Ingenico 6500 Credit Card Machine User Manual
Contents
1. Application File AppA Read AppB Erase Security Key Injection Inject Keys Injection COM1 Patt COM2 Index Select App Select Key Check Value Term Keys Application Keys Erase App Keys Key1 Key2 SerialnumInject Sys Parameters Download Method Download Port 1 Port Port 2 IBMEFT NCREFT Zontalk GEMS Germany Port 3 Setup Port Port 1 Interface Type Baud Rate Data Bits Stop Bits Parity LAN Address Retry Count Response TMO Poll TMO Ingenico 6500 User s Guide Turnaround TMO Port 2 Interface Type Baud Rate Data Bits Stop Bits Parity LAN Address Retry Count Response TMO Poll TMO Turnaround TMO Port 3 Dial Interface Type Baud Rate Data Bits Stop Bits Parity Retry Count Response TMO DHCP Local IP Local IP Port Server IP Server IP Port IP Add Mask Gateway Primary DNS Secondary DNS Domain Name Dial Phone Num Modem Speed Host Port COM1 COM2 COM3 Aux Port COM1 COM2 COM3 Auto Detect AD On Off On Off AD Timeout Chapter 2 Extended Menu Overview Section 2 5 Finding Options in the Extended Menu AD Retry Times Parameter Editor Diagnostic Menu Display Keypad Beeper RS232 COM1 COM2 Tailgate USB Mag Stripe Reader Smart Card Reader SAM Touch Screen Signature Capture Pen Ca2. Ingenico 6500 User s Guide ingenico Ingenico 6500 User s Guide Part Number DL00458 Revision E Released April 2006 Copyright 2004 Ingenico Corp All rights reserved Ingenico Inc 1003 Mansell Road Atlanta GA 30076 Tel 770 594 6000 Fax 770 594 6003 www ingenico us com U S Help Desk TotalCARE Tel 800 435 3014 Fax 770 594 6026 Mon Fri 8 00 a m 6 00 p m Sat 10 00 a m 3 00 p m EST Ingenico Canada Ltd 79 Torbarrie Road Toronto Ontario Canada M3L 1G5 Tel 416 245 6700 Fax 416 245 6701 www ingenico ca Canadian Help Desk TotalCARE Tel 888 900 8221 Fax 905 795 9343 Hours Mon Fri 8 30 a m 5 00 p m EST No part of this publication may be copied distributed stored in a retrieval system translated into any human or computer language transmitted in any form or by any means without the prior written consent of Ingenico Ingenico and Ingenico logo are registered trademarks of Ingenico Corp All other brand names and trademarks appearing in this guide are the property of their respective holders Information in this document is subject to change without notice Table of Contents Chapter 1 Introduction sicscsicsecscitacecrvieicastioiciletesd 1 1 1 Payment TYROS sci ccciscsis te feta eae asiashn ae eania ane a ceaue aaa 1 1 2 Two Terminal Models 4 2 220 rt once healt tabu onl lee etl Rechegde tached tec tentetestaethe 1 1 3 COMMOCHIVIDY assen
3. Key password 2 6 3 4 then press Enter Supervisor Menu Change Password Application File Press V V Enter to select Security Security Key Injection Erase App Keys Serialnum Inject Press W Enter to select Key Check Value Key Check Value Term Keys Application Keys Select the type of key check values you want to see Application Keys APP 1 APP2 APP1 Special Keys M S Keys DUKPT Keys Special Keys Secure Text Key 012345 Clear Text Key 123456 Select the application you want Select the type of keys you want The values for the keys you selected display one of the following three screens will display M S Keys Master Key 0 Session Key 0 Master Key 1 Session Key 1 etc DUKPT Keys DUKPT Key 0 DUKPT Key 1 etc Chapter 5 Supervisor Menu Section 5 5 Security Erasing Application Keys The Erase App Keys option lists applications you can choose to delete the keys to these applications The applications listed no longer exist in the terminal but the terminal has found keys that are still associated to them These orphan keys are the only ones that the extended menu allows you to erase The i6500 terminal keeps the keys of deleted applications so that if a new version of the application is downloaded the keys for that application will already be loaded in the terminal However if an application is no longer needed the customer may
4. OK while the terminal is starting up access the extended menu by pressing the 1 and 3 keys simultaneously Extended Menu Press v V V Enter to select Supervisor Serialnum Inject Menu System Config System Info Enter Password Key password 2 6 3 4 then press Enter Supervisor Menu Press v V V Enter to select Sys Change Password Parameters Application File Security Sys Parameters Sys Parameters Press vV V Enter to select Setup Port Download Method Download Port Setup Port Setup Port Press V V Enter to select Port3 the E NET Port1 port Ethernet Port2 Ports Press V six times then press Enter to select Interface Type Local IP Port Baud Rate Data Bits Stop Bits Parity DHCP Local IP Local IP Port Old Value XXXXX Enter New Value Enter the local IP port number Ingenico 6500 User s Guide 64 14 Defining the Server IP Address To access the extended menu restart the terminal by pressing 1 CAN OK while the terminal is starting up access the extended menu by pressing the 1 and 3 keys simultaneously Extended Menu Press V V V Enter to select Supervisor Serialnum Inject Menu System Config System Info Enter Password Key password 2 6 3 4 then press Enter Supervisor Menu Press W V V Enter to select Sys Change Password Parameters Application F
5. Use a key injection utility such as Ingenico s WinKeyFac software program to perform these functions and to set security options see Security Options on page 77 Financial keys Master Session and DUKPT can be based on an application or a terminal By default all financial keys are based on an application as shown in Figure 4 By changing the value of the Financial Key security option see section 9 5 9 Financial Key Option on page 99 you can make all financial keys based on a terminal however this will erase all previously injected financial keys Some keys are segregated by application The application number is part of the application name Once the keys are injected the application number is used as the application reference When the application calls a cryptographic function it passes the application reference as the application name The SSA will check that the caller passes the application name and from the name it will determine the number that defines the injected key set Single length DES keys have a length of 8 bytes Double length triple DES keys have a length of 16 bytes The level of the specific key set indicates the position of the key set in the internal key hierarchy For example keys at Level 1 sponsor keys are loaded in clear text and sit at the top of the key hierarchy Keys at Level 2 are loaded encrypted under the keys at Level 1 Keys at Level 3 are loaded encrypted under the keys at Level 2 Loading a
6. 3 Download Method IBMEFT Download Port Number COM1 Download Port Type RS232 Last download result No Download COM1 Baud Rate 9600 COM1 Data Bits 8 COM1 Stop Bits 1 COM1 Parity NONE COM1 LAN Address 104 COM1 Retry Times 3 COM1 Resp Timeout 3000ms COM1 Poll Timeout 3000ms COM1 TurnArd Timeout 3000ms COM2 Baud Rate 9600 Ingenico 6500 User s Guide 21 COM2 Data Bits 8 COM2 Stop Bits 1 COM2 Parity NONE COM2 LAN Address 101 COM2 Retry Times 3 COM2 Stop Bits 1 COM2 Parity NONE COM2 LAN Address 101 COM2 Retry Times 3 COM2 Resp Timeout 3000ms COM2 Poll Timeout 3000ms COM2 TurnArd Timeout 3000ms COM3 Baud Rate 19200 COM3 Data Bits 8 COM3 Stop Bits 1 COMS3 Parity NONE COMBS Retry Times NONE COMS3 Resp Timeout 3000ms ETH DHCP NONE AUTO AUTO 22 Chapter 4 System Info Menu Section 4 5 Viewing All Parameter Values ETH Local IP Add 0 0 0 0 ETH Local IP Port 0 ETH Remote IP Add 0 0 0 0 ETH Remote IP Port 0 ETH IP Add Mask 0 0 0 0 ETH Gateway 0 0 0 0 ETH Primary DNS 0 0 0 0 ETH Secondary DNS 0 0 0 0 ETH Domain Name Dial Phone Num Modem Speed 9600 Appl Comment 0 0 0 0 Ingenico 6500 User s Guide 23 Supervisor Menu s1 Overview This chapter explains how to change the supervisor password check or erase the applica
7. Section 6 4 Setting Up the Port 6 4 22 Setting Up the Modem Speed If you are using the I T I port you can define the modem speed DIEGEM Action To access the extended menu restart the terminal by pressing 1 CAN OK while the terminal is starting up access the extended menu by pressing the 1 and 3 keys simultaneously Extended Menu Serialnum Inject System Config System Info Supervisor Menu Press W V V Enter to select Supervisor Menu Enter Password Key password 2 6 3 4 then press Enter Supervisor Menu Change Password Application File Security Sys Parameters Press VW V WJ Enter to select Sys Parameters Sys Parameters Download Method Download Port Setup Port Press V V Enter to select Setup Port Dial Phone Num Modem Speed Setup Port Press V V V Enter to select Dial to Port1 configure the I T I port Port2 Port3 Dial Press V Enter to select Modem Speed Modem Speed 2400 4800 9600 Use the arrows to select the appropriate modem speed and then press Enter Updating Ingenico 6500 User s Guide 57 6 4 23 Changing the Position of the Host Port or Aux Port The ports are labeled Host Aux E NET I T I and by default Port 1 Host Port 2 Aux Port 3 Ethernet However you may configure Port 1 2 or 3 as the Host port or Au
8. The results of the test display To exit press Can Ingenico 6500 User s Guide Testing the Magnetic Stripe Reader 7 8 This feature tests the magnetic stripe reader DIEGEM Action To access the extended menu restart the terminal by pressing 1 CAN OK while the terminal is starting up access the extended menu by pressing the 1 and 3 keys simultaneously Extended Menu Press V Enter to select Diagnostic Menu Serialnum Inject System Config System Info Supervisor Menu Diagnostic Menu Diagnostic Menu Press V Enter to select Mag Stripe Reader Display Keypad Beeper RS232 Tailgate USB Mag Stripe Reader Mag Stripe Reader Swipe a magnetic stripe card Swipe Card Now Mag Stripe Reader The terminal displays the results of the test for 3 tracks read track 1 Info each track isoTrackNumber 4 isoStatus ffffebff isoLength 0 78 Chapter 7 Diagnostic Menu Section 7 8 Testing the Magnetic Stripe Reader 77 Testing the Smart Card Reader This feature tests the smart card reader DIEGEM Action To access the extended menu restart the terminal by pressing 1 CAN OK while the terminal is starting up access the extended menu by pressing the 1 and 3 keys simultaneously Extended Menu Serialnum Inject System Config System Info Supervisor Menu Diagnostic Menu Diagnostic Menu Press V Enter to select Smart Card Reader
9. Visa PED mode descriptor section Application descriptor section Secure file descriptor section Non secure file descriptor section Delete application code file descriptor section Delete data file descriptor section Delete the whole application descriptor section 105 1 Secure Certificate MAC Descriptor Section This section which is the MAC of the secure certificate file must exist on the first line of the file If it does not validation fails If it does a MAC is calculated on the secure certificate using SHA1 MAC starting from the first character of the second line of the file until the end of the file If the MAC detected on the first line of the file is not the same as the calculated MAC validation fails The first line of the file must be in the following format MAC 12345678 The first field of the application descriptor is the MAC for the secure certificate file itself MAC is a text string indicating that the precalculated fingerprint follows 12345678 is the Hex ASCII representation of the most significant 4 bytes of the MAC value of the SHA1 result for the whole certificate file precalculated and applied by the securing utility prior to download Note The first line of the file must end with a carriage return and line feed The second line is considered to begin at the first character immediately after the first carriage return and line feed characters of the file 102 Chapter 10 Secure Certificate Sect
10. 2 6 3 4 then press Enter Supervisor Menu Press V V Enter to select Security Change Password Application File 30 Chapter 5 Supervisor Menu Section 5 5 Security Security Press W Enter to select Key Check Value Key Injection Key Check Value Erase App Keys Serialnum Inject Key Check Value Select the type of key check values you want to Application Keys Terminal Keys Special Keys M S Keys DUKPT Keys Special Keys Select the type of terminal key The values for the keys you selected display one Secure Text Key of the following three screens will display 012345 Clear Text Key 123456 M S Keys Master Key 0 Session Key 0 Master Key 1 Session Key 1 etc DUKPT Keys DUKPT Key 0 DUKPT Key 1 etc Finding the Key Check Value Application Keys The key check value is a hexadecimal value that is used to verify that you have the right key in the terminal You can find a key check value for terminal keys or application keys This section covers application keys Display Action To access the extended menu restart the terminal by pressing 1 CAN OK while the terminal is starting up access the extended menu by pressing the 1 and 3 keys simultaneously Extended Menu Press v V V Enter to select Supervisor Serialnum Inject Menu System Config System Info Supervisor Menu Ingenico 6500 User s Guide 31 Enter Password
11. Fon By default Port 1 Host Port 2 Aux Port2 Port X Press W eight times then press Enter to select Interface Type Turnaround TMO Baud Rate Data Bits Stop Bits Parity LAN Address Retry Count Response TMO Poll TMO Turnaround TMO Turnaround TMO Enter an amount of time after which the port Old Value 300 should cease turnaround in units of 1 100 of a Enter New Value second 46 Chapter 6 System Parameters Menu Section 6 4 Setting Up the Port 6 4 11 Defining the DHCP Address DHCP is dynamic host configuration protocol If the terminal is working in Ethernet mode and if DHCP is ON the terminal can ask the remote server to assign an IP address for it Display Action To access the extended menu restart the terminal by pressing 1 CAN OK while the terminal is starting up access the extended menu by pressing the 1 and 3 keys simultaneously Extended Menu Serialnum Inject System Config System Info Supervisor Menu Press V V V Enter to select Supervisor Menu Enter Password Key password 2 6 3 4 then press Enter Supervisor Menu Change Password Application File Security Sys Parameters Press VW V V Enter to select Sys Parameters Sys Parameters Download Method Download Port Setup Port Press V V Enter to select Setup Port Setup Port Press V V Enter to select Port3 the E NET Port1
12. automatically update the software Note For stores that operate 24 hours the process involves going to one unused register at a time until every cash register and every Ingenico 6500 terminal is upgraded Ask store management for cashier assistance to prevent interruption of store operations and facilitate awareness of progress While the download is in process at a terminal it cannot be used to process transactions Feedback Depending on your cash register configuration the i6500 terminal may not be used if PROGxxxx PARMxxxx is displayed during download If no message is displayed in the cashier display debit and credit transactions cannot be processed It is critical to execute a systematic incremental procedure in order to ensure consistency of download on all units in store For assistance in the preparation to implement a multiple unit simultaneous download procedure please contact your Ingenico Project Manager If a power outage or glitch occurs during the download or if you disconnect the Ingenico 6500 terminal during the download the terminal will cease to function If the disruption occurred during the upgrade of the System amp Security Application the terminal will need to be sent to an authorized repair facility for recovery contact your project manager Monitor both the store controller and Ingenico 6500 terminal during the download process 110 Chapter 11 IBMEFT Download Section 11 4 Outline of Download
13. download port setup the port and configure the host port s auto detect feature Chapter 7 Diagnostic Menu explains how to perform diagnostic tests on the display keypad beeper communications MSR smart card reader SAMs touch screen and signature capture Chapter 8 Architecture explains the system architecture host communications and terminal architecture It explains the components inside the terminal that are referred to in subsequent chapters Chapter 9 Key Architecture explains the sponsor key KTK terminal based keys application based keys and security options such as MACing Chapter 10 Secure Certificate explains the securing process and the components of the secure certificate Chapter 1 Introduction Section 1 3 Connectivity 1 6 2 1 6 4 Chapter 11 BMEFT Download explains the prerequisites preparation timing and steps involved with the IBMEFT method of downloading Chapter 12 Download Errors explains how to resolve errors that might be encountered during an IBMEFT download Conventions Used in this Manual The following table explains the conventions used in this manual Convention Use Example Brackets Highlights a key to press on the terminal 1 Bold Highlights text that displays on the computer screen My Computer Code Highlights coding used in descriptors MAC 12345678 Italic Highlights book titles important terms variables appliname Kits The following
14. keys simultaneously Extended Menu Serialnum Inject System Config System Info Supervisor Menu Press V V V Enter to select Supervisor Menu Enter Password Key password 2 6 3 4 then press Enter Supervisor Menu Change Password Application File Security Sys Parameters Press W V V Enter to select Sys Parameters Sys Parameters Download Method Download Port Setup Port Press W Enter to select Setup Port Setup Port Press W V Enter to select Port3 the E NET Port1 port Ethernet Port2 Port3 Press V ten times then press Enter to select Interface Type Gateway Baud Rate Data Bits Stop Bits Parity DHCP Local IP Local IP Port Server IP Server IP Port IP Add Mask Gateway Enter the address of the gateway XXX XXX XXX XXX Updating Ingenico 6500 User s Guide 53 64 18 Setting the Primary DNS Display Action To access the extended menu restart the terminal by pressing 1 CAN OK while the terminal is starting up access the extended menu by pressing the 1 and 3 keys simultaneously Extended Menu Press V V V Enter to select Supervisor Serialnum Inject Menu System Config System Info Enter Password Key password 2 6 3 4 then press Enter Supervisor Menu Press W V V Enter to select Sys Change Password Parameters Application File Se
15. then press Enter Enter New Password Enter new password then press Enter New Password Again Enter new password again to confirm then press Enter Password Updated s4 Application File in Terminal 54 1 Reading the Application File Display Action To access the extended menu restart the terminal by pressing 1 CAN OK while the terminal is starting up access the extended menu by pressing the 1 and 3 keys simultaneously Extended Menu Serialnum Inject System Config System Info Supervisor Menu Enter Password Key password 2 6 3 4 then press Enter Supervisor Menu Change Password Application File Press W V V Enter to select Supervisor Menu Press VW Enter to select Application File Security Select Appl Select the application you want to check App A App B App C Select File Select the file sysPara cfg Ingenico 6500 User s Guide File Menu Erase Press Enter to select Read sysPara cfg Read SOF 010000000000 The contents of the file display To scroll down to the next screen press W When you are finished reading it press Can to return to the previous menu 54 2 Erasing the Application File Display Action To access the extended menu restart the terminal by pressing 1 CAN OK while the terminal is starting up access th
