Terminal Maintenance

On this page:

HEM and IngEstate are Ingenico Terminal Management Systems. Elavon maintains an HEM/IngEstate server to update Simplify PIN pads. This section explains how PIN Pads are maintained.

Signed Sensitive Files

For purposes of security, sensitive Simplify files are signed. Unsigned sensitive files, or files signed with a different certificate, will not be accepted by the PIN Pad. If this occurs, a signing error message will be displayed after the file is loaded to the PIN Pad. The merchant will then need to contact Elavon.

Initiating HEM/IngEstate

HEM and IngEstate are Ingenico PIN Pad management systems. Simplify is currently transitioning from the use of IngEstate to HEM.

The HEM/IngEstate update process can be initiated manually on the PIN Pad, by command from the POS (see the Ingenico Simplify Developer Guide under Initiate HEM/IngEstate Message for details), or scheduled by Elavon. Once initiated, the process proceeds automatically. When the update process is complete, the PIN Pad will reboot.

The HEM/IngEstate update process can be initiated manually from the Elavon Sub Menu. As described under Accessing the Elavon Main Menu, this menu can be accessed during the PIN pad boot up sequence. (See Navigation and Data Entry on Ingenico PIN Pads for device-specific details.)

Elavon Sub Menu

Select Initiate HEM/IngEstate from the Elavon Sub Menu to initiate the HEM/IngEstate update process.

Viewing Simplify Load Information (0 Screen)

Information on the Simplify load present in the PIN pad is displayed during boot up and by keying 0 when the PIN pad is in a closed state. (To lengthen the display, press the + or – key.) For additional fields, scroll down. This information may be requested by Elavon for troubleshooting purposes. The PIN pad will return to the usual closed screen after several seconds.

Sample Field Values

The fields on this screen will vary by implementation. The following list contains a sample of the available fields:

  • Serial: 07225277
  • TMS ID: 88802013
  • Version: N-OG-2.03.12819 - 28119
  • SREV: 14
  • Package: 2.28.5
  • IP Eth: xxx.xxx.x.44
  • Merchant: Test01
  • Comm Option: Use Others
  • POS-SIM: TCPIP - Non-SSL – 6000
  • SIM-Host: TCPIP
  • SIM-HEM: TCPIP
  • Comm: (ETH Wifi BT capable)
  • 01/05/22 - 11:22:50
  • Release: 2.03.028.119
  • EMVCert: 2.26
  • EmvKernel: 0901
  • ParmVer: 2.28.2
  • TndrVer: 2.28.2
  • EMVParm: EMVPARM-E4-2–>
  • CAKeys: QA-1.0
  • ClessParm: CLESSEMV-E4-1-V2.3
  • TSA Serial: DENVER03757500
  • SDK Ver: 11.20.2.PatchG(b45)
  • RKI:
  • Device: Lane 5000 PCIv4 PCIv5
  • memTMSID: 88802013
  • Flash Memory: 503332
  • Flash Free Code: 386555
  • Flash Free Data: 386555
  • RAM Memory: 518270
  • RAM Memory Free: 410492
  • PosIP Acpt Active
  • CurrIP: xxx.xxx.x.226
  • Tracing: ON

Field Descriptions

The above fields provide the following information:

FieldDescription
Serial:Device L3 Serial Number
TMS ID:TMS Identifier
Version:Simplify load level information in two parts:
  • Official PCI solution/version/build designation
  • User-friendly version/build information.
Format is S–PP-X.YY.ABBCC - BBDDD, where:
  • S = first part of prefix, indicates whether Simplify is operating as part of a PCI P2PE-validated solution. (V or N).
    Note: This value depends on additional software used in the solution (besides Simplify). Specifically, this value indicates whether the most recent transaction processed by Fusebox came back validated or not.
  • PP = second part of prefix, indicates encryption type. (OG or V)
  • X.YY.ABBCC = Official Simplify version and build information
    Note: For purposes of documenting Simplify PCI P2PE compliance, PCI is not concerned with the version/build (ABBCC). The designation currently used to document that Simplify is operating as part of a validated solution is V-OG-2.03.AAAAA.
  • BBDDD – User-friendly version and build information:
    • BB = Simplify “Version”
    • DDD = build
    E.g. 28119 = “Version 28” build 119.
For more information, see the Simplify Ingenico Developer Guide under Versioning.
SREV:Sublevel of build
Package:ID of package used to build current load
IP Eth:Partially masked IP address of PIN Pad **
Merchant:Customer for whom load was built
Comm Option:Indicates whether or not Bluetooth to Base is used for POS communications
POS-SIM:Communications type and port used between Simplify and POS
SIM-Host:Communications type used between Simplify and host
SIM-HEM:Communications type used between Simplify and HEM
Comm:Communication capabilities
(Date/Time)Current date/time
Release:ID of base code tied to the current release.
For more information, see the Simplify Ingenico Developer Guide under Versioning.
EMVCert:EMV version
EmvKernel:EMV Kernel version
ParmVer:parm version
TndrVer:tenderdef version
EMVParm:EMVParm version
CAKeys:EMV Keys version
ClessParm:ClessEMV (or ClessMSD) version
TSA Serial:Device L4 Serial Number
SDK Ver:SDK version
ScrSaver:Screen Saver group ID
RKI:Status of last Remote Key Injection file download
Device:PIN Pad model(s). Includes PCI v3, v4 and/or v5.
memTMSID:default TMSID
Flash Memory:Total Flash memory in PIN Pad
Flash Free Code:Unused Flash code space
Flash Free Data:Unused Flash data space
RAM Memory:Total RAM memory in PIN Pad
RAM Memory Free:Unused RAM memory
PosIP AcptStatus of Simplify-POS IP connection
CurrIP:Partially masked IP address of POS connected to PIN Pad
Tracing:Debug logging (ON/OFF)

