Verifone P200-P400

P200/P400
Reference Guide
Verifone Part Number DOC435-004-EN-B, Revision B

P200/P400 Reference Guide
© 2016 Verifone, Inc.
All rights reserved. No part of the contents of this document may be reproduced or transmitted in any form without the written
permission of Verifone, Inc.
The information contained in this document is subject to change without notice. Although Verifone has attempted to ensure the
accuracy of the contents of this document, this document may include errors or omissions. The examples and sample programs are
for illustration only and may not be suited for your purpose. You should verify the applicability of any example or sample program
before placing the software into productive use. This document, including without limitation the examples and software programs, is
supplied “As-Is.”
Verifone, and the Verifone logo are registered trademarks of Verifone.

Other brand names or trademarks associated with Verifone’s products and services are trademarks of Verifone, Inc. All other brand
names and trademarks appearing in this manual are the property of their respective holders.
Product Warranty
For product warranty information, go to http://www.verifone.com/terms.
Comments? Please e-mail all comments on this document to your local Verifone Support Team.
Verifone, Inc.
1-800-VERIFONE
www.verifone.com
CONTENTS
PREFACE . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5
Audience. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5
Organization . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5
Related Documentation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5
Conventions and Acronyms . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6
Conventions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6
Acronym Definitions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7
CHAPTER 1
Overview P200 and P400 Features . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9
Power by USB Supply . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11
Power by Serial Port of VX 520 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11
Features and Benefits . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11
Exceptional Ease of Use. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11
Performance and Durability . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11
Security . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11
Contactless Capability . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12
Communication Technology . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12
Differences Between P200 and P400 PINpad . . . . . . . . . . . . . . . . . . . . . . . . . . 12
CHAPTER 2
Using the PINpad Data Entry Modes. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 17
Keys The Keypad . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 17
Function Key Descriptions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 17
CHAPTER 3
System Mode When to Use System Mode . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 19
Local and Remote Operations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 20
Verifying PINpad Status . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 20
Entering System Mode . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 21
Exiting System Mode . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 22
Passwords . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 22
System Password . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 22
Default Password . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 23
System Mode Menus . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 23
System Mode Procedures. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 23
Procedure Description . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 23
Logging in to System Mode . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 24
Submenus. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 26
CHAPTER 4
File Authentication Introduction to File Authentication . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 35
The Verifone Certificate Authority . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 35
Special Files Used in the File Authentication Process . . . . . . . . . . . . . . . . . 36
How File Authentication Works . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 37
Planning for File Authentication . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 40
P200/P400 REFERENCE GUIDE 3
C ONTENTS
Download and Installation. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 40

How Signature Files Authenticate Target Files. . . . . . . . . . . . . . . . . . . . . . . 41
Determine Successful Authentication . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 41
Digital Certificates and the File Authentication Process . . . . . . . . . . . . . . . . 41
VeriShield File Signing Tool (FST) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 45
Signing Files . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 45
Packaging Tool. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 46
Downloading Application Files . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 46
CHAPTER 5
Performing Downloads and Uploads. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 47
Downloads Download Methods and Procedures . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 48
Direct downloads . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 48
DDL Command Line Syntax . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 48
DDL Command Line File. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 49
DDL Example . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 49
Downloading without an Onboard Application . . . . . . . . . . . . . . . . . . . . . . . 49
Network Download Utility . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 49
File Signing and Signature Files . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 50
APPENDIX A
System Messages Error Messages . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 51
Information Messages . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 56
APPENDIX B
Port Pinouts Multi I/O Connection Port . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 59
Multi I/O Connector Cable . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 60
RS-232 Port (USB-Serial Dongle) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 61
Ethernet Port (USB-Serial Dongle). . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 61
USB Pinout
(Mini Port on USB-Serial Dongle). . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 61
DC Input Jack Polarity for
435-044-01-A Cable . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 61
USB Pinout
(USB-Serial Dongle) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 61
APPENDIX C
ASCII Table The ASCII Table . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 63
G L O S S A R Y . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 65
I N D E X . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 67
4 P200/P400 REFERENCE GUIDE

PREFACE
This guide is the primary source of information for setting up and installing the
P200 or P400 PINpad.
Audience This guide is useful for anyone installing and configuring the PINpad.
Organization This guide is organized as follows:

Chapter 1, Overview. Provides an overview of the PINpad.
Chapter 2, Using the PINpad Keys. Explains how to set up and install the PINpad.
It tells you how to select a location, establish power connections, and how to
configure optional peripheral devices.
Chapter 3, System Mode. Describes password-controlled,

System mode operations, as well as how to use it to perform a variety of test and
configuration procedures.
Chapter 4, File Authentication. Describes the file authentication module of the

VeriShield security architecture and describes how to use the file signing utility,
VeriShield File Signing Tool to generate signature files.
Chapter 5, Performing Downloads. Documents procedures for downloading

applications and files to the device.
Appendix A, System Messages. Provides description about error and information
messages, which are grouped into two categories.
Appendix B, Port Pinouts. Provides list of pinouts for the PINpad, dongles, and
cable connectors.
Appendix C, ASCII Table. Provides an ASCII table.
Related Refer to the following set of documents to learn more about the PINpad:
Documentation • P400 Certifications and Regulations Sheet, VPN DOC435-001-EN
• P400 Quick Installation Guide, VPN DOC435-002-EN
• P400/P400 Plus Installation Guide, VPN DOC435-003-EN
• P200/P400 Mounting Adapter Quick Installation Guide, VPN DOC435-005-EN
• P200 Certifications and Regulations Sheet, VPN DOC430-001-EN
• P200 Quick Installation Guide, VPN DOC430-002-EN
• P200/P200 Plus Installation Guide, VPN DOC430-003-EN
• Engage Low-Profile Privacy Shield Quick Installation Guide,
VPN DOC000-021-EN

P REFACE
Conventions and Acronyms
• Engage Standard Privacy Shield Quick Installation Guide,

VPN DOC000-022-EN
• VOS Programmers Manual, VPN DOC00501
• P400 / P200 HW ERS, SPC435-002-01.
Conventions and This section describes conventions and acronyms used in this manual.
Acronyms
Conventions Various conventions are used to help you quickly identify special formatting. Table
1 describes these conventions and provides examples of their use.
Table 1 Document Conventions
Convention Meaning Example
Blue Text in blue indicates terms that See Conventions and Acronyms.
are cross referenced.
Italics Italic typeface indicates book You must install a roll of thermal-
titles or emphasis. sensitive paper in the printer.
Courier The courier typeface is used RetrieveClearCardData
while specifying onscreen text, retrieves the previous swipe's
such as text that you would enter clear track data and places it into
at a command prompt, or to the pstSwipeOut argument.
provide an URL.
The pencil icon is used to RS-232-type devices do not work
NOTE highlight important information. with the PINpad port.
The caution symbol indicates The terminal is not waterproof or

CAUTION possible hardware or software dustproof, and is intended for
failure, or loss of data. indoor use only.
The lightning symbol is used as a Due to risk of shock do not use

WARNING warning when bodily injury might the terminal near water.
occur.

P REFACE
Acronym Definitions Various acronyms are used in place of the full definition. Table 2 presents
acronyms and their definitions.
Table 2 Acronym Definitions
Acronym Definitions
AC Alternating Current
BT Bluetooth
DUN Dial-Up Network
ECR Electronic Cash Registers
EMV Europay MasterCard and VISA
HSPA High Speed Packet Access
LCD Liquid Crystal Display
LED Light Emitting Diode
MIB Management Information Block
MRA Merchandise Return Authorization
MSAM Micromodule-Size Security Access Module
NFS Network File System
PAN Personal Area Network
PED PIN Entry Device
PCI Payment and Card Industry
PIN Personal Identification Number
RJ45 Registered Jack 45
RS-232 Recommended Standard 232
R-UIM Removable User Identity Module
SAM Security Access Module
SD Secure Digital
SIM Subscriber Identity Module
TFT Thin Film Transistor
UART Universal Asynchronous Transmitter/Receiver
UMTS Universal Mobile Telecommunications System
USB Universal Serial Bus
VPN Verifone Part Number
Wi-Fi Wireless Fidelity
WPA2 Wireless Protected Access 2

P REFACE

CHAPTER 1
Overview
P400 and P200 are Verifone’s next generation integrated retail PINpad device.
P200 serve the needs of small to medium retailers while P400’s touchscreen
functionality and sophisticated design fits perfectly for high-end retail
establishments.
Although the units are a consumer facing handheld device, it can also be fix
mounted in some integrated retail scenarios. Given this, the product’s design is
equally appealing as a handheld PINpad and robust enough to look and function
appropriate in a fixed mount setting.
P200 and P400 P200 PINpad has a 2.8” QVGA screen display while P400 PINpad features a 3.5”
Features color touchscreen LCD display. P200 Plus and P400 Plus supports 802.11b/g/n
wireless fidelity (Wi-Fi) and Bluetooth (BT) BLE iBeacon profile only. P200 and
P400 are both equipped with fast processor, abundant memory, and has
integrated contactless features. P200 and P400 supports PCI 4.0 security. See
Table 3 for more information.
NOTE
Verifone ships variants of the device for different markets. Your device may have a
different configuration.

