VeriFone Vx810 Reference Manual page 69

Hide thumbs Also See for Vx810:

Reference manual (158 pages)

Installation manual (36 pages)

User manual (28 pages)

Table Of Contents

100

101

102

103

104

105

106

107

108

109

110

111

112

113

114

115

116

117

118

119

120

121

122

123

124

125

126

127

128

129

130

131

132

133

134

135

136

137

138

139

140

141

142

143

144

145

146

147

148

149

150

151

152

153

154

155

156

157

158

159

160

161

162

Table of Contents

Certificates Contain Keys That Authenticate Signature Files

•

A sponsor certificate certifies a client's sponsorship of the device. It does

not, however, convey the right to sign and authenticate files. To add flexibility

to the business relationships that are logically secured under the file

authentication process, a second type of certificate is usually required to sign

files.

A sponsor certificate is authenticated under a higher-level system certificate,

called the application partition certificate.

NOTE

Only one sponsor certificate is permitted per device.

•

A signer certificate certifies the right to sign and authenticate files for devices

belonging to the sponsor.

A signer certificate is authenticated under the authority of a higher-level client

certificate (the sponsor certificate).

The required sponsor and signer certificates must either have been previously

downloaded and authenticated on the device, or they must be downloaded

together with the new signature and target files to authenticate.

Signer Private Keys Are Issued to Secure the File Signing Process

Signer private keys are loaded onto a smart card. This smart card is securely

delivered to the business entity that the device sponsor has authorized to sign,

download, and authenticate applications to run on the sponsor's device.

NOTE

The signer private keys loaded onto the smart card is the only copy of the private

key.

The VeriFone CA can also issue additional sets of sponsor and signer certificates,

signer private keys to support multiple sponsors, and multiple signers for a

specific platform.

To establish the logical security of applications to download to a V

designated signer uses the signer private key issued by the VeriFone CA as this is

a required input to the VeriShield File Signing Tool.

A signature file is generated using a signer private key. Successful authentication

depends on whether the signer private key used to sign the target file matches the

signer certificate stored in the device's certificate tree.

ILE

UTHENTICATION

Introduction to File Authentication

810, the

810 R

EFERENCE

UIDE

Table of Contents

VeriFone Vx810 Reference Manual page 69

Related Manuals for VeriFone Vx810

Related Products for VeriFone Vx810

Table of Contents