Cayan Genius smart p2pe User manual

Error! No text of specified style in document.

Genius Smart P2PE™

P2PE Instruction Manual

Public

Doc no: CO-PUB-0101

Version 1.6.2 – 3rd September 2020

No part of this publication may be reproduced, copied, manipulated, altered, or transmitted in any

form or by any means, electronic or mechanical, including, without limitation, by photocopy,

imaging, or recording, without the express prior written consent in each case of the copyright

owner. The names, trademarks, logos, and service marks displayed in this publication will be

protected by the owner to the fullest extent of the law, and any use without the express prior

written permission of the trademark owner is strictly prohibited. The information contained in this

publication is current when published; however, the publisher reserves the right to update and

modify the specifications or other product information at any time without notice.

Contents

Copyright notice ......................................................................................................................................... 2

Contents ...................................................................................................................................................... 3

1. P2PE Solution Information and Solution Provider Contact Details.............................................. 4

2. Confirm devices were not tampered with and confirm the identity of any third-party

personnel............................................................................................................................................ 5

3. Approved POI Devices, Applications/Software, and the Merchant Inventory .......................... 10

4. POI Device Installation Instructions .............................................................................................. 15

5. POI Device Transit............................................................................................................................ 35

6. POI Device Tamper & Modification Guidance............................................................................... 36

7. Device Encryption Issues................................................................................................................. 44

8. POI Device Troubleshooting........................................................................................................... 45

9. Additional Guidance ........................................................................................................................ 51

10. Appendix: Checklist for Remote Key Injection.............................................................................. 54

P2PE Instruction Manual for PCI P2PE v3.0 Version 1.6.2 – 3rd September 2020

1. P2PE Solution Information and Solution Provider Contact Details

1.1 P2PE Solution Information

Solution name: Genius Smart P2PE

Solution reference number per

PCI SSC website: 2017.01037.001

1.2 Solution Provider Contact Information

Company name: Global Payments Direct, Inc.

Company address: 1 Federal Street

Second Floor

Boston

MA 02110

Company URL: www.globalpaymentsintegrated.com

Contact name: Contact Center Services

Contact phone number: (1) (888) 249-3220

Contact e-mail address: [email protected]

P2PE and PCI DSS

Merchants using this P2PE Solution may be required to validate PCI DSS compliance and should be

aware of their applicable PCI DSS requirements. Merchants should contact their acquirer or

payment brands to determine their PCI DSS validation requirements.

P2PE Instruction Manual for PCI P2PE v3.0 Version 1.6.2 – 3rd September 2020

2. Confirm devices were not tampered with and confirm the identity of any

third-party personnel

2.1 Instructions for ensuring POI devices originate from trusted sites/locations only

To confirm that your device was shipped from a trusted location, do the following:

•Check the shipping label to confirm that the device was shipped from one of the following

two secure sites:

‒POS Portal, 1627 Main Ave, Sacramento, CA 95838

‒POS Portal, 1920 Watterson Trail # A, Louisville, KY 40299

Important: If you receive your device from any other site or location, do NOT use the

device. Contact our Customer Support Team at (1) (888) 249-3220.

2.2 Instructions for confirming POI device and packaging were not tampered with, and for

establishing secure, confirmed communications with the solution provider.

To confirm that your device was not tampered with during shipping, complete the following

checks:

1. Open the shipping box and remove the packing slip and the Genius box.

2. Open the Genius box.

Genius Countertop packaging

P2PE Instruction Manual for PCI P2PE v3.0 Version 1.6.2 – 3rd September 2020

2.2 Instructions for confirming POI device and packaging were not tampered with, and for

establishing secure, confirmed communications with the solution provider.

Genius Handheld packaging

3. Check that the Genius device is packed in a tamper-evident bag.

Genius Countertop device Genius Handheld device

4. Confirm that the tamper-evident bag has no rips or evidence of tampering.

5. Check the tape that seals the top of the bag for evidence of tampering. If anyone has

tried to remove the tape, the word “VOID” is displayed.

P2PE Instruction Manual for PCI P2PE v3.0 Version 1.6.2 – 3rd September 2020

2.2 Instructions for confirming POI device and packaging were not tampered with, and for

establishing secure, confirmed communications with the solution provider.