16. Beeper This feature tests the beeper by sounding and displaying each possible beep type BIEN Action To access the extended menu restart the terminal by pressing 1 CAN OK while the terminal is starting up access the extended menu by pressing the 1 and 3 keys simultaneously Extended Menu Serialnum Inject System Config System Info Supervisor Menu Diagnostic Menu Display Keypad Beeper n Press W Enter to select Diagnostic Menu Press W Enter to select Beeper Chapter 7 Diagnostic Menu Section 7 3 Testing the Keypad Beeper The terminal displays and sounds each possible Length of beep beep type Click Short Long Frequency of beep Low Midtone High 7s Testing the RS232 Connection This feature tests the RS232 connection Display Action To access the extended menu restart the terminal by pressing 1 CAN OK while the terminal is starting up access the extended menu by pressing the 1 and 3 keys simultaneously Extended Menu Serialnum Inject System Config System Info Supervisor Menu Diagnostic Menu Press V Enter to select Diagnostic Menu Diagnostic Menu Press V Enter to select RS232 Display Keypad Beeper RS232 RS232 Select the communications port to test COM1 COM2 RS232 The results of the test display Host 19200 None 8 Press Can to exit Test Ingenico 6500 User s Guide T
17. Controller ECR Ingenico 6500 ECR ECR ECR Ingenico Ingenico Ingenico 6500 6500 6500 Figure 1 Single Unit Architecture Figure 2 Multiple Unit Architecture 86 Chapter 8 Architecture Section 8 1 Overview 8 3 8 4 Host Connections The point of sale POS system which can be comprised of the server store controller and host devices communicates with the Ingenico 6500 terminal through an RS 232 or RS 485 serial interface Ethernet LAN or USB depending on the requirements of the host device typically a computer or ECR Data is sent using one of these interfaces over a cable that connects the host device to the Ingenico 6500 terminal The Ingenico 6500 terminal can connect directly to a cash register computer Ethernet LAN or RS485 LAN Peripherals such as check readers and printers can be connected to the AUX port Depending on your configuration there are two to four communication ports The HOST port which connects to POS terminals can connect to the following protocols RS232 USB PoweredUSB RS485 IVI LAN protocol or RS485 Tailgate protocol North America only The AUX port is RS232 for connecting an auxiliary device such as a printer or check reader The E NET port Ethernet 10 base T TCP IP is available on certain configurations The ITI port is for ISDN and is available in Germany Note For instructions on making these connections refer to the Ingenico 6500 Installation Guide Terminal Architecture M
18. If not sign off the register and then sign on again 118 Chapter 13 IBM EFT Troubleshooting Section 13 3 EFT Device Not Available During Check Authorization
19. Initial Release Introduction 11 Payment Types The Ingenico 6500 customer activated terminal supports payment information processing and authorization at the point of sale POS in your business With the appropriate application software the Ingenico 6500 terminal supports the following payment types Credit Debit ATM Smart Card Electronic Benefits Transfer EBT The Ingenico 6500 is also a utility platform for electronic marketing such as advertising and loyalty programs In addition to payment the terminal can be used for the following Customer graphics display Item scrolling Loyalty programs Advertising Instant credit Personal messaging Cross selling Electronic couponing The Ingenico 6550 terminal can capture an electronic image of a customer s signature for credit transactions and transmit it to a host system i e cash register or computer 12 Two Terminal Models There are two models in the Ingenico 6500 product range Ingenico 6510 has four screen addressable keys ngenico 6550 has a touch screen that supports finger and stylus input and signature capture Ingenico 6510 Ingenico 6550 Ingenico 6500 User s Guide 1 The term Ingenico 6500 terminal will be used to refer to both the Ingenico 6510 and 6550 Connectivity The Ingenico 6500 terminal can connect directly to a cash register computer Ethernet LAN or RS485 LAN Peripherals such as
20. Interface Type Use this procedure to select RS232 RS85 Ethernet etc as the interface type Display Action To access the extended menu restart the terminal by pressing 1 CAN OK while the terminal is starting up access the extended menu by pressing the 1 and 3 keys simultaneously Extended Menu Press v V V Enter to select Supervisor Serialnum Inject Menu System Config System Info Enter Password Key password 2 6 3 4 then press Enter Supervisor Menu Press v V V Enter to select Sys Change Password Parameters Application File Security Sys Parameters Sys Parameters Press V V Enter to select Setup Port Download Method Download Port Setup Port Download Port Select the appropriate download port 1 for Host 2 for Aux or 3 for E NET Port2 Port3 PortX Press Enter to select Interface Type Baud Rate Data Bits PortX Select the communications method you want If Auto Detect you select Auto Detect the port will automatically RS232 detect the communications type of a cable plugged into the Host port RS485 Tailgate USB Ethernet Dial Ingenico 6500 User s Guide 64 2 Setting the Baud Rate Display Action To access the extended menu restart the terminal by pressing 1 CAN OK while the terminal is starting up access the extended menu by pressing the 1 and 3 keys simulta
21. Java for retail point of sale 166 UNICAPT 32 Software Development Kit This kit allows a programmer to develop a custom application for the Ingenico 6500 terminal using Ingenico s operating system UNICAPT 32 4 Chapter 1 Introduction Section 1 6 Kits Extended Menu Overview 2 1 2 2 2 3 Overview The extended menu allows you to configure the terminal get system information check the file system do key injection get key check value set system parameters for downloading and test the product hardware This chapter explains how to navigate the extended menu and includes a chart of menu options Subsequent chapters explain how to perform functions in the extended menu Accessing the Extended Menu To access the extended menu restart the terminal by pressing 1 CAN OK while the terminal is starting up access the extended menu by pressing 1 and 3 simultaneously Navigating the Extended Menu On Ingenico 6510 four lines of text can display at a time On the Ingenico 6550 ten lines of text display The current menu name displays on the first line and the menu options appear on subsequent lines The following table lists the keys used to scroll through and select the menu options Note Screen touch and screen addressable keys cannot be used to navigate the extended menu Std Key USA Key Action Y Scroll down one item M Scroll up one item Enter Enter Initiate selected
22. Press V Enter to select Diagnostic Menu Display Keypad Beeper RS232 Tailgate USB Mag Stripe Reader Smart Card Reader Card Reader Smart Card Reader Insert a smart card Insert Card Now Smart Card Reader The terminal displays the results of the smart card SynchXXX card test Smart Card Reader Remove the card Please remove the card Ingenico 6500 User s Guide 71 Testing the SAMs This feature tests communication between the SAM slots and the SAM micro controller SMC Display Action To access the extended menu restart the terminal by pressing 1 CAN OK while the terminal is starting up access the extended menu by pressing the 1 and 3 keys simultaneously Extended Menu Serialnum Inject System Config System Info Supervisor Menu Diagnostic Menu Diagnostic Menu Press W Enter to select SAM Press V Enter to select Diagnostic Menu Display Keypad Beeper RS232 Tailgate USB Mag Stripe Reader Smart Card Reader SAM SAM Found SAM Slot Found SAM Slot2 Found SAM Slots3 Found SAM Slot4 SAM Check Slot2 ATR Read data from Slot2 Result ATR means answer to reset SAM Power off all slots SMC stands for SAM micro controller Close all smc slots 80 Chapter 7 Diagnostic Menu Section 7 10 Testing the SAMs 7 11 Testing the Touch Screen This feature displays a grid When you touch anywhere on the screen a box on t
23. Section 3 3 Changing the Display Contrast System Config System Date Time Display Contrast Key Press Beep Press V V Enter to select Key Press Beep Beep Tone Status Enable To turn on key press beeps press Enter to select Enable Disable To turn off key press beeps press W Enter to select Disable Key Beep Press Can Length To change the beep length or tone see the Tone following tables Note Prompt displays if you selected Enable Changing the Beep Length This option allows you to change how long the beep sounds on key press To hear what each beep sounds like see Diagnostic Menu gt Testing the Beeper described on page 56 Display Action To access the extended menu restart the terminal by pressing 1 CAN OK while the terminal is starting up access the extended menu by pressing the 1 and 3 keys simultaneously Extended Menu Serialnum Inject System Info Supervisor Menu System Config Change Date Time Display Contrast Key Press Beep Press V Enter to select System Config Press V V Enter to select Key Press Beep Beep Tone Status Press Enter to select Enable Disable Key Beep Press Enter to select Length Length Tone Beep Length Short Long Select the option you want Ingenico 6500 User s Guide 13 3 4 3 Beep Length Click Short Long Press Can to return to the pre
24. Text Key CEFMk Entry of all applications will be authenticated using this key if Prompts Authentication Key security option is set to terminal based 0 Application 3 8 16 This key is the variant of KTK It will be used to Download verify the MAC value of the fingerprint of the Authorization Key code being downloaded into the device Code CDMk MACing always uses the Application Download Authorization Key Ingenico 6500 User s Guide 93 Application Based Keys 9 4 941 Special Keys Special keys are loaded encrypted under the KTK The SSA will have a key structure matrix indexed by application ID These keys can be both single length DES keys and double length triple DES keys These two Application Special Keys are only used if the Prompts Authentication Key security option is set to 1 application based see section 9 5 1 on page 96 If Prompt MACing is also enabled the Secure Text and Clear Text prompts will be verified with these two keys If the Prompts Authentication Key is set to 0 terminal based the terminal based keys are used instead see section 9 3 on page 93 Key Name Index Length Description of Key Secure Text Entry 1 8 16 This key is loaded encrypted under the KTK Form Authorization All prompts and or screens used for Secure Key Text Entry of the application will be authenticated using this key if the Prompts Authentication Key security option is set to
25. Time Display Contrast Key Press Beep Backlight On Off Backlight Always On Always Off Idle Timeout Press V Enter to select System Config Select Always On or Always Off System Configuration Updating Backlight The current value displays in reverse video Always On Press Can to return to the previous menu Always Off Idle Timeout Setting Backlight to Off When Idle When the terminal is not in use this option allows you to set an amount of time after which the backlight automatically turns off When a customer or process engages the terminal the backlight is turned back on Display Action To access the extended menu restart the terminal by pressing 1 CAN OK while the terminal is starting up access the extended menu by pressing the 1 and 3 keys simultaneously Extended Menu Serialnum Inject System Config System Info Press V Enter to select System Config Ingenico 6500 User s Guide 15 System Config Change Date Time Display Contrast Key Press Beep Backlight Press V V V Enter to select Backlight Backlight Always On Always Off Idle Timeout Press V V Enter to select Idle Timeout Idle Timeout s Old Value 0 Enter New Value Enter the new timeout value System Configuration Updating Backlight Always On Always Off Idle Timeout Press Can to return to the previo
26. Values Description 0 Prompts authentication key is terminal based If Prompt MACing is also enabled the form s prompt display will be authenticated by the terminal based clear text key and security text key Default 1 Prompts authentication key is application based The form s prompt display is authenticated by an application based clear text key or a security text key Change Terminal ID Option This option controls the financial keys existence once the terminal ID is re loaded Possible Values Description 0 Changing Terminal ID will not erase all keys Default Once the terminal ID is re injected through the key injection process the existing keys will be retained 1 Changing Terminal ID will erase the keys Once the terminal ID is re injected all of the financial keys including Master Session and DUKPT keys will be erased Prompt MACing Prompt MACing controls how a data entry form s display prompts are shown Possible Status Description Values Disabled Prompts are not authenticated before being displayed the screen Default Enabled Prompts are authenticated and then displayed on the screen 96 Chapter 9 Key Architecture Section 9 5 Security Options 9 5 4 9 5 5 Prompt MACing uses a key that depends on how the form prompt authentication option is set If set to Terminal based Prompt MACing will use terminal based clear text key if the form is set to cle
27. and corresponding solutions 1221 There may be a loose connection between the host and the Ingenico 6500 Ensure the cables are securely connected 122 2 The communications port settings and EFT NCR protocol setting in the Ingenico 6500 may be wrong The following procedure explains how to compare the configuration that you have in your IBMEFTDL file to make sure that it is the same as the default setup configuration in your Ingenico 6500 terminal for details see 12 3 Default Setup Configuration on page 98 1 To find the communication port settings in your IBMEFTDL file open the download batch file search for the keyword ibmeftdl and find the following parameters b the number following this parameter is the required RS232 baud rate d the number following this parameter is the required RS232 data bits t the character following this parameter is the required RS232 parity setting An n means none parity e means even o means odd parity 2 Write these parameters down 3 Next go the Ingenico 6500 terminal to read the current settings to see if they are the same Restart the terminal by pressing 1 OK CAN while it is restarting access the Extended Menu by pressing 1 and 3 simultaneously 4 Select System Info and then select View Parameter The screen displays the current download configuration for the port the terminal has configured to do the download the baud rate data bits stop bits
28. and parity of that port 5 Compare these settings to the IBMEFTDL parameters that you wrote down in step 2 they should be the same If not change them using the following steps 6 From the Communications menu press Can twice to return to the Supervisor Menu Enter the password select System Parameters and then select Download Method Select IBMEFT or NCREFT 7 Press Can to return to the System Parameters menu and then select Download Port Select the correct download port and correct communication type 114 Chapter 12 Download Errors Section 12 2 Received 3 NAKs or Timeout in sendVISAPacket 12 3 12 4 12 5 12 6 8 Press Can to return to the System Parameters menu and then select Setup Port Select the port to setup and select the correct baud rate data bits stop bits and parity 9 After all the settings are updated the terminal will update the system parameter setting when you exit the extended menu the terminal will reset Default Setup Configuration IBMEFT NCR protocol selection IBMEFT Download Port Number Com1 Download Port Type RS232 RS232 baud rate 19200 RS232 data bits 8 RS232 parity No parity RS232 stop bits 1 Error Bad Prog The flash memory in the terminal may not match the flash memory requirement of EFTL file Contact your account manager to arrange to have the terminal sent in for repair Device already loaded with program x and parameter y This e
29. application based 1 Clear Text Entry 2 8 16 This key is loaded encrypted under the KTK Form Authorization All prompts and or screens used for Clear Text Key Entry of the application will be authenticated using this key if the Prompts Authentication Key security option is set to application based 1 942 Master Keys Master keys are loaded encrypted under the KTK or current Master Key For application based financial keys the SSA will have a key structure matrix indexed by application ID The device can accommodate up to ten master keys per application or 64 master keys per terminal Each key is independent and used to transport the corresponding working session key Available indexes for master keys are 0 9 per application or 0 63 per terminal These keys can be both single length DES keys and double length triple DES keys The device supports four types of master keys Key Name Description of Key Master Terminal This key is used to encrypt the Working session Terminal PIN PIN Key MTPk Key WTPK Master Message This key is used to encrypt the Working session Message Authentication Authentication Code Key WMACK Code Key MMACKk Master This key is used to encrypt the Working session Communication Communication Key WCK 94 Chapter 9 Key Architecture Section 9 4 Application Based Keys 9 4 3 9 4 4 9 5 Key MCK Master Atalla Key This key is used to XOR a value for PIN entry MAC or encrypt decrypt
30. choose to delete the keys using this menu option Display Action To access the extended menu restart the terminal by pressing 1 CAN OK while the terminal is starting up access the extended menu by pressing the 1 and 3 keys simultaneously Extended Menu Press v V V Enter to select Supervisor Serialnum Inject Menu System Config System Info Supervisor Menu Enter Password Key password 2 6 3 4 then press Enter Supervisor Menu Press VJ V Enter to select Security Change Password Application File Security Key Injection Key Check Value Serialnum Inject Erase App Keys Press V V Enter to select Erase App Keys Select the application with the keys you want to App A delete App B Erase App Keys Select Yes or No No Yes Processing Displays if app keys were deleted You are returned to the previous menu Ingenico 6500 User s Guide 33 558 Injecting a Serial Number Authorized repair technicians perform this procedure when replacing a damaged terminal Display Action To access the extended menu restart the terminal by pressing 1 CAN OK while the terminal is starting up access the extended menu by pressing the 1 and 3 keys simultaneously Extended Menu Press W V V Enter to select Supervisor Serialnum Inject Menu System Config System Info Supervisor Menu Enter Password Key pas
31. clear text entry with a prompt that contains words such as PIN NIP etc if the MACing option is off Retrieve pixel coordinates of individual screen touches which could be used to create a false PIN pad Request more than 30 PIN encryptions within 15 seconds when using MASTER PIN KEY Maintenance Application The maintenance application is in charge of system components and secure application download It is an extension of the SSA and the SSA invokes it It executes before other user applications in order to check version numbers and download new software if needed The maintenance application communicates with the user application through the peripheral application manager PAM The maintenance application has a downloader that communicates with the host in the specified download protocol to receive data and send responses Each download protocol has its own download application The maintenance application sends the code files and application data files it receives to the data file system DFS first At the end of download it releases the COM port and then requests an offline download from the SSA The SSA maintenance module performs a security call back to decrypt unzip and authenticate the code before it writes the code file to the code file system CFS Also it takes the data files from DFS goes through the call back function to authenticate it and puts them in the right place within the DFS The download port sel
