CHAPTER 2 Using the Terminal Keys Before proceeding to other tasks, familiarize yourself with the operational features of the Omni 3600 terminal keypad to enter data (see Figure 29).
U SING THE TERMINAL K EYS Data Entry Modes Data Entry Modes NOTE Before you can use the keys on the front panel to enter ASCII characters, the Omni 3600 must be in a mode that accepts keyed data entry. There are two terminal operating modes, each enables you to press keys to enter data under specific circumstances: • Normal mode: This is the terminal operating mode where an application program is present in SRAM and currently running.
U SING THE TERMINAL K EYS The Keypad Function Key Descriptions The terminal’s operating mode and context determine the specific action performed when you press one of the following function keys. The following descriptions are provided solely to acquaint you with some general characteristics of these function keys before presenting more detailed system mode procedure descriptions.
U SING THE TERMINAL K EYS The Keypad If two or more characters display on the Omni 3600 screen, pressing ALPHA changes the last character on the line to the next letter, number, or symbol in the key sequence. For example: Current display: A5C*2 ALPHA A5C*A ALPHA A5C*B ALPHA A5C*C ALPHA A5C*2 Table 2 provides additional examples of how to use the ALPHA key to select ASCII characters from the 12-key Telco-style keypad.
U SING THE TERMINAL K EYS Programmable Function (PF) Key Descriptions NOTE In system mode, use ALPHA to key in the default system password, to enter a new system password, and for entering alpha characters. Enter Key In normal mode, the enter key is generally used the same as the enter key on a PC, that is, to end a procedure, confirm a value or entry, answer “Yes” to a query, or select a displayed option.
U SING THE TERMINAL K EYS Programmable Function (PF) Key Descriptions 36 OMNI 3600 REFERENCE MANUAL
CHAPTER 3 System Mode This chapter describes a category of terminal functions called system mode operations, including discussions on: • system mode entry, • initiating local and remote operations, • passwords, • file groups, and • system mode menus. System mode is used exclusively by those responsible for configuring, deploying, and managing Omni 3600 terminal installations in the field.
S YSTEM M ODE Verifying Terminal Status software to the terminal, upload software from one terminal to another, and perform diagnostics over a telephone line. This chapter contains descriptions on how to perform local system mode operations. For information performing remote operations, such as downloads, refer to Chapter 4. Verifying Terminal Status Entering System Mode The Omni 3600 terminal you are working with may or may not have an application program running on it.
S YSTEM M ODE Passwords • The primary application must be downloaded into Group 1. • On terminal power up and after a restart, the terminal defaults to Group 1 as the controlling group. • Group 1 applications have access to files stored in all groups. Other applications can reside in Groups 2 through 14. • Applications in a group other than Group 1 have access only to themselves and files stored in Group 15.
S YSTEM M ODE System Mode Menus 1 ALPHA ALPHA 6 6 8 3 1, and press [↵] NOTE System Mode Menus This default password is the same as the password for system mode entry, which is set in the CONFIG.SYS entry *SMPW. The seven main system mode menus are listed in Table 4.
S YSTEM M ODE System Mode Menus System Mode Procedures The procedures in this section explain how to use each of the system mode menus listed in Table 4. Each procedure description starts at a main system mode menu. Each procedure takes you step-by-step through a complete system mode operation in the following sequence: 1 When a main system mode menu appears, select an operation by pressing the appropriate key. 2 Complete the operation. 3 Return to the main system mode menu.
S YSTEM M ODE System Mode Menus Enter and Exit System Mode NOTE To enter system mode after you have turned on the Omni 3600 terminal, follow the procedure described in Table 5. On successful completion, some operations automatically exit system mode and restart the terminal. Other operations require that you exit system mode and restart the terminal. To manually exit system mode, select RESTART F4 in SYS MODE MENU 1.
S YSTEM M ODE System Mode Menus Table 5 Enter System Mode (continued) Display Action SYSTEM MODE ENTRY PASSWORD ------------------- If an application prompt appeared in Step 2 and you chose to enter system mode you are prompted to type the system password. If DOWNLOAD NEEDED appeared in Step 2, use the default password “Z66831.” This password is entered as: 1 ALPHA ALPHA 6 6 8 3 1, and press [↵] Use the backspace [←] key to delete the entry and correct any mistakes.