O VERVIEW
P200 and P400 Features
Figure 1 P400/P400 Plus PINpad
Figure 2 P200/P200 Plus PINpad

O VERVIEW
Power by USB Supply
Power by USB P400 can be powered with 5 V supply from USB port (5 V at 500 mA) with the
Supply following power-saving conditions controlled by the OS:
• Maximum audio output volume is reduced.
• LCD backlight intensity is reduced to 30% (not suitable for high-glare, outdoor
usage).
• Keypad backlight is disabled.
• Ethernet functionality is unavailable.
• BT and Wi-Fi functions are unavailable.
• The maximum USB cable length supported is 4.1 m (CBL280-025-02-A).
• In CTLS payment mode, the micro-processor operating frequency is reduced
to 300 MHz until the PINpad exits CTLS mode.
• Multi-media function (video playback or audio function) has to be switched off
by the user or customer app when CTLS payment mode is activated. Other
modes of payment like smart card and MSR payment can be supported.
NOTE CTLS payment mode is defined as the state of the device where RF transmission
is broadcasting to allow for a CTLS payment. This is activated either during the
scanning of items or at the completion of scanning items during the checkout
process, depending on how the application sets it up. As soon as checkout is
complete the device exits CTLS payment mode and remains off until activated for
the next checkout.
See Power Supply section in P400/P400 Plus Installation Guide, VPN -

DOC435-003-EN or P200/P200 Plus Installation Guide, VPN - DOC430-003-EN
for more information.
Power by Serial For recommended connectivity and feature constraint imposed due to limitation of
Port of VX 520 source power from VX 520, please refer to P400/P400 Plus Installation Guide,
VPN - DOC435-003-EN and P200/P200 Plus Installation Guide, VPN -
DOC430-003-EN respectively.
Features and The unit provides the right combination of features and functions including a triple-
Benefits track magnetic stripe card reader, smart card reader, color touchscreen display
(P400 only) and integrated contactless module.
Exceptional Ease of • 2.8” QVGA and 3.5” color TFT LCD display for boundless application
Use possibilities and easy readability.
• Vertical magnetic stripe card reader with an extended blade for optimal card
reading.
• Touchscreen for icon-based applications or electronic signature capture
support (P400 and P400 Plus only).

O VERVIEW
Differences Between P200 and P400 PINpad
Performance and • Fast transactions due to powerful 600 MHz ARM Cortex A9 processor.
Durability • Rounded corners and drop resistant to 3 feet on concrete floor to minimize
breakage.
• 384 MB (P200/P400) or 1 GB (P200/P400 Plus) of memory with optional
removable SD flash memory.
Security • PCI 4.0 compliance

• EMV Level 1 and 2 Type Approval.
• Tamper-resistant construction, SSL protocols, and VeriShield file
authentication.
• Latest WPA2 Wi-Fi security (P200 Plus and P400 Plus only) and supports
VeriShield Protect encryption implementations.
Contactless • Advanced contactless architecture that future-proofs investment with a single

Capability contactless interface (SingleCl), SoftSAMs, and side-by-side application
architecture.
• On-screen tap zone for optimized user experience.
• Contactless version accepts EMV and mag-stripe contactless payments as
well as PIN-based transactions.
Communication • Wi-Fi: Ideal for retailers that need multiple wireless devices and has existing
Technology IP infrastructure (P200 Plus and P400 Plus only).
• Bluetooth: Support iBeacon which is the intended short range application for
P200 Plus and P400 Plus.
Differences P200 and P400 PINpads are mostly identical and offer the same general benefits.
Between P200 It is important to know the differences in their intrinsic features.
and P400 PINpad
Table 3 Features Comparison

Features P400 P400 Plus P200 P200 Plus
Processor 600 MHz ARM 600 MHz ARM 600 MHz ARM 600 MHz ARM
Cortex A9 Cortex A9 Cortex A9 Cortex A9
OS V/OS V/OS V/OS V/OS
Memory 384 MB 1 GB 384 MB 1 GB
Display 3.5” Capacitive 3.5” Capacitive 2.8” non touch 2.8” non touch
Touch Touch
Touchscreen Capacitive Type Capacitive Type No No
Alpha-Numeric Yes Yes Yes Yes
Keypad
Function Keypad NA NA Yes Yes
(Navigation Key)

O VERVIEW
Table 3 Features Comparison

Features P400 P400 Plus P200 P200 Plus
Bluetooth NA Yes (iBeacon No Yes (iBeacon only)
only)
Wi-Fi NA Yes NA Yes
Magnetic card reader Triple Track, bi- Triple track, bi- Triple track, bi- Triple track, bi-
directional directional directional directional
Smart card reader ISO 7816, 1.8 V, 3 V, ISO 7816, 1.8 V, ISO 7816, 1.8 V, 3 ISO 7816, 1.8 V, 3
5 V, synchronous 3 V, 5 V, syn- V, 5 V, synchro- V, 5 V, synchro-
and asynchronous chronous and nous and asyn- nous and asyn-
cards asynchronous chronous cards chronous cards
cards
SAM slots 2 (dual stacking) 2 (dual stacking) 2 (dual stacking) 2 (dual stacking)
SIM NA NA NA NA
Micro SD Yes, 1 uSD Yes, 1 uSD No Yes, 1 uSD
Speaker or Buzze Speaker Speaker Buzzer Speaker
USB integrated 1 Host/client 1 Host/client 1 Host/client 1 Host/client
Security PCI 4.0 PCI 4.0 PCI 4.0 PCI 4.0
CTLS NXP PN512 C2 NXP PN512 C2 NXP PN512 C2 NXP PN512 C2
Charger 9 V DC/1 A 9 V DC/1 A 9 V DC/1 A 9 V DC/1 A
Dimension (mm) 167 x 80 x 42 167 x 80 x 42 166 x 80 x 44 166 x 80 x 44

O VERVIEW

CHAPTER 2
Using the PINpad Keys
Before proceeding to other tasks, familiarize yourself with the operational features
of the keypad to enter data.
This section describes how to use the keypad, which consists of a 12-key Telco-
style keypad with three color-coded keys below the keypad. Using these keys you
can perform all data entry tasks described in this manual. For added convenience,
the keypad is automatically back-lit when you power on the device.
TELCO STYLE
KEYPAD
ENTER
CANCEL CLEAR
Figure 3 Front Panel Key Arrangement on P400/P400 Plus

U SING THE PIN PAD K EYS
P200 PINpad also has a navigation keys that allows users to navigate through the
menus and select specific operations.
NAVIGATION
KEYS
TELCO STYLE
KEYPAD
CANCEL ENTER
CLEAR
Figure 4 Keypad Arrangement on P200/P200 Plus

Data Entry Modes
Data Entry Before you can use the keys on the front panel to enter ASCII characters, the
Modes PINpad must be in a mode that accepts keyed data entry. There are two PINpad
operating modes, each enabling you to press keys to enter data under specific
circumstances:
• Normal mode: This is the operating mode where an application program is
present in mDRAM and currently running.
• System mode: This is a special, password-controlled operating mode for
performing a variety configuration procedures that cannot be performed when
an application is running.
The application controls how PINpad keys process transactions and when you
can use specific keys to type characters or respond to prompts.
The Keypad You can enter up to 44 ASCII characters, including the letters A–Z, the numerals
0–9, and special characters: (,), (‘), (“), (:), (-), (<space>), (/), and (+) using the
keypad.
Alphabetic characters are entered by pressing its corresponding number in the
keypad multiple times within a given time. Special characters can be entered by
using the asterisk (*) key or the zero number key (0). With the smaller case
character selected using the hash key (#), press the asterisk or the zero number
key continuously until the desired character is displayed. Some of the special
characters may or may not be available when terminal is on System mode.
Function Key The following are the function keys of the PINpad’s keypad.
Descriptions
NOTE The PINpad’s operating mode and context determine the specific action
performed when you press one of the function keys. The following descriptions
are provided solely to acquaint you with some general characteristics of these
function keys before presenting more detailed System mode procedure
descriptions.
Cancel Key
Pressing the Cancel key in normal mode when the PINpad’s application is loaded
and running terminates the current function or operation.
In System mode, use Cancel to perform a variety of functions. The most common
use of Cancel in System mode is to exit a System mode submenu and return to
the main System mode menu. The specific effect of pressing the Cancel key
depends on the currently active System mode menu. In the System mode login
screen, a special menu can be accessed by pressing the Cancel key — Reboot,
Run Apps, Transfer Logs, and System Info can be accessed without logging in or
entering any password.

The Keypad
Clear Key
In normal mode, the Clear key is commonly used to delete a number, letter, or
symbol on the PINpad’s display screen. Press Clear one time to delete the last
character typed on a line. To delete additional characters, moving from right-to-
left, press Clear once for each character or hold down Clear to delete all
characters in a line.
In System mode, the specific effect of pressing the Clear key depends on the
currently active System mode menu.
Enter Key
In normal mode, the Enter key is generally used in the same way as the enter key
on a PC, that is, to end a procedure, confirm a value or entry, answer “Yes” to a
query, or select a displayed option.
In System mode, press the Enter key to begin a selected procedure, step forward
or backward in a procedure, and confirm data entries. The specific effect of the
Enter key depends on the currently active System mode menu.
Navigation Key
P200 and P200 Plus has navigation keys that can be used to navigate through the
system mode menus/application menus and select specific operations.