6. Check that the serial number of the tamper-evident bag matches the serial number

printed on the packing slip.

‒The serial number of the tamper-evident bag is located underneath the barcode on the

front of the bag.

‒The corresponding serial number is printed in the rightmost column of the packing slip,

after the letters TE.

7. Check that the serial number of the device matches the serial number printed on the

packing slip.

‒The serial number of the Genius device is located on the back of the device.

Genius Countertop device

P2PE Instruction Manual for PCI P2PE v3.0 Version 1.6.2 – 3rd September 2020

2.2 Instructions for confirming POI device and packaging were not tampered with, and for

establishing secure, confirmed communications with the solution provider.

Genius Handheld device

‒The corresponding serial number is printed in the rightmost column of the packing slip.

Physically secure POI devices in your possession, including devices:

•Awaiting deployment

•Undergoing repair or otherwise not in use

•Waiting transport between sites/locations

P2PE Instruction Manual for PCI P2PE v3.0 Version 1.6.2 – 3rd September 2020

2.3 Instructions to confirm the business need for, and identities of, any third-party

personnel claiming to be support or repair personnel, prior to granting those personnel

access to POI devices.

We do not repair deployed devices; therefore, you should NOT grant access to any person that

claims to be repair or support personnel.

P2PE Instruction Manual for PCI P2PE v3.0 Version 1.6.2 – 3rd September 2020

3. Approved POI Devices, Applications/Software, and the Merchant Inventory

3.1 POI Device Details

The following information lists the details of the PCI-approved POI devices approved for use in this

P2PE solution.

Note:All POI device information can be verified by visiting:

https://www.pcisecuritystandards.org/approved_companies_providers/approved_pin_transaction_security.php

See also Section 9.2, "Instructions for how to confirm hardware, firmware, and application versions

on POI devices” on page 51.

PCI PTS approval

POI device vendor: POI device model

name and

number:

Hardware version

#(s):

Firmware version

4-10110 Verifone MX915: M132-40x-

xx-xxx, Version 3.x

P132-40x-xx-xxx,

Vault: 14.x.x;

AppM: 8.x.x; SRED:

7.x.x, Vault: 16.x.x;

AppM: 10.x.x

Vault: 1.x.x, 3.x.x,

4.x.x, 11.x.x,

12.x.x, AppM:

1.x.x; 3.x.x; 4.x.x;

5.x.x, 5A.x.x, 6.x.x,

SRED: 1.x.x, 3.x.x;

4.x.x; 5.x.x, OP:

1.x.x, 3.x.x; 4.x.x;

7.x.x, SRED

5.x.x.xxx, Vault:

13.x.x, AppM:

7.x.x, Vault: 17.x.x,

AppM: 10.x.x,

SRED: 7.x.x, OP:

7.x.x

4-10110 Verifone MX925: M132-50x-

xx-xxx, Version 3.x

P132-50x-xx-xxx,

Vault: 14.x.x;

AppM: 8.x.x; SRED:

7.x.x, Vault: 16.x.x;

AppM: 10.x.x

Vault: 1.x.x, 3.x.x,

4.x.x, 11.x.x,

12.x.x, AppM:

1.x.x; 3.x.x; 4.x.x;

5.x.x, 5A.x.x, 6.x.x,

SRED: 1.x.x, 3.x.x;

4.x.x; 5.x.x, OP:

1.x.x, 3.x.x; 4.x.x;

7.x.x, SRED

5.x.x.xxx, Vault:

13.x.x, AppM:

7.x.x, Vault: 17.x.x,

AppM: 10.x.x,

SRED: 7.x.x, OP:

7.x.x

P2PE Instruction Manual for PCI P2PE v3.0 Version 1.6.2 – 3rd September 2020

PCI PTS approval

POI device

vendor:

POI device model

name and

number:

Hardware version

#(s):

Firmware version

4-10177 Verifone MX915: M177-40x-

xx-xxx, Version 4.x

P177-40x-xx-xxx Vault: 11.x.x;

12.x.x, 13.x.x,

AppM: 5.x.x;

5A.x.x; 6.x.x; 7.x.x,

SRED: 4.x.x; 5.x.x,

OP: 5.x.x; 6.x.x;