S YSTEM M ODE System Mode Menus Table 6 System Mode Menu 1 (continued) Display Action CLOCK F3 Note: The terminal clock is battery-backed to retain date and time settings when the terminal is shut off. SYS MODE CLOCK This example shows February 22, 2001. YEAR: 2003 MONTH: 02 DAY: 22 ↑ ↓ To set YEAR, press F2 and type a four-digit number for the current year. To set MONTH, press F3 and type a two-digit number for the current month (between 01– 12).
S YSTEM M ODE System Mode Menus You cannot perform download, clear, and defragment operations if you entered system mode while an application is running. If you see the message APPLICATION ALREADY RUNNING, PLEASE RESTART, press the cancel key and restart the terminal from system mode menu 1. When you see the copyright notice screen, enter system mode within 3 seconds (before the application begins).
S YSTEM M ODE System Mode Menus Table 7 System Mode Menu 2 (continued) Display Action RAM FILES F3 SYS MODE RAM CLEAR GROUP _1 F2 CLEAR ALL FILES F3 To clear a file group’s RAM files, type the file group number (1–15) and press F2. To correct a mistake, press [←] to delete the number, and type a new entry. CONFIG.SYS protected records that begin with * or # are retained when you clear a RAM file group. To clear the RAM of all file groups, select CLEAR ALL FILES F3.
S YSTEM M ODE System Mode Menus Table 7 System Mode Menu 2 (continued) Display Action SYSTEM MODE FILE GROUP NN PASSWORD ----------------- To continue, enter the required password. If you enter an incorrect password, the following message appears: SYS MODE PASSWORD PLEASE TRY AGAIN Press [↵]. Verify your password and re-enter it. SYS MODE CONFIRM CANCEL F3 CONFIRM F4 To cancel the operation, select CANCEL F3. To continue the operation, select CONFIRM F4.
S YSTEM M ODE System Mode Menus Table 8 System Mode Menu 3 Display Action SYS MODE MENU 3 CONFIG INFO F2 EDIT F3 PASSWORDS F4 ↑ ↓ To view terminal configuration information, select CONFIG INFO F2. To edit the CONFIG.SYS or another keyed file, or to set the country code for your terminal’s modem, select EDIT F3. (For more information, refer to the Edit Keyed Files section that follows this main menu description.) To change the system mode and file group passwords, select PASSWORDS F4.
S YSTEM M ODE System Mode Menus Table 8 System Mode Menu 3 (continued) Display Action MODL OMNI3600 This screen shows additional configuration information specific to your terminal: CTRY US • Model number KEYPAD 0 • Country of manufacture DISPLAY 128064 • Keypad type (0 = Telco, 1 = calculator, MAG RDR 0 2 = Singapore) PRINTER 1 • Display unit type SYS MODE CONF ↑ • Magnetic stripe card reader type • Whether or not a thermal printer is integrated into the terminal (where 0 = No, 1
S YSTEM M ODE System Mode Menus Table 8 System Mode Menu 3 (continued) Display Action SYS MODE EDIT To edit the CONFIG.SYS file, press [↵]. FILE CONFIG.SYS_ Note: SYS MODE EDIT To create or search for a keyed record, use [←] to clear any previous key name from the display. Then, type the key name, press [↵], and skip to Step 5b of this procedure. KEY (KEY NAME)-------------------------------- In this menu, you can create a new keyed file or edit an existing one.
S YSTEM M ODE System Mode Menus Table 8 System Mode Menu 3 (continued) Display Action PASSWORDS F4 SYS MODE PASSWORD FILE GROUP _1 F2 SYS MODE ENTRY F3 To change the password of File Group 1, select FILE GROUP _1 F2. Then, go to SYSTEM MODE FILE GROUP NN PASSWORD below. To change the password of another file group, type the appropriate file group number and press F2. Then, go to SYSTEM MODE FILE GROUP NN PASSWORD below. To correct a mistake, press [←] to delete the number, and type the new entry.
S YSTEM M ODE System Mode Menus NOTE Edit Keyed Files When entering any password, an asterisk (*) appears on the display for each character you type. These asterisks prevent your password from being seen by an unauthorized person. Pressing the ALPHA key changes the characters or symbols you enter, but ALPHA does not cause additional asterisks to appear. Secure a copy of every password to ensure it is not forgotten or lost.
S YSTEM M ODE System Mode Menus Table 9 System Mode Menu 4 Display Action SYS MODE MENU 4 REMOTE DIAGS F2 ERROR LOG F3 DEBUGGER F4 ↑ ↓ REMOTE DIAGS: This function is reserved for future use with TMM. To return to the previous system mode menu, press the PF1 key; to return immediately to SYS MODE MENU 1, or to quit any operation within this menu, press the cancel key; to move to the next system mode menu, press the PF2 key or [↵].