CHAPTER 3
System Mode
This chapter describes System Mode Operations. System mode is used

exclusively by those responsible for configuring, deploying, and managing on-site
PINpad installations.
When to Use Use the System mode functions to perform different subsets of related tasks:
System Mode • Application programmers: Configure a development PINpad, download
development versions of the application program, then test and debug the
application until it is validated and ready to be downloaded to other PINpads.
• Deployers of PINpads to end-user sites: Perform the specific tasks required
to deploy a new PINpad on-site, including configuring the PINpad,
downloading application software, and testing the PINpad prior to deployment.
• PINpad administrators or site managers: Change passwords, perform
routine tests and PINpad maintenance, and configure PINpads for remote
diagnostics and downloads.
To perform the subset of tasks that corresponds to a job, select the appropriate
System mode menu(s) and execute the corresponding procedure(s).

S YSTEM M ODE
Local and Remote Operations
Local and The System mode operations available on a PINpad can be divided into the
Remote following two categories or types:
Operations • Local operations: Addresses a stand-alone unit and do not require
communication or data transfers between the unit and another terminal or
computer. Perform local System mode operations to configure, test, and
display information about the PINpad.
• Remote operations: Requires communication between the unit and a host
computer (or another terminal) over a cable connection. Perform remote
System mode operations to download application software to the PINpad,
upload software from one PINpad to another, or download from another
download host.
This chapter contains descriptions on how to perform local System mode
operations. For information on performing remote operations, such as downloads,
refer to Performing Downloads for more information.
Verifying The device you are using may or may not have an application program running on
PINpad Status it. After you have set up the device (refer to P400/P400 Plus Installation Guide,
VPN - DOC435-003-EN or P200/P200 Plus Installation Guide, VPN -
DOC430-003-EN) and the unit is turned on, use the following guidelines to verify
PINpad status regarding software and current operating mode:
• If no application program is loaded into the PINpad’s memory, the unit enters
the System Mode screen.
• If an application program is loaded into PINpad’s flash, an application-specific
prompt appears. The application runs and the unit is in normal mode.

S YSTEM M ODE
Entering System Mode
Entering System With an application loaded, use the following procedure to enter System Mode.
Mode
NOTE Before entering System Mode and selecting the function(s) to perform, verify that
the unit has been installed as described in P400/P400 Plus Installation Guide,
VPN - DOC435-003-EN or P200/P200 Plus Installation Guide, VPN -
DOC430-003-EN. Make sure that the unit is connected to a power source and is
turned on.
Accessing System To enter System Mode:

Mode
1 Press the '1', '5', '9' keys at the same time.
2 Select preferred login.
Users (Prod)
supervisor
level1
level2
maintenance
Figure 5 System Mode Login Screen

• Supervisor: Full capability
• Level 1: User defined capability
• Level 2: User defined capability
• Maintenance: Intended for Verifone repair, allows minimal access
NOTE A special menu can be accessed by pressing the Cancel key — Reboot, Run
Apps, Transfer Logs, and System Info can be accessed without logging in or
entering any password.
3 Once the login has been selected, enter the password. If the password is pre-
expired or is pending change the user must enter the current password and
then a new password (pre-defined in the case of a pending password change).
The new password must be entered twice for validation. The default System
Mode password is:166831.

S YSTEM M ODE
Exiting System Mode
4 If the password is entered correctly, the System Mode idle screen displays. If
the password is not entered correctly, the error “password was entered
incorrectly” displays and the login screen will be displayed again.
Main (Prod)
Information
Administration
Update
Security
Diagnostics
Manufacturing
Exit
Run Applications
Figure 6 System Mode
Exiting System After successful completion, some operations automatically exit System mode
Mode and restart the device. Other operations require that you manually exit System
mode and restart the device by tapping or selecting Log Out or Reboot from the
Exit submenu.
Passwords Handle passwords as you would PC passwords.
CAUTION Without the password, you are unable to access System mode operations and
may be prevented from requesting a download, performing remote diagnostics,
or changing any of the information already stored in memory. The unit can,
however, continue to process transactions in normal mode.
If you change a password but forgot it later on, the user may opt to expire the
user passwords. Expiring user passwords clears out ALL user passwords at the
same time. Consider advising all users before proceeding with this option.
To expire user passwords, access the System mode Security > Password
manager option or contact your local Verifone representative for assistance.
NOTE
Passwords must be in numeric characters only and must be at least seven digits
and less than 10 digits in length.
System Password To prevent unauthorized use of the System mode menus, the unit OS requires a
system password each time you enter System mode.

S YSTEM M ODE
System Mode Menus
When you key in the system password to enter System mode, an asterisk (*)
appears for each character you type. These keys prevent your password from
being seen by an unauthorized person.
NOTE Some application program downloads automatically reset the system password.
If your system password no longer works, check if a download has changed your
password.
Default Password From manufacturing, each file group uses the default password “166831” and
entered as follows:
1 6 6 8 3 1, and press ENTER
System Mode Access the submenus by tapping or selecting the onscreen panel option. The
Menus System mode screen and submenus are shown below.
System Mode The procedures in this section explain how to use each of the System mode menu
Procedures options. Each procedure description starts at a main System mode menu. Each
procedure takes you step-by-step through a complete System mode operation in
the following sequence:
1 At the idle System mode screen, select an operation by tapping the
corresponding on-screen menu panel.
2 Complete the operation.
3 Return to the main System mode screen by tapping or pressing the back
button at the upper left hand portion of the screen or use the red cancel or
back keys on your keypad. Scroll through the screen by pressing the onscreen
buttons (up, down, and right) or by using the navigation keys on P200 units.
Procedure Procedure descriptions are arranged in a tabular format. The Display column
Description indicates what appears on the PINpad display screen at each step of the
procedure. Please note the following conventions used in this column:
• If a prompt or message appears on the screen exactly as it is described. For
example:
*TAMPER*
MAINTENANCE REQUIRED - VAT
The Action column provides a procedural description that:

• Describes the current step and context of the procedure.
• Indicates the entries to perform using the keypad in response to a prompt or
message.
• Provides additional explanations or information about the steps of that
particular System mode menu.

S YSTEM M ODE
System Mode Menus
A submenu row indicates a specific menu evoked from a main menu screen. A
description of that screen and procedure immediately follows the submenu row.
The following keys have the same function on all submenus:
• Press the green ENTER key to choose the function and display the submenu
selected. When editing, pressing ENTER will save a newly entered variable.
• Press the yellow BACK key to go back to the previous submenu or menu
option.
• Press the red CANCEL key to exit any submenu without saving changes.
Logging in to To enter System Mode after you have turned on the device, follow the procedure
System Mode described below.
NOTE On successful completion, some operations automatically exit System mode and
restart the device. Other operations require that you exit System mode and
restart the device. To manually exit System mode, choose Exit from the main
menu and then select Reboot.
Table 4 Main System Mode User Interface

Display Action
At startup, the unit displays the Vault, AppM,
Please wait: booting...
VFSRED, and VFOP information. This
information appears for three seconds, while
the device is starting up.
Note: Information provided in this screen
may vary depending on the terminal
VAULT: 1.x.x.x used.
AppM: 6.x.x.x
VFSRED: 5.x.x.0
VFOP: 1.x.x.45

S YSTEM M ODE
System Mode Menus
Table 4 Main System Mode User Interface

Display Action
The user can choose between the available
logins and enter the system password to
Users (Prod)
login.
supervisor
level1
level2
maintenance
The home screen is displayed after

successful login.
Main (Prod)
Information
Administration
Update
Security
Diagnostics
Manufacturing
Exit
Run Applications

S YSTEM M ODE
System Mode Menus
Submenus The following submenus are available from the home screen. The user may
navigate through the screen using the touch screen function, or by using the up,
down, right or back keys provided at the top portion of the screen. Use the
Navigation Keys when selecting menus and specific options when using P200.
Table 5 System Mode Submenus
Display Action
Home > Information> Basic information
To view device information, select Information from
the main System mode menu and then select the
Basic information panel. Scroll through the screen
Basic information
using the touch screen function or use the up and down
arrow keys provided at the top portion of the screen.
Model P400 Plus
The sample screen display shown on the left contains:
SN 540-002-300
• Basic Information: Displays basic information such
Part Number M435-003-04-WWA-4 as model, serial number, part number, HW Revision,
HW Rev. 006 unit id, SOC Revision, Vault, SRED, Open Protocol,
Application Manager version, SBI, RFS version, etc.
UID 87252089
Critical Values:
SOC Revisions VFI2111
• Build: Base build release date
Vault 2.1.2.3807 • Vault Version: Security vault version
SRED 5.2.03 Note: Information provided in this screen may vary
depending on the terminal used.
Home > Information > Ports

To view device port information, select Information
from the main System mode menu and then select the
Ports Ports panel.
Scroll through the screen using the touch screen
Modem No function or tap the up and down arrow keys provided at
the top portion of the screen.
Ethernet Yes
Note: Information provided in this screen may vary
GPRS No
WIFI Yes
BT Yes
Smart Card Yes
Contactless Yes
Magstripe Yes

S YSTEM M ODE
System Mode Menus
Table 5 System Mode Submenus (continued)

