Ingenico 6500 ユーザーズマニュアル
Ingenico 6500 User’s Guide
89
System and Security Application
The System and Security Application (SSA) has two modules.
The System and Security Application (SSA) has two modules.
The system module contains the terminal’s extended menu, where users can
change options related to downloading, diagnostics, system parameters, and
system configuration.
change options related to downloading, diagnostics, system parameters, and
system configuration.
The security module implements all security requirements, such as key injection
and key management. The cryptography functions of the operating system,
including key storage areas, are only accessible to the security module. The
security module provides a cryptography API to other applications. The SSA blocks
any user applications from using the HMI peripheral of the operating system. Thus,
all requests by the user application to display forms or receive touch or stylus input
must go through the SSA. The SSA then rejects any improper insecure requests,
such as:
and key management. The cryptography functions of the operating system,
including key storage areas, are only accessible to the security module. The
security module provides a cryptography API to other applications. The SSA blocks
any user applications from using the HMI peripheral of the operating system. Thus,
all requests by the user application to display forms or receive touch or stylus input
must go through the SSA. The SSA then rejects any improper insecure requests,
such as:
— Activate more than 8 screen buttons (which could be used to
create a false PIN pad).
— Activate PIN entry with a prompt that has no valid MAC (if the
MACing option is on; this prevents the improper collection of the
encryption results of known data).
encryption results of known data).
— Activate clear text entry with a prompt that has no valid MAC (if the
MACing option is on).
— Activate clear text entry with a prompt that contains words such as
PIN, NIP, etc. (if the MACing option is off).
— Retrieve pixel coordinates of individual screen touches (which
could be used to create a false PIN pad).
— Request more than 30 PIN encryptions within 15 seconds when
using MASTER PIN KEY.
Maintenance Application
The maintenance application is in charge of system components and secure application
download. It is an extension of the SSA and the SSA invokes it. It executes before other
user applications in order to check version numbers and download new software if needed.
The maintenance application is in charge of system components and secure application
download. It is an extension of the SSA and the SSA invokes it. It executes before other
user applications in order to check version numbers and download new software if needed.
The maintenance application communicates with the user application through the
peripheral application manager (PAM). The maintenance application has a downloader that
communicates with the host in the specified download protocol to receive data and send
responses. Each download protocol has its own download application.
peripheral application manager (PAM). The maintenance application has a downloader that
communicates with the host in the specified download protocol to receive data and send
responses. Each download protocol has its own download application.
The maintenance application sends the code files and application data files it receives to
the data file system (DFS) first. At the end of download, it releases the COM port, and then
requests an offline download from the SSA. The SSA maintenance module performs a
security call back to decrypt, unzip, and authenticate the code before it writes the code file
to the code file system (CFS). Also, it takes the data files from DFS, goes through the call
back function to authenticate it, and puts them in the right place within the DFS.
the data file system (DFS) first. At the end of download, it releases the COM port, and then
requests an offline download from the SSA. The SSA maintenance module performs a
security call back to decrypt, unzip, and authenticate the code before it writes the code file
to the code file system (CFS). Also, it takes the data files from DFS, goes through the call
back function to authenticate it, and puts them in the right place within the DFS.
The download port selection, download protocol, and port setting can be set in the
supervisor menu (see Chapter
supervisor menu (see Chapter
, on page