1. Manuals
  2. Brands
  3. VeriFone Manuals
  4. Touch terminals
  5. MX 900 Series
  6. Reference manual

Digital Certificates And The File Authentication Process - VeriFone MX 900 Series Reference Manual

Mx 900 series
Hide thumbs Also See for MX 900 Series:
Table of Contents

Advertisement

16
authenticated after a download. Confirm all downloaded files installed. If an
application file is not successfully authenticated, the operating system does not
allow it to install and run, either following the initial download or on subsequent
terminal restarts.

Digital Certificates and the File Authentication Process

File Authentication always processes certificates before it processes signature
files. Digital certificates (*.crt files) generated by the VeriFone CA have two
important functions in the FA process:
Hierarchical Relationships Between Certificates
All digital certificates are hierarchically related to one another. Under the rules
of the certificate hierarchy managed by the VeriFone CA, a lower-level
certificate must always be authenticated under the authority of a higher-level
certificate. This rule ensures the overall security of VeriShield.
To manage hierarchical relationships between certificates, certificate data is
stored in terminal memory in a special structure called a certificate tree. New
certificates are authenticated based on data stored in the current certificate
tree.
This means that a new certificate can only be authenticated under a higher-
level certificate already resident in the terminal's certificate tree. This
requirement can be met in two ways:
A higher-level production certificates is downloaded into each MX 900 Series
terminal at manufacture. When you take a new MX 900 Series terminal out of its
shipping packaging, certificate data is already stored in the terminal's
certificate tree.
To define the rules for file location and use (for example, replaceable
*.crt files, parent *.crt files, whether child *.crt files can exist, and
so on).
To convey the public cryptographic keys generated for terminal sponsors
and signers that are the required inputs to the file signing tool to verify
file signatures.
The higher-level certificate may have already been downloaded to the
terminal in a previous or separate operation.
The higher-level certificate can be downloaded together with the new
certificate as part of the same data transfer operation.
MX 900 Series Reference Manual
September 14, 2012
Show Quick Links

Hide quick links:

Advertisement

Table of Contents
loading

Related Manuals for VeriFone MX 900 Series

Related Content for VeriFone MX 900 Series

This manual is also suitable for:

Mx 915Mx 925

Table of Contents