Display Action
Home > Information > Software
To view installed software driver information, select
Information from the main System mode menu and
Software then select the Software panel.
Scroll through the screen using the touch screen
bluetooth-wifi function or use the left and right arrow keys provided at
the top portion of the screen.
Version 1.0.0
User root
Category fs
Date
Option
Home > Information > Memory

To view memory information, select Information from
the main System mode menu and then select the
Memory Memory panel.
The sample screen provided on the left displays the
Flash (MB) 6% total, used, and available SDRAM and NAND flash
Total 114.911
memory.
Used 7.829
Free 107.083
SDRAM (MB) 55%
Total 83.242
Used 46.227
Free 37.016

S YSTEM M ODE
System Mode Menus

Display Action
Home > Information > Logs
To view logs of tamper and installation history, select
Information from the main System mode menu and
Logs then select the Logs panel.
Tamper
Install
Home > Information > Logs > Tamper

Sample Tamper log screen.
Logs
NextGen Vault Tamper Log File

*6 - > SBF:06 ENC_SRC_REG:FFFFFFFF Status:000000 01/01
*2 - > SBF:01 ENC_SRC_REG:00000000 Status:000000 01/01
*1 - > SBF:03 ENC_SRC_REG:00000000 Status:000000 01/01
 

S YSTEM M ODE
System Mode Menus

Display Action
Home > Information > Logs > Install
Sample Installation log screen.
Install
Thu Jan 1 00:00:19 1970: 999-999-999: Secure Install

Thu Jan 1 00:00:19 1970: Adding remaining certs in L
Thu Jan 1 00:00:19 1970: Installed Certificate: /mnt
Thu Jan 1 00:00:21 1970: Installing Bundle File OS.b
Home > Administration

Select the Administration panel from the main System
mode menu to change the following PINpad settings:
Administration
To set terminal date and time, select Date/Time.
Date/Time To set configuration settings for Ethernet, USB Gadget,
Communications Serial, Wi-Fi, iBeacon, USB, or Mini-USB, select
Remove user bundle
Communications.
Display To remove user bundle, select remove user bundle.
Language To adjust display brightness, select Display.
VHQ Tools To set or add extra language, select Language.
Sound Utilities
To set VHQ configuration, select VHQ Tools.
To adjust volume, select Sound Utilities.

S YSTEM M ODE
System Mode Menus

Display Action
Home > Update
To start download or update the device, select Update
Update from the main System mode menu, and then select the
Update panel. The following options will be available:
NFS
To transfer files via NFS, select NFS.
USB Memory
To transfer file via the USB memory device, select USB
SD Card
Memory.
Serial
To transfer file via the SD memory device, select SD
Netloader Card.
To start download via the Serial port, select Serial. The
user has the option to select the port and baud rate.
Selecting AUTO baud allows the serial port to cycle
through the available baud rates until communication is
established.
Netloader is Verifone's proprietary network based
download protocol. To start download/transfer file and
command set over IP from the PC client software,
select Netloader.

S YSTEM M ODE
System Mode Menus

Display Action
Home > Security
From the main System mode menu, select Security to
perform the following functions.
Security To allow user to dump keys to a storage device, select
Dump Keys.
Dump Keys
To enable key loading state, select Key loading. After
Key loading
presenting both keyload1 and keyload2 passwords,
Tamper status
enable the key loading state that allows data to pass
Key status from a serial port to the security module for bank/ADE
Password Manager and VRK keys.
Verishield tree To allow user to view the security tamper status, select
Tamper status. This option displays the current and
logged status.
To view the key status for Master Session, DUKPT,
User, VRK, VSS, Feature Licenses, and ADE, select
Key Status.
To allow user to expire, change, and manage
passwords, select Password Manager. This option
provides option to:
Expire:
• Users passwords
• Keyload passwords
Change password for users:
• SUPERVISOR - Set SUPERVISOR
password for Sysmode.
• Level 1 - Set Level 1 password. Subset of
SUPERVISOR.
• Level 2 - Set Level 2 password. Subset of
Level 1.
• Maintenance - Set password for
maintenance. For repair use only.
To view the serial numbers and IDs in the VeriShield
Certificate list, select Verishield tree. Tap or press the
back button to return to the Security submenu.

S YSTEM M ODE
System Mode Menus

Display Action
Home > Diagnostics
Diagnostics option allows user to perform diagnostic
procedure on the PINpad display, keyboard, card
Diagnostics readers, touch panel, buzzer, LED light, and PINpad
connectivity.
Display
To perform a diagnostic procedure on the PINpad
Keyboard display, select Display.
Card
When the diagnostic image is shown on the
Communications
screen, note the image colors and consistency. The
Touch Panel image should appear solid and show no motion.
Buzzer Press enter to go to the next diagnostic step.
LED To test keypad response, select Keyboard. Press each
key and the keypress will be displayed on the screen.
To Test the MSR, SCR, CTLS Reader, select Card.
• Magnetic Stripe Reader - Swipe a magnetic-
stripe card to determine if all three tracks can
read the card. All tracks should display GOOD to
pass the test.
• Smart Card Reader - Determines the state of the
smart card reader. If a card is present when the
test is run, the first few bytes of the ATR is
displayed. For manufacturing test purposes only.
• Contactless Reader - The card details are read
by placing the card over the display. On a good
read when the card is removed TEST SUCCESS
is reported.
To perform test for the available connections, select
Communications.
• Ethernet - Sends a ping to the network gateway
over Ethernet. Also allows a unique IP address
to be pinged.
• Serial - Performs a loopback test to determine
the state of the Serial hardware.
• USB - Determines the state of the USB
hardware. For manufacturing test purposes
only. Tests USB devices and performs a ping
test through ethernet over USB.
• Wi-Fi - Performs a ping test.
• iBeacon - Allows user to start and stop
broadcast, also provides status information.
To test touch panel coordinates and signature, select
Touch Panel.
• Touch Panel Coordinates- Displays X, Y
coordinates when touch screen is touched.
• Signature - Write signature to display on screen.

S YSTEM M ODE
System Mode Menus

Display Action
To perform a diagnostic procedure on the buzzer, select
Buzzer.
To perform a diagnostic procedure on the keypad LED
lights, select LED.
Home > Manufacturing

To load MIB, select Manufacturing panel.
Manufacturing
Load MIB
Home > Exit

To reboot the device or log off current user profile from
System mode, select Exit.
Exit
Reboot
Logout

S YSTEM M ODE
System Mode Menus

Display Action
Home > Run Applications
To run installed applications without logging off current
user profile from System mode, select Run
Run Applications Applications.
A sample screen display is provided here.
Failed to start app
OK

CHAPTER 4
File Authentication
This chapter discusses the following VeriShield Retain file authentication security
architecture, VeriShield Retain file authentication module, and the organizational
infrastructure that supports it.
This chapter also explains how the file authentication process may affect the tasks
normally performed by application programmers, deployers, site administrators, or
entities authorized to download files to a PINpad.
Lastly, this chapter explains how to generate the signature files required to
perform downloads and authenticate files on the unit using the file signing utility
(see VeriShield File Signing Tool (FST)).
In Performing Downloads, the topic of file authentication is also discussed in the
context of specific file download procedures.
Introduction to The unit has a security architecture, called VeriShield, which has both physical
File and logical components. The logical security component of the VeriShield
Authentication architecture, which is part of the unit’s operating system software, is called file
authentication (FA).
FA is a secured process for authenticating files using digital signatures,
cryptographic keys, and digital certificates. This process makes it possible for the
sponsor of a device to logically secure access to the device by controlling who is
authorized to download application files to that device. It verifies the file’s origin,
sender’s identity, and integrity of the file’s information.
The Verifone To manage the tools and processes related to FA, Verifone has established a
Certificate Authority centralized Verifone Certificate Authority, or Verifone CA. This agency is
responsible for managing keys and certificates. The Verifone CA uses an
integrated set of software tools to generate and distribute digital certificates and
private cryptographic keys to customers who purchase PINpads.

F ILE A UTHENTICATION
Introduction to File Authentication
Special Files Used The following specially formatted files support the FA process:
in the File
• A digital certificate (*crt file) is a digital public document used to verify the
Authentication
signature of a file.
Process
• A digital signature (*.p7s file) is a piece of information based on both the file
and the signer’s private cryptographic key. The file sender digitally signs the
file using a private key. The file receiver uses a digital certificate to verify the
sender’s digital signature.
• Signer private keys are securely conveyed to clients on smart cards. On
P200 and P400, private keys are not kept in files. The secret passwords
required by clients to generate signature files, using signer private keys, are
sent as PINs over a separate channel such as registered mail or encrypted e-
mail.
Digital certificates and signature files, do not need to be kept secure to safeguard
the overall security of VeriShield Retain.
The special file types that support the file authentication process are recognized
by their filename extensions.
Table 6 VeriShield File Signing Tool Filename Extensions
File Type Extension
Signature *.p7s
Digital certificate *.crt
All digital certificates are generated and managed by the Verifone CA, and are
distributed on request to PINpad clients—either internally within Verifone or
externally to sponsors.
All certificates issued by the Verifone CA for the PINpad platform, and for any
Verifone platform with the VeriShield Retain security architecture, are
hierarchically related. That is, a lower-level certificate can only be authenticated
under the authority of a higher-level certificate.
The security of the highest-level certificate, called the platform root certificate, is
tightly controlled by Verifone.
The required cryptographically related private keys that support the file
authentication process are also generated and distributed by the Verifone CA.
Certificates Contain Keys That Authenticate Signature Files

• Sponsor certificate: Certifies a client’s sponsorship of the PINpad. It does not,
however, convey the right to sign and authenticate files. To add flexibility to the
business relationships that are logically secured under the file authentication
process, a second type of certificate is usually required to sign files.
A sponsor certificate is authenticated under a higher-level system certificate,

called the application partition certificate.