7.x.x, Vault: 14.x.x;

AppM: 8.x.x; SRED:

7.x.x, Vault: 16.x.x;

AppM: 10.x.x,

Vault: 17.x.x

4-10177 Verifone MX925: M177-50x-

xx-xxx, Version 4.x

P177-50x-xx-xxx Vault: 11.x.x;

12.x.x, 13.x.x,

AppM: 5.x.x;

5A.x.x; 6.x.x; 7.x.x,

SRED: 4.x.x; 5.x.x,

OP: 5.x.x; 6.x.x;

7.x.x, Vault: 14.x.x;

AppM: 8.x.x; SRED:

7.x.x, Vault: 16.x.x;

AppM: 10.x.x,

Vault: 17.x.x

4-10204 BBPOS

International

Limited

WSX2 WSX2XXX-XX-XXX

(WSX2)

WSX1.002-

08.x.xx.xx.xx.xx

(WSX2)

P2PE Instruction Manual for PCI P2PE v3.0 Version 1.6.2 – 3rd September 2020

3.2 POI Software/Application Details

The following information lists the details of all software/applications (both P2PE applications and

P2PE non-payment software) on POI devices used in this P2PE solution.

All applications with access to clear-text account data must be reviewed according to Domain 2 and are

included in the P2PE solution listing. These applications may also be optionally included in the PCI P2PE

list of Validated P2PE Applications list at vendor or solution provider discretion.

Application

Vendor,

Name and

Version #

POI Device

Vendor

POI Device

Model Name(s)

and Number:

POI Device

Hardware &

Firmware Version

Application

PCI Listed?

(Y/N)

Does Application

Have Access to

Clear-Text

Account Data

(Y/N)

Cayan,

Genius

version

5.2.*.*

Verifone MX915 M133-

40x-xx-xxx,

Version 3.x

MX925 M132-

50x-xx-xxx,

Version 3.x

Hardware version:

P132-40x-xx-xxx,

Vault: 14.x.x;

AppM: 8.x.x; SRED:

7.x.x, Vault: 16.x.x;

AppM: 10.x.x

P132-50x-xx-xxx,

Vault: 14.x.x;

AppM: 8.x.x; SRED:

7.x.x, Vault: 16.x.x;

AppM: 10.x.x

Firmware version:

Vault: 1.x.x, 3.x.x,

4.x.x, 11.x.x, 12.x.x,

AppM: 1.x.x; 3.x.x;

4.x.x; 5.x.x, 5A.x.x,

6.x.x, SRED: 1.x.x,

3.x.x; 4.x.x; 5.x.x,

OP: 1.x.x, 3.x.x;

4.x.x; 7.x.x, SRED

5.x.x.xxx, Vault:

13.x.x, AppM:

7.x.x, Vault: 17.x.x,

AppM: 10.x.x,

SRED: 7.x.x, OP:

7.x.x

Y Y

P2PE Instruction Manual for PCI P2PE v3.0 Version 1.6.2 – 3rd September 2020

3.2 POI Software/Application Details

Cayan,

Genius

version

5.2.*.*

Verifone MX915 M177-

40x-xx-xxx,

Version 4.x

MX925 M177-

50x-xx-xxx,

Version 4.x

Hardware version:

P177-40x-xx-xxx

P177-50x-xx-xxx

Firmware version:

Vault: 11.x.x;

12.x.x, 13.x.x,

AppM: 5.x.x;

5A.x.x; 6.x.x; 7.x.x,

SRED: 4.x.x; 5.x.x,

OP: 5.x.x; 6.x.x;

7.x.x, Vault: 14.x.x;

AppM: 8.x.x; SRED:

7.x.x, Vault: 16.x.x;

AppM: 10.x.x,

Vault: 17.x.x

Y Y

3.3 POI Inventory & Monitoring

All POI devices, must be documented via inventory control and monitoring procedures,

including device status (deployed, awaiting deployment, undergoing repair or otherwise not

in use, or in transit).

This inventory must be performed annually, at a minimum.

Any variances in inventory, including missing or substituted POI devices, must be reported

to Cayan via the contact information in Section 1.2 above.

