VeriFone MX 900 Series Secure Payment Terminal
INTRODUCTION
Acronyms
The following table describes the common acronyms used:
| Convention | Meaning |
| AC | Alternating Current |
| ADA | Americans with Disabilities Act |
| Convention | Meaning |
| ATM | Automated Teller Machine |
| BT | Bluetooth |
| CDMA | Code Division Multiple Access |
| CR | Check Reader |
| CRC | Cyclic Redundancy Check |
| CTLS | Contactless |
| DDL | Direct Download Utility |
| DIN | Document Identification Number |
| DMM | Download Management Module |
| DUKPT | Derived Unique Key Per Transaction |
| DTK | Developer’s Toolkit |
| DVD | Digital Versatile Disc |
| ECR | Electronic Cash Register |
| EDR | Enhanced Data Rate |
| EE | Electrical Engineering |
| EEPROM | Electrically Erasable Programmable Read-Only Memory |
| EMV | Europay MasterCard and VISA |
| FA | File Authentication |
| GID | Group Identification |
| GPIO | General Purpose Input/Output |
| GPRS | General Packet Radio Service |
| GSM | Global System for Mobile Communications |
| HW | Hardware |
| ICC | Integrated Circuit Card |
| IO | Input Output |
| ISM | Industrial, Scientific, and Medical |
| LCD | Liquid Crystal Display |
| LED | Light Emitting Diode |
| MRA | Merchandise Return Authorization |
| MSAM | Micromodule-Size Security Access Module |
| MSR | Magnetic Stripe Reader |
| NAND | Not And (electronic logic gate) |
| Convention | Meaning |
| PCB | Printed Circuit Board |
| PCI | Payment Card Industry |
| PED | PIN Entry Devices |
| PIN | Personal Identification Number |
| PKI | Public Key Infrastructure |
| PLAN | PinStripe Local Area Network |
| PLL | Phase Lock Loop |
| PSP | Payment Service Provider |
| PTID | Permanent Terminal Identification Number |
| RAM | Random Access Memory |
| RGB | Red, Green, and Blue |
| RJ45 | Registered Jack 45 |
| RSSI | Receive Signal Strength Indicator |
| RTC | Real Time Clock |
| SAM | Security Access Module |
| SC | Smart Card |
| SDK | Software Development Kit |
| SoG | System-on-Chip |
| SRAM | Static Random-Access Memory |
| TIFF | Tagged Image File Format |
| USB | Universal Serial Bus |
| UPF | BT SIG Unplug Fest (UPF) Interoperability Testing |
| VPN | VeriFone Part Number |
| WEP | Wired Equivalent Privacy |
| WFA | Wi-Fi Alliance |
| Wi-Fi | Wireless Fidelity |
FEATURES
Overview
The two new MX 900 Series models are the MX 915 and MX 925. The common features between both models are: core hardware design based on the proven MX 900 Series architecture (includes system processor, power management unit, and backup power supervisor), compatibility with existing Berg cable, single MSR head, smart card connector, microSD card slot, contactless antenna and circuitry, audio codec with stereo speaker and headphone output, three SAM card slots, support for 802.11n and Bluetooth wireless, IBM® Tailgate protocol support, and a low power or hibernation mode. The MX 915 features a color 4.3″ display with a capacitive touch panel and keypad for user input. The defining feature of the MX 925 is a color 7″ screen with hardware-accelerated DVD quality video. It uses a capacitive touch panel with signature capture capabilities and a keypad for user input.
Modular Design
The MX 900 Series terminals offer outstanding flexibility due to their modular design. Both units feature a card edge connector on the bottom of the unit facing the rear. I/O modules will connect to this edge connector. All external connections to the units connect through this I/O module. This includes power, USB, Ethernet, serial, and audio. Two of the I/O modules also have support for the existing Berg connector and cabling.