NOTE
Only one sponsor certificate is permitted per PINpad.
• Signer certificate: Certifies the right to sign and authenticate files for PINpads
belonging to the sponsor.
A signer certificate is authenticated under the authority of a higher-level client

certificate (the sponsor certificate).
The required sponsor and signer certificates must either have been previously
downloaded and authenticated on the PINpad, or they must be downloaded
together with the new signature and target files to authenticate correctly.
Signer Private Keys Are Issued to Secure the File Signing Process
Signer private keys are loaded onto a smart card. This smart card is securely
delivered to the business entity that the PINpad sponsor has authorized to sign,
download, and authenticate applications to run on the sponsor’s PINpad.
The Verifone CA can also issue additional sets of sponsor and signer certificates,
signer private keys to support multiple sponsors, and multiple signers for a
specific platform.
To establish the logical security of applications to download to a PINpad, the
designated signer uses the signer private key issued by the Verifone CA as this is
a required input to the VeriShield File Signing Tool. Every signature file contains
information about the signer private key used to sign it.
When a signature file is generated using a signer private key. Successful
authentication depends on whether the signer private key used to sign the target
file matches the signer certificate stored in the PINpad’s certificate tree.
How File File authentication consists of three basic processes:

Authentication
1 Certificate Request: An optimal certificate structure is determined, and the
Works
necessary certificates and keys are created.
2 Development: The file signing software tool creates a signature file for each
application file to authenticate.
3 Deployment: The development and pre-deployment processes, once
complete, are used in combination to prepare a PINpad for deployment.

Certificate Request Process

In this process:
1 A sponsor connects to the Verifone CA Web site and requests certificates for
deployment PINpads.
2 Based on information provided by the sponsor through the Verifone CA Web
site, the Verifone CA determines the required certificate structure.
3 Verifone CA generates the following items for the sponsor:
a Smart card containing a set of certificates and private key.
b Smart card PIN.
4 Verifone CA sends the smart card and smart card PIN to the sponsor.
5 The sponsor uses the smart card and smart card PIN as inputs for the
deployment process.
This process is presented below:
REQUESTS
CERTIFICATES FOR VERIFONE CA
DEPLOYMENT DETERMINES
PINpad FROM VERIFONE CA REQUIRED
SPONSOR
VERIFONE CA WEB WEB SITE CERTIFICATE
SITE. STRUCTURE.
VERIFONE CA
GENERATES A SET
OF CERTIFICATES
FOR THE SPONSOR.
SIGNER SMART CARD
SIGNER SPONSOR SIGNER

CERTIFICATE CERTIFICATE PRIVATE KEY DEPLOYMENT
SPONSOR
PROCESS
SMART
CARD
PIN
Figure 7 Certificate Request Process

Development Process
The Development Process is the same as the Deployment Process except
different cards are ordered and used. Proceed to the Deployment section.
Deployment Process
In this process:
1 The sponsor provides the application file (from the development process) and
the smart card and smart card PIN (from the certificate request process) as
inputs to VeriShield.
2 VeriShield unlocks the smart card with the provided PIN, sends the file to be
signed to the smart cart that will compute the signature with the resident
private key. VeriShield extracts the signature, signer certificate, and sponsor
certificate from the smart card.
3 VeriShield uses the extracted data, along with the application file, to create a
signature file (*.p7s).
4 VeriShield creates files suitable for downloading from the smart card data.
5 The signature file, the application file, and the extracted signer and sponsor
certificates are downloaded into a deployment PINpad, where the following
actions occur:
a When an attempt is made to install an application executable or data file, a
matching signature and certificate must be present.
b The operating system compares the application file's signature against the
values stored in the application file's calculated signature.
6 Each successfully authenticated application file is installed on the PINpad
(otherwise, the application file is deleted on failed authentication and an error
message is displayed.)

Planning for File Authentication
The development and/or deployment process is illustrated in the flowchart below.
DEVELOPMENT PRE-DEPLOYMENT
PROCESS PROCESS
SIGNER SMART CARD
SMART
CARD
PIN
FULLY DEBUGGED
APPLICATION FILE SIGNER SPONSOR SIGNER
CERTIFICATE CERTIFICATE PRIVATE KEY
VERISHIELD
FILE SIGNING
TOOL
SIGNATURE FILE SIGNER SPONSOR

(*.*.P7S) CERTIFICATE CERTIFICATE
1) DEVELOPMENT OS SEARCHES FOR A *.*.P7S FILE.

2) IF A *.*.P7S FILE IS FOUND, OS THEN SEARCHES FOR
A MATCHING APPLICATION FILE.
3) IF A MATCHING APPLICATION FILE IS FOUND, OS
COMPARES *.*.P7S FILE'S SIGNATURE AGAINST
VALUES IN THE APPLICATION FILE'S CALCULATED
SIGNATURE.
4) IF THE VALUES MATCH, THE TWO FILES ARE
AUTHENTICATED, AND THE ATTR_NOT_AUTH BIT
IS SET TO 0.
Figure 8 The Development / Deployment Process
Planning for File File authentication is an integral part of every PINpad. To safeguard the PINpad’s
Authentication logical security, FA requires that any downloaded application file must be
successfully authenticated before the operating system installs on the unit.
Download and The PINpad’s Secure Installer plays a critical role on system and application
Installation startup as well as authenticating and installing all components; application,
system and OS.

The PINpad supports the following download mechanisms:
Download Mechanism Description

Serial Direct Supported over all serial ports (COM1/
COM2/COM3 and USB Serial Gadget
USB/SD Supported over USB memory devices and
micro SD memory
Netloader Verifone proprietary TCP-IP file transfer
NFS Network File System
All content, regardless of download mechanism, is downloaded to /mnt/flash/

install/dl. Content is not usable until it is actually installed by the Secure
Installer. The Secure Installer authenticates all downloaded content and then
installs it. At this point the content becomes usable. For example, the Secure
Installer installs authenticated downloaded application content to the application
user's home directory.
How Signature Files Signature files are downloaded together with their target application files in the
Authenticate Target same data transfer operation. When an attempt is made to install an application
Files executable or data file, a matching signature and certificate must be present. The
operating system compares the application file's signature against the values
stored in the application file's calculated signature.
Determine All downloaded files must have an associated signature as part of the download
Successful otherwise the installation fails. To ensure a target file successfully authenticated
Authentication after a download, confirm that all downloaded files are installed. If an application
file is not successfully authenticated, the operating system does not allow it to
install and run, either following the initial download or on subsequent PINpad
restarts.
Digital Certificates The file authentication module always processes certificates before it processes
and the File signature files. Digital certificates (*.crt files) generated by the Verifone CA
Authentication have two important functions in the file authentication process:
Process
• They define the rules for file location and usage (for example, the valid file
group, replaceable *.crt files, parent *.crt files, whether child
*.crt files can exist, and so on).
• They convey the public cryptographic keys generated for PINpad sponsors
and signers that are the required inputs to the VeriShield File Signing Tool to
verify file signatures.

Hierarchical Relationships Between Certificates

All digital certificates are hierarchically related to one another. Under the rules of
the certificate hierarchy managed by the Verifone CA, a lower-level certificate
must always be authenticated under the authority of a higher-level certificate. This
rule ensures the overall security of VeriShield Retain.
To manage hierarchical relationships between certificates, certificate data is
stored in PINpad memory in a special structure called a certificate tree. New
certificates are authenticated based on data stored in the current certificate tree.
This means that a new certificate can only be authenticated under a higher-level
certificate already resident in the PINpad’s certificate tree. This requirement can
be met in two ways:
• The higher-level certificate may have already been downloaded to the PINpad
in a previous or separate operation.
• The higher-level certificate can be downloaded together with the new
certificate as part of the same data transfer operation.
A higher-level production certificates is downloaded into each PINpad at
manufacture. When you take a new device out of its shipping packaging,
certificate data is already stored in the PINpad’s certificate tree.
Typically, a sponsor requests an additional set of digital certificates from the
Verifone CA to establish sponsor and signer privileges. This additional set of
certificates is then downloaded to the PINpad when the device is being prepared
for deployment. When this procedure is complete, the device is called a
deployment device.
Adding New Certificates

When you add a new certificate file to a PINpad, the system detects it by filename
extension (*.crt). The device then attempts to authenticate the certificate under
the authority of the resident higher-level certificate stored in the PINpad’s
certificate tree or one being downloaded with the new certificate.
In a batch download containing multiple certificates, each lower-level certificate
must be authenticated under an already-authenticated, higher-level certificate.
Whether or not the data a new certificate contains is added to the PINpad’s
certificate tree depends on its successfully authentication. The following points
explain how certificates are processed:
• If a new certificate is successfully authenticated, the information it contains is
automatically stored in the PINpad’s certificate tree. The corresponding
certificate file (*.crt) is not retained.
• If the relationship between the new certificate and an existing higher-level
certificate cannot be verified, the authentication procedure for the new
certificate fails. In this case, the certificate information is not added to the

certificate tree and the failed certificate file (usually ~400 bytes) is not
retained.
Development Devices
A development device is a device that maintains a set of certificates in its
certificate tree. This set of certificates includes a special client certificate called a
development signer certificate.
In the development device, applications must still be signed and authenticated
before they can run on the device. A development device provides additional
application debug capabilities.
Deployment Devices
While the application development process is being completed and while the new
application is being tested on a development device, a sponsor can order specific
sponsor and signer certificates from the Verifone CA to use to logically secure
sponsor and signer privileges when the device is prepared for deployment.
Customer-specific sponsor and signer certificates are usually downloaded to a
device as part of the standard application download procedure performed by a
deployment service. In this operation, the new sponsor and signer certificates
replace the development sponsor certificate that is part of the factory set of
certificates, as shown in Figure 9.
When the sponsor and signer certificates are downloaded and successfully
authenticated, the device is ready for deployment.
Ultimately, it is the sponsor decides on how to implement the logical security
provided by FA on a field-deployed device. Additional certificates can be obtained
from the Verifone CA anytime to implement new sponsor and signer relationships
in deployment devices.

