ICVERIFY software enables merchants to accept all major credit and debit cards, as well as many other private or gift cards through a PC or Restaurant PC-based POS system.
ICVERIFY can do everything a stand-alone credit card terminal can do, plus much more. Because ICVERIFY runs directly on the Point-Of-Sale system (PC-based cash register or computer), the keyboard can provide the full capability required for address verification on transactions
- • IBM®-compatible PC, Pentium 200 or faster CPU
- • CD-ROM drive required; 1.44 MB 3.5" floppy disk drive recommended
- • Minimum of 64 MB RAM
- • 40 MB available hard disk space; 60 MB for Internet processing installations
- • Windows® 98, NT, 2000, or XP
- • For dial-up processor connections: Dedicated telephone line and communications port with Hayes-compatible modem; able to drop down to 1200 baud for card processing and 300 baud for check processing.
- • For Internet processor connections: Internet connectivity via ISP dial-up, DSL, cable modem, or T-1 carrier; dial-up ISP connections not recommended
- • Adequate system security (e.g., firewalls, encrypted files, etc.)
- • You must also have a merchant bank account setup in order to accept point of sale transactions
The ICVERIFY software offers an entire suite of solutions for most retail and offers the features and M0/TO businesses:
- • Single-user license to a multi-user license
- • Stand-alone to networkable configurations
- • Single merchant to multiple merchant number (MID) support
The ICVERIFY software is easier to use than a cash register:
- • Performs all functions of a bank terminal with the flexibility and power of a PC
- • Inexpensive to install and easy to maintain.
- • Single settlement for all card types and complete transaction reporting allows for fast and accurate end-of-day closing.
- • Easy to use Graphic User Interface (GUI) and training mode can enhance ease of use and Simplify training.
- • Supports both Master Session and DUKPT PIN encryption.
- • Offers an upgraded Software Developer's Kit (SDK) that guides merchants and VARs through the steps of building an electronic interface. This tool is backward compatible with version 2.4.6 and newer software.
- • Windows® 2000 and XP Compatibility.
- • Fraud features such as Address Verification Service (AVS) for both Retail and MO/TO, CVV2/CVC2, and account number truncation/expiration date suppression on customer receipt help keep you in compliance with Association regulations and state laws.
- • Association compliant through Spring Release 2003.
- • Password protection allows manager's to protect sensitive functions.
- • Stores transaction data for up to nine years, providing an alternative to paper receipt storage.
- • Full reporting capability and 8-1/2 x 11 inch printouts make statement reconciliation a snap compared to 3 inch tapes.
- • Provides reporting to match the exact dates of your merchant statement, greatly reducing reconciliation time.
- • Mail/Telephone Order merchants will enjoy the Book/Ship feature. See reviews and comparisons, here. Booking a transaction authorizes and places a hold on the transaction Amount (similar to an auth-only transaction). The Ship transaction is used to complete a book transaction. Booked transactions shipped short due to back order, etc., produce an automatic partial reversal to bring the authorized amount down to that of the batch settlement.
- • Electronic Commerce Indicator (ECI) flag helps keep you in compliance for the occasional Internet transaction processed.
- • Merchants who bill the same amount on a recurring basis wi11 appreciate automating the process of managing and charging payments on a periodic basis. ICVERIFY automatically generates periodic payments until the merchant intercedes to stop the payment arrangement.
ICVERIFY® for Windows offers the features and functionality you need in one easy-to-use, yet powerful software package
Whether you are a day care center health club, mail order or telephone order fulfillment house, professional office, small or mid-size retail business, the ICVERIFY software has the right solution for your business needs -- in one easy-to-use program.
The ICVERIFY software can be certified with most processor's front-ends and integrated with most retail and MO/TO systems. It can also be interfaced to a POS or order entry system sharing a PC platform, and provide communications with the outside world for authorizations and batch settlement.
ICVERIFY® for Windows®
Our ICVERIFY® for Windows® Standard Edition 4.0 software, a well-known and widely distributed payment software product, is a comprehensive and cost-effective alternative to traditional point-of-sale (POS) equipment.
The Challenge
As merchants grow, so does the complexity of the demands the marketplace puts on them. Many need to access more transaction and customer information than can be acquired at a traditional point-of-sale, and where they take orders needs to be flexible as their business expands. Yet merchants still need their transactions to be processed reliably and quickly, while keeping costs under control and security tight.
The Solution
The ICVERIFY for Windows software transmits payment information over high-speed Internet connections. PCs running ICVERIFY software are better than terminals: they reduce redundancy, free up counter space for products and, by offering a one-time fee for licensing, save the merchant the cost of “per click” fees to process payments. In addition, transaction history is archived for up to nine years for more comprehensive reporting.
Here’s How It Works
The ICVERIFY software supports the payment types you need—now or in the future. It provides full documentation and online help for installation and operation, including network capabilities. The ICVERIFY for Windows product runs on virtually any PC or PC-based POS register platform, supports multiple operating systems and gives you features and flexibility to better manage your payment acceptance. Plus, the ICVERIFY product line is one of the few full-service, full-feature offerings that is PABP-validated (Payments Applications Best Practices) by VISA® in order to be compliant with all applicable data security standards and practices for payment software providers.
