Verifone VX675WCDMA Point of Sale Terminal User Manual

VeriFone Inc Point of Sale Terminal

User Manual.pdf

VeriFone Part Number  DOC265-004-EN-E, Revision E.3VERIFONECONFIDENTIALREVISION E.3 VX 675Reference Guide3DEF2ABC1QZ.4GHI7PRS*5JKL8TUV0-SPX6MNO9WXY# ’ ” ’
All rights reserved. No part of the contents of this document may be reproduced or transmitted in any form without the writtenpermission of VeriFone, Inc.The information contained in this document is subject to change without notice. Although VeriFone has attempted to ensure theaccuracy of the contents of this document, this document may include errors or omissions. The examples and sample programs arefor illustration only and may not be suited for your purpose. You should verify the applicability of any example or sample programbefore placing the software into productive use. This document, including without limitation the examples and software programs, issupplied “As-Is.”VeriFone, Inc.2099 Gateway Place, Suite 600San Jose, CA, 95110 USA1-800-VERIFONEwww.verifone.comVeriFone Part Number  DOC265-004-EN-E, Revision E.3VX 675 Reference Guide© 2013 VeriFone, Inc.VERIFONECONFIDENTIALREVISION E.3 VeriFone, the VeriFone logo, Omni, VeriCentre, and Verix are registered trademarks of VeriFone. Other brand names or trademarksassociated with VeriFone’s products and services are trademarks of VeriFone, Inc. All other brand names and trademarks appearing in this manual are the property of their respective holders. Comments? Please e-mail all comments on this document to your local VeriFone Support Team.
VX 675 REFERENCE GUIDE 3VERIFONECONFIDENTIALREVISION E.3 CONTENTSPREFACE  . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .  7Audience. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7Organization . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7Related Documentation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8Conventions and Acronyms . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8Document Conventions. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8Acronym Definitions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10CHAPTER 1Terminal Overview Features at a Glance . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12Features and Benefits  . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12Exceptional Ease of Use. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12Performance and Durability  . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13Security. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13Communication Technology . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13CHAPTER 2Terminal Setup Selecting Terminal Location . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 16Environmental Factors . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 16Electrical Considerations  . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 16Unpacking the Shipping Carton . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 17Examining Terminal Features. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 18Front Panel . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 18Examining Connection Ports  . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 19Power Supply . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 19Installing the Paper Roll . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 20Installing the SIM Card . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 22Installing the SD Card. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 23Using the Battery . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 23Battery Features . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 23Battery Behavior (No Power Pack). . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 24Manual Startup . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 24Manual Shutdown . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 24Connecting the Terminal Power Pack  . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 25Charging the Battery. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 26Battery Life . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 26Using the VX 675 Base Stations  . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 26USB Base . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 26Full-Feature Base . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 27Powering Up the Base . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 27Docking the Terminal on the Base . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 28Undocking the Terminal from the Base  . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 28Conducting Wireless Transactions. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 28Conducting Smart Card Transactions  . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 29Using the Magnetic Card Reader . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 29Connecting to USB Host. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 30
CONTENTS4VX 675 REFERENCE GUIDEVERIFONECONFIDENTIALREVISION E.3 VX 675 ECR (Fiscal Module) Support . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 31Customer Display . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 31VX 675 3G and GPS Support. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 31GPS Receiver . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 31Connecting by 3G . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 31CHAPTER 3Using the TerminalKeys Data Entry Modes. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 34Main Keypad. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 34Command Key Descriptions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 35CHAPTER 4Verix TerminalManager When to Use Verix Terminal Manager . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 37Local and Remote Operations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 38Verifying Terminal Status . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 38Entering Verix Terminal Manager. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 38File Groups. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 39Passwords . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 39System Password . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 40File Group Passwords. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 40Verix Terminal Manager Menus . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 40Verix Terminal Manager Procedures  . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 41Enter and Exit Verix Terminal Manager . . . . . . . . . . . . . . . . . . . . . . . . . . . . 42Menu 1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 45Menu 2 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 65CHAPTER 5File Authentication Introduction to File Authentication  . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 75The VeriFone Certificate Authority . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 75Special Files Used in the File Authentication Process . . . . . . . . . . . . . . . . . 76How File Authentication Works. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 77Planning for File Authentication  . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 82Digital Certificates and the File Authentication Process . . . . . . . . . . . . . . . . 85File Authentication and the File System . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 91VeriShield File Signing Tool . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 94VeriShield File Signing Tool System Requirements . . . . . . . . . . . . . . . . . . . 94Operating Modes for the VeriShield File Signing Tool . . . . . . . . . . . . . . . . . 94Command-Line Entries for the File Signing Tool  . . . . . . . . . . . . . . . . . . . . . 96Graphical Interface Mode for the VeriShield File Signing Tool . . . . . . . . . . . 98CHAPTER 6PerformingDownloads Downloads and Uploads. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 99Download Methods. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 99Download Tools . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 100Download Content . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 100Full and Partial Downloads. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 101Support for Multiple Applications . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 104How the File System Supports Multiple Applications . . . . . . . . . . . . . . . . . 104The Main Application is Always Stored in GID1 . . . . . . . . . . . . . . . . . . . . . 104Physical and Logical Access to File Groups. . . . . . . . . . . . . . . . . . . . . . . . 105Use of I: drive and F: drive . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 105Redirection of Files During Application Downloads  . . . . . . . . . . . . . . . . . . 106
CONTENTSVX 675 REFERENCE GUIDE 5VERIFONECONFIDENTIALREVISION E.3 Manually Redirecting Files . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 106Redirecting Files to Other File Groups . . . . . . . . . . . . . . . . . . . . . . . . . . . . 107Restrictions on File Redirection  . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 108Using DDL.EXE to Automatically Redirect Files. . . . . . . . . . . . . . . . . . . . . 109File Redirection in Operating System Downloads. . . . . . . . . . . . . . . . . . . . 109File Redirection in Back-to-Back Application Downloads . . . . . . . . . . . . . . 109File Authentication Requirements  . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 110Required Certificates and Signature Files  . . . . . . . . . . . . . . . . . . . . . . . . . 110The File Authentication Process During an Application Download. . . . . . . 111File Group Permissions  . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 113Download an Operating System Update Provided by VeriFone. . . . . . . . . 114File Authentication for Back-to-Back Application Downloads . . . . . . . . . . . 115Timing Considerations Due to the Authentication Process. . . . . . . . . . . . . 116Support for File Compression . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 116Effect of Downloads on Existing Files and Data. . . . . . . . . . . . . . . . . . . . . . . . 117Direct Application Downloads . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 118Hardware Checklist. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 118Software Checklist  . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 118Checklist for Effects on Files and Settings in the Receiving Terminal . . . . 118Direct Application Download Procedure . . . . . . . . . . . . . . . . . . . . . . . . . . . 119Direct Operating System Downloads . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 126Hardware Checklist. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 126Software Checklist  . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 126Checklist for Effects on Files and Settings in the Receiving Terminal . . . . 126Direct Operating System Download Procedure  . . . . . . . . . . . . . . . . . . . . . 127Back-to-Back Application Downloads. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 131Hardware Checklist. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 131Software Checklist  . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 131Checklist for Effects on Files and Settings in the Receiving Terminal . . . . 132Back-to-Back Application Download Procedure . . . . . . . . . . . . . . . . . . . . . 132CHAPTER 7Specifications Power . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 137Micro-USB Power Pack . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 137Temperature. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 137External Dimensions  . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 137CHAPTER 8Maintenance Cleaning the Terminal  . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 139Terminal Contacts  . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 139Smart Card Reader  . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 139CHAPTER 9VeriFone Serviceand Support Returning a Terminal for Service . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 141Accessories and Documentation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 142Power Pack. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 142Printer Paper. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 142VeriFone Cleaning Kit. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 142Micro-USB Cable  . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 143Documentation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 143
CONTENTS6VX 675 REFERENCE GUIDEVERIFONECONFIDENTIALREVISION E.3 APPENDIX ASystem Messages Error Messages  . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 145Information Messages  . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 153APPENDIX BTroubleshootingGuidelines Terminal Does Not Start. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 163Terminal Display Does Not Show Correct/Readable Info. . . . . . . . . . . . . . . . . 163Battery Does Not Charge . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 164Blank Display . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 164Printer Does Not Print. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 164Printer Paper Jam. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 165Keypad Does Not Respond . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 165Transactions Fail to Process  . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 165APPENDIX CPort Pinouts Micro-USB Port. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 167RS-232 Port(FFB only). . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 167Telco Port(FFB only). . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 168Ethernet Port (FFB only). . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 168USB Host Port (FFB and USB base) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 168APPENDIX DASCII Table The ASCII Table. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 169APPENDIX EVX 675 BatteryInformation Battery  . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 171Charging . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 171Battery Life . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 171Advantages. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 171Precautions. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 172Notable VX 675 Battery Specifications. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 173Safety/Protection Circuit . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 173Cell Temperature Monitoring  . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 173ESD Protection . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 173Trip Recovery . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 174Battery FAQs (for VX 675) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 174VX 675 Battery Specific Terms and Definitions . . . . . . . . . . . . . . . . . . . . . . . . 175General Battery Terms and Definitions  . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 175GLOSSARY . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .179INDEX  . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .185
VX 675 REFERENCE GUIDE 7PREFACEThis guide is your primary source of information for setting up and installing the VX 675 terminal.AudienceThis guide is useful for anyone installing and configuring a VX 675 terminal. Basic descriptions of the terminal features are also provided.OrganizationThis guide is organized as follows:Chapter 1, Terminal Overview. Provides an overview of the VX 675 terminal.Chapter 2, Terminal Setup. Explains how to set up and install the VX 675 terminal. Provides information on how to select a location, establish power, and how to configure optional peripheral devices.Chapter 3, Using the Terminal Keys. Explains how to set up and install the VX 675 terminal. It tells you how to select a location, establish power, and how to configure optional peripheral devices.Chapter 4, Verix Terminal Manager. Describes password-controlled, Verix Terminal Manager operations, as well as how to use it to perform a variety of test and configuration procedures.Chapter 5, File Authentication.Describes the file authentication module of the VeriShield security architecture and describes how to use the file signing utility, VeriShield File Signing Tool, to generate signature files.Chapter 6, Performing Downloads. Documents procedures for downloading applications and files to VX 675 units.Chapter 7, Specifications. Explains how to maintain your VX 675 terminal.Chapter 8, Maintenance. Discusses the power requirements and dimensions of the VX 675 terminal.Chapter 9, VeriFone Service and Support. Provides information on contacting your local VeriFone representative or service provider, and information on how to order accessories or documentation from VeriFone.Appendix A, System Messages. Provides description about error and information messages, which are grouped into two categories.Appendix B, Troubleshooting Guidelines. Provides information to help you install and configure your VX 675 terminal successfully.Appendix C, Port Pinouts. Provides list of pinouts for the VX 675 terminal, dongles, and cable connectors.Appendix D, ASCII Table. Provides an ASCII table.
PREFACERelated Documentation8VX 675 REFERENCE GUIDEAppendix E, VX 675 Battery Information. Provides information about the VX 675 Smart Battery.RelatedDocumentationTo learn more about the VX 675 terminal, refer to the following set of documents:Conventions andAcronymsThis section describes conventions and acronyms used in this manual.DocumentConventionsVarious conventions are used to help you quickly identify special formatting. Table 1 describes these conventions and provides examples of their use. VX 675 Certifications and Regulations Sheet VPN DOC265-001-ENVX 675 Quick Installation Guide VPN DOC265-002-ENVX 675 Installation Guide VPN DOC265-003-ENVX 675 Base Certifications and Regulations SheetVPN DOC265-005-ENVX 675 Full-Featured Base Quick Installation GuideVPN DOC265-026-ENVX 675 USB Base Quick Installation Guide VPN DOC265-025-ENVX 675 ECR Certifications and Regulations Sheet VPN DOC265-027-ENVX 675 ECR Quick Installation Guide VPN DOC265-028-ENVerix eVo Volume I: Operating System Programmers ManualVPN DOC00301Verix eVo Volume II: Operating System and Communications Programmers GuideVPN DOC00302Table 1 Document ConventionsConvention Meaning ExampleBlue Text in blue indicates terms that are cross referenced.See Conventions and Acronyms.Italics Italic typeface indicates book titles or emphasis. You must install a roll of thermal-sensitive paper in the printer.Courier The courier typeface is used while specifying onscreen text, such as text that you would enter at a command prompt, or to provide an URL.RetrieveClearCardData retrieves the previous swipe's clear track data and places it into the pstSwipeOut argument.
PREFACEConventions and AcronymsVX 675 REFERENCE GUIDE 9The pencil icon is used to highlight important information.RS-232-type devices do not work with the PINpad port.The caution symbol indicates possible hardware or software failure, or loss of data.The terminal is not waterproof or dustproof, and is intended for indoor use only.The lighting symbol is used as a warning when bodily injury might occur.Due to risk of shock do not use the terminal near water.Table 1 Document ConventionsConvention Meaning ExampleNOTECAUTIONWARNING
PREFACEConventions and Acronyms10 VX 675 REFERENCE GUIDEAcronym DefinitionsVarious acronyms are used in place of the full definition. Table 2 presents acronyms and their definitions. Table 2 Acronym DefinitionsAcronym DefinitionsAC  Alternating CurrentA-GPS Assisted GPSECR Electronic Cash RegistersEMV Europay MasterCard and VISAGPRS General Packet Radio ServiceGPS Global Positioning SystemGSM Global System for Mobile CommunicationHDMI High-Definition Multimedia InterfaceHSPA High Speed Packet AccessITP Internal Thermal PrinterLCD Liquid Crystal DisplayLED Light Emitting DiodeMRA Merchandise Return AuthorizationMSAM Micromodule-Size Security Access ModulePED PIN Entry DevicePIN Personal Identification NumberQVGA Quarter Video Graphics ArrayRJ45 Registered Jack 45RS-232 Recommended Standard 232R-UIM Removable User Identity ModuleSAM Security Access ModuleSD Secure DigitalSIM Subscriber Identity ModuleTFT Thin Film TransistorUART Universal Asynchronous Transmitter/ReceiverUMTS Universal Mobile Telecommunications SystemUSB Universal Serial BusVPN VeriFone Part Number
VX 675 REFERENCE GUIDE 11CHAPTER 1Terminal OverviewThis chapter provides a brief description of the VX 675 terminal. This terminal features a color screen display, fast processor, abundant memory, and PCI 3.0 security.The VX 675 terminal is a portable, battery-powered device designed to fit comfortably during handheld consumer-facing applications. It features a 2.8” TFT LCD display and a backlit spill-resistant keypad. It supports the 3G universal mobile telecommunications system (UMTS), GPS / A-GPS, and GPRS communications technology.Figure 1 VX 675 TerminalNOTEVeriFone ships variants of the VX 675 terminal for different markets. Your terminal may have a different configuration—VX 675 3G supports dual SIM slots and micro SD card, VX 675 with ECR functionality is specific only to Turkey market.3DEF2ABC1QZ.4GHI7PRS*5JKL8TUV0-SPX6MNO9WXY# ’ ” ’
TERMINAL OVERVIEWFeatures at a Glance12 VX 675 REFERENCE GUIDEFeatures at aGlanceThe following are the features of VX 675:Features andBenefitsVX 675 terminals provide the right combination of features and functions including a triple-track magnetic stripe card reader, supports the “mini-format” cards, Hi/Low coercivity cards, micro SD cards, smart card reader, one or two SAMs, integrated PIN pad, color screen display, and a quiet yet fast internal thermal printer (ITP).Exceptional Ease ofUse•Lightweight, tapered design, compact, stylish and the ergonomic balance allows convenient terminal hand-off to the consumer for PIN entry or other input.•2.8” TFT LCD display for boundless application possibilities and easy readability under various lighting conditions. •Large, blue backlit keys provide tactile response to simplify usage and minimize finger slips.•25mm (VX 675 GPRS) and 40mm diameter paper roll support with a trouble-free, drop-in, “clam shell” loading and dual tear bar that allow receipts to be torn in any direction.•Quiet and fast integrated thermal printer (25 LPS with a fully charged battery) with Out-of-Paper sensor. •Vertical magnetic stripe card reader with an extended blade for optimal card reading.•400 MHz ARM11 RISC processor delivers power and usability in a convenient “hand-over” design.•Securely supports and runs payment and value-added applications along with signature capture.•Multi-application operating environment.•Offers unsurpassed performance on EMV smart card transactions•Advanced memory architecture to meet tomorrow’s needs with support for 192 MB.•Max UI design provides large 2.8” color LCD display, and large blue backlit keys for easier viewing.•Backward compatibility with VeriFone solutions help reduces development costs.•Adds vibrant color screen to the smallest purpose-built wireless payment device.•Drop-resistant design minimizes breakage.•Multiple connectivity options.•32-bit processing and multi-tasking capabilities.•Spill-resistant design forces liquid down and off the front of the terminal.•Security architecture exceeds specifications for PCI-PED and sophisticated file authentication.
TERMINAL OVERVIEWFeatures and BenefitsVX 675 REFERENCE GUIDE 13Performance andDurability•Fast transactions due to powerful 400 MHz ARM11 processor.•High-capacity 3.6 V 2200 mAh Li-ion battery. VX 675 3G supports 3.7 V 2200 mAh Li-ion battery pack.•Base for drop-and-go charging.•Rounded corners and drop resistant to 3 feet on concrete floor to minimize breakage.•192 MB of memory.Security•PCI PED 3.0 approved for debit and other PIN-based transactions.•EMV Level 1 and 2 Type Approval.•Tamper-resistant construction, SSL protocols, and VeriShield file authentication.CommunicationTechnology•VX 675 GPRS and VX 675 3G: Long-range wireless payment for retailers that have no physical location limitations.•VX 675 WiFi-BT: Ideal for retailers that need multiple wireless devices and have existing IP infrastructure. It also offers simple, plug-and-play installation for locations that need short-range wireless capability.
TERMINAL OVERVIEWFeatures and Benefits14 VX 675 REFERENCE GUIDE
VX 675 REFERENCE GUIDE 15CHAPTER 2Terminal SetupThis chapter describes terminal setup procedures. You will learn about: •Selecting Terminal Location•Unpacking the Shipping Carton•Examining Terminal Features•Examining Connection Ports•Installing the Paper Roll•Installing the SIM Card•Installing the SD Card•Using the Battery•Battery Behavior (No Power Pack)•Charging the Battery•Connecting the Terminal Power Pack•Using the VX 675 Base Stations•Docking the Terminal on the Base•Undocking the Terminal from the Base•Conducting Wireless Transactions•Conducting Smart Card Transactions•Using the Magnetic Card Reader•Connecting to USB Host•VX 675 ECR (Fiscal Module) Support•VX 675 3G and GPS Support
TERMINAL SETUPSelecting Terminal Location16 VX 675 REFERENCE GUIDESelectingTerminalLocationUse the following guidelines when selecting a location for your VX 675 terminal. EnvironmentalFactors•The VX 675 unit is a portable terminal. Select a flat support surface, such as a countertop or table, to keep the terminal safe in between uses.•Do not use the terminal where there is high heat, dust, humidity, moisture, or caustic chemicals or oils.•Keep the terminal away from direct sunlight and anything that radiates heat, such as a stove or motor.•Do not use the terminal outdoors.  ElectricalConsiderations•Avoid using this product during electrical storms.•Avoid locations near electrical appliances or other devices that cause excessive voltage fluctuations or emit electrical noise (for example, air conditioners, electric motors, neon signs, high-frequency or magnetic security devices, or computer equipment).•Do not use the terminal near water or in moist conditions.CAUTIONThe terminal is not waterproof or dustproof, and is intended for indoor use only. Any damage to the unit from exposure to rain or dust may void any warranty.
TERMINAL SETUPUnpacking the Shipping CartonVX 675 REFERENCE GUIDE 17Unpacking theShipping CartonOpen the shipping carton and carefully inspect its contents for possible tampering or shipping damage. The VX 675 device is a secure product and any tampering may cause the terminal to cease to function properly.Figure 2 VX 675 Shipping Carton ContentsTo unpack theShipping Carton 1Remove and inspect the following items:•Terminal•Power pack•Paper roll2Remove all plastic wrapping from the terminal and other components.3Remove the clear protective film from the LCD screen. 4Save the shipping carton and packing material for future repacking or moving the terminal.CAUTIONDo not use a terminal that has been damaged or tampered with. The terminal comes equipped with tamper-evident labels. If a label or component appears damaged, please notify the shipping company and your VeriFone representative or service provider immediately.
TERMINAL SETUPExamining Terminal Features18 VX 675 REFERENCE GUIDEExaminingTerminalFeaturesBefore you continue the installation process, see the terminal features illustrated below.Figure 3 VX 675 Terminal Features (Front Panel)Front PanelThe front panel includes the following features:•A 2.8” TFT LCD display.•A set of keys that include:aA 12-key, telephone-style keypad (keypads may vary in style).bThree color-coded function keys below the keypad (from left to right: CANCEL, CLEAR, ENTER). cFour function keys below the display (PF1, PF2, PF3, PF4) and a five-way navigational key in the middle.•A magnetic card reader, built into the right side. Swipe the card using the proper direction, with the magnetic stripe down and facing inward, toward the keypad. •An internal thermal printer at the top front of the terminal.
TERMINAL SETUPExamining Connection PortsVX 675 REFERENCE GUIDE 19•A smart card reader, built into the bottom of the terminal. For directions on how to use a smart card, see Conducting Smart Card Transactions.•A SAM (security access module) compartment, built into the bottom of the terminal inside the back compartment. The VX 675 terminal contains an MSAM cardholder to support stored-value card programs or other merchant card requirements.ExaminingConnectionPortsThe VX 675 terminal has one primary micro-USB port. VX 675 3G and VX 675 WiFi-BT supports USB Host function via primary micro-USB port.Figure 4 VX 675 Primary Micro-USB PortPower SupplyEach VX 675 terminal comes with power supply (VPN PWR265-001-01-A) used to connect the terminal directly to a power outlet and to charge the battery.Figure 5 Power Supply Connection to a VX 675 TerminalNOTEVeriFone ships variants of the VX 675 terminal for different markets. Your terminal may have a different configuration. However, the basic processes described in this guide remain the same, regardless of terminal configuration.
TERMINAL SETUPInstalling the Paper Roll20 VX 675 REFERENCE GUIDEInstalling thePaper RollA fast, quiet thermal printer is built into the VX 675 terminal. Before you can process transactions that require a receipt or record, you must install a roll of thermal-sensitive paper in the printer.The ITP uses a roll of single-ply, thermal-sensitive paper: 25mm and 40mm. A pink out-of-paper indicator line appears on the edge of the paper approximately 18 inches before the end of the roll. After this line appears, there is enough paper remaining on the roll to conclude at least one transaction. To Install a Paper Roll 1Gently pull the latch located on the bottom of the terminal to unlock the paper roll cover. Figure 6 Unlocking the Printer Cover2Lift the printer cover up and back. 3Remove any partial roll of paper in the printer tray. 4Loosen the glued leading edge of the new roll of paper or remove the protective strip, if applicable. Unwind the paper roll past any glue residue.5Hold the roll so the paper feeds from the bottom of the roll when the terminal is inverted (see illustration below).CAUTIONPoor-quality paper can jam the printer and create excessive paper dust. To order high-quality VeriFone paper, refer to Accessories and Documentation.Store thermal paper in a dry, dark area. Handle thermal paper carefully: impact, friction, temperature, humidity, and oils affect the color and storage characteristics of the paper. Never load a roll of paper with folds, wrinkles, tears, or holes at the edges in the print area.%$%$
TERMINAL SETUPInstalling the Paper RollVX 675 REFERENCE GUIDE 216Drop the paper roll into the printer tray.Figure 7 Loading Paper Roll7Pull paper up past the glue residue on the paper roll.8Close the paper roll cover by gently pressing directly on the cover until it clicks shut, allowing a small amount of paper past the glue residue to extend outside the printer door. Figure 8 Closing Paper Roll Cover9Tear the paper off against the serrated plastic strip in the printer.PPNOTEVX 675 with ECR functionality uses 40mm paper roll.CAUTIONTo prevent damaging the print roller, always gently press down on the paper roll cover to close it.
TERMINAL SETUPInstalling the SIM Card22 VX 675 REFERENCE GUIDEInstalling theSIM CardThe VX 675 terminal for GPRS modems supports the installation of a GSM SIM (Subscriber Identity Module). Use the following procedure to install a SIM card.To install or replacethe card 1Turn off the terminal.2Place the terminal upside down on a soft, clean surface to protect the lens from scratches.3Unscrew and remove the back compartment cover.4Lift the battery pack.Figure 9 Removing the Back Compartment Cover5Insert the SIM card into the cardholder.Figure 10 Inserting the SIM Card%$NOTEThere is only one SIM slot (VX 675 3G has dual SIM support). Before inserting the SIM card, position it as shown in in the illustration below, with the card’s gold contacts facing the compartment. The cardholder connector base has a set of contacts and a notch to ensure the SIM/R-UIM card is positioned correctly. The SIM card has a notch on one corner to ensure that it fits into the connector base in only one way.'&0,60,6$%
TERMINAL SETUPInstalling the SD CardVX 675 REFERENCE GUIDE 236Return the battery pack to its original position.7Close and screw the back compartment cover.Installing the SDCardVX 675 3G supports micro SD card installation. Use the following procedures to replace or install an SD card.To install or replacethe SD card: 1Turn off the terminal.2Lift and turn the rubber flap cover.3Insert the micro SD card. The card should lock in place when inserted correctly.4Replace the rubber flap cover.Using theBatteryVX 675 terminal uses a single cell Li-ion battery (see Accessories and Documentation for ordering information). The internal logic of the battery prevents both overcharging and undercharging (a fault condition in which the battery level goes well below the minimum acceptable charge and the battery becomes unusable). Battery FeaturesThe following are features of the battery:•One Li-ion cell.•A safety circuit that:•Prevents cell damage from overcharge, over-discharge, or overheating.•Activates when the battery is left in an unused terminal for extended periods.$%NOTEThe VX 675 terminal will only operate when the battery is installed.
TERMINAL SETUPBattery Behavior (No Power Pack)24 VX 675 REFERENCE GUIDEBattery Behavior(No Power Pack)The terminal shifts to power pack mode and starts up automatically when the VX 675 is connected to a non-battery power source, regardless of the battery charge state.Manual StartupHold the green key down for about 4 seconds until the terminal displays the startup screen.The terminal lights up once the power is on. Manual ShutdownHold the red key down for about 4 seconds until the terminal displays the shutdown verification screen. Keep holding the red key until the VX 675 terminal shuts down.NOTE•VX 675 battery pack is not customer changeable and therefore should not be disconnected and removed.•Li-ion batteries are not affected by shallow charging. Furthermore, when the terminal has no external power source or battery, the coin cell battery provides power to the security circuit.•Disconnecting and removing the battery, as well as unplugging the terminal power pack, reduce the life of the coin cell battery, which does not recharge and must be replaced if drained.•Conserve battery power by turning the VX 675 terminal off when not in use. Keep the Li-ion battery inserted in the terminal and power up the terminal periodically to check the battery charge. Do not let the battery charge fall below 10% for extended periods of time as this may permanently diminish the battery capacity. Recharge the battery by attaching the micro-USB end of the power pack to the terminal and plugging the other end of the power pack into a wall outlet.NOTEThe 4-second power-up delay prevents terminal startup if the green key is accidentally held down. The time required to hold the green key down to power up the terminal is configurable.NOTEThe VeriFone copyright screen starts and displays a unique copyright screen once the terminal loads an application. However, DOWNLOAD NEEDED appears on screen after the initial VeriFone copyright screen if there is no available application in the terminal.NOTE•The 4-second shutdown delay that prevents terminal shutdown if the red key is accidentally held down. The time required to hold the red key down to shut down the terminal is configurable.•The screen is blank when the terminal has no power.
TERMINAL SETUPConnecting the Terminal Power PackVX 675 REFERENCE GUIDE 25Connecting theTerminal PowerPackAfter installing the battery, connect the VX 675 terminal to the provided power source for initial charging. The VX 675 unit comes with a universal input power pack capable of operating from voltages of 100 V to 240 V AC. To Connect theTerminal PowerSupply1Insert the micro-USB plug into the micro-USB port of the VX 675, as shown in the figure below.Figure 11 VX 675 Power Supply Connection2Plug the AC power pack into a wall outlet or powered surge protector.Once it loads the application, the terminal starts the initial VeriFone copyright screen and displays a unique copyright screen. If there is no available application in the terminal, DOWNLOAD NEEDED appears on screen after the initial VeriFone copyright screen.CAUTIONUsing an incorrectly rated power supply may damage the terminal or cause it not to work as specified. Before troubleshooting, ensure that the power supply being used to power the terminal matches the requirements specified on the bottom of the terminal. (See Specifications for detailed power supply specifications.) Obtain the appropriately rated power supply before continuing with troubleshooting.WARNINGDo not plug the power pack into an outdoor outlet or operate the terminal outdoors. During a transaction, disconnecting the power by removing the battery or unplugging the terminal from a wall power while at very low battery charge may cause transaction data files not yet stored in the terminal memory to be lost.NOTETo protect against possible damage caused by lightning strikes and electrical surges, consider installing a power surge protector.
TERMINAL SETUPCharging the Battery26 VX 675 REFERENCE GUIDECharging theBatteryAfter unpacking your VX 675 terminal, connect the power pack to the unit for 4.65 hours or until fully charged. The battery has a safety circuit to protect the Li-ion cells from overcharging and over-discharging. If the battery is over-discharged, the safety circuit shuts down the battery. The battery must then be recharged to restore operation.Battery LifeCharging and discharging the VX 675 battery hundreds of times will wear out the battery. Significantly reduced operating times indicate the need for battery replacement (see Accessories and Documentation for ordering information).Using the VX 675Base StationsLike the terminal, VeriFone ships variants of the VX 675 base for different markets. Your base may have a different configuration.USB BaseA charging base to charge the terminal and provide a docking station when the terminal is not in use. It also has USB Host port for downloading applications and secure keys via USB flash drive. The base can be positioned on a countertop.Figure 12 USB Base Showing Micro-USB and USB Host PortsNOTEThe terminal charges the VX 675 battery when the terminal is in the base. For more information, see Docking the Terminal on the Base. NOTEThe VX 675 terminal automatically shuts off when the battery reaches the critically low charge state. If this occurs, the battery must be recharged for a minimum of 1/2 hour before it can power the terminal. It may take several recharge attempts to reset the safety circuit when charging a battery that has been discharged below this critical state.WARNINGDo not dispose of batteries in a fire. Li-ion batteries must be recycled or disposed of properly. Do not dispose of Li-ion batteries in municipal waste sites.
TERMINAL SETUPPowering Up the BaseVX 675 REFERENCE GUIDE 27Full-Feature BaseA charging base with Dial, Ethernet, Serial (RS-232), and USB Host ports for full back-up connectivity options and support to some peripherals like ECR, check reader, and barcode reader, among others.Figure 13 Full-Feature Base Showing Dial, Ethernet, Serial, Micro-USB and USB Host PortsPowering Up theBaseUse the procedure in this section to connect the VX 675 Base to a power source.To power up the base 1Insert the micro-USB plug into the micro-USB port of the base, as shown in the figure below.Figure 14 Connecting the Base to a Power Source2Plug the AC power pack into a wall outlet or power surge protector.
TERMINAL SETUPDocking the Terminal on the Base28 VX 675 REFERENCE GUIDEDocking theTerminal on theBaseThe VX 675 terminal can be placed on the base when not in use for continuous charging of its battery.Figure 15 Docking the VX 675 Terminal on the BaseUndocking theTerminal fromthe BaseThe VX 675 terminal can be taken from the base when in use.Figure 16 Undocking the VX 675 Terminal from the BaseConductingWirelessTransactionsTo conduct a wireless transaction:•Ensure the terminal is in an optimal position for transmitting.•Follow the on-screen instructions provided with your application.$$ %NOTETo protect against possible damage caused by lightning strikes and electrical surges, consider installing a power surge protector.WARNINGDo not plug the power pack into an outdoor outlet or operate the terminal outdoors. Disconnecting the power during a transaction may cause transaction data files not yet stored in terminal memory to be lost.