Sample inventory table below is for illustrative purposes only. The actual inventory should

be captured and maintained by the merchant in an external document.

You must maintain an inventory of all your P2PE devices, and include at least the following

information about each device:

•Make and model – The device’s make and model information are printed in one of the

following locations:

‒On the underside of Genius Countertop devices

‒Underneath the battery of Genius Handheld devices. For more information about how

to remove and replace the battery of a Genius Handheld device, see Section 8.1.3

"Removing and replacing the battery of a Genius Handheld device” on page 49.

•Serial number –The device’s serial number is printed in one of the following locations:

‒On the underside of Genius Countertop devices

‒Underneath the battery of Genius Handheld devices. For more information about how

to remove the battery of a Genius Handheld device, see Section 8.1.3 "Removing and

replacing the battery of a Genius Handheld device” on page 49.

•Location – Where you physically located the device in your business. For Genius Handheld

devices you should record where you store the device when it is not in use.

P2PE Instruction Manual for PCI P2PE v3.0 Version 1.6.2 – 3rd September 2020

•

Status – Description of the device’s status, which can be one of the following:

‒Awaiting deployment – The device is working correctly, and you are currently storing

the device before using it in your business.

‒Deployed – The device is working correctly, and you are using it in your business.

‒Not in use – The device is working correctly, but you do not need to use it in your

business. You must securely store any devices that are not in use.

‒Awaiting replacement – The device is not working correctly, and you are waiting for us

to send you a replacement device. You must securely store any devices that are

awaiting replacement.

Important: You must use only PCI-approved P2PE devices to process transactions. If you

process any transactions using devices that are not P2PE validated, you are no longer

considered P2PE compliant.

Sample Inventory Table

Device

Vendor

Device Model

Name(s) and

Number

Device

Location

Device

Status

Serial Number

or Other Unique

Identifier

Date of

Inventory

P2PE Instruction Manual for PCI P2PE v3.0 Version 1.6.2 – 3rd September 2020

4. POI Device Installation Instructions

Do not connect non-approved cardholder data capture devices.

The P2PE solution is approved to include specific PCI-approved POI devices. Only these devices

denoted above in table 3.1 are allowed for cardholder data capture.

If a merchant’s PCI-approved POI device is connected to a data capture mechanism that is not

PCI approved, (for example, if a PCI-approved SCR was connected to a keypad that was not PCI-

approved):

The use of such mechanisms to collect PCI payment-card data could mean that more PCI DSS

requirements are now applicable for the merchant.

Do not change or attempt to change device configurations or settings.

Changing device configurations or settings may invalidate the PCI-approved P2PE solution

in its entirety.Examples include, but are not limited to:

Enabling any device interfaces or data-capture mechanisms that were disabled on the P2PE

solution POI device.

Altering security configurations or authentication controls on the POI device.

Physically opening the POI device.

Attempting to install unauthorized applications onto the POI device.

4.1 Installation and connection instructions

4.1.1 Getting started

4.1.1.1 Genius Countertop devices

To use Genius Smart P2PE, you can either purchase new devices from us or we can remotely

inject keys into your existing devices. To use existing devices, they must be version 3.0 or version

4.0 of Verifone’s hardware and be listed as PCI approved PTS devices.

Existing devices

To use existing devices:

•Complete “Appendix: Checklist for Remote Key Injection” on page 54 and send it to

[email protected]

•After we remotely inject keys into your devices, complete “Verifying that the Genius device

is ready” on page 19 and “Testing a transaction” on page 21.

•All other sections of the PIM apply when you are using existing devices, except for section

2.2 on page 5 to page 8.

4.1.1.2 Genius Handheld devices

To use Genius Smart P2PE, you must purchase Handheld devices from us.

P2PE Instruction Manual for PCI P2PE v3.0 Version 1.6.2 – 3rd September 2020

4.1 Installation and connection instructions

4.1.2 New Genius Countertop devices

Before you install your Genius device, complete the following tasks:

•Locate your Merchantware credentials. We sent your credentials in an email that had a

subject line with the words “Merchantware Credentials”.

•Check that your internet connection is functioning correctly, and that there is an available

network port on your router or switch.