Figure 9 illustrates the certificate trees in development and deployment devices.
DEVELOPMENT TERMINAL
DEVELOPMENT TERMINAL DEPLOYMENT TERMINAL
DEPLOYMENT TERMINAL
ROOT
ROOT ROOT
ROOT
VERIFONE
VERIFONE APPLICATION
APPLICATION VERIFONE
VERIFONE APPLICATION
APPLICATION
PARTITION
PARTITION PARTITION
PARTITION PARTITION
PARTITION PARTITION
PARTITION
DEVELOPMENT
DEVELOPMENT DEPLOYMENT
DEPLOYMENT
SPONSOR
SPONSOR SPONSOR
SPONSOR
OPERATING
OPERATING CERTIFICATE
CERTIFICATE OPERATING
OPERATING CERTIFICATE
CERTIFICATE
SYSTEM
SYSTEM (VALIDATED
(VALIDATED SYSTEM
SYSTEM (VALIDATED
(VALIDATED
BY
BY THE
THE BY
BY THE
THE
APPLICATION
APPLICATION APPLICATION
APPLICATION
PARTITION
PARTITION PARTITION
PARTITION
CERTIFICATE)
CERTIFICATE) CERTIFICATE)
CERTIFICATE)
DEVELOPMENT
DEVELOPMENT
SIGNER DEPLOYMENT
DEPLOYMENT
SIGNER CERTIFICATE
CERTIFICATE
CERTIFICATE CERTIFICATE
(VALIDATED (VALIDATED
(VALIDATED BY
BY
(VALIDATED BY
BY THE
THE
THE SPONSOR
SPONSOR THE SPONSOR
SPONSOR
CERTIFICATE) CERTIFICATE)
CERTIFICATE)
CERTIFICATE)
Figure 9 Certificate Trees in Development and Deployment Devices
Permanency of the Certificate Tree

The data contained in a digital certificate is stored in the device’s certificate tree
when the certificate is authenticated. The system automatically removes the .crt
file once processed.
Required Inputs to the File Signing Process

The required inputs to the file signing process are:
• Files to be signed.
• VeriShield signer card. It contains the sponsor and signer certificates, and the
signer private key.
• Smart Card PIN to access the private key on the card.

VeriShield File Signing Tool (FST)
VeriShield File The devices are shipped from manufacturer without a development certificate — a
Signing Tool development certificate is not available for download.
(FST) For development, like for deployment, customers must obtain VeriShield signer
cards and use the VeriShield File Signing Tool to sign all executable and other file
to be logically protected.
Development and production signer cards must be generated under distinct
sponsor certificates, so that development cards could be distributed, without any
security concern to personnel non-authorized to sign production software.
Signing Files To sign files:

1 Launch the VeriShield File Signing tool using the “run as administrator” option.
In the Windows Start menu, it is typically located under All Programs >
Verifone > VeriShield > File Signing Tool.
2 Log in. “Dual logon” is required to sign files.
3 Click “Sign File” and follow the wizard.
4 Click “Next” at the Welcome screen.
5 Select “Sign Files with new settings' and click Next at the settings selection
screen.
6 Click “Add” and browse to the file(s) to be signed (DO NOT CHECK the “flash”
box. It is only for Verix terminals ONLY and may cause authentication failure
on P200 or P400 PINpads).
7 Click “Next” once all files to be signed have been added.
8 Select “Secured” and click “Next” at the security level screen (default is not
supported on the P200 or P400 PINpads).
9 Select the name and location to export the signer certificate file (the sponsor
certificate is always exported as SponsorCert.crt in the same location).
10 Click “Sign File” at the “Summary of Settings” screen.
11 Enter first officer PIN.
12 Enter next officer PIN.
13 Click “Close” at the “results” screen.
If the signing was successful, there should be a new signature file (.p7s) for each
of the files that have been signed. Two certificate files (.crt) should have been
created in the specified location.

Packaging Tool
Packaging Tool Application files are downloaded as packages.
Downloading To download a package or packages to the device, the following must be done:
Application Files
1 Generate one or more install packages.
2 Sign the individual install packages with FST.
3 Combine one or more install packages and package signatures into a bundle.
4 The bundle may also contain signer certificates and a remove file (to remove
previous version of the application).
5 Sign the bundle.
6 Combine one or more bundles and bundle signatures into a single download
file.
A file named “control” in the package CONTROL directory contains information
relating to the package. A packaging tool with built-in help information is available
to create packages.

CHAPTER 5
Performing Downloads
This chapter contains information and procedures to allow you to perform the
various types of data transfers required to:
• Develop applications for the PINpad.
• Prepare PINpads for deployment.
• Maintain PINpad installations in the field.
• Transfer data to/from PINpads, terminals (Host), and PC.
In this chapter, information pertaining to file authentication is only discussed in the
context of procedures while performing file downloads. See File Authentication for
more information.
The PINpad contains ports that allow connection to a network or other terminals
(for back-to-back downloads). See Download Methods and Procedures.
Downloads and The PINpad can perform a download via the following connectivity options:
Uploads • Using NFS
• Using the ZonTalk Protocol via Serial connection
• Using the Netloader
• Using a local USB memory device / SD device
Refer to sample screen display in Table 5 (Home>Update) for more information.
Serial download can also be done without using an onboard application, please
refer to Downloading without an Onboard Application for more information.
Downloads require moving the application and/or application data files from a
remote computer to the PINpad. In the device application development,
application files are downloaded from a development PC directly to the PINpad. In
the field, application files must be transferred from the device’s controlling device
(ECR, LAN controller, and so on) to the PINpad.
The device supports a module called the Secure Installer (SI). The SI is
responsible for authentication and installation of applications and operating
system components. It follows a well defined specification requiring bundles and
packages. The detailed information on creation of download files for the device is
contained in the Programmer's Manual.
Also note that the device SDK includes a tool called the Package Manager to aid
developers and deployment personal create and maintain bundles and packages.

P ERFORMING D OWNLOADS
Download Methods and Procedures
Download The following methods are available for file and data downloads through the
Methods and download and upload procedures.
Procedures
Direct downloads The usual download utility program is Direct Download (DDL) utility. It is normally
available with the device’s Developer’s Toolkit (DTK), and can be obtained
through Verifone. DDL is a subset program of the Verifone VeriTalk download
application. It is designed specifically for a direct (RS-232/USB) download from a
PC to a device. As the DDL utility sends files from the PC, the device display
shows the progression of the download. The file name is shown on Line 1 of the
display with nnn showing the number of blocks downloaded. Line 2 indicates the
percent complete of the download where each asterisk represents 10%.
DDL Command Line The format of the DDL program is:

Syntax
DDL [options] file1 [file2 …] [config-data]
Features Description
-b<baud> Specifies the baud rate, for example,

• -b300
• -b1200
• -b2400
• -b4800
• -b9600
• -b19200 (default)
• -b38400
• -b115200
-p<port> Specifies the PC serial port:

• 1 (COM1). The default is -p1 (COM1)
• 2 (COM2)
-i<filename> Specifies the name of a binary file to include in the

download, for example: -IBINARY.DAT.
-c<delta time> Sets the date and time on the PINpad to the host PCs date
and time. Also, specifies a delta value to add or subtract
from the hour, for example, -c+1 specifies the PC’s time plus
one hour.
Note: The maximum hour value that can be set is ± 23
hours.
-X<password> Sets the PINpad’s password.
-F<filename> Processes the contents of the specified file as command line

data.
file 1 [file2...] Specifies one or more files to download. Files with the .OUT
extension are treated as binary data; all others are assumed
text files.