32. download fails Note The first line of the file must end with a carriage return and line feed The second line is considered to begin at the first character immediately after the first carriage return and line feed characters of the file 105 3 Application Descriptor Section The application descriptor section is an area of the secure certificate file that contains information pertaining to the application code files The section identifier Appl lt cr gt lt f gt marks the beginning of the application descriptor section within the file The section ends before the start of the next section identifier i e encountered by lt cr gt lt f gt or the end of the file There must be at least one application descriptor otherwise the secure validation process fails Only the first application descriptor is accepted and parsed within the application section The application descriptor is in the format MAC 12345678 applname dstfilename ext authmethod encrypt srcfilename ext The first field of the application descriptor is the MAC for the application MAC is a text string identifying that the pre calculated fingerprint follows 12345678 is the Hex ASCII representation of the most significant 4 bytes of the MAC applied by the securing utility prior to download appliname represents the application name of the application binary being loaded For instance CA2100_IBMEF dstfilename ext represents the code file name of the application bin
33. eee ate iy Love das Sav aea eieaa 97 9 5 5 Double Length Key MAC Calculation 0 cctccccccccseceeeeteeeeetnneeeeetnieeeeetenneeeereas 97 9 5 6 Atalla Key Block Protection Option 2 cccccceeceeceeeeeteceeenseaeeeteceeetsenieaeeeteentess 98 9 5 7 Terminal Startup Verify MAC OptiOn 2 cccccccceceseeeeeeeeeeeteeseeaeeeeeeeeenteesesanes 98 9 5 8 Visa PED M de Option nasien eaae eaaa EEEa a Ee Aer AEDA 98 9 5 9 Financial Key OPON niorse aaa eet rOin aAa 99 Chapter 10 Secure Certificate cccsscesseseeseseeeeeneneees 100 10 1 OVEIVIOW empan a a tia a a Rah ese 100 10 2 Secure Certificate sed crcuseiscctitaseciusnditaandaavecdadadevdeascdeaseatsebudeastadetearenies 100 is Securing PROCS S ii stead Steed e a aR 100 i Secure Gertificate menengan n a e 101 105 Secure Certificate Descriptor Sections ccccceeeceeceeeeeeeeeeeeeeeeeees 102 10 5 1 Secure Certificate MAC Descriptor SCCtION c cccccccceseseeceeeeeteenentnsanenteess 102 10 5 2 Visa PED Mode Descriptor Section 2 cccccccceceeeeteceeeeeettetnenieaneeseeetteteess 103 10 5 3 Application Descriptor S CtION 2 cccccccceeeeteeneceteceteceeneeaeeeeseeeseteeninaneneeens 104 10 5 4 Secure File Descriptor Section ccccccccceeeeeecececeeetecnennececeeteeesetsenesaneeenens 105 10 5 5 Non Secure File Descriptor S CtION 1 ccccccccceeetcceceeeeetecneaeeeseceeenteenenaeess 107 10 5 6
34. kits are available from your Ingenico representative including integration and development kits used to write custom applications to run on the Ingenico 6500 terminal Basic Installation Kit The Basic Installation Kit consists of an Ingenico 6500 terminal and an Ingenico 6500 to ECR cable Refer to the Ingenico 6500 Installation and Operations Guide for detailed instructions on installing the unit Store Installation Kit The store installation kit consists of the contents of the Basic Installation Kit a CD ROM containing the Ingenico 6500 Retail Base Application program and parameter files and a copy of the MLDT utility program Retail Base Application Integration Kit The Retail Base Application Integration Kit consists of the Store Installation Kit an adapter kit and all necessary manuals This allows for the connection of the Ingenico 6500 to an IBM PC for downloading a program or parameters using MLDT OPOS Software Development Kit This kit contains the programs files and manuals needed to allow a programmer to write a custom application for a register or host that interfaces with the Ingenico 6500 using OPOS object linking and embedding for retail point of sale Ingenico 6500 User s Guide 165 JavaPOS Software Development Kit This kit contains the programs files and manuals needed to allow a programmer to develop a custom application for a register or host that interfaces with the Ingenico 6500 using JavaPOS
35. port Ethernet Port2 Ports Press V seven times then press Enter to select Interface Type DHCP Baud Rate Data Bits Stop Bits Parity Retry Count Response TMO DHCP Select None or Auto and then press Enter None Auto Updating Ingenico 6500 User s Guide 47 64 12 Defining the Local IP Address Display Action To access the extended menu restart the terminal by pressing 1 CAN OK while the terminal is starting up access the extended menu by pressing the 1 and 3 keys simultaneously Extended Menu Press V V V Enter to select Supervisor Serialnum Inject Menu System Config System Info Enter Password Key password 2 6 3 4 then press Enter Supervisor Menu Press W V V Enter to select Sys Change Password Parameters Application File Security Sys Parameters Sys Parameters Press V V Enter to select Setup Port Download Method Download Port Setup Port Setup Port Press V V Enter to select Port3 the E NET Port1 port Ethernet Port2 Ports Press VW five times then press Enter to select Interface Type Local IP Baud Rate Data Bits Stop Bits Parity DHCP Local IP Local IP Enter the local IP address 123 456 789 012 48 Chapter 6 System Parameters Menu Section 6 4 Setting Up the Port 64 13 Setting the Local IP Port Number Display Action To access the extended menu restart the terminal by pressing 1 CAN
36. s Guide 71 ID Parameter Name Description Value Data 11 COM_BAUD_ 38400 12 COM_BAUD_ 57600 13 COM_BAUD_ 76800 14 COM_BAUD_ 115200 10 RESERVED Reserved for modem N A 2 settings 10 9 11 PAR_APPL_COMMENT Application comment maximum length of 16 bytes char 0 17 11 RESERVED Reserved parameters N A 1 12 6 12 PAR_VER_REV_INFO Version Revision Maximum length of 16 ASCII bytes Char 7 information for system the formatis byte 1byte 14byte 17 parameter file V R Comments 72 Chapter 6 System Parameters Menu Section 6 6 Editing Parameters Diagnostic Menu 71 Overview This chapter describes the diagnostic tests that the customer can perform on the Ingenico 6500 The diagnostic tests allow you to isolate failures in field installed Ingenico 6500 units These tests are part of the operating system and are not changed by applications The diagnostics are menu driven with features that allow a logical progression through the tests Once a test is selected a test or a series of tests will be performed on the selected entity The result of the test will be displayed to facilitate diagnosis of the malfunctioning parts 72 Testing the Display Contrast To change the display contrast see Changing the Display Contrast on page 12 To test the display contrast follow this procedure This test tests all pixels to see if they are working Display Action To access the extended me
37. 000 2 58 PAR_COM2_TURNAROUN COM2 turn around 4 bytes number gt 0 10ms a unit Uint3 D_TIMEOUT timeout default 300 2 59 PAR_COM2_INTERFACE_T COM2 connection PORT_RS232 uint8 YPE interface type 1 RS232 PORT_RS485 2 RS485 PORT_TAILGATE 3 Tailgate PORT_USB 4 USB PORT_ETHERNET 5 Ethernet PORT_ATMODEM 6 Dial PORT_3201 7 3201 60 RESERVED COM2 setting reserved N A 6 9 Ingenico 6500 User s Guide 69 ID Parameter Name Description Value Data 70 PAR_COM3_BAUD_RATE COMS baud rate setting 1 COM_BAUD_50 Uint8 2 COM_BAUD_75 3 COM_BAUD_ 150 4 COM_BAUD_300 5 COM_BAUD_600 6 COM_BAUD_1200 7 COM_BAUD_ 2400 8 COM_BAUD_ 4800 9 COM_BAUD_9600 10 COM_BAUD_19200 11 COM_BAUD_ 38400 12 COM_BAUD_57600 13 COM_BAUD_76800 14 COM_BAUD_ 115200 71 PAR_COM3_DATA_BITS COM3 data bits setting 1 COM_DATASIZE_5 Uint8 2 COM_DATASIZE_6 3 COM_DATASIZE_7 4 COM_DATASIZE_8 72 PAR_COM3_STOP_BITS COMS stop bits setting 1 COM_STOP_1 Uint8 2 COM_STOP_2 73 PAR_COM3_PARITY COMS3 parity setting 1 COM_PARITY_NONE Uint8 2 COM_PARITY_ODD 3 COM_PARITY_EVEN 74 PAR_ETH_DHCP Ethernet DHCP setting 0 NONE Uint8 1 AUTO 75 PAR_ETH_LOCAL_IP_ADD Ethernet local IP address 4 bytes contain the IP address Uint8 setting 4 76 PAR_ETH_LOCAL_IP_POR Ethernet local IP port 2 bytes number Uint1 T 6 77 PAR_ETH_REMOTE_IP_AD Et
38. 0252 0103 revision 1 03 The secure certificate file is a descriptor of all of the software components that are necessary to make up one or more applications that are going to be downloaded to the Secure PIN Entry Device such as the i6500 Terms used in this chapter are explained in Terminal Architecture on page 69 12 Secure Certificate If the secure Code MACing option is enabled the downloaded application must provide what is called a secure certificate file certific txt This file contains security information for every file and application to be downloaded It can also indicate which application code file or data file needs to be deleted This certificate is mandatory if Code MACing is enabled During the terminal download process if the downloaded certificate file is valid and the download is successful SSA will replace the previous copy if it exists with the new copy The secure certificate file will also be used each time the terminal starts up to authenticate the MAC of the user application s CFS and DFS if the security option Terminal Startup Verify MAC Option is enabled The following section describes how the securing process uses the secure certificate and gives practical considerations for application developers w3 Securing Process The securing process can be used during the validation of the application code files and application data files The secure certificate will be downloaded into the dat
39. 4 Chapter 6 System Parameters Menu ccccceeeeseeeeeeeee 35 6 1 COVEN VIG W acdsee ish View EEE need deen E Se deata at AAEE 35 6 2 Setting the Download Method cccccccccceceeeeeeeeeeeeeeeteeeeeeeeeeneeeeeeeneeeeeees 35 6 3 Selecting the Download Pot 2 lt cccccceccdeceteeneeeeteendeeeteeneeeeteendeenteeneeenteene 36 6 4 Setting Up the Port aco rec oes nce sete cetee ceca ces net aetna atenca recente tater ee aaaea EAE 37 6 4 1 Selecting the Download Interface Type cccccceccecesseeeceenteeeseenieeeeeetneeeeseaaes 37 6 4 2 Setting the Baud Rate e rsss irii ad Eia 38 6 4 3 Setting the Data Bits esiaine irai T EE EAE TE TEE RAAE 39 6 4 4 Setting the Stop BiS cccccccceduicc cies ctiie evades ectvneee ii een Tainaa RETE ATENEA E 40 6 4 5 Setting tha Parity ies eatin ri ia i TE E EK aa RETE EEE AT 41 6 4 6 Defining the LAN ACCIreSS 00 ccccccccecsteeeeeteteeeetnneeeeetiaeeeeetaeeeeetieeeentneeeenta 42 6 4 7 Setting the Retry COUNt sirsie eiieeii ri ia E NEE EE N E 43 6 4 8 Setting the RESPONSE TIMCOUL cece tee ceeenneeeeeeneeeeeeaeeeseeaeeeeseeaeeeeeeaaes 44 6 4 9 setting the Poll Timeout 2 05 cain ieee i a 45 6 4 10 Setting the Turnaround TIMCOUE ieissar i arran it 46 6 4 11 Defining the DHCP ARdrOS S cne aose ie eai e aaa oa 47 6 4 12 Defining the Local IP ACOTe SS ccccscececieteeecetnneeeeeetnneeeeetnaeeeeetnaeeeeetneeeeenta 48 6 4 13 Setting the Local IP Port NUIMDED cccccccsescceceettee
40. 85 PORT_TAILGATE 3 Tailgate PORT_USB 4 USB PORT_ETHERNET 5 Ethernet PORT_ATMODEM 6 Dial PORT_3201 7 3201 Data uint8 30 4 RESERVED COM1 setting reserved N A 50 PAR_COM2_BAUD_RATE COM2 baud rate setting 1 COM_BAUD_50 2 COM_BAUD_75 3 COM_BAUD_150 4 COM_BAUD_ 300 5 COM_BAUD_600 6 COM_BAUD_ 1200 7 COM_BAUD_ 2400 8 COM_BAUD_4800 9 COM_BAUD_ 9600 10 COM_BAUD_ 19200 11 COM_BAUD_ 38400 12 COM_BAUD_57600 13 COM_BAUD_76800 14 COM_BAUD_ 115200 Uint8 51 PAR_COM2_DATA BITS COM2 data bits setting 1 COM_DATASIZE_5 2 COM_DATASIZE_6 3 COM_DATASIZE_7 4 COM_DATASIZE_8 Uint8 52 PAR_COM2_STOP_BITS COM2 stop bits setting 1 COM_STOP_1 2 COM_STOP_2 Uint8 68 Chapter 6 System Parameters Menu Section 6 6 Editing Parameters ID Parameter Name Description Value Data 53 PAR_COM2_PARITY COM2 parity setting 1 COM_PARITY_NONE Uint8 2 COM_PARITY_ODD 3 COM_PARITY_EVEN 54 PAR_COM2_LAN_ADDRES COM2 LAN address 1 byte number default 0x65 Uint8 S setting 55 PAR_COM2_RETRY_COUN COM2 failure retry count 1 10 default 3 times Uint8 T 56 PAR_COM2_RESP_TIMEO COM2 response timeout 4 bytes number gt 0 10ms a unit Uint3 UT default 1000 2 57 PAR_COM2_POLL_TIMEO COM2 poll timeout 4 bytes number gt 0 10ms a unit Uint3 UT default 3
41. Change Password Parameters Application File Security Sys Parameters Sys Parameters Press V VJ V Enter to select Auto Detect Download Method Download Port Setup Port Auto Detect Auto Detect Press V V Enter to select AD Retry Times AD On Off AD Timeout AD Retry Times AD Retry Times The current value displays Enter the number of Old Value XXXXX times to retry the auto detection of the Host port Enter New Value from 0 to 10 Ingenico 6500 User s Guide 61 Editing Parameters 6 6 This option allows you to edit NAR SSA parameters Display Action To access the extended menu restart the terminal by pressing 1 CAN OK while the terminal is starting up access the extended menu by pressing the 1 and 3 keys simultaneously Extended Menu Press W V V Enter to select Supervisor Serialnum Inject Menu System Config System Info Enter Password Key password 2 6 3 4 then press Enter Supervisor Menu Press W V WJ Enter to select Sys Change Password Parameters Application File Security Sys Parameters Sys Parameters Press V four times and then press Enter to Download Method select Parameter Editor Download Port Setup Port Auto Detect Parameter Editor Parameter ID Enter the parameter ID maximum three digits Updating The following table lists the parameter ID numbers descriptions and values This tabl
42. Delete Application Code File Descriptor Section 2 1 ccsecceceeeeeteenentneneees 108 10 5 7 Delete Data File Descriptor SCCtON 11 1 cccccccccceeeeteececeeetecneneeeseeeeeeteeneasees 108 10 5 8 Delete Whole Application Descriptor Section 1 1 cccccccceesseeteeeeetetnentsteees 108 Chapter 11 IBMEFT Download ccccsssseeeeseeeeeeeeeeeeees 109 11 1 PRONG o EE E E dest Grats aie E A EE AE ES E AE EE EE 109 4424 APreparaiO Ni a aa a aa aeaa a aan a naaa inan 109 11 3 Timing 109 114 Outline of Download Process Steps cccceeeeeeeeeeeeeeeeeeeeeeeeeeeeees 110 11 4 1 FOCODaCK CAEI Staitensieel Saga aie a eden es E Lata mile ad ede UM ate Ie 110 Chapter 12 Download E rrors ccccccssseeesesseeeeseeeeeeseeeeeees 113 12 1 Error Opening POM reece Pare aecune dese oee ue tuct oss Coaetebe cede eduavenkcetevereteies 113 12 1 1 The communications port that IBMEFTDL is using is already being used by an ther applicatioN ee 113 12 1 2 The communications port is NOt WOIKING ccccccsssecceeeeeeeeteetenteeneeeeenteeseens 113 12 1 3 The hardware settings in the Ingenico 6500 have been changed 0 113 12 2 Received 3 NAKs or Timeout in sendVISAPacket eeee 114 12 2 1 There may be a loose connection between the host and the Ingenico 6500 114 12 2 2 The communications port settings and EFT NCR protocol setting in the Ingenico 6500 May be WONG cececeeeeeceeeeee
43. Extended Menu Press W Enter to select Diagnostic Menu Serialnum Inject System Config System Info Supervisor Menu Diagnostic Menu Diagnostic Menu Press W Enter to select Signature Capture Display Keypad Beeper RS232 Tailgate USB Mag Stripe Reader Smart Card Reader SAM Touch Screen Signature Capture O N This feature displays a signature capture screen a so you can test how a signature inks and displays on the screen When finished tap OK 82 Chapter 7 Diagnostic Menu Section 7 12 Testing Signature Capture Testing Pen Calibration If your terminal is not correctly interpreting pen touches use this test to adjust the pen calibration This test is for the i6550 only Display Action To access the extended menu restart the terminal by pressing 1 CAN OK while the terminal is starting up access the extended menu by pressing the 1 and 3 keys simultaneously Extended Menu Press W Enter to select Diagnostic Menu Serialnum Inject System Config System Info Supervisor Menu Diagnostic Menu Display Keypad Beeper RS232 Tailgate USB Mag Stripe Reader Smart Card Reader SAM Touch Screen Press W Enter to select Pen Calibration Signature Capture Pen Calibration Calibration Please remove hands objects from around the display Calibration will start in 3 seconds Using the stylus tap the four box grid The box moves around to the nex
44. HCP Local IP Local IP Port Server IP Server IP Port IP Add Mask Gateway Primary DNS Secondary DNS Press V twelve times then press Enter to select Secondary DNS Secondary DNS XXX XXX XXX XXX Enter the address of the secondary DNS Ingenico 6500 User s Guide 55 Updating 64 20 Setting the Domain Name This option is reserved for future use 6 4 21 Setting Up the Phone Number to Dial If you are using the I T 1 port you can define a phone number for this port to dial Display Action To access the extended menu restart the terminal by pressing 1 CAN OK while the terminal is starting up access the extended menu by pressing the 1 and 3 keys simultaneously Extended Menu Press W V V Enter to select Supervisor Serialnum Inject System Config System Info Enter Password Key password 2 6 3 4 then press Enter Supervisor Menu Press W V WJ Enter to select Sys Change Password Application File Security Sys Parameters Sys Parameters Press V V Enter to select Setup Port Download Method Download Port Setup Port Setup Port Press V V V Enter to select Dial to Port1 configure the I T I port Port2 Port3 Dial Press Enter to select Dial Phone Num Dial Phone Num Modem Speed Phone Num Enter the server IP port number Old Value XXXXX Enter New Value 56 Chapter 6 System Parameters Menu
45. K while the terminal is starting up access the extended menu by pressing the 1 and 3 keys simultaneously Extended Menu Serialnum Inject System Config System Info Supervisor Menu Press V V Enter to select System Info System Info Versions Security Info Press V Enter to select Security Info Security Info Prompt MAC Key Terminal Based Reinject SN Do Not Erase Keys Prompt MACing Disable Code MACing Disable MAC Calculation Double Length Key Atalla KBK Disable Startup Verify MACing Disable PED Mode Disable Serial Number XXXXXXXXX The security options and serial number display To scroll down to read the full report press VJ When you are finished reading it press Can to return to the previous menu Chapter 4 System Info Menu Section 4 3 Checking the Security Information 4 4 RAM Info To access the extended menu restart the terminal by pressing 1 CAN OK while the terminal is starting up access the extended menu by pressing the 1 and 3 keys simultaneously Extended Menu Press W V Enter to select System Info Serialnum Inject System Config System Info Supervisor Menu System Info Press W Enter to select RAM Info Versions Security Info Security Info Total RAM Size 0 bytes When you are finished reading it press Can to Smallest Free Mem Siz return to the previous menu 0 bytes Biggest Free Mem Ch
46. Key password 2 6 3 4 then press Enter Supervisor Menu Change Password Application File Press V V Enter to select Security Security Key Injection Key Check Value Erase App Keys Press Enter to select Key Injection Key Injection Inject Keys Injection Port Press W Enter to select Injection Port Injection Port COM1 COM2 Ethernet Select the port you want Updating Ingenico 6500 User s Guide 27 55 2 Injecting Keys Display Action To access the extended menu restart the terminal by pressing 1 CAN OK while the terminal is starting up access the extended menu by pressing the 1 and 3 keys simultaneously Extended Menu Press v V V Enter to select Supervisor Serialnum Inject Menu System Config System Info Enter Password Key password 2 6 3 4 then press Enter Supervisor Menu Press vW V Enter to select Security Change Password Application File Security Key Check Value Erase App Keys Serialnum Inject Press Enter to select Key Injection Key Injection Injection Port Key Injection Wait for command Press Enter to select Inject Keys The terminal will now accept the key injection For instructions on how to inject keys see the manual for your key injection software such as Ingenico s KeyFac or WinKeyFac When finished press Can to return to the previous me