Help Your Business
• Accept and process multiple payment types, including credit cards, PIN-secured ATM/debit cards, electronic checks and gift cards
• Retain records for up to nine years
• Network multiple installations to form a multistation terminal
• Grow your payment capabilities along with your business
• Maintain software investment with periodic upgrades
• Integrate with existing POS software
• Pay one-time licensing fee instead of recurring “per click” fees
• Consolidate payments from across business lines into one system
• Eliminate stand-alone terminals
Help Your Customers
• Know that transactions meet the current industry standards for security and data encryption
• Choose from a variety of payment methods
• Spend less time waiting in lines to make purchases
Features
• Support for retail, card-not-present, restaurant, lodging and e-commerce transactions
• Support for popular wedge swipers, PIN pads and magnetic ink character recognition (MICR) check readers
• Integration help and full documentation
• Help reduce processing time for both merchants and consumers
• Easy end-of-day close-out
• Level II and III support for Visa® and MasterCard® purchasing card transactions
• Corporate Purchasing Card Level II for American Express® transactions
• Recurring and installment transaction billing
• Payment Application Best Practices (PABP) validated by Visa for top-quality security and data encryption
A Global Leader in Electronic Commerce
First Data powers the global economy by making it easy, fast and secure for people and businesses around the world to buy goods and services using virtually any form of payment. Serving millions of merchant locations and thousands of card issuers, we have the expertise and insight to help you accelerate your business. Put our intelligence to work for you.
ICVERIFY® for Windows® Enterprise Edition
ICVERIFY® for Windows® Enterprise Edition software from First Data helps merchants who want to host their own payment processing.
The Challenge
Merchants need to handle an ever-increasing variety of transaction types, and they want a solution that can process transactions simply, reliably and quickly. Merchants also need to make the most of their technology investment with a solution that will be able to grow along with their business.
The Solution
The ICVERIFY Enterprise Edition software allows merchants to handle all their transaction types from a single server. Offering excellent performance and reliability, this software supports dial-up for smaller merchants, high-speed Internet for midrange and larger merchants and frame-relay connections. Plus, the ICVERIFY product line is one of the few full-service, full-feature offerings that is PABP-validated (Payments Applications Best Practices) by VISA in order to be compliant with all applicable data security standards and practices for payment software providers. System management is easy with an intuitive user interface for browsing, editing and managing transactions, and a server status window that shows performance, status and event history at a glance. The number of merchant accounts supported is limited only by merchant system resources.
Here’s How It Works
ICVERIFY Enterprise Edition software integrates all payment applications, including e-commerce websites, call centers, interactive response systems and physical stores, into a single payment server. Client-server architecture means reconciliation is simple with a centralized transaction database, and application access across multiple clients can be centrally administered and managed. Whether for online stores, sales departments, customer support, voice response systems or brick-and-mortar stores, our ICVERIFY Enterprise Edition solution addresses the needs of small- to enterprise-scale e-commerce, offering excellent performance and reliability.
Help Your Business
• Manage transactions and batches with create, delete, import, export and other functions
• Send transactions to processors with
• Secured Sockets Layer (SSL) protocol and virtual private network (VPN) Internet access
• Reduce processing time for merchants and consumers
• Grow processing capabilities along with your company
• Maintain software investment with periodic upgrades
• Support Verified by Visa® and MasterCard®
• SecureCode® authentication
• Utilize client/server architecture, allowing multiple users to access a single server and a common connection to bank network
Help Your Customers
• Reduce risk for fraud
• Choose from a wide variety of payment methods
• Spend less time making purchases
Features
• Support for retail, card-not-present and e-commerce transactions
• Encrypted data storage and privilege-based user access
• Payment Application Best Practices (PABP) validated by Visa® for top-quality security and data encryption
• Support for dial-up, high-speed and frame-relay connections.
• Level II support for Visa and MasterCard purchasing card transactions
• Corporate Purchasing Card Level II for American Express® transactions
• Capabilities for multiple users and multiple merchants
• Multithreaded client/server architecture for up to 20 transactions per second from a single server
A Global Leader in Electronic Commerce
First Data Independent Sales (FDIS) uses First Data's processing engine. First Data powers the global economy by making it easy, fast and secure for people and businesses around the world to buy goods and services using virtually any form of payment. Serving millions of merchant locations and thousands of card issuers, we have the expertise and insight to help you accelerate your business. Put our intelligence to work for you.
Installation-Related Questions
General Installation Questions:
1. What are the minimum requirements to install ICVERIFY for Windows?
2. What are the system prerequisites?
3. Why are Windows 95, 98 and ME no longer supported?
4. Do you support Windows NT, 2003 and Vista? What about 64-bit versions of Windows?
5. Can I use products like Windows Terminal Server or Citrix Presentation Server?
6. If I’m creating a network of ICVERIFY systems, do they all have to be the same version?
7. When I launch the ICVERIFY 4.0 CD-ROM, what installation option should I choose?
8. What is the User Manager and do I really need to install it?
9. Can I upgrade my old data from a previous version of ICVERIFY for Windows?
10. Can I install two (or more) copies of software and have them use the same data files in a single data directory?
11. Can I install two (or more) copies of version 4.0 on a single computer?
Common Installation Problems:
12. I get a message saying “Error installing ikernel.exe” after clicking an option on the installation splash screen.
13. I installed everything, but I can’t log in. What’s my initial user name and password?
14. I installed everything, but when I try to log into ICVERIFY I get an error saying "Login failed due to system error."
