Payment Driver vs. Workstation Settings

You must configure SPI as a payment driver. You can configure the SPI driver at the Enterprise, zone, property, and revenue center levels in the Payment Drivers module, and you can override the SPI configuration to set client specific values at the workstation level in the Workstations module. Workstation settings override Payment Driver settings in case of conflict. If workstation settings are present, but the driver is not SPI, workstation settings are ignored.

One example where workstation device settings are required when a property or revenue center has a mix of Windows clients that have PEDs directly attached, and Android clients that are paired with network PEDs in Terminal mode:

  • For Microsoft Windows clients, entering http://localhost:port in the Primary Host of the Payment Driver module is sufficient as each PED communicates with the client on the local host IP address.
  • For Android clients, enter each PED’s IP address individually. An SPI device is added for each Android client, and the only setting entered is the paired PED’s actual URL. When the Android client attempts to process a credit card transaction, the device setting URL overrides the Payment Driver setting, and it communicates with its own paired PED. If this environment is a middleware mode, this configuration is not necessary. In that case, the URL in the Payment Driver points to the middleware host and looks up the paired PED for the requesting client and passes the request on.

SPI supports TLS 1.2 with two-way authentication, where server and client exchange certificates. The PSP is responsible for issuing certificates. Another scenario in which workstation devices have to be used for each client is HTTPS with two-way authentication when client certificates are to be issued for each client individually. In that case, the Payment Driver settings reflect the security settings as HTTPS with Certificate Validation, and the Server Certificate’s public key file will be loaded. For each client, a workstation SPI device is created, and the client’s certificate with password is loaded.

Where it can be accessed: Workstation

Role Access: Workstations

Role Privileges: View, Edit, Add, Delete

Views: Table view

Image shows the Devices tab table view configuration settings.

Field Name Description Data Type/Value
Object Number (This cell intentionally empty.) Integer (1–999999999 )
Type Simphony Payment Interface String
Device Simphony Payment Interface String
Configuration (This cell intentionally empty.) String

Where it can be accessed: Workstation

Role Access: Workstations

Role Privileges: View, Edit, Add, Delete

Views: Table view

Field Name Description Values
Common Driver Properties
Enable Line Item Display

Select True to enable the Line Item Display feature.

(This value can only be set when SPI Interface = True.)

Boolean (True, False)
Transport Service Properties
Host Timeout Enter the timeout value in seconds. This is the amount of time that the host waits for a response from the PSP. The default timeout value is 180 seconds. Integer
Primary Host

Enter the URL for the PSP endpoint.

For example, in Terminal Mode this is http://PEDIPAddress:Port. In Middleware Mode, this is http://MiddlewareIPAddress:Port. If the IP address for each PED is different (network/wireless PEDs in Terminal mode), create workstation devices to enter each POS client’s PED IP address individually.

If the Security Settings use HTTPS, ensure that the Primary Host field shows https. This is based on the Security settings below.

String (URL)
Validate XML Message Against Schema

To validate the format of existing messages that are sent to the PSP against the schema, set the value to True.

(This value can only be set when SPI Interface = True.)

Boolean (True, False)
Security

You can load the certificate into the payment driver or the workstation device depending on the communication method and connection between the POS client and the PED. The certificates are installed on the POS clients as part of the DBSync process.

(This section can only be set when SPI Interface = True.)

Security Settings
Select the appropriate option:
  • Use Http Only
  • Use Https with No Certificate Validation
  • Use Https with Certificate Validation (one- or two-way authentication)

For one-way authentication, the PSP provides the private key for the server certificates, which must be distributed to all POS clients.

For two-way authentication, the client certificates with passwords are also issued by the PSP for each Simphony POS client.

The Oracle Simphony Security Guide contains more information about the certificates.

List Choice
Load Server Certificate: Click the ellipsis button, select the server certificate, and then click Open. String
Load Client Certificate Click the ellipsis button, select the client certificate, enter the password when prompted, and then click Open. String
Delete Certificates To delete a certificate, select Do Not Delete, Delete All Certificates, Delete Server Certificate, or Delete Client Certificate. Confirm with Yes or No. Button