TERMINAL SETUPConducting Smart Card TransactionsVX 675 REFERENCE GUIDE 29ConductingSmart CardTransactionsThe smart card transaction procedure may vary from one application to another. Verify the procedure with your application provider before performing a smart card transaction.To Conduct a SmartCard Transaction 1Position a smart card with the contacts facing upward (see illustration below).2Insert the smart card into the smart card reader slot in a smooth, continuous motion until it seats firmly.3Remove the card only when the application indicates the transaction is complete. Figure 17 Inserting a Smart CardUsing theMagnetic CardReaderThe VX 675 terminal supports credit/debit card transactions.To Conduct a Creditor Debit CardTransaction1Position a magnetic card with the stripe in the card reader and facing inward, toward the keypad.2To ensure a proper read of the magnetic swipe card, the user should insert the magnetic card from the top of the unit, as shown in the following illustration.CAUTIONDo not remove the smart card in the card reader until the transaction is complete. Premature card removal will invalidate the transaction.
TERMINAL SETUPConnecting to USB Host30 VX 675 REFERENCE GUIDE3Swipe the card through the magnetic card reader.Figure 18 Using the Magnetic Card ReaderConnecting toUSB HostUSB Host support, allows you to download applications and secure keys via USB flash drive.To connect to theUSB Host 1Power up the base by inserting the micro-USB plug into the micro-USB port of the base as shown in Figure 14.2Make sure that the terminal is docked on the base.3Insert the USB plug into the USB Host port on the left side of the base.Figure 19 Connecting USB Flash Drive to the USB Host
TERMINAL SETUPVX 675 ECR (Fiscal Module) SupportVX 675 REFERENCE GUIDE 31VX 675 ECR(Fiscal Module)SupportThe fiscal module allows ECRs to have direct connection to the Ministry of Finance servers. When a mobile transaction is made, the transaction data is sent over to the Ministry of Finance servers, and then goes to the banking host system. The fiscal module stores the transaction data (up to 2 MB). A metallic seal is placed on the right side, under the MSR to secure the fiscal module.Customer DisplayA 42mm single line customer-facing display (no backlight) that can display up to 8 characters including “,” or “.” between any character. It is located below the paper roll cover.Figure 20 VX 675 ECR Customer DisplayVX 675 3G andGPS SupportVX 675 3G uses the Cinterion PHS8-P radio module that incorporates 3G High-Speed Packet Access (HSPA+) connectivity. The PHS8-P radio module is optimized for high bandwidth and allows a downlink speed of 14.4 Mbps and an uplink speed of 5.7 Mbps.GPS ReceiverThe Cinterion PHS8-P radio module integrates a GPS receiver that offers the full performance of GPS/A-GPS technology.Connecting by 3GTo connect to existing 3G operator-provided infrastructure, check that SIM has been inserted, see Installing the SIM Card.
TERMINAL SETUPVX 675 3G and GPS Support32 VX 675 REFERENCE GUIDE
VX 675 REFERENCE GUIDE 33CHAPTER 3Using the Terminal KeysBefore proceeding to other tasks, familiarize yourself with the operational features of the VX 675 terminal keypad to enter data.This section describes how to use the VX 675 keypad, which consists of four programmable function keys (PF1 to PF4), a 5-way navigation key, a 12-key telephone-style main keypad (0 to 9, *, and #), and three command keys (CANCEL, CLEAR, and ENTER).Using these keys, you can perform all data-entry tasks described in this manual. The function keys allow you to navigate though the system mode menus and select specific operations.For added convenience, the keypad is automatically back-lit when you power on the terminal.Figure 21 Front Panel Key Arrangement.NOTEActual keypad may vary.
USING THE TERMINAL KEYSData Entry Modes34 VX 675 REFERENCE GUIDEData EntryModesBefore you can use the keys on the front panel to enter ASCII characters, the VX 675 terminal must be in a mode that accepts keyed data entry. There are two terminal operating modes, each enabling you to press keys to enter data under specific circumstances: •Normal mode: This is the terminal operating mode where an application program is present in mDRAM and currently running.•Verix Terminal Manager (VTM) mode: This is a special, password-controlled terminal operating mode for performing a variety configuration procedures that cannot be performed when an application is running.If you turn on a VX 675 terminal with an application stored in memory and *GO variable set to the application name, the application executes and the terminal automatically enters normal mode. The application then controls how terminal keys process transactions and when you can use specific keys to type characters or respond to prompts.Main KeypadThe main keypad is a 12-key telephone-style main keypad.Using the keypad, you can enter up to 50 ASCII characters, including the letters A–Z, the numerals 0–9, and the following 20 special characters: (*), (,), (‘), (“), (-), (.), (#), (%), (:), (!), (+), (@), (=), (&), (space), (;), ($), (_), (\), and (/).Alphabetic characters are entered by pressing its corresponding number in the keypad multiple times within a given time.Characters found in the * and # keys may vary in some units (for example, VX 675 with ECR fiscal module functionality).NOTEIf you enter Verix Terminal Manager while a terminal application is running in normal mode, Verix Terminal Manager preempts the application and takes control of the display and keyboard. The only way to exit Verix Terminal Manager is to restart the terminal. For this reason, once you enter the Verix Terminal Manager, you cannot return to the application in the same session.NOTEThe VTM functions described in the Verix Terminal Manager section requires you to enter numbers, letters, or symbols using the keypad.
USING THE TERMINAL KEYSMain KeypadVX 675 REFERENCE GUIDE 35Command KeyDescriptionsThe following are the command keys of the terminal’s keypad.Cancel KeyPressing the Cancel key in normal mode — when the terminal’s application is loaded and running. It terminates the current function or operation.In Verix Terminal Manager, use Cancel to perform a variety of functions. The most common use of Cancel in Verix Terminal Manager is to exit a Verix Terminal Manager submenu and return to the main Verix Terminal Manager menu. The specific effect of pressing the Cancel key depends on the currently active Verix Terminal Manager menu.On VX 675 ECR units, the red key may display a string of letters.Clear KeyIn normal mode, the Clear key is commonly used to delete a number, letter, or symbol on the terminal’s display screen. Press Clear one time to delete the last character typed on a line. To delete additional characters, moving from right-to-left, press Clear once for each character or hold down Clear to delete all characters in a line.In Verix Terminal Manager, the specific effect of pressing the Clear key depends on the currently active Verix Terminal Manager menu.Enter KeyIn normal mode, the Enter key is generally used in the same way as the enter key on a PC, that is, to end a procedure, confirm a value or entry, answer “Yes” to a query, or select a displayed option.In Verix Terminal Manager, press the Enter key to begin a selected procedure, step forward or backward in a procedure, and confirm data entries. The specific effect of the Enter key depends on the currently active Verix Terminal Manager menu.On VX 675 ECR units, the green key may display a new currency symbol.NOTEThe terminal’s operating mode and context determine the specific action performed when you press one of the function keys. The following descriptions are provided solely to acquaint you with some general characteristics of these function keys before presenting more detailed Verix Terminal Manager procedure descriptions.
USING THE TERMINAL KEYSMain Keypad36 VX 675 REFERENCE GUIDE
VX 675 REFERENCE GUIDE 37CHAPTER 4Verix Terminal ManagerThis chapter describes a category of terminal functions called terminal manager operations.•Press ENTER and 7 keys at the same time and enter the password to open the Verix Terminal Manager (VTM). See Entering Verix Terminal Manager.•Since files are loaded into specific groups, VTM users can view files, delete files, and manage configuration variables. See File Groups.•Use the system and file group passwords to secure applications and information on the terminal. See Passwords.•Use the terminal manager menus and submenus to configure terminals; download and debug applications; perform diagnostics such changing console settings, managing keys and view terminal information; and perform routine tests and terminal maintenance. See Verix Terminal Manager Menus.Verix Terminal Manager is used exclusively by those responsible for configuring, deploying, and managing on-site VX 675 terminal installations.When to UseVerix TerminalManagerUse the Verix Terminal Manager functions to perform different subsets of related tasks:•Application programmers configure a development terminal, download development versions of the VX 675 application program, then test and debug the application until it is validated and ready to be downloaded to other terminals.•Deployers of VX 675 terminals to end-user sites perform the specific tasks required to deploy a new VX 675 terminal on-site, including configuring the terminal, downloading application software, and testing the terminal prior to deployment.•Terminal administrators or site managers change passwords, perform routine tests and terminal maintenance, and configure terminals for remote diagnostics.To perform the subset of tasks that corresponds to a job, select the appropriate Verix Terminal Manager menu(s) and execute the corresponding procedure(s).
VERIX TERMINAL MANAGERLocal and Remote Operations38 VX 675 REFERENCE GUIDELocal andRemoteOperationsThe terminal manager operations available on a VX 675 terminal can be divided into the following two categories or types:•Local operations address a stand-alone terminal and do not require communication or data transfers between the terminal and another terminal or computer. Perform local Verix Terminal Manager operations to configure, test, and display information about the terminal. •Remote operations require communication between the terminal and a host computer (or another terminal) over a cable connection. Perform remote Verix Terminal Manager operations to download application software to the terminal, upload software from one terminal to another, or download using a service dongle from VeriCentre or from another download host.This chapter contains descriptions on how to perform local Verix Terminal Manager operations. For information on performing remote operations, such as downloads, refer to the Performing Downloads section.VerifyingTerminal StatusThe VX 675 terminal you are using may or may not have an application program running on it. After you have set up the terminal (refer to Terminal Setup) and the terminal is turned on, use the following guidelines to verify terminal status regarding software and current operating mode:•If no application program is loaded into terminal memory, the message DOWNLOAD NEEDED appears on the display screen. •If an application program is loaded and *GO is set in the configuration file in group 1 to the application’s name into terminal memory, an application-specific prompt appears. The application is running and the terminal is in normal mode. If all installation steps are complete, the terminal can process transactions.Entering VerixTerminalManagerTo prevent unauthorized use of the Verix Terminal Manager menus, the VX 675 terminal OS requires a system password each time you enter Verix Terminal Manager. To access the Verix Terminal Manager password entry screen, simultaneously press the ENTER and 7 keys.The default, factory-set system password is “166831.” Use the following key sequence to enter this password:1 6 6 8 3 1 ENTERAfter entering the correct password, the terminal enters the terminal manager and displays the first terminal manager main menu. You can now cycle through all Verix Terminal Manager main menus.NOTEFrom this point, press ENTER and 7 key simultaneously to access Verix Terminal Manager and perform the required download.
VERIX TERMINAL MANAGERFile GroupsVX 675 REFERENCE GUIDE 39File GroupsThe VX 675 operating system implements a file system in memory. Files are assigned to one of 15 groups for access control. Groups are similar to directories on a computer in that different applications can be stored in separate file groups, just like different computer applications can be stored in separate directories. Groups are referred to as Group n or GIDn throughout this manual.Each group is protected by a separate password, and each has a separate CONFIG.SYS file. The following rules apply to the VX 675 file group system:•The primary application must be downloaded into Group 1.•On terminal power up and after a restart, the terminal defaults to Group 1 as the controlling group. •Group 1 applications have access to files stored in all groups. Other applications can reside in Groups 2 – 14. •Applications in a group other than Group 1 have access only to themselves and files stored in Group 15. •Group 15 is globally accessible, making it an ideal location for files shared by multiple applications, such as shared libraries.•File Groups 1 – 15 are empty until they are filled through a download to the VX 675 terminal.For more information on managing file groups, refer to the Verix eVo Volume I: Operating System Programmers Manual -VPN DOC00301.PasswordsHandle passwords as you would PC passwords. CAUTIONIf you change a password but forgot it later on, there is no password recovery method. Without the password, you are unable to access Verix Terminal Manager operations and may be prevented from requesting a download, performing remote diagnostics, or changing any of the information already stored in memory. The terminal can, however, continue to process transactions in normal mode. If you forget or lose the system password to your terminal, please contact your local VeriFone representative for assistance.NOTEPasswords must be in numeric characters only and must be greater than five digits and less than 10 digits in length.
VERIX TERMINAL MANAGERVerix Terminal Manager Menus40 VX 675 REFERENCE GUIDESystem PasswordWhen you key in the system password to enter terminal manager, an asterisk (*) appears for each character you type. These asterisks prevent your password from being seen by an unauthorized person. File GroupPasswordsFrom manufacture, each file group uses the default password “166831,” which is entered as follows:1 6 6 8 3 1, and press ENTERVerix TerminalManager MenusThe two main terminal manager menus are listed in the following table.Figure 22 Menu 1Figure 23 Menu 2On successful entry of the system password, VERIX TERMINAL MGR menu appears. NOTESome application program downloads automatically reset the system password. If your system password no longer works, check if a download has changed your password.VERIX TERMINAL MGR1> Restart2> Edit Parameters3> Download4> Memory Usage5> Directory Listing6> Clear Memory7> Calibrate Screen8> Terminal Info9> Diags VERIX TERMINAL MGR1> System Error Log2> Clock3> Console Settings4> Change Passwords5> Key Management 
VERIX TERMINAL MANAGERVerix Terminal Manager MenusVX 675 REFERENCE GUIDE 41to return to a previous menu, press the UP icon () on the left side of the screen. To go to the next menu, press the DOWN icon (). The smaller arrows on the right side of the screen, UP () and DOWN (), are used to select any submenu from the list. Pressing ENTER will choose the highlighted function. To return to the main Verix Terminal Manager menu and cancel any changes, press the CANCEL key. The user can also select the item from the menu by pressing the corresponding number key indicated at the left of the item selected.Each menu has items to select; some items contain submenus or a series of prompts. When prompted to enter alphabetic or special characters, use the procedure described in Chapter 3.When performing downloads or operations that change or clear files, the password for each file group is required. The password is only required once per session per file group.Verix TerminalManagerProceduresThe procedures in this section explain how to use each of the Verix Terminal Manager menus. Each procedure description starts at a main Verix Terminal Manager menu. Each procedure takes you step-by-step through a complete Verix Terminal Manager operation in the following sequence:1When the main Verix Terminal Manager menu appears, scroll up or down using the UP () and DOWN () icons on the right side of the screen to select an operation. 2Press ENTER to select the operation.3Complete the operation.4Return to the main Verix Terminal Manager menu.Procedure descriptions are arranged in the following tabular format: Table 3 Procedural Description ExampleDisplay ActionScreen displayed Action requiredSubmenu RowScreens displayed on submenu selection Action required
VERIX TERMINAL MANAGERVerix Terminal Manager Menus42 VX 675 REFERENCE GUIDEThe Display column in Table 3 indicates what appears on the terminal display screen at each step of the procedure. Please note the following conventions used in this column:•If a prompt or message appears on the screen exactly as it is described, it is shown in Arial bold font and in lower case with the first letter capitalized. For example, Download Needed.•If text is enclosed in parentheses, the actual text or message may vary depending on the terminal version you have. For example, in (Application Prompt), the normal font is used and text appears in lower case with first letter capitalized.The Action column provides a procedural description that:•Describes the current step and context of the procedure.•Indicates the entries to perform using the keypad in response to a prompt or message.•Provides additional explanations or information about the steps of that particular Verix Terminal Manager menu.A submenu row indicates a specific menu evoked from a main menu screen. A description of that screen and procedure immediately follows the submenu row.The following keys have the same function on all submenus:•Press the ENTER key to choose the function and display the submenu selected. When editing, pressing ENTER will save a newly entered variable.•Press the CANCEL key to exit any submenu without saving changes. Enter and Exit VerixTerminal ManagerTo enter terminal manager after you have turned on the VX 675 terminal, follow the procedure described below.NOTEOn successful completion, some operations automatically exit Verix Terminal Manager and restart the terminal. Other operations require that you exit Verix Terminal Manager and restart the terminal. To manually exit Verix Terminal Manager, select 1> RESTART in VERIX TERMINAL MGR.
VERIX TERMINAL MANAGERVerix Terminal Manager MenusVX 675 REFERENCE GUIDE 43Table 4 Enter Verix Terminal ManagerDisplay ActionVERIFONE VX675QT65010M03/09/2012 VerixCOPYRIGHT 1997-2012VERIFONEALL RIGHTS RESERVEDAt startup, the terminal displays a copyright notice screen that shows the terminal model number, the OS version of the VX 675 stored in the terminal’s memory, the date the firmware was loaded into the terminal, and the copyright notice.This screen appears for three seconds, during which time you can enter Verix Terminal Manager by simultaneously pressing ENTER and 7 key.You can extend the display period of this screen by pressing any key during the initial three seconds. Each keypress extends the display period an additional three seconds.If the battery has not been initially charged, the screen displays BATTERY NOT CALIBRATED to inform the user to initialize and condition the battery. For more information about the battery, refer to VX 675 Battery Information.BATTERY 100%FOR STATUS PRESS KEY 3VERIFONE VX675QT65010M03/09/2012 Verix* * T A M P E R * *COPYRIGHT 1997-2012VERIFONEALL RIGHTS RESERVEDIf an attempt to break into the terminal’s system has been made, the message **TAMPER** is displayed in place of the certificate. The terminal will remain in this state until the condition has been remedied.<application prompt> If an application already resides on the terminal, an application-specific prompt is displayed. Otherwise, an error message is displayed. For more information on startup errors, see STARTUP ERRORS.
VERIX TERMINAL MANAGERVerix Terminal Manager Menus44 VX 675 REFERENCE GUIDETERMINAL MGR ENTRYPlease Enter Password___________________If an application prompt appeared and you chose to enter the terminal manager, you are prompted to type the system password. Use the default password “166831.” This password is entered as: 1 6 6 8 3 1, and press ENTER.Use CLEAR to delete the entry and correct any mistakes. If you enter an incorrect password, the terminal exits the TERMINAL MGR  ENTRY screen. Verify your password and reenter it.To quit this operation and return to the application prompt or DOWNLOAD NEEDED screen, press CANCEL.VERIX TERMINAL MGR1> Restart2> Edit Parameters3> Download4> Memory Usage5> Directory Listing6> Clear Memory7> Calibrate Screen8> Terminal Info9> DiagsThe first of the two VERIX TERMINAL MGR menus is displayed. To go to VERIX TERMINAL MGR menu 2, tap the DOWN icon () on the left of the screen. To toggle with the submenus, use the UP () and DOWN () until you reach the desired menu then press ENTER.You can also choose an option in the menu by pressing the corresponding number on the keypad. Table 4 Enter Verix Terminal Manager  (continued)Display Action
VERIX TERMINAL MANAGERVerix Terminal Manager MenusVX 675 REFERENCE GUIDE 45Menu 1In this menu you can restart the terminal, edit parameters, download terminal software updates, check memory usage and availability, as well as view the contents of I: drive and F: drive directories. You can also clear the memory and calibrate the touchscreen.Table 5 Verix Terminal Manager Menu 1Display ActionVERIX TERMINAL MGR1> Restart2> Edit Parameters3> Download4> Memory Usage5> Directory Listing6> Clear Memory7> Calibrate Screen8> Terminal Info9> DiagsTo restart the terminal, select 1> RESTART.To edit the parameters, select 2> EDIT PARAMETERS. (For more information, refer to the Edit Keyed Files section that follows this main menu description.)To download applications, select 3> DOWNLOAD.To view memory usage, select 4> MEMORY USAGE .To view directory listing, select 5> DIRECTORY LISTING.To clear the memory, select 6> CLEAR MEMORY.To test and calibrate the screen, select 7> CALIBRATE SCREEN.To view terminal information, select 8> TERMINAL INFO.To view diagnostics, select 9>DIAGS.To toggle to VERIX TERMINAL MANAGER menu 2, press DOWN icon () or to quit any operation within this menu, press CANCEL. 2> EDIT PARAMETERSVTM SELECT GROUPGROUP ID: nnAPP: <*APNAME or application or EMPTY or NOT EMPTY>The file group number is represented as Gnn or GROUP nn. Type the Group ID of the file group (1 for the primary application; between 1–15 for other applications) into which to perform the download. (Refer to Chapter 6 for detailed download instructions and information).To select the Group ID, use the UP () and DOWN icon (). The application name will appear if *APNAME is set in the group and also if there are files in the group selected.After you select a file group number, press ENTER.
VERIX TERMINAL MANAGERVerix Terminal Manager Menus46 VX 675 REFERENCE GUIDEVERIX TERMINAL MGRPlease enterPassword for GID n:___________________To continue, enter the required password. If you enter an incorrect password, the following message appears:Change Passwords GnPlease Try AgainPress ENTER. Verify your password and reenter it.3> DOWNLOADVERIX TERMINAL MGRGroup ID: _1To continue, enter the Group ID. The value of 1 is for the primary application while value between 1-15 is for other applications. Then, press ENTER.To return immediately to VERIX TERMINAL MGR MENU or to quit any operation within this menu, press CANCEL.VTM DOWNLOAD MGR Gn1> Single-app2> Multi-appFor a single application download, select Single-app. For multiple application download, select Multi-app.Note: Multi-app is only available for group 1.(Refer to Chapter 6 for detailed download instructions and information).To select, use the UP () and DOWN icon () then press ENTER. You can also choose an option in the menu by pressing the corresponding number on the keypad.To return to VERIX TERMINAL MGR, press CANCEL.Table 5 Verix Terminal Manager Menu 1  (continued)Display Action
VERIX TERMINAL MANAGERVerix Terminal Manager MenusVX 675 REFERENCE GUIDE 47VTM DOWNLOAD MGR Gn1> Full dnld2> Partial dnldSelect the type of download mode: Full dnld or Partial dnld. A full download will delete all data on the group’s memory. A partial download only adds new files to the group’s memory. If a downloaded file is identical to an existing file in the memory, the existing file is replaced.To select, use the UP () and DOWN icon () then press ENTER. You can also choose an option in the menu by pressing the corresponding number on the keypad.To return to VERIX TERMINAL MGR, press CANCEL.VTM DOWNLOAD MGR Gn**** WARNING ****All Files Will BeCleared From Group n1> Cancel Download2> ContinueIf you selected FULL on a single application download, a screen will appear warning you that all existing files in the selected group will be deleted. To return to VERIX TERMINAL MGR, press CANCEL or press ENTER to continue downloading an application.VTM DOWNLOAD MGR GnClear ApplicationFrom Group nn?1> Yes2> NOIf you selected FULL on a multiple application download, you will be prompted to clear the existing application on the currently selected group. Select YES to continue or NO to cancel downloading applications.Table 5 Verix Terminal Manager Menu 1  (continued)Display Action
VERIX TERMINAL MANAGERVerix Terminal Manager Menus48 VX 675 REFERENCE GUIDEVTM DOWNLOAD MGR Gn**** WARNING ****Confirm DeletionFor Application1> Yes2> NOIf you selected YES from the previous screen, a confirmation screen appears. Select YES to confirm or NO to cancel the deletion.VTM DOWNLOAD MGR GnGIDS TO ERASE:1,2,41> Change choices2> ContinueIf a FULL multiple download has been previously done, this screen appears instead of the previous two screens. This screen lists all the erased GIDs on the previous download. Select CONTINUE to erase all memory. VTM DOWNLOAD MGR Gn1> Modem2> COM13> COM74> SD Card5> USB Flash Memory6> TCPIP7> USB Dev8> COM69> COM2If a Partial download has been selected, select the download mode in this screen.An application that supports the TCP stack is loaded with the OS to be able to use the 6> TCPIP option. If no application can be found, an error message appears.Note: Not all listed options are available for all platforms.To return to the main menu without saving your selection, press CANCEL.Table 5 Verix Terminal Manager Menu 1  (continued)Display Action
VERIX TERMINAL MANAGERVerix Terminal Manager MenusVX 675 REFERENCE GUIDE 49VTM DOWNLOAD MGR Gnn*ZP Host Phone num______________________________________If you selected 1> MODEM and *ZP (host phone number) is not defined, you must enter valid phone number (up to 32 characters long) and press ENTER.VTM DOWNLOAD MGR GnnUnit Receive ModeWAITING FOR DOWNLOADSelect 2> COM1 to download via the COM 1 port.Select 3> COM7 to download via the COM 7 port.To return to the main menu without saving your selection, press CANCEL.VTM DOWNLOAD MGR GnnUnavailableSelect 4> SD CARD to download from a stored digital (SD) card.If no SD Card is inserted in the unit, the ‘Unavailable’ message is shown.To return to the main menu without saving your selection, press CANCEL.VTM DOWNLOAD MGR GnnUnavailableSelect 5> USB FLASH MEMORY to download from a memory stick.If no Memory Stick is inserted in the unit, the ‘Unavailable’ message is shown.To return to the main menu without saving your selection, press CANCEL.Table 5 Verix Terminal Manager Menu 1  (continued)Display Action
VERIX TERMINAL MANAGERVerix Terminal Manager Menus50 VX 675 REFERENCE GUIDEVTM DOWNLOAD MGR GnnNo *ZTCP Variableand no VxEOSSelect 6> TCPIP to download from your TCPIP connection.An application that supports the TCP stack is loaded with the OS to be able to use the 6> TCPIP option. If no application can be found, an error message appears.Not all listed options are available for all platforms.VTM DOWNLOAD MGR GnnUnit Receive ModeWAITING FOR DOWNLOADSelect 7> USB DEV to download using the USB connection.To return to the main menu without saving your selection, press CANCEL.VTM DOWNLOAD MGR GnnUnavailableSelect 8> COM6 to download via the COM 6 port.To return to the main menu without saving your selection, press CANCEL.VTM DOWNLOAD MGR GnnUnavailableSelect 9> COM2 to download via the COM 2 port.To return to the main menu without saving your selection, press CANCEL.Table 5 Verix Terminal Manager Menu 1  (continued)Display Action
VERIX TERMINAL MANAGERVerix Terminal Manager MenusVX 675 REFERENCE GUIDE 51VTM DOWNLOAD MGR Gnn*ZP HOSTADDR (IP:PORT)______________________________________If you selected 6> TCPIP and *ZP (TCP address) is not defined, you must enter a valid TCP address (up to 40 characters long including the colon and port number) and press ENTER. VTM DOWNLOAD MGR Gnn*ZP HOST ADDR______________________________________VTM DOWNLOAD MGR Gnn*ZP HOST ADDR PORT___________________Table 5 Verix Terminal Manager Menu 1  (continued)Display Action
VERIX TERMINAL MANAGERVerix Terminal Manager Menus52 VX 675 REFERENCE GUIDEVTM DOWNLOAD MGR Gnn*ZT TERMINAL ID___________________If *ZT (terminal ID used by VeriCentre) is not defined, you must enter a valid terminal ID (up to 15 characters long) and press ENTER. VTM DOWNLOAD MGR Gnn*ZA APPLICATION ID___________________If *ZA (application ID) is not defined, you must enter a valid application ID (up to 10 characters long) and press ENTER.VTM DOWNLOAD MGR Gnn*ZA= nnnn*ZP= nnnn*ZR= nnnn *ZT= nnnn1> Edit2> StartYou can view the specified values on the confirmation screen. Select 1> EDIT to go back and modify the specifications or 2> START to begin the download.Table 5 Verix Terminal Manager Menu 1  (continued)Display Action
VERIX TERMINAL MANAGERVerix Terminal Manager MenusVX 675 REFERENCE GUIDE 53VTM DOWNLOAD MGR GnnUNIT RECEIVE MODE***________________If you selected 2> COM1 or 3> COM7 , a line of asterisks appears that shows the percentage of completion. Each asterisk equals approximately 10% of the download.You can cancel a download in progress by pressing CANCEL. Doing so restarts the terminal.VTM DOWNLOAD MGRGROUP n PASSWORD___________________Note: If you have not previously entered a group’s password in this session, the terminal prompts for the group’s password prior to downloading applications.To continue, enter the required password. If you enter an incorrect password, PLEASE TRYAGAIN appears.Press ENTER. Verify your password and reenter it.4> MEMORY USAGEMEMORY USAGEDrive I: Files__________ 2Inuse__________10 KBDrive F: Files_________0Inuse_________0RAM Avail_______29168 KBFLASH Avail_______124158 KBThis screen displays how much mDRAM is used and how much is available.•INUSE - Closest estimate of used memory (in KB).•AVAIL - Lowest number of free memory (in KB).To return to the main menu, press CANCEL.Note: RAM memory is the terminal working memory. RAM memory is where the OS and applications execute. It is completely separate from the FLASH memory. FLASH memory is where code and data is stored when it is not executing. RAM and FLASH are physically different and are different sizes.Table 5 Verix Terminal Manager Menu 1  (continued)Display Action
VERIX TERMINAL MANAGERVerix Terminal Manager Menus54 VX 675 REFERENCE GUIDE5> DIRECTORY LISTINGNAVIGATION CONTROLS2/8 Up/Down1/7 Page Up/Down*  Send to Com Port#  Send to PrinterENT SelectCAN ReturnPRESS ENTER TO CONTTo continue, enter the Group ID. The value of 1 is for the primary application while value between 1-15 is for other applications. Press ENTER.CONFIG.SYS protected records that begin with * or # are retained when you clear a mDRAM file group.SELECT DRIVEI :F:N:This screen shows the different Directory.To return to the main menu, press CANCEL. To return immediately to VERIX TERMINAL MGRMENU1 or to quit any operation within this menu, press CANCEL.Table 5 Verix Terminal Manager Menu 1  (continued)Display Action
VERIX TERMINAL MANAGERVerix Terminal Manager MenusVX 675 REFERENCE GUIDE 556> CLEAR MEMORYVERIX TERMINAL MGRGroup ID: _1To clear a file group’s memory, enter the group ID.Press ENTER.VERIX TERMINAL MGR1> Clear CONFIG. SYS2> Clear Split Files3> Clear GID Files4> Clear All GroupsTo choose an option in the menu, press the corresponding number on the keypad or scroll down to the option using the DOWN arrow then press ENTER.Use the UP key to scroll up the menu options.Select which files to delete:Select 1> CLEAR CONFIG.SYS to delete only theCONFIG.SYS file. On the next screen, press 1 tocompletely delete the CONFIG.SYS file or 2 to retain protected records that begin with * or #.Select 2> Clear Split Files delete only the split files.Select 3> CLEAR GID FILES to delete all files in thecurrently selected file group from the memory.Select 4> CLEAR ALL GROUPS to delete all files in all file groups. On the next screen, press 1 to cancel or 2 to confirm the deletion.This option is only available when file Group 1 is entered as the group ID.To go back to the second menu of the VERIXTERMINAL MGR without deleting files, press CANCEL.Table 5 Verix Terminal Manager Menu 1  (continued)Display Action
VERIX TERMINAL MANAGERVerix Terminal Manager Menus56 VX 675 REFERENCE GUIDE7> CALIBRATE SCREENUnavailableThis option is not available for this terminal.8> TERMINAL INFOVTM MGR TERMINAL INFOSerl No  323-500-282PTID 14000000PN M265-673-13-DMO-0Rev 003OS Ver  QT65010MModl VX675Ctry DMOKeypad 00Display 320240This screen shows configuration information specific to your terminal:•Serial Number of the terminal•Permanent terminal identification number (PTID)•Terminal part number•Terminal hardware version number•Operating System version•Model Number of the terminal•Country of Manufacture•Display unit type•Keypad type (0 = Telco, 1 = Calculator, 2 = Singapore)•Magnetic stripe card reader type•Whether or not a PIN pad terminal is integrated into the terminal (where 0 = No, 1 = Yes)•Modem Type•Model Number of ModemYour terminal’s screen may vary depending on the model and operating system version installed.To return to the previous menu, press CANCEL.VTM MGR TERMINAL INFOMag RDR  BPrinter 2PinpaD 1Modem Type  50Ver: NO PROFILEModel: NO PROFILECtry: NO PROFILELife: 458483Rset: 120320152829Table 5 Verix Terminal Manager Menu 1  (continued)Display Action