47. Not Enough DFS Space Ow a F E ok r i eae Ee 13 1 13 2 BM EFT Troubleshooting This section describes how to resolve error messages that may appear on your Ingenico 6500 device display if using IBMEFTDL Card Read Error1 If the Card Read Error message displays on the device after swiping a card through the MSR Try swiping the card a few more times varying the speed at which the card is physically drawn through the reader Try swiping the card in the reverse direction i e if swiping the card from top to bottom try swiping the card from bottom to top front to back back to front Make sure that you are swiping the card in a straight line i e make sure the MSR card is always touching the bottom of the MSR track If none of these actions work then the MSR card is worn and cannot be read electronically Enter the card number manually Ifthe register is reloaded immediately after powering up the Ingenico 6500 may not come up in the correct state Signing in at the register and seeing if the Ingenico 6500 display reads Please Slide Card can determine this If it does not i e display continues to read Closed then perform the same steps as for the next error message EFT Device Not Available EFT Device Not Available If the EFT Device Not Available message displays on the register perform the following steps 1 Check to make sure the Ingenico 6500 is on and is displaying the first promp
48. Process Steps If the download fails it will assist troubleshooting efforts to know at what point the download failed and to record what error code displays on either the store controller or on the 6500 terminal display To run your batch file 1 Ensure the Ingenico 6500 terminals are in the ready state 2 Load files into the store controller s PIN pad program directory 3 Initiate a download from the controller The cashier display details activity and status updates such as Downloading PROG Xxxx or Downloading PARM xxxx The Ingenico 6500 terminal indicates a summary of its activity IBM EFT prog Dowld blk When complete the cashier display reads Closed or Enter Item The Ingenico 6500 terminal goes into the online or offline state 4 Ensure that all Ingenico 6500 terminals that have attempted an IBMEFTDL or parameter level upgrade are running the proper levels of software see section 4 2 Finding Version Numbers on page 17 Record discrepancies if any are found to have failed acceptance of the download and note the location of the device If a download fails always conduct a second download attempt and report second failures to your Ingenico Project Manager 5 Check the properties of the communications port to make sure that the interrupt request and input output range has not been changed Ingenico 6500 User s Guide 111 112 Chapter 11 IBMEFT Download Section 11 4 Outline of Download Pr
49. V Enter to select AD Timeout AD On Off AD Timeout AD Retry Times AD Timeout Enter the amount of time after which the unit will Old Value XXXXXXXXX cease trying to automatically detect the Enter New Value communications in the Port 1 in units of 1 100 of a second 60 Chapter 6 System Parameters Menu Section 6 5 Configuring the Host Port Auto Detect Feature Setting the Auto Detect Retry Times The Auto Detect Retry Times indicates how many times the terminal will attempt a communications protocol before trying the next one on the list For example if it is set to 3 when the terminal starts up it will try 3 times to connect to the HOST in USB mode lf it fails then it will try 3 times to connect to the HOST in RS485 mode If it fails then it will try 3 times to connect to the host in Tailgate mode If it fails then it will decide that COM1 is working in RS232 mode Therefore the less retry times the less amount of time it will take to auto detect the communications type Display Action To access the extended menu restart the terminal by pressing 1 CAN OK while the terminal is starting up access the extended menu by pressing the 1 and 3 keys simultaneously Extended Menu Press WV V V Enter to select Supervisor Serialnum Inject Menu System Config System Info Enter Password Key password 2 6 3 4 then press Enter Supervisor Menu Press WV V V Enter to select Sys
50. a file system DFS first along with code files and data files The secure certificate contains all security related information and information about all of the code files and data files in the download package The securing process is composed of the following steps 1 The secure certificate is used to validate the complete download of all required download files If Code MACing is enabled downloading any file that is not listed in the secure certificate file causes the download to fail 2 The maintenance application sends a request to SSA to validate the secure certificate file 100 Chapter 10 Secure Certificate Section 10 1 Overview 10 4 3 The secure certificate file is used to validate the signature of code files and data files as soon as they are installed The secure certificate can also be accessed as needed throughout the download procedure 4 Ifthe download is successful the secure certificate file will be erased from a temporary location and updated into SSA s memory Secure Certificate The secure certificate is a text file that contains security information for a download package Once the text file is constructed it must be passed through a securing utility which generates the MAC of the certificate The utility will also generate MACs for all of the software components described in the certificate The secure certificate contains all the security information necessary for SSA to determine if the downloade
51. ad session RES_SEND_CERTIFIC_ERROR 17 fail to send certific data Data Uint8 Ingenico 6500 User s Guide 65 ID Parameter Name Description Value RES_BDL_CFS_DWN_ERROR 18 batch download CFS error RES_BDL_DFS_DWN_ERROR 19 batch download DFS error RES_UPD_EFT_VER_ERROR 20 fail to update eftl eftp version RES_LOST_DWN_FILE_ERROR 21 download file lost error RES_CFS_AUTH_ERROR 22 cfs authentication error RES_CFS_DEC_ERROR 23 Cfs decryption error RES_DFS_AUTH_ERROR 24 Dfs authentication error RES_DFS_DEC_ERROR 25 DFS decryption error RES_FILE_WRITE_ERROR 26 file write error RES_FILE_READ_ERROR 27 file read error RES_NO_CFS_SPACE_ERROR 28 cfs no space error RES_NO_DFS_SPACE_ERROR 29 Dfs no space error RES_LOST_CERTIFIC_ERROR 30 lost certific file error RES_UNKNOWN_ERROR 31 unknown error RES_MEMORY_ERROR 32 memory error RES_APP_NOT_EXIST 33 data file application doesn t exist Data 26 PAR_HOST_PORT_NUM Port number assigned to the host interface COM1 COM 1 COM2 COM2 COM3 COM3 Char 27 PAR_AUX_PORT_NUM Port number assigned to the AUX interface COM1 COM1 COM2 COM2 COM3 COM3 Char 5 66 Chapter 6 System Parameters Menu Section 6 6 Editing Parameters ID Parame
52. ar text entry It will use the terminal based security text key if the form is set to secure text entry Application based Prompt MACing will use application based clear text key if the form is set to clear text entry It will use the application based security text key if the form is set to security text entry Prompt MACing will be used to authenticate the prompts during the data entry process and the load font process Code MACing Code MACing controls how code files are updated Possible Status Description Values 0 Disabled No authentication is performed on code file updates Default 1 Enabled Special authentication is performed on code file updates Code MACing verifies that only certified applications and files are loaded into the device During security download if Code MACing is enabled all the code files will be authenticated after they are downloaded The authentication method is given in the certificate file which includes NONE SHA1 MAC MAC etc Double Length Key MAC Calculation This option controls how the MAC calculation algorithm operates when the MAC key is a double length key This setting only applies to MAC calculation in financial transactions Possible Encryption Description VEGE 0 EDE encrypt Double length key encryption on each block of data decrypt Default encrypt 1 E encrypt Single length key encryption on each block of data except for the last block which uses EDE encryp
53. arameter files that could change dynamically from an external source then these files can be defined in the non secure section thus escaping the rigors of fingerprint validation The securing party has ultimate control over whether to Ingenico 6500 User s Guide 105 accept or reject such a configuration This decision is made prior to MACing the secure certificate The secure file descriptor section is found after the identifier SecFiles lt cr gt lt f gt and before the next section identifier i e encountered by lt cr gt lt f gt or end of the file The secure file descriptor is in the format MAC 12345678 applname dstfilename ext class authmethod encrypt existence srcfilename ext The first field of the secure file descriptor is the MAC for the application data file MAC is a text string identifying that the pre calculated fingerprint follows 12345678 is the Hex ASCII representation of the most significant 4 bytes of the MAC applied by the securing utility prior to download appiname represents what application this data file belongs to dstfilename ext represents the relative path and file name where the data file will reside in the UNICAPT 32 file system For instance bitmaps card bmp class represents the particular categorization of the file within the terminal s file system Possible values O private 1 public authmethod represents the data file authentication method i e the MAC calcu
54. arameters Application File Security Sys Parameters Sys Parameters Press V V Enter to select Setup Port Download Method Download Port Setup Port Setup Port Select Port1 Port2 or Port3 PoI By default Port 1 Host Port 2 Aux Port 3 Port2 E NET port Ethernet Port3 Port X Press V Enter to select Data Bits Interface Type Baud Rate Stop Bits Data Bits Select the appropriate data bits value 6 7 8 Updating Ingenico 6500 User s Guide 644 Setting the Stop Bits Display Action To access the extended menu restart the terminal by pressing 1 CAN OK while the terminal is starting up access the extended menu by pressing the 1 and 3 keys simultaneously Extended Menu Press V V V Enter to select Supervisor Serialnum Inject Menu System Config System Info Enter Password Key password 2 6 3 4 then press Enter Supervisor Menu Press VW V V Enter to select Sys Change Password Parameters Application File Security Sys Parameters Sys Parameters Press vV V Enter to select Setup Port Download Method Download Port Setup Port Setup Port Select Port1 Port2 or Port3 Bort By default Port 1 Host Port 2 Aux Port 3 Port2 E NET port Ethernet Port3 Set Port X Press V V Enter to select Stop Bits Interface Type Baud Rate Data Bits Stop Bits Stop Bits Select the appropri
55. ary file residing in the terminal For instance WW002G011010 authmethod represents the code file authentication method i e the MAC calculation method that the code file used Possible values SHA1 MAC 104 Chapter 10 Secure Certificate Section 10 5 Secure Certificate Descriptor Sections 10 5 4 CBC MAC Use Code Download MAC Key CDMK XOR 0x0000 0000 0000 OOFF for each half of the key to do MAC calculation verification The MAC is calculated before the code file is encrypted If the code file is specified to be encrypted then the calculated data needs to be a multiple of 8 bytes If it isn t the generated encrypted code file will have zeros appended at the end of the file for MAC calculation encrypt represents whether the code file is encrypted and needs to be decrypted Possible values Y N If the code file is encrypted it should be encrypted under the variant of CDMK The applied variant method is use CDMK XOR 0x0000 0000 0000 FFOO for each half of the key to do encryption decryption If the code file needs to be encrypted the MAC value will be calculated and it will be added to the certificate file Next it will encrypt the code using the variant of CDMkK starting from address 0x0200 the code file header is not encrypted If the code file is not a multiple of 8 bytes the last data block will have zeros appended for encryption calculation The number of zeros that are appended to the code file are also appen
56. ate stop bits value 1 2 Updating 40 Chapter 6 System Parameters Menu Section 6 4 Setting Up the Port 645 Setting the Parity Display Action To access the extended menu restart the terminal by pressing 1 CAN OK while the terminal is starting up access the extended menu by pressing the 1 and 3 keys simultaneously Extended Menu Press V V V Enter to select Supervisor Serialnum Inject Menu System Config System Info Enter Password Key password 2 6 3 4 then press Enter Supervisor Menu Press V V V Enter to select Sys Change Password Parameters Application File Security Sys Parameters Sys Parameters Press V V Enter to select Setup Port Download Method Download Port Setup Port Setup Port Select Port1 Port2 or Port3 Bort By default Port 1 Host Port 2 Aux Port 3 Port2 E NET port Ethernet Port3 Set Port X Press VW V V Enter to select Parity Interface Type Baud Rate Data Bits Stop Bits Parity Select the appropriate parity None Odd Even Ingenico 6500 User s Guide 646 Defining the LAN Address Display Action To access the extended menu restart the terminal by pressing 1 CAN OK while the terminal is starting up access the extended menu by pressing the 1 and 3 keys simultaneously Extended Menu Press V V V Enter to sele
57. calibration to succeed you need to touch the buttons from the side Touch the left buttons with your left hand and the right buttons with your right hand Repeat until you are notified that the test was successful Calibrate Finger Calibration Succeeded a You are notified if the finger calibration was successful If calibration failed try again making sure to follow the preceding tip 715 SCV Verification This test is for internal Ingenico use only Ingenico 6500 User s Guide 85 Architecture s1 Overview To understand downloading it helps to understand the architecture of the Ingenico 6500 terminal Terms explained in this chapter are used in the subsequent chapters This chapter explains the system architecture how the unit connects to the host device and the terminal s architecture s2 System Architecture The server local or remote sends information to the store controller if present which sends it to each host or point of sale device typically an electronic cash register ECR and each ECR sends it to the Ingenico 6500 terminal attached to it The Ingenico 6500 terminal in turn sends information back through the chain Figure 1 and Figure 2 illustrate the information flow for stores with and without a store controller Ber ee Lo ot Server Host Server S Store
58. check readers and bar code scanners can be connected to the AUX port For more information about connectivity refer to the Ingenico 6500 Installation amp Operations Guide About this Manual Chapters 1 through 7 explain how to use the extended menu Chapters 8 through 10 give background information to help you understand downloading and key management and Chapters 11 and 12 explain how to perform a download Chapter 1 ntroduction gives an overview of the terminal this manual and kits that are available Chapter 2 Extended Menu Overview explains how to navigate the extended menu and find the current setting It also lists the options available in each menu Chapter 3 System Configuration Menu explains how to perform the functions in the system configuration menu change date and time set display contrast and adjust beep tones Chapter 4 System Info Menu explains how to navigate through the system info menu to view the following system information check versions check security info and view parameters Chapter 5 Supervisor Menu gives the password to enter the menu and explains how to change the password It explains how to check or erase the application file in the terminal and how to perform the following security functions set key injection port allow key injection check the key value and allow the serial key to be injected Chapter 6 System Parameters Menu explains how to indicate the download method set the
59. ct Supervisor Serialnum Inject System Config System Info Enter Password Key password 2 6 3 4 then press Enter Supervisor Menu Press W V V Enter to select Sys Change Password Application File Security Sys Parameters Sys Parameters Press WV V Enter to select Setup Port Download Method Download Port Setup Port Setup Port Select Port1 or Port2 Bord By default Port 1 Host Port 2 Aux Port2 Bon x Press WJ V V V Enter to select LAN Interface Type Baud Rate Data Bits Stop Bits Parity LAN Address LAN Address Key the appropriate LAN address then press Old Value 104 Enter New Value 42 Chapter 6 System Parameters Menu Section 6 4 Setting Up the Port 6 4 7 Setting the Retry Count This option sets the number of times the COM port should retry in the event of failure 0 to 10 Display Action To access the extended menu restart the terminal by pressing 1 CAN OK while the terminal is starting up access the extended menu by pressing the 1 and 3 keys simultaneously Extended Menu Serialnum Inject System Config System Info Supervisor Menu Press W V V Enter to select Supervisor Menu Enter Password Key password 2 6 3 4 then press Enter Supervisor Menu Change Password Application File Security Sys Parameters Press W V V Enter to select Sys Parameters Sys Parameters Download Method Download P
60. curity Sys Parameters Sys Parameters Press WV Enter to select Setup Port Download Method Download Port Setup Port Setup Port Press V V Enter to select Port3 the E NET Port1 port Ethernet Port2 Ports Press V eleven times then press Enter to Interface Type select Primary DNS Baud Rate Data Bits Stop Bits Parity DHCP Local IP Local IP Port Server IP Server IP Port IP Add Mask Gateway Primary DNS Primary DNS Enter the address of the Primary DNS XXX XXX XXX XXX Updating 54 Chapter 6 System Parameters Menu Section 6 4 Setting Up the Port 6 4 19 Setting the Secondary DNS DIEGEM Action To access the extended menu restart the terminal by pressing 1 CAN OK while the terminal is starting up access the extended menu by pressing the 1 and 3 keys simultaneously Extended Menu Serialnum Inject System Config System Info Supervisor Menu Press V V V Enter to select Supervisor Menu Enter Password Key password 2 6 3 4 then press Enter Supervisor Menu Change Password Application File Security Sys Parameters Press W V V Enter to select Sys Parameters Sys Parameters Download Method Download Port Setup Port Press W Enter to select Setup Port Setup Port Port1 Port2 Press V V Enter to select Port3 the E NET port Ethernet Port3 Interface Type Baud Rate Data Bits Stop Bits Parity D
61. d application is eligible to upgrade The secure certificate is also a descriptor of all the software components that are necessary to make up a download session In effect the secure certificate represents an application descriptor file that contains secured fingerprints for each of the software components representing the application The following is an example of a secure certificate text file MAC 12345678 VisaPEDMode 1 Appl MAC 12345678 applname dstfilename ext authmethod encrypt srcfilename ext SecFiles MAC 12345678 applname dstfilename ext class authmethod encrypt existence srcfilename ext MAC 12345678 applname dstfilename ext class authmethod encrypt existence srcfilename ext NonSecFiles applname filename ext class existence applname filename ext class existence DeleteAppl applname codefilenamel applname codefilename2 DeleteFiles applname filename ext class applname filename ext class DeleteWholeApp applname Ingenico 6500 User s Guide 101 Note All lines within the secure certificate text file are terminated with a character sequence carriage return followed by line feed e g lt cr gt lt f gt except for the last line of the file The fields of the file are described more fully in the sections that follow Secure Certificate Descriptor Sections 10 5 The following descriptor sections make up a secure certificate Secure certificate MAC descriptor section
