Gilbarco Secure Prompts & EMV Setup

More Configuration for Gilbarco EMV FlexPay IV

The following is for site Owners / Managers

External equipment needed to support FlexPay IV IP based card readers, is the responsibility of the site Owner/Manager. The site must contact a Certified Gilbarco distributor to obtain the necessary equipment to have TCP/IP communications to the card readers. These locations will need to obtain a Gilbarco BRCM-2. Model Number: PA0422X0000XX (see chart below) from a Gilbarco certified distributor. The MDE-5265A contains the instructions for installing the BRCM-2. Once the equipment is available, the site must contact a Gilbarco Certified Tech, and a Fiscal Systems certified installer to setup a time for the conversion to EMV for the site. Failure to coordinate the two companies can and will result in delays for the site to re-open.

The following instructions are for the Fiscal Systems Installer

Required Files:

  • CrdGspIPAddr.dat
  • GilSecurePrompts.xml
  • CrdGsp_TLS_CA.crt

It is recommended this code NOT be installed at sites with a mix of EMV and non-EMV Pumps.

The CrdGspIPAddr.dat must be modified for each site, the entries as shown in the example. Modify on the site controller with nano, do not modify any site controller file with a Windows text editor.

CrdGspIPAddr.dat This file has the IP’s for each dispenser that are Flex Pay IV’s, and have their “External” SSoM configured per the site’s IT group

1, XXX.XXX.XXX.XXX:4871

2, XXX.XXX.XXX.XXX:4871

Although these versions of code utilize TCP/IP for the card reader, leave the “Crind Port: “ set as is.

Remove Debit = Yes from all Fuel Dispenser setup

GilSecurePrompts.xml - This file houses the translation for the secure prompts and will be provided when necessary

prompts.crd - The specific prompts.crd will be provided when necessary for Gilbarco Secure Prompts.

**Note – Different partners will have different specialized prompts**

** If this is a Valero Site Please Change Prompt 27 to "Please See Attendant" **

CrdGspIPAddr.dat :This file allows connections to the CRINDS.

  • Place the “CrdGsp_TLS_CA.crt” file in the /home/sitecon/sc Directory. Should have “sitecon:user” ownership.

LSC environ.dat required variables for Secure Prompts

  • HAS700S 1
  • HAS700FP4 1,2
  • GILSECUREPROMPTS 1
  • DISABLE_FALLBACK 1
  • ENFORCE_EMV_SERVICE_CODE 1
  • EMV_ENABLED 1
  • EMV_PREAUTH_AMOUNT 7500

Note: If your bank cards are set to be preauthorized for $75.00, EMV_PREAUTH_AMOUNT needs to be set to 7500. This is needed for every CRIND type for outside EMV.

Note: If site is using Debit and soft keys, the DEBIT_YES must be removed from environ.dat file.

Optional LSC Variables

  • CRDGSP_CONTACTLESS - “This enables / disables the Contactless reader” As shown reader is disabled, to enable (has contactless reader) add a “1”. If a site has a pump with no reader, add this variable and set to disabled.
  • CRDGSP_AID_FILTERING 1 - Changes AID selection to filter to Credit/Debit instead of showing the plain AID label. Requires SC version 121 or higher. Note: Only to be used at Stinker locations. This could cause compliance issues if loaded elsewhere. If using this variable along with PIN bypass, you MUST use 11.01.01-0145_SCEMV_Beta

CCL VARIABLES

  • EMV_ENABLED 1 # Tells host the POS system is EMV capable.
  • PDL <HostName> # This variable controls whether the CCL should download Parameter Down Load (PDL)

data. Valid values are “ADS”, “ATL”, and “RBS”

  • PARAM_DATA 1 # Required only if using RBS host

**Add ADS variables for Sites that process thru ADS**

  • ADS_EMVPDL_DEVICEID XXX # This variable should be set with the value of the Master POS

number + 200 for an inside site. For example, if the Master POS is Register # 01, then this variable should

be set to ‘201’. If processing at an unattended use the value of ‘001’

  • ADS_EMV_AID_LIST A0000000031010,A0000000032010,A0000000033010,

A0000000041010,A0000000042203,A0000000043060,A00000002501,

A0000000980840,A0000001523010,A0000001524010,A0000003241010

**Note: Only use ADS variables if site uses ADS host.**

Required Site Controller versions required for Gilbarco Outside EMV

LSC Version:

  • 10.01.02-0139_SCEMV_Beta or higher See note above about CRDGSP_AID_FILTERING

CCL Version:

  • 10.01.02-3611_SCEMV_Beta or higher

**Note – Code must be requested from Fiscal Release Management **

Dispenser Version and Firmware:

  • The dispenser version required is: UPM52.11.16EMVK3.10_CB01.08p1332_GU07.04pa000_VCL01.00p208_EMV10-Prod
    • Pin Bypass requires UPM52.11.47 and Kernel 3.12.
  • Fiscal requires Gilbarco Flex Pay IV EMV capable Dispensers to run EMV transactions. The dispensers will require UPM firmware version 52.11.47. 52.11.50 and 52.11.53 is NOT approved.
  • Fiscal will provide emv.zip and resources that are to be loaded by the certified pump tech via the M7 Tool.

Current Gilbarco EMV Support:

  • Heartland: Contact and PIN Bypass
  • Fiserv: Contact and PIN Bypass
  • Worldpay: Contact Only

SC Hardware and OS Requirements:

  • SC Model 350 or newer is required
  • SUSE SLES 15.3 is recommended 
     

**Note-Unlike the Wayne and LPT dispenser types, the Gilbarco pumps do not need a PDL in /home/sitecon/sc**

Pump Settings for the Pump Tech

To access pump menu either put CRIND in service mode with M7 Tool or stop SiteController communication with an exit, then swipe the Gilbarco Diagnostics card. The pump will enter its diagnostics menu, shown below.

Each section is described below:

(1)Retrieve System Information

(2)Device Configuration

(2.1)Device Selection

This should be Disabled

(2.2)VFI Device Configuration

(2.3)Other Devices IP Assignment

(2.4)Timezone Selection

(2.5)Printer Firmware Update

(2.6)Daily Reboot Parameter

(3)App Configuration

(3.1) CRIND BIOS

(3.1.1) CRIND

(3.1.2) Display

(3.1.3) Customization

(3.1.4) Diagnostics

(3.1.5) Pump

(3.1.6) Printer

(3.2) Display Manager

(4)Software Update

(5)Log Retrieval

(6)SelfCheck Tool

(7)Cloud Configuration

(8)Secure Menu

Troubleshooting

If you see the crind come online for a moment with “Get Derive Key failed” then the UPM doesn’t have encryption loaded (tech might call it RKI or RKL)

22-10-11 09:56:37.671 - INF: SSL Set Params 999 'CrdGsp_TLS_CA.crt' ''

22-10-11 09:56:38.104 - INF: CrdGsp: SSL-Connected (1)

22-10-11 09:56:45.767 - INF: CrdGsp: HardConfigResp 17 bytes:

22-10-11 09:56:45.767 - INF: 00 01 22 0D 4E 75 6D 65 72 69 63 5F 52 65 76 23

22-10-11 09:56:45.767 - INF: 31

22-10-11 09:56:45.767 - INF: CrdGsp: HW-22 'Numeric_Rev#1' (1)

22-10-11 09:56:45.767 - INF: CrdGsp: NO ALPHA KEYBOARD, BUT USE ENV VAR (1)

22-10-11 09:56:45.868 - ERR: CrdGsp: Get Derive Key failed (1) error code [0x32]

Once encryption is loaded, crind should stay online and you should see “Derive Key success”

22-10-11 15:09:07.880 - INF: SSL Set Params 999 'CrdGsp_TLS_CA.crt' ''

22-10-11 15:09:08.313 - INF: CrdGsp: SSL-Connected (1)

22-10-11 15:09:09.134 - INF: CrdGsp: HardConfigResp 17 bytes:

22-10-11 15:09:09.134 - INF: 00 01 22 0D 4E 75 6D 65 72 69 63 5F 52 65 76 23

22-10-11 15:09:09.134 - INF: 31

22-10-11 15:09:09.134 - INF: CrdGsp: HW-22 'Numeric_Rev#1' (1)

22-10-11 15:09:09.134 - INF: CrdGsp: NO ALPHA KEYBOARD, BUT USE ENV VAR (1)

22-10-11 15:09:09.275 - INF: CrdGsp: Derive Key success (1)

22-10-11 15:09:09.395 - INF: Crd: Online (1)

22-10-11 15:09:09.395 - INF: Pos: POS Mail (1)

22-10-11 15:09:09.395 - INF: Credit cards online (1)

0 Comments

Add your comment

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.