VERIX TERMINAL MANAGERVerix Terminal Manager MenusVX 675 REFERENCE GUIDE 57VTM MGR TERMINAL INFORcnt 2009Tamper Detected  NHeap 1232Stack  2280CERT 5310101> Next CertThis screen shows additional configuration information specific to your terminal:•Number of seconds the terminal has run (Life)•Last reset date and time, in YYMMDDHHMMSS format (where YY = year, MM = month, DD = day, HH = hour, MM = minute, and SS = second).•Number of times the terminal has been reset (Rcnt) either through application control, a Verix Terminal Manager request, or a power cycle.•Notifies if a tamper event has occurred.•Shows the first certificate (Cert).•Displays the memory designation used by the OS (Heap).•Shows the memory set aside for the OS stack. This is where the terminal stores data for running tasks like all the parameters from the call (Stack).To return to the previous menu, press the UP key; to return main menu, press CANCEL.Table 5 Verix Terminal Manager Menu 1  (continued)Display Action
VERIX TERMINAL MANAGERVerix Terminal Manager Menus58 VX 675 REFERENCE GUIDE9> DIAGSVERIX DIAGS MGR1> Printer Diag2> IPP Diag3> ICC Diags4> Keyboard Diag5> Mag Card Diag6> Debugger7> Tamper Log8> RKL Log9> RKL Log exportTo choose an option in the menu, press the corresponding number on the keypad or scroll down to the option using the DOWN key and press ENTER.To run printer diagnostics and test the printer, select 1> PRINTER DIAG.To test the internal PIN pad, select 2> IPP DIAG.To test the ICC, select 3> ICC DIAGS.To test the keyboard, choose 4> KEYBOARD DIAG.To test the magnetic card, choose 5> MAG CARD DIAG.To check the debugger, choose 6> DEBUGGER.To view the Tamper logs, choose7> Tamper LogTo view the RKL logs, choose8> RKL LogTo view the RKL Log export, choose9> RKL Log export Table 5 Verix Terminal Manager Menu 1  (continued)Display Action
VERIX TERMINAL MANAGERVerix Terminal Manager MenusVX 675 REFERENCE GUIDE 59VERIX DIAGS MGR1> Battery Status2> USB Info3> Display Testscreen4> Verix Hash5> RAD Switch6> CIB Information7> VTP StatusTo choose an option in the menu, press the corresponding number on the keypad or scroll down to the option using the DOWN key and press ENTER.To view battery status, select 1> BATTERY STATUS then press ENTER.To view USB info, select 2> USB INFO.To run display screentest, choose 3> DISPLAY TESTSCREEN, then press any three numbers from the keypad.To display Hash information, choose 4> VERIX HASH.To run CDMA debugging, choose 5> RAD SWITCH. (This option is not applicable to VX 675)To view CIB Information, choose6> CIB InfromationTo view the VTP status, choose7> VTP Status 9> DIAGS 1> PRINTER DIAGPrinter ID    PVersion 0PRED1A2Status 221> Test2> Paper FeedWhen you select 1> PRINTER DIAG, the printer ID, firmware version, and the printer status appear.Press 1 to run the printer test. A print sample begins that uses approximately 30.5cm (12 in) of paper. This allows you to test the print quality and adjust your code for print optimization. Press 2 to run approximately 5cm (2 in) of paper through the printer without printing. To go back to the VERIX DIAGS MGR screen, press CANCEL.Table 5 Verix Terminal Manager Menu 1  (continued)Display Action
VERIX TERMINAL MANAGERVerix Terminal Manager Menus60 VX 675 REFERENCE GUIDE9> DIAGS 2> IPP DIAGINTERNAL PIN PADMEMORY TEST PASSEDIPP8 EMUL02A 05/08 01SN: 0000000000000000BAUD: 1200  RESET 3MODE: VISA  EXIT 4When you select 2, the INTERNAL PIN PAD screen appears and the diagnostic test begins. The firmware version and download date, IPP serial number, baud rate, and mode are displayed.To reset the IPP, press 1; to exit the test and return to the VERIX DIAGS MGR screen, press 2 or CANCEL.9> DIAGS 3> ICC DIAGSVoyLib 03.09 0000VxOS11  PSCR  Build 10SCRLIB 2.0  1/121> SMART CARD DIAG2> LIST SYNC DRIVERS3> EXITWhen you select 3, the software library version appears. Choose 1> SMART CARD DIAG to run diagnostics on the Smart Card reader. Select 2> LIST SYNC DRIVERS to view the drivers. Select 3> EXIT to return to the VERIX DIAGS MGR screen.Table 5 Verix Terminal Manager Menu 1  (continued)Display Action
VERIX TERMINAL MANAGERVerix Terminal Manager MenusVX 675 REFERENCE GUIDE 619> DIAGS 4> KEYBOARD DIAGTERMINAL MGR KBD TESTKEYCODE nnThis screen displays the hexadecimal ASCII keycode for each key you press. The value displayed corresponds to the actual key pressed. Other values assigned to keys are software dependent.To test the keyboard, press some keys and check that they match their keycodes (for example, the 1 key displays keycode 31). For more hexadecimal ASCII keycodes, refer to the ASCII table in Appendix D.To stop the test and return to the VERIX DIAGS MGR screen, press CANCEL.9> DIAGS 5> MAG CARD DIAGVERIX TERMINAL MGR TRK 1:VALIDTRK 2:VALID TRK 3:VALIDTo test the magnetic-stripe card reader, swipe a magnetic-stripe card through it.A successful test displays VALID DATA for each track that reads valid data. An error generates one of the following error messages for each track with an error:•NO DATA•NO START•NO END•LRC ERR•PARITY ERR•REVERSE ENDFor more information about magnetic card error messages, refer to the Verix evo Volume I: Operating System Programmers Manual - VPN DOC00301.Table 5 Verix Terminal Manager Menu 1  (continued)Display Action
VERIX TERMINAL MANAGERVerix Terminal Manager Menus62 VX 675 REFERENCE GUIDE9> DIAGS 6> DEBUGGERVERIX TERMINAL MGRGroup ID: nnVERIX TERMINAL MGRPlease enterPassword for GID nn___________________Enter the current password for the selected file group and press ENTER.If you enter an incorrect password, PLEASE TRY AGAIN appears. Press ENTER. Verify your password and reenter it.To return to the VERIX DIAGS MGR screen press CANCEL.Table 5 Verix Terminal Manager Menu 1  (continued)Display Action
VERIX TERMINAL MANAGERVerix Terminal Manager MenusVX 675 REFERENCE GUIDE 639> DIAGS 7> TAMPER LOGSTAMPER LOG03/13/12 19:38 CLEAR03/13/12 19:36  02000001/01/00 17:07  CLEAR01/01/00 00:00 7FFFFF01/01/00 00:57  CLEAR01/01/00 00:00  7FFFFFThe Tamper Log screen displays a list of possible tamper events. The list is sorted from the most current tamper event to the oldest event. The date is displayed in MM/DD/YY format, while the time is displayed as a 24-hour clock.Contact your VeriFone representative for information about the events.Press any key to return to VERIX TERMINAL MGR MENU 2.TAMPER LOG<EMPTY>If the Tamper Log is empty, <EMPTY> is displayed on the screen.To go back to the VERIX DIAGS MGR screen, press CANCEL.Table 5 Verix Terminal Manager Menu 1  (continued)Display Action
VERIX TERMINAL MANAGERVerix Terminal Manager Menus64 VX 675 REFERENCE GUIDE9> DIAGS 8> RKL LOGRKL LOG INFO pg nn<EMPTY>To go back to the VERIX DIAGS MGR screen, press CANCEL.9> DIAGS 8> RKL LOGOutputting log . . .Log output doneTo go back to the VERIX DIAGS MGR screen, press CANCEL.Table 5 Verix Terminal Manager Menu 1  (continued)Display Action
VERIX TERMINAL MANAGERVerix Terminal Manager MenusVX 675 REFERENCE GUIDE 65Menu 2In this menu, you can view the terminal configuration information, change system passwords, perform remote diagnosis, view error and tamper logs, update time and date, load IPP key and adjust display contrast. Some application program downloads automatically reset the system password.Edit Keyed Files A keyed file is a collection of individual records that contain ASCII data and are identified by unique search keys. You can edit the ASCII data directly from the terminal keypad using the terminal’s built-in keyed file editor by selecting option 2, EDIT PARAMETERS, on the first VTM menu. Each record has two parts: a key name and a key value. The search key is a variable-length string of up to 32 characters in length, or key name, that identifies the record. The information assigned to the search key is contained in a separate variable-length string from 1-128 characters in length, or key value.For example, in CONFIG.SYS, the key name for the application serial ID number is *ZT. The value for the key is the actual application ID number. By entering *ZT using the editor, the terminal can quickly locate the application serial ID number. You can also use ENTER to scroll through the search keys instead of entering the characters *ZT through the keypad. The keys are displayed in the order in which it has been entered, not in alphabetic order.CONFIG.SYS: Protected and Non-protected RecordsThe concept of protected and non-protected records applies only to the CONFIG.SYS files in your terminal. Protected records are those with search keys beginning with an asterisk (*) or a pound/hash symbol (#). Protected records in the file Group 1 CONFIG.SYS file are retained in a full application download and when memory is cleared. Non-protected records are all other CONFIG.SYS files, and records of other files. These records are deleted when memory is cleared.Editing CONFIG.SYS with an External EditorYou can create and edit the CONFIG.SYS files of VX 675 applications through an IBM PC-compatible computer when you download files to the terminal. For more information on editing an application’s CONFIG.SYS file, refer to the VeriCentre Reference Manual and the Verix eVo Volume I: Operating System Programmers Manual (VPN DOC00301), or contact your local VeriFone representative.NOTEFor a complete list of the ASCII characters supported by the VX 675 series, as well as their decimal and hexadecimal equivalents, please refer to ASCII Table.
VERIX TERMINAL MANAGERVerix Terminal Manager Menus66 VX 675 REFERENCE GUIDEFor more information about using VeriCentre Download Management Module in client/server installations, please contact your local VeriFone representative.Table 6 Verix Terminal Manager Menu 2 Display  ActionVERIX TERMINAL MGR1> System Error Log2> Clock3> Console Settings4> Change Passwords5> Key ManagementTo view the error and tamper logs, select 1>SYSTEM ERROR LOG.To set the date and time, select 2> CLOCK.To adjust the display contrast, beeper and backlight, select 3> CONSOLE SETTINGS.To change the Verix Terminal Manager and file group passwords, select 4> CHANGE PASSWORDS. The file groups and Verix Terminal Manager all use a default password preset at the factory: 166831. It is entered as:1 6 6 8 3 1 and press ENTER.To test the IPP and RKL key load, select 5> KEY MANAGEMENT.To return to the Terminal Manager Menu 1, press the UP () icon on the left side of the screen.To quit any operation within this menu, press CANCEL. 
VERIX TERMINAL MANAGERVerix Terminal Manager MenusVX 675 REFERENCE GUIDE 671> SYSTEM ERROR LOGVERIX ERROR LOGType 2 OS QT65010MTask 3 GID 1Time 120314193309CPSR 60000010PC 00000024LR 7042018BAddr 00000000The error log screens display internal diagnostic information about the most recent unrecoverable software error. If you report a terminal problem, you may be asked to provide this information.This screen displays the following:•TYPE (error type), where the error type code is:•TASK (task number): indicates type of task that was currently executed:•TIME (time of crash): clock time of the error in the format YYMMDDhhmmss, where YY = year, MM = month, DD = day, hh = hour, mm = minute, and ss = second•CPSR (Current Program Status Register): contains the processor and state condition code•PC (Program Counter): holds the execution address•LR (Link Register): holds the return address of the function callNote: LR may not always contain the current return address.•ADDR (fault address): contains the illegal address that the application was trying to access.Press any key to return to VERIX TERMINAL MGR MENU 2.Table 6 Verix Terminal Manager Menu 2   (continued)Display  Action•1 =  Data abort: attempt to access data at an invalid address•2 =  Program abort: attempt to execute code at an invalid address•3 =  Undefined abort: attempt to execute an illegal instruction•1 =  Verix Terminal Manager•2 =  first user task
VERIX TERMINAL MANAGERVerix Terminal Manager Menus68 VX 675 REFERENCE GUIDE2> CLOCKVTM CLOCK MANAGER1> INCREMENT HOUR2> EDIT TIME3> EDIT DATE4> DECREMENT HOURTo adjust the current time one hour forward, select 1> INCREMENT HOUR.To see the time, select 2> EDIT TIME.To set the date, select 3> EDIT DATE.To adjust the current time one hour back, select 4> DECREMENT HOUR.The terminal clock is battery-backed to retain date and time settings when the terminal is shut off.Note: The terminal clock is battery-backed to retain date and time settings when the terminal is shut off.2> CLOCK 1> INCREMENT HOURTIME AND DATEHH:MM:SSMM:DD:YYSelect 1> INCREMENT HOUR to add an hour to the current time setting.2> CLOCK 2> EDIT TIMEVTM TIMECurrent Time: HH:MM:SSNew Time: ___ : ___:___Enter the new time in HOURS:MINUTES:SECONDS (HH:MM:SS) format.To correct a mistake, press CLEAR to delete and enter the correct number; press ENTER to set the new time.The current time and date is then displayed on the next screen. Press CANCEL to return to the third menu of the VERIX TERMINAL MGR.Table 6 Verix Terminal Manager Menu 2   (continued)Display  Action
VERIX TERMINAL MANAGERVerix Terminal Manager MenusVX 675 REFERENCE GUIDE 692> CLOCK 3> EDIT DATEVTM DATECurrent Date: HH:MM:SSNew Date: ___ / ___ / ___Enter the new date in MONTH/DAY/YEAR (MM/DD/YY) format.To correct a mistake, press CLEAR to delete and enter the correct number; press ENTER to set the new date.The current time and date is then displayed on the next screen. Press CANCEL to return to the third menu of the VERIX TERMINAL MGR.2> CLOCK 4> DECREMENT HOURTIME AND DATEHH:MM:SSMM:DD:YYSelect 4> DECREMENT HOUR to reduce an hour from the current time setting.3> CONSOLE SETTINGSVTM CONSOLE MGR1> Console Beeper  OFF2> Console Beeper  ON3> Backlight  DOWN4> Backlight  UP5> Keypad BL   DOWN6> Keypad BL   UP7> Contrast  DOWN8> Contrast UPTurn the terminal beeper sounds on or off by pressing the 1 or 2 key.Switch the backlight on or off by pressing the 3 or 4 key.Select 5> CONTRAST DOWN  or 6> CONTRAST UP to increase or decrease display contrast respectively.To return to the main menu and save your changes, press ENTER. Otherwise, press CANCEL to go back to the second menu of the VERIX TERMINAL MGR without saving the changes.Table 6 Verix Terminal Manager Menu 2   (continued)Display  Action
VERIX TERMINAL MANAGERVerix Terminal Manager Menus70 VX 675 REFERENCE GUIDE4> CHANGE PASSWORDSVTM PASSWORD MGR1> File Group2> TERMINAL MGR EntryTo change the password of file Group, select FILE GROUP. Then, go to the GROUP nn PASSWORD procedure below. See Passwords for more information.To change the password of another file group, select File Group, enter the appropriate file group number and press ENTER. Then, go to the NEW PASSWORD procedure below.To correct a mistake, press CLEAR to delete the number, and enter the new entry.To change the system password, select TERMINAL MGR ENTRY. Then, skip to TERMINAL MGR PASSWORD NEW below.Note: Some application program downloads automatically reset the Verix Terminal Manager password.VERIX TERMINAL MGRPlease enterPassword for GID n:___________________Enter the current password for the selected file group and press ENTER.If you enter an incorrect password, the following message appears:Change Passwords GnPlease Try AgainPress ENTER. Verify your password and reenter it.TERMINAL MGR ENTRYPlease Enter Password___________________Enter the current password for the terminal and press ENTER.If you enter an incorrect password, the following message appears:Change PasswordsPlease Try AgainPress ENTER. Verify your password and reenter it.Table 6 Verix Terminal Manager Menu 2   (continued)Display  Action
VERIX TERMINAL MANAGERVerix Terminal Manager MenusVX 675 REFERENCE GUIDE 71VTM PASSWORD MGRNew ___________________Type the new password and press ENTER. To correct a mistake, press CLEAR to delete the entry and then reenter the new password.VTM PASSWORD MGRAgain ___________________The terminal requests that you verify the new password. Reenter the new password and press ENTER.5> KEY MANAGEMENTKey Management1> IPP Key Load2> RKL Key Load3> RKL Key StatusSelect either 1> IPP Key Load or 2> RKL Key Load to download the appropriate keys. Select 3> RKL Key Status to display the RKL public key and private key hash.To select, use the UP () and DOWN icon () then press ENTER. You can also choose an option in the menu by pressing the corresponding number on the keypad.To return to VERIX TERMINAL MGR, press CANCEL.Table 6 Verix Terminal Manager Menu 2   (continued)Display  Action
VERIX TERMINAL MANAGERVerix Terminal Manager Menus72 VX 675 REFERENCE GUIDE5> KEY MANAGEMENT 1> IPP KEY LOADVERIX TERMINAL MGRPlease enterPassword for GID nn___________________Enter the current password for the selected file group and press ENTER.Note: This requires group 1 privileges and the group 1 password.If you enter an incorrect password, PLEASE TRY AGAIN appears. Press ENTER. Verify your password and reenter it.INTERNAL PIN PADKEY LOADING MODEBYTES SENT  0BYTES RCVD  0Press 1 to ENDSelect this mode when you use the SecureKit or programming from your PC to inject keys into your terminal. In this mode, a pass-through connection is established between COM1 and COM5 (IPP port) to allow key loading.Press CANCEL to stop the key load session; Press 1 to END when finished with the key load.Note: The connection times out after a minute if the key loading does not start.5> KEY MANAGEMENT 2> RKL KEY LOADVERIX TERMINAL MGRPlease enterPassword for GID nn___________________Enter the current password for the selected file group and press ENTER.If you enter an incorrect password, PLEASE TRY AGAIN appears. Press ENTER. Verify your password and reenter it.Table 6 Verix Terminal Manager Menu 2   (continued)Display  Action
VERIX TERMINAL MANAGERVerix Terminal Manager MenusVX 675 REFERENCE GUIDE 73RKL RSA KEY LOADINGBYTES SENT  0BYTES RCVD  0PRESS CANCEL TO ENDPress CANCEL to stop the key load session.5> KEY MANAGEMENT 3> RKL KEY STATUSRKL Key StatusPublic key name<NO KEY>Private key hash<NO KEY>Press ENTER to view the Private Key Hash.Press CANCEL to return to the KEY MANAGEMENT screen.Table 6 Verix Terminal Manager Menu 2   (continued)Display  ActionNOTEWhen entering any password, an asterisk (*) appears on the display screen for each character you type. These asterisks prevent your password from being seen by an unauthorized person. Pressing the CLEAR key changes the characters or symbols you enter, but does not cause additional asterisks to appear. Secure a copy of every password to ensure it is not forgotten or lost.
VERIX TERMINAL MANAGERVerix Terminal Manager Menus74 VX 675 REFERENCE GUIDE
VX 675 REFERENCE GUIDE 75CHAPTER 5File AuthenticationThis chapter discusses the following VeriShield Retain file authentication security architecture, VeriShield Retain file authentication module, and the organizational infrastructure that supports it (see Introduction to File Authentication). This chapter also explains how the file authentication process may affect the tasks normally performed by application programmers, terminal deployers, site administrators, or entities authorized to download files to a VX 675 terminal (see File Authentication and the File System).Lastly, this chapter explains how to generate the signature files required to perform downloads and authenticate files on the VX 675 terminal using the file signing utility (see VeriShield File Signing Tool).In Chapter 6, the topic of file authentication is also discussed in the context of specific file download procedures.Introduction toFileAuthenticationThe VX 675 terminal uses the VeriShield Retain security architecture, which has both physical and logical components. The logical security component of the VeriShield Retain architecture, which is part of the terminal’s operating system software, is called the file authentication module.File authentication is a secured process for authenticating files using digital signatures, cryptographic keys, and digital certificates. This process makes it possible for the sponsor of a VX 675 terminal to logically secure access to the terminal by controlling who is authorized to download application files to that terminal. It verifies the file’s origin, sender’s identity, and integrity of the file’s information.The VeriFoneCertificate AuthorityTo manage the tools and processes related to the file authentication module of the VeriShield Retain security architecture, VeriFone has established a centralized VeriFone Certificate Authority, or VeriFone CA. This agency is responsible for managing keys and certificates. The VeriFone CA uses an integrated set of software tools to generate and distribute digital certificates and private cryptographic keys to customers who purchase VX 675 terminals.
FILE AUTHENTICATIONIntroduction to File Authentication76 VX 675 REFERENCE GUIDESpecial Files Usedin the FileAuthenticationProcessThe following specially formatted files support the file authentication process:•A digital certificate is a digital public document used to verify the signature of a file.•A digital signature is a piece of information based on both the file and the signer’s private cryptographic key. The file sender digitally signs the file using a private key. The file receiver uses a digital certificate to verify the sender’s digital signature.•Signer private keys (*.key files) are securely conveyed to clients on smart cards. The secret passwords required by clients to generate signature files, using signer private keys, are sent as PINs over a separate channel such as registered mail or encrypted e-mail.Some files, such as private key files, are encrypted and password protected for data security. Others, such as digital certificates and signature files, do not need to be kept secure to safeguard the overall security of VeriShield Retain.Within the VeriShield File Signing Tool tool, you can recognize the special file types that support the file authentication process by the filename extensions listed in Table 7.All digital certificates are generated and managed by the VeriFone CA, and are distributed on request to VX 675 clients—either internally within VeriFone or externally to sponsors.All certificates issued by the VeriFone CA for the VX 675 platform, and for any VeriFone platform with the VeriShield Retain security architecture, are hierarchically related. That is, a lower-level certificate can only be authenticated under the authority of a higher-level certificate. The security of the highest-level certificate, called the platform root certificate, is tightly controlled by VeriFone.Certificates Contain Keys That Authenticate Signature Files•Sponsor certificate: Certifies a client’s sponsorship of the terminal. It does not, however, convey the right to sign and authenticate files. To add flexibility to the business relationships that are logically secured under the file authentication process, a second type of certificate is usually required to sign files.Table 7 VeriShield File Signing Tool Filename ExtensionsFile Type ExtensionSignature *.p7sPrivate key *.keyDigital certificate *.crt
FILE AUTHENTICATIONIntroduction to File AuthenticationVX 675 REFERENCE GUIDE 77A sponsor certificate is authenticated under a higher-level system certificate, called the application partition certificate.•Signer certificate: Certifies the right to sign and authenticate files for terminals belonging to the sponsor.A signer certificate is authenticated under the authority of a higher-level client certificate (the sponsor certificate).The required sponsor and signer certificates must either have been previously downloaded and authenticated on the terminal, or they must be downloaded together with the new signature and target files to authenticate.Signer Private Keys Are Issued to Secure the File Signing ProcessSigner private keys are loaded onto a smart card. This smart card is securely delivered to the business entity that the terminal sponsor has authorized to sign, download, and authenticate applications to run on the sponsor’s terminal.The VeriFone CA can also issue additional sets of sponsor and signer certificates, signer private keys to support multiple sponsors, and multiple signers for a specific platform.To establish the logical security of applications to download to a VX 675 terminal, the designated signer uses the signer private key issued by the VeriFone CA as this is a required input to the VeriShield File Signing Tool. A signature file is generated using a signer private key. Successful authentication depends on whether the signer private key used to sign the target file matches the signer certificate stored in the terminal’s certificate tree.How FileAuthenticationWorksFile authentication consists of three basic processes:1Development: The VeriShield File Signing Tool creates a signature file for each application file to authenticate.2Pre-deployment: An optimal certificate structure is determined, and the necessary certificates and keys are created.3Deployment: The development and pre-deployment processes, once complete, are used in combination to prepare a terminal for deployment.NOTEOnly one sponsor certificate is permitted per terminal. An application cannot be loaded without both a Sponsor and signer certificate.NOTEThe signer private keys loaded onto the smart card is the only copy of the private key.
FILE AUTHENTICATIONIntroduction to File Authentication78 VX 675 REFERENCE GUIDEDevelopment Process In this process:1The application developer creates an application file.2The application developer applies for Sponsor and Signer certificates. The absence of a “default” signer certificate compels developers to apply for a dedicated Signer certificate.3The developer assigns a name to the application file.4The application file becomes a required input for the VeriShield File Signing Tool.5Using the application file, Signer certificate, and Signer password, the VeriShield File Signing Tool creates a signature file (*.p7s).6The signature file and the original application file are loaded into a development terminal, where the following actions occur:aThe terminal’s operating system searches for signature files.bWhen a signature file is found, the operating system then searches for a matching application file.cWhen a matching application file is found, the operating system compares the signature file’s signature against the values stored in the application file’s calculated signature.dIf these values match, the operating system marks the application file “authenticated” and allows it to run.7The application file is tested and debugged.8After the application file is fully debugged, it becomes an input for the deployment process.
FILE AUTHENTICATIONIntroduction to File AuthenticationVX 675 REFERENCE GUIDE 79The following diagram describes the development process.Figure 24 The Development ProcessSIGNATURE FILE(.P7S)APPLICATION FILEDEVELOPMENT OS SEARCHES FOR A .P7S FILE.IF A .P7S FILE IS FOUND, OS THEN SEARCHESFOR A MATCHING APPLICATION FILE.IF A MATCHING APPLICATION FILE IS FOUND, OSCOMPARES .P7S FILE'S SIGNATURE AGAINSTVALUES IN THE APPLICATION FILE'S CALCULATEDSIGNATURE.IF THE VALUES MATCH, THE TWO FILES AREAUTHENTICATED, AND THE ATTR_NOT_AUTHBIT IS SET TO 0.1)2)3)4)SDK'(9(/23(5 '(9(/23(5'(9(/23(5$33/,(6)256,*1(5&(57,),&$7(CERTIFICATEKEYVERISHIELDDEPLOYMENTPROCESSFULLY DEBUGGEDAPPLICATION FILEDEBUG APPLICATIONFILE; MAKENECESSARY CHANGES.DEVELOPER CREATESAPPLICATION.APPLICATION FILECREATED(WITH DEVELOPER-ASSIGNED NAME).
FILE AUTHENTICATIONIntroduction to File Authentication80 VX 675 REFERENCE GUIDEPre-Deployment ProcessIn this process:1A sponsor goes to the VeriFone CA Web site and requests certificates for deployment terminals.2Based on information provided by the sponsor through the VeriFone CA Web site, the VeriFone CA determines the required certificate structure.3The VeriFone CA generates the following items for the sponsor:aSmart card containing a set of certificates and private key.bSmart card PIN.4The VeriFone CA sends the smart card and smart card PIN to the sponsor.5The sponsor uses the smart card and smart card PIN as inputs for the deployment process.Figure 25 illustrates the pre-deployment process.Figure 25 The Pre-Deployment Process63216259(5,)21(&$'(7(50,1(65(48,5('&(57,),&$7(6758&785(9(5,)21(&$:(%6,7('(3/2<0(17352&(66632162560$57&$5'3,15(48(676&(57,),&$7(6)25'(3/2<0(177(50,1$/6)5209(5,)21(&$:(%6,7(9(5,)21(&$*(1(5$7(6$6(72)&(57,),&$7(6)257+(63216256,*1(5&(57,),&$7(6,*1(560$57&$5'6321625&(57,),&$7(6,*1(535,9$7(.(<
FILE AUTHENTICATIONIntroduction to File AuthenticationVX 675 REFERENCE GUIDE 81Deployment Process (see Figure 26)In this process:1The sponsor provides the application file (from the development process), the smart card, and smart card PIN (from the pre-deployment process) as inputs to VeriShield Retain.2VeriShield Retain extracts the signer key, signer certificate, and sponsor certificate from the smart card.3VeriShield Retain uses the extracted data, along with the application file, to create a signature file (*.p7s).4VeriShield Retain creates files suitable for downloading from the extracted smart card data.5The signature file, application file, and extracted signer and sponsor certificates are downloaded into a deployment terminal, where the following actions occur:aThe terminal’s operating system searches for signature files.bIf a signature file is found, the operating system then searches for a matching application file.cIf a matching application file is found, the operating system compares the signature file’s signature against the values stored in the application file’s calculated signature.dIf these values match, the operating system marks the application file “authenticated” and allows it to run.6Each successfully authenticated executable application file is allowed to run on the terminal (otherwise, the executable remains stored in the terminal memory but is not allowed to run).
FILE AUTHENTICATIONIntroduction to File Authentication82 VX 675 REFERENCE GUIDEFigure 26 illustrates the deployment process.Figure 26 The Deployment ProcessPlanning for FileAuthenticationFile authentication is an integral part of every VX 675 terminal. To safeguard the terminal’s logical security, the file authentication module requires that any executable code file must be successfully authenticated before the operating system allows it to execute on the terminal.VERISHIELDFILE SIGNINGTOOLPRE-DEPLOYMENTPROCESSDEVELOPMENTPROCESSSMARTCARDPINSIGNATURE FILE(*.*.P7S)SIGNERCERTIFICATESPONSORCERTIFICATEFULLY DEBUGGEDAPPLICATION FILEDEVELOPMENT OS SEARCHES FOR A *.*.P7S FILE.IF A *.*.P7S FILE IS FOUND, OS THEN SEARCHES FORA MATCHING APPLICATION FILE.IF A MATCHING APPLICATION FILE IS FOUND, OSCOMPARES *.*.P7S FILE'S SIGNATURE AGAINSTVALUES IN THE APPLICATION FILE'S CALCULATEDSIGNATURE.IF THE VALUES MATCH, THE TWO FILES AREAUTHENTICATED, AND THE ATTR_NOT_AUTH BITIS SET TO 0.1)2)3)4)SIGNERCERTIFICATESIGNER SMART CARDSPONSORCERTIFICATESIGNERPRIVATE KEY3DEF2ABC1QZ.4GHI7PRS*5JKL8TUV0-SPX6MNO9WXY# ’ ” ’
FILE AUTHENTICATIONIntroduction to File AuthenticationVX 675 REFERENCE GUIDE 83Authentication Requirements for Specific File TypesFor the purposes of file authentication, executable code files include two file types that can be recognized by the filename extensions listed in Table 8.Depending on the logical security requirements of specific applications, other types of files used by an application (that is, non-executable files) must also be authenticated.•Data files (*.dat) that contain sensitive customer information or other data that must be secure•Font files (*.vft or *.fon) may need to be secure to prevent unauthorized text or messages from being displayed on the terminal screen.•Any other type of file used by an application in which the application designer would like to logically secure using file authentication requirementsDecide Which Files to Authenticate in a Specific ApplicationThe first step in the file authentication process is to determine which files must be authenticated for an application to meet its design specifications for logical security under the VeriShield Retain security architecture.In most cases, application designers make these decisions based on specifications provided by the terminal sponsor. Determining which files to authenticate can be completely transparent to the person or business entity responsible for signing, downloading, and authenticating an application prior to deployment.How (and When) Signature Files Authenticate Their Target FilesSignature files are usually downloaded together with their target application files in the same data transfer operation. This recommended practice lets you specify and confirm the logical security status of the VX 675 terminal each time you perform an application download.When the file authentication module detects a new signature file after a terminal restart, it locates and attempts to authenticate the target file that corresponds to the new signature file.Table 8 Executable File ExtensionsFile Type ExtensionCompiled and linked application files *.outGlobal function libraries *.lib
FILE AUTHENTICATIONIntroduction to File Authentication84 VX 675 REFERENCE GUIDEIt is not mandatory to always download a signature file and its target application file at the same time. For example, you can download the corresponding signature file in a separate operation. A non-authenticated application can reside in the terminal memory, but is not authenticated or allowed to run on the terminal until the signature files for the application executable files are processed by the file authentication module after a subsequent download procedure and terminal restart.Determine Successful AuthenticationTo ensure the VX 675 terminal’s logical security, never assume that a target file was authenticated simply because it was downloaded to the VX 675 terminal together with its signature file.There are several ways to ensure a target file is successfully authenticated after a download:•Confirm if all downloaded executable files run. If an executable code file is not successfully authenticated, the operating system does not allow it to execute and run, either following the initial download or on subsequent terminal restarts. The effect of this rule depends on whether or not all executable files are successfully authenticated.•If the executable file that failed to authenticate is the main application (*.out) specified in the CONFIG.SYS *GO variable, the main application is not allowed to run.•If the executable that failed to authenticate is a secondary executable (*.out) or shared library (*.lib) used by the main application, the CONFIG.SYS *GO application executes and runs until it issues a function call to that library. When the main application attempts to access a non-authenticated executable, the main application may crash.•Visually (and audibly) confirm file authentication during the process. When the file authentication module is invoked at terminal restart and detects a new signature file, it displays status information on the screen indicating success or failure of the authentication of each target file based on its corresponding signature file. (A similar status display also appears on the screen when you download digital certificates.)You can watch the screen display following the download to see if a specific target file fails authentication. If this happens, FAILED is displayed for five seconds on the screen below the filenames of the target and signature files, and the terminal beeps as an alert.An application program can issue a function call to read the ATTR_NOT_AUTH bit’s current value for all relevant files to verify they were successfully authenticated. If the ATTR_NOT_AUTH bit’s binary value is 1, the file did not authenticate; if 0, the file did authenticate.