15. I’m running Windows XP Service Pack 2. Everything seemed to install OK, but I can’t log in from a substation, even though I know my user name and password are correct.
16. I installed everything, but when I try to log into ICVERIFY I get an error saying my serial number isn’t valid.
17. I upgraded from a previous version. Why do I need to re-validate my software? I never had to do that before.
18. I’m upgrading from an older version of software. I copied over my old SET file and pointed 4.0 at my data directory. Why isn’t it working?
What are the minimum requirements to install ICVERIFY for Windows?
To install and operate the entire ICVERIFY product suite successfully, your computer must meet at least the following requirements:
• Microsoft® Windows® 2000 (Service Pack 4 or later), Windows XP Home / Professional (Service Pack 1 or later), Windows 2003 (Service Pack 1 or later) or Small Business Server, or Windows Vista
• At least 256MB of RAM
• Up to 500MB available hard drive space if you install all components
• Physical communications access to your processing network, either via a modem or Internet link
• Microsoft Internet Explorer® version 6.0 or higher installed
What are the system prerequisites?
The ICVERIFY product uses certain helper / prerequisite applications. Your computer must properly support the items below if you intend to use all the functionality of the product.
• The Microsoft .NET Framework 2.0 is required for the security and encryption subsystems to function.
• The Microsoft SQL Desktop Engine (MSDE) or SQL Server 2005 Express Edition (depending on version) is required to operate the user account database. You do not have to install the database system on the same computer on which the ICVERIFY GUI or User Manager is installed, but you must use either the built-in MSDE / SQL Server 2005 support or a 100% SQL Server-compatible database instance to run the user database.
Why are Windows 95, 98 and ME no longer supported?
There are several reasons for this.
• First, some of the new components of the ICVERIFY product line, for example the User Manager application and encryption subsystem, are based on technologies that may not work on older versions of Windows.
• Second, we have not found that a large portion of our customer base still use these operating systems, so it is not economical to test our products on them.
• Third, Microsoft designed these products for home rather than commercial use, meaning they do not have the same security features as the operating systems we do support; this means that it may be substantially more difficult for a merchant to pass a security audit while using one of these operating systems.
• Finally, Microsoft Corporation is in the process of withdrawing support for these operating systems.
Do you support Microsoft Windows NT, 2003 and Vista? What about 64-bit versions of Windows?
Version 4.0 Release 2 and later versions support Windows 2003 with Service Pack 1. Version 4.0 Release 3, Service Pack 2 and later versions also support Windows Vista.
We have identified one known issue from Microsoft regarding Windows 2003’s support of the Microsoft SQL Desktop Engine (used by the User Manager application.) If you install and operate the User Manager database on a Windows 2003 computer, you must download and install MSDE 2000 Service Pack 3 or later from Microsoft. See Microsoft’s Knowledge Base article KB329329 for details.
With Version 4.0 Release 3, Service Pack 2 we have moved from MSDE to SQL Server 2005 Express Edition to support Windows Vista. We are unaware of any issues introduced by this change. If you encounter issues installing SQL Server 2005, check the Microsoft Knowledge Base for support.
We no longer officially support Windows NT 4.0 due to its retirement by Microsoft.
ICVERIFY, Inc. supports both 32- and 64-bit distributions of Windows Vista, but only 32-bit distributions of other operating systems.
Can I use products like Windows Terminal Server or Citrix Presentation Server?
We do not test with remote-access products of any kind; however we are aware of customers successfully using them. If you choose to implement and use a remote-access product, we urge you to bear the following points in mind:
• Your use of such a product is entirely at your own risk. ICVERIFY, Inc. cannot warrant our products will work in such environments.
• You may have an obligation to limit or discontinue the use of a remote-access product based on the findings of a Payment Card Industry (PCI) security audit. As a merchant, you must take appropriate measures to secure your payment processing software. Depending on how you configure and use your remote-access software, you may have security exposures requiring remediation.
• Using a remote-access product to grant multiple users access to a single copy of software does not release you from your obligations under the ICVERIFY End-User License Agreement. You must purchase a sufficient number of licenses for your entire ICVERIFY user community, regardless of the number of installed copies you have.
If I’m creating a network of ICVERIFY systems, do they all have to be the same version?
Yes. If you are planning to install a network of ICVERIFY substations routing transactions through a single master station, they must all be the same installed version.
When I launch the ICVERIFY 4.0 CD-ROM, what installation option should I choose?
It depends on how you intend to use the ICVERIFY product:
• If you have only one computer, select the Install All Applications option. This will install both the ICVERIFY for Windows and ICVERIFY User Manager products automatically on your PC.
• If you are installing the software on a substation within an ICVERIFY payment network, select the Install ICVERIFY for Windows Only option. This will install only the ICVERIFY for Windows application. Be aware that you will have to specify where the User Manager database resides, so your users can log in successfully from the substation PC.