S YSTEM M ODE System Mode Menu 5 System Mode Menu 5 In this menu you can test the display panel, keyboard, and magnetic stripe card reader. Table 10 System Mode Menu 5 Display Action SYS MODE MENU 5 SCREEN DIAG F2 KEYBOARD DIAG F3 MAG CARD DIAG F4 ↑ ↓ SCREEN DIAG F2 To test the display panel, select SCREEN DIAG F2. To test the keyboard, select KEYBOARD DIAG F3. To test the magnetic card reader, select MAG CARD DIAG F4.
S YSTEM M ODE System Mode Menu 5 System Mode Menu 6 In this menu you can run integrated PIN pad (IPP) diagnostics, check the IPP key loading mode, display printer information, and run printer tests. Table 11 System Mode Menu 6 Display Action SYS MODE MENU 6 IPP DIAG F2 IPP KEY LOAD F3 PRINTER DIAG F4 ↑ To test the IPP, select IPP DIAG F2. To test the IPP key load, select IPP KEY LOAD F3. To run printer diagnostics and test the printer, select PRINTER DIAG F4.
S YSTEM M ODE System Mode Menu 5 System Mode Menu 7 In this menu you can check the status of the smart battery. Table 12 System Mode Menu 7 Display Action SYS MODE MENU 7 Press F2 to bring up the state of the battery. BATTERY STATUS F2 ↑ BATTERY STATUS F2 BATTERY STATUS 56 FULL CHARGE 1680 REMAINING 1556 93% VOLTAGE 8161 STATUS 00C0 OMNI 3600 REFERENCE MANUAL When you select F2, the BATTERY STATUS screen appears. The full charge state of the smart battery displays in mA hours.
CHAPTER 4 Performing Downloads This chapter contains information and procedures to allow you to perform the various types of data transfers required to: • Develop applications for the Omni 3600 terminal. • Prepare Omni 3600 terminals for deployment. • Maintain Omni 3600 terminal installations in the field. • Transfer data to/from terminals. In this chapter, information pertaining to file authentication is only discussed in the context of procedures while performing file downloads.
P ERFORMING D OWNLOADS Download Methods Download Methods NOTE Download Tools NOTE The following four methods are available for file and data downloads through the Omni 3600 download and upload procedures: • Direct downloads: Files and/or data transfer directly from the sending system (a host computer) to the receiving system (an Omni 3600 terminal docked on the base station or connected using the MOD10 adapter). A special cable (PN 056051-00) connects the RS-232 serial ports of the two systems.
P ERFORMING D OWNLOADS Download Content NOTE Download Content • ZonTalk 2000: PC-based software tool to manage applications and data for VeriFone. In addition to being a database and communications management tool, ZonTalk 2000 automates application downloads and updates to terminal records. • DDL.EXE (Direct Download Utility): Download files and data from a development system or other host computer directly to an Omni 3600 terminal over a serial cable connection. DDL.
P ERFORMING D OWNLOADS Full and Partial Downloads CONFIG.SYS variables, passwords for accessing protected system mode functions, the current date and time, the modem country code setting, and so on (refer to Chapter 3). Full and Partial Downloads When preparing to initiate a download procedure, you must choose either a full or partial download and the COM 1 port, through the system mode menu options (refer to Chapter 3).
P ERFORMING D OWNLOADS Full and Partial Downloads Table 13 Types of Full and Partial Downloads (continued) Download Methods Supported Download Type Description and Effects Full operating system download An entire OS version transfers from a host PC to the Omni 3600 terminal. • Direct downloads Files related to file authentication and terminal configuration settings can be included in a full OS download. During this process, RAM is cleared.
P ERFORMING D OWNLOADS Omni 3600 Download Differences host computer, permits the host application to update data files and terminal configuration settings in an Omni 3600 terminal and then return control to the main application. • Omni 3600 Download Differences Support for Multiple Applications Full downloads restart the terminal; partial downloads return control to system mode or the issuing application. OS and application downloads can be combined.
P ERFORMING D OWNLOADS Omni 3600 Download Differences The main application must always be stored in the Group 1 sub-partition. Related programs or secondary applications can be stored in GIDs 2–14. GID15 is available to all other groups. The Main Application is Always Stored in GID1 The main application stored in GID1 is the controlling application for the terminal. Any function call that invokes a related program or a secondary application stored in GIDs 2–14 must be initiated by the GID1 application.