note

** IP Eth: initially displays the partially masked IP Address of the PIN Pad (as shown above). An optional feature is available allowing this field to display the unmasked address. If this feature is present, pressing Enter at the load information screen will display a login screen. After logging in on this screen (special password required), the load information screen will be redisplayed with the IP Address unmasked. Please contact your Elavon representative if you want to implement this feature.

Remote Key Injection

Simplify supports Remote Key Injection (RKI). This section documents how to determine the outcome of an attempted key injection. For more information on RKI, consult your Elavon representative.

When the PIN Pad restarts after an attempted key injection, RKI messages will be displayed during the bootup sequence. The first RKI message will always be as follows:

“RKI Processing” screen

This message will be followed by a second RKI message indicating the outcome of the attempted injection. There are three possible scenarios:

  • If the RKI file downloaded to the PIN Pad is invalid, the following error message will be displayed:

    “Load Error 205 IPPK0” screen

  • If the RKI file is valid, but the serial number in the file does not match that in the PIN Pad, an error message will be displayed showing the L4 serial number of the PIN Pad. E.g.:

    “No RKI Maintenance Found” screen with Device Serial Number

  • If the key injection is successful, the following message will be displayed:

    “Successful Load IPPK0” screen

Exiting Reversal Mode

The host approval will need to be reversed when either of the following situations occur:

  • An EMV transaction is approved by the host and declined by the chip.
  • The customer removes their card from the chip reader before the transaction is completed.

If a reversal is needed, Simplify will go into reversal mode to force the reversal. It does this by sending a reversal (Tran Type 11) to the host, and resending the reversal (if necessary), until a response is received. While this is taking place, any other transactions that are sent to the PIN pad will be processed offline.

The PIN pad can be rebooted and commanded to exit reversal mode from the Elavon Main Menu, as follows:

  1. Reboot the PIN pad. When a rectangle appears in the lower right corner of the screen, press the Enter (green) key to display the ELAVON SUB MENU.

  2. Select Elavon Main Menu and login to display this menu.

  3. Scroll down and select REMOVE EMV REVERSAL (only present if currently in reversal mode).

  4. Select RESTART to reboot the PIN pad.

If Simplify is forced out of reversal mode, the data required to request the reversal is sent to the POS in a Void Sale Response (11) message, after which the PIN pad returns to normal processing mode.

important

Forcing Simplify to exit reversal mode is an exception procedure that should only be used when necessary. If Simplify is forced out of reversal mode, the merchant will be responsible for ensuring that the transaction is reversed by the host, using the data in the Void Transaction Response. Elavon strongly recommends allowing Simplify to reverse all host-approved transactions that are declined by the chip.

TLS 1.2 Cipher Groups

The following TLS 1.2 cipher groups (suites) are supported for Simplify build 119:

  • TLS_RSA_WITH_AES_256_CBC_SHA256 (0x003d)
  • TLS_RSA_WITH_AES_256_CBC_SHA (0x0035)
  • TLS_RSA_WITH_AES_128_GCM_SHA256 (0x009c)
  • TLS_RSA_WITH_AES_128_CBC_SHA256 (0x003c)
  • TLS_RSA_WITH_AES_128_CBC_SHA (0x002f)
  • TLS_EMPTY_RENEGOTIATION_INFO_SCSV (0x00ff)