FILE AUTHENTICATIONIntroduction to File AuthenticationVX 675 REFERENCE GUIDE 85For non-executable files, it is the application’s responsibility to confirm that all of the files it uses successfully authenticated on download completion, and when the application executes the first time following a restart.Digital Certificatesand the FileAuthenticationProcessThe file authentication module always processes certificates before it processes signature files. Digital certificates (*.crt files) generated by the VeriFone CA have two important functions in the file authentication process:•They define the rules for file location and usage (for example, the valid file group, replaceable *.crt files, parent *.crt files, whether child *.crt files can exist, and so on).•They convey the public cryptographic keys generated for terminal sponsors and signers that are the required inputs to the VeriShield File Signing Tool to verify file signatures.Hierarchical Relationships Between CertificatesAll digital certificates are hierarchically related to one another. Under the rules of the certificate hierarchy managed by the VeriFone CA, a lower-level certificate must always be authenticated under the authority of a higher-level certificate. This rule ensures the overall security of VeriShield Retain.To manage hierarchical relationships between certificates, certificate data is stored in terminal memory in a special structure called a certificate tree. New certificates are authenticated based on data stored in the current certificate tree. The data from up to 21 individual related certificates (including root, OS, and other VeriFone-owned certificates) can be stored concurrently in a certificate tree.This means that a new certificate can only be authenticated under a higher-level certificate already resident in the terminal’s certificate tree. This requirement can be met in two ways:•The higher-level certificate may have already been downloaded to the terminal in a previous or separate operation.•The higher-level certificate can be downloaded together with the new certificate as part of the same data transfer operation.NOTEBecause the application is responsible for verifying data files and prompt files, it is recommended that each application check the ATTR_NOT_AUTH bit of all relevant files on restart.NOTEEach successfully authenticated file is also write-protected. That is, the file’s read-only attribute is set. If the read-only file is removed or if the file is modified in any way while stored in the terminal, the ATTR_NOT_AUTH bit is automatically set to 1. If the modified file is an executable, it is no longer allowed to run.
FILE AUTHENTICATIONIntroduction to File Authentication86 VX 675 REFERENCE GUIDEA development set of higher-level certificates is downloaded into each VX 680 terminal upon manufacture. When you take a new VX 680 terminal out of its shipping carton, certificate data is already stored in the terminal’s certificate tree. In this just-out-of-the-box condition, the VX 675 terminal is called a development terminal.A sponsor requests a set of digital certificates from the VeriFone CA to establish sponsor and signer privileges. This set of certificates is then downloaded onto the VX 680 when the device is being prepared for deployment. When this procedure is complete, the VX 675 is called a deployment terminal.Adding New CertificatesWhen you add a new certificate file to a VX 675 terminal, the file authentication module detects it by filename extension (*.crt). On restart, the terminal then attempts to authenticate the certificate under the authority of the resident higher-level certificate stored in the terminal’s certificate tree or one being downloaded with the new certificate.In a batch download containing multiple certificates, each lower-level certificate must be authenticated under an already-authenticated, higher-level certificate. Whether or not the data a new certificate contains is added to the terminal’s certificate tree depends on whether it is successfully authenticated. The following points explain how certificates are processed:•If a new certificate is successfully authenticated, the information it contains is automatically stored in the terminal’s certificate tree. The corresponding certificate file (*.crt) is then deleted from that file group’s memory.•If the relationship between the new certificate and an existing higher-level certificate cannot be verified, the authentication procedure for the new certificate fails. In this case, the certificate information is not added to the certificate tree and the failed certificate file (usually ~400 bytes) is retained in the application memory.Development TerminalsA development terminal is a VX 675 with a Sponsor and Signer certificate issued to someone who intends to use the terminal for application development. An application developer must apply for a Sponsor/Signer certificate to allow loading an application. See Figure 27.In the development device, the level of logical security provided by the file authentication module is the same as a deployment application. NOTEWith the factory set of certificates stored in the terminal memory, anyone who has the VX 675 SDK and VeriShield File Signing Tool can generate valid signature files for downloading and authenticating files on the VX 675 platform.
FILE AUTHENTICATIONIntroduction to File AuthenticationVX 675 REFERENCE GUIDE 87Deployment TerminalsWhile the application development process is being completed and while the new application is being tested on a development terminal, a sponsor can order specific sponsor and signer certificates from the VeriFone CA to use to logically secure sponsor and signer privileges when the VX 675 terminal is prepared for deployment.Customer-specific sponsor and signer certificates are usually downloaded to a VX 675 terminal as part of the standard application download procedure performed by a deployment service. In this operation, the new sponsor and signer certificates replace the development sponsor certificate that is part of the factory set of certificates, as shown in Figure 27.When the sponsor and signer certificates are downloaded and successfully authenticated, the terminal is ready to deploy.Ultimately, it is the sponsor’s decision how to implement the logical security provided by file authentication on a field-deployed terminal. Additional certificates can be obtained from the VeriFone CA anytime to implement new sponsor and signer relationships in deployment terminals. VeriShield Retain allows for multiple sponsors and signing certificates in a terminal. This allows the flexibility of unique signatures for each executable or data files.
FILE AUTHENTICATIONIntroduction to File Authentication88 VX 675 REFERENCE GUIDEFigure 27 illustrates the certificate trees in development and deployment terminals.Figure 27 Certificate Trees in Development and Deployment TerminalsPermanency of the Certificate TreeThe data contained in a digital certificate is stored in the terminal’s certificate tree when the certificate is authenticated, and the certificate file itself is erased from memory.The certificate tree file is stored in a reserved area of non-volatile memory and is therefore permanent. New certificate data can be added to the existing certificate tree (up to a maximum of 21 certificates).Required Inputs to the File Signing ProcessThe required inputs to the file signing process are somewhat different for development terminals than deployment terminals. The significant differences are shown in Table 9.ROOTOPERATINGSYSTEMAPPLICATIONPARTITIONDEPLOYMENTSPONSORCERTIFICATE(VALIDATEDBY THE APPLICATIONPARTITIONCERTIFICATE)ROOTDEPLOYMENTCERTIFICATE(VALIDATED BYTHE SPONSORCERTIFICATE)APPLICATIONPARTITIONDEVELOPMENTSPONSORCERTIFICATE(VALIDATEDBY THE APPLICATIONPARTITIONCERTIFICATE)SIGNERCERTIFICATE(VALIDATED BYTHE SPONSORCERTIFICATE)VERIFONEPARTITIONOPERATINGSYSTEMVERIFONEPARTITIONDEVELOPMENT TERMINAL DEPLOYMENT TERMINALDEVELOPMENT3DEF2ABC1QZ.4GHI7PRS*5JKL8TUV0-SPX6MNO9WXY# ’ ” ’ 3DEF2ABC1QZ.4GHI7PRS*5JKL8TUV0-SPX6MNO9WXY# ’ ” ’ ROOTOPERATINGSYSTEMAPPLICATIONPARTITIONDEPLOYMENTSPONSORCERTIFICATE(VALIDATEDBY THE APPLICATIONPARTITIONCERTIFICATE)ROOTDEPLOYMENTCERTIFICATE(VALIDATED BYTHE SPONSORCERTIFICATE)APPLICATIONPARTITIONDEVELOPMENTSPONSORCERTIFICATE(VALIDATEDBY THE APPLICATIONPARTITIONCERTIFICATE)SIGNERCERTIFICATE(VALIDATED BYTHE SPONSORCERTIFICATE)VERIFONEPARTITIONOPERATINGSYSTEMVERIFONEPARTITIONDEVELOPMENT TERMINAL DEPLOYMENT TERMINALDEVELOPMENT3DEF2ABC1QZ.4GHI7PRS*5JKL8TUV0-SPX6MNO9WXY# ’ ” ’ 3DEF2ABC1QZ.4GHI7PRS*5JKL8TUV0-SPX6MNO9WXY# ’ ” ’
FILE AUTHENTICATIONIntroduction to File AuthenticationVX 675 REFERENCE GUIDE 89Table 9 Differences Between Required InputsDevelopment Terminals Deployment TerminalsManufacturing inputs to the file signing process are included, together with the VeriShield File Signing Tool in the VX 675 SDK. These inputs make it possible for anyone who has the VX 675 SDK to sign and authenticate files.The required inputs to VeriShield File Signing Tool must be obtained from the VeriFone CA to logically secure the sponsor and signer privileges for the terminal.The following three unique inputs, which are issued at customer request by the VeriFone CA, are required for the file signing process, as well as the application files you want to sign and authenticate:•Developer signer certificate: This unique certificate is a required input for VeriShield File Signing Tool and must be downloaded to the terminal along with the signature files and target application files to authenticate, unless already downloaded to the terminal in a previous operation.•Developer signer private key: The VeriFone CA issues this unique, encrypted private key file (*.key) to an authorized signer at the sponsor’s request. The signer private key is a required input to VeriShield File Signing Tool, but does not have to be downloaded to the terminal.•Developer signer PIN: The VeriFone CA issues this unique password to an authorized signer at the sponsor’s request. The customer signer password is a required input to VeriShield File Signing Tool, but it does not have to be downloaded to the terminal.Note: The customer sponsor certificate, which authenticates the customer signer certificate, is usually downloaded to the terminal with the customer signer certificate, but it is not a required VeriShield File Signing Tool input when signing files.
FILE AUTHENTICATIONIntroduction to File Authentication90 VX 675 REFERENCE GUIDEReplace a Sponsor CertificateA sponsor may need to clear the current sponsor certificate from a terminal so that a new sponsor can load certificates and applications. To do this, the original sponsor must order a “clear” smart card from the VeriFone CA. The clear smart card is specific to the requesting sponsor. It restores a deployment terminal to the development state (refer to Figure 28) by:•Deleting the current sponsor and signer certificates from the terminal’s application partition.Figure 28 Certificate Replacement ProcessNOTEThe process for replacing a signer certificate is the same as replacing a sponsor certificate.REPLACE A CERTIFICATEDELETES THE CURRENTSPONSOR AND SIGNERCERTIFICATES5(6725(7+('(9(/23(5&(57,),&$7(&23<**ROOT'(9(/230(176,*1(5&(57,),&$7(9$/,'$7('%<7+(6321625&(57,),&$7(APPLICATIONPARTITIONOPERATINGSYSTEMVERIFONEPARTITIONDEPLOYMENT TERMINALROOTOPERATINGSYSTEMAPPLICATIONPARTITIONVERIFONEPARTITIONDEVELOPMENT TERMINALLOADS THE CLEAR CERTIFICATE,RANDOM FILE, AND RANDOMSIGNATURE FILE INTO THETERMINAL.THE VERISHIELD PROCESS:'(9(/230(176321625&(57,),&$7(9$/,'$7('%<7+($33/,&$7,213$57,7,21&(57,),&$7('(3/2<0(17&(57,),&$7(9$/,'$7('%<7+(6321625&(57,),&$7('(3/2<0(176321625&(57,),&$7(9$/,'$7('%<7+($33/,&$7,213$57,7,21&(57,),&$7(
FILE AUTHENTICATIONFile Authentication and the File SystemVX 675 REFERENCE GUIDE 91FileAuthenticationand the FileSystemApplication Memory Logically Divided Into File GroupsThe memory of a VX 675 terminal is logically divided into two main areas, or partitions: •operating system •applicationsThe application partition is further divided into sub-partitions. These sub-partitions are called file groups or GIDs.This system of partitions and sub-partitions makes it possible to store multiple applications in terminal memory and prevent these applications from overlapping or otherwise interfering with each other’s operation.There are a total of 16 file groups (Figure 29). Group 0 is the name of the operating system partition. Group 1 is reserved for the main application. Groups 2–14 are available for related executable files or secondary applications. Group 15 is open, and used for shared files such as shared libraries.Figure 29 VX 675 Application Memory PartitionsRules for Storing Applications in Specific File GroupsHere are some important VX 675 file system features, as they relate to storing application files in specific file groups, and how these features affect the file authentication process:•Most applications consist of more than one executable. For each executable to run on the terminal, it must be signed and authenticated. •Although not enforced by the operating system, it is recommended that only one application be stored per file group in the application partition. Any number of executable files can, however, be stored in a single file group.•Using the CONFIG.SYS *GO variable, you can specify only one application to automatically execute following a download and terminal restart. The defined application is usually the main application stored in Group 1 and called from the *GO variable in the CONFIG.SYS file in GID1.NOTEThe VX 675 operating system only enforces the rule that the main application be always stored in GID1. You can, for example, store a shared library in any file group. Rules for Storing Applications in Specific File Groups states reasons to follow the guidelines previously described for storing applications and libraries in specific file groups.
FILE AUTHENTICATIONFile Authentication and the File System92 VX 675 REFERENCE GUIDE•The main application stored in GID1 can access files, secondary applications, or function libraries stored in any other file group.•The application downloaded into GID1 is always the primary application for the terminal. This application is owned by the primary terminal sponsor (sponsor A) in cases where there are multiple sponsors. •The Group 1 application controls any and all secondary applications stored in terminal memory. That is, a secondary application can only be invoked by a RUN command issued by the Group 1 application.•An application stored in Groups 2–15 can only access files stored in its own file group and in Group 15. For example, an application authorized by the sponsor to be authenticated in Group 4 can only access files and libraries stored in Group 4 and Group 15.•If multiple applications (main and secondary) are to run on the same terminal, each .OUT and/or shared library file must have its own matching signature file. Because each application is responsible for verifying its own data and prompt files, the other application files should have their own matching signature files. The master .OUT file should validate that these additional signature files are authenticated before they are used.•If two or more applications will run on the same terminal, the signature files for the respective applications must be downloaded, together with the corresponding target files, into the specific file group(s) for which the applications are authorized. If an application is downloaded into a group for which is it not authorized, file authentication for that application fails.If, for example, Application B is downloaded into GID4, where it is authorized to run, but the signature files for all Application B executable files are downloaded into GID7, file authentication for Application B fails and it is not allowed to run.•Each certificate contains an attribute to verify if an application is valid for a particular group. Authenticate Files Stored in the Memory of a File GroupAll *.p7s files are identified as I: drive or F: drive files and contain flags that indicate if the file to verify is identified as an I: drive or an F: drive file. A signature file must know if its matching application file is identified as an I: drive or an F: drive file. If a signature file cannot locate its matching application file, the application file is not authenticated.
FILE AUTHENTICATIONFile Authentication and the File SystemVX 675 REFERENCE GUIDE 93If the signature file authenticates its target file, and if the *FA variable is present in the CONFIG.SYS file of the target file group and is set to 1, the signature file is retained in memory and is automatically moved, if necessary, into the same logical file system (I: or F:) as the target file it authenticates. That is, if the target file is identified as an F: drive file, the signature file is also identified as an F: drive file; if the target file is identified as an I: drive file, the signature file is also is identified as an I: drive file.If the signature file authenticates its target file and the *FA variable is present in the CONFIG.SYS file of the target file group and is set to 0, the signature file is erased when its target file is authenticated.If you intend to perform back-to-back downloads, as described in Chapter 6, all signature files must be retained in the VX 680 terminal’s application memory, together with the target application files they authenticate.Restrictions on Downloading Different File TypesA typical application download includes a variety of different file types. The following restrictions in Table 10 describe how you can download different kinds of files to the VX 680 terminal and how files are stored in the file system:NOTENormally signature files are retained in the terminal even after being used to authenticate executable (code) or data files. This is to facilitate back-to-back downloads, as described in Chapter 6. Users who do not intend to perform  back-to-back downloads can remove signature files after use, gaining space for other files. Automatic removal is performed if the user sets *FA=0 in the CONFIG.SYS file of Group 1. The main reason for using *FA is to force automatic removal. If the user desires the default behavior (retain signature files, to allow for back-to-back downloads), the user does not need to set *FA.NOTETo control if signature files are retained or deleted when they are processed by the file authentication module, you must use the protected CONFIG.SYS variable *FA as documented in the Verix eVo Volume I: Operating System Programmers Manual (VPN DOC00301).Table 10 Download File ExtensionsFile Type RestrictionCertificate (*.crt)Must be downloaded into the I: drive of the target file group   (GID1 – GID15) selected in Verix Terminal Manager.Signature (*.p7s)Must be downloaded into the I: drive of the target file group   (GID1 – GID15) selected in Verix Terminal Manager.Operating system Must be downloaded into Group 1 I: drive. When the OS files, related certificates and signature files are authenticated, they are automatically moved from Group 1 I: drive into the Group 0 sub-partition reserved for the operating system.
FILE AUTHENTICATIONVeriShield File Signing Tool94 VX 675 REFERENCE GUIDEThe normal size of a signature file is approximately 400 bytes. Depending on the application’s size and on how memory space is allocated, the area available for storing multiple signature files must be carefully managed. The memory space required by a certificate file is also approximately 400 bytes, but certificate files are temporary. When a certificate is authenticated, the data it contains is copied to the certificate tree, and the certificate file is erased from the target file group’s I: drive.VeriShield FileSigning ToolTo generate the signature files required for file authentication, you must sign all executable files and other files to be logically protected using the file signing (VeriShield File Signing Tool) software tool. This section discusses the use of this tool, which is included in the VX 675 Verix eVo DTK.The VeriShield File Signing Tool generates a formatted file called a signature file, recognized by the filename extension *.p7s.You can run VeriShield File Signing Tool on a host computer (PC) in DOS command-line mode, or invoke the program under Windows 2000 or Windows XP and then use the dialog box shown on Figure 30 to make the required entries.VeriShield FileSigning ToolSystemRequirementsThe file signing tool requires one of the following computing environments:•Windows NT, Version 4.0, SP5•Windows 95, with Internet Explorer Version 5.0The SP5 and Internet Explorer Version 5.0 software can be downloaded from the Microsoft Web site located at www.microsoft.com.Operating Modes forthe VeriShield FileSigning ToolThe VeriShield File Signing Tool can run on the host computer in two user modes:•Command-line mode (Windows PC DOS shell): Command-line mode is useful for application developers who perform batch file downloads and is convenient when using file download tools provided by VeriFone, such as the VeriCentre Download Management Module (DMM) and the DDL.EXE direct download utility. In command-line mode, you can sign a batch of files in a single operation.•Graphical interface mode (Windows NT or Windows 95): Use the FileSign dialog box (Figure 30) to select the file to sign, and assign a name and destination location for the generated signature file on the host computer. When you run the file signing tool under Windows, you can sign only one file at a time.NOTEThe file signing process for operating system files is done for VX 675 customers by the VeriFone CA. For operating system updates, VeriFone provides customers with a complete download package that includes all certificates and signature files required for authentication.
FILE AUTHENTICATIONVeriShield File Signing ToolVX 675 REFERENCE GUIDE 95You can also specify to store the target file in the target file group’s I: drive (default location) or in the target file group’s F: drive. If required, you can navigate through the file system on your PC to select the signer certificate file (*.crt) and signer private key file (*.key) to use as inputs to the file signing process.Figure 30 FileSign Dialog BoxNOTEIf the entry of a signer password is a required input, a secondary dialog box is displayed to enter and confirm the password. Please also note that a signer password is required for a deployment terminal, but not for a development terminal.
FILE AUTHENTICATIONVeriShield File Signing Tool96 VX 675 REFERENCE GUIDECommand-LineEntries for the FileSigning ToolTable 11 lists the switches that make up the command-line mode syntax for the file signing tool (VeriShield File Signing Tool).Table 11 Command-Line Mode Switches for VeriShield File Signing ToolaSwitch Description Requirements-C, -c Signer certificate file name (*.crt).Required input for development terminals and deployment terminals.Use the VxSIGN.CRT developer signer certificate for development terminals.Use the signer certificate issued by the VeriFone CA for deployment terminals.-K, -k Signer private key filename (*.key).Required input for development terminals and deployment terminals.Use the VxSIGN.KEY developer signer private key for development terminals.Use the signer private key provided by the VeriFone CA for deployment terminals.-P, -p Signer password for decrypting the signer private key.Required input for development terminals and deployment terminals.The VeriFone CA issues and securely conveys this password to an authorized signer.-F, -f Name of the application file to sign (*.out, *.lib, or other file type).Required for development terminals and for deployment terminals.
FILE AUTHENTICATIONVeriShield File Signing ToolVX 675 REFERENCE GUIDE 97Please note also how the command-line mode switches described in Table 11 are used in this example:filesign -L -f file.out -s file.p7s -c vxsign.crt -k vxsign.key•The -L switch indicates to store the application file in the flash file system instead of the target group’s (default) I: drive file system. (The target group for the download must be selected from Verix Terminal Manager when the download is performed.)•The -f switch indicates that the application file “file.out” must be signed by the file signing tool.Executable files, such as *.out and *.lib files, must always be signed if they are to run on the terminal following a download. Depending on the -S, -s Name of the signature file (*.p7s) for VeriShield File Signing Tool to generate for the target application file.Required for development terminals and for deployment terminals.-L, -l Specifies to store the target application file to sign and authenticate in the drive F: file system.If you do not use this switch to specify F: drive as the target file destination, it is stored by default in the I: drive.Optional entry.This switch assigns an F: prefix to the name of the *.out or *.lib file to download, and also stores this information in the signature file as part of the special filetype attribute.Note: Signature files must be downloaded into the target file group’s I: drive.If the target file is authenticated, the corresponding *.p7s file is moved to the same memory area as the target file it authenticates. For example, if the target file is stored in F: drive, its *.p7s file is moved into the F: drive system. If, however, you set the *FA variable in the file group’s CONFIG.SYS file to 0, all signature files are deleted from memory when file authentication is complete. Removing *.p7s files will prevent application files from executing after a back-to-back download.a. The switches described are not case-sensitive and can be entered on the command line in any order.Table 11 Command-Line Mode Switches for VeriShield File Signing ToolaSwitch Description Requirements
FILE AUTHENTICATIONVeriShield File Signing Tool98 VX 675 REFERENCE GUIDEapplication’s logical security requirements, other types of files, such as data files and font files, may also need to be signed and authenticated on download.•The -s switch is followed by the name of the signature file to be generated, file.p7s.•The -c switch is followed by the name of the signer certificate to be used for file authentication with the development terminal, “vxsign.crt.”•The -k switch is followed by the name of the signer private key file, vxsign.key. A signer private key is a required input to the file signing process for development terminals and for deployment terminals.Graphical InterfaceMode for theVeriShield FileSigning ToolWhen you execute the VeriShield File Signing Tool file, the FileSign dialog box is displayed (see Figure 30). The FileSign dialog box has four entry fields, each of which is followed by a “next” [...] selection button. There is one check box, and the OK and Cancel buttons.•Press ALT+C or click the [...] button to the right of the Certificate field to locate and select the certificate file (*.crt) to be used to sign the file.•Press ALT+K or click the [...] button to the right of the Key field to locate and select the signer private key file (*.key).•Press ALT+F or click the [...] button to the right of the File to be signed field to locate and select the application file (*.out, *.lib, or other) to sign. If necessary, the filename can also be modified.To store the file in F: drive upon download to the terminal, check the Stored in Flash check box. This adds the F: prefix to the target file name.•Press ALT+S or click the [...] button to the right of the Signature file field to enter a filename for the signature file to be generated. The filename extension must always be *.p7s. You can also choose another directory on the host PC to store the generated signature file.•When all entries are complete, press ALT+O or click the OK button to execute the VeriShield File Signing Tool and generate the signature file, otherwise, press ALT+A or click Cancel to exit the VeriShield File Signing Tool utility.When the necessary signature files are generated to authenticate the application or applications on the VX 680 terminal, perform the application download procedure.For more information about file authentication within the context of specific download procedures, refer to Chapter 6.
VX 675 REFERENCE GUIDE 99CHAPTER 6Performing DownloadsThis chapter contains information and procedures to allow you to perform the various types of data transfers required to: •Develop applications for the VX 675 terminal.•Prepare VX 675 terminals for deployment.•Maintain VX 675 terminal installations in the field.•Transfer data to/from terminals.In this chapter, information pertaining to file authentication is only discussed in the context of procedures while performing file downloads. See Chapter 5 for further file authentication discussion.The VX 675 terminal contains ports that allow connection to a network or other terminals (for back-to-back downloads). See Download Methods.Downloads andUploadsData can be transferred from a sending system to a receiving system while performing downloads. The term download also refers to a terminal receiving data. The term upload describes the process of a terminal sending data.Use any of the following two operations to program, deploy, transfer data files from, and support VX 675 terminals:•Host computer downloads: Applications, operating systems or OS updates, and associated files transfer from a host PC to a VX 675 terminal. A service dongle (SUB265-001-01-A) is used to connect the RS-232 serial ports between two systems. Please refer to Table 15 for the direct download procedure.•Back-to-back downloads: Applications and associated files transfer from one VX 675 terminal to another VX 675 terminal.DownloadMethodsThe following methods are available for file and data downloads through the VX 675 download and upload procedures:•Direct downloads: Files and/or data transfer directly from the sending system (a host computer) to the receiving system (a VX 675 terminal). A special cable called service dongle (SUB265-001-01-A) connects the RS-232 serial ports of the two systems.
PERFORMING DOWNLOADSDownload Tools100 VX 675 REFERENCE GUIDE•Back-to-back downloads: Files and data transfer from a sending VX 675 terminal to a receiving VX 675 terminal are sent over using the service dongle, it connects the RS-232 serial ports of the two systems.Download ToolsThree software tools are available from VeriFone for performing downloads: VeriCentre Download Management Module (DMM), VeriCentre, and DDL.EXE (Direct Download Utility).The following tools perform direct downloads from a host computer to a VX 675 terminal:•VeriCentre DMM: Multi-user environment for software downloads. DMM supports Windows NT clients and has a sophisticated database to manage up to 100,000 terminals. The VX 675 operating system supports file decompression for archives created using DMM.•VeriCentre: PC-based software tool to manage applications and data for VeriFone. In addition to being a database and communications management tool, VeriCentre automates application downloads and updates to terminal records.•DDL.EXE: Downloads files and data from a development system or another host computer, directly to a VX 675 terminal over a serial cable connection. DDL.EXE is a Windows program included in the Verix eVo DTK (Verix eVo Developer’s Toolkit).DownloadContentIn general, you can download files and data to a VX 675 terminal. The types of files and data can be grouped into the following functional categories:•Operating system files: A set of related programs and data files provided by VeriFone to control the terminal’s basic processes and functions. Files that belong to the OS are stored in a reserved area of the terminal memory.NOTEAn external UART Dongle on both the sending and receiving terminal is required to attach the special cable.NOTEBecause of the large size of some download files, VeriFone recommends only using download tools provided by VeriFone. CRC and other error checking is not supported on the GSM system. VeriFone download tools provide these error checking mechanisms.NOTENo special software tool or utility is required to perform back-to-back application downloads. Only a serial cable connected between two terminals is required. This data transfer procedure, invoked from within Verix Terminal Manager, is handled by the OS software and firmware of the sending and receiving VX 675 terminals.
PERFORMING DOWNLOADSFull and Partial DownloadsVX 675 REFERENCE GUIDE 101A complete OS is downloaded to each VX 675 terminal during the manufacture. If necessary, download newer versions during application development, or when preparing for deployment to on-site terminals.•Applications and related files: An application is a computer program consisting of one or more executables, including compiled and linked object files (*.out), and one or more function libraries (*.lib). Most applications also include font files (*.vft, *.fon), data files (*.dat), and other related file types.VX 675 applications can be developed by VeriFone, customers, or third parties on customer request. One or more applications must be downloaded to the VX 675 terminal before it can be deployed at a customer site and used to process transactions.•Files related to file authentication: The logical component of the VeriShield security architecture in the VX 675 terminal is file authentication. For an executable to run on a VX 675 terminal, it must be authenticated by the VeriShield file authentication module.Two special types of files are required for the file authentication process: digital certificates (*.crt) and signature files (*.p7s). These file types must be downloaded to the terminal together with the application files to authenticate.•Terminal configuration settings: Files or records that contain various types of data can also be downloaded to a VX 675 terminal, including CONFIG.SYS variables, passwords for accessing protected Verix Terminal Manager functions, the current date and time, and the modem country code setting (refer to Chapter 4).Full and PartialDownloadsWhen preparing to initiate a download procedure, choose either a full or partial download and the COM 1 port, through the Verix Terminal Manager menu options (refer to Chapter 4). Depending on the type of files you are downloading and the download method you are using, there are some restrictions on whether a full or partial download is permitted. Full download means all files in group 1-14 will be deleted. The common group, 15, is not affected. While partial download means no files currently on the system will be deleted.NOTEFor details on file authentication, see Chapter 5.
PERFORMING DOWNLOADSFull and Partial Downloads102 VX 675 REFERENCE GUIDEThe various types of full and partial download procedures are listed and described in Table 12.Table 12 Types of Full and Partial DownloadsDownload Type Description and Effects Download MethodsSupportedFull application downloadAn entire application, including all executables and data files, transfers from one system to another in a single operation. Files related to the file authentication process and terminal configuration settings can be included in a full application download. During this process, memory is cleared.Following a full application download, the terminal restarts and the file authentication module is invoked. If application files are authenticated and CONFIG.SYS *GO variable is set, then the application executes.•Direct downloads•Back-to-back downloadsPartial application downloadA subset of application executables, font files, and/or data files transfer from one system to another to modify or update an existing application.Files related to file authentication and terminal configuration settings can be included in a partial application download. During this process, memory is not cleared.Following a partial application download, the terminal does not restart and returns control to Verix Terminal Manager or the issuing application. The file authentication module is not invoked, nor are any applications allowed to execute, until the terminal is manually restarted from within Verix Terminal Manager.•Direct downloadsNote: Partial back-to-back downloads are not supported.
