Payment Driver vs. Workstation Settings
You must configure SPI as a payment driver. You can configure the SPI driver at the Enterprise, zone, property, and revenue center levels in the Payment Drivers module, and you can override the SPI configuration to set client specific values at the workstation level in the Workstations module. Workstation settings override Payment Driver settings in case of conflict. If workstation settings are present, but the driver is not SPI, workstation settings are ignored.
One example where workstation device settings are required when a property or revenue center has a mix of Windows clients that have PEDs directly attached, and Android clients that are paired with network PEDs in Terminal mode:
- For Microsoft Windows clients, entering http://localhost:port in the Primary Host of the Payment Driver module is sufficient as each PED communicates with the client on the local host IP address.
- For Android clients, enter each PED’s IP address individually. An SPI device is added for each Android client, and the only setting entered is the paired PED’s actual URL. When the Android client attempts to process a credit card transaction, the device setting URL overrides the Payment Driver setting, and it communicates with its own paired PED. If this environment is a middleware mode, this configuration is not necessary. In that case, the URL in the Payment Driver points to the middleware host and looks up the paired PED for the requesting client and passes the request on.
SPI supports TLS 1.2 with two-way authentication, where server and client exchange certificates. The PSP is responsible for issuing certificates. Another scenario in which workstation devices have to be used for each client is HTTPS with two-way authentication when client certificates are to be issued for each client individually. In that case, the Payment Driver settings reflect the security settings as HTTPS with Certificate Validation, and the Server Certificate’s public key file will be loaded. For each client, a workstation SPI device is created, and the client’s certificate with password is loaded.
Where it can be accessed: Workstation
Role Access: Workstations
Role Privileges: View, Edit, Add, Delete
Views: Table view
Field Name | Description | Data Type/Value |
---|---|---|
Object Number | (This cell intentionally empty.) | Integer (1–999999999 ) |
Type | Simphony Payment Interface | String |
Device | Simphony Payment Interface | String |
Configuration | (This cell intentionally empty.) | String |
Where it can be accessed: Workstation
Role Access: Workstations
Role Privileges: View, Edit, Add, Delete
Views: Table view
Field Name | Description | Values |
---|---|---|
Common Driver Properties | ||
Enable Line Item Display |
Select True to enable the Line Item Display feature. (This value can only be set when SPI Interface = True.) |
Boolean (True, False) |
Transport Service Properties | ||
Host Timeout | Enter the timeout value in seconds. This is the amount of time that the host waits for a response from the PSP. The default timeout value is 180 seconds. | Integer |
Primary Host |
Enter the URL for the PSP endpoint. For example, in Terminal Mode this is
If the Security Settings use HTTPS, ensure that the Primary Host field shows https. This is based on the Security settings below. |
String (URL) |
Validate XML Message Against Schema |
To validate the format of existing messages that are sent to the PSP against the schema, set the value to True. (This value can only be set when SPI Interface = True.) |
Boolean (True, False) |
Security |
You can load the certificate into the payment driver or the workstation device depending on the communication method and connection between the POS client and the PED. The certificates are installed on the POS clients as part of the DBSync process. (This section can only be set when SPI Interface = True.) |
|
Security Settings |
Select the appropriate option:
For one-way authentication, the PSP provides the private key for the server certificates, which must be distributed to all POS clients. For two-way authentication, the client certificates with passwords are also issued by the PSP for each Simphony POS client. The Oracle Simphony Security Guide contains more information about the certificates. |
List Choice |
Load Server Certificate: | Click the ellipsis button, select the server certificate, and then click Open. | String |
Load Client Certificate | Click the ellipsis button, select the client certificate, enter the password when prompted, and then click Open. | String |
Delete Certificates | To delete a certificate, select Do Not Delete, Delete All Certificates, Delete Server Certificate, or Delete Client Certificate. Confirm with Yes or No. | Button |