References; Ipp Specification; Giske Specification; Security Module - VeriFone MX800 series Programmer's Manual
Hide thumbs
Also See for MX800 series:
- Installation manual (40 pages) ,
- Troubleshooting manual (18 pages) ,
- Ethernet installation (12 pages)
Table of Contents
Advertisement
References
IPP Specification
GISKE Specification
Security Module
VeriShield
Security Scripts
APIs
Software Technical Specification IPP7 VDN 06xxx
Software Technical Specification PP1000se & IPP8 VDN 23143
Appendix 15 of the Verix V Programmer's Guide, VDN 23230
Global Interoperable Secure Key Exchange Key Block Specification V2.3.
ACI Worldwide, HP Atalla, Diebold, Thales e-Security, VeriFone, Inc.
This section describes M
and cryptography. The functions are divided into two groups:
•
Verishield Security Scripts (VSS) functions that are related to the use of
scripts to support custom key managements beyond the usual DUKPT and
M/S schemes.
•
Generic functions that provided services related to security and
cryptography such as DES, AES, SHA-1, RSA computation support, file
encryption support, random generation, tamper detection status, file
authentication and OS file upgrades.
x
The M
800 series of terminals support the VeriShield Security Scripts concept as
implemented in the SC 5000 PINpad and Verix V family of terminals. Existing
scripts will run on the M
modifications. All VSS-related functions listed below are defined in the header file
svcsec.h. Applications must link with the libvfisec.so library by using -
lvfisec.
Refer to the document VeriShield Security Scripts, VDN 21883 for detailed
information on how to implement a security script.
In its default configuration, the unit supports two key management schemes
through the IPP emulation: DUKPT and Master/Session. Those two schemes
should meet the needs of most of the customers and since they are hard coded,
no customization of the security module is required.
For customers who need more flexibility, the VeriShield Security Script feature
provides support for:
•
different key management schemes,
•
different PIN block formats such as PVV, CVV, IBM3624,
•
different encryption algorithms such as triple-DES, AES, RSA.
All the information is written in a script file (ASCII) using a .VSS extension. This
script is processed by a PC tool and converted into a downloadable file (*.VSO).
The download is protected by the PEDguard File Authentication (FA) module.
Therefore, the VeriShield Security Script file will have to be downloaded along
with its signature file generated with the VeriShield File Signature Tool.
x
800 series of terminals function calls related to security
x
800 series terminal platform without requiring any
D
X
M
800 S
P
ERIES
ROGRAMMERS
D
EVICE
RIVERS
References
57
G
UIDE
Advertisement
Table of Contents