• If you are installing the software on a master station within an ICVERIFY payment network, select the Install All Applications option, unless you want to manage the users from a different computer. In that case, move to the next bullet point.
• If you are installing the software on one computer, but you want to manage your user accounts from another computer, select the Install ICVERIFY for Windows Only option. Again, you will have to specify where the User Manager database resides.
• Finally, if all you want to install is the ICVERIFY User Manager to manage the users of your ICVERIFY product, select the Install ICVERIFY User Manager Only option.
What is the User Manager and do I really need to install it?
The ICVERIFY User Manager is part of the ICVERIFY application suite and is used to control access to the ICVERIFY Graphical User Interface (GUI) application. Prior versions of the ICVERIFY product supported password-level access to certain application functions. However, version 4.0 and above follow a user-based security model, where the privileges associated with a user’s account determine what that user is allowed to do within the application. Since user-based security is a mandatory component of the Payment Card Industry (PCI) security guidelines, it is important that you use the User Manager to configure and maintain your user accounts.
The only exception to this is if you are using the ICVERIFY software in a fully integrated environment and will not access the ICVERIFY GUI at all. In that case, you need not install the User Manager; however, you will not be able to use the ICVERIFY GUI without it. Furthermore, your entire integrated environment may need to be audited to prove it meets the user-based security standards in the PCI program.
Can I upgrade my old data from a previous version of ICVERIFY for Windows?
Version 4.0 supports upgrading data from version 3.1 and later. If you plan to upgrade your data, you must first settle any open batches prior to installing your new software.
If you are using a version of software older than version 3.1, you should plan on running final reports and de-installing that software prior to using 4.0.
Can I install two (or more) copies of software and have them use the same data files in a single data directory?
No. Each installation of ICVERIFY version 4.0 has a unique encryption key, including if you install twice from the same CD-ROM. If you attempt to share the same data files between two installed copies of software, you will corrupt your data and you may be unable to settle your transactions and receive funds for your payments.
If you want to allow multiple computers running ICVERIFY software to access the same data for the same merchant account, you must configure them in a master station / substation network mode and purchase the appropriate licenses to do so.
Can I install two (or more) copies of version 4.0 on a single computer?
Each installation of ICVERIFY version 4.0 writes critical information to the system registry. Therefore, unless you are running a dual-boot PC with multiple system registries, you can only install one copy of a particular version of ICVERIFY software at any time.
On the other hand, you can install and run multiple different versions of software on a single computer. In other words, you could install ICVERIFY version 3.1.6, version 4.0 and version 4.0.2 all on the same PC. You just cannot install multiple copies of the same version.
I get a message saying “Error installing ikernel.exe” after clicking an option on the installation splash screen.
This problem is usually due to a different software product you’ve installed on your computer not “cleaning up” after its own installation process. The message means that InstallShield™, a commonly used installation product, could not properly initialize because the computer has certain files on it that shouldn’t be there. Refer to the InstallShield support knowledgebase at http://support.installshield.com, article Q111519, and consult the section on InstallShield Professional 6.x.
I installed everything, but I can’t log in. What’s my initial user name and password?
Both ICVERIFY for Windows and the ICVERIFY User Manager install an initial account with administrator-level access. When you reboot your computer after first installing the software, you should see a message box with your initial system-administrator user credentials. Remember that you will need to change your password the first time you log in. Do not forget your new password! ICVERIFY, Inc. cannot tell you what it is!
I installed everything, but when I try to log into ICVERIFY I get an error saying “Login failed due to system error.”
You probably forgot to restart your computer after the installation process completed. The ICVERIFY User Manager requires a reboot in order to start the MSDE database system and build the user account tables.
If you restarted the computer after the installation and still can’t log in, consider whether your use of Windows Firewall might be preventing the login from being transmitted properly. Review the information in this FAQ about allowing Named Pipes through port 445 in Windows Firewall.
I’m running Windows XP Service Pack 2. Everything seemed to install OK, but I can’t log in from a substation, even though I know my user name and password are correct.
This issue usually occurs because the Windows Firewall service in Service Pack 2 is installed to restrict file and printer sharing by default. Windows uses TCP port 445 for these services. Unfortunately, the SQL Server Named Pipes service used by the ICVERIFY User Manager also uses this port. If you are trying to log into a user database running on a remote computer with Service Pack 2, you need to enable port 445 through the firewall on that computer and associate the SQL Server instance with that port’s usage.
Refer to Microsoft Knowledge Base article KB839269 for further details on configuring Windows Firewall to support SQL Server interaction on port 445. Also review the document “Configuring Windows Firewall to Support MSDE Named Pipes” available from ICVERIFY, Inc.
This issue may also occur with other operating systems.
I installed everything, but when I try to log into ICVERIFY I get an error saying my serial number isn’t valid.
I upgraded from a previous version. Why do I need to re-validate my software? I never had to do that before.
Unlike prior versions of ICVERIFY software, version 4.0 requires you to activate the product with your new serial number (the one beginning with the numeral 4, usually located on your CD-ROM case) and to receive a new validation code from ICVERIFY, Inc. This is to improve our ability to support you as you use the product.
