PCI 3.0 EPP WIN ATMs (XP & WIN7) VISA2 Setup 3 0 EPP WIN ATMs... · PCI 3.0 EPP WIN ATMs (XP & WIN7) VISA2 Setup ... 3. Reconnect the power cable to the EPP – wait 5 seconds. 4

PCI 3.0 EPP WIN ATMs (XP & WIN7) VISA2 Setup

Version 1.00

April 24, 2014

Confidential

© 2014 Nautilus Hyosung, Inc. All Rights Reserved. 2

Index 1. Overview .............................................................................................................................................. 3 2. PCI 3.0 EPP WIN ATMs VISA2 Setup .......................................................................................................... 4 3. Appendix A .......................................................................................................................................... 8

Confidential


Overview

Compared to the PCI 1.0 EPP, the primary benefit of the PCI 3.0 EPP includes a number of

security features that make the device more difficult to compromise during ATM operations.

The most significant change to the EPP is the addition of physical tamper switches and the

inclusion of four different “states” in the EPP firmware. Separate security IDs and Passwords

have also been added in order to access the software to change these “states”.

EPP States

1) Installation State

The Installation State is the default operational state for the EPP. This state is required for the

EPP to accept a Master Key and for transactions to be processed. This state is the same as the

default for the PCI 1.0 EPP.

2) Authorized Removal State

This state allows the removal of the EPP, while retaining the EPP configuration (Passwords and

Encryption Keys). This allows the device to be removed and inspected without losing

configuration information.

3) Unauthorized Removal State

This condition occurs when an EPP physical tamper has been detected. When a tamper occurs,

a NVRAM clear must be performed on the EPP (not to be confused with the ATM CLEAR

NVRAM function). This condition may occur during transport in some cases, and should be able

to be recovered using the NVRAM clear function.

4) Initialization State

This is the default state of the EPP after performing a physical NVRAM clear on the EPP. All

passwords and accounts are reset to default zeroes (000000) and must be reconfigured prior to

key entry / normal ATM operations. You must change the EPP State accounts and passwords from

default, and log in successfully to change from this state.

Confidential


PCI 3.0 EPP WIN ATMs VISA2 Setup

PLEASE NOTE THE FOLLOWING:

After physically installing the new EPP Keypad on the ATM, you must perform a series of steps to

set the EPP to the “Installation State” so that you can enter encryption “keys” on the terminal.

The Key Management passwords that you are familiar with (000000 / 000000) are now set to the

following defaults (111111 / 222222).

There are also an additional set of IDs and Passwords that you must enter in order to access the

software to allow you to configure the “state” of the EPP. These values are (111111 / 111111) and

(222222 / 222222). Please enter these when prompted during the setup procedures.

1) From the Diagnostics Main Menu, select “Key Manager” and press Execute.

2) Next, select “Enter password” and press Execute.

3) The Key Manager Enter password screen will display.

Confidential


4) Press Execute and enter Password #1 (111111). Press Execute again, and enter Password #2

(222222).

5) At the Key Manager Main screen select “Set pinpad state” and press Execute.

6) The Key Manager Enter ID / Password screen will display. Press Execute and enter ID (111111) and

Password #1 (111111). Press Execute again. Enter ID (222222) and enter Password #2 (222222).

Confidential


7) The Key Manager Set state main screen will display. Select “Set state” and press Execute.

8) The Key Manager Set pinpad state screen displays with the Current state of the EPP. There are four

different possible EPP states:

INITIALIZATION STATE

AUTHORIZED REMOVAL STATE

INSTALLATION STATE

UNAUTHORIZED REMOVAL STATE

The EPP should be in the Initialization State. If so, continue at Step 9 below.

If the EPP is in the Authorized Removal State, also continue at Step 9 below.

If the EPP is already in the Installation State, continue at Step 11 below.

If the EPP is in the Unauthorized Removal State, a problem may have occurred during shipment.

