MX 900 Series
Reference Manual
MX 900 Series Reference Manual
Part Number SPC132-020-01-A, Revision A
September 14, 2012
VeriFone®, Inc.
2099 Gateway Place
Suite 600
San Jose, CA 95110
Telephone: 408-232-7800
http://www.verifone.com
Printed in the United States of America.
© 2012 by VeriFone, Inc.
No part of this publication covered by the copyrights herein may be reproduced or
copied in any form or by any means — graphic, electronic, or mechanical, including
photocopying, taping, or information storage and retrieval systems — without written
permission of the publisher.
The contents of this document and all features and specifications are subject to
change without notice. The information contained herein does not represent a
commitment on the part of VeriFone, Inc.
Publications are not stocked at the address given above. Requests for VeriFone
publications should be made to your VeriFone representative.
VeriFone, the VeriFone logo, and Ruby SuperSystem are registered trademarks of
VeriFone, Inc. Sapphire, Topaz, HPV-20, Ruby Manager, Everest, EASY ID, Electronic
Journal On-site, and Ruby Card are trademarks of VeriFone, Inc. in the U.S. and/or
other countries. All other trademarks or brand names are the properties of their
respective holders.
Contents
1. Introduction. . . . . . . . . . . . . . . . . . . . . . . . . . 1
2. Features . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5
Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5
Features and Benefits . . . . . . . . . . . . . . . . . . . . . . . . . . 6
Factory Options . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7
Applications . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8
Total Cost of Ownership . . . . . . . . . . . . . . . . . . . . . . . . . 8
Intended Audience . . . . . . . . . . . . . . . . . . . . . . . . . . 1
Document Organization . . . . . . . . . . . . . . . . . . . . . . . 1
Acronyms . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1
Modular Design. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5
Display Features . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6
Speakers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7
Optional Modules . . . . . . . . . . . . . . . . . . . . . . . . . . . 8
Contactless Reader Module . . . . . . . . . . . . . . . . . . . . . 8
3. File Authentication . . . . . . . . . . . . . . . . . . . . . 9
September 14, 2012
Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9
The VeriFone Certificate Authority. . . . . . . . . . . . . . . 10
Required Files . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10
How File Authentication Works . . . . . . . . . . . . . . . . . 12
Planning for File Authentication. . . . . . . . . . . . . . . . . . . 15
Download and Installation . . . . . . . . . . . . . . . . . . . . 15
How Signature Files Authenticate Target Files . . . . . . . 15
Determine Successful Authentication . . . . . . . . . . . . . 15
Digital Certificates and the File Authentication Process . 16
File Signing and Packaging Tools . . . . . . . . . . . . . . . . . . 19
VeriShield File Signing Tool (FST). . . . . . . . . . . . . . . . 19
Steps to Sign Files. . . . . . . . . . . . . . . . . . . . . . . . . . 19
Packaging Tool . . . . . . . . . . . . . . . . . . . . . . . . . . . . 20
ii MX 900 Series Reference Manual
4. System Mode . . . . . . . . . . . . . . . . . . . . . . . . . 21
When to Use System Mode . . . . . . . . . . . . . . . . . . . . . . . 21
Local and Remote Operations . . . . . . . . . . . . . . . . . . . . . 21
Verifying Terminal Status. . . . . . . . . . . . . . . . . . . . . . . . 22
Entering System Mode . . . . . . . . . . . . . . . . . . . . . . . . . . 22
Exiting System Mode . . . . . . . . . . . . . . . . . . . . . . . . . . . 24
System Mode Menus . . . . . . . . . . . . . . . . . . . . . . . . . . . 25
System Mode Procedures . . . . . . . . . . . . . . . . . . . . . . 25
Navigation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 25
Information Submenu . . . . . . . . . . . . . . . . . . . . . . . . 26
Administration Submenu . . . . . . . . . . . . . . . . . . . . . . 27
Transfer Submenu . . . . . . . . . . . . . . . . . . . . . . . . . . 30