62. ded to the end of the output encrypt file e g adds 4 to represent four zeros An encrypted code file will be generated with extension enc The encrypted application code file thus consists of three portions The first 0x0200 bytes i e 512 bytes are the first 512 bytes of the original application code file in clear form The second portion is variable in length depending on the size of the original application code file It consists of groups of encrypted data Each group is of 8 bytes long The last group is padded with 0 s to make up 8 bytes if necessary before encryption The third portion is one byte long Its value indicates the number of 0 s padded to the last group of data It is in clear form Note Code file 0 won t be encrypted even if the encrypt field is specified to be yes srcfilename ext represents the relative or full path of the code file residing in the computer For instance code WW002G011010 This field is not used by the secure process but will be used by the securing utility Secure File Descriptor Section The secure file descriptor section is an area of the secure certificate file that contains information pertaining to the files that require secure fingerprint validation By being able to define the files that require fingerprint validation the developer can maintain some level of control over what and how much of the application needs to be validated If an application has p
63. e cee alee elec el alet E EEG 2 1 4 A Dout TINS MaN cea ccide altel ct a e ea r a Ea E eE O eE aeeai 2 1 5 Conventions Used in this Manual cccccseeececeeeeeeeeeeeeeeeeeeeeseeeeeeeenaaes 3 1 6 Kits 3 1 6 1 Basic Installation Kit scsczseshccssasssecsasce sites sosheseenyiesstacnsbiteansibbscateboss iearesbateasvsbiaeceedt 3 1 6 2 Store Installation Kitx 22058 sesh Ses issvve ives oh E A ANE ATEA EEEE Biden 3 1 6 3 Retail Base Application Integration Kit 2 ccsscsecccceceeeeeeneneecesecesetsenteaeeeseettes 3 1 6 4 OPOS Software Development Kit 0 2 22 ccccccecseccecececeseesenneceeeeeeeseesennneeeeeeeeteeeenes 3 1 6 5 JavaPOS Software Development Kit 1 ccccccceeeececeeeeeeceeeeneaeceeeeesetsessesnneneess 4 1 6 6 UNICAPT 32 Software Development Kit cccccccccecseccceeeeeseetecneaeeeteeeteteesees 4 Chapter 2 Extended Menu Overview cccccccccsssseeeeseeees 5 2 1 OVGRVIOW dam duct euin en a a a a L i D T A ens 5 2 2 Accessing the Extended Menu 2 2 c c c c ccecceeccseeteeeeneeceeeeneeceeeeneeceeee 5 2 3 Navigating the Extended MenU sssssssssssssssssessssesserreererererereeeeeereeeeereeeeene 5 2 4 Finding the Current Setting s sscceceeeeeeeeeeeeeeeseeeneeeseeeseneseeeneneeeeess 6 2 5 Finding Options in the Extended Menu ccceeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeees 6 Chapter3 System Configuration Menu cccccssseeeeee 11 3 1 OVE NISW tanta csc enee
64. e extended menu by pressing the 1 and 3 keys simultaneously Extended Menu Press V V V Enter to select Supervisor Serialnum Inject System Config System Info Enter Password Key password 2 6 3 4 then press Enter Supervisor Menu Press V Enter to select Application File Change Password Application File Security Select Appl Select the application you want to erase App A App B App C Select File Select the file you want to erase sysPara cfg File Menu Press V Enter to select Erase Read Syspara cig The contents of the file display To erase press Erase SOF 010000000000 26 Chapter 5 Supervisor Menu Section 5 4 Application File in Terminal 5 5 5 5 1 Erase File Yes Select YES or NO Erasing File If you selected YES the terminal confirms it is erasing the file Select File sysPara cfg If you selected NO you are returned to the SELECT File prompt Select another file to erase or press Can to return to a previous menu Security Setting the Key Injection Port Display Action To access the extended menu restart the terminal by pressing 1 CAN OK while the terminal is starting up access the extended menu by pressing the 1 and 3 keys simultaneously Extended Menu Serialnum Inject System Config System Info Supervisor Menu Enter Password Press W V V Enter to select Supervisor Menu
65. e host Working session This key is decrypted by the Master Atalla Variant Key which is Atalla Key created from the Master Atalla Key according to the type of operation to be performed DUKPT Keys The Initial PIN Pad Keys IPPKs are loaded encrypted under the KTK The device can accommodate up to ten separate DUKPT engines Each engine is initialized with an IPPK Available indexes for the DUKPT engines are 0 9 The IPPKs can be both single length DES keys and double length triple DES keys Security Options This section provides a synopsis of each security option All the security options can be loaded during key injection The user application can request the security options setting from an SSA API Ingenico 6500 User s Guide 95 9 5 1 9 5 2 9 5 3 Prompts Authentication Key Options This option controls whether the prompt authentication keys are based on the terminal or the application These options will be used when doing any secure data entry When prompt MACing is enabled and the prompts authentication key security option is set to 0 terminal based at data entry time the secure text and clear text prompts will be verified with the terminal based special keys When prompt MACing is enabled and the prompts authentication key security option is set to 1 application based at data entry time the secure text and clear text prompts will be verified with application based special keys Possible
66. e is from the internal document NAR SSA Library Security Part version 1 23 The system parameter file is a public file that resides at the root directory of the terminal s System amp Security Application This file records the system parameter settings made through the supervisor menu The financial application is allowed to read from this file Each parameter occupies 16 bytes in the parameter file A null terminator is required and saved for character strings except when the string length is 16 In such case only 16 bytes of data are saved 62 Chapter 6 System Parameters Menu Section 6 6 Editing Parameters ID Parameter Name Description Value Data 0 PAR_ENABLE_KEY_BEEP enable disable beep tone FALSE 0 disable uint8 On key Entry TRUE 1 enable 1 PAR_KEY_BEEP_LEN beep length on key press OxFFFFFF11 OxFFFFFF13 Uint3 HMI_BEEP_CLICK 2 HMI_BEEP_LONG 2 PAR_KEY_BEEP_TONE beep frequency on key OxFFFFFFO1 OxFFFFFFO3 Uint3 press HMI_BEEP_LOW 2 HMI_BEEP_HIGH 3 PAR_DEVICE_TYPE Key entry device or 0 key entry device Uints signature capture device q signature capture device 4 PAR_LCD_CONTRAST LCD contrast setting for 0 100 Uint8 Whiole device key entry device default contrast 100 signature cap device default contrast 50 5 PAR_KEY_INJ_PORT Key injection port setting COM1 com 1 Char COM2 com2 5 ETH Ethernet 6 PAR_MANUFACTURE_ID Manufact
67. e na TTO E E E NE Sud A E O 11 3 2 Changing the Date and Time cccccceeceeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeetess 11 3 3 Changing the Display Contrast cccctcuscccetevscaceteescaretiaeteia eta 12 3 4 Changing the Beep Ones actif fei oa oe eaten Guten aut oed eel aemadees 12 3 4 1 Enable Disable Beep TONGS 1 ccccccccesseccececetetecneeaeceseceesesesseaeeeseetenteenenaness 12 3 4 2 Changing the Beep Length 2 1 c scccccceceeeenenneceeeeeeeteeneeaeceeeeseeeteenenaeeeeeeeseteens 13 3 4 3 Changing the Boop TONES esisi ssireiisnisdi saiodi saipdian Saia iienaa daai aa hai aa iii 14 3 5 Turning the Backlight On or Off s ssssenennneeenrerrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrens 15 3 5 1 Turning the Backlight On or Off 2 2 ecccceccececeeeeteeneneeeeeeeeeseeseaeeeeeeeteeseeneanees 15 3 5 2 Setting Backlight to Off When Idle ececceeetcceceenteeeceenneeeceeaeeeteeaaeeeeesnaeeeeeeaaes 15 napio 4 System Info Menu cccesececeeeeseeeeeeeeeeeseeeeeees 17 OVEIVIOW e atone in cA acta ia tat bane Sot hand Nan ban bcd A ad bk el bend ban hea 17 4 2 Finding Version Numbers 2 2 c lt sses00 lt deeseeeedeeeteesdeessneedeestteediesseeeseestieeees 17 4 3 Checking the Security Information ccccseceeceeeeceeeteneeeecteneeeeetenereeeteneee 18 4 4 RAM IM Orena e cS E TA N ta aos A LEE 19 4 5 Viewing All Parameter ValU S cece eeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeee 20 Chapter 5 Sup
68. ection download protocol and port setting can be set in the supervisor menu see Chapter 5 Supervisor Menu on page 23 Ingenico 6500 User s Guide 89 8 4 2 8 4 3 User Application A user application controls the terminal through customer specific forms and prompts User applications are also called payment applications or financial applications There can be a single user application or multiple ones User applications vary widely An application may be thick and contain much business logic or it may be a thin layer that simply passes on requests from the register Ingenico provides standard user applications intended for certain markets or you can create your own user applications using Ingenico s Ingedev application development environment In the North American market standard user applications include Retail Base Application and UPOS interface application A user application accesses secure functions such as the display screen screen buttons terminal keys and signature capture through the security module of the SSA For all other functions such as port communications smart card and magnetic stripe reader the user application accesses the operating system directly Digitizer The digitizer is a chip with software on it that handles the interface with the user It receives finger and stylus input from the display screen which it sends to the operating system where it goes first to the human machine interface to be
69. eeeneeeeeeeneeeeeeaeeeeeesaneeeeenaes 49 6 4 14 Defining the Server IP ACV SS 0ccccccccccsteeeceentieeeeeenteeeeeenaeeeeeeaeeeeeeateeeneaas 50 6 4 15 Setting the Server IP Port NUMDED ccccccccceeteeceenneeeceenteeesesnaeeeeseaeeeesenaes 51 6 4 16 Masking Your IP Adaro SS rebana erR E a E eR RT ER 52 6 4 17 setting the Gateways se ra e E ia eae 53 6 4 18 Setting the Primary DNS ae mran Se eT E 54 6 4 19 Setting the Secondary DNS eessresrrrrneernnnrrrnnnerrrrsrrrnnnerennnnrreunnernnnnennenneennnt 55 6 4 20 Setting the DOMAIN NAIM uu ecccccececceet ee eeenne eee ideie antena ained linei aean i Tae 56 6 4 21 Setting Up the Phone Number to Diali cccccccsccccccseteeecesnteeeteenteeeeeesneeeeeeaaes 56 6 4 22 Setting Up the Modem Speed 2 2 ccccccccceeeeennceeeeeeetecnenneceeeseeesecneenenaseseeess 57 6 4 23 Changing the Position of the Host Port or AUX PoOft 0 ccccecctteeeenteeeeeenaes 58 6 5 Configuring the Host Port Auto Detect Feature cccccccceceeeeeeeeeeeeeeees 59 6 5 1 Disabling or Enabling the Auto Detect Feature 0 0 cccccccceteeeettnteeeettnneeeertnee 59 6 5 2 Setting the Auto Detect Timeout 00 ececcceeteeceeenneeeceenneeeeeeneeeceenaeeesesnaeeteesenaes 60 6 5 3 Setting the Auto Detect Retry TiM S 0 ccccccccceseccecessteeecesnieeesesnieeecesnaeeeeeseaaes 61 6 6 Ro IRO Mete lE OALE IE ic bdey beetle EAE de videnbles Sdenbdeh bce ebdeesdecbdens 62 Chapter 7 Diagnostic M
70. ended menu by pressing the 1 and 3 keys simultaneously Extended Menu Serialnum Inject System Config System Info Supervisor Menu Press V V V Enter to select Supervisor Menu Enter Password Supervisor Menu Change Password Application File Security Sys Parameters Key password 2 6 3 4 then press Enter Press VW V V Enter to select Sys Parameters Sys Parameters Download Method Download Port Setup Port Auto Detect Auto Detect AD On Off AD Timeout AD Retry Times Press W V V Enter to select Auto Detect Press Enter to select On Off AD On Off Off On Select the option you want Ingenico 6500 User s Guide 59 65 2 Setting the Auto Detect Timeout Display Action To access the extended menu restart the terminal by pressing 1 CAN OK while the terminal is starting up access the extended menu by pressing the 1 and 3 keys simultaneously Extended Menu Press W V V Enter to select Supervisor Serialnum Inject Menu System Config System Info Enter Password Key password 2 6 3 4 then press Enter Supervisor Menu Press W V V Enter to select Sys Change Password Parameters Application File Security Sys Parameters Sys Parameters Press W V V Enter to select Auto Detect Download Method Download Port Setup Port Auto Detect Auto Detect Press
71. enu c sccseeeesessseeeeeeeseeseeeneees 73 7 1 OVENIEWi anazini nna aaa aaa a Mahar aach i 73 7 2 Testing the Display Contrast ccccccccccceeeeeeeeeeeeeeeeeeeeesseeeeeeeeeeenees 73 7 3 Festing the Keypad renina nenien en e e ceded atau tas 74 7 4 Testing the Beeper iscenecesrsnnesnnneseneee nea ea E a 74 7 5 Testing the RS232 Connection xcs cose estceseceskceuecevicesecesi cewecevicesecesicenecesbeet 75 7 6 Testing the RS485 Tailgate Connection 0 000 eee eeeeeeeeeteeeeeeeeeeeeeeeeeeeee 76 7 7 Testing the USB Port s c22 22 5 cz scio esa diorteadiotiadionuadiautssdisdusdisidsc 77 7 8 Testing the Magnetic Stripe Reader 2 c ceceeece cece tenes 78 7 9 Testing the Smart Card Reader oo eee eeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeee 79 710 Testing the SAMS cccccccccccceseceeeneteceeeneeeneneneseneneneeeneeeneneneeeneseneeenene 80 Tait Testing the Touch Screen eenen nenene eneee 81 712 Testing Signature Capture eeen 82 mis Testing Pen Calibration eneee ereenn ennenen 83 714 esting Finger Calibration eenen 84 7145 lt SOV VeNmCallOn cccenatcccsd cites at i laeeeaha aah aan hetalen dela eens 85 Chapters Architecture winder eee 86 8 1 OVEIVIOW pie ito nn thing tony nine Bald nnn lie A Aula phd nd 86 8 2 System ALCHILG CU ices doin csi seuss ace dechcahsdack das dcdeestadaahdasdadacchadaahaeasdvdaceatas 86 8 3 FIOSE GOMMECIONS 2 2 cot cen cent cues cestce
72. ervisor Menu ccccccccssssseeeseeeeeeseeeeeeeees 24 5 1 OVGIVIOW cdactet dicen detsk ced n a a ee 24 5 2 Supervisor Menu Password ccssessseeeeeeeceeeeeeeessseeeeeeeeeeeeeeeeseeeeeeeees 24 5 3 Changing the Supervisor Menu PaSSwotd cccccccccceeeeeeeeeeeeeeeeeeeetes 24 5 4 Application File in Terminals ennenen ae a E 25 5 4 1 Reading the Application File 2 2 2 2 cccccccseceeccececeeeeeenneaeceeeeesessenneaeeeeeeeeentesseases 25 5 4 2 Erasing the Application File rsss pennaa a araa 26 5 5 Security 27 5 5 1 Setting the Key Injection POst ccccccccccccsesseeeceeeneeeeeenteeecesnaeeeceenaeeeessnaeeesenaaes 27 5 5 2 Injecting Key S ics nee ei Bi ni se eine er REE EA ie 28 5 5 3 Setting the Key INd X oe ecccccceteeceenneeeeeenneeecesaeeecesaeeeceeaaaeeeseeaeeeesenaeeeesenaes 28 5 5 4 Setting the Application NUuMberf u cceccccceteeeceenteeeceenneeeeeenaeeeseeaeeeeestnaeeeeenaaes 29 5 5 5 Finding the Key Check Value Terminal KeysS ccsneeenneeeisneennneernnneernenneens 30 5 5 6 Finding the Key Check Value Application K YS 0 c cccccceicteeesteeeeetnteeeeree 31 5 5 7 Erasing Application KOYS ccccccccccceceteteeeetnneeeeetnneeeeesnneeeeesiaeeeeetieeeestneeeenta 33 5 5 8 Injecting a Serial NUMDELM ccccccccccsetceeceenneeeeeeenteeeeesaeeeseeaeeeeseaeeeeseaeeeeeeaas 34 5 6 System Paramet lS ser dere creecince te eraeeruevedvectietenerdeceubecesee dhe enceesecusceeteedecenseees 3
73. escriptor section begins with the descriptor DeleteAppl lt cr gt lt f gt The section ends with the start of the next section header i e encountered by lt cr gt lt f gt or end of the file The delete code file descriptor is in the format applname codefilenam appiname represents the application that this code file belongs to codefilename represents the code file that belongs to an application For example CA0003001000 Note The operating system maintenance application and System amp Security Application cannot be deleted Only the financial application can be deleted Delete Data File Descriptor Section The delete data file descriptor section is an area of the data file that contains information pertaining to the files to be deleted The delete data file descriptor section begins with the descriptor DeleteFiles lt cr gt lt f gt The section ends with the start of the next section header i e encountered by lt cr gt lt f gt or end of the file The delete file descriptor is in the format applname filename ext class appiname represents the application this data file belongs to filename ext represents the relative path and file name where the data file resides in the UNICAPT 32 file system For instance bitmaps card bmp class represents the particular categorization of the file within the terminal s file system Possible values 0 private 1 public Delete Whole Application Desc
74. ess W six times and then press Enter to Interface Type select Response TMO timeout Baud Rate Data Bits Stop Bits Parity LAN Address Retry Count Response TMO Response TMO Enter an amount of time after which the port Old Value 300 should cease waiting for a response in units of Enter New Value 1 100 of a second 44 Chapter 6 System Parameters Menu Section 6 4 Setting Up the Port 6 4 9 Setting the Poll Timeout Poll Timeout is the amount of time the host waits for a response after transmitting a device poll before it records a device poll timeout in units of one tenths of a second This time varies It depends on the number of devices connected to the host system The more devices connected to the host the longer it takes the host to poll each device If the PIN pad device misses more than 16 consecutive polls the host will abandon the device Display Action To access the extended menu restart the terminal by pressing 1 CAN OK while the terminal is starting up access the extended menu by pressing the 1 and 3 keys simultaneously Extended Menu Serialnum Inject System Config System Info Supervisor Menu Press V V V Enter to select Supervisor Menu Enter Password Key password 2 6 3 4 then press Enter Supervisor Menu Change Password Application File Security Sys Parameters Press VW V V Enter to select Sys Parameters Sy
75. esting the RS485 Tailgate Connection 7 6 This feature tests the RS485 Tailgate connection on the HOST port DIEGEM Action To access the extended menu restart the terminal by pressing 1 CAN OK while the terminal is starting up access the extended menu by pressing the 1 and 3 keys simultaneously Extended Menu Press W Enter to select Diagnostic Menu Serialnum Inject System Config System Info Supervisor Menu Diagnostic Menu Diagnostic Menu Press V Enter to select Tailgate Display Keypad Beeper RS232 Tailgate Tailgate The results of the test display To exit press Can IBM 46xx Test 2A23 0x68 76 Chapter 7 Diagnostic Menu Section 7 6 Testing the RS485 Tailgate Connection z7 Testing the USB Port This feature tests the USB connection DIEGEM Action To access the extended menu restart the terminal by pressing 1 CAN OK while the terminal is starting up access the extended menu by pressing the 1 and 3 keys simultaneously Extended Menu Press V Enter to select Diagnostic Menu Serialnum Inject System Config System Info Supervisor Menu Diagnostic Menu Diagnostic Menu Press V Enter to select USB Display Keypad Beeper RS232 Tailgate USB Diagnostic 1 From the HOST start uloop exe Connect USB Port OK 2 From the terminal press Enter Start PC App then Push OK Key to send USB Diagnostic MESSAGE n Send