P ERFORMING D OWNLOADS Omni 3600 Download Differences With application files, the application designer or programmer usually decides which file types to download into which file system. Other file types, such as operating system files, digital certificates, and signature files, must download into RAM. In a typical download procedure, all files are loaded into the RAM file system of the target group selected in system mode.
P ERFORMING D OWNLOADS Omni 3600 Download Differences Manually Redirecting Files to Flash Memory To manually redirect files to flash memory for Download Manager or ZonTalk 2000 application downloads, you must create one or more files on the download computer with the special file name, SETDRIVE.x, where, x is the name of the drive (memory area) to download files to: • Drive name I: is RAM: This is the system mode default for downloads. • Drive name F: is flash.
P ERFORMING D OWNLOADS Omni 3600 Download Differences You can also insert zero-length SETGROUP.n files into a batch download list to redirect files from the target file group to other file groups. Together, the zerolength SETDRIVE.x and SETGROUP.n files allow you flexibility to store files as required in RAM or flash file systems and in specific file groups in a single batch download operation. NOTE You can only use zero-length SETDRIVE.
P ERFORMING D OWNLOADS Omni 3600 Download Differences In the following example, GID1 is selected as the target group for the download. The download list loads FOO.OUT into Group 1 RAM, GOO.OUT into GID2, and the shared library, COMN.LIB, into GID15. When the terminal restarts after the download, the file authentication module is invoked for all three files, based on the certificate data that authorizes them to be stored in their respective file groups. If FOO.
P ERFORMING D OWNLOADS Omni 3600 Download Differences File Redirection in Operating System Downloads When performing an operating system download, you must download the OS files into Group 1 RAM and not into flash memory or into another file group. OS files download into Group 1 RAM because is not possible to download these files directly into Group 0.
P ERFORMING D OWNLOADS Omni 3600 Download Differences If a signature file is missing on the sending terminal, the target application file that it authenticates is not authenticated on the receiving terminal and, if the target file is an executable, it is not allowed to run on the receiving terminal. File Authentication Requirements Chapter 5 provided a general introduction to the file authentication process.
P ERFORMING D OWNLOADS Omni 3600 Download Differences authenticates is stored. If *FA is 0, signature files are deleted from RAM when the file authentication process is complete. The File Authentication Process During an Application Download In the following example of a typical file authentication process, it is assumed that we: • are downloading an application to prepare an Omni 3600 deployment terminal for deployment.
P ERFORMING D OWNLOADS Omni 3600 Download Differences The processing routine gives you both visible and audible indications if a specific certificate successfully authenticates. The file authentication module does not halt the process if a certificate fails to authenticate, but continues to the next step: authenticating signature files.
P ERFORMING D OWNLOADS Omni 3600 Download Differences For data files, font files, and any other files that require authentication to meet the application’s design specification, the application must ensure that these files successfully authenticate. While a signature file is being processed, it remains stored in the RAM file system of the target file group. The target application file may be redirected immediately on download to RAM or flash.
P ERFORMING D OWNLOADS Omni 3600 Download Differences Chapter 5 discussed how signer certificates are required inputs to FILESIGN.EXE when preparing a deployment terminal. Each signature file generated under that signer certificate contains a logical link that allows the application to authenticate and run on the terminal only if the signature files and corresponding target files are downloaded into the target GID.
P ERFORMING D OWNLOADS Omni 3600 Download Differences menu option. In a partial OS download operation, application files stored in Group 1 are not erased. • When you initiate the OS download, the OS file authentication progress displays on the screen as new certificates are authenticated and added to the terminal’s certificate tree, and as signature files for corresponding OS files are detected and authenticated, as shown in Figure 30, page 71.
P ERFORMING D OWNLOADS Omni 3600 Download Differences • Downloaded certificates (receiving terminal) must synchronize with the certificate data present in the certificate tree. Synchronized means the following: • • The certificate tree of the receiving terminal can be no more than one revision out-of-sync with the certificate tree on the sending terminal or the files on the receiving terminal do not successfully authenticate.
P ERFORMING D OWNLOADS Effect of Downloads on Existing Files and Data When planning your download procedure, carefully consider the total amount of memory space required to store certificates and signature files and the application files. In some cases, a considerable number of 400-byte signature files reside in terminal memory at any given time.
