), (\), and (/).
  • Page 18 810 K SING THE Data Entry Modes The following table lists all the ASCII characters you can type using the ALPHA key and the main keypad. Table 4 Using the Keypad Press Without Press Press Key to ALPHA Pressing ALPHA ALPHA Press Three...

  • Page 19: Command Keys

    810 K SING THE Data Entry Modes Command Keys The following are the command keys of the V 810: CANCEL Key Pressing the CANCEL key in normal mode – when an application is loaded and running – terminates the current function or operation. In system mode, use CANCEL to perform a variety of functions.

  • Page 20: Sound

    810 K SING THE Data Entry Modes Sound The V 810 supports only monophonic sound capabilities. The keys produce a beeping sound when pressed. NOTE The OS does not contain any pre-defined tunes. This feature is handled entirely by an application. The OS merely provides an API. 810 R EFERENCE UIDE...

  • Page 21: Hapter

    HAPTER Setup This chapter describes the setup procedure for V 810, in the following sections: • Selecting Location • Unpacking the Shipping Carton • Examining the V 810 Features • Installing/Replacing MSAM Cards • Options • Cable Connections • Power Supply •...

  • Page 22: Electrical Considerations

    Do not use a device that has been tampered with or damaged. WARNING The device comes equipped with tamper-evident labels. If a label or component appears damaged, please notify the shipping company and your VeriFone representative or service provider immediately. 810 R...

  • Page 23: Examining The V X 810 Features

    ETUP Examining the V 810 Features Examining the Before you continue the installation process, examine the features of the V 810. 810 Features Figure 3 810 Features The V 810 has the following features: • A display. • Five types of keys: •...

  • Page 24: Installing/Replacing Msam Cards

    Cards CAUTION Observe standard precautions for handling electrostatically sensitive devices. Electrostatic discharges can damage this equipment. VeriFone recommends using a grounded anti-static wrist strap. To change or install Place the device facedown on a soft, clean surface to protect the lens from MSAMs scratches.
  • Page 25 ETUP Installing/Replacing MSAM Cards Remove the locking screw from the MSAM card compartment door, and then open the MSAM card compartment door. Figure 4 Removing the MSAM Compartment Door Remove any previously installed MSAM card by sliding the card out. Install an MSAM card by sliding it into the numbered slots.

  • Page 26: Options

    ETUP Options Options VeriFone ships variants of the V 810 for different markets. Your device may have a different configuration. Additionally, these variants can be ordered with different options. 810 CTLS Module This SD card slot on the V 810 also serves as an SDIO expansion port for...
  • Page 27 ETUP Options Install the metal plate onto the back of the RFID canopy and V 810. The metal plate has two tabs at the wide end that fit into slots in the V 810 CTLS NOTE module, and two tabs at the narrow end that fit into ribs in the V 810 PIN pad’s SD card compartment.

  • Page 28: 810 Duet Base Unit

    ETUP Options 810 DUET Base Adding the optional V 810 DUET base unit transforms the V 810 PIN pad into an Unit all-in-one countertop payment solution with thermal printer, modem, Ethernet, USB, and serial ports. Connecting the V 810 PIN pad to the V 810 DUET Base Unit To connect the V 810 PIN pad to the V...

  • Page 29: Privacy Shield

    ETUP Options Mount the PIN pad on the DUET. Figure 13 Placing the V 810 onto the V Connect the power cord. Figure 14 Connecting the Power Pack For more information on the V 810 DUET base unit, please refer to the V DUET Reference Guide, VPN 24970.

  • Page 30: Cable Connections

    ETUP Cable Connections Cable The V 810 has six general cabling scenarios, depending on what the device Connections connects to: • Other Devices • RS-232 Connection with External Power Brick • Standard USB Connection • USB Download Support with External Power Brick •...

  • Page 31: Standard Usb Connection

    Cable Connections Standard USB For standard USB environments, this cable option has the host end terminating in Connection a Type-A USB plug. Power (5V 500mA) for the Vx810 is provided via this connector. Figure 18 Standard USB Connection USB Download...

  • Page 32: Ethernet Connection With External Power Brick

    VeriFone recommends installing a power surge protector. When the V 810 has power and an application is loaded, the application starts after the initial VeriFone copyright screen and displays a unique copyright screen. If no application is loaded, appears on the display after the DOWNLOAD NEEDED initial VeriFone copyright screen.

  • Page 33: Using The Primary Smart Card Reader

    ETUP Using the Primary Smart Card Reader Using the The smart card transaction procedure can vary depending on the application. Primary Smart Verify the proper procedure with your application provider before performing a Card Reader smart card transaction. To conduct a smart card transaction: Position a smart card with the gold contacts facing upward.

  • Page 34: Using The V 810 Ctls Module

    ETUP Using the V 810 CTLS Module Using the V The V 810 CTLS module is only active when signaled by an application for the CTLS Module conduction of a contactless smart card transaction. To perform a contactless smart card transaction: Gently tap the card onto or hold the card (within 4 cm.) against the surface of the RFID canopy.

  • Page 35: Hapter

    HAPTER System Mode This chapter describes a category of device functions called system mode operations. • Press F2 and F4 at the same time and enter the password to invoke system mode. See Entering System Mode. • Assign files and applications to groups for access control. See File Groups.

  • Page 36: Local And Remote Operations

    YSTEM Local and Remote Operations Local and The system mode operations available on a V 810 can be divided into the Remote following two categories or types: Operations • Local operations address a stand-alone device and do not require communication or data transfers between the device and a host computer or another device.