Also, the format of the merchant setup file (the “SET file”) has changed from prior versions. This means you can’t simply copy an old setup file into your new software and expect it to work. You have to upgrade it using the ICVERIFY Setup Wizard or Advanced Setup application.
I upgraded from an old version of software. I copied over my old SET file and pointed 4.0 at my data directory. Why isn’t it working?
Version 4.0 uses different file structures and encryption methods from older versions of software. While you may have been able to upgrade in the past simply by copying files from one directory to the next, DO NOT ATTEMPT THIS WITH VERSION 4.0! This has never been a supported activity, and you risk corrupting your old setup and transaction information by doing so.
The only supported upgrade method for the ICVERIFY product is to use the ICVERIFY Upgrade Wizard.
Feature and Functionality Questions
General Questions:
19. Does ICVERIFY support the Diners Club / MasterCard co-marketing agreement? How can I configure the software to support it?
20. Is ICVERIFY CISP / PCI compliant?
21. Is ICVERIFY CAPN compliant?
22. Can the software support purchasing card data including level 2 and level 3?
23. What types of printers can I use?
24. What is JCard? Do I have to use it?
25. Why do my passwords to log into ICVERIFY have to be so long / complicated?
26. I forgot / lost my password, or I used the wrong password and now the software says my account is locked. What do I do?
27. Why does the software keep timing me out / forcing me to log back in?
28. Why does my user account get / keep getting locked out?
29. I got locked out of my sysadmin account. What do I do?
Does ICVERIFY support the new Diners Club / MasterCard co-marketing agreement? How can I configure the software to support it?
Yes. Your ICVERIFY software allows you to submit, settle and report on Diners Club transactions as part of your MasterCard payment processing. If you do not have a Diners SE number loaded in the application, you can set the Treat Diners Card as MasterCard option to Y in the ICVERIFY Setup Wizard or Advanced Setup utility. In most versions of the software, this option is set to Y by default.
Is ICVERIFY CISP / PCI compliant?
The Cardholder Information Security Program (CISP) and Payment Card Industry (PCI) security guidelines are programs that apply to merchants, regardless of the software they use (or if they have built their software themselves.) However, there is a partner program to CISP called the Payment Application Best Practices, or PABP, that applies to software applications. ICVERIFY version 4.0 is fully PABP validated.
Using PABP-validated software goes a long way toward meeting the CISP / PCI standards. Read the ICVERIFY Secure Software Guide for additional tips on operating a secure payment processing system.
Is ICVERIFY CAPN compliant?
In 2006, American Express announced substantial modifications to their processing systems that they entitled the Credit Authorization and Processing Network (CAPN) standards. CAPN consists of both mandatory and optional components: the mandatory elements have to do with supplying more data from the point of sale and supporting a transaction identifier throughout the life cycle of an American Express transaction, while the optional elements relate to new features such as partial authorization support for gift cards, new industry identifiers, and so on.
Every processor has chosen to respond to the CAPN modifications differently. Some have hidden all the new complexities from the merchant and POS vendor community, others have introduced changes, while others have yet to respond.
As a POS software vendor, ICVERIFY, Inc. can only implement what is offered by our processing network partners, on the schedule in which it is offered. To date, we have performed substantial CAPN modifications and as of version 4.0.3 the software is fully CAPN ready on the following networks:
• First Data: Atlanta, CARDnet (North), Nashville, NaBANCO (South), Omaha
• Heartland Payment Systems
• First Horizon Merchant Services
• Global Payments: Central and East
• NOVA Information Systems
• TSYS Acquiring Solutions
Other networks will be CAPN certified in a future software service pack.
Can the software support purchasing card data including level 2 and level 3?
Yes, depending on your processing connection. You can submit Visa and MasterCard level 2 transactions to several processing networks; consult the processor feature list at http://www.icverify.com/icverify/lastver.asp for specifics. You can also send American Express Corporate Purchasing Card level 2 transactions to several bankcard partner platforms as well as direct to American Express.
The ICVERIFY software currently supports full level 3 data for Visa and MasterCard to First Data’s CARDnet platform and TSYS Acquiring Solutions (formerly known as Vital Processing Services). You can also send level 3 data to any processor that fully emulates TSYS Acquiring Solutions EIS 1080/1081 message formats.
What types of printers can I use?
The ICVERIFY software allows you to configure two separate printers: one for receipt printing and one for report printing. Both printers should be configured through the Microsoft Windows Control Panel using the printer drivers recommended by the manufacturer. ICVERIFY version 4.0 uses the standard Windows printing interface, so if you can get the printer to print a test page successfully from the Control Panel, you should be able to get it to work with ICVERIFY. (Remember the reverse is also true – if the printer doesn’t work in the Control Panel, you have to configure it properly or you should not expect it to work with the ICVERIFY product.)
For receipt printing, you can select whether you want the ICVERIFY product to print in 23-column or 40-column mode, depending on the type of printer you have.
What is JCard? Do I have to use it?
JCard is an application component used to facilitate secure communications over the Internet. If you want to submit your payment transactions to the processing network over the Internet, you must install and configure JCard.
Why do my passwords to log into ICVERIFY have to be so long / complicated?