Note: A video tutorial is available at https://help.globalpaymentsintegrated.com/getting-

started/how-do-i-set-up-my-genius-device/.

4.1.2.1 Genius Countertop components

Genius Countertop device

Ethernet cable Multiport cable AC adapter

P2PE Instruction Manual for PCI P2PE v3.0 Version 1.6.2 – 3rd September 2020

4.1 Installation and connection instructions

4.1.2.2 Connecting the communications module

1. Turn the Genius device upside-down and place it on a flat, stable surface. Firmly press

the flexible tabs and push up to remove the communications module.

2. Hold the module securely in your hands and slide the metal plate out.

3. Attach the multiport cable connector as shown and slide out the metal plate back into

place.

4. Insert the communications module into the Genius device.

P2PE Instruction Manual for PCI P2PE v3.0 Version 1.6.2 – 3rd September 2020

4.1 Installation and connection instructions

4.1.2.3 Connecting to the network

1. Connect one end of your Ethernet cable to an available port on your router or switch.

2. Connect the other end of the Ethernet cable to the Ethernet port on the multiport cable.

4.1.2.4 Powering the Genius Countertop device

1. Check that the communications module is firmly in place on the Genius device.

2. Connect the AC adapter to the +12V connection on the multiport cable and plug the

adapter into a power socket.

P2PE Instruction Manual for PCI P2PE v3.0 Version 1.6.2 – 3rd September 2020

4.1 Installation and connection instructions

4.1.2.5 Verifying that the Genius Countertop device is ready to use

Important: We have configured the Genius Countertop device to receive an IP Address

from a Dynamic Host Configuration Protocol (DHCP) server by default. If you need to

configure a Static IP address, please see “Setting a static IP address” on page 21.

1. When Genius is displaying the splash screen, press 0on the keypad three times.

2. Using the keypad type the password, then press Enter (green button). The default

password is 9416557.

3. Confirm that the IP Address field is populated. Take a note of the address for use with

your POS.

P2PE Instruction Manual for PCI P2PE v3.0 Version 1.6.2 – 3rd September 2020

4.1 Installation and connection instructions

4. Confirm that Secure Reading and Exchange of Data (SRED) is enabled on your device by

checking that the App version shows SRED.

Important: If your device does not show SRED, do NOT use the device. Contact our

Customer Support Team at (1) (888) 249-3220.

5. Tap Network, then tap Test.

6. Confirm that the Gateway Connection Test passed.

7. Tap Done.

8. On the keypad, press the Xbutton to exit and return to the Splash screen.

Note: If the Gateway connection test fails, check your internet connection, or contact

our Customer Support Team at (1) (888) 249-3220.

4.1.2.6 Configuring your POS

1. Find your Merchantware credentials.

2. Consult with your POS provider for help with configuring your POS system with the

Genius Countertop device.

Other manuals for Genius Smart P2PE

Table of contents

Other Cayan Touch Terminal manuals

Cayan

Cayan Genius User manual

Cayan

Cayan Genius User manual

Popular Touch Terminal manuals by other brands

Wincor Nixdorf

Wincor Nixdorf Beetle /i8A operating manual

Newland

Newland NLS-MT37 user guide

eyecool

eyecool ECX332 quick start guide

Teltonika

Teltonika FMB630 First start-up quick start guide

Magtek

Magtek DYNAPRO Installation and operation manual

Epson

Epson TM-U590 Series Product information guide

Ingenico

Ingenico Lane 3000 quick start guide

Anker

Anker till.one mobile operating manual

JASSWAY

JASSWAY ALTAS user manual

DSPPA

DSPPA DSP9903A user manual

Appostar

Appostar KP-5374 user manual

ADTRAN

ADTRAN Total Access 5000 quick start guide

Datecs

Datecs BluePad-50 Plus MSR user guide

ARMATURA

ARMATURA OmniAC20CAPQ quick start guide

BeaconMedaes

BeaconMedaes Gem 10 installation instructions

Videotron

Videotron ILLICO X8 user guide

JARLTECH

JARLTECH 8100p series Operation manual

Adtron

Adtron Total Access 1000 Installation and Maintenance

Cayan Genius Smart P2PE User manual

Popular Touch Terminal manuals by other brands