PERFORMING DOWNLOADSFull and Partial DownloadsVX 675 REFERENCE GUIDE 103Here are a few more points on the topic of full and partial downloads:•The most common download procedure is a full (complete) application download. •Partial application downloads are useful when developing and testing new applications, but are seldom performed by those who deploy terminals on-site.•Full OS downloads are usually performed by VeriFone at the factory and, on occasion, by those who deploy terminals on-site to upgrade older terminals to a newer OS version.•Partial OS downloads are performed mainly by VeriFone for development purposes and are rarely performed in the field.Full operating system downloadAn entire OS version transfers from a host PC to the VX 675 terminal. Files related to file authentication and terminal configuration settings can be included in a full OS download. During this process, memory is cleared.Following a full OS download, the terminal restarts and the file authentication module is invoked. If the OS files are authenticated, the new OS updates (replaces) the existing OS.Application files stored in the memory area where the OS downloads (Group 1) are erased.•Direct downloadsNote: Full back-to-back OS downloads are not supported.Partial operating system downloadEither an entire or a partial OS version transfers from a host PC to the  VX 675 terminal. Files related to file authentication and terminal configuration settings can be included in a partial OS download.Following a partial OS download, the terminal does not restart and returns control to Verix Terminal Manager or the issuing application. The file authentication module is not invoked, and the new OS is not processed until you manually restart the terminal from within Verix Terminal Manager. If the new OS is authenticated, it then updates (replaces) the existing OS.Application files stored in the memory area where the OS downloads into (Group 1) are retained.•Direct downloadsNote: Partial back-to-back operating system downloads are not supported.Table 12 Types of Full and Partial DownloadsDownload Type Description and Effects Download MethodsSupported
PERFORMING DOWNLOADSSupport for Multiple Applications104 VX 675 REFERENCE GUIDE•Partial downloads are routinely performed by many applications. This procedure, which can be automated by an application running on a remote host computer, permits the host application to update data files and terminal configuration settings in a VX 675 terminal and then return control to the main application.•Full downloads restart the terminal; partial downloads return control to Verix Terminal Manager or the issuing application. OS and application downloads can be combined. The file authentication module is not invoked until the terminal is restarted following the download procedure.Support forMultipleApplicationsThe VX 675 terminal architecture supports multiple applications. This means that more than one application can reside in terminal memory, and that more than one application can run (execute) on the terminal.The application memory of the VX 675 terminal uses a system of file groups to store and manage multiple applications, as well as operating system files. This system of file groups are used in such a way that the data integrity of each application is ensured and applications do not interfere with each other (see File Groups).How the File SystemSupports MultipleApplicationsThe application memory partition of the VX 675 terminal is divided into 15 logically-defined sub-partitions called file groups or GIDs (for example, Group 1, Group 2, and so on through GID15). Another partition of the terminal memory area, called Group 0, is reserved for the operating system and is logically separated from the application memory area. So, including Group 0, there is a total of 16 file groups.An application must be downloaded into a specific file group, along with any related files. Select the target file group for the download using Verix Terminal Manager menu options and by entering a file group password.Usually, one application is stored in one file group. An application can, however, consist of more than one executable program file, and any number of executables (*.out or *.lib) can be stored in a given group. In most implementations, there is a main application, one or more related programs or secondary applications, and one or more libraries.The main application, or the application to execute set in the *GO CONFIG.SYS variable, must always be stored in the Group 1 sub-partition. Related programs or secondary applications can be stored in GIDs 2–14. GID15 is available to all other groups.The MainApplication isAlways Stored inGID1The main application stored in GID1 is the controlling application for the terminal. Any function call that invokes a related program or a secondary application stored in GIDs 2–14 must be initiated by the GID1 application.An application stored in a file group other than GID1 is limited in that it can only access executables and files stored in its own file group and in GID15.
PERFORMING DOWNLOADSUse of I: drive and F: driveVX 675 REFERENCE GUIDE 105Physical andLogical Access toFile GroupsThe VX 675 operating system controls physical access to GIDs 1–15 using password-protected Verix Terminal Manager functions. To download data into a specific file group, first enter Verix Terminal Manager and choose the target group by making the appropriate menu selections, then, enter the correct password for that file group.Each file group has its own CONFIG.SYS file. The CONFIG.SYS settings of the selected target group are used as the system parameters for the download operation.The system of file groups also imposes some logical restrictions on which files can download into specific file groups:•If GID1 is selected as the target group in Verix Terminal Manager, you can download files into GID1 and redirect files into any of the other file groups, as required, in the same download operation.•If another file group is selected as the target file group, you can download files only into that group and redirect files only to GID15. For example, if you select GID5 as the target group for the download, files can only download into GID5 and be redirected to GID15.Use of I: driveand F: driveThe VX 675 application memory partition has two separate logical file systems:•Partition designator I:•Partition designator F:Having two different file systems has the following important implications for data transfer procedures:•Depending on the requirements of a specific application, some files must download into the I: drive and others into the F: drive.•There are also rules that restrict which types of files you can download and store in a file system (I: or F:).With application files, the application designer or programmer usually decides which file types to download into which file system. Other file types, such as operating system files, digital certificates, and signature files, must download into I: drive.In a typical download procedure, all files are loaded into the I: drive file system of the target group selected in Verix Terminal Manager. Specific files included in the download package must be redirected, as necessary, to the F: drive file system of the target group or to the I: drive or the F: drive file system of another file group.To redirect files during a download procedure, see the following sections.
PERFORMING DOWNLOADSUse of I: drive and F: drive106 VX 675 REFERENCE GUIDERedirection of FilesDuring ApplicationDownloadsYou can download application files into I: drive or F: drive memory. By default, files downloaded to a specific file group are stored in the I: drive of that group. To store a file in the F: drive memory of that file group, provide instructions to redirect the file to F: drive as part of the procedure (see Manually Redirecting Files).There are two methods used to redirect files during an application download, depending on the download tool:•If you are using DMM, you must manually create and include special zero-length files called SETDRIVE.x and SETGROUP.n on the download computer, and add these files to the batch download list to direct files to a specific file system (drive) or file group.•If you are using DDL.EXE to perform direct downloads, you can use a special command-line option that automatically redirects files to the drive and file group you specify.Both of these methods are described in the following sections.ManuallyRedirecting FilesTo manually redirect files for DMM application downloads, create one or more files on the download computer with the special filename, SETDRIVE.x, where, x is the name of the partition to download files to.•Partition designator I: This is the Verix Terminal Manager default for downloads.•Partition designator F:To create a zero-length SETDRIVE file on the download computer, use the DOS command, REM, as in the following example:REM >SETDRIVE.FTo redirect a file from the I: drive of the target group to the F: drive memory of the same file group, insert the zero-length SETDRIVE.F file into the batch of application files to download. All files that follow the SETDRIVE.F file in the download list automatically load into the F: drive of the target group.If you do not insert a SETDRIVE.F special file in the download list, all files download by default into the I: drive of the target file group. You can also insert a zero-length file with the name SETDRIVE.I into the download list at any point to indicate that all following files will download into I: drive.For example, the following batch download list loads the executable code file FOO.OUT into the I: drive of the selected file group (default Group 1). Because the signature file, FOO.P7S is included, FOO.OUT is also authenticated when the terminal restarts after the download.
PERFORMING DOWNLOADSUse of I: drive and F: driveVX 675 REFERENCE GUIDE 107The *GO variable in this example indicates that the FOO.OUT application executes on restart, after successful authentication. The two data files that follow the zero-length SETDRIVE.F file, FOO.DAT and FOO.VFT, are redirected into GID1 F: drive. Because it follows the inserted zero-length SETDRIVE.I file, GOO.DAT downloads into Group 1 I: drive.FOO.OUTFOO.P7S*GO=FOO.OUTSETDRIVE.FFOO.DATFOO.VFTSETDRIVE.IGOO.DATYou can also insert zero-length SETGROUP.n files into a batch download list to redirect files from the target file group to other file groups (see Redirecting Files to Other File Groups). Together, the zero-length SETDRIVE.x and SETGROUP.n files allow you flexibility to store files as required in the F: drive or I: drive file systems, and in specific file groups in a single batch download operation.Redirecting Files toOther File GroupsGID1 is the default Verix Terminal Manager setting for performing downloads. Using the Verix Terminal Manager menu options, you can select another file group (GID 2–15) as the target group for the application download. If you select another group, files download directly into the I: drive of that file group.To redirect files from the selected target file group to another file group as part of the download operation, insert a zero-length SETGROUP.n file in the batch download list (the same as SETDRIVE.x). The syntax of this convention is SETGROUP.n, where n = 1–15 for GIDs 1–15.To create a zero-length SETGROUP file on the download computer, use the DOS command REM as in the following example:REM >SETGROUP.2If you do not insert SETGROUP.n special files into the download list, all files download into the target group selected in Verix Terminal Manager. If no number is added to the SETGROUP filename, SETGROUP.1 (GID1) is assumed.NOTEYou can only use zero-length SETDRIVE.x files for batch application downloads, by direct or by only using the DMM download tool (and not DDL.EXE). You cannot use this special file convention for operating system downloads or for back-to-back application downloads.
PERFORMING DOWNLOADSUse of I: drive and F: drive108 VX 675 REFERENCE GUIDERestrictions on FileRedirectionThe VX 675 file system restricts how you can redirect files to other file groups. Here are the important points to remember:•The main application must always be downloaded into GID1.•Because of the way file groups are managed in the VX 675 file system, only two schemes are available for redirecting files during a batch application download:•If using Verix Terminal Manager menu options, select Group 1 (default) as the target group for the download; files can be redirected to any other file group, including GID15.•If using Verix Terminal Manager menu options, select a file group other than Group 1 (GIDs 2–14) as the target group for the download; files can be redirected only into the selected file group or into GID15.In the following example, GID1 is selected as the target group for the download. The download list loads FOO.OUT into Group 1 I: drive, GOO.OUT into GID2, and COMN.LIB shared library into GID15. When the terminal restarts after the download, the file authentication module is invoked for all three files, based on the certificate data that authorizes them to be stored in their respective file groups.If FOO.OUT is authenticated, the GID1 application, FOO.OUT, executes as specified by the *GO variable when the terminal restarts following successful file authentication. The function library stored in GID15 can be shared by both applications, as both Group 1 and Group 2 applications can access Group 15.FOO.OUTFOO.P7S*GO=FOO.OUTSETGROUP.2GOO.OUTGOO.P7SSETGROUP.15COMN.LIBCOMN.P7SNOTEYou can only use zero-length SETGROUP.x files for batch application downloads, by direct or only using the Download Manager or ZonTalk 2000 download tools (not DDL.EXE). You cannot use this special file convention for operating system downloads or back-to-back application downloads.
PERFORMING DOWNLOADSUse of I: drive and F: driveVX 675 REFERENCE GUIDE 109Using DDL.EXE toAutomaticallyRedirect FilesThe version of DDL.EXE included in the VX 675 SDK allows you to change the default drive and file group for a direct download by preceding the filename(s) on the DDL command line with a special filename. The syntax is as follows:SETDRIVE.<drive letter>where, drive letter is I: (default) or F:, and/orSETGROUP.<group number>where, group number is 1–15.For example, the command-line entryDDL SETDRIVE.F cardco.lib SETDRIVE.I SETGROUP.15 card.datdownloads the executable file cardco.lib into the F: drive of the selected target group and the data file card.dat into Group 15 I: drive. (Because drive or group settings apply to all files that follow in the list, it is necessary to use SETDRIVE.x to reset the drive from F: back to I:.)If you are using this DDL.EXE method, zero-length SETDRIVE.x and SETGROUP.n files do not need to exist as files on the download computer.File Redirection inOperating SystemDownloadsWhen performing an operating system download, you must download the OS files into Group 1 I: drive and not into F: drive memory or into another file group.OS files are downloaded into Group 1 I: drive because it is not possible to download these files directly into Group 0. OS files are redirected to Group 0 depending on if you perform a full or partial download (see Table 12).•For full OS downloads, the redirection of OS files into Group 0 is performed automatically, after the terminal restart, and as part of the download procedure.•For partial OS downloads, OS files are redirected from the I: drive of Group 1 into Group 0 on manual terminal restart by selecting the appropriate Verix Terminal Manager menu option.A downloaded OS is processed and authenticated while stored in Group 1 I: drive. As the files are authenticated under the authority of the certificates and signature files included in the OS download package, they move automatically into Group 0. This process, which usually takes a few moments, is completely transparent during the download procedure.File Redirection inBack-to-BackApplicationDownloadsIn a back-to-back application download, all application files stored on the sending terminal—in both file systems and in all file groups—transfer to the receiving terminal in a single operation.For this type of download, you must select Group 1 as the target group on the sending and receiving terminals. When you initiate the download on the receiving terminal, all application files, as well as all special files required for file authentication and terminal configuration settings on the sending terminal, download to the receiving terminal.
PERFORMING DOWNLOADSFile Authentication Requirements110 VX 675 REFERENCE GUIDEIn this type of data transfer operation, some file redirection does occur automatically as a result of the file authentication procedure that occurs on the receiving terminal. This redirection process is transparent during the download.Briefly, all files initially download into I: drive, and are then redirected based on the directory and subdirectory names of the sending terminal’s file system. Signature files must always be authenticated in I: drive. If the target file that the signature file authenticates is stored in F: drive, the signature file is moved to F: drive only after the target file successfully authenticates.To successfully perform a back-to-back download, all signature files that are required to authenticate application executables must reside in the memory of the sending terminal. If the *FA variable is present in the Group 1 CONFIG.SYS file of the sending terminal, it must be set to 1 to retain all previously downloaded signature files.If a signature file is missing on the sending terminal, the target application file that it authenticates is not authenticated on the receiving terminal and, if the target file is an executable, it is not allowed to run on the receiving terminal.FileAuthenticationRequirementsChapter 5 provided a general introduction to the file authentication process. Now we become more task-oriented and see how the file authentication process affects how to perform the various download procedures.RequiredCertificates andSignature FilesThe following are some important points to remember about how certificates and signature files relate to application download procedures:•Before an executable file can be downloaded to and allowed to run on a VX 675 terminal, the file must be digitally signed on the download computer using the FILESIGN.EXE file signing tool. The result of this procedure is a signature file recognized by its *.p7s filename extension.•A signature file must be downloaded with each executable that makes up an application. An executable can be a compiled and linked object file (*.out) or a shared function library (*.lib). In most cases, an application consists of multiple executables and requires a number of corresponding signature files.•In a typical batch application download, all files, including executables, signature files, and any required certificates, download in the same operation. •After the download is complete and the terminal restarts, the file authentication module is invoked if a new signature file (or certificate) is detected. If the application (executable) is authenticated, it is allowed to run on the terminal. Otherwise, it does not execute.•If one executable file required by an application with multiple executables fails to authenticate, the main application may crash when it attempts to access the non-authenticated executable.
PERFORMING DOWNLOADSFile Authentication RequirementsVX 675 REFERENCE GUIDE 111•Application files other than executables (for example, font and data files) may also require logical security under file authentication. In these cases, each protected non-executable file also requires a corresponding signature file.•Digital certificates (*.crt) and signature files (*.p7s) are required to authenticate both application files and operating system files, which must be downloaded into the I: drive of the target file group.•Certificate files are deleted from application memory after they are authenticated. If a certificate is not authenticated, it is retained in terminal memory.•If the *FA variable in the CONFIG.SYS file of the target group is set to 1, signature files are redirected to the same location where the application file it authenticates is stored. If *FA is 0, signature files are deleted from I: drive when the file authentication process is complete.The FileAuthenticationProcess During anApplicationDownloadIn the following example of a typical file authentication process, it is assumed that:•an application is being downloaded to prepare a VX 675 deployment terminal for deployment. That is, a sponsor certificate and a signer certificate download in batch mode to GID1 I: drive of the receiving terminal, together with the application to authenticate.•a signature file is generated for each executable that comprises the application on the download computer using FILESIGN.EXE, with the signer certificate, signer private key, and signer password as required inputs. These signature files are also downloaded to the receiving terminal.In a typical batch application download, file authentication proceeds as follows:1All certificate files (*.crt), signature files (*.p7s), and application files (*.out, *.lib, *.fon, *.vft, *.dat, and so on) download to the VX 675 deployment terminal in batch mode.2When the terminal restarts after the download, the file authentication module searches the I: drive file system for the following two file types:•Authenticated certificate files (*.crt) to add to the permanent certificate tree.•Signature files (*.p7s) that authenticate corresponding target application files.Certificate files and signature files can download into the I: drive of any file group. For this reason, the file authentication module searches through the entire file system (all file groups) for new files with these filename extensions each time the terminal restarts.3The file authentication module builds a list of all newly detected certificates and signature files. If no new certificates or signature files are located, the module just returns. If one or more new files of this kind are detected, the file authentication module starts processing them based on the list.
PERFORMING DOWNLOADSFile Authentication Requirements112 VX 675 REFERENCE GUIDE4Certificates are always processed first (before signature files). The processing routine is called one time for each certificate in the list. If a certificate is authentic, it is noted, and the next certificate is processed. This process continues in random order until all certificates are authenticated.When a certificate file in the processing list is authenticated, the “Authentic” message is displayed below the corresponding filename. If it fails to be authenticated, the “Failed” message is displayed for five seconds and the terminal beeps three times (see Figure 31). The routine then resumes processing and continues until all certificates are successfully processed.The processing routine gives both visible and audible indications if a specific certificate authenticates successfully. The file authentication module does not halt the process if a certificate fails to authenticate, but continues to the next step, which is authenticating signature files.If one or more certificates fail to authenticate, the ensuing file authentication process based on signature files probably also fails, resulting to an application not authenticated and not allowed to execute on the terminal.When a certificate file is authenticated, the data it contains is added to the certificate tree and the certificate file is deleted from the I: drive. When all required certificates are authenticated and stored in the certificate tree, the file authentication process for signature files can proceed.Figure 31 Display Prompts During the File Authentication Process5Signature files are now processed (after certificate files). The file authentication module calls the signature checking routine once for each new signature file it detects. Each *.p7s file is checked as it is detected; a list is not built and multiple processing passes are not required.
PERFORMING DOWNLOADSFile Authentication RequirementsVX 675 REFERENCE GUIDE 113•If a signature file is authenticated, “AUTHENTIC” is displayed and the target file is flagged authentic.•If the authentication process fails, “FAILED” is displayed for five seconds and the terminal beeps three times (see Figure 31). The routine then continues processing the next signature file until all newly detected signature files are checked.•If a signature file fails to authenticate and its target file is an executable code file, such as *.out or *.lib, the executable is not allowed to run on the terminal on terminal restart. For data files, font files, and any other files that require authentication to meet the application’s design specification, the application must ensure that these files successfully authenticate.While a signature file is being processed, it remains stored in the I: drive file system of the target file group. The target application file may be redirected immediately on download to the I: drive or the F: drive. When the signature file successfully authenticates its target file, it is automatically moved to the same file system and file group as the target file it authenticates (that is, if *FA =1).The processing routine gives visible and audible indications when a specific signature file authenticates successfully. The file authentication module does not halt the process if a signature file fails to authenticate, but continues to the next step, storing the downloaded files in their final locations in the terminal file system.6Certificate files and signature files are retained in the I: drive file system until the file authentication process is complete. These special files are then either deleted or automatically redirected to another file system or file group, as previously described.When an application file is authenticated, the operating system sets the file’s read-only attribute to protect it from being modified while stored in terminal memory. This is also true for a signature file retained in terminal memory. When a signature file is assigned the read-only attribute, it is no longer detected as a new signature file by the file authentication module on terminal restart.7When all certificates and signature files are processed and special files are deleted or redirected as required, the terminal restarts and the *GO application executes.File GroupPermissionsThis section discusses how file authentication controls who (which business entity) can store application files in which file groups in the VX 675 file system.
PERFORMING DOWNLOADSFile Authentication Requirements114 VX 675 REFERENCE GUIDEBy inserting zero-length SETDRIVE.x and SETGROUP.n files into a download list, you can specify which drive (x = I: or F:) and in which group (n = 1–15) to store an application file. In addition to this file redirection protocol, the file authentication module controls which files are allowed, under the authority of the signer certificate used to sign them, to be stored in which file groups in the  VX 675 file system.For example, if the terminal owner specifies storing a loyalty application in GID2, the information is encoded in the sponsor and signer certificates and issued by the VeriFone CA for that terminal.Chapter 5 discussed how signer certificates are required inputs to FILESIGN.EXE when preparing a deployment terminal. Each signature file generated under that signer certificate contains a logical link that allows the application to authenticate and run on the terminal only if the signature files and corresponding target files are downloaded into the target GID.Although you can store files in any file group simply by selecting the target group in Verix Terminal Manager, the files downloaded are not authenticated for the selected target group unless they are properly signed under the authority of the sponsor and signer certificates issued for that terminal.Download anOperating SystemUpdate Provided byVeriFoneBecause the operating system software for the VX 675 is developed and controlled by VeriFone for its customers, VeriFone provides the necessary certificates and signature files to ensure the authenticity and integrity of the operating system update as part of the download package.The file authentication procedure for OS downloads is much the same as application downloads, with the following exceptions:•VeriFone provides all files required for the OS download, including•The operating system files (such as Q.out, 1.out, and 2.out)•An encrypted list of the new files, called VFI.PED•A signature file generated by the VeriFone CA under the authority of a higher-level OS partition sponsor certificate, called VFI.crt. The file authentication logic on the receiving terminal uses this signature file to confirm the origin and authenticity of the encrypted list of files, VFI.PED.•The entire OS package must download into Group 1 I: drive. If you select a target group other than Group 1, the operation fails.•If a full OS download was selected in Verix Terminal Manager, the terminal automatically restarts and the new OS is processed and replaces the existing NOTEOperating system files can only be transferred to a VX 675 terminal using a PC-to-terminal download procedure, by direct download. OS files cannot be downloaded to a VX 675 terminal in a back-to-back operation.
PERFORMING DOWNLOADSFile Authentication RequirementsVX 675 REFERENCE GUIDE 115OS. In this download operation, all application files stored in Group 1 are automatically erased.•If a partial OS download was selected in the Verix Terminal Manager, the operating system returns control to Verix Terminal Manager after the download completes. To process the new OS, you must manually restart the terminal by selecting the appropriate Verix Terminal Manager menu option. In a partial OS download operation, application files stored in Group 1 are not erased.•When the OS download is initiated, the OS file authentication progress is displayed on the screen as new certificates are authenticated and added to the terminal’s certificate tree, and as signature files for corresponding OS files are detected and authenticated, as shown in Figure 31.•While the new OS is being processed, there is no visible indication on the terminal display of the progress of processing. When the new OS is processed (this usually takes a few moments), the terminal restarts automatically and the OS download procedure is complete.File Authenticationfor Back-to-BackApplicationDownloadsWhen performing a back-to-back application download between two VX 675 terminals, the file authentication process on the receiving terminal is similar to an application download from a host computer to a standalone VX 675 terminal. There are, however, some important differences to take into account:•Only a full application download is supported for back-to-back data transfers. You cannot perform partial back-to-back application downloads.•Before you can initiate the back-to-back download, you must enter Verix Terminal Manager in both terminals, select Group 1 as the target group for both terminals, and enter all required passwords.•All signature files required to authenticate the download application(s) must reside in the memory of the sending terminal. They must not be deleted through the *FA variable being cleared to 0 on previous downloads.•Any sponsor and signer certificates downloaded to and authenticated on the sending terminal are stored in the certificate tree of that terminal. When you perform a back-to-back download, certificate files are reconstructed from the data present in the sending unit’s certificate tree.•All certificates transfer to Group 1 I: drive on the receiving terminal, except for the highest-level platform root certificate, which can never be transferred to another terminal.•When certificates are detected by the file authentication module of the receiving terminal, they are processed exactly as in a direct download: All CAUTIONIf the power supply to the receiving terminal is accidentally cycled during an operating system download procedure, the terminal may permanently lock up. In that case, return the terminal to VeriFone for service.
PERFORMING DOWNLOADSFile Authentication Requirements116 VX 675 REFERENCE GUIDEcertificates are checked one by one and, on authentication, are added to the certificate tree of the receiving terminal. Then, all signature files are checked.•Downloaded certificates (receiving terminal) must synchronize with the certificate data present in the certificate tree.“Synchronized” means that the certificate tree of the receiving terminal can be no more than one revision out-of-sync with the certificate tree on the sending terminal or the files on the receiving terminal do not successfully authenticate. In this case, the term revision refers to any generic change to the current sponsor and signer certificates stored in the certificate tree of a deployment terminal.•When the back-to-back download completes and all certificates and signature files authenticate, the receiving terminal restarts. If the name of the *GO application is specified in the Group 1 CONFIG.SYS file of the receiving terminal, the application executes and the application prompt or logo is displayed on the terminal. TimingConsiderations Dueto theAuthenticationProcessThe file authentication process takes some time. The total amount of time required depends on a number of factors:•The number and size of application files.•The number of certificates and signature files.•Whether the file compression feature of Download Manager is being used to perform the download.Here are a few additional considerations that may affect the total elapsed time required to complete the download operation:•Because additional processing steps are required, an operating system download takes longer to complete than an application download (several minutes as opposed to a few seconds).•The download order of a batch of certificate files may affect total processing time. Digital certificates are validated in a looping process where the validation process cycles as many times as necessary to establish the proper relationship and position of a given certificate in the certificate tree that exists in the terminal. To optimize the authentication process, download certificates in a higher-level-certificates-first order. This way, they process faster than a random order download.Support for FileCompressionFor information regarding file compression, refer to the Verix eVo Volume I: Operating System Programmers Manual (VPN DOC00301).
PERFORMING DOWNLOADSEffect of Downloads on Existing Files and DataVX 675 REFERENCE GUIDE 117Effect ofDownloads onExisting Filesand DataWhen downloading application files and data to a VX 675 terminal, an important consideration is the effect of download procedure on existing application files, files used in the file authentication process, and terminal configuration settings stored in CONFIG.SYS files in the receiving terminal. Here are some important points:•If a file already exists in the target file group, the existing file is replaced with the new file of the same name. (Files in separate file groups can have identical names.)•Always download executable files (and any other files to logically protect under VeriShield file authentication) with the certificates and signature files required to authenticate them.•In full or partial application downloads, all CONFIG.SYS records on the receiving terminal, both protected and non-protected (that is, beginning with * or #), are retained. New CONFIG.SYS variables included in the download package, including the *GO variable, selectively replace existing variables with the same key name in the CONFIG.SYS file of the target group.•All current passwords are retained on the receiving terminal during an application or operating system download (direct and back-to-back). This includes the Verix Terminal Manager password and file group passwords. If required, you can replace existing file group passwords with new values as part of the data transfer operation.•For back-to-back application downloads, it is recommended to clear the memory of the receiving terminal before initiating the download. All application files stored on the receiving terminal, including CONFIG.SYS settings, are replaced by those of the sending terminal. Verix Terminal Manager and file group passwords are retained on the receiving terminal.•For full operating system downloads, Group 1 I: drive is cleared as part of the operation and any application files stored in GID1 are erased. In this case, previously downloaded and authenticated applications must be downloaded in a subsequent operation, together with the certificates and signature files required to authenticate them.NOTEAlways modify the Verix Terminal Manager password in a separate, securely-controlled operation. Ensure that this password is retained in a secure place.
PERFORMING DOWNLOADSEffect of Downloads on Existing Files and Data118 VX 675 REFERENCE GUIDEDirect ApplicationDownloadsThis section provides the hardware and software checklist needed for direct application downloads. The procedure for direct application downloads is also discussed.Hardware ChecklistSoftware ChecklistChecklist for Effectson Files andSettings in theReceiving TerminalThe correct cable connects the download computer serial port (COM1 or COM2) to the RS-232 serial port (COM1) of the VX 675 terminal.Download Manager, VeriCentre, or DDL.EXE running on the host computer.The application file to download (full or partial) is located on the host computer.The correct keyed record variables exist in the CONFIG.SYS file(s) of the file group(s) to store the application files.Certificate files (*.crt) required for file authentication on the receiving terminal are stored in memory or they are located on the host computer, and must download with the application files.All required signature files (*.p7s) generated using FILESIGN.EXE are located on the host computer. One signature file downloads for each executable (*.out or *.lib) to run on the terminal.The filenames in the batch download list on the host computer indicate which application files to redirect to F: drive and file groups other than the target group.Ensure that filenames and CONFIG.SYS variables to download are correct in relation to those stored in the memory of the receiving terminal to avoid accidental overwrites.The required Verix Terminal Manager and file group passwords are available to make the required Verix Terminal Manager menu selections and to prepare the receiving terminal to receive the application download.Protected records in the CONFIG.SYS file(s) of the receiving terminal — keyed records that begin with * or # — are not erased.The bootloader, OS, and other firmware on the receiving terminal are not modified as a result of the application download.The certificate tree that exists on the receiving terminal is not modified unless one or more new certificate files are downloading to the terminal. When new certificates are authenticated on the receiving terminal, the data they contain is stored in the certificate tree and the certificate files are deleted from the I: drive of the target group.
PERFORMING DOWNLOADSEffect of Downloads on Existing Files and DataVX 675 REFERENCE GUIDE 119Direct ApplicationDownloadProcedureThe procedure in Table 14 describes how to perform a direct application download from a host download computer into the Group 1 application memory area of a VX 675 deployment terminal.Steps described in the Action column are performed directly on the VX 675 terminal. Notes provided in this column indicate and explain actions you must perform on the host computer.NOTEThe steps listed in Table 13 are required for all download and upload procedures. In each of the following procedural tables, step numbering starts at 1 to indicate the unique steps of the specific download method. In subsequent procedures, only the method-specific steps are documented; the five steps in Table 13 are assumed to be complete.Table 13 Common Steps to Start a DownloadStep Display Action1VERIFONE VX675QT65010M03/09/2012 VERIXCOPYRIGHT 1997-2012VERIFONEALL RIGHTS RESERVEDBattery 100%For status press 3When the terminal restarts, the copyright screen displays the version of VX 675 system firmware stored in the terminal’s EPROM, the date the firmware was developed, and the copyright.This screen is displayed for three seconds, during which time you can enter Verix Terminal Manager by simultaneously pressing the ENTER and 7 keys.To extend the display period of this screen, press any key during the initial three seconds. Each key press extends the display period an additional three seconds.
PERFORMING DOWNLOADSEffect of Downloads on Existing Files and Data120 VX 675 REFERENCE GUIDE2<application prompt>If an application already resides on the terminal, an application-specific prompt is displayed. Otherwise, an error message is displayed. For more information on startup errors, see STARTUP ERRORS.3TERMINAL MGR EntryPlease Enter Password___________________Enter the Verix Terminal Manager password. If an application already resides on the terminal, a unique Verix Terminal Manager password may already exist. In this case, type that password and press enter to confirm your entry.If DOWNLOAD NEEDED is displayed in step 2, enter the default password, “166831”. To type this password on the keypad, enter: 1 6 6 8 3 1, and then press ENTER.If you enter an incorrect password, the message, PLEASE TRY AGAIN is displayed. Reenter the password.To correct a typing mistake, press CLEAR to delete the entry, and retype your entry. To end the password entry session and return to the display shown in Step 2, press CANCEL.Table 13 Common Steps to Start a Download  (continued)Step Display Action
PERFORMING DOWNLOADSEffect of Downloads on Existing Files and DataVX 675 REFERENCE GUIDE 1214VERIX TERMINAL MGR1> Restart2> Edit Parameters3> Download4> Memory Usage5> I: drive Directory6> F: drive Directory7> EOS Directory8> Clear Memory9> Calibrate ScreenThe first of the two VERIX TERMINAL MGR menus is displayed. To toggle through other menu, tap the UP () and DOWN icon ().To choose an option in the menu, use the UP () and DOWN () on the left of the screen to scroll on the menu then press ENTER until you reach the desired menu. You can also choose an option in the menu by pressing the corresponding number on the keypad.To perform any type of download operation, press 3 to select the DOWNLOAD menu option. To cancel the download procedure, press CANCEL.Table 13 Common Steps to Start a Download  (continued)Step Display ActionTable 14 Direct Application Download ProcedureStep Display Action1VERIX TERMINAL MGRGroup ID: _1Enter the target file group for the download. FILE GROUP _1 (Group 1) is displayed as the default selection. To select Group 1 as the target file group, press ENTER; to select a file group other than Group 1, type the one or two-digit number of the desired file group (2–15) for the download.