Security Submenu . . . . . . . . . . . . . . . . . . . . . . . . . . 31
Diagnostics Submenu . . . . . . . . . . . . . . . . . . . . . . . . 33
Help Submenu. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 35
5. Performing Downloads . . . . . . . . . . . . . . . . . . 37
Requirements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 37
Direct Downloads. . . . . . . . . . . . . . . . . . . . . . . . . . . 38
DDL Command Line Syntax . . . . . . . . . . . . . . . . . . . . 38
DDL Command Line File . . . . . . . . . . . . . . . . . . . . . . 39
DDL Example. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 40
Download Procedures . . . . . . . . . . . . . . . . . . . . . . . . . . 40
Downloading without an Onboard Application . . . . . . . . 40
IBM ECR Downloads . . . . . . . . . . . . . . . . . . . . . . . . . 42
Network Download Utility . . . . . . . . . . . . . . . . . . . . . 42
PCLANCNV Utility. . . . . . . . . . . . . . . . . . . . . . . . . . . 42
File Signing and Signature Files . . . . . . . . . . . . . . . . . 45
6. VeriShield Remote Key (VRK) Ready Device . . . . 47
Check for Valid VRK RSA Keys . . . . . . . . . . . . . . . . . . . . . 47
7. PINpad Security Best Practices . . . . . . . . . . . . . 51
Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 51
Administrative Security Activities . . . . . . . . . . . . . . . . . . 51
Physical Security Activities. . . . . . . . . . . . . . . . . . . . . . . 52
Wireless Applications - Required Actions, Best Practices . . . 53
September 14, 2012
MX 900 Series Reference Manual iii
8. Terminal Specifications . . . . . . . . . . . . . . . . . . 55
Terminal Specifications . . . . . . . . . . . . . . . . . . . . . . . . 55
September 14, 2012
iv MX 900 Series Reference Manual
September 14, 2012
1 INTRODUCTION
This manual is your primary source of information for MX 900 Series technical
information.
Intended Audience
This manual is intended for system administrators, application developers, and
support personnel.
Document Organization
The following chapters are included:
Chapter 1, Introduction, explains the reference guide.
Chapter 2, Features, explains the features of the MX 900 Series terminals.
Chapter 3, File Authentication, discusses usage of the file signing utility, and
generating and authenticating the files on the MX 900 Series terminals.
Chapter 4, System Mode, provides information about the usage of System Mode,
local and remote operations, and terminal status verification.
Chapter 5, VRK Ready Device, explains how to check your MX 900 Series terminal
for a valid RSA Key Pair.
Chapter 6, Performing Downloads, provides information about requirements,
download procedures, and the PCLANCNV utility.
Chapter 7, PINpad Security Best Practices, details methods for minimizing fraud
through education, routine inspection, vendor management, and prompt action.
Chapter 8, Terminal Specifications, provides information on power,
environment, and dimensions of the hardware.
Acronyms
The following table describes the common acronyms used:
Convention Meaning
AC Alternating Current
ADA Americans with Disabilities Act
September 14, 2012
2 MX 900 Series Reference Manual
Convention Meaning
ATM Automated Teller Machine
BT Bluetooth
CDMA Code Division Multiple Access
CR Check Reader
CRC Cyclic Redundancy Check
CTLS Contactless
DDL Direct Download Utility
DIN Document Identification Number
DMM Download Management Module
DUKPT Derived Unique Key Per Transaction
DTK Developer’s Toolkit
DVD Digital Versatile Disc
ECR Electronic Cash Register
EDR Enhanced Data Rate
EE Electrical Engineering
EEPROM Electrically Erasable Programmable Read-Only Memory
EMV Europay MasterCard and VISA
FA File Authentication
GID Group Identification
GPIO General Purpose Input/Output
GPRS General Packet Radio Service
GSM Global System for Mobile Communications
HW Hardware
ICC Integrated Circuit Card
IO Input Output
ISM Industrial, Scientific, and Medical
LCD Liquid Crystal Display
LED Light Emitting Diode
MRA Merchandise Return Authorization
MSAM Micromodule-Size Security Access Module
MSR Magnetic Str ipe Reade r