  • Page 37: File Groups

    YSTEM File Groups File Groups The V 810 operating system implements a file system in non-volatile, battery- backed SRAM, and in non-volatile flash ROM memory. Files are assigned to one of 15 groups for access control. Each group has a separate CONFIG.SYS file, and each group is protected by a separate password.

  • Page 38: System Mode Password

    Normal mode. If you forget or lose the System Mode password of your device, please contact your local VeriFone representative for assistance. When you key in a password, an asterisk ( * ) appears for each character you type.
  • Page 39 YSTEM Passwords Manual Password Change A user can change the System Mode password or any GID password from the Passwords submenu in System Mode. The user must choose a password at least five characters long and no more than ten characters long. If the user attempts to enter a new password less than five characters long, the OS will sound a beep and the screen will display an error message (see Figure...
  • Page 40 YSTEM Passwords For operations which do not require a password, the OS will continue to operate normally and any applications loaded on the device will be unaffected. It is possible for a download server to change a password to one which can not CAUTION be entered on the V 810 keypad.

  • Page 41: System Mode Menus

    YSTEM System Mode Menus System Mode The V 810 has 3 system mode menus. Menus Table 5 System Mode Menus SYS MODE MENU 1 SYS MODE MENU 2 SYS MODE MENU 3 EDIT PARAMETERS F2 MEMORY FUNCTIONS F2 CONTRAST F2 DOWNLOAD F3 TERMINAL INFO F3 PASSWORDS F3...
  • Page 42 YSTEM System Mode Menus The Display column indicates what appears on the display screen at each step of the procedure. Please note the following conventions used in this column: • If a prompt or message appears on the screen exactly as it is described, it is shown in Arial bold font and ALL CAPS.

  • Page 43: Entering System Mode

    To enter system mode from this screen, simultaneously press F2 and F4. DOWNLOAD ALL FILES Under the following conditions, the device will FROM USB MEMORY STICK automatically download the file VeriFone.zip from a YES F2 USB flash drive without the user having to go through System Mode:...
  • Page 44 YSTEM System Mode Menus Table 7 Entering System Mode (continued) Display Action SYSTEM MODE ENTRY If an application prompt appeared and you chose to PASSWORD enter system mode, you are prompted to type the _ _ _ _ _ _ _ _ _ _ system password.

  • Page 45: Menu 1

    YSTEM System Mode Menus Menu 1 In this menu you can edit system parameters, perform downloads, and restart the device. Table 8 System Mode Menu 1 Display Action SYS MODE MENU 1 To edit system parameters, select EDIT PARAMETERS (F2) EDIT PARAMETERS F2 DOWNLOAD F3 To download an application to your device, select...
  • Page 46 YSTEM System Mode Menus Table 8 System Mode Menu 1 (continued) Display Action GID 1: NOT EMPTY Do one of the following: NEW (F1) To create a new parameter, select . Enter a • NEW (F1) PARAMETER: name for the parameter, then press .
  • Page 47 YSTEM System Mode Menus Table 8 System Mode Menu 1 (continued) Display Action SYS MODE DOWNLOAD Gnn For a full download, select FULL (F3) FULL F3 For a partial download, select PARTIAL (F4) PARTIAL F4 To return to , press the PF1 key. SYS MODE MENU 1 SYS MODE DOWNLOAD Gnn Select the download source,...
  • Page 48 YSTEM System Mode Menus Table 8 System Mode Menu 1 (continued) Display Action RESTART SYS MODE MENU 1 Select to exit system mode and restart RESTART F4 the device. EDIT PARAMETERS F2 DOWNLOAD F3 RESTART F4 Before performing a download to flash ROM memory in an initialized device (one NOTE that contains an application), reclaim all available flash ROM space.