PERFORMING DOWNLOADSEffect of Downloads on Existing Files and Data122 VX 675 REFERENCE GUIDE2VERIX TERMINAL MGRPlease enterPassword for GID 1:___________________Enter the password of the selected file group. For example, if Group 1 is the target group, the GROUP _1 PASSWORD message shown at left is displayed.To continue, enter the required file group password and press ENTER to confirm entry.3VTM DOWNLOAD MGR Gn1> Single-app2> Multi-appFor a single application download, select Single-app. For multiple application download, select Multi-app. (Refer to Chapter 6 for detailed download instructions and information.)To return to VERIX TERMINAL MGR, press CANCEL.Table 14 Direct Application Download Procedure  (continued)Step Display Action
PERFORMING DOWNLOADSEffect of Downloads on Existing Files and DataVX 675 REFERENCE GUIDE 1234VTM DOWNLOAD MGR Gn1> Full dnld2> Partial dnldSelect the type of download mode: Full dnld or Partial dnld.To return to VERIX TERMINAL MGR, press CANCEL.5VTM DOWNLOAD MGR Gn1> Modem2> COM13> COM74> SD Card5> USB Flash Memory6> TCPIP7> USB Dev8> COM69> COM2Select the download mode: Modem, COM1, COM2 , SD Card, Memory Stick, TCPIP, USB Dev, COM6 (If there are any additional menu options press the DOWN key).6VTM DOWNLOAD MGR Gn**** WARNING ****All Files Will BeCleared From Group 11> Cancel Download2> ContinueA warning message will first appear once a download mode is selected.To return to the main menu without saving your selection, press CANCEL.Table 14 Direct Application Download Procedure  (continued)Step Display Action
PERFORMING DOWNLOADSEffect of Downloads on Existing Files and Data124 VX 675 REFERENCE GUIDE7VTM DOWNLOAD MGR GnUnit Receive ModeWAITING FOR DOWNLOADInitiate the download by executing the proper command(s) in the download tool running on the host computer. The data transfer operation starts, and the status messages are displayed on the terminal screen.The progress of the download is indicated by a series of ten asterisks (each asterisk indicates that 10% of the download is complete). When the last asterisk is displayed, the download is complete.To stop the download operation, press the CANCEL key. The terminal restarts automatically.8**VERIFYING FILES**CHECK CERTIFICATE(FILENAME.CRT)**AUTHENTIC**or--- FAILED ---When the download is complete, the terminal restarts automatically. The file authentication module on the receiving terminal begins to check for new certificate (*.crt) and signature (*.p7s) files included in the download. These special files then process one at a time; certificates process first, then signature files.When the file authentication module is invoked, the status display informs you of the progress of the file authentication process. If file authentication succeeds for a specific certificate, the “AUTHENTIC” message is displayed directly below the certificate filename. If file authentication fails for a specific certificate, the “FAILED” message is displayed for five seconds below the filename and the terminal beeps three times, allowing you to note which certificate failed to authenticate.The authentication process then continues to the next certificate until all new certificates are authenticated.Table 14 Direct Application Download Procedure  (continued)Step Display Action
PERFORMING DOWNLOADSEffect of Downloads on Existing Files and DataVX 675 REFERENCE GUIDE 1259**VERIFYING FILES**CHECK CERTIFICATE(FILENAME.CRT)**AUTHENTIC**or--- FAILED ---The file authentication module continues to authenticate any new signature files downloaded with the OS files.When the signature file authentication routine starts, the status display informs you of the progress of the authentication process.If file authentication succeeds for a specific signature file, the “AUTHENTIC” message is displayed directly below the filename of the signature file. If file authentication fails for a specific signature file, the “FAILED” message is displayed for five seconds below the filename and the terminal beeps three times, allowing you to note which signature file failed to authenticate. The authentication process then proceeds to the next signature file until all signature files are validated. When all new signature files are authenticated, the terminal restarts, and the application specified in the *GO variable or the default application in Group 1 executes and starts running on the terminal.10 (Application Prompt)orDOWNLOAD NEEDEDIf the downloaded application successfully authenticates, the corresponding application prompt or logo is displayed upon restart.The terminal can now process transactions.Note: The message DOWNLOAD NEEDED appears if:•The *GO variable is not set.•*GO does not specify that an application is present.•The application did not authenticate (invalid or missing *.p7s file).•The application uses shared libraries that are missing or were not authenticated (invalid or missing *.p7s files).If one or more executables in the application fail to successfully authenticate, the application may not run. If the application attempts to access an unauthenticated executable or library, it may crash. Repeat the Direct Operating System Download Procedure using the correct certificates and/or signature files.Table 14 Direct Application Download Procedure  (continued)Step Display Action
PERFORMING DOWNLOADSDirect Operating System Downloads126 VX 675 REFERENCE GUIDEDirect OperatingSystemDownloadsThis section provides the hardware and software checklist needed for direct operating system downloads. The procedure for direct operating system downloads is also discussed.Hardware ChecklistSoftware ChecklistChecklist for Effectson Files andSettings in theReceiving TerminalThe correct cable connects the download computer serial port (COM1 or COM2) to the RS-232 serial port (COM1) of the VX 675 terminal.Download Manager, VeriCentre, or DDL.EXE running on the host computer.The complete OS version to download is located on the host computer.Select full or partial download of the OS. In a full OS download, the terminal restarts automatically and the new OS is processed, replacing the existing OS. In a partial OS download, the terminal returns to Verix Terminal Manager and the new OS does not process until you manually initiate a terminal restart from Verix Terminal Manager.The correct keyed record variables for the download exist in the CONFIG.SYS files of Group 1. (OS files must always download into GID1 I: drive). The required variables can also be written into the CONFIG.SYS file as part of the download operation.The following files provided by VeriFone CA for full OS downloads must reside on the host computer:•The new OS version or OS update (Q*.out, 1*.out, 2*.out, 3*.out, 4*.out, 5*.out, 6*.out).•A signature file called VFI.p7s for the OS update. This signature file is generated by the VeriFone CA using the high-level OS certificates for the VX 675 platform.•A file called VFI.PED. This file is an encrypted list of the new OS files.The required Verix Terminal Manager and file group passwords are available to make the required Verix Terminal Manager menu selections to prepare the receiving terminal to receive the application download.A full OS download replaces the existing OS and erases all application files from the Group 1 I: drive.A partial OS download returns control of the terminal to Verix Terminal Manager and does not erase application files from the Group 1 I: drive.Protected records in the CONFIG.SYS file(s) of the receiving terminal — keyed records that begin with * or # — are not erased.An OS download does not overwrite terminal configuration settings, including the current date and time, passwords, and modem country code. If required, you can download new terminal configuration settings together with the OS files.
PERFORMING DOWNLOADSDirect Operating System DownloadsVX 675 REFERENCE GUIDE 127Direct OperatingSystem DownloadProcedureThe procedure in Table 15 describes how to perform a direct operating system download from a host computer into the Group 1 I: drive of a VX 675 terminal.Steps described in the Action column are performed directly on the VX 675 terminal. Notes provided in this column indicate and explain actions you must perform on the host computer.The certificate tree that exists on the receiving terminal is not modified unless one or more new certificate files required to authenticate the new OS are being downloaded to the terminal. When new certificates authenticate on the receiving terminal, the data they contain is stored in the certificate tree and the certificate files are deleted from the Group 1 I: drive.The certificates and signature files required to authenticate the new OS are processed by the file authentication module of the receiving terminal the same as application files.When the terminal restarts and the new OS files process, they are moved out of the Group 1 I: drive into the Group 0 area of the VX 675 file system.NOTEIn Table 15 and in the following procedures, only method-specific steps are included. For a description of the steps required to enter Verix Terminal Manager and display VERIX TERMINAL MGR MENU 2, refer to Table 13.Table 15 Direct Operating System Download ProcedureStep Display Action1VERIX TERMINAL MGRGroup ID: _1Enter the target file group for the download. FILE GROUP _1 (Group 1) is displayed as the default selection. To select Group 1 as the target file group, press ENTER; to select a file group other than Group 1, type the one or two-digit number of the desired file group (2 – 15) for the download.
PERFORMING DOWNLOADSDirect Operating System Downloads128 VX 675 REFERENCE GUIDE2VERIX TERMINAL MGRPlease enterPassword for GID 1:___________________Enter the password of the selected file group (Group 1) and press ENTER to confirm the entry.3VTM DOWNLOAD MGR Gn1> Single-app2> Multi-appFor a single application download, select Single-app. For multiple application download, select Multi-app. (Refer to Chapter 6 for detailed download instructions and information.)To return to VERIX TERMINAL MGR MENU 1, press CANCEL.4VTM DOWNLOAD MGR Gn1> Full dnld2> Partial dnldSelect Full dld for a full OS download or select Partial dnld for a partial OS download operation.To return to VERIX TERMINAL MGR MENU 1, press CANCEL.Table 15 Direct Operating System Download Procedure  (continued)Step Display Action
PERFORMING DOWNLOADSDirect Operating System DownloadsVX 675 REFERENCE GUIDE 1295VTM DOWNLOAD MGR Gn1> Modem2> COM13> COM74> SD Card5> Memory stick6> TCPIP7> USB Dev8> COM69> COM2Select the terminal port to use for the data transfer from the host computer to the receiving terminal. (If there are any additional menu options, press the DOWN key.) For a direct OS download using a modem, select the Modem menu option by pressing the 1 keyFor a direct OS download using COM1 of a multiport adapter, select the COM1 menu option by pressing the 2 key. For a direct OS download using COM7 of a multiport adapter, select the COM7 menu option by pressing the 3 key.For a direct OS download using an SD card, select the SD Card menu option by pressing the 4 key.For a direct OS download using an external memory stick, select the Memory stick menu option by pressing the 5 key.For a direct OS download using TCP/IP, select the TCPIP menu option by pressing the 6 key.For a direct OS download using USB device, select the USB Dev menu option by pressing the 7 key.For a direct OS download using the external dongle, select the COM6 menu option by pressing the 8 key. For a direct OS download using the external dongle, select the COM2 menu option by pressing the 8 key.In either case, when you press ENTER, the terminal is ready to receive the OS download from the host computer.6VTM DOWNLOAD MGR GnUnit Receive ModeWAITING FOR DOWNLOADInitiate the download by executing the proper command(s) in the download tool running on the host computer (when the receiving terminal is ready to receive the direct OS download). The data transfer operation starts, and the status messages are displayed on the terminal screen. The progress of the download is indicated by a series of ten asterisks (each asterisk indicates that 10% of the download is complete). When the last asterisk is displayed, the download is complete.To stop the download operation, press the CANCEL key. The terminal restarts automatically.Table 15 Direct Operating System Download Procedure  (continued)Step Display Action
PERFORMING DOWNLOADSDirect Operating System Downloads130 VX 675 REFERENCE GUIDE7**VERIFYING FILES**CHECK CERTIFICATE(FILENAME.CRT)**AUTHENTIC**or--- FAILED ---When the OS download is complete, the terminal restarts automatically. The file authentication module on the receiving terminal begins to check for new certificate (*.crt) and signature (*.p7s) files included in the download. These special files then process one at a time; certificates process first, then signature files.When the file authentication module is invoked, the status display informs you of the progress of the file authentication process. If file authentication succeeds for a specific certificate, the “AUTHENTIC” message is displayed directly below the certificate filename. If file authentication fails for a specific certificate, the “FAILED” message is displayed for five seconds below the filename and the terminal beeps three times, allowing you to note which certificate failed to authenticate.The authentication process then continues to the next certificate until all new certificates are checked.8**VERIFYING FILES**CHECK CERTIFICATE(FILENAME.CRT)**AUTHENTIC**or--- FAILED ---The file authentication module continues to authenticate new signature files downloaded with the OS files. When the signature file authentication routine starts, the status display informs you of the progress of the authentication process.If file authentication succeeds for a specific signature file, the “AUTHENTIC” message is displayed directly below the filename of the signature file. If file authentication fails for a specific signature file, the “FAILED” message is displayed for five seconds below the filename and the terminal beeps three times, allowing you to note which signature file failed to authenticate. The authentication process then proceeds to the next signature file until all signature files are validated.When all new signature files are authenticated, the terminal restarts and begins processing the new OS (full download) or it returns control to Verix Terminal Manager (partial download).If you are performing a partial download, the terminal does not restart until you manually press the 4 key in VERIX TERMINAL MGR MENU 1. If an application resides on the terminal following the OS download, it executes on restart.Note: Because a full OS download clears the I: drive, all terminal applications, related certificates, and signature files must download to the terminal when performing this type of download.Table 15 Direct Operating System Download Procedure  (continued)Step Display Action
PERFORMING DOWNLOADSBack-to-Back Application DownloadsVX 675 REFERENCE GUIDE 131Back-to-BackApplicationDownloadsThis section provides the hardware and software checklist needed for back-to-back application downloads. The procedure for back-to-back terminal downloads is also discussed.Hardware ChecklistSoftware Checklist9(Application Prompt)orDOWNLOAD NEEDEDIf you performed a full OS download, the DOWNLOAD NEEDED prompt is displayed. A direct application download on the receiving terminal can be performed.If you performed a partial OS download and manually restarted the terminal, the application residing in the terminal (if any) executes. The application prompt is displayed on terminal restart, after OS processing, and the application starts.Table 15 Direct Operating System Download Procedure  (continued)Step Display ActionThe correct cable connects the RS-232 ports of the sending and receiving VX 675 terminals.The firmware versions of the sending and receiving terminals must be identical or very similar.One or more complete and authenticated application programs are stored in the GIDs 1–15, I: drive or F: drive of the sending terminal. In this type of operation, all files stored in application memory of the sending terminal download to the receiving terminal.Before initiating the download procedure, remember to select Group 1 as the target file group on both the sending and receiving terminals. The required Verix Terminal Manager and file group passwords must also be available to make the required Verix Terminal Manager menu selections on both terminals.The current CONFIG.SYS variables, date and time, and other terminal configuration settings on the sending terminal are those downloaded to the receiving terminal. Ensure that the desired settings are correct.All signature files required to authenticate the application files being downloaded to the receiving terminal are present in the I: drive or F: drive file system of the sending terminal.The certificate tree of the sending and receiving terminal must be synchronized. That is, there can be no more than one revision difference between the certificate data currently stored in the memory of the sending and receiving terminals.
PERFORMING DOWNLOADSBack-to-Back Application Downloads132 VX 675 REFERENCE GUIDEChecklist for Effectson Files andSettings in theReceiving TerminalBack-to-BackApplicationDownloadProcedureThe back-to-back application download process consists of two main phases:1Preparing a Gold VX 675 terminal (transfers application files to the Target VX 675 terminal).2Downloading application files from the Gold terminal to a properly configured Target terminal.Prepare Gold Terminal (PC-to-Terminal)1Configure the host PC for an application download operation to the Gold terminal:•Set the *FA variable (if present in the application) to 1.•Ensure that all certificates, *p7s files, applications, and other required files are present.•Ensure that the download is exactly what you want your Target terminal to receive.2Configure the Gold terminal to receive an application download from a PC:•From VERIX TERMINAL MGR MENU 1, set Group 1 and COM1 as the port to receive the download.3Connect a cable between the RS-232 serial ports of the PC and the Gold terminal.4Initiate the file transfer on the PC.5From VERIX TERMINAL MGR MENU 1 on the Gold terminal, select either a full or a partial download using a UART Dongle connected to each terminal.A back-to-back application download overwrites existing applications, libraries, or any other files stored in the I: drive of the receiving terminal.All CONFIG.SYS records and settings on the receiving terminal—protected and non-protected—are replaced by those of the sending terminal. Ensure that these records and settings on the sending terminal are correct before initiating the download.Passwords on the receiving terminal are retained.Certificates and signature files downloaded to the receiving terminal, together with application files, must be processed by the file authentication module on the receiving terminal on terminal restart after the back-to-back download completes.The OS software on the receiving terminal is not affected by a back-to-back application download. Note: OS files cannot be downloaded in a back-to-back operation.An application upload does not overwrite the existing certificate tree on the receiving terminal. Any downloaded certificate files are authenticated and then added to the tree.
PERFORMING DOWNLOADSBack-to-Back Application DownloadsVX 675 REFERENCE GUIDE 133The PC transfers files to the Gold terminal.Download Application Files to Target Terminal1Configure a Gold terminal for an application download operation to a deployment terminal:•If the *FA variable (if present in the application) is set to 0, you can reset it to 1. For more information on the *FA variable, refer to the Verix eVo Volume I: Operating System Programmers Manual (VPN DOC00301).•Ensure that the download is exactly what you want your Target terminals to receive.•Ensure that previously authenticated files are not changed prior to the file transfer operation.2Configure the Target terminal to receive an application download from the Gold terminal. From VERIX TERMINAL MGR MENU 1, set Group 1 and COM1 as the port to receive the file transfer.3Connect a cable (VeriFone part number 05651-xx) between the RS-232 serial ports of the Gold and Target terminals using a UART Dongle connected to each terminal.4From any Verix Terminal Manager menu on the Gold terminal, press [*] and enter the GID1 password to initiate the file transfer.5From VERIX TERMINAL MGR MENU 1 on the deployment terminal, select either a full or a partial download. The Gold terminal begins to transfer files to the Target terminal.
PERFORMING DOWNLOADSBack-to-Back Application Downloads134 VX 675 REFERENCE GUIDEFigure 32 illustrates these two phases and how they relate to each other.Figure 32 Back-To-Back Download ProcessSDKGOLD TERMINALTARGET TERMINAL TARGET TERMINALALL CERTIFICATES, .P7S FILES,APPLICATIONS, AND SO ONMUST BE PRESENT.2.IF *FA VARIABLE IS PRESENT,*FA MUST = 1.1.CABLE CONNECTED BETWEENPC AND GOLD TERMINAL.UPLOAD IS MIRROR COPYOF WHAT TO DEPLOY.1.4.GOLD TERMINAL GOLD TERMINALCABLE (#05651-XX)CONNECTED BETWEENGOLD TERMINAL AND2.PREVIOUSLYAUTHENTICATED FILESMUST NOT CHANGE PRIOR TO THE UPLOAD3.1.DOWNLOAD IS MIRROR COPYOF WHAT TO DEPLOY.3.INITIATE THE DOWNLOAD.5.FROM SYS MODE MENU 2,SELECT FULL OR PARTIALDOWNLOAD AFTER THE DOWNLOAD INITIATES.2.FROM SYS MODE MENU 2,SET GROUP 1 AND COM 1TO RECEIVE THE 1.FROM SYS MODE MENU 2,SELECT FULL OR PARTIALDOWNLOAD AFTER THE UPLOAD OPERATION2.TARGET TERMINALREADY FORDEPLOYMENTPC CONFIGURED FORDOWNLOADOPERATION.GOLD TERMINALCONFIGURED FORUPLOAD OPERATION.GOLD TERMINALTRANSFERS FILES TOTARGET TERMINAL.GOLD TERMINALCONFIGURED TORECEIVE PCDOWNLOAD.PC TRANSFERS FILESTO GOLD TERMINAL.TARGET TERMINALCONFIGURED TORECEIVE FILES.SUCCESSFULTRANSFER.FROM SYS MODE MENU 2,SET GROUP 1 AND COM 1 TORECEIVE THE DOWNLOAD.TARGET TERMINAL. OPERATION, ELSE OPERATION IS INVALID.FROM SYSTEM MODEPRESS THE * KEY AND ENTER THE GROUP 1 4.PASSWORD TO INITIATE UPLOAD.DOWNLOAD.INITIATES.
PERFORMING DOWNLOADSBack-to-Back Application DownloadsVX 675 REFERENCE GUIDE 135The procedure in Table 16 walks you through a back-to-back application download from a sending VX 675 terminal (Gold) to a receiving VX 675 terminal (Target).Back-to-back downloads require that one terminal, the Gold terminal, be loaded with the required applications. The receiving terminal is the Target terminal. The procedure in Table 16 assumes the following:•The Target terminal has no applications loaded.•There is enough memory in the Target terminal to complete the download.•You are performing a full download.NOTEThe Target terminal does not display an error message if there is not enough memory to complete the download. However, the Gold terminal displays DOWNLOAD INCOMPLETE before returning to SYS MODE MENU 2.Table 16 Back-to-Back Application Download ProcedureStep Gold Terminal Target Terminal1Connect a MOD10 cable (P/N 05651-XX) between the RS-232 ports of the terminals using a UART Dongle connected to each terminal. Allow each terminal to boot up. After boot up, the Target terminal displays DOWNLOAD NEEDED.2Press ENTER+7 to enter Verix Terminal Manager.3Enter the Verix Terminal Manager password (factory default is “1 6 6 8 3 1” and press ENTER.4Press the * (asterisk) key, then press ENTER. You are prompted to reenter the Verix Terminal Manager password.UPLOADING NOW is displayed.Press 3, DOWNLOAD, to enter download mode.5Press ENTER at the next VERIX TERMINAL MGR DOWNLOAD screen to select FILE GROUP_1 (default displayed) as the target file group. 6For a single application download, select Single-app. For multiple application download, select Multi-app in the next VERIX TERMINAL MGR DOWNLOAD screen.
PERFORMING DOWNLOADSBack-to-Back Application Downloads136 VX 675 REFERENCE GUIDE7Select 2 (COM1) in the next VERIX TERMINAL MGR DOWNLOAD screen. DOWNLOADING NOW is displayed.Both terminals display a status indicator, where each dash represents a 10% increment of the download. Ensure that the Gold terminal displays UPLOAD COMPLETE before returning to VERIX TERMINAL MGR MENU 1. This is when the Gold terminal might display an error message if problems occurred during the download process. The Target terminal begins to validate all files. Allow the Target terminal to complete file authentication and reboot the terminal. The Gold terminal is ready to perform another download. An application-specific menu is displayed after the Target terminal completes the reboot.Table 16 Back-to-Back Application Download ProcedureStep Gold Terminal Target Terminal
VX 675 REFERENCE GUIDE 137CHAPTER 7SpecificationsThis chapter discusses power requirements, dimensions, and other specifications of the VX 675 terminal. Power5V DC 1.0 AMicro-USBPower PackUL, ITE listed, LPS power supply:aInput rated: 100-240V AC, 50/60 HzbOutput rated: 5V DC 1.0 ATemperature•Operating temperature: 0Cto +50C (32F to 122F)•Non-operating temperature: -30C to 60C (-22F to 140F)•Relative humidity: 5% to 90%; non-condensingExternalDimensions•Length: 148mm (5.8 in); 163mm (6.41 in); 109.2mm (4.3 in) for VX 675 ECR•Width: 78mm (3.1 in)•Depth: 42mm (1.6 in); 52mm (2 in); 56.3mm (2.2 in) for VX 675 ECR
SPECIFICATIONSExternal Dimensions138 VX 675 REFERENCE GUIDE
VX 675 REFERENCE GUIDE 139CHAPTER 8MaintenanceThe VX 675 terminal and base have no user-serviceable parts. Cleaning theTerminalTo clean the terminal and base, use a clean cloth slightly dampened with water and a drop or two of mild soap. For stubborn stains, use alcohol or an alcohol-based cleaner.TerminalContactsGently swab the contacts with alcohol or contact cleaner to remove the dirt. It is important that the exposed contacts of the VX 675 battery stay clean and unbent. Smart CardReaderDo not attempt to clean the smart card reader. Doing so may void any warranty. For smart card reader service, contact your VeriFone distributor or service provider.CAUTIONNever use thinner, trichloroethylene, or ketone-based solvents – they may cause deterioration of plastic or rubber parts.Do not spray cleaners or other solutions directly onto the keypad or terminal display.CAUTIONAvoid touching the contacts of the VX 675 battery and the recessed area on the terminal. Finger oils tarnish contacts, causing bad connections. When operating on battery power and experiencing a high occurrence of bad or incomplete data transfers, clean the contacts.
MAINTENANCESmart Card Reader140 VX 675 REFERENCE GUIDE
VX 675 REFERENCE GUIDE 141CHAPTER 9VeriFone Service and SupportFor VX 675 terminal problems, contact your local VeriFone representative or service provider. For VX 675 product service and repair information:•USA – VeriFone Service and Support Group, 1-800-VeriFone (837-4366), Monday - Friday, 8 A.M. - 8 P.M., Eastern time•International – Contact your VeriFone representative Returning aTerminal forServiceBefore returning a VX 675 terminal or base to VeriFone, you must obtain an MRA number. The following procedure describes how to return one or more VX 675 terminals or bases for repair or replacement (U.S. customers only). To Return a Terminalfor Service 1Get the following information from the printed labels on the bottom of each VX 675 terminal or base to be returned:•Product ID, including the model and part number. For example, “VX 675” and “M265-XXX-XX-XXX-2.”•Serial number (S/N nnn-nnn-nnn)2Obtain the MRA number(s) by completing one of the following:aCall VeriFone toll-free within the United States at 1-800-VeriFone and follow the automated menu options.•Select the MRA option from the automated message. The MRA department is open Monday to Friday, 8 A.M.– 8 P.M., Eastern Time.•Give the MRA representative the information you gathered in Step 1.If the list of serial numbers is long, you can fax the list, along with the information gathered in Step 1, to the MRA department at 727-953-4172 (U.S.).bAddress a fax to “VeriFone MRA Dept.” with the model and part number(s)•Include a telephone number where you can be reached and your fax number.NOTECustomers outside the United States are advised to contact their local VeriFone representative for assistance regarding service, return, or replacement of terminals or batteries.
VERIFONE SERVICE AND SUPPORTAccessories and Documentation142 VX 675 REFERENCE GUIDEcComplete the Inquiry Contact Form at http://www.verifone.com/aboutus/contact/contact_form.cfm.•Address the Subject box with to “VeriFone MRA Dept.”•Reference the model and part number in the Note box.3Describe the problem(s).4Provide the shipping address where the repaired or replacement unit must be returned.5Keep a record of the following items:•Assigned MRA number(s).•VeriFone serial number assigned to the VX 675 terminal or base you are returning for service or repair (terminal serial numbers are located on the bottom of the unit.•Shipping documentation, such as air bill numbers used to trace the shipment.•Model(s) returned (model numbers are located on the VeriFone label on the bottom of the VX 675 terminal).Accessories andDocumentationVeriFone produces the following accessories and documentation for the VX 675 terminal. When ordering, please refer to the part number in the left column. •VeriFone online store at www.store.verifone.com•USA – VeriFone Customer Development Center, 800-VeriFone (837-4366), Monday - Friday, 7 A.M. - 8 P.M., Eastern time •International – Contact your VeriFone representative Power PackContact your local VeriFone distributor to determine which power pack fits your needs.Printer PaperVeriFone CleaningKitNOTEOne MRA number must be issued for each VX 675 terminal you return to VeriFone, even if you are returning several of the same model.VPN PWR265-001-01-A DC Power Pack (Universal)VPN PPR265-001-01-A 25mm (0.98 in) diameter, 57mm (2.24 in) wideVPN PPR268-001-01-A 40mm (1.57 in) diameter, 57mm (2.24 in) wideVPN 02746-01 Cleaning Kit
VERIFONE SERVICE AND SUPPORTAccessories and DocumentationVX 675 REFERENCE GUIDE 143Micro-USB CableDocumentationVPN SUB265-001-01-A Micro-USB service dongleVX 675 Certifications and Regulations Sheet VPN DOC265-001-ENVX 675 Quick Installation Guide VPN DOC265-002-ENVX 675 Installation Guide VPN DOC265-003-ENVX 675 Base Certifications and Regulations Sheet VPN DOC265-005-ENVX 675 Full-Featured Base Quick Installation Guide VPN DOC265-026-ENVX 675 USB Base Quick Installation Guide VPN DOC265-025-ENVX 675 ECR Certifications and Regulations Sheet  VPN DOC265-027-ENVX 675 ECR Quick Installation Guide VPN DOC265-028-ENVerix eVo Volume I: Operating System Programmers ManualVPN DOC00301Verix eVo Volume II: Operating System and Communications Programmers GuideVPN DOC00302
VERIFONE SERVICE AND SUPPORTAccessories and Documentation144 VX 675 REFERENCE GUIDE
VX 675 REFERENCE GUIDE 145APPENDIX ASystem MessagesThis appendix describes error and information messages, which are grouped into two categories. For ease of use, these messages are grouped alphabetically in each of these two categories.These messages include the following:•Digital certificate displays and signature file downloaded to the terminal.•File authentication module processes.•File compression module use messages from the VeriCentre DMM terminal management and download tool.Error MessagesThe following error messages may appear when the VX 675 terminal is in Verix Terminal Manager. Table 17 Error MessagesDisplay ActionCOMPRESSION MODULE ERROR** UNZIP Error nxxxxxxyyyyyyIf you are using the file compression module in DMM, information similar to what is shown above appears when an error occurs during file extraction from a downloaded ZIP archive. Note the error number and error codes (xxxxx and yyyyy) and try to download the archive again.