Features and Benefits
The following are the features and benefits of the MX 900 Series terminals:
| Features | Benefit |
| Sophisticated Security | All systems are PCI 3.x compliant. Includes 3DES encryption, Master Key/Session Key and Derived Unique Key Per Transaction (DUKPT) key management; also incorporates VeriShield file authentication and tampering safeguards. |
| Optional upgradable modules | Lets customers economically address today’s needs, while adding capabilities as desired; protects investment. |
| USB (Universal Serial Bus) Device Connector | Allows LAN connections for high-speed data transfer, back-end clearing, and settlement. Supports connections to electronic cash registers (ECRs) and PCs using USB or Ethernet. USB Host functionality supports other USB devices such as USB memory drives. |
| Serial Ports | Provides connectivity for the Berg connector. |
| Security Board | Both units have a microSD slot capable of supporting microSD cards up to 32GB. Both units are capable of supporting up to three SAM cards. |
| 32-bit microprocessor | Streamlines processing, even on complex transactions. |
| Features | Benefit |
| Flash and RAM | Ample memory to support multiple payment and value-added applications simultaneously. |
| High Resolution Display | Supports sophisticated applications with full- motion video. Both units are capable of displaying video with a minimum frame rate of 20 fps. |
| Smart card reader | Accepts chip cards conforming to the latest global standards. |
| Triple-track magnetic card reader | Logically oriented for improved read rates; handles magnetic stripe cards, including drivers’ licenses. |
| Contactless Reader | The contactless antenna is designed to accept a card when presented in either a vertical or horizontal orientation. |
| Touch Screen | Both terminals have a capacitive touch panel. |
| Audio | MX 915 — One internal single speaker. Includes output jacks for external speakers. MX 925 — Two internal speakers. Includes output jacks for external speakers. |
| ADA Compatibility | When a user plugs headphones in to the headphone jack on the left side near the Stylus Holster, the terminal has the ability to assist both visually and hearing impaired individuals per the ADA standards. |
Factory Options
Factory options are available for the MX 900 Series terminals, depending on your needs.
Speakers
Both terminals have built-in speakers for tones and prompts. A line-out port is available to drive externally powered speakers.
Applications
Standard payment applications are available from VeriFone to interface with most ECRs. Applications for the terminals are written using a C-based programming language. These programs can be downloaded directly from an ECR or a development PC using the MX 900 Series terminal System Mode. Terminal System Mode can also be used for diagnostics, changing the password, and debit Key injection. See the System Mode chapter for more information.
Total Cost of Ownership
The MX 900 Series terminals have been designed to be flexible and future-proof, delivering a low total cost of ownership. The modular terminals can be configured at the factory or in the field by a trained technician. The flexibility and versatility of the terminals allow the use of the terminals with different capabilities in different stores or locations. The terminals can be purchased with the modules that meet today’s requirements, and other capabilities can be added as and when needed.
FILE AUTHENTICATION
The VeriFone Certificate Authority
To manage the tools and processes related to FA, VeriFone has established a centralized VeriFone Certificate Authority or VeriFone CA. This agency is responsible for managing keys and certificates. The VeriFone CA uses an integrated set of software tools to generate and distribute digital certificates and private cryptographic keys to customers who purchase the MX 900 Series terminal.
Required Files
The following specially formatted files support the FA process:
- A digital certificate (*.crt file) is a digital, public document used to verify the signature of a file.
- A digital signature (*.p7s file) is a piece of information based on both the file and the signer’s private cryptographic key. The file sender digitally signs the file using a private key. The file receiver uses a digital certificate to verify the sender’s digital signature.
- Signer private keys are securely conveyed to clients on smart cards. On MX 900, private keys are not kept in files. (The .key file in the File Signing Tool is for legacy platforms supporting a default signer certificate.) The secret passwords required by clients to generate signature files, using signer private keys, are sent as PINs over a separate channel such as registered mail or encrypted e-mail.
Digital certificates and signature files need not be secured to safeguard the overall security of VeriShield. The special file types that support the file authentication process are recognized by their filename extensions:
| File Type | Extension |
| Signature | *.p7s |
| Signer private key | *.key |
| Digital Certificate | *.crt |
All digital certificates are generated and managed by VeriFone CA and are distributed on request to MX 900 Series terminal clients — either internally within VeriFone or externally to sponsors.
Note: All certificates that are issued by the VeriFone CA for the MX 900 Series terminal platform, and for any VeriFone platform with the VeriShield security architecture, are hierarchically related. That is, a lower-level certificate can only be authenticated under the authority of a higher-level certificate. The security of the highest-level certificate called the platform root certificate is strictly controlled by VeriFone. The required cryptographically related private keys that support the file authentication process are also generated and distributed by the VeriFone CA.
Certificate Request
- A sponsor connects to the VeriFone CA Web site and requests certificates for deployment terminals.