Features Description
[config-data] Specifies PINpad or application environment variables. If the

specified variable exists, it is replaced by the new value;
otherwise, a new entry is created.
For example, the string *ZR=TERMID sets the value of the
PINpad identifier variable to “TERMID”.
Note: To remove an existing entry, use an empty string.
For example, *ZT= “ “ removes the *ZT variable.
DDL Command Line If you need to specify more variables than what the DOS command line allows,
File you can use a simple configuration file (-F option) to extend the length of the
command line. A command line file is an ASCII text file that allows you to supply
as many variables as required.
DDL Example Download the file app.tgz using the PC’s COM port 2 (app.tgz is a binary file).
DDL -p2 -iapp.tgz
Each line in the command line file should consist of one variable:
-p2 app.tgz
The command line would be:
DDL -F<filename>
Downloading Use the following procedure to perform a download from a host PC to an P200 or
without an Onboard P400 PINpad with no application installed. The PINpad must be powered on to
Application begin the procedure.
1 Make all cable connections.
2 Launch the DDL application on the host PC.
3 Enter System mode using a secure password.
4 Tap Update panel on the main System mode menu.
5 Tap Serial panel tab to perform direct download to the PINpad.
6 Select the COM Port (COM1).
7 Select Baud Rate to start download process.
Asterisks (*) display on screen to indicate the state of the download. Each asterisk
denotes approximately 10% completion. On download completion, the PINpad
returns to the main screen.
Network Download Network Download transfers files from a PC to the PINpad. A network download
Utility client, included with the SDK, must be installed onto a PC. Before the file transfer
can begin, the network settings must be configured and then the transfer starts by
tapping the “Netloader” under Transfer.

File Signing and File signing is required. File signing is performed with the VeriShield File Signing
Signature Files tool. The result of signing a file is a new signature file also called a .P7S file. The
.P7S file must be included as part of the download. The -k option is not used by
the PINpad. Signature files are also supported as input files. These are specified
just like application data files, with a -i option.

APPENDIX A
System Messages
This appendix describes error and information messages, which are grouped into
two categories. For ease of use, these messages are grouped alphabetically in
each of these two categories.
These messages include the following:
• Digital certificate displays and signature file downloaded to the PINpad.
• File authentication module processes.
• File compression module use messages from the VeriCentre DMM terminal
management and download tool.
Error Messages The following error messages may appear when the PINpad is in System Mode.
Use the Navigation keys when selecting menus and specific options when using a
P200 PINpad.
Table 7 Error Messages

Display Action
PASSWORD ERRORS
Password entered is incorrect.
Wait until the login screen is up again and re-enter the
supervisor
password.
Password incorrect.
Please wait...

S YSTEM M ESSAGES
Error Messages

Display Action
This error is displayed when entered password does
not meet the required number of characters or when
supervisor
the entered password exceeded the number of
characters set for the user. Password must be at least
seven characters.
Password entry failed!
OK
This error appears when the user failed to enter his

password within 60 seconds or within the set timeout
supervisor period.
Select OK and enter the user password again.
Password entry timeout
OK

S YSTEM M ESSAGES
Error Messages

Display Action
This error appears when New and Confirm passwords
entered do not match.
supervisor Select OK and re-enter your desired user password.
Password New and Confirm

are not equal!
OK
This error is displayed when the password entered by

user did not meet the password requirements. KLD,
new, or pending passwords must be at least seven
level1
characters.
Select OK and re-enter password.
KLD, new or pending passwords

must be at least 7
characters.
OK

S YSTEM M ESSAGES
Error Messages

Display Action
DOWNLOADING ERRORS
This error message is displayed when System Mode is
unable to detect the USB Memory or SD card.
USB Memory Select OK to close the error message. Connect the
USB Memory or SD card and try the download/update
option again.
No memory devices found!
OK
This message is displayed once Netloader is selected

and System mode is unable to detect connection to the
Netloader server.
Select OK to close the error message, check cable
and network connection, then try selecting Netloader
again.
Unable to bring up network.
Check cable connection
or DHCP server
OK

S YSTEM M ESSAGES
Error Messages
SECURITY ERRORS
Key Loading Bank or ADE or VRK error is displayed
when key loading password has expired.
Bank or ADE
Select OK to close the error message and enter new
password.
Password expired. Enter new

password!
OK Cancel
Key Dump error is displayed when there is no external

storage found.
Dump Keys
Select OK to close the error message and ensure that
the external storage is connected to the terminal.
ERROR: No External Storage Found.
OK

S YSTEM M ESSAGES
Information Messages
Information The following information messages may appear when the PINpad is in System
Messages Mode.
Table 8 Information Messages
Display Action
KEYPAD DIAGNOSTICS INFORMATION
This screen displays the number of times a key is
pressed during a keyboard diagnostics session.
1 2 3
(0) (0) (0)
4 5 6
(0) (0) (0)
7 8 9
(0) (0) (0)
* 0 #
(0) (0) (0)
X <- O
(0) (0) (0)
SMART CARD DIAGNOSTICS INFORMATION

This screen displays the status of the Smart Card
Reader (with no cards inserted).

S YSTEM M ESSAGES
Table 8 Information Messages (continued)

Display Action
MAGNETIC CARD DIAGNOSTICS INFORMATION
A successful test increments the current value in
GOOD for each track that reads valid data.
For more information about magnetic card error
messages, refer to the VOS Operating System
Programmers Manual -VPN DOC00501.
Contactless DIAGNOSTICS INFORMATION

Sample screen display for contactless card.
==========================<X> to QUIT
Polling... ok
Type:XXXXXXXX-X
Send APDU... ---------------------50/50
Remove card... ok
=== TEST SUCCESS ===
<X> to QUIT or <Enter> to Restart

S YSTEM M ESSAGES

APPENDIX B
Port Pinouts
The tables in this appendix list pinouts for the P200 and P400 PINpad, dongles,
and cable connectors.
Multi I/O
Connection Port
Connector Pin Function Description

Connector P461
1 EXTGND Cable Shield Ground
2 ETH_TXP Ethernet Transmit data +
3 ETH_TXN Ethernet Transmit data -
5 ETH_RXP Ethernet Receive data +
6 ETH_RXN Ethernet Receive data -
13 7 SGND Signal Ground
14
8 N.C. No connection
1 9 N.C. No connection
61
ctor P4 10 SGND Signal Ground
2 Conne
13 11 RXD_HOST RS-232 Receive data
14
12 TXD_HOST RS-232 Transmit data
1 13 CTS_HOST RS-232 Clear to Send
ctor P460
Conne 14 RTS_HOST RS-232 REquest to Send
2
Connector P460
2 USB_DEVICE- USB Device Signal -
3 USB_DEVICE+ USB Device Signal +
4 SGND Signal ground
5 RXD_HOST RS-232 Receive data
7 SGND Signal Ground
8 USB_HOST- USB Host -
9 USB_HOST+ USB Host +
11 EXTPWR External Power

P ORT P INOUTS
Multi I/O Connector Cable

14 +5V USB Reserved (USB ID)
Multi I/O
Connector Cable
Connector P461
2 ETH_TXP Ethernet Transmit data +
3 ETH_TXN Ethernet Transmit data -
Connector P461
1 2 1 2
5 ETH_RXP Ethernet Receive data +
6 ETH_RXN Ethernet Receive data -
7 EXTGND Signal Ground
13 14 13 14
Connector P460
13 CTS_HOST RS-232 Clear to Send
14 RTS_HOST RS-232 REquest to Send
Connector P460
2 USB_DEVICE- USB Device Signal -
3 USB_DEVICE+ USB Device Signal +
4 SGND Signal ground
8 USB_HOST- USB Host -
9 USB_HOST+ USB Host +
14 +5V USB Reserved (USB ID)

P ORT P INOUTS
RS-232 Port (USB-Serial Dongle)
RS-232 Port Connector Pin Function Description

(USB-Serial 1 Power External power from cable
Dongle)
2 NC No connection
3 NC No connection
4 GND Power ground
5 /RXD Receive data
6 /TXD Transmit data
7 CTS Clear to send
8 RTS Request to send
Ethernet Port Connector PIN Function Description

(USB-Serial 1 TXD+ Transmit data +
Dongle)
2 TXD- Transmit data -
3 RXD+ Receive data +
4 NC No connection
5 NC No connection
6 RXD- Receive data -
7 NC No connection
8 NC No connection
USB Pinout Connector PIN Function Description

(Mini Port on 1 NC No connection
USB-Serial
2 USB_DN1 USB Device Signal -
Dongle) 4
1 2 3 5 3 USB_DP1 USB Device Signal +
4 NC No connection
5 GND USB Ground
DC Input Jack
Polarity for
435-044-01-A
Cable
USB Pinout Connector PIN Function Description

(USB-Serial 1 +5 V 5 V USB Power
Dongle)
2 USB_DN0 USB Host Signal -
1 2 3 4 5 3 USB_DP0 USB Host Signal +
4 GND USB ID pin/Ground
Receptacle
1 2 3 4 5
Plug

P ORT P INOUTS
USB Pinout (USB-Serial Dongle)

APPENDIX C
ASCII Table
The ASCII Table An ASCII table for the P200/P400 display is presented in Table 9.
Table 9 P200/P400 Display ASCII Table

