P2PE implementation in Hospitality

This section describes how Hospitality is implemented for Point-to-point Encryption (P2PE) solution, covering Domain 1: Encryption Device and Application Management and its Hospitality implementation. Hospitality provides an installer for P2PE Merchants that has implemented all below mentioned requirements.

Domain 1: Encryption Device and Application Management

Requirement 1A: Account data must be encrypted in equipment that is resistant to physical and logical compromise

1A-1 PCI-approved POI devices with SRED are used for transaction acceptance.

1A-2 Applications on POI devices with access to clear-text account data are assessed per Domain 2 before being deployed into a P2PE solution.

Hospitality supports P2PE environment. There is only one installer provided for P2PE enabled PEDs that supports SRED /encryption/E2EE enabled PEDs.

See below Figure for PED list for P2PE merchants.

  • Instance Management: At the time of initialization Hospitality checks SRED status of connected PED of all instances. If any PED found not SRED then hospitality application doesn't exit or restart the whole application, it just stop working of that particular PED which is not SRED enabled.

Below are the steps that show how hospitality communicates with PED at the time of initialization:

  • The PED with all required configuration (IP and port) connects to the Hospitality server and if connection is established then it proceeds with another step otherwise it shows below error message:

    Copied!
    Problem in socket connection ...Accept timed out.
      Exception while making connection to PED for instance :XX
  • If the above step is successful then hospitality checks that connected PED is SRED enabled. Hospitality send a command to PED to check the SRED status. Below is the process how hospitality check it for Ingenico (iWL250) .

  • For Ingenico Hospitality send the ‘Read Version’ command which returns 4 bytes of security file version number in response. If the value of security file version number is other than ‘0000’ then it is a P2PE enable PED. Please refer the Ingenico API specification guide (‘Retail PED Application Specification RA1.16.00’) section ‘6.1.2 Read Version’ for more details

    If hospitality application found that PED is SRED disabled (Non-SRED) then hospitality provides below message in loggers and stop initialization of that particular instance with Non P2PE PED but other instances should working fine if it is connected with SRED enabled PED. Otherwise proceed to another step

    Unable to open this instance, NON_P2PE PED Found...Please call worldpay Service Desk.. instanceXX

  • For P2PE PED, Hospitality issues a command to the PED to read the ‘Device Interface Version’ and ‘PED Serial Number’. These device parameters are required for DMS.

  • Hospitality then sends the request to the Worldpay Total central service to download EMV config files/Dataset files, along with the PED information. These are the parameters that are sent in the request API for downloading EMV configuration files/Dataset files from EMBOSS:

    NumberRequest ParameterSource (Hospitality / PED)
    1Terminal IDHospitality
    2Merchant IDHospitality
    3Software Version (Version of Hospitality)Hospitality
    4Device Type (iWL250)Hospitality
    5Device InterfaceHospitality
    6Device Interface VersionHospitality
    7Terminal OS (OS of system on which Hospitality is installed)Hospitality
    8Category Type (Environment in which Hospitality is operating like ‘Hospitality’)Hospitality
    9PED Serial NumberPED

    The Worldpay Total service sends above request parameters to P2PE server (Device Management System) and then PED’s status is changed to ‘Terminal_Init’.

  • Hospitality then uses the EMV configuration data to configure the PED.

Hospitality keeps a record of the serial number of the connected PED. If the connected device is removed and you try to perform any action with another device without exiting the application then the device's serial number is checked when selecting menu options. If a different serial number is found, then Hospitality displays an error message on the PED. That PED will stop responding to user input and no further transactions can be performed with that particular instance.

Requirement 1B: Secure logical access to POI devices.

  • 1B-3 The solution provider implements procedures to protect POI devices and applications from known vulnerabilities and securely update devices.

  • 1B-4 Solution provider implements procedures to secure account data when troubleshooting.

  • 1B-5 The P2PE solution provides audit-able logs of any changes to critical functions of the POI device(s).

Implementation

Currently POI device updates are not facilitated by Hospitality, but the software update feature is supported.

The Worldpay Total service will provide the software update only if the terminal ID is configured for software download and a new update is available.

For P2PE merchants it is mandatory to download required updates of software to ensure latest feature always available as per the P2PE compliances.

Requirement 1D: Implement secure application-management processes

  • 1D-1 Integrity of applications is maintained during installation and updates

Implementation

For integrity of installer seeHospitality installation instructions.

PCI requirement of rebooting Verifone PEDs in every 24 hours

Hospitality application tigger reboot of PEDs every 24 hours on time configured in Merchant Datasets in tag : '' This helps merchants to avoid rebooting of PEDs in business hours.