This section describes how Hospitality is implemented for Point-to-point Encryption (P2PE) solution, covering Domain 1: Encryption Device and Application Management and its Hospitality implementation. Hospitality provides an installer for P2PE Merchants that has implemented all below mentioned requirements.
1A-1 PCI-approved POI devices with SRED are used for transaction acceptance.
1A-2 Applications on POI devices with access to clear-text account data are assessed per Domain 2 before being deployed into a P2PE solution.
Hospitality supports P2PE environment. There is only one installer provided for P2PE enabled PEDs that supports SRED /encryption/E2EE enabled PEDs.
See below Figure for PED list for P2PE merchants.
Below are the steps that show how hospitality communicates with PED at the time of initialization:
The PED with all required configuration (IP and port) connects to the Hospitality server and if connection is established then it proceeds with another step otherwise it shows below error message:
Problem in socket connection ...Accept timed out. Exception while making connection to PED for instance :XX
If the above step is successful then hospitality checks that connected PED is SRED enabled. Hospitality send a command to PED to check the SRED status. Below is the process how hospitality check it for Ingenico (iWL250) .
For Ingenico Hospitality send the ‘Read Version’ command which returns 4 bytes of security file version number in response. If the value of security file version number is other than ‘0000’ then it is a P2PE enable PED. Please refer the Ingenico API specification guide (‘Retail PED Application Specification RA1.16.00’) section ‘6.1.2 Read Version’ for more details
If hospitality application found that PED is SRED disabled (Non-SRED) then hospitality provides below message in loggers and stop initialization of that particular instance with Non P2PE PED but other instances should working fine if it is connected with SRED enabled PED. Otherwise proceed to another step
Unable to open this instance, NON_P2PE PED Found...Please call worldpay Service Desk.. instanceXX
For P2PE PED, Hospitality issues a command to the PED to read the ‘Device Interface Version’ and ‘PED Serial Number’. These device parameters are required for DMS.
Hospitality then sends the request to the Worldpay Total central service to download EMV config files/Dataset files, along with the PED information. These are the parameters that are sent in the request API for downloading EMV configuration files/Dataset files from EMBOSS:
|Number||Request Parameter||Source (Hospitality / PED)|
|3||Software Version (Version of Hospitality)||Hospitality|
|4||Device Type (iWL250)||Hospitality|
|6||Device Interface Version||Hospitality|
|7||Terminal OS (OS of system on which Hospitality is installed)||Hospitality|
|8||Category Type (Environment in which Hospitality is operating like ‘Hospitality’)||Hospitality|
|9||PED Serial Number||PED|
The Worldpay Total service sends above request parameters to P2PE server (Device Management System) and then PED’s status is changed to ‘Terminal_Init’.
Hospitality then uses the EMV configuration data to configure the PED.
Hospitality keeps a record of the serial number of the connected PED. If the connected device is removed and you try to perform any action with another device without exiting the application then the device's serial number is checked when selecting menu options. If a different serial number is found, then Hospitality displays an error message on the PED. That PED will stop responding to user input and no further transactions can be performed with that particular instance.
1B-3 The solution provider implements procedures to protect POI devices and applications from known vulnerabilities and securely update devices.
1B-4 Solution provider implements procedures to secure account data when troubleshooting.
1B-5 The P2PE solution provides audit-able logs of any changes to critical functions of the POI device(s).
Currently POI device updates are not facilitated by Hospitality, but the software update feature is supported.
The Worldpay Total service will provide the software update only if the terminal ID is configured for software download and a new update is available.
For P2PE merchants it is mandatory to download required updates of software to ensure latest feature always available as per the P2PE compliances.
For integrity of installer see
Hospitality application tigger reboot of PEDs every 24 hours on time configured in Merchant Datasets in tag : '
Feedback or bugs to report?
Ask our developer community.
Search our documentation, API references and articles.