76. eteeeeaeeeceseteteeseeseeeeeeeenteesenanes 114 123 Default Setup Configuration cccccccccccseeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeees 115 Ban HEIPOR BAG POO a a e erSeurotenGemstersiontes 115 125 Device already loaded with program x and parameter 000 115 i26 ORCO EmO A a a a a A 115 127 Not Enough DFS Space s sisissinsisesisoniseniunneuenenenanenannnanenennna nananana 116 ie Comm Receive Error nccnunaraudieenbiadinbseeiee nei 116 Chapter 13 IBM EFT Troubleshooting cscccsessseeees 117 13 1 Card Read EOI aeee ra ee e a erea eree e a oeae een etet 117 13 2 EFT Device NotAvailable isnscs cate ewe Cee eee 117 13 3 EFT Device Not Available During Check Authorization 118 Revision History Date 2 22 06 Changes Updated the Key Architecture chapter Updated Finding the Key Check Value Terminal Keys section by adding Special Keys option and added new section Finding the Key Check Value Application Keys Manual Revision E 11 1 05 Updated the extended menu flow chapters 2 through 7 Updated the IBM EFT Downloading chapter 4 26 05 Changed the keys for scrolling to for US 2 28 05 Changed the key sequence for restarting the terminal to 1 CAN OK Updated Chapter 9 Key Architecture and Chapter 10 Secure Certificate to reflect changes to NAR SSA version 2 02 maintenance application version 1 12 11 15 04
77. gement of all UNICAPT32 native applications which run in the operating system simultaneously The PAM provides mechanisms that allow synchronization between applications and exchange of data 88 Chapter 8 Architecture Section 8 4 Terminal Architecture System and Security Application The System and Security Application SSA has two modules The system module contains the terminal s extended menu where users can change options related to downloading diagnostics system parameters and system configuration The security module implements all security requirements such as key injection and key management The cryptography functions of the operating system including key storage areas are only accessible to the security module The security module provides a cryptography API to other applications The SSA blocks any user applications from using the HMI peripheral of the operating system Thus all requests by the user application to display forms or receive touch or stylus input must go through the SSA The SSA then rejects any improper insecure requests such as Activate more than 8 screen buttons which could be used to create a false PIN pad Activate PIN entry with a prompt that has no valid MAC if the MACing option is on this prevents the improper collection of the encryption results of known data Activate clear text entry with a prompt that has no valid MAC if the MACing option is on Activate
78. he grid is darkened This test is for the i6550 only Display Action To access the extended menu restart the terminal by pressing 1 CAN OK while the terminal is starting up access the extended menu by pressing the 1 and 3 keys simultaneously Extended Menu Serialnum Inject System Config System Info Supervisor Menu Diagnostic Menu Display Keypad Beeper RS232 Tailgate USB Mag Stripe Reader Smart Card Reader SAM TouchScreen ee This feature displays a grid When you tap the screen a box on the grid is darkened to let you E know where you tapped This allows you to test a portion of the screen you suspect may be having problems Press V Enter to select Diagnostic Menu Press W Enter to select Touch Screen Note To return to the previous menu tap the X in the top left corner Ingenico 6500 User s Guide 81 Testing Signature Capture 7 12 This feature displays a signature capture screen so you can test how a signature inks and displays on the screen This test is for the i6550 only Display Action To access the extended menu restart the terminal by pressing 1 CAN OK while the terminal is starting up access the extended menu by pressing the 1 and 3 keys simultaneously
79. hernet remote IP 4 bytes contain the IP address Uint8 D address setting 4 78 PAR_ETH_REMOTE_IP_PO Ethernet remote IP port 2 bytes number Uint1 RT 6 79 PAR_COM3_RETRY_COUN COM3 failure retry count 1 10 default 3 times Uint8 T 80 PAR_COM3_RESP_TIMEO COM3 response timeout 4 bytes number gt 0 10ms a unit Uint3 UT default 1000 2 81 PAR_ETH_MASK Ethernet mask 4 bytes Uint8 4 70 Chapter 6 System Parameters Menu Section 6 6 Editing Parameters ID Parameter Name Description Value Data 82 PAR_ETH_GATEWAY Ethernet gateway 4 bytes Uint8 4 83 PAR_ETH_PRIM_ DNS Ethernet primary dns 4 bytes Uint8 4 84 PAR_ETH_SECN_DNS Ethernet secondary dns 4 bytes Uint8 4 85 PAR_ETH_DOMAIN Ethernet domain name maximum length of 16 bytes char 17 86 PAR_COM3_INTERFACE_T COM3 connection PORT_RS232 uint8 YPE interface type 41 RS232 PORT_RS485 2 RS485 PORT_TAILGATE 3 Tailgate PORT_USB 4 USB PORT_ETHERNET 5 Ethernet PORT_ATMODEM 6 Dial PORT_3201 7 3201 87 RESERVED COM3 setting reserved N A 8 9 90 RESERVED Reserved parameters N A 9 9 10 PAR_MODEM_PHONE_NU Modem phone number maximum length of 16 bytes char 0 M 17 10 PAR_MODEM_SPEED Modem speed 1 COM_BAUD_50 uint8 1 2 COM_BAUD_75 3 COM_BAUD_150 4 COM_BAUD_ 300 5 COM_BAUD_600 6 COM_BAUD_ 1200 7 COM_BAUD_ 2400 8 COM_BAUD_4800 9 COM_BAUD_ 9600 10 COM_BAUD_ 19200 Ingenico 6500 User
80. ile Security Sys Parameters Press vV V Enter to select Setup Port Download Method Download Port Setup Rart Press V V Enter to select Port3 the E NET Port1 port Ethernet Port2 Port3 Press V seven times then press Enter to select Interface Type Server IP Baud Rate Data Bits Stop Bits Parity DHCP Local IP Local IP Port Server IP Enter the server IP address 123 456 789 012 50 Chapter 6 System Parameters Menu Section 6 4 Setting Up the Port 6 4 15 Setting the Server IP Port Number BI oN Action To access the extended menu restart the terminal by pressing 1 CAN OK while the terminal is starting up access the extended menu by pressing the 1 and 3 keys simultaneously Extended Menu Serialnum Inject System Config System Info Supervisor Menu Press V V V Enter to select Supervisor Menu Enter Password Key password 2 6 3 4 then press Enter Supervisor Menu Change Password Application File Security Sys Parameters Press W V V Enter to select Sys Parameters Sys Parameters Download Method Download Port Setup Port Press W Enter to select Setup Port Setup Port Port1 Port2 Press V V Enter to select Port3 the E NET port Ethernet Port3 Interface Type Baud Rate Data Bits Stop Bits Parity DHCP Local IP Local IP Port Server IP Server IP Port Press V eight times then press E
81. illenium ASIC Processor User Application Maintenance Application Digitizer Operating System Processor Stylus System amp Security Application Store Controller Cash Register Ingenico 6500 Figure 3 Terminal Architecture Ingenico 6500 User s Guide 8 4 1 As illustrated in Figure 3 Terminal Architecture the Millennium ASIC processor runs programs that act as an interface between the ECR and the Ingenico 6500 terminal the operating system system and security application maintenance application and user application Operating System The operating system is comprised of several elements Some of the more prominent ones are explained in this section Code File System The operating system is separated in several code files and any application can be implemented as one or several code files Code files can be run and downloaded independently from each other The Code File System CFS manages the storage of all code files in flash devices A configuration file lists all the code files composing and describing an application The System amp Security Application manages the CFS Data File System The Data File System DFS manages storage and organization of permanent data The DFS enables each application to create directories and to store data in files inside flash devices Human Machine Interface The Human Machine Interface HMI peripheral allows applications to interface to the huma
82. ing 000000100 Prompt MACing will not be enabled if the secure text entry key and clear text entry key are not injected 5 Visa PED Mode and Prompt MACing 000000101 This option will not be enabled if the secure text entry key and clear text entry key are not injected or if the download key is not injected 6 Prompt MACing and Code MACing 000000110 This option will not be enabled if the secure text entry key and clear text entry key are not injected or if the download key is not injected 7 Visa PED mode and Prompt MACing and Code MACing 000000111 This option will not be enabled if the secure text entry key and clear Ingenico 6500 User s Guide 103 text entry key are not injected or if download key is not injected The three security options Visa PED Mode Prompt MACing and Code MACing can only be turned off through the key injection module If the Visa PED mode section indicates to turn Visa PED mode on but the platform code files in the download package or terminal cannot pass the authentication or cannot find MAC information in the certificate file then Visa PED mode cannot turn on and the download fails If the Visa PED Mode section indicates to turn Code MACing on but the platform and financial application code files in the download package or terminal cannot pass the authentication or cannot find MAC information in the certificate file Code MACing cannot turn on and the
83. ion 10 5 Secure Certificate Descriptor Sections 10 5 2 Visa PED Mode Descriptor Section The Visa PED mode descriptor section allows you to set the terminal into a special mode that meets the Visa PIN encryption device PED requirements Visa PED mode should be entered before downloading The section identifier VisaPedMode lt cr gt lt Iif gt marks the beginning of the Visa PED mode section within the file The Visa PED Mode descriptor section is found after the secure certificate MAC section identifier and before the start of the next section identifier i e encountered by lt cr gt lt f gt The first line of the file must look like this mode mode represents the value of the Visa PED mode before the certificate file is updated and before the download starts Possible Description VEGE No security mode is set 1 7 BO Visa PED mode 00000B2B1 B1 Code MACing BO B2 Prompt MACing 1 Visa PED mode 000000001 Visa PED mode will not be enabled if the secure text entry key and the clear text entry key are not injected or if the download key is not injected 2 Code MACing 000000010 Code MACing will not be enabled if the download key is not injected 3 Visa PED mode and Code MACing 000000011 Visa PED mode and Code MACing will not be enabled if the secure text entry key and clear text entry key are not injected or if the download key is not injected 4 Prompt MAC
84. key at a higher level will cause the erasure of all the related lower level keys The following sections describe each key Chapter 9 Key Architecture Section 9 1 Overview Terminal ID Sponsor key Terminal Based Keys Application Based Keys Variant reall Authorization Keys Financial Keys Master Session DUKPT APP 1 APP 1 Clear Text fy Clear Text Security Clear Key Key APP 1 APP ni Options Tet Key Master Key Master Key APP 1 APP 1 4 0 0 APP n Sec Text Sec Text aa ree Key Secure Key Key sn Text APP 1 APP n Key Session Key Session Key 1 0 ia Tan App Download APP 1 Authorization DUKPT Key Key 1an Figure 4 Key Architecture Sponsor Key KTK 9 2 Index Length Description of Key Sponsor key KTK 0 16 This key will be loaded as clear text All Level key transfer key 2 keys will be transferred to the debit terminal also known as encrypted under this key A default key is set if TMk no customer key is injected os Terminal Based Keys Key Name Index Length Description of Key Secure Text Entry 1 8 16 This key is loaded encrypted under the KTK Form Authorization All prompts and or screens used for Secure Key PEFMk Text Entry of all applications will be authenticated using this key if the Prompts Authentication Key security option is set to terminal based 0 Clear Text Entry 2 8 16 This key is loaded encrypted under the KTK Form Authorization All prompts and or screens used for Clear
85. lation method that the data file used Possible values SHA1 MAC CBC MAC Use Code Download MAC Key CDMK XOR 0x0000 0000 0000 OOFF for each half of the key as the variant of CDMK to do MAC calculation verification The variant of CDMK that results from the XOR operation is used for both methods The MAC is calculated before the data file is encrypted If the data file is specified to be encrypted then the calculated data needs to be a multiple of 8 bytes If it isn t the generated encrypted code file will have zeros appended at the end of the file for MAC calculation encrypt represents whether the data file is encrypted and needs to be decrypted Possible values Y N If the data file is encrypted it should be encrypted under the variant of CDMK Use Code Download MAC Key CDMK XOR 0x0000 0000 0000 OOFF for each half of the key as the variant of CDMK to do encryption decryption If the data file is specified to be encrypted the MAC value is calculated and then added to the certificate file Next it will encrypt the data using the variant of CDMK If the data file is not a multiple of 8 bytes the last data block will have zeros appended for encryption calculation The number of zeros that are appended to the code file are also appended to the end of the output encrypt file e g adds 4 to represent four zeros An encrypted data file will be generated with extension enc The encrypted secure data file thus c
86. libration Finger Calibration SCV Verification Ingenico 6500 User s Guide 10 Chapter 2 Extended Menu Overview Section 2 5 Finding Options in the Extended Menu System Configuration Menu 31 Overview This chapter explains how to perform the functions in the system configuration menu change date and time set display contrast and adjust beep tones length and tone 32 Changing the Date and Time To access the extended menu restart the terminal by pressing 1 CAN OK while the terminal is starting up access the extended menu by pressing the 1 and 3 keys simultaneously Extended Menu Serialnum Inject System Info Supervisor Menu Press V Enter to select System Config System Config System Date Time Display Contrast Press Enter to select System Date Time Enter Date Key the new date using the format YYYYMMDD YYYY MM DD then press Enter To bypass press Enter 2003 08 22 Enter Time Key the new time using the format HHMM then HH MM press Enter The system uses a 24 hour clock To bypass press Enter 17 21 Ingenico 6500 User s Guide 11 33 Changing the Display Contrast If you are have difficulty reading your terminal screen you can increase or decrease the contrast This setting is stored in sysPara cfg You can also test the display contrast see Testing the Display Contrast on page 55 Display Action To access the e
87. lled on the server The customer is responsible for sending the code from the server to the electronic cash registers ECRs Each ECR sends the code to its Ingenico 6500 terminal On the POS system two software components are required Files to be downloaded to the Ingenico 6500 terminal Downloader specific to the cash register Ingenico supports several formats including IBM EFT download format NCR download format GEMS and GEMS Lite Ingenico 6500 User s Guide 91 Chapter 9 9 1 Key Architecture Overview This chapter is extracted from the document NAR System amp Security Application SSA Software Architecture Key Architecture section revision 1 19 Figure 4 on page 75 provides an overview of the Ingenico 6500 s key architecture A default key is used for the highest level Sponsor Key KTK Key Transfer Key Customers can change the sponsor key Figure 4 shows the sponsor key under the terminal ID because the sponsor key is unique per terminal All keys indicated are loaded by the financial institution or authorized injection facility The cryptographic keys must be injected into the i6500 terminal in a Key Secure Room The KTK is the only key that can be transported in the clear between the Key Injection Utility and the device The rest of the keys may be generated randomly entered in the system as cryptograms or entered by key parts using principles of both split knowledge and dual control
88. menu option CORR Clear Correct or backspace No effect in the extended menu CAN ANN Cancel Cancel annuler Return to the previous menu If you are at the extended menu return to application s idle prompt Note As you can see in the table there are two versions of keymats a standard version and a USA version This manual will refer to the keys by the standard names The selected menu option is highlighted in reverse video Example follows Ingenico 6500 User s Guide 5 DIESEM Action Extended Menu To select Supervisor Menu press V three times to scroll Serialnum Inject down System Config System Info Supervisor Menu Extended Menu Serialnum Inject System Config System Info Supervisor Menu Supervisor Menu is now selected To accept press Enter 24 Finding the Current Setting The current setting will be highlighted in reverse video Explanation COM1 In this example COM2 is the current setting oe 2 25 Finding Options in the Extended Menu Menu Submenu Submenu Submenu Serialnum Inject System Config System Date Time Display Contrast Key Press Beep Enable Length Tone Disable Backlight On Off Always On Always Off Idle Timeout 6 Chapter 2 Extended Menu Overview Section 2 4 Finding the Current Setting System Info Versions Security Info RAM Info View Parameter Supervisor Menu Change Password
89. mode In this mode if prompt MAC verification fails PIN exhaustion validation and the three button limit will be applied when prompt MAC verification fails PIN exhaustion validation means that the customer can only enter their PIN three times after the third failed attempt the terminal returns to the idle prompt The three button limit means that forms that do not have Prompt MACing are limited to three buttons If the form requires more than three data inputs such as PIN entry or cash back amount it must have prompt MACing Possible Status Description Values 0 Disabled Normal mode 1 Enabled Visa PED mode 98 Chapter 9 Key Architecture Section 9 5 Security Options 9 5 9 Financial Key Option This option controls whether the financial keys are application based or terminal based Caution If you change this security option previously loaded financial keys will be lost Possible Status Description Values 0 Disabled Financial keys are application based Default For application based financial keys SSA supports 10 Master Session keys and 10 DUKPT keys per application 1 Enabled Financial keys are terminal based For terminal based financial keys SSA supports 64 Master Session keys and 10 DUKPT keys per terminal Ingenico 6500 User s Guide 99 Secure Certificate 10 1 Overview This chapter is extracted from the NAR Secure Certificate document part 0190 0
90. n element of the system through the sensory input output devices present in the system such as the display keypad and buzzer Memory Management Unit The Memory Management Unit MMU controls memory access permissions aborting illegal accesses It protects the memory of the operating system and of each application so that applications cannot access or destroy data and code in the operating system or in other applications Each application is fire walled from the other applications using the MMU Each application runs in its own MMU virtual context that prevents any other applications from accessing its data The operating system runs inside its own MMU virtual context in supervisor mode Each application runs inside its own MMU virtual context in user mode The MMU translates these virtual addresses into physical addresses The MMU presents the physical memory locations to a program so it can access the code and data This partitioning prevents any application from accessing other application data or operating system data All applications are linked at the same virtual address using the MMU This allows independent development of all applications using the same framework However communications between applications are not completely prevented they are managed through the PAM Application Manager Peripheral The Application Manager peripheral PAM is the main component of the multi application management system It is in charge of the mana