  • Page 49: Menu 2

    And when connected to the V 810 DUET, which has a modem, it will also support VeriCentre-initiated downloads. For more information about using the VeriCentre Download Management Module in client/server installations, please contact your local VeriFone representative. 810 R EFERENCE UIDE...
  • Page 50 YSTEM System Mode Menus Table 9 System Mode Menu 2 Display Action SYS MODE MENU 2 To perform memory functions, select MEMORY MEMORY FUNCTIONS F2 FUNCTIONS (F2). TERMINAL INFO F3 To view device configuration information, select CLOCK F4 TERMINAL INFO (F3) To set the device clock, select CLOCK (F4) To go to the previous system mode menu, press...
  • Page 51 YSTEM System Mode Menus Table 9 System Mode Menu 2 (continued) Display Action MEMORY FUNCTIONS DIRECTORIES SYS MODE MENU 2 To perform memory functions, select MEMORY MEMORY FUNCTIONS F2 FUNCTIONS (F2). TERMINAL INFO F3 To abort any action at any step, press CANCEL CLOCK F4 SYS MODE MEM FUNCS...
  • Page 52 YSTEM System Mode Menus Table 9 System Mode Menu 2 (continued) Display Action SYS MODE MEMORY To continue, enter the required password. If you enter an incorrect password, the following message GROUP nn PASSWORD appears: _ _ _ _ _ _ _ _ _ _ SYS MODE PASSWORD Gnn PLEASE TRY AGAIN Press...
  • Page 53 Hardware Revision Number (2-character numeric • code) System OS Version (8-character alphanumeric • code) SYS MODE TERM INFO Hardware Model: VX810 • MODL VX810 Country of Manufacture: GEN = Generic • CTRY Keypad Type: 0 = TelCo, 1 = Calculator, 2 = •...
  • Page 54 To run a test on any inserted ICC or SAM cards, select SMART CARD DIAG (F2) SYS MODE DIAGS functions are reserved for REMOTE DIAGS (F2) VeriFone use only. REMOTE DIAGS F2 To use the debugging tool, select DEBUGGER F3 DEBUGGER (F3) HASH F4 To use the hash tool, select HASH (F4).
  • Page 55 YSTEM System Mode Menus Table 9 System Mode Menu 2 (continued) Display Action SYS MODE DIAGS To view the error logs, select ERROR LOG (F2) ERROR LOG F2 To view the tamper logs, select TAMPER LOG (F3) TAMPER LOG F3 To perform a diagnostic test on the V 810 CTLS CONTACTLESS DIAG F4...
  • Page 56 YSTEM System Mode Menus Table 9 System Mode Menu 2 (continued) Display Action SAM 1 This is the screen that is displayed when an inserted SAM card is successfully tested. POWER UP: PASSED GET ATR: PASSED This is the screen that is displayed when there is no SAM 2 inserted SAM card in the slot being tested.
  • Page 57 YSTEM System Mode Menus Table 9 System Mode Menu 2 (continued) Display Action TERMINAL INFO DIAGS AND LOGS MAG CARD DIAG SYS MODE MENU 2 To view device configuration information, select MEMORY FUNCTIONS F2 TERMINAL INFO (F3) TERMINAL INFO F3 To abort any action at any step, press CANCEL CLOCK F4...
  • Page 58 YSTEM System Mode Menus Table 9 System Mode Menu 2 (continued) Display Action SYS MODE MENU To perform system diagnostic tests and view log information, select DIAGS AND LOGS (F3) SYSTEM INFO F2 DIAGS AND LOGS F3 SYS MODE DIAGS To perform a diagnostic test on the screen, select SCREEN DIAG (F2) SCREEN DIAG F2...
  • Page 59 DIAGS AND LOGS F3 SYS MODE DIAGS To perform remote diagnostic tests, select REMOTE DIAGS (F2) REMOTE DIAGS F2 This option is reserved for VeriFone use only, and DEBUGGER F3 requires the loading of a Device Management Agent. TERMINAL INFO DIAGS AND LOGS...
  • Page 60 YSTEM System Mode Menus Table 9 System Mode Menu 2 (continued) Display Action SYS MODE MENU To perform system diagnostic tests and view log information, select DIAGS AND LOGS (F3) SYSTEM INFO F2 DIAGS AND LOGS F3 SYS MODE DIAGS To use the debugging tool, select DEBUGGER (F3) REMOTE DIAGS F2...
  • Page 61 YSTEM System Mode Menus Table 9 System Mode Menu 2 (continued) Display Action SYS MODE DIAGS To view the error logs, select ERROR LOG (F2) ERROR LOG F2 TAMPER LOG F3 SYS MODE ERR LOG The error log screens display internal diagnostic information about the most recent unrecoverable TYPE software error.
  • Page 62 YSTEM System Mode Menus Table 9 System Mode Menu 2 (continued) Display Action TERMINAL INFO DIAGS AND LOGS TAMPER LOG SYS MODE MENU 2 To view device configuration information, select MEMORY FUNCTIONS F2 TERMINAL INFO (F3) TERMINAL INFO F3 To abort any action at any step, press CANCEL CLOCK F4 SYS MODE MENU...
  • Page 63 YSTEM System Mode Menus Table 9 System Mode Menu 2 (continued) Display Action SYS MODE CLOCK To adjust the current time one hour forward, select INCREMENT HOUR (F1) INCREMENT HOUR F1 EDIT TIME F2 To adjust the time, select EDIT TIME (F2) EDIT DATE F3 To adjust the date, select EDIT DATE (F3)

  • Page 64: Menu 3

    YSTEM System Mode Menus Menu 3 In this menu you can adjust screen contrast, change passwords, or perform IPP key loading. Table 10 System Mode Menu 3 Display Action SYS MODE MENU 3 To adjust screen contrast, select CONTRAST (F2). CONTRAST F2 To change passwords, select PASSWORDS (F3)
  • Page 65 YSTEM System Mode Menus Table 10 System Mode Menu 3 (continued) Display Action SYS MODE PASSWORD To change the password for a file group, type the FILE GROUP nn F2 Group ID (valid values are 1 to 15) of the group whose password you want to change.
  • Page 66 YSTEM System Mode Menus Table 10 System Mode Menu 3 (continued) Display Action SYS MODE PASSWORD To continue, enter the required password. GROUP nn PASSWORD The default group password is “Z66831 ” This is _ _ _ _ _ _ _ _ _ _ entered as: 1 ALPHA ALPHA 6 6 8 3 1, then press ENTER.

  • Page 67: Hapter

    VeriShield security architecture, VeriFone has established a centralized VeriFone Certificate Authority, or VeriFone CA. This agency is responsible for managing keys and certificates. The VeriFone CA uses an integrated set of software tools to generate and distribute digital certificates and private cryptographic keys to customers who purchase the V 810.