SYSTEM MESSAGESError Messages146 VX 675 REFERENCE GUIDEDEBUGGER ERRORSALREADY DEBUGGING The debugger has already been invoked.LOAD DBMON.OUT The DBMON.OUT debugging monitor program is included in the SDK, but is not stored in the terminal memory of a factory unit. To use the debugging tool, you must sign, download, and authenticate the DBMON.OUT application.DOWNLOADING ERRORSVTM DOWNLOAD MGR GnTCP/IP NOT PRESENTThis error only occurs on a VX 675 terminal when downloading through TCP/IP. An application that supports the TCP stack does not exist.VTM DOWNLOAD MGR GnNO *ZTCP VARIABLEThis error only occurs on a VX 675 terminal when downloading through TCP/IP. An application that supports the TCP stack does not exist.Table 17 Error Messages  (continued)Display Action
SYSTEM MESSAGESError MessagesVX 675 REFERENCE GUIDE 147VTM DOWNLOAD MGR GnGID: nnAPP ID: nnnnSTATUS: CONNECTING<error message>The following error message may occur while connecting to a host during wireless download:•NO CARRIER - The terminal could not establish a connection with the host.•LOST CARRIER - The carrier was lost during connection.•BUSY - The host is currently busy.•NO ENQ FROM HOST - The host did not send an ENQ (Enquiry).VTM DOWNLOAD MGR GnGID: nnAPP ID: nnnnSTATUS: DOWNLOADING<error message>The following error message may occur while connecting to a host during a modem or wireless download:•BAD RX COMM - The terminal received too many bad packets.•BAD TX COMM - The host received too many bad packets.•LOST CARRIER - The carrier was lost during download.•NO RESP FROM HOST - The terminal timed out waiting for a packet from the host.EDIT PARAMETERS ERRORTERMINAL MGR EDITGID nn: NOT EMPTY<parm name> NOT FOUND1> Cancel2> Add VariableYou entered an invalid parameter name. Select CANCEL  to go back to the parameter editor or ADD VARIABLE  to add the entered parameter name as a new variable.Table 17 Error Messages  (continued)Display Action
SYSTEM MESSAGESError Messages148 VX 675 REFERENCE GUIDEPASSWORD ERRORSChange Passwords G1Please Try AgainYou entered an invalid GID password. Press CANCEL or ENTER and enter a valid password.VERIX TERMINAL MGRPlease enterPassword for GID n:__________This message is displayed when you initiate the procedure for modifying existing Verix Terminal Manager passwords through Change Passwords in VERIX TERMINAL MGR MENU 2. The menu option displayed allows you to change the password of a File Group (Press 1) or the TERMINAL MGR Entry (Press 2).VTM PASSWORD MGRNew __________This message is displayed when you select Change Passwords in VERIX TERMINAL MGR MENU 2 to modify the existing Verix Terminal Manager password. NEW: Make the appropriate menu selections to enter the new password.AGAIN: Repeat the entry to confirm the new password. PASSWORD CHANGED: Displayed when the new password is accepted.Table 17 Error Messages  (continued)Display Action
SYSTEM MESSAGESError MessagesVX 675 REFERENCE GUIDE 149VTM PASSWORD MGRAgain __________PRINTER DIAGNOSTICS ERRORSPrinter ID  PVersion 0PRED1A2Status 22NO PAPER1> Test2> Paper FeedNO PAPER is displayed when you select TEST or PAPER FEED and there is no paper installed in the printer.Printer ID  PVersion 0PRED1A2Status 22PRINTER BUSY1> Test2> Paper FeedWhen you select TEST or PAPER FEED from the printer diagnostics screen, terminal manager first checks if the printer is currently active. If it is, PRINTER BUSY is displayed.Table 17 Error Messages  (continued)Display Action
SYSTEM MESSAGESError Messages150 VX 675 REFERENCE GUIDEREMOTE DIAGNOSTICS ERRORLOAD TERMINALMANAGEMENT AGENT The (optional) Terminal Management Agent (TMA) software is not resident in the VX 675 terminal. The TMA software is required to perform remote diagnostics. For more information about support for remote diagnostics, contact your VeriFone service provider.SMART CARD DIAGNOSTICS ERRORSTEST NOT SUPPORTED This message appears if the terminal does not support ICC devices. Therefore, a SAM card diagnostics session cannot be performed. Press any key to go back to the main menu.SAM nnPOWER UP: FAILED This screen is displayed when there is no SAM card inserted in the selected slot.NO SYNC DRIVERSINSTALLED This screen is displayed if sync drivers are not installed in the terminal. Therefore, a sync drivers test cannot be performed. Press any key to go back to the smart card diagnostics screen.Table 17 Error Messages  (continued)Display Action
SYSTEM MESSAGESError MessagesVX 675 REFERENCE GUIDE 151STARTUP ERRORSDOWNLOAD NEEDED<error message>The following error messages may occur if a defect is found on the *GO variable. *GO is a variable in the CONFIG.SYS file and is the first thing that runs on startup if available.•NO *GO VARIABLE - There is no *GO environment variable in the group one CONFIG.SYS file.•*GO NOT FOUND - The *GO variable is set but the executable file is missing.•*GO NOT AUTHENTICATED - The *GO variable is set but the executable file is not authenticated.•NOT ENOUGH MEMORY - The *GO variable is set but there is not enough memory to execute the file.•INVALID *GO VARIABLE - This is the defalut error condition. The system could not run the *GO variable eventhough it is set, authenticated, and enough memory is available to execute the file.FLASH CHKSUM ERROR Gnn A corrupt file is detected in the F: drive file system during terminal start up, after power on, or during restart. This message may indicate a hardware problem; the error condition may be resolved through another download of the file.RAM CHKSUM ERROR   Gnn A corrupt file is detected in the I: drive file system at terminal start up, after power-on, or during restart. This message may indicate a hardware problem; the error condition may be resolved through another download of the file.Table 17 Error Messages  (continued)Display Action
SYSTEM MESSAGESError Messages152 VX 675 REFERENCE GUIDE**VERIFYING FILES**COMPARE SIGNATUREFILENAME.P7SFILENAME.OUT*FAILED*This message appears on screen when the file authentication module fails to authenticate a new signature file. *FAILED* appears for five seconds and the terminal beeps three times to draw attention to the filename of the certificate that could not be authenticated.This message remains on screen until all new signature files are checked. New digital certificates are always checked first, followed by new signature files, in an uninterrupted process.**VERIFYING FILES**CHECK CERTIFICATEFILENAME.CRT*FAILED*This message appears on screen when the file authentication module fails to authenticate a new digital certificate. *FAILED* is displayed for five seconds and the terminal beeps three times to draw attention to the filename of the certificate that could not be authenticated.This message remains on screen until all new certificates are checked, one by one. In special cases where system certificates are being installed, SYSTEM CERTIFICATE is displayed instead of CHECK CERTIFICATE.Table 17 Error Messages  (continued)Display Action
SYSTEM MESSAGESInformation MessagesVX 675 REFERENCE GUIDE 153InformationMessagesThe following information messages may appear when the VX 675 terminal is in terminal manager.Table 18 Information MessagesDisplay ActionDOWNLOADING INFORMATIONVERIX TERMINAL MGR UPLOADI:CONFIG.SYS****______UPLOADING NOWDuring a back-to-back download session, this screen appears on the Gold terminal indicating that an application is being uploaded to the Target terminal.VERIX TERMINAL MGR DOWNLOAD Gnn****______DOWNLOADING NOWDuring a back-to-back download session, this screen appears on the Target terminal indicating that an application is being downloaded from the Gold terminal.VERIX TERMINAL MGR DOWNLOAD GnnGID: nnAPP ID: nnnnSTATUS: DOWNLOADING***_______An application is being downloaded to a receiving VX 675 terminal from a host PC. The terminal displays a series of asterisks (*) to indicate the progress of the download (each asterisk represents 10% of the download). When ten asterisks appear, the data transfer is complete.
SYSTEM MESSAGESInformation Messages154 VX 675 REFERENCE GUIDEVERIX TERMINAL MGR DOWNLOAD GnnUNIT RECEIVE MODE***_______An application is being downloaded to a receiving VX 675 terminal from a host PC directly over a serial cable. The terminal displays a series of asterisks (*) to indicate the progress of the download (each asterisk represents 10% of the download). When ten asterisks appear, the data transfer is complete.VERIX TERMINAL MGR DOWNLOAD GnnUNIT RECEIVE MODEWAITING FOR DOWNLOADThis screen indicates that the terminal is ready for download and is waiting for a response from the host.Table 18 Information MessagesDisplay Action
SYSTEM MESSAGESInformation MessagesVX 675 REFERENCE GUIDE 155ERROR LOGVERIX ERROR LOGTYPE 1TASK 2TIME 060302201212CPSR 40000010PC 00000004LR 70448B23ADDR 27FFFFEF9The following information helps developers interpret the cause of the most recent unrecoverable software error that occurred on the terminal:This first screen displays the following:•TYPE (error type), where the error type code is:•TASK (task number): indicates type of task that was currently executed:•TIME (time of crash): clock time of the error in the format YYMMDDhhmmss, where YY = year, MM = month, DD = day, hh = hour, mm = minute, and ss = second.•CPSR (Current Program Status Register): contains the processor and state condition code.•PC (Program Counter): holds the execution address.•LR (Link Register): holds the return address of the function call.Note: LR may not always contain the current return address.•ADDR (fault address): contains the illegal address that the application was trying to access.If you report a system error to VeriFone, you may be asked to provide the information displayed on this screen. For detailed information about the error log function and the terms listed above, please refer to the Verix eVo Volume I: Operating System Programmers Manual (VPN DOC00301).Table 18 Information MessagesDisplay Action•1 =  Data abort: attempt to access data at an invalid address.•2 =  Program abort: attempt to execute code at an invalid address.•3 =  Undefined abort: attempt to execute an illegal instruction.•1 =  Verix Terminal Manager•2 =  First user task
SYSTEM MESSAGESInformation Messages156 VX 675 REFERENCE GUIDEINTERNAL PIN PAD DIAGNOSTICS INFORMATIONINTERNAL PIN PADMEMORY TEST PASSEDIPP8 EMUL02A  05/08  01SN: 0000000000000000BAUD: 1200  RESET 3MODE: VISA EXIT 4After an internal PIN pad diagnostic session, the firmware version and download date, IPP serial number, baud rate, and mode are displayed.KEYBOARD DIAGNOSTICS INFORMATIONTERMINAL MGR KBD TESTKEYCODE nnThis screen displays the hexadecimal ASCII keycode for each key you press during a keyboard diagnostics session. The value displayed corresponds to the actual key pressed. Other values assigned to keys are software dependent.MAGNETIC CARD DIAGNOSTICS INFORMATIONVERIX TERMINAL MGR TRK 1:VALID TRK 2:VALIDTRK 3:VALIDWhen you invoke a local terminal manager diagnostic test of the magnetic stripe card reader, status information appears for the data tracks (TRK1, TRK2, and TRK3) on the card. A successful test displays VALID DATA for each track that reads valid data. An error generates one of the following error messages for each track with an error:•NO DATA•NO START•NO END•LRC ERR•PARITY ERR•REVERSE ENDFor more information about magnetic card error messages, refer to the Verix eVo Volume I: Operating System Programmers Manual (VPN DOC00301).Table 18 Information MessagesDisplay Action
SYSTEM MESSAGESInformation MessagesVX 675 REFERENCE GUIDE 157MEMORY INFORMATIONMEMORY USAGEDrive I: Files_____ nInuse____________ nn KBDrive F: Files_____nInuse __________nRAM Avail_________nnnn KBFLASH Avail__________nnnn KBThis screen displays how much I: drive and F: drive memory is used and how much is available.•INUSE - Closest estimate of used memory (in KB).•AVAIL - Lowest number of free memory (in KB).RAM drive Directory GNN<filename>36 MM/DD/YY -<filename>36 MM/DD/YY -<filename>36 MM/DD/YY -PRINTThe following screens display the contents of the I: and F: drives. If there are no files inside an I: drive or an F: drive, <EMPTY> is displayed.FLASH drive Directory GNN<filename>36 MM/DD/YY -<filename>36 MM/DD/YY -<filename>36 MM/DD/YY -PRINTTable 18 Information MessagesDisplay Action
SYSTEM MESSAGESInformation Messages158 VX 675 REFERENCE GUIDEALL RAM AND FLASHCLEAREDThis screen indicates that all I: and F: drive data within a GID is deleted.ALL RAM AND FLASH CLEARCOALESCING FLASHThis screen indicates that all I: and F: drive data within all GIDs is deleted and the memory is being merged.PASSWORD INFORMATIONVERIX TERMINAL MGRPASSWORD CHANGEDThis message confirms that you have successfully changed a GID password or the system password.Table 18 Information MessagesDisplay Action
SYSTEM MESSAGESInformation MessagesVX 675 REFERENCE GUIDE 159PRINTER DIAGNOSTICS INFORMATIONPrinter ID    PVersion 0PRED1A2Status 221> Test2> Paper FeedThis screen displays the printer ID, firmware version, and the printer status appear.See the Verix eVo Volume I: Operating System Programmers Manual (VPN DOC00301).for specifics on application development and the internal thermal printer.Printer ID    PVersion 0PRED1A2Status 221> Test2> Paper FeedNO PAPER is displayed when you select TEST and PAPER FEED there is no paper installed in the printer.SMART CARD DIAGNOSTICS INFORMATIONVoyLib 03.09 0000VxOS11 PSCR Build 10SCRLIB 2.0  1/121> SMART CARD DIAG2> LIST SYNC DRIVERS3> EXITThis screen displays system and driver information and the number of SAM card slots available.Table 18 Information MessagesDisplay Action
SYSTEM MESSAGESInformation Messages160 VX 675 REFERENCE GUIDECUSTOMER CARDPOWER UP: PASSEDGET ATR: PASSEDREAD TEST: PASSEDWRITE TEST: PASSEDREAD VERIFY TEST: PASSALL TESTS: PASSEDWhen a SAM card is tested, the following information is displayed.STARTUP INFORMATIONVERIFONE VX675QT65010M03/09/2012 VerixCOPYRIGHT 1997-2012VERIFONEALL RIGHTS RESERVEDAt startup, the terminal displays a copyright notice screen that shows the terminal model number, the OS version of the VX 680 stored in the terminal’s memory, the date the firmware was loaded into the terminal, and the copyright notice.This screen appears for three seconds, during which time you can enter Verix Terminal Manager by simultaneously pressing ENTER and 7.You can extend the display period of this screen by pressing any key during the initial three seconds. Each keypress extends the display period an additional three seconds.VERIFONE VX675QT65010M03/09/2012 VerixCOPYRIGHT 1997-2012VERIFONEALL RIGHTS RESERVEDIf some other certificate is loaded by a reseller (e.g., bank), the fourth line on the startup screen is left blank.Table 18 Information MessagesDisplay Action
SYSTEM MESSAGESInformation MessagesVX 675 REFERENCE GUIDE 161VERIFONE VX675QT65010M03/09/2012 Verix* * T A M P E R * *COPYRIGHT 1997-2012VERIFONEALL RIGHTS RESERVEDIf an attempt to break into the terminal’s system has been made, the message **TAMPER** is displayed in place of the certificate on the startup screen. The terminal will remain in this state until the condition has been remedied.**VERIFYING FILES**COMPARE SIGNATUREFILENAME.P7SFILENAME.OUT*AUTHENTIC*This message appears on screen when the file authentication module successfully authenticates a new signature file. *AUTHENTIC* appears for five seconds and the terminal beeps three times to draw attention to the filename of the certificate that could not be authenticated.This message remains on screen until all new signature files are checked. New digital certificates are always checked first, followed by new signature files, in an uninterrupted process.**VERIFYING FILES**CHECK CERTIFICATEFILENAME.CRT*AUTHENTIC*This message appears on screen when the file authentication module successfully authenticates a new digital certificate. *AUTHENTIC* is displayed for five seconds and the terminal beeps three times to draw attention to the filename of the certificate that could not be authenticated.This message remains on screen until all new certificates are checked, one by one. In special cases where system certificates are being installed, SYSTEM CERTIFICATE is displayed instead of CHECK CERTIFICATE.Table 18 Information MessagesDisplay Action
SYSTEM MESSAGESInformation Messages162 VX 675 REFERENCE GUIDEVTM MGR TERMINAL INFOSerl NoPTID 12000000PartRev OS Ver QT65010MModlCtryKeypad Display 240320Mag RDR Pinpad Modem Type 0Ver: <NO RESP>Modem Model: <NO RES The following screens show configuration information specific to your terminal:•SERL NO - serial number•PTID - permanent terminal identification number•PART - terminal part number•REV - terminal hardware version number•OS VER - operating system version•MODL - model number•CTRY - country of manufacture•KEYPAD - keypad type (0 = Telco, 1 = calculator, 2 = Singapore, 6 = EBS100)•DISPLAY - display unit type•MAG RDR - magnetic stripe card reader type•PINPAD - whether or not a PIN Pad device is integrated into the terminal (0 = No, 1 = Yes)•MDM TYPE - determines the modem type (0 = none, 4 = 14.4 modem, 22 = modem/ethernet combo)•VER - shows the modem firmware patch (B3 = Banshee modem, 05xx = firmware patch version, yy = country profile code, zz = country profile major version)•MODEM MODEL•PRINTER - shows if a thermal printer is integrated with the terminal (0 = No, 1 = Yes)•Life -630433889RsetRcnt -1485327014Tamper Detected NCertHeap 0Stack 1936•LIFE - number of seconds the terminal has run•RSET - last reset date and time, in YYMMDDHHMMSS format (YY = year, MM = month, DD = day, HH = hour, MM = minute, and SS = second)•RCNT - number of times the terminal has been reset either through application control, a terminal manager request, or a power cycle•TAMPER DETECTED - indicates whether the terminal has been tampered (N = No, Y = Yes)•CERT - shows the first certificate•HEAP - displays the memory designation used by the OS•STACK - shows the memory set aside for the OS stack. This is where the terminal stores data for running tasks like all the parameters from the callTable 18 Information MessagesDisplay Action
VX 675 REFERENCE GUIDE 163APPENDIX BTroubleshooting GuidelinesThe troubleshooting guidelines provided in the following section are included to help you install and configure your VX 675 terminal successfully. Typical examples of malfunction you may encounter while operating your VX 675 terminal and steps you can take to resolve them are listed in this chapter. If the problem persists even after performing the outlined guidelines or if the problem is not described below, contact your local VeriFone representative for assistance. Terminal DoesNot Start•Ensure that the battery charge state is not below the critically low level. •Recharge or replace the battery. •Ensure that you pressed the green ENTER/ON key for approximately 4 seconds, until the unit lights up.Terminal DisplayDoes Not ShowCorrect/Readable Info•Recharge or replace the battery.•Connect the VX 675 terminal into a known-good power supply (if you have one) to see if this clears the problem.•If the problem persists, contact your local VeriFone representative for assistance.NOTEThe VX 675 terminal comes equipped with tamper-evident labels. The VX 675 unit contains no user serviceable parts. Do not, under any circumstance, attempt to disassemble the terminal. Perform only those adjustments or repairs specified in this guide. For all other services, contact your local VeriFone service provider. Service conducted by parties other than authorized VeriFone representatives may void any warranty.CAUTIONUse only a VeriFone-supplied power pack. Using an incorrectly rated power supply may damage the terminal or cause it not to work as specified. Before troubleshooting, ensure that the power supply being used to power the terminal matches the requirements specified on the bottom of the terminal. (See Specifications, for detailed power supply specifications.) Obtain the appropriately rated power supply before continuing with troubleshooting.
TROUBLESHOOTING GUIDELINESBattery Does Not Charge164 VX 675 REFERENCE GUIDEBattery Does NotChargeThe VX 675 battery must initially receive a full charge to ensure proper operation.Blank DisplayWhen the VX 675 terminal display screen does not show correct or clearly readable information:•The battery pack may not be connected properly. Remove and reinstall the battery pack.•Check terminal power connection.•Remove and reapply power to the terminal.•If the problem persists, contact your local VeriFone service provider.Printer Does NotPrintIf the printer does not work properly:•Make sure the battery is properly installed in the terminal. The printer will not print if there is no battery in the terminal.•Check battery status or terminal power connection. The printer will not print if there is an insufficient charge remaining in the battery to complete the print operation.•Check if the printer is out of paper (slow red blinking light) and that the roll is properly installed. Open the paper roll cover and install a new roll of printer paper or ensure that the roll is feeding correctly. A solid red indicator light indicates a printer error.NOTE•Allow the VX 675 terminal to remain connected to the power pack for 6 hours to ensure the battery receives a full charge.•Li-ion batteries are not affected by shallow charging. Furthermore, when the terminal has no external power source or battery the coin cell battery provides power to the security circuit.•Uninstalling the battery and unplugging the terminal power pack reduce the life of the coin cell battery, which does not recharge and must be replaced if drained.•Conserve battery power by turning the VX 675 terminal off when not in use. Keep the Li-ion battery inserted in the terminal and power up the terminal periodically to check the battery charge. Do not let the battery charge fall below 10% for extended periods of time as this may permanently diminish the battery capacity. Recharge the battery by attaching USB end of the power pack to the terminal and plugging the other end of the power pack into a wall outlet.•The VX 675 terminal automatically shuts off when the battery reaches the critically low charge state. If this occurs, the battery must recharge a minimum of 1/2 hour before it can power the terminal. It may take several recharge attempts to reset the safety circuit when charging a battery that has been discharged below this critical state.
TROUBLESHOOTING GUIDELINESPrinter Paper JamVX 675 REFERENCE GUIDE 165•Verify that the printer door is properly latched.•If the problem persists, contact your VeriFone distributor or service provider.Printer PaperJamIf paper jams inside the printer:•Press the button at the bottom of the terminal to unlatch the paper roll cover, then open the cover.•Remove the damaged paper from the paper roll and clear the feed mechanism.•Install a roll of printer paper, as described in Installing the Paper Roll.•If the problem persists, it may be due to poor paper quality. Install a new roll of higher-quality paper.Keypad DoesNot RespondIf the keypad does not respond properly:•Check the terminal display. If it displays the wrong character or nothing at all when you press a key, follow the steps outlined in Transactions Fail to Process.•If pressing a function key does not perform the expected action, refer to the user documentation for that application to ensure you are entering data correctly.•If the problem persists, contact your local VeriFone representative.TransactionsFail to ProcessThere are several reasons why the terminal may not be processing transactions. Use the following steps to troubleshoot failures. Check the Magnetic Card Reader•Perform a test transaction using one or more different magnetic stripe cards to ensure the problem is not a defective card.•Ensure that you are swiping cards properly. With the VX 675 card reader, the black magnetic stripe on the card should face down and inward, toward the keypad and must be inserted from the top of the terminal (see Figure 18). •Process a transaction manually, using the keypad instead of the card reader. If the manual transaction works, the problem may be a defective card reader.•Contact your VeriFone distributor or service provider.•If the manual transaction does not work, proceed to Check the Signal Strength.WARNINGPoor-quality paper may jam the printer. To order high-quality VeriFone paper, refer to Accessories and Documentation.
TROUBLESHOOTING GUIDELINESTransactions Fail to Process166 VX 675 REFERENCE GUIDECheck the Smart Card Reader•Perform a test transaction using several different smart cards to ensure the problem is not a defective card.•Ensure that the card is inserted correctly and that the card is not removed prematurely.•Contact your VeriFone distributor or service provider.•If the manual transaction does not work, proceed to Check the Signal Strength.Check the Signal Strength•On-screen signal-strength indicator displays at least one bar to indicate connectivity to radio network.•Ensure that the radio has been activated by your service provider.
VX 675 REFERENCE GUIDE 167APPENDIX CPort PinoutsThe following tables list the pinouts for VX 675 terminal’s micro-USB port and VX 675 Full-Feature and USB base’s Dial, Ethernet, Serial (RS-232), and USB Host ports.Micro-USB PortRS-232 Port(FFB only)Connector Pin Function Description1EXT_VBUS 5Vdc External Power input.2USB_DN multi-port, USB Signal - / RS-232 TX3USB_UP multi-port, USB Signal + / RS-232 RX4NCNote: USB_ID in VX 675 3G.No connectionNote: USB_ID is used to signal USB controller for the port function in VX 675 3G.5EXTGND External Ground0).0).Connector PIN Function Description1Power 5V0 power 300mA Max.2NC No connection3NC No connection4GND Power ground5 /RXD Receive data6/TXD Transmit data7CTS Clear to send8RTS Request to send
PORT PINOUTSTelco Port (FFB only)168 VX 675 REFERENCE GUIDETelco Port(FFB only)Ethernet Port(FFB only)USB Host Port(FFB and USBbase)Connector PIN Function Description1NC No connection2NC No connection3Tip Telephone line4Ring Telephone line5NC No connection6NC No connectionLOOKING INTO MOD 6P4CConnector PIN Function Description1TXD+ Transmit data +2TXD- Transmit data -3RXD+ Receive data +4NC No connection5NC No connection6RXD- Receive data -7NC No connection8NC No connectionConnector PIN Function Description1USB_5V_EXT 5V USB Power (300 mAh)2nUSB_DEVICE USB Device Signal -3pUSB_DEVICE USB Device Signal +4GND USB Ground4  321
VX 675 REFERENCE GUIDE 169APPENDIX DASCII TableThe ASCII TableAn ASCII table for the VX 675 display is presented in Table 19.Table 19 VX 680 Display ASCII TableDec Hex ASCII Dec Hex ASCII Dec Hex ASCII Dec Hex ASCII000 NUL 32 20 SP 64 40 @96 60  '101 SOH 33 21 !65 41 A97 61  a202 STX 34 22 "66 42 B98 62  b303 ETX 35 23 #67 43 C99 63  c404 EOT 36 24 $68 44 D100 64  d505 ENQ 37 25 %69 45 E101 65  e606 ACK 38 26 &70 46 F102 66  f707 BEL 39 27 '71 47 G103 67  g808 BS 40 28 (72 48 H104 68  h909 HT 41 29 )73 49 I105 69  i10 0A LF 42 2A *74 4A J106 6A  j11 0B VT 43 2B +75 4B K107 6B  k12 0C FF 44 2C ,76 4C L108 6C  l13 0D CR 45 2D -77 4D M109 6D  m14 0E SO 46 2E .78 4E N110 6E  n15 0F SI 47 2F /79 4F O111 6F  o16 10 DLE 48 30 080 50 P112 70  p17 11 DC1 49 31 181 51 Q113 71  q18 12 DC2 50 32 282 52 R114 72  r19 13 DC3 51 33 383 53 S115 73  s20 14 DC4 52 34 484 54 T116 74  t21 15 NAK 53 35 585 55 U117 75  u22 16 SYN 54 36 686 56 V118 76  v23 17 ETB 55 37 787 57 W119 77  w24 18 CAN 56 38 888 58 X120 78  x25 19 EM 57 39 989 59 Y121 79  y26 1A SUB 58 3A :90 5A Z122 7A  z27 1B ESC 59 3B ;91 5B [123 7B {28 1C FS 60 3C <92 5C \124 7C  |29 1D GS 61 3D =93 5D ]125 7D }30 1E RS 62 3E >94 5E ^126 7E  ~31 1F US 63 3F ?95 5F _127 7F  DEL
ASCII TABLEThe ASCII Table170 VX 675 REFERENCE GUIDE
VX 675 REFERENCE GUIDE 171APPENDIX EVX 675 Battery InformationBatteryThe VX 675 terminal uses a Lithium-ion battery. The internal logic of the battery prevents both overcharging and undercharging (a fault condition in which the battery level goes well below the minimum acceptable charge and the battery becomes unusable).The VX 675 comes with a high-capacity battery pack.ChargingThe battery has a safety circuit to protect the Lithium-ion cells from overcharging and over-discharging. If the battery is over-discharged, the safety circuit shuts down the battery. The battery must then be recharged to restore operation.Battery LifeThe VX 675 battery can be charged and discharged hundreds of times, but will eventually wear out. When operating times are noticeably shorter than usual, it is time to order a new battery.AdvantagesLithium-ion batteries have numerous advantages over other types of rechargeable batteries. High energy density Lithium-ion batteries typically have twice the energy density of standard nickel-cadmium batteries. This means that for their size or weight they can store more energy than other rechargeable batteries.NOTEThe VX 675 terminal will operate on battery power or on power pack power. The battery charger in the terminal will be active whenever the power pack is connected.NOTEThe VX 675 terminal automatically shuts off when the battery reaches the critically low charge state. If this occurs, the battery must be recharged for a minimum of 1/2 hour before it can power the terminal. It may take several recharge attempts to reset the safety circuit that has been discharged below this critical state.WARNINGDo not dispose of batteries in a fire. Lithium-ion batteries must be recycled or disposed of properly. Do not dispose of Lithium-ion batteries in municipal waste sites.
VX 675 BATTERY INFORMATIONBattery172 VX 675 REFERENCE GUIDELight weight Lithium is the lightest metal. Thus, lithium-ion batteries enable the manufacture of lightweight devices. Long LifeLithium-ion batteries require low maintenance. They do not exhibit memory effects, thereby eliminating the need for scheduled cycling to prolong the battery life. Does Not Require Prolonged Initial ChargingUnlike their nickel-cadmium counterparts, lithium-ion batteries do not require prolonged initial charging. All that is needed is a regular charge.Low Self-Discharge RateLithium-ion batteries have a lower self-discharge rate compared to other types of battery (the self-discharge rate for a lithium-ion battery is less than one-half of that of a nickel-cadmium battery). This means that once they are charged, they will retain their charge for a longer time than other types of rechargeable batteries. Other battery types can lose anywhere from 1-5% of their charge per day, (depending on the storage temperature) even if they are not installed in a terminal. Lithium-ion batteries will retain most of their charge even after months of storage. High Voltage CapacityLithium-ion batteries operate at higher voltages than other rechargeable batteries, typically about 3.6 volts for lithium-ion versus 1.2 volts for nickel-metal-hydride or nickel-cadmium batteries. This means a single cell can often be used rather than multiple metal-hydride or nickel-cadmium cells.PrecautionsObserve the following precautions when handling lithium-ion batteries. Aging EffectsBattery packs are subject to aging, even when they are not used. •Aging leads to deterioration in capacity or battery life.•Batteries typically fail after 2 or 3 years, or approximately 300 charge-discharge cycles.•Other chemicals may also affect the aging properties of batteries. TIPStoring the battery in a cool environment (25 C or less) at 40% charge reduces the effects of aging.
VX 675 BATTERY INFORMATIONNotable VX 675 Battery SpecificationsVX 675 REFERENCE GUIDE 173Transportation Restrictions•It is illegal to ship fully charge batteries by air because they may cause accidental explosions.•Shipment of large quantities of lithium-ion batteries may be subject to regulatory control.Storage Precautions•Do not fully charge batteries before storage. Instead, keep the batteries partially charge before storing them, then charge them fully before actual usage. •Do not store batteries when they are fully depleted. If a battery is empty, charge it for at least an hour before storage. When a depleted battery self discharges, it may become unusable. •Do not stock pile batteries. Avoid buying dated battery stocks even at reduced prices. In addition, always check the date when the batteries were manufactured. Notable VX 675BatterySpecificationsThe battery is designed to offer optimum protection to the VX 675 terminals and their users.Safety/ProtectionCircuitThe battery features a safety/protection circuit that provides the following benefits:•Limits the peak voltage in each cell during charging – a field effect transistor (FET) opens if voltage level in any cell reaches 4.28V.•Prevents cell voltage from dropping too low during discharge – a field effect transistor (FET) opens if voltage in any cell reaches 2.3V. •Limits the current going in and coming out of the battery pack. A field effect transistor (FET) opens the current path when charge current exceeds 6.5A or when the discharge current exceeds 7A. This prevents damage caused by shorting the battery contacts. Cell TemperatureMonitoringA discrete thermistor is built into the battery pack to prevent cell or terminal damage during charging. The terminal’s OS monitors the cell temperature using the thermistor and automatically shuts down the charger if the temperature exceeds 50C or falls below 0C. ESD ProtectionElectrostatic discharge (ESD) protection: ±8KV air discharge, ±4KV contact dischargeNOTEThese precautions do not apply to personal carry-on battery packs.
VX 675 BATTERY INFORMATIONBattery FAQs (for VX 675)174 VX 675 REFERENCE GUIDETrip RecoveryThe VX 675 battery features a trip recovery system, which resolves faulty or hazardous conditions that led to a safety trip. Application of current through the charger will reset the safety circuit. Battery FAQs(for VX 675)Should I allow the battery to discharge completely before charging?No. It is better to recharge the battery often and avoid frequent full discharge. However, allow a full discharge once a month to enable reset.Should I charge the battery partially or fully?It does not matter whether you charge the battery fully or partially. Charging a full battery will not harm the battery. Should I charge the battery before putting it into storage?It is advisable to store the battery with a 40% charge. However, storing the battery in a cool place is more important than the state of charge. In addition, make sure that the battery is not fully depleted before putting it in storage. Otherwise, the safety/protection circuit may trip.Will the battery heat up during charging?It is normal for the battery to emit a small amount of heat during charging. The battery is equipped with a temperature sensor that will disrupt the flow of charge current when extreme temperature levels are detected.VX 675 BatterySpecific Termsand DefinitionsThe following terms and definitions apply to the VX 675 terminal’s battery.Percent of Charge (%)The ratio of the RC (remaining charge) value to the FC (full charge = 2250mAh) value multiplied by 100%. The range is from 0 to 100. The Percent of Change value is available to terminal applications via OS calls. It is updated every 20 seconds.Remaining Charge (RC)The amount of usable energy in the battery at a given time in mAh. The OS writes RC=FC at the end of charge. The range is from 0 to FC. The RC value is available to terminal applications via OS calls. It is updated every 20 seconds.NOTEThe recommended operating temperature for the VX 675 is from 0C to 50C (32F to 122F).
VX 675 BATTERY INFORMATIONGeneral Battery Terms and DefinitionsVX 675 REFERENCE GUIDE 175Safety/Protection CircuitThe VX 675 terminal is equipped with a safety/protection circuit that protects the terminal from damage. For more information, see Safety/Protection Circuit. VoltageUnder system load, the VX 675 terminal reports battery pack voltage. The range is from 3V to 4.2V. It is updated every 20 seconds.General BatteryTerms andDefinitionsThe following terms and definitions apply to most battery types, in general.Ampere-hour, Amp-hour (Ah)A unit of electrical energy. It is the specified current flowing for one hour. Two ampere-hour is two amps of current flowing for one hour. Battery CellThe battery cell is the basic electrochemical unit used to store energy. Each cell is typically rated 3.6V. VX 675 terminal uses one lithium-ion rechargeable cell per battery pack. Battery PackA battery pack is an assembly of battery cells, safety circuit, temperature sensor, terminal contacts, and plastic case. Battery Status, State of ChargeThis refers to the amount of electrical charge stored in the battery, expressed as a percentage of the difference between the fully-charged and fully-discharged states. CapacityThis refers to the amount of available energy in a fully charged battery, expressed in ampere-hours (Ah) or milliampere hours (mAh). ChargeThe amount of usable electrical energy stored in the battery, expressed in coulombs. TIPThe capacity of VX 675 terminal's high capacity battery pack is 2200 mAh typical (new).