91. neously Extended Menu Press V V V Enter to select Supervisor Serialnum Inject Menu System Config System Info Enter Password Key password 2 6 3 4 then press Enter Supervisor Menu Press W V V Enter to select Sys Change Password Parameters Application File Security Sys Parameters Sys Parameters Press V V Enter to select Setup Port Download Method Download Port Setup Port Setup Port Select the port you want By default Port 1 Host Port1 Port 2 Aux Port 3 E NET port Ethernet Dial Port2 z I T I Port3 Dial Port X Press V Enter to select Baud Rate nlenate ily pe If configuring the Dial port I T I port select Baud Rate Modem Speed Data Bits Stop Bits Baud Rate Select the appropriate baud rate you can scroll 300 down to see more options 600 1200 Updating Press Can to return to the previous menu 38 Chapter 6 System Parameters Menu Section 6 4 Setting Up the Port 64 3 Setting the Data Bits Display Action To access the extended menu restart the terminal by pressing 1 CAN OK while the terminal is starting up access the extended menu by pressing the 1 and 3 keys simultaneously Extended Menu Press V V V Enter to select Supervisor Serialnum Inject Menu System Config System Info Enter Password Key password 2 6 3 4 then press Enter Supervisor Menu Press V V V Enter to select Sys Change Password P
92. nesactceseceutcenscect comes eeteeseeseceeecesenexeceueees 87 8 4 Terminal Architect re nianna ee aie cece aaot Alesana cua uonaasarertlale 87 8 4 1 Operating SYSIOM antes dint niet ae eal ade ie 88 8 4 2 DiQitiZecah nein lel eal ich nederland ee 90 8 4 3 Transmitting Data ts alot tara eee ee ee anda a 90 8 5 Download File Architecture cccccccscseeeeeeeeeeeeceeeeeeeeseeeeeeeeeeeeeeeeeeees 91 Chapter9 Key Architecture c ssceeeeeeesssseeeeeesseseeeneees 92 9 1 OV GIVIOW ecstatic AIS Bt a eel Bec Tees neces 92 9 2 Sponsor Key ICT one ee eel cathe il aah eaa AeA id ERE E ERA AE AAA aah ENAERE 93 9 3 Terminal Based KOVO a r r cuatonsenrcteusaenatensueeotend 93 9 4 Application Based Keys cccccccccccneeesseeeeeeeceeeeeeeeseeeeeeeeeeeeeeaeneees 94 9 4 1 Special KEYS rr oere ro nenaden ell d aet ied oe eee add ee ee 94 9 4 2 Master Key cssrcic ee hescteneg sti eareiipetdetenees A E eteeieadeh dedi aeerad teetieaadee 94 9 4 3 SESSION KEYS mongoo iniiae eiii aii faite saddsstisag a a A E Ra AT Eai 95 9 4 4 DOKPT KOY S e aanne adaa n aa de raa aaa tent eS aaa aa a daa aae aada aa 95 9 5 SECUN OPtIONS arii E ee E EE en al doh ea ch dc nk co a ee 95 9 5 1 Prompts Authentication Key Options ccccccccecssceececeeeeeseenseaeeeteeteeetessenasess 96 9 5 2 Change Terminal ID Option rriste ennerien aae EnEn 96 9 5 3 Prompt MACIN anret iiras ennai Aiea et 96 9 5 4 Cod MACIAG aiie ies anes Sea ie noes he
93. ngerprint validation All files of an application that have not been defined in the secure file section must be defined in the non secure file section The non secure file descriptor section begins with the descriptor NonSecFiles lt cr gt lt lif gt This section ends with the start of the next section header i e encountered by lt cr gt lt f gt or end of the file The non secure file descriptor is in the format applname filename ext class existence appiname represents what application this data file belongs to filename ext represents the relative path and file name where the data file will reside in the UNICAPT 32 file system For instance bitmaps card bmp class represents the particular categorization of the file within the terminal s file system Possible values 0 private 1 public existence is an option to determine whether the file must exist in terminal memory in order for secure validation to succeed Y indicates that the file must exist If Y is selected and the file exists but does not validate then the secure process fails N indicates the file need not exist If N is selected then the file optionally may or may not exist for validation to succeed Ingenico 6500 User s Guide 107 10 5 6 10 5 7 10 5 8 Delete Application Code File Descriptor Section The delete application code file descriptor section is an area of the code to be deleted The delete application code file d
94. nter to select Server IP Port Server IP Port Old Value XXXXX Enter New Value Enter the server IP port number Ingenico 6500 User s Guide 51 64 16 Masking Your IP Address To access the extended menu restart the terminal by pressing 1 CAN OK while the terminal is starting up access the extended menu by pressing the 1 and 3 keys simultaneously Extended Menu Press VW V V Enter to select Supervisor Serialnum Inject Menu System Config System Info Enter Password Key password 2 6 3 4 then press Enter Supervisor Menu Press W V V Enter to select Sys Change Password Parameters Application File Security Sys Parameters Press vV Enter to select Setup Port Download Method Download Port Setup Rart Press V V Enter to select Port3 the E NET Port1 port Ethernet Port2 Port3 Press V nine times then press Enter to select Interface Type IP Add Mask IP address mask Baud Rate Data Bits Stop Bits Parity DHCP Local IP Local IP Port Server IP Server IP Port IP ADD MASK Enter the IP address to mask XXX XXX XXX XXX Updating 52 Chapter 6 System Parameters Menu Section 6 4 Setting Up the Port 6 4 17 Setting the Gateway Display Action To access the extended menu restart the terminal by pressing 1 CAN OK while the terminal is starting up access the extended menu by pressing the 1 and 3
95. nu 55 3 Setting the Key Index BION Action To access the extended menu restart the terminal by pressing 1 CAN OK while the terminal is starting up access the extended menu by pressing the 1 and 3 keys simultaneously Extended Menu Press v V V Enter to select Supervisor Serialnum Inject Menu System Config System Info Supervisor Menu 28 Chapter 5 Supervisor Menu Section 5 5 Security Enter Password Key password 2 6 3 4 then press Enter Supervisor Menu Press V V Enter to select Security Change Password Application File Security Key Check Value Erase App Keys Serialnum Inject Press Enter to select Key Injection Key Injection Press V V Enter to select Index Select X Inject Keys Injection Port Index Select X Index Select Enter the new index select value and then press Old Value X Enter Enter New Value Key Injection The Index Select Y option now reflects the new Inject Keys index number Injection Port Index Select Y 55 4 Setting the Application Number You will have to know the four digit application ID number to perform this procedure Display Action To access the extended menu restart the terminal by pressing 1 CAN OK while the terminal is starting up access the extended menu by pressing the 1 and 3 keys simultaneously Extended Menu Press v V V En
96. nu restart the terminal by pressing 1 CAN OK while the terminal is starting up access the extended menu by pressing the 1 and 3 keys simultaneously Extended Menu Serialnum Inject System Config System Info Supervisor Menu Diagnostic Menu Keypad Press V Enter to select Diagnostic Menu Press V Enter to select Display The pixels are tested to determine if any are not working or are stuck on The unit goes through the following sequence All pixels on White screen displays Every other pixel off Light gray screen displays All pixels off Dark gray screen displays Every other pixel on Light gray screen displays Ingenico 6500 User s Guide 73 Testing the Keypad This allows you to test each key to ensure the proper value returns Display Action To access the extended menu restart the terminal by pressing 1 CAN OK while the terminal is starting up access the extended menu by pressing the 1 and 3 keys simultaneously Extended Menu Press V Enter to select Diagnostic Menu Serialnum Inject System Config System Info Supervisor Menu Diagnostic Menu Display Keypad o Press V Enter to select Keypad Keypad Press a key to test Here we pressed 0 gt D The key value and hexadecimal value stored in the To exit press CAN terminal s memory returns When finished press CAN Testing the
97. ocess Steps Download Errors 21 Error Opening Port This error message displays on the computer or cash register The following sections list possible causes and corresponding solutions 121 1 The communications port that IBMEFTDL is using is already being used by another application Close the other application and run the download file again 121 2 The communications port is not working Try another computer Ask your Ingenico representative to change the batch file to work with the new communications port Change to the new communications port then run the new batch file 121 3 The hardware settings in the Ingenico 6500 have been changed 1 Check the properties of the communications port to make sure that the interrupt request and input output range has not been changed In Windows 98 or 2000 a Right click My Computer then select Properties b Click the Device Manager tab c From the list double click Ports double click Communications Ports and then go to the Resources tab 2 Ensure the settings for COM1 are the default as follows Interrupt Request is 04 Input Output Range is 03F8 3 Ensure the settings for COM2 are the default as follows Interrupt Request is 03 Input Output Range is 02F8 Ingenico 6500 User s Guide 113 Received 3 NAKs or Timeout in 12 2 sendVIiSAPacket This error message displays on the computer or cash register The following sections list possible causes
98. onsists of two portions The first portion is variable in length depending on the size of the Chapter 10 Secure Certificate Section 10 5 Secure Certificate Descriptor Sections 10 5 5 original application code file It consists of groups of encrypted data Each group is of 8 bytes long If necessary the last group is padded with zeros to make up 8 bytes before encryption The second portion is one byte long Its value indicates the number of zeros padded to the last group of data It is in clear form existence is an option to determine whether the file must exist in terminal memory in order for secure validation to succeed Y indicates that the file must exist If Y is selected and the file exists but does not validate then the secure process fails N indicates the file need not exist If N is selected then the file optionally may or may not exist for validation to succeed srcfilename ext represents the full or relative DOS path and file name that the data file binary resides in This field is not used by the secure process but may be used by the securing utility Note When Visa PED Mode is on the BIN configuration file has to be included in the Security File Section and the applname should be SSA Non Secure File Descriptor Section The non secure file descriptor section is an area of the secure certificate file that contains information pertaining to the files that do not require secure fi
99. ort Setup Port Press W V Enter to select Setup Port Enter New Value Setup Port Select Port1 or Port2 For By default Port 1 Host Port 2 Aux Port2 Port3 Pom Press V V V V V Enter to select Retry Interface Type Count Baud Rate Data Bits Stop Bits Parity LAN Address Retry Count Enter the number of times the COM port should Old Value 4 retry in the event of failure 0 to 10 Ingenico 6500 User s Guide 43 648 Setting the Response Timeout This option sets the amount of time after which the port should cease waiting for a response in units of 1 100 of a second Display Action To access the extended menu restart the terminal by pressing 1 CAN OK while the terminal is starting up access the extended menu by pressing the 1 and 3 keys simultaneously Extended Menu Press W V V Enter to select Supervisor Serialnum Inject Menu System Config System Info Enter Password Key password 2 6 3 4 then press Enter Supervisor Menu Press W V V Enter to select Sys Change Password Parameters Application File Security Sys Parameters Sys Parameters Press V V Enter to select Setup Port Download Method Download Port Setup Port Setup Port Select Port1 Port2 or Port3 Pomi By default Port 1 Host Port 2 Aux Port 3 Port2 E NET port Ethernet Port3 Port X Pr
100. processed The HMI sends the data to the SSA for security screening The SSA sends it to the user application Transmitting Data The operating system receives commands from the host through a port magnetic stripe reader MSR and smart card reader and sends them to the user application Secure functions such as display screen screen buttons terminal keys and signature capture are sent to the SSA for security screening before being sent to the user application The user application controls the terminal through customer specific forms and prompts that it sends to the SSA for security screening The SSA then sends the data to the display screen The user application uses the operating system to send and receive messages to the host through a port The operating system provides the user application with debit and credit card information from the MSR and stored value from the smart card reader The operating system encrypts the user PIN This encrypted information is sent from the operating system to the user application From the user application it goes from the cash register to the store controller and then on to banks and other processors The digitizer handles the interface with the user It receives input from the touch screen and translates it into data that the operating system and SSA can process and encrypt Chapter 8 Architecture Section 8 4 Terminal Architecture ss Download File Architecture The download file is insta
101. riptor Section The delete whole application descriptor section is an area of application to be deleted The delete whole application descriptor section begins with the identifier DeleteWholeApp lt cr gt lt if gt This section ends with the start of the next section header i e encountered by lt cr gt lt f gt or end of the file The delete whole application descriptor is in the format applname appiname represents the application name that is going to be deleted For example US0901_UPOS Note The operating system maintenance application and System amp Security Application cannot be deleted Only the financial application can be deleted 108 Chapter 10 Secure Certificate Section 10 5 Secure Certificate Descriptor Sections IBMEFT Download u1 Prerequisites The prerequisites are The ability to accept downloaded files and store on system A download utility IBMEFT or NCREFT IBM EFT uses an IBM protocol for downloading and NCR uses an NCR protocol for downloading A POS system that supports IBMEFTDL NCREFTDL or equivalent functionality as determined by your project manager Note IBMEFTDL is an Ingenico download utility that runs on the store controller or server It downloads data through the ECR to the Ingenico 6500 using the IBMEFT protocol NCREFTDL is supported and managed directly by NCR for NCR customers u2 Preparation Ensure equipment is functional and in the right place En
102. rror message displays on the computer or cash register if the Ingenico 6500 has already been upgraded CRC Error The CRC Error message followed by multiple characters in a string displays on the Ingenico 6500 to indicate that the Security Module has been compromised Notate error to report with issue Notify your Ingenico Project Manager immediately and request RMA number authorization to return unit to an authorized repair facility for recovery Ingenico 6500 User s Guide 115 12 7 12 8 Not Enough DFS Space This error occurs during a download if the Ingenico 6500 terminal s data file system does not have enough space to receive any additional download components To resolve the error clean up the DFS to make room for downloads There are two ways to do this Use MLDT or Wingload 32 to get the DFS information from the terminal and manually delete any redundant files Go to the Core Menu or Production Menu by restarting the terminal and pressing the top left corner of the screen while the terminal is starting up Select AdvancedOptions enter the password and then select FormatDFS This method will reformat the data file system and delete all existing data files Comm Receive Error This error occurs when the terminal doesn t receive a message from the host within the timeout period To resolve the error extend the Response TMO setting in the terminal or host Chapter 12 Download Errors 116 Section 12 7
103. s Parameters Download Method Download Port Setup Port Press V V Enter to select Setup Port Enter New Value Setup Port Select Port1 or Port2 Poni By default Port 1 Host Port 2 Aux Port2 Port X Press V seven times and then press Enter to Interface Type select Poll TMO timeout Baud Rate Data Bits Stop Bits Parity LAN Address Retry Count Response TMO Poll TMO Enter an amount of time after which the port Old Value 300 should cease polling in units of 1 100 of a second Ingenico 6500 User s Guide 45 64 10 Setting the Turnaround Timeout The Turnaround Timeout indicates the time a concentrator or a hub will wait between its request for data and a device s response in a poll sequence Display Action To access the extended menu restart the terminal by pressing 1 CAN OK while the terminal is starting up access the extended menu by pressing the 1 and 3 keys simultaneously Extended Menu Press V V V Enter to select Supervisor Serialnum Inject Menu System Config System Info Enter Password Key password 2 6 3 4 then press Enter Supervisor Menu Press VW V V Enter to select Sys Change Password Parameters Application File Security Sys Parameters Sys Parameters Press V V Enter to select Setup Port Download Method Download Port Setup Port Setup Port Select Port1 or Port2
104. sure store network is operational Ensure each cash register is functional and connected to the network Ensure store controller has the ability to manage all download files and interface with each ECR Ensure that each Ingenico 6500 terminal is connected to an ECR Ensure that the application levels are the same in all Ingenico 6500 terminals It is a good idea to download to a small number of terminals first 11 3 Timing To perform a download on an RS 232 Type A communication running at 19200 bps it takes approximately 25 minutes 9600 bps it takes approximately 40 minutes Ingenico 6500 User s Guide 109 11 4 11 4 1 Outline of Download Process Steps The download process is as follows 1 Ensure that all Ingenico 6500 terminals operating in the store are running the same levels of software If they are not take note of the software levels see section 4 2 Finding Version Numbers on page 17 then check with your account manager before proceeding to see if additional testing is necessary 2 Install all of the necessary Ingenico download utility and EFT files to the proper directory on the store controller or server 3 From the store controller initiate the download 4 Sign onto each cash register that has an Ingenico 6500 terminal attached to it The store controller will check for Ingenico 6500 EFT version levels If the EFT version levels differ from the Ingenico 6500 the store controller will detect that and
105. sword 2 6 3 4 then press Enter Supervisor Menu Press VJ WV Enter to select Security Change Password Application File Security Press WV V V Enter to select Serialnum Key Injection Inject Key Check Value Erase App Keys Serialnum Inject Inject Serial The terminal will now accept a serial number Wait for online injection se System Parameters The system parameters are explained in the following chapter 34 Chapter 5 Supervisor Menu Section 5 6 System Parameters System Parameters Menu 1 Overview This chapter explains how change system parameters These parameters allow you to indicate the download method set the download port setup the port and configure the host port s auto detect feature To view a list of current parameter settings see Viewing All Parameter Values on page 20 All system parameters are saved in the public file sysPara cfg which can be read by all applications that reside in the terminal s2 Setting the Download Method Use this procedure to select IBMEFT NCREFT or Zontalk as your download method Display Action To access the extended menu restart the terminal by pressing 1 CAN OK while the terminal is starting up access the extended menu by pressing the 1 and 3 keys simultaneously Extended Menu Press V W V Enter to select Supervisor Serialnum Inject Menu System Config System Info Supervisor Menu Enter Password Key pass