Dec Hex ASCII Dec Hex ASCII Dec Hex ASCII Dec Hex ASCII
0 00 NUL 32 20 SP 64 40 @ 96 60 '
1 01 SOH 33 21 ! 65 41 A 97 61 a
2 02 STX 34 22 " 66 42 B 98 62 b
3 03 ETX 35 23 # 67 43 C 99 63 c
4 04 EOT 36 24 $ 68 44 D 100 64 d
5 05 ENQ 37 25 % 69 45 E 101 65 e
6 06 ACK 38 26 & 70 46 F 102 66 f
7 07 BEL 39 27 ' 71 47 G 103 67 g
8 08 BS 40 28 ( 72 48 H 104 68 h
9 09 HT 41 29 ) 73 49 I 105 69 i
10 0A LF 42 2A * 74 4A J 106 6A j
11 0B VT 43 2B + 75 4B K 107 6B k
12 0C FF 44 2C , 76 4C L 108 6C l
13 0D CR 45 2D - 77 4D M 109 6D m
14 0E SO 46 2E . 78 4E N 110 6E n
15 0F SI 47 2F / 79 4F O 111 6F o
16 10 DLE 48 30 0 80 50 P 112 70 p
17 11 DC1 49 31 1 81 51 Q 113 71 q
18 12 DC2 50 32 2 82 52 R 114 72 r
19 13 DC3 51 33 3 83 53 S 115 73 s
20 14 DC4 52 34 4 84 54 T 116 74 t
21 15 NAK 53 35 5 85 55 U 117 75 u
22 16 SYN 54 36 6 86 56 V 118 76 v
23 17 ETB 55 37 7 87 57 W 119 77 w
24 18 CAN 56 38 8 88 58 X 120 78 x
25 19 EM 57 39 9 89 59 Y 121 79 y
26 1A SUB 58 3A : 90 5A Z 122 7A z
27 1B ESC 59 3B ; 91 5B [ 123 7B {
28 1C FS 60 3C < 92 5C \ 124 7C |
29 1D GS 61 3D = 93 5D ] 125 7D }
30 1E RS 62 3E > 94 5E ^ 126 7E ~
31 1F US 63 3F ? 95 5F _ 127 7F DEL

ASCII TABLE
The ASCII Table

GLOSSARY
ASCII Abbreviation for American Standard Code for used in simple calculators. The 16-key core keypad
Information Interchange. A 7-bit code (with no parity of the terminal is used to enter data and perform
bit) that provides a total of 128 bit patterns. ASCII operations.
codes are widely used for information interchange in
data processing and communication systems. Manual transaction A transaction involving the
manual entry of account information from the
Baud The number of times per second that a terminal keypad instead of automatic entry of the
system, especially a data transmission channel, information from a reading terminal, such as a
changes state. The state of a system may represent magnetic stripe card reader.
a bit, digit, or symbol. For a POS terminal, the baud
rate indicates the number of bits per second that are POS terminal A terminal used at the point of sale,
transmitted or received by the terminal’s serial ports. which is usually at a merchant site where a customer
pays for goods or services received. Information
Boot loader Also called a bootloader or bootstrap concerning the sale can be entered into the terminal
loader. A short program, stored in non-volatile and transmitted to a remote host computer for
memory, that allows the terminal to continue verification and processing.
operating during an operating system download
procedure, until the new operating system is RS-232 Also RS-232C. A widely used standard
downloaded into terminal memory. interface that covers the electrical connection
between data communication equipment. The RS-
Calendar/clock chip A real-time clock inside the 232 interface standard was developed by the EIA
terminal which keeps track of the current date and (Electronic Industries Association) and is essentially
time. equivalent to the CCITT’s V.24 interface.
Card reader Also called magnetic stripe card Serial port A connection point through which
reader. The slot on the right side of the terminal that digital information is transferred one digital bit at a
automatically reads data stored in the magnetic time. Same as serial interface. The terminal has one
stripe on the back of a specially-encoded card when serial port, available at the multiport connector. The
you swipe the card through the slot. main serial port on a download computer is usually
assigned the terminal ID, COM1.
Certificate Also called a digital certificate. A digital
document or file that attests to the binding of a public Swipe The action of sliding a magnetic stripe card
key to an individual or entity, and that allows through a terminal card reader. The card reader has
verification that a specific public key does in fact a bi-directional swipe direction. The user must hold
belong to a specific individual. the card so that the magnetic stripe is faces in and
towards the keyboard.
File authentication A process through which one
proves and verifies the origin of a file, the identity of Track 1, 2, or 3 data Information stored on tracks
the sender, and the integrity of the information it 1, 2, or 3 of a debit or credit card magnetic stripe,
contains. which can be read by a magnetic card reader
terminal, such as the one that is integrated in the
Firmware System software, including the operating terminal.
system, boot loader, default display font, and system
messages, stored in terminal memory. Variable A string of characters that denotes some
value stored within the computer and that can be
Keypad A small keyboard or section of a keyboard changed during execution. A variable may be
containing a smaller number of keys, generally those internal to a program, in which case it is held in

G LOSSARY
memory, or external if the program must perform an

input operation to read its value.
Volatile memory A type of memory where the

contents are destroyed if the power supply to the
memory is interrupted. In the terminal applications
run from volatile memory, mDRAM. Compare with
POS terminal.

INDEX
A using the signer private key 37

Authentication process File signing tool 45
Deployment 37 Function keys
Pre-deployment 37 CANCEL 17
C Navigation Key 18
Capacitive Type 12 function keys
D CLEAR 18
data entry modes ENTER 18
normal mode 17 using terminal keys 15
system mode 17 L
default password 23 Local operations 20
Differences between P200 and P400 PINpad 12 P
Digital certificates 41 password 23
Download Methods and Procedures 48 passwords 21, 22, 23
Downloads and Uploads 47 port pinouts 59
E procedures
entering system mode 21 system mode 23
F R
file authentication Remote operations 20
certificate request 37 S
definition of file authentication 35 system mode 19
deployment process 37 entering 21
development process 37, 39 local and remote operations 20
digital signature 36 procedures 23
planning for successful file authentication 40 System password 23
file authentication certificates T
adding new certificate 42 terminal
application partition certificate 36 data entry modes 17
certificate tree 42 features and benefits 11
default sponsor certificate 43 password 21, 22
digital certificate 36 using terminal keys 15
downloading sponsor and signer certificates 43 verify status 20
hierarchical relationships 36, 42 V
how they are authenticated 42 Verifone PKI
main functions 41 how certificates ensure logical security 42
platform root certificate 36 Verifone certificate authority 35
signer certificate 37
sponsor certificate 36
file authentication keys
how private cryptographic keys are conveyed to
customers 36
private cryptographic key 36
public cryptographic key 41
relationship to signature files 36
file signing
required inputs to the file signing process 44
P200/P400 REFERENCE MANUAL 67

Verifone, Inc.
1-800-VERIFONE
www.verifone.com
P200/P400
Reference Guide

Verifone P200-P400

Uploaded by

Copyright:

Available Formats

Verifone P200-P400

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Verifone P200-P400

Uploaded by

Copyright:

Available Formats

P200/P400

Verifone Part Number DOC435-004-EN-B, Revision B

Verifone, and the Verifone logo are registered trademarks of Verifone.

Download and Installation. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 40

4 P200/P400 REFERENCE GUIDE

Organization This guide is organized as follows:

Chapter 3, System Mode. Describes password-controlled,

Chapter 4, File Authentication. Describes the file authentication module of the

Chapter 5, Performing Downloads. Documents procedures for downloading

P200/P400 REFERENCE GUIDE 5

• Engage Standard Privacy Shield Quick Installation Guide,

The caution symbol indicates The terminal is not waterproof or

The lightning symbol is used as a Due to risk of shock do not use

6 P200/P400 REFERENCE GUIDE

DUN Dial-Up Network

ECR Electronic Cash Registers

EMV Europay MasterCard and VISA

HSPA High Speed Packet Access

LCD Liquid Crystal Display

LED Light Emitting Diode

MIB Management Information Block

MRA Merchandise Return Authorization

MSAM Micromodule-Size Security Access Module

NFS Network File System

PAN Personal Area Network

PED PIN Entry Device

PCI Payment and Card Industry

PIN Personal Identification Number

RJ45 Registered Jack 45

RS-232 Recommended Standard 232

R-UIM Removable User Identity Module

SAM Security Access Module

SIM Subscriber Identity Module

TFT Thin Film Transistor

UART Universal Asynchronous Transmitter/Receiver

UMTS Universal Mobile Telecommunications System

USB Universal Serial Bus

VPN Verifone Part Number

Wi-Fi Wireless Fidelity

WPA2 Wireless Protected Access 2

P200/P400 REFERENCE GUIDE 7

8 P200/P400 REFERENCE GUIDE

P200/P400 REFERENCE GUIDE 9

Figure 1 P400/P400 Plus PINpad

Figure 2 P200/P200 Plus PINpad

10 P200/P400 REFERENCE GUIDE

See Power Supply section in P400/P400 Plus Installation Guide, VPN -

P200/P400 REFERENCE GUIDE 11

Security • PCI 4.0 compliance

Contactless • Advanced contactless architecture that future-proofs investment with a single

Table 3 Features Comparison

12 P200/P400 REFERENCE GUIDE

Table 3 Features Comparison

P200/P400 REFERENCE GUIDE 13

14 P200/P400 REFERENCE GUIDE

Using the PINpad Keys

Figure 3 Front Panel Key Arrangement on P400/P400 Plus

P200/P400 REFERENCE GUIDE 15

16 P200/P400 REFERENCE GUIDE

1) DEVELOPMENT OS SEARCHES FOR A ..P7S FILE.