  • Page 68: Special Files Used In The File Authentication Process

    Private key *.key Digital certificate *.crt All digital certificates are generated and managed by the VeriFone CA, and are distributed on request to V 810 clients – either internally within VeriFone or externally to sponsors. All certificates issued by the VeriFone CA for the V...
  • Page 69 To establish the logical security of applications to download to a V 810, the designated signer uses the signer private key issued by the VeriFone CA as this is a required input to the VeriShield File Signing Tool. A signature file is generated using a signer private key. Successful authentication depends on whether the signer private key used to sign the target file matches the signer certificate stored in the device’s certificate tree.

  • Page 70: How File Authentication Works

    UTHENTICATION Introduction to File Authentication How File File authentication consists of three basic processes: Authentication Development: The VeriShield File Signing Tool creates a signature file for Works each application file to authenticate. Pre-deployment: An optimal certificate structure is determined, and the necessary certificates and keys are created.
  • Page 71 Smart card containing a set of certificates and private key Smart card PIN The VeriFone CA sends the smart card and smart card PIN to the sponsor. The sponsor uses the smart card and smart card PIN as inputs for the deployment process.
  • Page 72 UTHENTICATION Introduction to File Authentication The following diagram describes the pre-deployment process. Figure 27 The Pre-Deployment Process Deployment Process In this process: The sponsor provides the application file (from the development process), the smart card, and smart card PIN (from the pre-deployment process) as inputs to VeriShield.
  • Page 73 UTHENTICATION Introduction to File Authentication If a matching application file is found, the operating system compares the signature file’s signature against the values stored in the application file’s calculated signature. If these values match, the operating system marks the application file “authenticated”...

  • Page 74: Planning For File Authentication

    UTHENTICATION Introduction to File Authentication Planning for File File authentication is an integral part of every V 810 device. To safeguard the Authentication device’s logical security, the file authentication module requires that any executable code file must be successfully authenticated before the operating system allows it to execute on the device.
  • Page 75 UTHENTICATION Introduction to File Authentication It is not mandatory to always download a signature file and its target application file at the same time. For example, you can download the corresponding signature file in a separate operation. A non-authenticated application can reside in the device’s memory, but is not authenticated or allowed to run on the device until the signature files for the application executable files are processed by the file authentication module after a subsequent download procedure and device restart.

  • Page 76: Digital Certificates And The File Authentication Process

    Digital Certificates The file authentication module always processes certificates before it processes and the File signature files. Digital certificates (*.crt files) generated by the VeriFone CA have Authentication two important functions in the file authentication process: Process •...
  • Page 77 810 is called a development device. Typically, a sponsor requests an additional set of digital certificates from the VeriFone CA to establish sponsor and signer privileges. This additional set of certificates are downloaded onto the V 810 when the device is being prepared for deployment and replaces the default certificate.
  • Page 78 While the application development process is being completed and while the new application is being tested on a development device, a sponsor can order specific sponsor and signer certificates from the VeriFone CA to use to logically secure sponsor and signer privileges when the V 810 is prepared for deployment.
  • Page 79 Ultimately, it is the sponsor’s decision how to implement the logical security provided by file authentication on a field-deployed device. Additional certificates can be obtained from the VeriFone CA anytime to implement new sponsor and signer relationships in deployment devices. VeriShield allows for multiple sponsors and signing certificates in a device.
  • Page 80 VeriFone CA, are required for the file sign and authenticate: signing process, as well as the application files you want to sign and authenticate: Default signer certificate, with the •...

  • Page 81: File Authentication And The File System

    To do this, the original sponsor must order a Clear Smart Card from the VeriFone CA. The Clear Smart Card is specific to the requesting sponsor. It restores a deployment device to the development state by: •...
  • Page 82 UTHENTICATION File Authentication and the File System This system of partitions and sub-partitions makes it possible to store multiple applications into a device’s memory and prevent these applications from overlapping or interfering with each other’s operation. There are a total of 16 file groups. Group 0 is the name of the operating system partition.
  • Page 83 UTHENTICATION File Authentication and the File System • An application stored in Groups 2–15 can only access files stored in its own file group and in Group 15. For example, an application authorized by the sponsor to be authenticated in Group 4 can only access files and libraries stored in Group 4 and Group 15.
  • Page 84 UTHENTICATION File Authentication and the File System If the signature file authenticates its target file and the *FA variable is present in the config.sys file of the target file group and is set to 0, the signature file is erased when its target file is authenticated.

  • Page 85: Verishield File Signing Tool

    Command-line mode (Windows PC DOS shell): Command-line mode is useful for application developers who perform batch file downloads and is convenient when using file download tools provided by VeriFone, such as the VeriCentre Download Management Module (DMM) and the DDL.EXE direct download utility.

  • Page 86: Command-Line Entries

    Use the VXSIGN.KEY default signer private key for development devices. Use the signer private key provided by the VeriFone CA for deployment devices. -P, -p Signer password for decrypting Required input only for the signer private key.
  • Page 87 UTHENTICATION VeriShield File Signing Tool Table 15 Command-Line Mode Switches for VeriShield File Signing Tool Switch Description Requirements -F, -f Name of the application file to Required for development sign (*.out, *.lib, or other file type). devices and for deployment devices.

  • Page 88: Command-Line Mode Syntax Example

    There are two differences: • The default signer certificate and default signer key file names provided by VeriFone as part of the V 810 SDK are entered on the command line instead of customer-specific customer signer certificate and customer signer private key file names.
  • Page 89 VeriShield File Signing Tool • Press ALT+F or click the [...] button to the right of the File to be signed field to locate and select the application file (*.out, *.lib, or other) to sign. If necessary, the filename can also be modified. To store the file in flash ROM memory upon download to the device, check the Stored in Flash check box.
  • Page 90 VeriShield File Signing Tool 810 R EFERENCE UIDE...