We regret that some of our merchant customers are unused to what are called “complex” passwords – that is, passwords that require a combination of letters and numbers. This is a byproduct of Visa USA’s Payment Application Best Practices, a set of standards governing software access and data security. Part of the guidelines state that access to a payment software product must be password-protected, and that all passwords must be of a certain length and complexity.
We understand this is a new and inconvenient change for some of our merchant customers, and regret any difficulty it causes. However, the standards are designed to assist merchants in rapidly becoming PCI compliant.
I forgot / lost my password, or I used the wrong password and now the software says my account is locked. What do I do?
You can unlock and reset passwords for any software application from the ICVERIFY User Manager. All you need to do is log into the User Manager, select the application with the user whose account is locked, select the user account and reset the password. Tell the user what his temporary password is. The next time he logs in, he will need to change it to some other value. This way he is the only one who knows his permanent password.
Do not forget or lose the password to the “sysadmin” account for the User Manager! As long as you know how to log into the User Manager as sysadmin, you can solve any other password or login problem your users have.
The ICVERIFY, Inc. Help Desk does not know what your passwords are and cannot change them for you. We can only help you use the User Manager to do it yourself.
Why does the software keep timing out / forcing me to log back in?
In 2007, the Payment Application Best Practices (PABP) guidelines were updated to require software applications to “time out” a user’s session after a certain period of inactivity. In ICVERIFY version 4.0.3, this period is fixed at 15 minutes. This means that if you leave the application idle for 15 minutes, your session will expire and you’ll be forced to log back in. If you choose not to log back in, your only option will be to close the application.
ICVERIFY, Inc. is considering allowing administrators the option to modify the duration of the timeout period, however the timeout cannot be removed. This is because the timeout is a PABP requirement.
Why does my user account get / keep getting locked out?
As part of the security measures introduced with the PABP program, the user account system in ICVERIFY for Windows is designed to “lock out” (disable) a user account after multiple consecutive failed logon attempts. This is to prevent hackers or malicious users from logging in and accessing card data by spoofing one of your user accounts.
You can configure the number of attempts the software will allow before locking out an account via the ICVERIFY User Manager application.
Unfortunately, the lockout process can sometimes affect legitimate users who simply forget their passwords. To minimize the likelihood that you will be locked out, try to keep the following guidelines in mind:
• Before you attempt to log into the ICVERIFY application, make sure your Caps Lock key is off. Your user information may be case-sensitive.
• Did your password recently expire? The User Manager has an option to force password changes on a certain cycle. Make sure you aren’t trying to log in using an old password.
• Above all, please remember that your password is a critically important piece of information. Do not forget it!
Please remember if you are locked out to contact your system administrator (that is, the person with access to the sysadmin account.) The ICVERIFY, Inc. Help Desk does not know what your passwords are and cannot change them for you. We can only help you or your system administrator use the User Manager to do it yourself.
I got locked out of my sysadmin account. What do I do?
The sysadmin account for the User Manager is the key account for your entire ICVERIFY installation. It is important that you not forget or lose the password for this account. However, in the event that you do get locked out of the sysadmin account, consider the following:
• Are you locked out of the ICVERIFY applications or out of the User Manager? Remember that user accounts are tied to applications, meaning that the sysadmin account for the ICVERIFY GUI is different from the sysadmin account for the User Manager. As long as you can log into the User Manager, you can fix any other account problems you encounter.
• If you’re actually locked out of the User Manager, did you configure any other user accounts with User Manager access? If you did, ask another user to log in and reset the sysadmin account password.
• In a worst-case scenario, you may need to re-install the User Manager or work with the ICVERIFY, Inc. Help Desk to reset the sysadmin account to its original settings. You do not need to uninstall the ICVERIFY application to do this. Do NOT uninstall the ICVERIFY software, especially if you have performed actual payment transactions.
Integration-Related Questions
30. Can I run ICVMLT32.EXE as a service instead of an application?
31. How do I set up my network to support a master station / substation processing environment?
32. What integration mode should I use?
33. Do I have to use SQL Server 2005 Express Edition to manage my user database? Can’t I use my own database engine?
Can I run ICVMLT32.EXE as a service instead of an application?
Yes. Running ICVMLT32.EXE as a Windows service designed to run on system startup prevents you from being forced to keep a user logged in on the PC where you have installed your master station. You may find this setup desirable if you are operating in master station / substation mode, or if you are using the file-based interface to perform integrated transaction processing to a single copy of the ICVERIFY software.
Please refer to Microsoft Knowledgebase article KB137890 for information on how to configure applications as services. You will need a copy of the Microsoft utilities INSTSRV.EXE and SRVANY.EXE for your operating system as well as access to your system registry in order to do this procedure. The utilities are available from Microsoft, not ICVERIFY, Inc. Be sure you get the appropriate versions of the utilities for your particular operating system.
When you have access to the utilities and your registry, review the document “Configuring ICVMLT32.EXE As A Windows Service” available from ICVERIFY, Inc.
In Version 4.0 Release 3 Service Pack 2, you are offered the option to install ICVMLT32 as a service directly from the installer application.
How do I set up my network to support a master station / substation processing environment?