P ERFORMING D OWNLOADS Set Up the Download Environment Set Up the Download Environment • For back-to-back application downloads, clear the RAM and flash of the receiving terminal before initiating the download. All application files stored on the receiving terminal, including CONFIG.SYS settings, are replaced by those of the sending terminal. System mode and file group passwords are retained on the receiving terminal.
P ERFORMING D OWNLOADS Set Up the Download Environment • Direct serial cable connection for back-to-back application downloads. The link is between the RS-232 port of the base stations between the docked sending and docked receiving Omni 3600 terminals, or between two Omni 3600 terminals directly connected by cable through two MOD10 adapters. A special cable is required for back-to-back downloads (PN 056051-00).
P ERFORMING D OWNLOADS Set Up the Download Environment HOST COMPUTER FOR DOWNLOADS OR DEBUGGING DOCKED OMNI 3600 TERMINAL COM1 OR COM2 SERIAL PORT OMNI 3600 BASE STATION RS-232 SERIAL PORT Figure 32 Serial Cable Connection for Direct Downloads HOST COMPUTER FOR DOWNLOADS OR DEBUGGING COM1 OR COM2 SERIAL PORT MOD10 ADAPTER RJ45 PORT OMNI 3600 FROM BOTTOM Figure 33 Serial Cable Connection using the MOD10 Adapter OMNI 3600 REFERENCE MANUAL 79
P ERFORMING D OWNLOADS Direct Application Downloads Telephone Line Connection for Telephone Downloads To set up the telephone line connection for application or OS downloads between a host computer and a docked Omni 3600 terminal: 1 Confirm proper configuration of the dial-up telephone line and modem connection on the host computer and 2 Confirm the parameters for the download by telephone are set in the download tool.
P ERFORMING D OWNLOADS Direct Application Downloads NOTE Checklist for Effects on Files and Settings in the Receiving Terminal Direct Application Download Procedure • Certificate files (*.crt) required for file authentication on the docked receiving terminal are stored in memory or they reside on the host computer and download together with the application files. • All required signature files (*.p7s) generated using FILESIGN.EXE, reside on the host computer.
P ERFORMING D OWNLOADS Direct Application Downloads Steps described in the Action column are performed directly on the docked Omni 3600 terminal. Notes provided in this column indicate and explain actions you must perform on the host computer. NOTE Table 14 Step 1 The five steps listed in Table 15 are required for all download and upload procedures. In each of the following procedural tables, step numbering starts at 1 to indicate the unique steps of the specific download method.
P ERFORMING D OWNLOADS Direct Application Downloads Table 14 Step Common Steps to Start a Download (continued) Display 4 Action SYS MODE MENU 1 CONTRAST F2 CLOCK F3 RESTART F4 ↓ When the system mode password is accepted, the terminal enters system mode and SYS MODE MENU 1 displays. To display additional system mode menus, press the PF2 key located on the terminal just below the on-screen down arrow. You can also press the enter key to toggle to the next menu.
P ERFORMING D OWNLOADS Direct Application Downloads Table 15 Step 6 Direct Application Download Procedure (continued) Display **VERIFYING FILES** CHECK CERTIFICATE (FILENAME.CRT) **AUTHENTIC** or else --- FAILED --- Action When the download is complete, the terminal restarts automatically. The file authentication module on the receiving terminal begins to check for new certificate files (*.crt) and signature files (*.p7s) included in the download.
P ERFORMING D OWNLOADS Direct Operating System Downloads Direct Operating System Downloads Hardware Checklist Software Checklist This section presents procedures for direct downloads. • The cable to connect the download computer serial port (COM1 or COM2) to the base station of the docked Omni 3600 “RS232” serial port (COM1) (refer to Cable Connection for Direct Downloads), or • The MOD10 adapter and cable to connect the download computer serial port (COM1 or COM2) directly to the Omni 3600 terminal.
P ERFORMING D OWNLOADS Direct Operating System Downloads • NOTE Checklist for Effects on Files and Settings in the Receiving Terminal Direct Operating System Download Procedure Use system mode menu options to clear the entire RAM or the RAM of Group 1 on the receiving terminal (as necessary). Download, clear, and defragment operations cannot proceed in system mode if an application is executing.
P ERFORMING D OWNLOADS Direct Operating System Downloads Table 16 Step 1 Direct Operating System Download Procedure Display Action Enter the target file group for the download. File Group _1 (Group 1) is the default. Operating system files must always download into Group 1. This is the default group number in system mode. SYS MODE FILE FILE GROUP _1 To select Group 1 as the target file group, press enter.