NAND Not And (electronic logic gate)
September 14, 2012
MX 900 Series Reference Manual 3
Convention Meaning
PCB Printed Circuit Board
PCI Payment Card Industry
PED PIN Entry Devices
PIN Personal Identification Number
PKI Public Key Infrastructure
PLAN PinStripe Local Area Network
PLL Phase Lock Loop
PSP Payment Service Provider
PTID Permanent Terminal Identification Number
RAM Random Access Memory
RGB Red, Green, and Blue
RJ45 Registered Jack 45
RSSI Receive Signal Strength Indicator
RTC Real Time Clock
SAM Security Access Mo dule
SC Smart C ard
SDK Software Development Kit
SoG System-on-Chip
SRAM Static Random-Access Memory
TIFF Tagged Image File Format
USB Universal Serial Bus
UPF BT SIG Unplug Fest (UPF) Interoperability Testing
VPN VeriFone Part Number
WEP Wired Equivalent Privacy
WFA Wi-Fi Alliance
Wi-Fi Wireless Fidelity
September 14, 2012
4 MX 900 Series Reference Manual
September 14, 2012
2 FEATURES
This chapter contains information on the features of the MX 900 Series
terminals, the MX 915, and the MX 925.
For installation procedures, see the MX 900 Series Installation Guide.
Overview
The two new MX 900 Series models are the MX 915 and MX 925. The common
features between both models are: core hardware design based on the proven
MX 900 Series architecture (includes system processor, power management unit,
and backup power supervisor), compatibility with existing Berg cable, single
MSR head, smart card connector, microSD card slot, contactless antenna and
circuitry, audio codec with stereo speaker and headphone output, three SAM
card slots, support for 802.11n and Bluetooth wireless, IBM
support, and a low power or hibernation mode.
The MX 915 features a color 4.3" display with a capacitive touch panel and
keypad for user input.
The defining feature of the MX 925 is a color 7" screen with hardware
accelerated DVD quality video. It uses a capacitive touch panel with signature
capture capabilities and keypad for user input.
®
Tailgate protocol
Modular Design
The MX 900 Series terminals offer outstanding flexibility due to their modular
design. Both units feature a card edge connector on the bottom of the unit
facing the rear. I/O modules will connect to this edge connector. All external
connections to the units connect through this I/O module. This includes power,
USB, Ethernet, serial, and audio. Two of the I/O modules also have support for
the existing Berg connector and cabling.
September 14, 2012
6 MX 900 Series Reference Manual
Display Features
MX 915
The MX 915 has a 4.3-inch display with a resolution of 480 horizontal by 272
vertical pixels.
MX 925
The MX 925 is a 7-inch display with a resolution of 800 horizontal by 480 vertical
pixels.
Both displays are capable of 24 bit RGB color.
Features and Benefits
The following are features and benefits of the MX 900 Series terminals:
Features Benefit
Sophisticated Security All systems are PCI 3.x compliant. Includes
3DES encryption, Master Key/Session Key and
Derived Unique Key Per Transaction (DUKPT)
key management; also incorporates
VeriShield file authentication and tampering
safeguards.
Optional upgradable
modules
USB (Universal Serial Bus)
Device Connector
Serial Ports Provides connectivity for the Berg connector.
Security Board Both units have a microSD slot capable of
32-bit microprocessor Streamlines processing, even on complex
Lets customers economically address today's
needs, while adding capabilities as desired;
protects investment.
Allows LAN connections for high-speed data
transfer, back-end clearing, and settlement.
Supports connections to electronic cash
registers (ECRs) and PCs using USB or
Ethernet. USB Host functionality supports
other USB devices such as USB memory
drives.
supporting microSD cards up to 32GB. Both
units are capable of supporting up to three
SAM cards.
transactions.
September 14, 2012
MX 900 Series Reference Manual 7
Features Benefit
Flash and RAM Ample memory to support multiple payment
and value-added applications simultaneously.
High Resolution Display Supports sophisticated applications with full-
motion video. Both units are capable of
displaying video with a minimum frame rate
of 20 fps.