Be sure to read the “Setting Up a Payment Network” chapter of the ICVERIFY for Windows Setup Guide carefully. It contains important information regarding how to configure your network to support a master station and one or more substations. Here are some general guidelines to follow:
• Your payment network consists of four major components: the master station PC itself, the substation or substations, the data directory associated with each merchant setup file you are using, and the request file directory used to transmit information between the master station and the substation(s).
• Each merchant setup needs its own unique data directory, but there is only one request file directory for your payment network. All merchant transactions will be processed through it.
• The master station and all substations must have “Full Control” permissions to the request file directory and all data directories in your payment network.
• Each substation inherits the path to the data directory from the setup file located on the master station. The path must be the same except for the drive letter; for example, if the data directory is located at C:\icverify\datadir from the master station’s frame of reference, the directory must be found at <drive>:\icverify\datadir on the substation.
• You can also use Microsoft Message Queuing (MSMQ) to take the place of the request file directory; however, you must still ensure proper access and permissions to your data file directories.
For additional tips on setting up payment networks and shared directories, consult the document “Configuring Directories in an ICVERIFY Master / Substation Setup” available from ICVERIFY, Inc.
What integration mode should I use?
It’s largely a question of your familiarity with Windows programming and the constraints of whatever application or system will interact with the ICVERIFY product. You have three primary integration modes: a file-based interface, a direct DLL interface and an ActiveX control. Each supports both the traditional “request-string” interface and the new XML interface. Use whatever combination of integration mode and message format makes the most sense to you. Consult the ICVERIFY SDK Guide for details.
Do I have to use SQL Server 2005 Express Edition to run my user database? Can’t I use my own database engine?
The ICVERIFY installation CD-ROM includes build scripts to generate the user account database tables required by the ICVERIFY User Manager. You can use these scripts to build the appropriate user tables in your own instance of Microsoft SQL Server, and change the database login credentials during application setup to point to the instance you’ve created. Please note that ICVERIFY, Inc. can offer no direct support for this type of configuration; it is your responsibility to manage your own database.
Security-Related Questions
General Questions:
34. What ports or protocols do I have to allow through my firewall to support transaction processing over the Internet?
35. Do I need to open ports in my external firewall to support JCard?
36. How does ICVERIFY encrypt data stored on my computer?
37. How does ICVERIFY encrypt data transmitted over the Internet?
38. Can I use a proxy server between my computer running ICVERIFY and the Internet?
39. How does ICVERIFY prevent people from stealing my data?
What ports or protocols do I have to allow through my firewall to support transaction processing over the Internet?
Most processors who support transaction transport over the Internet use SSL over HTTPS connections. If your firewall supports standard secure Internet browser sessions, you will probably not have to make any changes to support transaction processing of this type.
A few processors use direct TCP/IP socket-based connections. In these cases, you will need to ensure TCP connections are allowed at the particular port required by your processor. Check the ICVERIFY Setup Guide Internet processing screen shots for information on what type of connection your processing network requires.
In either case, you may want to consider restricting other connections and protocols from the PC where you’re using the ICVERIFY software.
Finally, bear in mind that if your network includes port address translation, network address translation or domain name translation of any kind, you will need to keep this in mind when you configure the ICVERIFY software. The URLs and ports you enter in the ICVERIFY software are the only ones the product knows about; therefore your network must either allow a direct route to them or handle any translation transparently.
Do I need to open ports in my external firewall to support JCard?
No.
JCard is an internal communication application server for the ICVERIFY software. While it does use a TCP/IP port to listen for transaction requests (usually port 4444 or 4445), this port only needs to be opened for inbound traffic on the PC where JCard is installed, and outbound on the PC where ICVERIFY for Windows is installed.
Since most merchants install both applications on a single PC, no further configuration is required.
You do not need to make external firewall modifications to support JCard. However, if you have internal firewall software operating on the PC where JCard is installed, you may need to allow for traffic on the JCard listening port from other computers if your ICVERIFY software is not co-located on the same system.
How does ICVERIFY encrypt data stored on my computer?
All files containing transaction information of any kind are encrypted with the Advanced Encryption Standard (AES) encryption algorithm using a 256-bit cipher. AES is the current standard for encryption in the financial and government sectors and is used to secure both payment data as well as classified intelligence information. Moreover, the use of a 256-bit cipher exceeds the standard required by the card companies.
The key used by the software is unique to every CD, merchant and installation, and is updated every day. You can also regenerate the key manually as part of routine security housekeeping activities. Consult the ICVERIFY User Guide for further information.
How does ICVERIFY encrypt data transmitted over the Internet?
When you use the ICVERIFY software to send a transaction across the Internet, the encryption used to secure that transaction is decided by the processing network. All processing networks use a minimum of 128-bit SSL (Secure Sockets Layer) to protect transaction data. Some providers use IPsec over TCP/IP sockets. Still others use multiple layers of encryption including both tunneling (VPN) and data packet encryption technologies.
If you require specific information, you should request it directly from your processing network.
Can I use a proxy server between my computer running ICVERIFY and the Internet?
