Difference between revisions of "Upgrading to 4.1.3 Build 1186"
(→Strong Encryption and Possibility of Data Loss) |
(→Strong Encryption and Possibility of Data Loss) |
||
| Line 8: | Line 8: | ||
The following is a list of important changes to take note of. | The following is a list of important changes to take note of. | ||
==Strong Encryption and Possibility of Data Loss== | ==Strong Encryption and Possibility of Data Loss== | ||
| − | Due to heightened security, the following may cause | + | Due to heightened security, the following may cause loss of data and corruption of the journal. |
The latest version minimizes such risk and we have not been able to corrupt the data using these scenarios in the lab, however the following operational procedures could potentially cause issues: | The latest version minimizes such risk and we have not been able to corrupt the data using these scenarios in the lab, however the following operational procedures could potentially cause issues: | ||
# Transferring the journals to another PC and batching it there without the security keys, or failing to transfer those keys back after the operation. See [[#Settlement at a Different Location]] | # Transferring the journals to another PC and batching it there without the security keys, or failing to transfer those keys back after the operation. See [[#Settlement at a Different Location]] | ||
Revision as of 19:16, 4 December 2014
| This article is part of the Payment Processing Software Library |
|
| Get it... | |
| Install it... | |
| Connect to it... | |
| Set it up... | |
| Learn to use it... | |
|
→ Manual & User Guide | |
| Fix it... | |
|
→ Errors & Troubleshooting | |
| Get Help... | |
| More Info ... | |
| See also... | |
CreditLine Payment Processing Software Upgrading to 4.1.3(SP3) Build 1186 PCI 2.02. This site can also be reached at http://docs.911software.com
→ Looking for better rates? Get a Free Credit Card Processing Cost Comparison!
Preparation
- Make sure to batch out everything before install, upgrade, re-install or repair, to avoid journal corruption.
- Stop the CreditLine service and all the CreditLine applications.
- There was an important patch to this version. If you downloaded the version prior to 12/4/2014, please re-download and reinstall (un-install, install the new version) or use repair of the newly downloaded version.
Upgrading from 4.1 Build1102 (PCI 1.0) to 4.1.3(SP3) Build 1186 (PCI 2.02)
The following is a list of important changes to take note of.
Strong Encryption and Possibility of Data Loss
Due to heightened security, the following may cause loss of data and corruption of the journal. The latest version minimizes such risk and we have not been able to corrupt the data using these scenarios in the lab, however the following operational procedures could potentially cause issues:
- Transferring the journals to another PC and batching it there without the security keys, or failing to transfer those keys back after the operation. See #Settlement at a Different Location
- Upgrading from the older version without batching out all outstanding transactions
- Reinstalling or repairing the version without batching out all outstanding transactions.
- Running an older version of the DLL with the newer version of CreditLine Server and vice versa
- Running an older version of the CreditLine Manager with the newer version of CreditLine Server and vice versa
Integration Considerations
Make sure to use and test the latest DLL. Statically linked software products will need to recompile. Contact your software dealer, if in doubt. The new DLL has to be propagated to all terminals/clients.
Settlement at a Different Location
There are some cases when settlements are completed at a store other than the one, where the original auth transactions are performed (for instance, in the case of a dealer troubleshooting the setup) Because of PA-DSS, each CreditLine server is required to maintain a set of unique key tables (DataEncryptingKey, KeyEncryptingKey). In this case, only the corresponding key tables can decrypt the transaction data encrypted in CCV_JOR.dat file. Therefore, DataEncryptingKey.ini and KeyEncryptingKey.ini files are needed to be put in the same data folder as CCV_JOR.dat. Please, also to move the key tables after End-Of-Day Batch back to the original store. It is important to always synch the key tables and the JOR files.
MasterCard Mandate
This version has implemented the MasterCard Unique Lane ID/Terminal ID Mandate. We have worked with the processors to comply with the Mandate. Some processors received an extension from MC or instructed to continue with the old protocol, due to their internal understanding with MC.
Vantiv/Fifth Third Bank MC Mandate
Vantiv 5/3rd Bank is the only processor that requires additional steps to be compliant at the moment. If you are using Vantiv, please see Vantiv Fifth Third Bank Setup for this processor specific Lane ID/Terminal ID setup instructions.
Dealer Mode
Dealer Mode is deprecated for security reasons. An improved procedure for resetting passwords and enabling TraceMode is specified below.
Resetting Passwords
A new procedure for securely resetting passwords is specified here: Reset Password
Trace Mode
A new procedure for securely temporarily enabling the TraceMode is specified here: TraceMode
Key Rotation
Per PA-DSS, each CreditLine server is required to maintain a set of unique secure key tablesThese key tables need to be updated every 90 days. Not updating key tables will not block payment processing. See Key Rotation for complete info
Import
Import file now needs to be encrypted. Please, see CreditLine_Import/Export#Import for the simple procedure.
Export
Export is deprecated. A new function, called Re-Auth eliminates the need for Export.
Re-Auth
A new function, Re-Auth, is introduced to replace the old Import+Export functionality.