- Based on information provided by the sponsor through the VeriFone CA Website, the VeriFone CA determines the required certificate structure.
- VeriFone CA generates the following items for the sponsor:
- Smart card containing a set of certificates and keys.
- Smart card PIN.
- VeriFone CA sends the smart card and smart card PIN to the sponsor.
- The sponsor uses the smart card and smart card PIN as inputs for the deployment process.
Development Process
The Development Process is the same as the Deployment Process except different cards are ordered and used. Proceed to the Deployment section.
Deployment Process
- The sponsor provides the application file (from the development process) and the smart card and smart card PIN (from the certificate request process) as inputs to VeriShield.
- VeriShield unlocks the smart card with the provided PIN, and sends the file to be signed to the smart cart that will compute the signature with the resident private key. VeriShield extracts the signature, signer certificate, and sponsor certificate from the smart card.
- VeriShield uses the extracted data, along with the application file, to create a signature file (*.p7s).
- VeriShield creates files suitable for downloading from the smart card data.
- The signature file, the application file, and the extracted signer and sponsor certificates are downloaded into a deployment terminal, where the following actions occur:
- When an attempt is made to install an application executable or data file, a matching signature and certificate must be present.
- The operating system compares the application file’s signature against the values stored in the application file’s calculated signature.
- Each successfully authenticated application file is installed on the terminal (otherwise, the application file is deleted on failed authentication and an error message is displayed.) The development and/or deployment process is illustrated in the flowchart below.
SYSTEM MODE
Verifying Terminal Status
The MX 900 Series terminal you are working with may or may not have an application program running on it. After you have set up the terminal and the terminal is turned on, use the following guidelines to verify the terminal status regarding software and current operating mode.
- If there is no application program loaded into the terminal flash, the terminal enters the System Mode screen.
- If an application program is loaded into terminal flash, an application-specific prompt appears. The application runs and the terminal is in normal mode.
Entering System Mode
With an application loaded, use the following procedure to enter System Mode.
Note: Before entering System Mode and selecting the function(s) to perform, verify that the MX 900 Series terminal has been installed as described in the MX 900 Series Installation Guide. Make sure that the terminal is connected to a power source and is turned on.
- With the application running, push a paper clip into the small recessed button on the bottom near the serial number. The three blue LEDs light. Release the button. Alternatively, pressing the ‘1’, ‘5’, ‘9’ keys at the same time will cause the terminal to go into System Mode.
- Select one of the four possible System Mode logins:
- Supervisor: Full capability
- Level1: User defined capability
- Level2: User-defined capability
- Maintenance: Intended for VeriFone repair, allows minimal access
- Once the login has been selected, enter the password. If the password is pre-expired or is pending change the user must enter the current password and then a new password (pre-defined in the case of a pending password change). The new password must be entered twice for validation. The default System Mode password is: 166831 or 166832.
- If the password is entered correctly, the System Mode idle screen displays. If the password is not entered correctly, the error “A password was entered incorrectly” displays and the login screen displays again.
Exiting System Mode
After successful completion, some operations automatically exit System Mode and restart the terminal. Other operations require that you manually exit System Mode and restart the terminal by tapping Home.
System Mode Menus
Access the submenus by tapping the tab name. The System Mode screen and submenus are shown below. In recent years, UI navigation breadcrumbs have become popular because they allow the user to see their location within a program and they allow a quick return back to any point within the breadcrumb trail. The “>” greater than symbol is used to separate points (crumbs) along the path. Touching any of the words/abbreviations along the path will instantly move the user to that point.
PERFORMING DOWNLOADS
Requirements
Downloads require moving the application and/or application data files from a remote computer to the terminal. In the MX 900 Series application development, application files are downloaded from a development PC directly to the terminal. In the field, application files must be transferred from the terminal’s controlling device (ECR, LAN controller, and so on) to the terminal. The MX 900 supports a module called the Secure Installer (SI). The secure installer is responsible for the authentication and installation of applications and operating system components. The secure installer follows a well-defined specification requiring bundles and packages. Detailed information on the creation of download files for MX 900 is contained in the Programmer’s Manual. Also, note that the MX 900 SDK includes a tool called the Package Manager to aid developers and deployment personnel create and maintaining bundles and packages.