Yes, for most processor connections. Some of the TCP socket-based connections (for example Global Payments’ East platform) may require additional configuration at your proxy server to function properly. Remember that if you intend to use a proxy server, you must configure the JCard subsystem to recognize it. Refer to the ICVERIFY Setup Guide for information on configuring JCard to use a proxy server.
Finally, bear in mind that ICVERIFY, Inc. cannot be responsible for the stability of your Internet connection, and all devices or systems between the computer where the ICVERIFY product is installed and the Internet are your responsibility.
How does ICVERIFY prevent people from stealing my data?
Your ICVERIFY product contains two major features that are designed to protect your payment data. First, all payment data is encrypted via 256-bit AES encryption, a very strong encryption algorithm. Second, access to the ICVERIFY user interface is restricted to those people with a user name and password. As the administrator of your ICVERIFY product, you have the power to grant and restrict access to the product, and determine what functions your users can actually perform after they log in. You also can access user activity logs showing what your users did when they were using the product, and can check to see who is logged in at any given time.
PCCHARGE
Flexible Payment
Processing on your PC
You use your PC for many business functions, from tracking inventory to
maintaining customer and employee databases and accounting. Why not
use it to accept payments as well? PCCharge payment software from
VeriFone turns any PC into a payment-accepting device, without interfering
with other programs.
VeriFone’s PCCharge offers easy-to-use, PC-based payment processing.
The Windows-based application is user-friendly, and features intuitive
menu screens with action buttons that guide you step-by-step through
the program.
PCCharge supports a wide range of peripherals, making it easy for you
to accept all payment types, including credit, debit, EBT, check processing,
gift/loyalty and more.
The customer database feature allows you to store repeat customers’
data, providing a more efficient and targeted marketing opportunity.
PCCharge allows businesses that charge regular monthly fees, such as
health clubs, to set up a specific date to process recurring payments.
If your business environment has more than one computer, PCCharge
can reside on your network and allow multiple clerks to process
transactions on a single merchant account.
And, as with all VeriFone products, PCCharge is dependable and secure,
meeting the latest security and data file encryption standards.
Features and Benefits
Easy to Use
• Windows-based user interface is familiar and intuitive, making PCCharge easy
for your employees to learn and use
• Robust reporting features simplify account reconciliation and business management
Functional and Flexible
• Connects with your existing dial or IP-based PC communications, eliminating
the need for additional lines
• Accepts all payment types, including credit, debit, EBT, check, gift and loyalty –
giving customers a full range of payment options
• Customizable database stores customer information – beneficial for direct mail
or loyalty programs
• Recurring billing feature allows you to schedule automatic payments –
for added convenience and efficiency
• System Requirements: Windows 98, 2000, NT, XP or 2003; 64 MB RAM; 30 MB
free hard disk space; 400 MHz processor or higher; CD-ROM; Microsoft Internet
Explorer version 6 or higher.
Secure and Reliable
• PCI (Payment Card Industry) and PABP (Payment Application Best Practices)
validated
• Utilizes the latest security standards to protect against fraud and
data tampering:
- – Address and cardholder verification capability may help mail-order/
telephone-order merchants qualify for lower processing rates and reduce
fraudulent transactions
- – Meets up-to-date compliance standards for Visa and MasterCard
- – Multi-tiered permission levels for users protect customer information
by limiting what employees can view
Examples of Application Icons used to access PCCharge features:
System Requirements
YOU MUST HAVE THE FOLLOWING:
• PC with Windows 98, XP, NT, 2000, or 2003
• 64 MB minimum of RAM, 256 MB preferred
• 30 MB of available hard-disk space, 100 MB preferred
• An Internet connection OR a Hayes compatible modem (capable of 1200 baud or less) and an analog phone line
• CD-ROM drive
• 400 MHz or higher processor
• Latest Microsoft service pack updates installed
• Merchant Account with a PCCharge-certified processor
• SSL updates if required (see SSL Requirements below)
• Latest version of Microsoft's Internet Explorer (version 6 or later)
For more information CLICK HERE to download a PDF file (2.7 MB).
Electronic Payment Processing Software Appendices CLICK HERE to download a PDF file (1.7 MB).
Discover Network
October 2008
Attention PCCharge Users: Potential transaction declines due to cards with a 2013 expiration date
If you are a PCCharge customer, you and your Merchants may experience unnecessary declines from cards with an expiration date of 2013. The decline is occurring due to the Last Valid Year currently supported by the PCCharge software, which has not been updated to support cards issued with an expiration date of 2013 or greater.
To ensure that you and your customers do not experience erroneous declines for an invalid card expiration date, please be sure to extend the Last Valid Year beyond 2012.
The PCCharge Last Valid Year is simple to update. To change the year, follow the steps below:
• Go to Set-Up Menu
• Select Preferences
• Update Last Valid Year with a 2-digit (yy) numeric year in the future that will support all upcoming future re-issued card types. For example, change the Last Valid Year to "20"
If you have any questions regarding the PCCharge Last Valid Year update steps, please contact Discover's Director of Operations Bonnie Tow at 224-405-4546 or bonnietow@discover.com. If you have a PCCharge Service Agreement with VeriFone and/or if you would like to renew your PCCharge Service Agreement, please contact VeriFone's help desk at 877 659-8981.