  • Page 91: Hapter

    HAPTER Performing Downloads This chapter contains information and procedures to allow you to perform the various types of data transfers required to: • Develop applications for the V 810. • Prepare the V 810 for deployment. • Maintain V 810 installations in the field. •...

  • Page 92: Download Tools

    (Direct Download Utility). Because of the large size of some download files, VeriFone recommends only NOTE using download tools provided by VeriFone. CRC and other error checking is not supported on the GSM system. VeriFone download tools provide these error checking mechanisms.

  • Page 93: Download Content

    • Operating system files: A set of related programs and data files provided by VeriFone to control the device’s basic processes and functions. Files that belong to the OS are stored in a reserved area of the device’s memory. A complete OS is downloaded onto each V 810 during the manufacture.

  • Page 94: Full And Partial Downloads

    ERFORMING OWNLOADS Full and Partial Downloads Full and Partial When preparing to initiate a download procedure, choose either a full or partial Downloads download and the COM 2 port, through the system mode menu options (refer to Chapter 4). Depending on the type of files you are downloading and the download method you are using, there are some restrictions on whether a full or partial download is permitted.
  • Page 95 • Full OS downloads are usually performed by VeriFone at the factory and, on occasion, by those who deploy devices on-site to upgrade older devices to a newer OS version.

  • Page 96: Support For Multiple Applications

    ERFORMING OWNLOADS Support for Multiple Applications • Partial OS downloads are performed mainly by VeriFone for development purposes and are rarely performed in the field. • Partial downloads are routinely performed by many applications. This procedure, which can be automated by an application running on a remote...

  • Page 97: The Main Application Is Always Stored In Gid1

    ERFORMING OWNLOADS Use of SRAM and Flash ROM Memory The Main The main application stored in GID1 is the controlling application for the device. Application is Any function call that invokes a related program or a secondary application stored Always Stored in in GIDs 2–14 must be initiated by the GID1 application.

  • Page 98: Defragment Flash Rom For Application Downloads

    ERFORMING OWNLOADS Use of SRAM and Flash ROM Memory In a typical download procedure, all files are loaded onto the SRAM file system of the target group selected in system mode. Specific files included in the download package must be redirected, as necessary, to the flash ROM file system of the target group or to the SRAM or flash ROM file system of another file group.
  • Page 99 ERFORMING OWNLOADS Use of SRAM and Flash ROM Memory To redirect a file from the SRAM of the target group to the flash ROM memory of the same file group, insert the zero-length SETDRIVE.F file into the batch of application files to download. All files that follow the SETDRIVE.F file in the download list automatically load into the flash ROM memory (F:) of the target group.

  • Page 100: Redirecting Files To Other File Groups

    ERFORMING OWNLOADS Use of SRAM and Flash ROM Memory Redirecting Files to GID1 is the default system mode setting for performing downloads. Using the Other File Groups system mode menu options, you can select another file group (GID 2–15) as the target group for the application download.

  • Page 101: Using Ddl.exe To Automatically Redirect Files

    ERFORMING OWNLOADS Use of SRAM and Flash ROM Memory If FOO.OUT is authenticated, the GID1 application, FOO.OUT, executes as specified by the *GO variable when the device restarts following successful file authentication. The function library stored in GID15 can be shared by both applications, as both Group 1 and Group 2 applications can access Group 15.

  • Page 102: File Redirection In Operating System Downloads

    ERFORMING OWNLOADS Use of SRAM and Flash ROM Memory File Redirection in When performing an operating system download, you must download the OS files Operating System into Group 1 SRAM and not into flash ROM memory or into another file group. Downloads OS files are downloaded onto Group 1 SRAM because it is not possible to download these files directly into Group 0.

  • Page 103: File Authentication Requirements

    ERFORMING OWNLOADS File Authentication Requirements File Chapter 5 provided a general introduction to the file authentication process. Now Authentication we become more task-oriented and see how the file authentication process Requirements affects how to perform the various download procedures. Required The following are some important points to remember about how certificates and Certificates and signature files relate to application download procedures:...

  • Page 104: The File Authentication Process During An Application Download

    ERFORMING OWNLOADS File Authentication Requirements The File In the following example of a typical file authentication process, it is assumed that: Authentication • An application is being downloaded to prepare a V 810 deployment device for Process During an deployment. That is, a sponsor certificate and a signer certificate are Application downloaded in batch mode to GID1 SRAM of the receiving device, together Download...
  • Page 105 ERFORMING OWNLOADS File Authentication Requirements If one or more certificates fail to authenticate, the ensuing file authentication process based on signature files also fails, resulting to an application not authenticated and not allowed to execute on the device. When a certificate file is authenticated, the data it contains is added to the certificate tree and the certificate file is deleted from the SRAM.

  • Page 106: File Group Permissions

    For example, if the device owner specifies storing a loyalty application in GID2, the information is encoded in the sponsor and signer certificates and issued by the VeriFone CA for that device. Chapter 5 discussed how signer certificates are required inputs to the VeriShield File Signing Tool when preparing a deployment device.

  • Page 107: Download An Operating System Update Provided By Verifone

    An encrypted list of the new files, called VFI.PED. • A signature file generated by the VeriFone CA under the authority of a higher-level OS partition sponsor certificate, called VFI.crt. The file authentication logic on the receiving device uses this signature file to confirm the origin and authenticity of the encrypted list of files, VFI.PED.