Smart card reader Accepts chip cards conforming to the latest
global standards.
Triple-track magnetic card
reader
Contactless Reader The contactless antenna is designed to
Touch Screen Both terminals have a capacitive touch
Audio MX 915 — One internal single speaker.
ADA Compatibility When a user plugs headphones in to the
Factory Options
Logically oriented for improved read rates;
handles magnetic stripe cards, including
drivers’ licenses.
accept a card when presented in either a
vertical or horizontal orientation.
panel.
Includes output jacks for external speakers.
MX 925 — Two internal speakers. Includes
output jacks for external speakers.
headphone jack on the left side near the
Stylus Holster, the terminal has the ability to
assist both visually and hearing impaired
individuals per the ADA standards.
Factory options are available for the MX 900 Series terminals, depending on your
needs.
Speakers
Both terminals have built-in speakers for tones and prompts. A line-out port is
available to drive externally powered speakers.
September 14, 2012
8 MX 900 Series Reference Manual
Optional Modules
The MX 900 Series offers upgradable modules that can be installed in the factory
or upgraded after distribution to the field. All modules can be installed easily
and efficiently. Complete installation instructions are found in the Installing
Optional Components section.
Contactless Reader Module
The MX 915 has a built-in contactless antenna. The MX 925 requires an external/
removable contactless module. The contactless feature is enabled in System
Mode. A smart card is read when it is placed above the MX 915 display or the
MX 925 contactless module reducing wear and tear on card readers and cards.
Contactless readers can be used to support any number of payment and valueadded applications. See Installing Optional Components in the MX 900 Series
Installation Guide for more information.
Applications
Standard payment applications are available from VeriFone to interface with
most ECRs. Applications for the terminals are written using a C-based
programming language. These programs can be downloaded directly from an
ECR or a development PC using the MX 900 Series terminal System Mode.
Terminal System Mode can also be used for diagnostics, changing the password,
and debit Key injection. See the System Mode chapter for more information.
To t a l C o s t o f O w n e r s h i p
The MX 900 Series terminals have been designed to be flexible and future proof,
delivering a low total cost of ownership.
The modular terminals can be configured at the factory or in the field by a
trained technician. The flexibility and versatility of the terminals allow use of
the terminals with different capabilities in different stores or locations. The
terminals can be purchased with the modules that meet today's requirements,
and other capabilities can be added as and when needed.
September 14, 2012
3 FILE AUTHENTICATION
This chapter discusses the following topics:
■ Introduces File Authentication (FA).
■ Explains how the file authentication process may affect the tasks
normally performed by application programmers, terminal deployers,
site administrators, or by entities authorized to download files to an
MX 900 Series terminal.
■ Describes how to use the file signing utility to generate the signature files
required to perform downloads and authenticate files on the MX 900
Series of terminals.
■ Presents Steps to Sign Files.
In the Performing Downloads chapter, the topic of file authentication is also
discussed in the context of specific file download procedures.
Overview
The MX 900 Series terminal has a security architecture, called VeriShield, which
has both physical and logical components. The logical security component of the
VeriShield architecture, which is part of the terminal’s operating system
software, is called file authentication (FA).
File Authentication is a secured process for authenticating files using digital
signatures, cryptographic keys, and digital certificates. This process enables the
sponsor of an MX 900 Series terminal to logically secure access to the terminal
by controlling who is authorized to download application files to that terminal.
It proves and verifies the following information:
■ File’s origin
■ Sender’s identity
■ Integrity of the file’s information.
September 14, 2012
10 MX 900 Series Reference Manual
The VeriFone Certificate Authority
To manage the tools and processes related to FA, VeriFone has established a
centralized VeriFone Certificate Authority, or VeriFone CA. This agency is
responsible for managing keys and certificates. The VeriFone CA uses an
integrated set of software tools to generate and distribute digital certificates
and private cryptographic keys to customers who purchase the MX 900 Series
terminal.
Required Files
The following specially formatted files support the FA process:
■ A digital certificate (*.crt file) is a digital, public document used to verify
the signature of a file.