VX 675 BATTERY INFORMATIONGeneral Battery Terms and Definitions176 VX 675 REFERENCE GUIDECharge RateThis refers to the amount of current applied to the battery during charging. Charge TimeThe amount of time required to charge a battery. Maximum charge time refers to the amount of time to fully charge a fully discharged battery. ChargingRefers to the process of converting electrical energy, in the form of electric current, from an external source (charger) into chemical energy within a battery cell. Current The flow of electrons through a conductor, measured in amperesCycle LifeThis refers to the number of charge/discharge cycles the battery can endure before it loses its ability to store useful charge.Dead BatteryA battery is considered “dead” when it deep discharges to the point that it can no longer accept a charge or when it has reached the end of its cycle life. Deep DischargeThe state of a battery that has been discharged well below its useful charge level. When a battery is in this state, it may be difficult to recharge. This characteristic typically indicates a reduced cycle life. Discharge Time, Run TimeThis refers to the amount of time a battery can provide power to a system before it discharges fully. It is a function of the load that receives power from the battery. NOTECharge rate for the VX 675 terminal's battery: Initially 0.7A tapering to zero at end of charge.NOTETypical charge time for the VX 675 terminal’s battery: 2200 mAh in approximately 4.65 hours.NOTEThe VX 675 terminal’s battery pack will retain approximately 75% of its original charge after 300 cycles.
VX 675 BATTERY INFORMATIONGeneral Battery Terms and DefinitionsVX 675 REFERENCE GUIDE 177DischargingRefers to the process of converting the chemical energy of a battery into electrical energy, and the transfer of the electrical energy into a load. Self-Discharge RateThe amount by which the charge of the battery is reduced without providing any current to an external terminal or load. Shelf-LifeThe length of storage under specified conditions that a battery can endure while retaining the ability to give a satisfactory performance upon full charge. VoltageThis is the unit of potential power or electric pressure, which is the force that causes current to flow through an electric conductor. It is measured in volts.NOTEThe shelf life of the VX 675 battery pack is 6 months at 30% initial charge.
VX 675 BATTERY INFORMATIONGeneral Battery Terms and Definitions178 VX 675 REFERENCE GUIDE
VX 675 REFERENCE GUIDE 179GLOSSARYApplication ID An alphanumeric code that identifies an application program downloaded to a terminal from a download computer. For ZonTalk 2000 application downloads, the application ID is stored in the CONFIG.SYS record which begins with the *ZA key. A VX 675 application ID can be up to 21 characters long. For VeriCentre Download Management Module, the application ID, as well as other CONFIG.SYS variables, may differ from those used for ZonTalk 2000.Application program The ordered set of programmed instructions by which a computer performs an intended task or series of tasks.Application prompt The information shown on the terminal’s display panel when power is applied to the terminal, assuming that an application program has already been downloaded into the terminal’s memory and authenticated by the file authentication module. The application prompt often contains a graphical logo, and date and time, but it can consist of anything the programmer chooses for that purpose.ASCII Abbreviation for American Standard Code for Information Interchange. A 7-bit code (with no parity bit) that provides a total of 128 bit patterns. ASCII codes are widely used for information interchange in data processing and communication systems.Back-to-back application download The process of copying the contents of one terminal’s application memory to another terminal’s application memory. A terminal-to-terminal application upload require that the sending and receiving terminal be connected to each other by a serial cable. The same operation as a terminal-to-terminal application upload.”Baud The number of times per second that a system, especially a data transmission channel, changes state. The state of a system may represent a bit, digit, or symbol. For a POS terminal, the baud rate indicates the number of bits per second that are transmitted or received by the terminal’s micro-USB port.Bit Short for binary digit. Either of the two digits 0 and 1 in the binary number system. Also, a unit of information equal to one binary decision. The bit is the smallest unit of storage and hence of information in any binary system within a computer. Block A collection of data units such as words, characters, or records (generally more than a single word) that are stored in adjacent physical positions in memory or on a peripheral storage terminal. A block can therefore be treated as a single unit for reading, writing, and other data communication operations.Boot loader Also called a bootloader or bootstrap loader. A short program, stored in non-volatile memory, that allows the terminal to continue operating during an operating system download procedure, until the new operating system is downloaded into terminal memory.Buffer A temporary memory area for data, normally used to accommodate the difference in the rate at which two devices can handle data during a transfer.Byte A term developed to indicate a measurable number of consecutive binary digits that are usually operated on as a unit. For the VX 675 service dongle a byte consists of eight bits. See also Bit.Calendar/clock chip A real-time clock inside the VX 675 terminal which keeps track of the current date and time.Card reader Also called magnetic stripe card reader. The slot on the right side of the VX 675 terminal that automatically reads data stored in the magnetic stripe on the back of a specially-encoded card when you swipe the card through the slot.Carrier Usually, an analog signal that is selected to match the characteristics of a particular transmission system. A carrier signal transmits data from a host computer to a VX 675 terminal through a service dongle.
GLOSSARY180 VX 675 REFERENCE GUIDECertificate Also called a digital certificate. A digital document or file that attests to the binding of a public key to an individual or entity, and that allows verification that a specific public key does in fact belong to a specific individual.Character An element of a given character set. The smallest unit of information in a record. A letter, numeral, or other symbol to express information.CONFIG.SYS file A special keyed file that is stored in terminal memory and which contains system and application configuration parameters. Each record in a CONFIG.SYS file is identified by an alphanumeric search key. In the VX 675 file system, there is one password-protected CONFIG.SYS file per file group (Groups 1–15). You can modify CONFIG.SYS records using the keyed file editor. See Keyed file editor.CPU Abbreviation for central processing unit. The principal operating part of a computer system that controls the interpretation and execution of instructions stored in memory.Data Information prepared, often in a particular format, for a specific purpose. Data is to be distinguished from applications or program instructions. In the VX 675 terminal, application files and data files can be stored in memory.Data entry The process of using a keyboard, card reader, or other terminal to input data directly into a system.Data packet A group of bits of fixed maximum size and well-defined format that is switched and transmitted as a composite whole through a packet switching network. Any message that exceeds the maximum size is partitioned and carried as several packets. Data packets are formed by the controller in the sending data terminal and the data is extracted and reassembled by the controller at the receiving end.Default A value, parameter, option, or attribute that is assigned by the program or system when another has not been assigned by the user.Delete To remove a record, field, or item of data.Diagnostics Techniques employed for detection and isolation of malfunctions and errors in programs, systems, and devices. In a diagnostic test, a program or routine is run to detect failures or potential failures. These tests and routines help detect and isolate problems in a terminal or peripheral terminal.Direct download The process of transferring files and/or data from a download computer to a terminal over a serial cable connection and in a local, as opposed to a remote, system environment.Display The backlit LCD screen on the  VX 675 terminal that shows numerals, letters, and punctuation symbols in selected fonts, graphics in various formats, information entered from the keypad, as well as system prompts and messages.Download To transfer files or data from a host computer or sending terminal over a communication link to a receiving terminal.File authentication A process through which one proves and verifies the origin of a file, the identity of the sender, and the integrity of the information it contains.Firmware System software, including the operating system, boot loader, default display font, and system messages, stored in terminal memory.Fixed prompt A system prompt or message stored as part of system firmware in terminal memory. Fixed prompts appear on the terminal display to alert the user to specific system occurrences or malfunctions, and to prompt the user to enter specific information or select options.Flash memory An area of non-volatile memory where files can be stored. Files can be stored in drive I: or in drive F: memory area of any file group (Groups 1–15).Host computer Also called a download computer. The primary or controlling computer in a multiple computer operation. Also, a computer—usually a PC running Windows XP, Windows 2000, Windows NT or Windows 95 or 98—used to prepare programs for download to POS terminals. Host computers are also used to process transactions that originate from a distributed network of POS terminals.
GLOSSARYVX 675 REFERENCE GUIDE 181Input The process of entering data into a processing system or a peripheral terminal such as a terminal, or the data that is entered.Interface A common boundary between two systems, devices, or programs. Also, to interact with a terminal.Keyed file character set A limited set of 96 ASCII characters, from 00h to 5Fh (or 0 to 95 decimal), that is used by the VX 675 keyed file editor. Although an application program can download all 95 characters in this set, you can only enter 50 of these characters from the terminal keypad: 0–9,   A–Z, and 14 special characters.Keyed file editor A keyed file editor lets you create new records or modify existing records stored in a keyed file such as CONFIG.SYS. See CONFIG.SYS file.Keyed file record ASCII data, or variables, stored in the terminal’s CONFIG.SYS file(s). A keyed file record consist of two parts: a search key that identifies the record, and the data or variable stored in the record. See CONFIG.SYS file.Keypad A small keyboard or section of a keyboard containing a smaller number of keys, generally those used in simple calculators. The 16-key core keypad of the VX 675 terminal is used to enter data and perform operations.Local functions Operations performed at the terminal only and not in interaction with a host computer. For the VX 675, local functions such as internal diagnostics are performed in Verix Terminal Manager. See Chapter 4.Manual transaction A transaction involving the manual entry of account information from the terminal keypad instead of automatic entry of the information from a reading terminal, such as a magnetic stripe card reader.Memory A terminal or medium that can retain information for subsequent retrieval. The term is most frequently used to refer to the internal storage of a computer (or a terminal) that can be directly addressed by operating instructions. In the  VX 675, files are stored in non-volatile flash memory.Messages Words and symbols appearing on the display screen which inform the user of the terminal of the result of a process, or if an error has occurred. The term “prompt” is used when the displayed message is requesting the user to enter information or to select an option.Non-volatile memory A memory or storage medium that retains data in the absence of power so that the data is available when power is restored. For the VX 675, application files and data files are stored in non-volatile flash memory. Normal Mode The operating mode for normal transaction processing. The main application (downloaded and authenticated) starts and displays an application prompt, indicating that the terminal is in normal mode. In this mode, the terminal is ready to process transactions. See also Verix Terminal Manager.Packet A group of bits of fixed maximum size and well-defined format that is switched and transmitted as a composite whole through a packet switching network. Any message that exceeds the maximum size is partitioned and carried as several packets.Packet-switched networks Networks of computers or computing devices in which communication resources are allocated dynamically on a variety of levels to multiple communicating entities. Messages between entities are partitioned into segments, or packets, with a fixed maximum size.Parameter A variable that is usually assigned a constant value for a specific subroutine, procedure, or function. Parameters stored in terminal memory or in the CONFIG.SYS file(s), enable a host or download computer to identify to terminal configuration.Password A group of characters that identify a user to the system so that they can gain access to the system or part of that system. Passwords are used to ensure the security of computer systems by regulating the amount of access freedom. The password used to enter the Verix Terminal Manager is called the system mode password. In the VX 675 file system, each file group (Groups 1–15) also has its own password.
GLOSSARY182 VX 675 REFERENCE GUIDEPC Abbreviation for personal computer. Usually, PC refers to an IBM-compatible personal computer.Peripheral terminal In a computer system, any equipment that provides the processing unit with outside communication. Typical peripheral devices for a POS terminal include PINpads and check readers.Port An opening or connection that provides electrical or physical access to a system or circuit. Also, a connection point with associated control circuitry that allows I/O devices to be connected to the internal bus of a microprocessor.POS terminal A terminal used at the point of sale, which is usually at a merchant site where a customer pays for goods or services received. Information concerning the sale can be entered into the terminal and transmitted to a remote host computer for verification and processing.Power pack A unit for transforming and converting electrical power from one AC voltage level to another AC voltage level, or from AC to DC, for electronic devices.Prompt A short message, sent from a process to a user, indicating that the process expects the user to input data. For example, a prompt appears on the terminal display asking the user to enter specific information. See Messages.Protocol An agreement that governs the procedures used to exchange information between cooperating entities. For example, protocols govern the format and timing of messages exchanged between devices in a communication system, such as between a terminal and a host computer.PTID Permanent terminal ID. An optional identifier that can be permanently assigned to a VeriFone terminal at the factory, upon customer request. The PTID is an eight digit number, consisting of a two digit manufacturer’s ID (12 for VeriFone), followed by a six digit terminal ID. If no PTID is assigned to the unit then, the default value 12000000 is used.RAM Random-access memory. The type of memory in which storage locations are addressable and can therefore be accessed in any order. In the VX 675 terminal, the mDRAM is used to run applications. Application files and data are stored in the non-volatile flash memory system. By default, files downloaded to the terminal are stored in the I: drive of the target file group(s). See Flash memory.Remote host computer A host computer connected to a VX 675 service dongle to download files or data, or to process transactions. The opposite of remote is local.Scroll To move all or part of the information displayed on a screen up or down, left or right, to allow new information to appear. For the VX 675, text that does not fit entirely within the display area can be scrolled to the left or right using the pound (#) and asterisk (*) keys.Search key Also called key. In the VX 675, a short character string used by an application to identify a keyed file record stored in CONFIG.SYS file(s). For example, *ZA or *OT. A keyed file record consist of two parts: a search key to identify the record, and the variable data stored in the record. See also Keyed file record and CONFIG.SYS file.Serial port A connection point through which digital information is transferred one digital bit at a time. Same as serial interface. The VX 675 terminal has one serial port, available at the multiport connector. The main serial port on a download computer is usually assigned the terminal ID, COM1.Signature file A digital file with the filename extension *.p7s generated in an industry-standard format by the file signing tool, FILESIGN.EXE. The output of the file signing tool is a signature file in an industry-standard format. mDRAM See RAM.Subroutine A software routine that can be part of another routine. When a main routine calls a subroutine, program control is transferred to the subroutine. When the subroutine is completed, control reverts to the instruction in the main routine immediately following the subroutine call.Swipe The action of sliding a magnetic stripe card through a terminal card reader. The VX 675 card reader has a bi-directional swipe direction. The user must hold the card so that the magnetic stripe is faces in and towards the keyboard.
GLOSSARYVX 675 REFERENCE GUIDE 183Verix Terminal Manager For the VX 675, Verix Terminal Manager temporarily disables normal mode operations, allowing you to perform local functions such as downloads, diagnostics, and other operations that cannot be performed while the application program is running.At startup, the terminal displays a copyright notice screen that shows the version of VX 675 system firmware stored in terminal memory, the date it was loaded into the terminal, and the copyright notice. This screen appears for three seconds. To enter Verix Terminal Manager, simultaneously press the ENTER and 7keys during this three-second period. Pressing any other key(s) during that period resets the copyright notice screen to display an additional three seconds.Verix Terminal Manager password A unique set of characters entered by the user to access the Verix Terminal Manager local functions of the terminal. A default password is supplied with each terminal. For the VX 675 terminal, the default system password set at manufacture is: 166831. To prevent unauthorized access, change the default password upon terminal deployment. Store the new password in a safe place, as it is impossible to restore the terminal default password without sending the unit to VeriFone for service.Terminal Any terminal capable of sending and receiving data over a data link, such as a RS-232 cable. Some terminals, such as the VX 675, can print receipts and display information and graphics on a screen.Terminal ID An alphanumeric code that identifies a terminal to a download computer. In this way, the download computer can determine what data or application programs to download to that terminal. For ZonTalk 2000 downloads, the VX 675 terminal ID is stored in the *ZT record in the CONFIG.SYS file. This variable should not exceed 10 characters in length. Not the same as PTIDTerminal-to-terminal application upload The process of copying the application memory contents of one terminal to the application memory of another terminal. A terminal-to-terminal application upload requires that the terminals be connected to each other by a serial cable. See also Back-to-back application download.Track 1, 2, or 3 data Information stored on tracks 1, 2, or 3 of a debit or credit card magnetic stripe, which can be read by a magnetic card reader terminal, such as the one that is integrated in the VX 675 terminal.Transaction An exchange of data resulting in a transfer of goods, services, value, and/or information between two parties. Variable A string of characters that denotes some value stored within the computer and that can be changed during execution. A variable may be internal to a program, in which case it is held in memory, or external if the program must perform an input operation to read its value. See Parameter.Volatile memory A type of memory where the contents are destroyed if the power supply to the memory is interrupted. In the VX 675 applications run from volatile memory, mDRAM. Compare with Non-volatile memory.
GLOSSARY184 VX 675 REFERENCE GUIDE
VX 675 REFERENCE GUIDE 185INDEXAaccessories 142documentation 143power packs 142VeriFone cleaning kit 142ATR test 159Bback-to-back application downloadschecklist for effects on files and settings in the re-ceiving terminal 132hardware checklist 131software checklist 131back-to-back downloads 99, 100file authentication 115redirect files during 109Base Station 26battery capacitydefinition 176battery cellsdefinition 175battery packsdefinition 175battery statusdefinition 175Ccertificates and signature files 110chargedefinition 176charge ratedefinition 176charge timedefinition 176cleaning kit 142clear smart card 90clock 68CONFIG.SYS files 65connection ports 19contact VeriFone 141cycle lifedefinition 176Ddata entry modesnormal mode 34system mode 34date and time 68determine last reset 57, 162DDL.EXE 100dead batteriesdefinition 177deep dischargedefinition 177direct application download 118checklist for effects on files and settings in the re-ceiving terminal 118hardware checklist 118software checklist 118direct operating system downloads 126checklist for effects on files and settings in the re-ceiving terminal 126hardware checklist 126procedure 127software checklist 126discharge timedefinition 177dischargingdefinition 177displaystroubleshooting 163, 164documentation 142ordering 143downloadsapplications and related files 101back-to-back 99back-to-back application 100by telephone 100definition 99, 180direct download utility (DDL) 100download types 102downloading a new operating system 114effect on existing files and data 117file authentication 114file authentication and back-to-back applicationdownloads 115file authentication and downloading applicationsto specific file groups 113file authentication and timing considerations 116file authentication procedure for 111file authentication process 101file authentication requirements 110certificates and signature files 110file compression 116file groups 45file system organization 104
INDEXE186 VX 675 REFERENCE GUIDEfull and partial downloads 101full application 102full operating system 103host PC 99operating system files 100OS files and file authentication 114partial application 102partial operating system 103procedure for performing a direct applicationdownload 119procedure for performing back-to-back applica-tion downloads 132redirecting files during 106redirecting files to flash memory 106redirecting files to other file groups 107redirection of files during downloads 106back-to-back downloads 109how operating system files are redirected109using DDL.EXE to automatically redirect files109restrictions on redirecting files to other filegroups 108select port 47, 123store the main application in file Group 1 104support for multiple applications 104physical and logical access to file groups 105terminal configuration settings 101tools 100types of download operations 99use of RAM and flash memory 105implications for data transfers 105Eelectric currentdefinition 176electrical considerations 16environmental factors 16error log 67Ffile authentication 110and downloads 111authenticating files in specific file groups 91back-to-back downloads 115deciding which files to authenticate 83definition of file authentication 75deployment process 77, 81development process 77, 78digital signature 76downloading OS files and 114for non-executable application files 83guidelines for downloading specific file types 93planning for successful file authentication 82pre-deployment process 77, 80relationship to file groups 91special files used in the file authentication pro-cess 76VeriShield security architecture 83file authentication certificatesadding new certificates 88application partition certificate 77certificate tree 85control file signing privileges 86customer sponsor certificate 89default sponsor certificate 87definition 76development certificates 86downloading a certificate 86downloading sponsor and signer certificates 87file size 94hierarchical relationships 76, 85how they are authenticated 85in a development terminal 86main functions 85platform root certificate 76signer certificate 77sponsor certificate 76file authentication keyshow private cryptographic keys are conveyed tocustomers 76private cryptographic key 76public cryptographic key 85relationship to signature files 76file authentication process flowconfirming successful authentication 84effect of failed authentication 84running the *GO application following authenti-cation 84visual and audible indications during processing84when the ATTR_NOT_AUTH bit is set 85file authentication signature filesfile size 94file group password 40file groups 39password 40, 45, 70store main application in Group 1 104file signingcustomer signer PIN 89how signature files authenticate application files84required inputs to the file signing process 88using the signer private key 77VeriShield File Signing Tool 94files
INDEXHVX 675 REFERENCE GUIDE 187CONFIG.SYS 65keyed 65placing in terminal directories 106flashdisplay memory used 53full application download 102full OS download 126function keysBACKSPACE 35CANCEL 35ENTER 35using terminal keys 33HHDMI 10IICC diagnostics 159installation 11connecting the terminal power pack 25terminal location 16unpacking the shipping carton 17integrated PIN pad 56, 162Kkey value 65keyed files 65keypadstroubleshooting 165Llithium-ion batteriesaging effects 172discharge rate 172energy density 171initial charging 172precautions 172storage precautions 173transportation restrictions 173voltage capacity 172Mmaintenancecleaning the terminal 139cleaning the terminal contacts 139returning a battery for repair or replacement 141returning a terminal for repair or replacement141Nnon-protected records 65Ooperating system downloads 103Ppaper jamstroubleshooting 165paper rollsfor thermal printers 20, 165installation 20partial application downloads 102partial OS download 126passwords 38, 39, 40file group 70manufacturer’s default 66PIN pad 56, 162portsdownloads and 47, 123power adapter cables 19power packsAC version 142connecting 25DC version 142ordering 142printertest 59printerstroubleshooting 164protected records 65RRAMdisplay memory used 53reset date and time 57, 162run timedefinition 177SSAM diagnostics 159SecureKit 72self-discharge ratedefinition 177servicereturning a battery for repair or replacement 141returning a terminal for repair or replacement141shelf lifedefinition 177signature file 94SIM cardsfor GSM models 22Smart Batterycell temperature monitoring 173charging 174conditioning 174discharging 174ESD protection 173FAQs 174overheating 174percent of charge 175remaining charge 175safety/protection circuit 173, 175storage 174
INDEXT188 VX 675 REFERENCE GUIDEtrip recovery 174voltage 175smart batterybattery life 26charging 26conserving power 24, 164disposal 26, 171features 23recharging 26troubleshooting 164smart card diagnostics 159specificationsDC power pack 137power 137temperature 137state of chargedefinition 175system mode 37CONFIG.SYS 65display memory used 53download port selection 47, 123entering 42error log display 67file groups 39, 45integrated PIN pad 56local and remote operations 38menu 3 65password 70procedures 41system mode operationsprotected and non-protected records 65system password 39Ttechnical supportcontacting VeriFone 141returning a battery for repair or replacement 141returning a terminal for repair or replacement141terminalclock 68data entry modes 34file editor 65life of 57, 162number of resets 57, 162password 38, 39using terminal keys 33verify status 38terminal featuresgeneral 18terminal managerintegrated PIN pad 162terminalsaccessories 142benefits 12cleaning 139documentation 142electrical considerations 16environmental factors 16features 18repair 141replacement 141service and support 141troubleshooting 163, 164thermal printer paperstorage 20thermal printersabout the thermal printer paper 20, 165paper jams 165troubleshooting 164time 68timing considerations and downloads 116transactionssmart cards 29wireless 28troubleshootingbatteries 164displays 163, 164guidelines 163keypads 165printers 164terminal transactions 165terminals 163Uupload 99USB 30Flash Drive connection 30VVeriCentre 65, 100VeriCentre download management module 66VeriFone PKIhow certificates ensure logical security 85VeriFone certificate authority 75VeriShield File Signing Toolcommand-line mode 94default inputs 89FileSign dialog box 94graphical interface mode 94required inputs 89switches for command-line entries 96what it does 94voltagedefinition 177VX 675 ECR 31banking host system 31
INDEXWVX 675 REFERENCE GUIDE 189Customer display 31Fiscal module 31Ministry of Finance 31Wwireless transactions 28
Federal Communication Commission Interference Statement  This device complies with Part 15 of the FCC Rules. Operation is subject to the following two conditions: (1) This device may not cause harmful interference, and (2) this device must accept any interference received, including interference that may cause undesired operation.  This equipment has been tested and found to comply with the limits for a Class B digital device, pursuant to Part 15 of the FCC Rules.  These limits are designed to provide reasonable protection against harmful interference in a residential installation. This equipment generates, uses and can radiate radio frequency energy and, if not installed and used in accordance with the instructions, may cause harmful interference to radio communications.  However, there is no guarantee that interference will not occur in a particular installation.  If this equipment does cause harmful interference to radio or television reception, which can be determined by turning the equipment off and on, the user is encouraged to try to correct the interference by one of the following measures:   Reorient or relocate the receiving antenna.  Increase the separation between the equipment and receiver.  Connect the equipment into an outlet on a circuit different from that to which the receiver is connected.  Consult the dealer or an experienced radio/TV technician for help.  FCC Caution: Any changes or modifications not expressly approved by the party responsible for compliance could void the user's authority to operate this equipment.  This transmitter must not be co-located or operating in conjunction with any other antenna or transmitter.
Radiation Exposure Statement: This device meets the government’s requirements for exposure to radio waves. This device is designed and manufactured not to exceed the emission limits for exposure to radio frequency (RF) energy set by the Federal Communications Commission of the U.S. Government.      The exposure standard for wireless device employs a unit of measurement known as the Specific Absorption Rate, or SAR. The SAR limit set by the FCC is 1.6W/kg. *Tests for SAR are conducted using standard operating positions accepted by the FCC with the device transmitting at its highest certified power level in all tested frequency bands.
Industry Canada statement   This device complies with Industry Canada license-exempt RSS standard(s). Operation is subject to the following two conditions:   (1) this device may not cause interference, and   (2) this device must accept any interference, including interference that may cause undesired operation of the device.   Le présent appareil est conforme aux CNR d'Industrie Canada applicables aux appareils radio exempts de licence. L'exploitation est autorisée aux deux conditions suivantes:   (1) l'appareil ne doit pas produire de brouillage, et   (2) l'utilisateur de l'appareil doit accepter tout brouillage radioélectrique subi, même si le brouillage est susceptible d'en compromettre le fonctionnement."  z This Class B digital apparatus complies with Canadian ICES-003. z Cet appareil numérique de la classe B est conforme à la norme NMB-003 du Canada.  Radiation Exposure Statement: The product comply with the Canada portable RF exposure limit set forth for an uncontrolled environment and are safe for intended operation as described in this manual. The further RF exposure reduction can be achieved if the product can be kept as far as possible from the user body or set the device to lower output power if such function is available.  Déclaration d'exposition aux radiations: Le produit est conforme aux limites d'exposition pour les appareils portables RF pour les Etats-Unis et le Canada établies pour un environnement non contrôlé. Le produit est sûr pour un fonctionnement tel que décrit dans ce manuel. La réduction aux expositions RF peut être augmentée si l'appareil peut être conservé aussi loin que possible du corps de l'utilisateur ou que le dispositif est réglé sur la puissance de sortie la plus faible si une telle fonction est disponible.  ¾ This device and its antenna(s) must not be co-located or operating in conjunction with any other antenna or transmitter, except tested built-in radios.    ¾ Cet appareil et son antenne ne doivent pas être situés ou fonctionner en conjonction avec une autre antenne ou un autre émetteur, exception faites des radios intégrées qui ont été testées.
Česky [Czech] [Jméno výrobce] tímto prohlašuje, že tento [typ zařízení] je ve shodě se základními požadavky a dalšími příslušnými ustanoveními směrnice 1999/5/ES. Dansk [Danish] Undertegnede [fabrikantens navn] erklærer herved, at følgende udstyr [udstyrets typebetegnelse] overholder de væsentlige krav og øvrige relevante krav i direktiv 1999/5/EF. Deutsch [German] Hiermit erklärt [Name des Herstellers], dass sich das Gerät [Gerätetyp] in Übereinstimmung mit den grundlegenden Anforderungen und den übrigen einschlägigen Bestimmungen der Richtlinie 1999/5/EG befindet. Eesti [Estonian] Käesolevaga kinnitab [tootja nimi = name of manufacturer] seadme [seadme tüüp = type of equipment] vastavust direktiivi 1999/5/EÜ põhinõuetele ja nimetatud direktiivist tulenevatele teistele asjakohastele sätetele. English Hereby, [name of manufacturer], declares that this [type of equipment] is in compliance with the essential requirements and other relevant provisions of Directive 1999/5/EC. Español [Spanish] Por medio de la presente [nombre del fabricante] declara que el [clase de equipo] cumple con los requisitos esenciales y cualesquiera otras disposiciones aplicables o exigibles de la Directiva 1999/5/CE. Ελληνική [Greek] ΜΕ ΤΗΝ ΠΑΡΟΥΣΑ [name of manufacturer] ΔΗΛΩΝΕΙ ΟΤΙ [type of equipment] ΣΥΜΜΟΡΦΩΝΕΤΑΙ ΠΡΟΣ ΤΙΣ ΟΥΣΙΩΔΕΙΣ ΑΠΑΙΤΗΣΕΙΣ ΚΑΙ ΤΙΣ ΛΟΙΠΕΣ ΣΧΕΤΙΚΕΣ ΔΙΑΤΑΞΕΙΣ ΤΗΣ ΟΔΗΓΙΑΣ 1999/5/ΕΚ. Français [French] Par la présente [nom du fabricant] déclare que l'appareil [type d'appareil] est conforme aux exigences essentielles et aux autres dispositions pertinentes de la directive 1999/5/CE. Italiano [Italian] Con la presente [nome del costruttore] dichiara che questo [tipo di apparecchio] è conforme ai requisiti essenziali ed alle altre disposizioni pertinenti stabilite dalla direttiva 1999/5/CE. Latviski [Latvian] Ar šo [name of manufacturer   / izgatavotāja nosaukums] deklarē, ka [type of equipment / iekārtas tips] atbilst Direktīvas 1999/5/EK būtiskajām prasībām un citiem ar to saistītajiem noteikumiem. Lietuvių [Lithuanian]  Šiuo [manufacturer name] deklaruoja, kad šis [equipment type] atitinka esminius reikalavimus ir kitas 1999/5/EB Direktyvos nuostatas. Nederlands [Dutch] Hierbij verklaart [naam van de fabrikant] dat het toestel [type van toestel] in overeenstemming is met de essentiële eisen en de andere relevante bepalingen van richtlijn 1999/5/EG. Malti [Maltese] Hawnhekk, [isem tal-manifattur], jiddikjara li dan [il-mudel tal-prodott] jikkonforma mal-ħtiġijiet essenzjali u ma provvedimenti oħrajn relevanti li hemm fid-Dirrettiva 1999/5/EC. Magyar [Hungarian] Alulírott, [gyártó neve] nyilatkozom, hogy a [... típus] megfelel a vonatkozó alapvetõ követelményeknek és az 1999/5/EC irányelv egyéb elõírásainak. Polski Niniejszym [nazwa producenta] oświadcza, że [nazwa wyrobu] jest zgodny z
[Polish]  zasadniczymi wymogami oraz pozostałymi stosownymi postanowieniami Dyrektywy 1999/5/EC. Português [Portuguese] [Nome do fabricante] declara que este [tipo de equipamento] está conforme com os requisitos essenciais e outras disposições da Directiva 1999/5/CE. Slovensko [Slovenian] [Ime proizvajalca] izjavlja, da je ta [tip opreme] v skladu z bistvenimi zahtevami in ostalimi relevantnimi določili direktive 1999/5/ES. Slovensky [Slovak] [Meno výrobcu] týmto vyhlasuje, že [typ zariadenia] spĺňa základné požiadavky a všetky príslušné ustanovenia Smernice 1999/5/ES. Suomi [Finnish] [Valmistaja = manufacturer] vakuuttaa täten että [type of equipment = laitteen tyyppimerkintä] tyyppinen laite on direktiivin 1999/5/EY oleellisten vaatimusten ja sitä koskevien direktiivin muiden ehtojen mukainen. Svenska [Swedish] Härmed intygar [företag] att denna [utrustningstyp] står I överensstämmelse med de väsentliga egenskapskrav och övriga relevanta bestämmelser som framgår av direktiv 1999/5/EG.   This device complies with the R&TTE Directive (1999/5/EC), the EMC Directive (2004/108/EC), and the Low Voltage Directive (2006/95/EC) issued by the Commission of the European Community.  A minimum separation distance of 0 cm must be maintained between the user’s body and the device, including the antenna during body-worn operation to comply with the RF exposure requirements in Europe.
VX 675Reference GuideVeriFone Part Number  DOC265-004-EN-E, Revision E.3VeriFone, Inc.2099 Gateway Place, Suite 600San Jose, CA, 95110 USA1-800-VERIFONEwww.verifone.comVERIFONECONFIDENTIALREVISION E.3

Navigation menu