  • Page 108: File Authentication For Back-To-Back Application Downloads

    If the power supply to the receiving device is accidentally cycled during an CAUTION operating system download procedure, the device may permanently lock up. In that case, return the device to VeriFone for service. File Authentication When performing a back-to-back application download between two V...

  • Page 109: Timing Considerations Due To The Authentication Process

    ERFORMING OWNLOADS File Authentication Requirements • Downloaded certificates (receiving device) must synchronize with the certificate data present in the certificate tree. “Synchronized” means that the certificate tree of the receiving device can be no more than one revision out-of-sync with the certificate tree on the sending device or the files on the receiving device do not successfully authenticate.

  • Page 110: Optimize Available Memory Space For Successful Downloads

    ERFORMING OWNLOADS Effect of Downloads on Existing Files and Data Optimize Available One certificate file or signature file requires approximately 400 bytes of memory Memory Space for space. The application designer must account for the extra memory required to Successful download and store these special files.

  • Page 111: Set Up The Download Environment

    ERFORMING OWNLOADS Set Up the Download Environment • All current passwords are retained on the receiving device during an application or operating system download (direct and back-to-back). These include the system mode password and file group passwords. If required, you can replace existing file group passwords with new values as part of the data transfer operation.

  • Page 112: Cable Connection For Direct Downloads

    ERFORMING OWNLOADS Set Up the Download Environment Cable Connection A special dongle cable, VPN 08362-01-R, is provided for direct downloads. This is for Direct the generic cable for all RS-232-based hosts. Downloads The following steps describe how to establish the cable link between the sending host computer and the receiving V 810 device using the special dongle cable: Connect the 14-pin header end of the cable to the V...

  • Page 113: Direct Application Downloads

    ERFORMING OWNLOADS Set Up the Download Environment Direct Application This section provides the hardware and software checklist needed for direct Downloads application downloads. The procedure for direct application downloads is also discussed. Hardware Checklist The correct cable connects the download computer serial port (COM2) to the RS- 232 serial port (COM2) of the V 810.

  • Page 114: Checklist For Effects On Files And Settings In The Receiving Device

    Table 17 Common Steps to Start a Download Step Display Action VERIFONE VX810 At startup, the device displays a copyright notice screen that shows the device model QG000829 number, the OS version of the V 810 stored in 03/29/2007 VERIX the device’s flash ROM memory, the date the...
  • Page 115 Step Display Action DOWNLOAD ALL FILES FROM Under the following conditions, the device will USB MEMORY STICK automatically download the file VeriFone.zip YES F2 from a USB flash drive without the user having NO F3 to go through System Mode: The USB flash drive is connected before •...
  • Page 116 ERFORMING OWNLOADS Set Up the Download Environment The following table describes the specific steps required for performing a direct application download. Table 18 Direct Application Download Procedure Step Display Action SYSTEM MODE DOWNLOAD Type the Group ID (valid values are 2 to 15) of the group into which you want to download GROUP ID: nn files to.
  • Page 117 ERFORMING OWNLOADS Set Up the Download Environment Table 18 Direct Application Download Procedure (continued) Step Display Action SYS MODE DOWNLOAD Gnn During download, a line of asterisks appears that shows the percentage of completion. _ _ _ _ _ _ _ Each asterisk equals approximately 10% of DOWNLOADING NOW the download.
  • Page 118 ERFORMING OWNLOADS Set Up the Download Environment Table 18 Direct Application Download Procedure (continued) Step Display Action **VERIFYING FILES** The file authentication module continues to COMPARE SIGNATURE authenticate any new signature files downloaded with the OS files. FILENAME.P7S When the signature file authentication routine FILENAME.OUT starts, the status display informs you of the progress of the authentication process.

  • Page 119: Direct Operating System Downloads

    CONFIG.SYS file as part of the download operation. The following files provided by VeriFone CA for full OS downloads must reside on the host computer: The new OS version or OS update (Q*.out, 1*.out, 2*.out, 3*.out, 4*.out, 5*.out, •...

  • Page 120: Direct Operating System Download Procedure

    ERFORMING OWNLOADS Direct Operating System Downloads The certificate tree that exists on the receiving device is not modified unless one or more new certificate files required to authenticate the new OS are being downloaded onto the device. When new certificates authenticate on the receiving device, the data they contain is stored in the certificate tree and the certificate files are deleted from the Group 1 SRAM.
  • Page 121 ERFORMING OWNLOADS Direct Operating System Downloads Table 19 Direct Operating System Download Procedure Step Display Action SYS MODE DOWNLOAD Gnn For a full download, select FULL (F3) FULL F3 For a partial download, select PARTIAL (F4) PARTIAL F4 To return to , press the PF1 SYS MODE MENU 1 key.
  • Page 122 ERFORMING OWNLOADS Direct Operating System Downloads Table 19 Direct Operating System Download Procedure Step Display Action **VERIFYING FILES** When the OS download is complete, the CHECK CERTIFICATE device restarts automatically. The file authentication module on the receiving device (FILENAME.CRT) begins to check for new certificate (*.crt) and signature (*.p7s) files included in the **AUTHENTIC** download.
  • Page 123 ERFORMING OWNLOADS Direct Operating System Downloads Table 19 Direct Operating System Download Procedure Step Display Action **VERIFYING FILES** The file authentication module continues to COMPARE SIGNATURE authenticate new signature files downloaded with the OS files. FILENAME.P7S When the signature file authentication routine FILENAME.OUT starts, the status display informs you of the progress of the authentication process.