DDL Command Line Syntax
The format of the DDL program is:
DDL [options] file1 [file2 … ] [config-data]
| Features | Benefit |
| -b<baud> | Specifies the baud rate, for example, • -b300 • -b1200 • -b2400 • -b4800 • -b9600 • -b19200 (default) • -b38400 • -b115200 |
| -p<port> | Specifies the PC serial port: • 1 (COM1). The default is -p1 (COM1). • 2 (COM2) |
| -i<filename> | Specifies the name of a binary file to include in the download, for example: -IBINARY.DAT. |
| Features | Benefit |
| -c<delta time> | Sets the date and time on the terminal to the host PC’s date and time. Also, specifies a delta value to add or subtract from the hour, for example, -c+1 specifies the PC’s time plus one hour. Note: The maximum hour value that can be set is ±23 hours. |
| -x<password> | Sets the terminal’s password. |
| -F<filename> | Processes the contents of the specified file as command line data. |
| file1 [file2 …] | Specifies one or more files to download. Files with the .OUT extension are treated as binary data; all others are assumed text files. |
| [config-data] | Specifies terminal or application environment variables. If the specified variable exists, it is replaced by the new value; otherwise, a new entry is created. For example, the string *ZT=TERMID sets the value of the terminal identifier variable to “TERMID”. Note: To remove an existing entry, use an empty string. For example, *ZT=”” removes the *ZT variable. |
DDL Command Line File
If you need to specify more variables than the DOS command line allows, you can use a simple configuration file (-F option) to extend the length of the command line. A command line file is an ASCII text file that allows you to supply as many variables as required.
Download Procedures
Use the following procedures to perform downloads to an MX 900 Series terminal. For additional information about downloading files to the MX 900 Series terminals, see Transfer in the System Mode chapter.
Downloading without an Onboard Application
Use the following procedure to perform a download from a host PC to an MX 900 Series terminal with no application installed. The terminal must be powered on to begin the procedure.
- Make all cable connections.
- Launch the DDL application on the host PC.
- Enter System Mode using a secure user password.
- Tap TRANSFER on the System Mode menu.
- Tap the SERIAL/USB tab to perform a direct download to the terminal.
- Set the port and baud rate.
- Tap the GO button to perform the download.
Asterisks (*) display onscreen to indicate the state of the download. Each asterisk denotes approximately 10% completion. On download completion, the terminal returns to the main screen.
PCLANCNV Utility
On the MX 900 Series terminal, the PCLANCNV utility is used to create a download file that is compatible with the IBM ECR. On legacy retail platforms, the PCLANCNV utility was used to create compressed files. On the MX 900 Series, the standard Linux tar utility is used to create compressed files. The compression used by the PCLANCNV utility is no longer supported. A file that has been created using the Linux tar utility can become the input file to PCLANCNV for conversion to IBM ECR format. PCLANCNV is a command line utility that runs under DOS. PCLANCNV has been run successfully under the Command Prompt on Windows® XP. The MX 900 Series does not support the –p Pinstripe LAN or the –t compressed ZonTalk formats (these formats are used by legacy terminals). The –r IBM ECR format is supported and is in fact the only reason to use PCLANCNV. It is strongly recommended that the Linux tar utility be used to combine/compress files prior to running PCLANCNV. The IBM ECR does not understand or support the complex directory structure and file permissions of the MX 900 Series. Using a tar file as input to PCLANCNV will preserve the file structure information. For testing, PCLANCNV supports the –d command line option. The –d option causes PCLANCNV to expand the specified file into the original input files in a TEMP subdirectory on the PC. The TEMP subdirectory must exist prior to running the –d option. Once a download file has been completely received, the MX will expand and install the contents of the file. If operating system components were included in the download file, the terminal will reboot.
- If the environment variable ends with an asterisk (“*”), add an additional asterisk to clear that variable.
- If the <value> for an environment variable includes a space, <value> must be enclosed in quotation marks.
Command Line Rules
PCLANCNV command line options must conform to several rules:
- Each application code file is specified without a control parameter.
- Each application data file and signature filename must be preceded with an -i.
- Files must be specified in the order:
- Application code file
- Application code signature file
- Application data file
- Application data signature file
- No spaces are allowed between the control parameter and its item.
- Control parameters may be upper- or lowercase.
- Other than the required order of files (a – d above), the order of items in the command line is not significant.