■ A digital signature (*.p7s file) is a piece of information based on both the
file and the signer’s private cryptographic key. The file sender digitally
signs the file using a private key. The file receiver uses a digital
certificate to verify the sender’s digital signature.
■ Signer private keys are securely conveyed to clients on smart cards. On
MX 900, private keys are not kept in files. (The .key file in the File
Signing Tool is for legacy platforms supporting a default signer
certificate.) The secret passwords required by clients to generate
signature files, using signer private keys, are sent as PINs over a separate
channel such as registered mail or encrypted e-mail.
Digital certificates and signature files need not be secured to safeguard the
overall security of VeriShield.
The special file types that support the file authentication process are
recognized by their filename extensions:
File Type Extension
Signature *.p7s
Signer private key *.key
Digital Certificate *.crt
September 14, 2012
MX 900 Series Reference Manual 11
All digital certificates are generated and managed by the VeriFone CA, and are
distributed on request to MX 900 Series terminal clients — either internally
within VeriFone or externally to sponsors.
Note: All certificates that are issued by the VeriFone CA for the MX 900 Series
terminal platform, and for any VeriFone platform with the VeriShield
security architecture, are hierarchically related. That is, a lower-level
certificate can only be authenticated under the authority of a
higher-level certificate.
The security of the highest-level certificate called the platform root
certificate is strictly controlled by VeriFone.
The required cryptographically related private keys that support the file
authentication process are also generated and distributed by the
VeriFone CA .
Certificates Contain Keys that Authenticate Signature Files
■ Sponsor certificate: Certifies a client’s sponsorship of the terminal. It
does not, however, convey the right to sign and authenticate files. To
add flexibility to the business relationships that are logically secured
under the file authentication process, a second type of certificate is
usually required to sign files.
A sponsor certificate is authenticated under a higher-level system
certificate called the application partition certificate.
Note: Only one sponsor certificate is permitted per terminal.
■ Signer certificate: Certifies the right to sign and authenticate files for
terminals belonging to the sponsor.
A signer certificate is authenticated under the authority of a higher-level
client certificate (the sponsor certificate).
The required sponsor and signer certificates must either have been previously
downloaded and authenticated on the terminal, or they must be downloaded
together with the new signature files and target files for them to authenticate
correctly.
Signer Private Keys are Issued to Secure the File Signing Process
Signer private keys are loaded onto a smart card. This smart card is securely
delivered to the business entity that the terminal sponsor has authorized to
sign, download, and authenticate applications to run on the sponsor’s terminal.
The VeriFone CA can also issue additional sets of sponsor and signer certificates,
and signer private keys to support multiple sponsors and multiple signers for a
specific platform.
To establish the logical security of applications to download to an MX 900 Series
terminal, the designated signer uses the signer private key issued by the
VeriFone CA as a required input to the file signing tool. Every signature file
contains information about the signer private key used to sign it.
September 14, 2012
12 MX 900 Series Reference Manual
When a signature file generated using a signer private key downloads to the MX
900 Series terminal, a successful authentication depends on whether the signer
private key used to sign the target file matches the signer certificate stored in
the terminal’s certificate tree.
How File Authentication Works
File Authentication consists of three basic processes:
1. Certificate Request: An optimal certificate structure is determined, and
the necessary certificates and keys created.
2. Development: The file signing software tool creates a signature file for
each application file to authenticate.
3. Deployment: After the certificate and development processes are
completed, they are used in combination to prepare a terminal for
deployment.
Certificate Request
1. A sponsor connects to the VeriFone CA Web site and requests certificates
for deployment terminals.
2. Based on information provided by the sponsor through the VeriFone CA
Web site, the VeriFone CA determines the required certificate structure.
3. VeriFone CA generates the following items for the sponsor:
a. Smart card containing a set of certificates and keys.
b. Smart card PIN.
4. VeriFone CA sends the smart card and smart card PIN to the sponsor.
5. The sponsor uses the smart card and smart card PIN as inputs for the
deployment process.
September 14, 2012
Loading...