  • Page 124: Back-To-Back Application Downloads

    ERFORMING OWNLOADS Back-to-Back Application Downloads Back-to-Back This section provides the hardware and software checklist needed for back-to- Application back application downloads. The procedure for back-to-back device downloads is Downloads also discussed. Hardware Checklist The correct serial cable connects the RS-232 serial ports of the sending and receiving V 810 devices (refer to Cable Connection for Back-to-Back Application...

  • Page 125: Back-To-Back Application Download Procedure

    ERFORMING OWNLOADS Back-to-Back Application Downloads The OS software on the receiving device is not affected by a back-to-back application download. OS files cannot be downloaded on a back-to-back operation. Note: An application upload does not overwrite the existing certificate tree on the receiving device.
  • Page 126 ERFORMING OWNLOADS Back-to-Back Application Downloads Download Application Files to Receiving Device Configure a sending device for an application download operation to a deployment device: • If the *FA variable (if present in the application) is set to 0, you can reset it to 1.
  • Page 127 ERFORMING OWNLOADS Back-to-Back Application Downloads The following diagram describes the procedure for a back-to-back application download from a sending V 810 device to a receiving V 810 device. Figure 36 Back-To-Back Download Process 810 R EFERENCE UIDE...
  • Page 128 ERFORMING OWNLOADS Back-to-Back Application Downloads Back-to-back downloads require that one device, the sending device, be loaded with the required applications. The receiving device is the receiving device. The procedure assumes the following: • The receiving device has no applications loaded. •...
  • Page 129 ERFORMING OWNLOADS Back-to-Back Application Downloads Table 20 Back-to-Back Application Download Procedure Step Display Action SYS MODE DOWNLOAD Gnn To abort the download, select CANCEL DOWNLOAD (F3) WARNING ALL FILES WILL BE To proceed with the download, select CLEARED FROM GROUP 1 CONTINUE (F4) CANCEL DOWNLOAD F3 CONTINUE F4...
  • Page 130 ERFORMING OWNLOADS Back-to-Back Application Downloads 810 R EFERENCE UIDE...

  • Page 131: Hapter

    HAPTER Specifications This chapter describes the technical specifications for the V 810 device. Product Specifications Model Processor 200 MHz Samsung S3C2410 ARM920 32-bit microprocessor Flash ROM 4MB installed (expandable to 8MB or 16MB) SRAM 2MB installed (expandable to 4MB) Operating System Verix V platform.

  • Page 132: 810 Duet

    PECIFICATIONS Product Specifications (Optional) Base unit. 810 DUET • Thermal printer with graphics capabilities; 18 lines per second; 24, 32 or 42 columns; standard paper roll 58 mm (2.25 in.) x 25M, single ply. • Standard 14.4k bps modem. • USB 1.1 port supports flash memory devices.

  • Page 133: Physical

    Input: AC 100-240V, 50-60Hz. Output: DC 5-12V. 2.5-W maximum consumption. Environmental, The V 810 meets all the necessary environmental, regulatory and performance Regulatory and standards for its intended use and expected market. VeriFone recognizes its Performance responsibility to minimize the environmental impacts of its operations and Specifications products.
  • Page 134 PECIFICATIONS Environmental, Regulatory and Performance Specifications Immunity Standards This device is compliant to the following immunity standards for information technology equipment: Immunity Limits & Methods of Measurement (EN 55024:1998+A1:2001+A2:2003), Electrostatic Discharge (ESD) Immunity (IEC 61000-4-2:2001), Radiated Immunity (IEC 61000-4-3:2006), Electrical Fast Transients (EFT) Burst Immunity (IEC 61000-4-4:2004), Surge (IEC 61000-4- 5:2005), Conducted Immunity (IEC 61000-4-6:2004+A1:2004+A2:2006), Magnetic Field Susceptibility (IEC 61000-4-8:2001), Voltage Dips (IEC 61000-4-...

  • Page 135: Hapter

    810 device, or any of its attachments or accessories. If your device is not working properly, take it to the nearest authorized service facility for servicing or replacement. For your safety, have this device serviced only by a VeriFone-authorized service provider. 810 R EFERENCE...

  • Page 136: Care And Additional Safety Information

    ARE AND AINTENANCE Additional Safety Information Additional The following are additional information for your safety in using this device. Safety Information Power Adapter Use only the power adapter that came with your device. Adapters for other electronic devices may look similar, but they may affect your device’s performance or damage it.

  • Page 137: Hapter

    Return Authorization (MRA) number. The following procedure describes how to return one or more V 810 devices for repair or replacement (U.S. customers only). Customers outside the United States are advised to contact their local VeriFone NOTE representative for assistance regarding repair or replacement of their V devices.
  • Page 138 • In the Inquiry field, specify “VeriFone MRA Department” followed by the information you gathered in Step 1 and the description of the problem you are having with each device. An MRA representative will contact you and provide you with your MRA numbers.

  • Page 139: Accessories And Documentation

    (837-4366), Monday - Friday, 7 A.M. - 8 P.M., Eastern time • International – Contact your VeriFone representative Power Pack Contact your local VeriFone distributor to determine which power pack or power cord fits your needs. CPS 11212-3A-R DC Power Supply...