- If the environment variable ends with an asterisk (“*”), add an additional asterisk to clear that variable. If the <value> for an environment variable includes a space, <value> must be enclosed in quotation marks.
PCLANCNV Command Line Input Options filename Input application code file (no control parameter before filename). -i<filename> Input application data file or signature file. -k<C|D> FileToBeSigned.nam, CertFile.crt, KeyFile.key, KeyPassword |
where, C=AppCode and D=AppCode.
Input Options (not files) location= <value> Sets an environment variable to <value>, for example, *ZA=”TEST” and *ZT=”TERMID” location* Clears an environment variable (delete the environment variable). -x<password> Set terminal password.
| Output Format Definition | |
| -n | Uncompressed format with no blocking. |
| -p | MX 900 Series compressed PinStripe format with no blocking. |
| -p<blocksize> | MX 900 Series compressed PinStripe format in blocks of <blocksize> bytes. |
| -r | MX 900 Series compressed IBM ECR format in blocks of 128 bytes. |
| -r<blocksize> | MX 900 Series compressed IBM ECR format in blocks of <blocksize> bytes. |
| -t | Compressed VeriTalk format with no blocking. |
| -v | Override error checking of the output file content, count, and order. |
| Output File Name | |
| -o<filename> | Output filename is <filename>. |
| Other Controls | |
| -d<filename> | Decode a previously created output file to an existing TEMP subdirectory. |
| -f<filename> | Use <filename> as an ASCII source file for the above options. |
VERISHIELD REMOTE KEY (VRK) READY DEVICE
Check for Valid VRK RSA Keys
- Put the terminal into System Mode by using a straightened paperclip to press the reset button on the bottom side of the terminal near the serial number.
- Select Supervisor. Key in the password and press enter.
- Tap Security.
- Tap Key Status.
- Tap the VRK (RKL) tab and the following screen displays a valid VRK RSA Key Pair is installed and the terminal OS is VRK Ready. If the screen displays “Not Installed,” the terminal OS is not VRK Ready.
TERMINAL SPECIFICATIONS
Terminal Specifications
This chapter discusses power requirements, dimensions, and other specifications of the MX 900 Series terminals.
| Power | • Power pack output requirements: 12W, 12-24VDC. • Power pack input requirements: 100-240VAC, 50/60Hz. |
| Environmental | • Operating temperature: 0° to 40° C (32° to 104° F) • Storage temperature: – 18° to + 66° C (0° to 150° F) • Humidity: 15% to 95% relative humidity; no condensation |
| Dimensions | MX 915 • Height: 56 mm (2.2 inches) • Width: 182 mm (7.2 inches) • Depth: 225 mm (8.9 inches) MX 925 • Height: 56 mm (2.2 inches) • Width: 218 mm (8.6 inches) • Depth: 230 mm (9.1 inches) |
| Weight | MX 915: 1.3 lbs. (0.6 kg) MX 925: 2.0 lbs. (0.9 kg) |
For more manuals by VeriFone, visit ManualsLibraryy
VeriFone MX 900 Series Secure Payment Terminal-FAQs
What is the default admin password for VeriFone MX 915?
The default admin password is 9416557. Enter this using the keypad and press the green button to proceed.
How do I reboot my VeriFone terminal?
You can reboot the terminal using one of these methods:
1. Press the reset button for a hardware reset.
2. If you have remote access, log in via SSH and enter the command sudo reboot.
3. If SSH access is unavailable, perform a power cycle by unplugging and reconnecting the device.
What is the default Verifone user password?
The default password is 1 alpha alpha 66831.
What is the default access code for VeriFone terminals?
The default passcode is 123456.
How do I reload my terminal screen?
Press Ctrl + L to clear and refresh the terminal screen. This shortcut works in most terminal interfaces.
How do I shut down my VeriFone terminal?
Open Command Prompt, PowerShell, or Run, then type shutdown /s and press Enter to power off the device.
How can a user reset their password on a VeriFone terminal?
If the user has set up challenge questions, they can reset the password by clicking “Forgot Password” on the login screen in Configuration Client or Manager Workstation.
What is the default supervisor PIN for VeriFone terminals?
The default supervisor password is 1234. To enter it:
1. Press the main logo at the top of the screen.
2. Go to Main Menu (1/2) and select Configuration.
3. Enter 1234 when prompted.