106. t corner tap again Repeat until you are notified if the test was successful Calibrate Pen Please tap box Ingenico 6500 User s Guide Calibrate Pen Calibration Succeeded You are notified if the calibration succeeded or failed Testing Finger Calibration 7 14 If your terminal is not correctly interpreting finger touches use this test to adjust the finger calibration This test is for the i6550 only Display Action To access the extended menu restart the terminal by pressing 1 CAN OK while the terminal is starting up access the extended menu by pressing the 1 and 3 keys simultaneously Extended Menu Press V Enter to select Diagnostic Menu Serialnum Inject System Config System Info Supervisor Menu Diagnostic Menu Diagnostic Menu Press W Enter to select Finger Calibration Display Keypad Beeper RS232 Tailgate USB Mag Stripe Reader Smart Card Reader SAM Touch Screen Signature Capture Pen Calibration Finger Calibration Please remove hands objects from around the display calibration will start in 3 seconds 84 Chapter 7 Diagnostic Menu Section 7 14 Testing Finger Calibration Please touch box Calibrate Finger Using your finger touch the four box grid The box moves around to the next corner touch again Tip For the
107. t screen of your application software 2 On the register press the Clear key and select the transaction type again If the problem persists continue to step 3 3 To restart the Ingenico 6500 device press Cancel 0 Enter simultaneously The Ingenico 6500 restarts and the first prompt screen of the application software displays 4 On the register press the Clear key and select either the CREDIT or DEBIT transaction type again Ingenico 6500 User s Guide 117 The Ingenico 6500 should now be at the first prompt screen of your application software i e it now reads Please Slide Card If not sign off the register and then sign on again EFT Device Not Available During Check 13 3 Authorization If the EFT Device Not Available message displays on the register during check authorization 1 Check to make sure the Ingenico 6500 is on and is displaying the first prompt screen of your application software 2 On the register press the Clear key and select the transaction type again If the problem persists continue to step 3 3 To restart the Ingenico 6500 device press Cancel 0 Enter simultaneously The Ingenico 6500 restarts and the first prompt screen of the application software displays 4 On the register press the Clear key and select the CHECK transaction type The Ingenico 6500 should now be at the first prompt screen of your application software i e it now reads Please Slide Card
108. ter to select Supervisor Serialnum Inject Menu System Config System Info Supervisor Menu Enter Password Key password 2 6 3 4 then press Enter Supervisor Menu Press VW V Enter to select Security Change Password Application File Security Ingenico 6500 User s Guide Security Key Check Value Erase App Keys Serialnum Inject Press Enter to select Key Injection Key Injection Inject Keys Injection Port Index Select X App Select AAAA Press W V V Enter to select App Select AAAA App Select Old Value XXXX Enter New Value Enter the new application select value and then press Enter Key Injection Injection Port Index Select Y App Select BBBB The Index Select BBBB option now reflects the new application number 55 Finding the Key Check Value Terminal Keys The key check value is a hexadecimal value that is used to verify that you have the right key in the terminal You can find a key check value for terminal keys or application keys This section covers terminal keys Display Action To access the extended menu restart the terminal by pressing 1 CAN OK while the terminal is starting up access the extended menu by pressing the 1 and 3 keys simultaneously Extended Menu Press W V V Enter to select Supervisor Serialnum Inject Menu System Config System Info Enter Password Key password
109. ter Name Description Value Data 28 RESERVED Download setting N A reserved 29 RESERVED Download setting N A reserved 30 PAR_COM1_BAUD_RATE COM1 baud rate setting 1 COM_BAUD_50 Uint8 2 COM_BAUD_75 3 COM_BAUD_150 4 COM_BAUD_ 300 5 COM_BAUD_600 6 COM_BAUD_ 1200 7 COM_BAUD_ 2400 8 COM_BAUD_ 4800 9 COM_BAUD_ 9600 10 COM_BAUD_19200 11 COM_BAUD_ 38400 12 COM_BAUD_ 57600 13 COM_BAUD_ 76800 14 COM_BAUD_ 115200 31 PAR_COM1_DATA_BITS COM1 data bits setting 1 COM_DATASIZE_5 Uint8 2 COM_DATASIZE 6 3 COM_DATASIZE_7 4 COM_DATASIZE_8 32 PAR_COM1_STOP_BITS COM1 stop bits setting 1 COM_STOP_1 Uint8 2 COM_STOP_2 33 PAR_COM1_PARITY COM1 parity setting 1 COM_PARITY_NONE Uint8 2 COM_PARITY_ODD 3 COM_PARITY_EVEN 34 PAR_COM1_LAN_ADDRES COM1 LAN address 1 byte number default 0x65 uint8 S setting 35 PAR_COM1_RETRY_COUN COM1 failure retry count 1 10 default 3 times uint8 T 36 PAR_COM1_RESP_TIMEO COM1 response timeout 4 bytes number 10ms a unit default uint3 UT 1000 2 37 PAR_COM1_POLL_TIMEO COM1 poll timeout 4 bytes number 10ms a unit default uint3 UT 3000 2 38 PAR_COM1_TURNAROUN COM1 turn around 4 bytes number 10ms a unit default uint3 D_TIMEOUT timeout 300 2 Ingenico 6500 User s Guide 67 B 39 Parameter Name PAR_COM1_INTERFACE_T YPE Description COM1 connection interface type WEIS PORT_AUTO 0 auto detect PORT_RS232 1 RS232 PORT_RS485 2 RS4
110. tion Ingenico 6500 User s Guide 97 956 Atalla Key Block Protection Option This option controls whether the double length master session key injection is protected by the Atalla key block injection If the option is enabled double length master or session key can only be injected through Atalla key block Possible Status Description Values 0 Disabled No protection is applied Double length master session key can be injected through any format Default 1 Enabled Protection is applied Double length master key and double length session key can only be injected through Atalla key block They cannot be injected through the normal key format Single length master session keys Atalla key block format keys single or double feature keys and single or double DUKPT keys can be injected through both the normal key format and Atalla key block format 957 Terminal Startup Verify MAC Option This option controls whether the terminal needs to verify the MAC at terminal startup for user application code files and data files that are contained in a valid certificate file The default value is disabled because the manufacturer does not load the certificate file Possible Status Description VEIE 0 Disabled Disable startup verify MAC option Default 1 Enabled Enable startup verify MAC option 958 Visa PED Mode Option This option controls whether the terminal runs in Visa PED
111. tion file in the terminal and perform the following security functions set key injection port allow key injection check the key value and allow the serial key to be injected s2 Supervisor Menu Password To access the extended menu restart the terminal by pressing 1 CAN OK while the terminal is starting up access the extended menu by pressing the 1 and 3 keys simultaneously Extended Menu Press V W V Enter to select Supervisor Serialnum Inject Menu System Config System Info Supervisor Menu Enter Password Key password 2 6 3 4 then press Enter Note If an incorrect password is entered the message Password Invalid displays then a prompt asks you to reenter the password ss Changing the Supervisor Menu Password The password is stored in the internal SRAM Display Action To access the extended menu restart the terminal by pressing 1 CAN OK while the terminal is starting up access the extended menu by pressing the 1 and 3 keys simultaneously Extended Menu Press V4 W V Enter to select Supervisor Serialnum Inject Menu System Config System Info Supervisor Menu Enter Password Key password 2 6 3 4 then press Enter 24 Chapter 5 Supervisor Menu Section 5 1 Overview Supervisor Menu Change Password Application File Enter Old Password Press Enter to select Change Password Enter old password
112. to form master variant keys to decrypt for PIN entry MAC and COM session keys Session Keys These keys are loaded encrypted under the corresponding master keys This means that the type and index of the working session key have to match the type and index of the corresponding master key that was used to encrypt it For application based financial keys the SSA will have a key structure matrix indexed by application ID The device can accommodate up to ten working session keys per application or up to 64 working session keys per terminal Available indexes for the working session keys are 0 9 per application or 0 64 per terminal These keys can be both single length DES keys and double length triple DES keys Similar to the master keys the device supports four types of working session keys Key Name Description of Key Working session This key is loaded encrypted under the corresponding Master Terminal PIN Key Terminal PIN Key It is used to encrypt the customer PIN for WTPK transmission to the host Working session This key is loaded encrypted under the corresponding Master Message Message Authentication Code Key It is used to authenticate the Authentication customer transaction Code Key WMACK Working session This key is loaded encrypted under the corresponding Master Communication Communication Key It is used to encrypt customer transaction Key WCK data between the debit terminal and th
113. tting COM1 COM 1 Char COM2 COM2 5 COM3 COM3 24 PAR_DWL_PORT_TYPE Download port type PORT_AUTO Uint8 setting 0 auto detect COM1 PORT_RS232 1 RS232 COM1 COM2 PORT_RS485 2 RS485 COM1 COM2 PORT_TAILGATE 3 Tailgate COM1 PORT_USB 4 USB COM1 PORT_ETHERNET 5 Ethernet COM3 PORT_ATMODEM 6 Dial COM1 COM2 PORT_3201 7 3201 COM1 64 Chapter 6 System Parameters Menu Section 6 6 Editing Parameters B 25 Parameter Name PAR_LAST_DWL_RESULT Description Last download result WEIS RES NO_DWN_ATTEMPT 0 no download attempt yet RES DWN_OK 1 last download result successfully RES _COMM_TX_ERROR 2 communication transmit error RES _COMM_REC_ERROR 3 communication receive error RES_QUALIFY_BLOCK_ERROR 4 qualify data block error RES BAD _PROG_ERROR 5 bad program RES_UNSUPPORT_HEADER_ERR OR 6 Unsupport eftl header file error RES _BAD_INDEX_ERROR 7 bad program index error RES _NO_DWN_KEY_ERROR 8 no download key error RES SCHEDULE_DWN_ERROR 9 fail to schedule download error RES _SEEK_BLOCK_ERROR 10 fail seek block error RES_LOST_BLOCK_ERROR 11 lost block error RES_GET_BLOCK_ERROR 12 fail to get block RES DECODE_BLOCK_ERROR 13 fail to decode block RES _CRC_ERROR 14 cre error RES_COMPLETE_PROGRAM_ER ROR 15 fail to complete program RES_OPEN_DWN_SESSION_ERR OR 16 Fail to open downlo
114. un 0 bytes Backup SRAM Size 0 bytes The security options and serial number display To scroll down to read the full report press VJ Ingenico 6500 User s Guide 4 5 Viewing All Parameter Values This menu option allows you to view the current system parameter settings To change system parameters see Chapter 6 System Parameters Menu on page 35 Display Action To access the extended menu restart the terminal by pressing 1 CAN OK while the terminal is starting up access the extended menu by pressing the 1 and 3 keys simultaneously Extended Menu Serialnum Inject System Config Supervisor Menu System Info Versions Security Info View Parameters Version Info 1 0 Key Entry Beep Enable Key Beep Length Click Key Beep Tone Low Device Type Signature Capture Press V V Enter to select System Info Press V V Enter to select View Parameter The current parameter settings display To scroll down to the next screen press VW When you are finished reading it press Can to return to the previous menu Note Your parameter values may be different LCD Contrast 100 Key Inj Port COM1 Manufacture ID INGNAR Device Type ID I6550N Chapter 4 System Info Menu Section 4 5 Viewing All Parameter Values Backlight Always On COM1 AutoDet Res RS485 COM1AutoDet On Off OFF COM1 AutoDet Timeout 500ms COM1 AutoDet Retry
115. ure ID INGNAR Char 16 7 PAR_DEVICE_TYPE_ID Device type ID e g i6550N i6510N Char 16 8 PAR_BKLT_TIMEOUT Backlight turn off timeout 8 bytes O OxFFFFFFFFFFFFFFFF Uint6 10ms a unit default is always on 4 9 PAR_LCD_BACKLIGHT LCD backlight 0 100 Uint8 10 PAR_AUTO_DET_RES Auto detect port 1 result AUTO_DET_RS232 0 RS232 Uint8 AUTO_DET_RS485 1 RS485 AUTO_DET_TALIF_IVILAN 2 TALIF IVILAN AUTO_DET_TAILGATE 3 IBM TAILGATE AUTO_DET_USB 4 USB 11 PAR_AUTO_DET_ONOFF Auto detect port 1 on or FALSE 0 off Uint8 otf TRUE 1 on 12 PAR_AUTO_DET_TIMEOU Auto detect port 1 timeout 4 bytes gt 0 10ms a unit Uint3 T 2 13 PAR_AUTO_DET_RETRY Auto detect port 1 retry 1 10 Uint8 times 14 RESERVED Auto detect setting N A reserved Ingenico 6500 User s Guide 63 ID Parameter Name Description Value Data 15 RESERVED Auto detect setting N A reserved 16 RESERVED Auto detect setting N A reserved 17 RESERVED Auto detect setting N A reserved 18 RESERVED Auto detect setting N A reserved 19 RESERVED Auto detect setting N A reserved 20 PAR_EFTL_LEVEL_NUM EFTL level number 0 9999 Uint1 6 21 PAR_EFTP_LEVEL_NUM EFTP level number 0 9999 Uint1 6 22 PAR_DWL_METHOD Download method setting SP_DLLM_IBMEFT 0 IBMEFT Uint8 SP_DLLM_NCREFT 1 NCREFT SP_DLLM_ZONTALK 2 ZONTALK SP_DLLM_GEMS 3 GEMS SP_DLLM_GERMANY 4 Germany Security Download 23 PAR_DWL_PORT_NUM Download port se
116. us menu 16 Chapter 3 System Configuration Menu Section 3 5 Turning the Backlight On or Off System Info Menu a1 Overview This chapter explains how to navigate through the system info menu to view the following system information check versions of download files operating system SSA and applications check security information such as MACing and view parameter settings 42 Finding Version Numbers To access the extended menu restart the terminal by pressing 1 CAN OK while the terminal is starting up access the extended menu by pressing the 1 and 3 keys simultaneously Extended Menu Serialnum Inject System Config System Info Supervisor Menu Press V V Enter to select System Info System Info Versions Security Info Versions The version numbers of the download files EFTL EFTL XXXX and EFTP Talif chip Digitizer loader and application operating system OS System and EPIR IERA Security Application SSA maintenance Press Enter to select Versions TALIF XX XX application MNT APP and all applications DIG LDR XX XX XX display DIG APP XX XX XX Press V to scroll down to see more information Os XX XX Press Can to return to the previous menu SSA XX XX MNT APP XX XX APP1 XX XX Ingenico 6500 User s Guide 17 4 3 Checking the Security Information To access the extended menu restart the terminal by pressing 1 CAN O
117. vious menu Changing the Beep Tones This option allows you to change the tone of the beep that sounds on key press To hear what each beep sounds like see Diagnostic Menu gt Testing the Beeper described on page 56 Display Action To access the extended menu restart the terminal by pressing 1 CAN OK while the terminal is starting up access the extended menu by pressing the 1 and 3 keys simultaneously Extended Menu Serialnum Inject System Info Supervisor Menu Press V Enter to select System Config System Config Change Date Time Display Contrast Key Press Beep Press V V Enter to select Key Press Beep Beep Tone Status Press Enter to select Enable High Disable Key Beep Press V Enter to select Tone Length Beep Tone Select the option you want Low Key Beep Length Tone Press Can to return to the previous menu 14 Chapter 3 System Configuration Menu Section 3 4 Changing the Beep Tones 3 5 3 5 1 3 5 2 Turning the Backlight On or Off Turning the Backlight On or Off Display Action To access the extended menu restart the terminal by pressing 1 CAN OK while the terminal is starting up access the extended menu by pressing the 1 and 3 keys simultaneously Extended Menu Serialnum Inject System Info Supervisor Menu System Config Press V V V Enter to select Backlight Change Date
118. word 2 6 3 4 then press Enter Supervisor Menu Press V VJ V Enter to select Sys Change Password Parameters Application File Security Sys Parameters Sys Parameters Download Method Download Port Press Enter to select Download Method Setup Port Download Method Select the method you want IBMEFT Note The default is IBMEFT NCREFT Zontalk Ingenico 6500 User s Guide 35 GEMS Germany Updating Selecting the Download Port 6 3 Use this procedure to select the download port Display Action To access the extended menu restart the terminal by pressing 1 CAN OK while the terminal is starting up access the extended menu by pressing the 1 and 3 keys simultaneously ress WV Enter to select Supervisor Extended Menu P N V V Enter t lect Supervi Serialnum Inject Menu System Config System Info Enter Password Key password 2 6 3 4 then press Enter Supervisor Menu Press W V V Enter to select Sys Change Password Parameters Application File Security Sys Parameters Sys Parameters Press W Enter to select Download Port Download Method Download Port Setup Port Download Port Select the port that you want to use as the download port Port2 Port3 36 Chapter 6 System Parameters Menu Section 6 3 Selecting the Download Port s4 Setting Up the Port 64 1 Selecting the Download
119. x port through this menu option For example if your host uses Ethernet you may set your host port as Port 3 Display Action To access the extended menu restart the terminal by pressing 1 CAN OK while the terminal is starting up access the extended menu by pressing the 1 and 3 keys simultaneously Extended Menu Press V V V Enter to select Supervisor Serialnum Inject System Config System Info Enter Password Key password 2 6 3 4 then press Enter Supervisor Menu Press W V V Enter to select Sys Change Password Application File Security Sys Parameters Sys Parameters Press V V Enter to select Setup Port Download Method Download Port Setup Port Setup Port Press W until you reach Host or Aux port and Port1 then press Enter Port2 Port3 Dial Host Port Aux Port Dial Select the COM port you want COM1 COM2 COM3 Updating 58 Chapter 6 System Parameters Menu Section 6 4 Setting Up the Port 6 5 6 5 1 Configuring the Host Port Auto Detect Feature By default the Host port is set to automatically detect the communications method being used RS232 RS485 IVI LAN protocol RS485 Tailgate protocol USB or PoweredUSB Disabling or Enabling the Auto Detect Feature By default the Host port s Auto Detect feature is enabled Display Action To access the extended menu restart the terminal by pressing 1 CAN OK while the terminal is starting up access the ext
120. xtended menu restart the terminal by pressing 1 CAN OK while the terminal is starting up access the extended menu by pressing the 1 and 3 keys simultaneously Extended Menu Serialnum Inject System Config System Info Supervisor Menu System Config Press WV Enter to select Display Contrast System Date Time Display Contrast Contrast 100 The current value is displayed between 0 and n 100 To decrease the contrast press the WV key To increase the contrast press the 1 key When the desired setting is reached press Enter to accept and return the configuration menu Note If you press Can or CORR the contrast setting is not changed Press V Enter to select System Config Note The terminal modifies contrast settings automatically when temperatures vary 34 Changing the Beep Tones You may disable enable or change the beep tones that sound when keys are pressed These settings are stored in sysPara cfg To test the beep tones see Testing the Beeper on page 56 341 Enable Disable Beep Tones DIREN Action To access the extended menu restart the terminal by pressing 1 CAN OK while the terminal is starting up access the extended menu by pressing the 1 and 3 keys simultaneously Extended Menu Serialnum Inject System Info Supervisor Menu Press V Enter to select System Config 12 Chapter 3 System Configuration Menu
Download Pdf Manuals
Related Search