¶ Introduction
Using the VeriFone Chip Readers offers a highly secure method of collecting cardholder data.
Cardholder data Is encrypted within the device itself, and remains encrypted as it travels across the internet to our PCI Level One Compliant processing platform. When a merchant supports this type of reader, they also help with eliminating charge backs for transactions which were run through the device.
¶ PCI SSC Software Security Framework (SSF)
Software Security Framework is a re-working of the existing PCI standard PA DSS. The PA DSS is going to be retired on June 30, 2021
Note: Easy Pay's "Aspen 3.1" is the first application to achieve the PCI Councils newest certification, SSF. The use of the "Aspen 3.1" software by an integrator or merchant provides an End-to-End Encrypted (E2EE) solution! LINK
¶ Architecture
The Verifone card readers are small hand-held devices, and they communicate with your computer on a USB port. A typical chip transaction is comprised of about a dozen transmissions back and forth between host (your computer) and device (VeriFone Device) and then finally off to the Easy Pay cloud platform.
¶ What We Offer
Currently we offer three different options for collecting payments with the Verifone card readers (Windows OS Only):
¶ 1) Standalone Desktop Application
This application does the following:
- Collect Payments
- Create Card-on-File (Annual Consent)
- Create Card-on-File Payment Plans (Fixed Recurring Consent)
- Process Card-on-File
- Void / Credit (Refund)
- Settlements
- Reporting (with export to PDF)
¶ 2) Easy Pay Verifone SDK
This is simply a DLL written in C# MANAGED code and it provides a means of collecting payments and creating Card-on-File plans. Used in conjunction with our API, you can basically manage all aspects of your payment requirements, and all within the confines of your own custom application.
In order for you to DIRECTLY interface with the VeriFone using our SDK, you will need two components.
The first component when installed correctly will provide USB drivers and create a Virtual COM 9 port. In addition, it will add a unique EVENT LOG to the existing windows Event Log collection. In order to install THE FIRST COMPONENT please do the following
- Connect your Verifone to the USB port which you plan to utilize.
- Wait until the device is fully initialized.
- Download and extract the ZIP file named Setup_USB_log.zip to the location of your choice.
- Right click the EXE named Setup_USB_log.exe and choose RUN AS ADMINISTRATOR
- Once the installation is complete you can verify the new windows event log named EPMIDDLEWARE
¶ 3) Jquery , AJAX , HTML interface
In order to interface with browser content Easy Pay has developed a windows service which uses Cross-Origin Resource Sharing (CORS) to communicate with the browser (EDGE, Mozilla, Chrome). This allows our Integrators to write simple client-side script within THEIR OWN web applications which will initiate transactions with the local Verifone. A very simple HTML site can be downloaded HERE which will show exactly how you can interact with our VeriFone from your own web applications. No cardholder data is transferred to the Integrator site as it is END to END encryption between the Verifone, Win Service, and EasyPay Cloud Servers. The Win service will return a simple XML response for each transaction directly to the HTML/PHP/ASP.NET page for consumption by the Host application.
There are 2 categories of integrations which require two different sets of files
- Browser Based Integrations (Install our Win Service which contains all your dependencies including the drivers and console installer)
- Desktop Based Integrations (Install Our SDK) (Here you will need a separate install for the Drivers and custom event Log installer)
In order for your (browser based) application to communicate with our Verifone, you will need to first install our windows service. PLEASE DOWNLOAD HERE. You must first extract the files to a location of your choice and then RIGHT CLICK on the EXE and choose RUN AS ADMIN.
The following install package does the following
- Installs USB drivers for the Verifone
- Creates a Custom Event Log with windows named EPmiddleware
- Installs a Certificate which encrypts data between the browser and the Windows service
- Install the windows service which listens on Port 8031
¶ Virtual Terminal
Our EasyPay Virtual Terminal has built in support for Verifone. One would need to install the service and ask for this feature to be activated.
You can download the Windows service HERE
¶ Required Components
The windows service installer includes the following:
- Proper USB Driver (Verifone Serial Communications “COM9”)
- A custom Windows Event Log (important for monitoring and troubleshooting)
- A Windows Certificate (used to securely bind VeriFone to the host processing port 8031)
Easy Pay supplies an installation program, that needs to be ran by a local administrator to achieve the above requirements.
¶ Custom Windows Event Log
Once the installation program has completed you will notice a new Windows Event Log has been registered named EPmiddleWare.
The Custom Windows Event Log stores relevant information while it processes transactions as well as any errors encountered. This becomes a powerful troubleshooting component should the merchant have any problems. They would simply export the log and send it to Easy Pay if any unexpected behavior is encountered.
¶ Network Considerations
If you use the Middleware service (required for browser apps only) then you should be aware that we use PORT:8031 on the local machine to communicate between the browser and the Windows Service. If you have security software installed you may wish to create a RULE which allows this traffic to flow. You can limit this rule to the local machine as communication is exclusively Local. The traffic on PORT:8031 is bound to the Windows Certificate on localhost.
The following two certificates will be installed by the installation program (in Local Machine Certificate store).
¶ Installing Components
¶ Standalone Desktop Application
If you are interested in using the standalone desktop application please contact support for an Installation Package.
¶ Easy Pay VeriFone SDK
The following files are required to directly Interface with the VeriFone. You only need to interface directly to the file named EP.Enterprise.Vx820.dll. The other 3 files are dependencies.
You can obtain these files for the VeriFone device HERE
This interface is documented in a separate document. A sample C# program which uses this interface can be downloaded HERE
¶ Web Based Widget and Virtual Terminal VeriFone Window Service:
This type of integration requires the following components:
- USB Drivers
- Custom Windows Event Log Installation
- Two Windows Certificates (Both Root Authority and Localhost Certificate)
- A Network Binding on Port 8031 for the Localhost Certificate
- A Custom Windows Service
All of these components are installed using a single bootstrapper executable file. This program MUST be run using an elevated privilege (MUST BE RAN AS ADMINISTRATOR).
You can download the service for the VeriFone device HERE
- Plug VeriFone into USB port and wait for Plug and Play activity to cease
- Download and extract .zip file to the location of your choice (preferably to your desktop)
- Right-click on EPVerifoneSetup_E2E_1039.exe
- RUN AS ADMINISTRATOR
- Command Prompt will appear, watch for any errors
- Reboot Computer
¶ End-To-End Encryption