P ERFORMING D OWNLOADS Download by Telephone Table 16 Step 7 Direct Operating System Download Procedure (continued) Display Action The file authentication module proceeds to authenticate new signature files downloaded with the OS files. When the signature file authentication routine begins, the progress of the authentication process displays. If file authentication succeeds for a specific signature file, the “AUTHENTIC” message displays directly below the filename of the signature file.
P ERFORMING D OWNLOADS Download by Telephone Telephone Downloads Procedure Step 1 Baud rate settings for the data transfer • Terminal ID • Application ID • Operating system name or serial number For detailed information about the setup requirements and download procedures for Download Manager and ZonTalk 2000, please refer to the user documentation supplied by VeriFone with these software products.
P ERFORMING D OWNLOADS Download by Telephone Table 17 Step 6 Download by Telephone Procedure (continued) Display **VERIFYING FILES** CHECK CERTIFICATE (FILENAME.CRT) **AUTHENTIC** or else --- FAILED --- Action When the OS download is complete, the terminal restarts automatically. The file authentication module on the receiving terminal then checks for new certificate (*.crt) and signature (*.p7s) files included in the download.
P ERFORMING D OWNLOADS Back-to-Back Application Downloads Back-to-Back Application Downloads Hardware Checklist Software Checklist This section presents procedures for back-to-back terminal downloads.
P ERFORMING D OWNLOADS Back-to-Back Application Downloads NOTE Checklist for Effects on Files and Settings in the Receiving Terminal Back-to-Back Application Download Procedure Download, clear, and defragment operations cannot proceed in system mode if an application has already started. If you see the message DEVICE BUSY, PLEASE ) key and then restart the terminal RESTART STAND ALONE, press the Cancel ( from system mode Menu 1.
P ERFORMING D OWNLOADS Back-to-Back Application Downloads 4 Initiate the file transfer on the PC. 5 From SYS MODE MENU 2 on the Gold terminal, select either a full or a partial download. The PC transfers files to the Gold terminal. Download Application Files to Target Terminal 1 Configure a Gold terminal for an application download operation to a deployment terminal: • If the *FA variable (if present in the application) is set to 1, you can reset it to 0.
P ERFORMING D OWNLOADS Back-to-Back Application Downloads Figure 34 Back-To-Back Download Process The procedure in Table 18 steps you through a back-to-back application download from a docked sending Omni 3600 terminal (Gold) to a docked receiving Omni 3600 terminal (Target). Back-to-back downloads require that one terminal, the Gold terminal, be loaded with the required applications. The receiving terminal is the Target terminal.
P ERFORMING D OWNLOADS Back-to-Back Application Downloads • NOTE The Target terminal does not display an error message if there is not enough memory to complete the download. However, the Gold terminal displays DOWNLOAD INCOMPLETE before returning to SYS MODE MENU 2. • Table 18 There is enough memory in the Target terminal to complete the download. You are performing a full download.
P ERFORMING D OWNLOADS Back-to-Back Application Downloads 96 OMNI 3600 REFERENCE MANUAL
CHAPTER 5 File Authentication This chapter: • introduces the file authentication module of the VeriShield security architecture, and the organizational infrastructure that supports this feature. • explains how the file authentication process may affect the tasks normally performed by application programmers, terminal deployers, site administrators, or by entities authorized to download files to an Omni 3600 terminal. • describes how to use the file signing utility, FILESIGN.
F ILE A UTHENTICATION Introduction to File Authentication Special Files Used in the File Authentication Process The following specially formatted files support the file authentication process: • A digital certificate is a digital, public document used to verify the signature of a file. • A digital signature is a piece of information based on both the file and the signer’s private cryptographic key. The file sender digitally signs the file using a private key.
F ILE A UTHENTICATION Introduction to File Authentication NOTE Only one sponsor certificate is permitted per terminal. • Signer certificate: Certifies the right to sign and authenticate files for terminals belonging to the sponsor. A signer certificate is authenticated under the authority of a higher-level client certificate (the sponsor certificate).
F ILE A UTHENTICATION Introduction to File Authentication 3 The application file becomes a required input for the FILESIGN.EXE tool (included in the SDK). 4 The default certificate (K2SIGN.CRT) and default key (K2SIGN.KEY) included in the SDK are inputs for the FILESIGN.EXE tool. 5 Using the application file, default certificate, and default key, FILESIGN.EXE creates a signature file (*.p7s).