Table of Contents Table of Contents Title and Copyright Information Send Us Your Comments Preface Audience Related Documents Customer Support Review Patch Documentation Improved Process for Oracle Retail Documentation Corrections Oracle Retail Documentation at the Oracle Help Center Conventions 1 Security Guidelines Oracle Support General Principles Securing Sensitive Data Retailer Responsibilities POS Security Considerations TLS Encryption Solution Specific Responsibilities Adyen AJB FiPay Cayan Core PayPal PointUS Verifone Ocius Sentinel Payment System Comms/Security 2 Secure Configuration EFTLinkConfig.properties TLS Crypto-Agility for Communications Protocols Ciphers Recommended Settings (default) Full Crypto-Agility Settings List Crypto-Agility for Data Storage EFTLink Cores Adyen Core AJB FiPay Core Cayan Core Ocius Sentinel Core OPI Retail Core Logging Java References 3 Secure Development Core-Host API Scope Message Flow Channel 0 Channel 1 Channel/Socket Contention Socket/XML Message Abstraction EPSCore/EPSHost Javadoc EPSCore Event Mapping EPSHost Action Mapping EPSRequest/EPSResult Classes DeviceRequest/DeviceResponse Classes Mandatory Content Development Considerations Logging Configurable Properties Multi-threading and Synchronisation Progress Messages Printer Management Administration Functions Cancellation Translation EFTLink Server Compatibility Core How-Tos MiscellaneousData Miscellaneous Data Disclaimer Session Properties Secure Data Restricted Access Key Storage Encrypted File Storage Security Standards