  • Page 140: Documentation

    ERVICE AND UPPORT Accessories and Documentation Documentation For the V VPN 24961 810 Quick Installation Guide VPN 24963 810 Installation Guide VPN 24960 810 Certifications and Regulations Sheet VPN 28601 810 CTLS Quick Installation Guide VPN 28600 810 CTLS Certifications and Regulations Sheet VPN 24968 810 DUET Quick Installation Guide VPN 24969...

  • Page 141: Hapter

    Do not, under any circumstance, attempt to disassemble the device. Perform only those adjustments or repairs specified in this guide. For all other services, contact your local VeriFone service provider. Service conducted by parties other than authorized VeriFone representatives may void warranty.

  • Page 142: Device Does Not Dial Out

    • Replace the telephone cable that connects the device with a cable you know is working correctly. • If the problem persists, contact your local VeriFone service provider. Keypad Does If the keypad does not respond properly: Not Respond •...

  • Page 143: Ppendix

    PPENDIX System Messages This appendix describes system messages, which are grouped into two categories: error messages and information messages. Error Messages The following error messages may appear when the V 810 device is in system mode. This message displays when is selected and DEBUGGER F5 SYS MODE MENU 2...

  • Page 144: Information Messages

    (optional) Terminal Management Agent (TMA) software is not resident in the MANAGEMENT AGENT 810 device. The TMA software is required to perform remote diagnostics. For more information about support for remote diagnostics, contact your VeriFone service provider. In back-to-back downloads, the Target (receiving) device displays this message...
  • Page 145 : Contains the illegal address that the application was trying to access. ADDR If you report a system error to VeriFone, you may be asked to provide the information displayed on this screen. For detailed information about the error log function and the terms listed above, please refer to the Verix V Programmers Manual.
  • Page 146 YSTEM ESSAGES Information Messages This message is displayed when you initiate a local diagnostic test of the device SYS MODE KBD TEST keyboard through . When invoked, the KEYBOARD DIAG F1 SYS MODE MENU 3 KEYCODE NN decimal ASCII keycode of each key pressed appears to the right of .
  • Page 147 Information Messages If you are using the file compression module in DMM, information similar to that UNZIP STUFF.ZIP displayed appears when a compressed file archive downloaded onto the device MYPROG.OUT decompresses (unzipped), and the files extract from the archive. MYDATA.TXT 6X8.FON 10X14.FON This message is displayed when the file authentication module detects a new...
  • Page 148 Information Messages 810 R EFERENCE UIDE...

  • Page 149: B Port Pinouts Multi-Port

    PPENDIX Port Pinouts The tables in this appendix list pinouts for the V 810 device, dongles, and cable connectors. Multi-Port Connector Function Description EXTGND External Ground USB_DEVICE– USB Device Signal (–) USB_DEVICE+ USB Device Signal (+) SGND System Ground RXD_HOST RS-232 Receive Data TXD_HOST RS-232 Transmit Data...
  • Page 150 INOUTS COM Port 810 R EFERENCE UIDE...

  • Page 151: Appendix

    PPENDIX ASCII Table ASCII Table An ASCII table for the V 810 is presented below. Table 21 810 ASCII Table ASCII ASCII ASCII ASCII " & 810 R EFERENCE UIDE...
  • Page 152 ASCII Table Table 21 810 ASCII Table ASCII ASCII ASCII ASCII < > 810 R EFERENCE UIDE...

  • Page 153: Glossary

    LOSSARY Application ID An alphanumeric code that Short for binary digit. Either of the two digits 0 identifies an application downloaded onto a device and 1 in the binary number system. Also, a unit of from a download computer. For ZonTalk 2000 information equal to one binary decision.
  • Page 154 LOSSARY Default Input A value, parameter, option, or attribute that The process of entering data into a is assigned by the program or system when another processing system or a peripheral device such as a has not been assigned by the user. PIN pad terminal, or the data that is entered.
  • Page 155 CONFIG.SYS files, enable a host or download PTID Permanent Terminal ID. An optional identifier computer to identify to device configuration. that can be permanently assigned to a VeriFone Password A group of characters that identify a device at the factory, upon customer request. The...
  • Page 156 VeriFone for Serial port A connection point through which service.
  • Page 157 LOSSARY Terminal ID An alphanumeric code that identifies a terminal to a download computer. In this way, the download computer can determine what data or applications to download to that terminal. For ZonTalk 2000 downloads, the V 810 terminal ID is stored in the *ZT record in the CONFIG.SYS file.
  • Page 158 LOSSARY 810 R EFERENCE UIDE...
  • Page 159 VeriCentre effects on files and settings VeriCentre DMM hardware checklist DUKPT procedure software checklist back-to-back downloads error messages Certificate Authority, VeriFone cleaning kit file authentication contactless Certificate Authority, VeriFone contactless module file system using authenticate files file groups...
  • Page 160 NDEX special files product (V 810) digital certificate features and benefits signer certificate flexibility and future-proofing sponsor certificate reliability and security digital signature ultra sleek PIN pad signer private keys overview file groups service and support host computer downloads accessories and documentation cleaning kit connectivity cables keypad...
  • Page 161 NDEX operating system primary smart card reader troubleshooting processor blank display security access module card reader device does not dial out SRAM display does not show correct/readable info supported memory media voltage keypad does not respond system mode USB downloads entering menus menu 1...
  • Page 162 VeriFone, Inc. 2099 Gateway Place, Suite 600 San Jose, CA, 95110 USA 1-800-VERIFONE www.verifone.com Reference Guide VeriFone Part Number 24964, Revision B...

Table of Contents