You will need to perform a NVRAM Clear on the EPP. (NOTE: This is different than the ATM CLEAR

NVRAM function). Go to Appendix A.

9) If the Current state is Initialization State or Authorized Removal State, press Execute. The state will

change to Installation State.

Confidential


10) Check the current state on screen (if it is still in Initialization State, the EPP may not be installed

correctly).

11) Press Previous to return to the Key Manager Main screen. PCI 3.0 EPP setup is completed.

Confidential


Appendix A

If the EPP is in the UNAUTHORIZED REMOVAL STATE

PLEASE NOTE THE FOLLOWING:

You will be required to clear NVRAM on the EPP.

This will reset the passwords back to factory default values. You will be required to configure new

values for Key Management passwords, and for security IDs and Passwords.

Perform the steps as shown below, entering the exact values listed.

1) Perform the following steps to clear NVRAM on the EPP:

1. Remove power to the EPP by disconnecting the power cable shown by the arrow below.

2. Turn Switch 1 on the EPP to the ON position.

3. Reconnect the power cable to the EPP – wait 5 seconds.

4. Disconnect the power cable to the EPP.

5. Reset Switch 1 to the OFF position.

6. Reconnect the power cable to the EPP.


Confidential



4) At the Key Manager Enter Password screen, press Execute and enter Password #1 (000000). Press

Execute again, and enter Password #2 (000000).

5) The Key Manager Main screen displays. The first requirement is to change the Key Manager

Password #1 and Key Manager Password #2 from the factory default settings of 000000 to

new values. Select “Change password” and press Execute.

Confidential


6) At the Change password screen select “Password #1” and press Execute.

7) Next, enter the new password. Press Execute. Enter the new password (111111). To verify, press

Execute again and re-enter the password (111111).

8) You return to the Change password screen. Select “Password #2” and press Execute. Next, enter the

new password (222222). To verify, press Execute again and re-enter the password (222222).

Confidential


9) Next, press the Previous button until you return to the Diagnostics Main Menu. You will now need to

re-enter Key Manager using the passwords that you just created.



12) At the Key Manager Enter Password screen, press Execute and enter Password #1 (111111). Press

Execute again, and enter Password #2 (222222).

Confidential



14) The Key Manager Enter ID / Password screen will display. (NOTE: There is a separate set of ID and

Passwords required for making any changes to the EPP State. The first step will be to input the factory

default values, and then you will be instructed to add new ID and Passwords.)

15) Press Execute and enter ID (000000) and Password #1 (000000). Press Execute again. Enter ID (000000)

and enter Password #2 (000000).

16) You are now required to change the ID / Passwords from the factory default settings of 000000 to

new values. Select “Add ID / Password” and press Execute.

Confidential


17) At the Key Manager Add ID / Password screen, press Execute. Enter the new ID (111111) and

password (111111). To verify, press Execute again and re-enter the new ID (111111) and password

(111111).

18) Repeat Steps 15 and 16 by creating another new ID (222222) and password (222222).

19) After completing the second new ID / Password, press the Previous button until you return to the Key

Manager Main screen.


21) The Key Manager Enter ID / Password screen will display. (NOTE: You will now enter the new ID /

Passwords that you just created). Press Execute and enter ID (111111) and Password #1 (111111).

Press Execute again. Enter ID (222222) and enter Password #2 (222222).

Confidential


22) The Key Manager Set state main screen displays. Select “Set state” and press Execute.

23) Check that the Current state is “Initialization state”. Press Execute. The state will change to “Installation

state”.

24) Press Previous to return to the Key Manager Main screen. PCI 3.0 EPP setup is completed.

Documents

PCI 3.0 EPP WIN ATMs (XP & WIN7) VISA2 Setup 3 0 EPP WIN ATMs... · PCI 3.0 EPP WIN ATMs (XP & WIN7) VISA2 Setup ... 3. Reconnect the power cable to the EPP – wait 5 seconds. 4