Cayan Core

There are specific security implementation considerations for the Cayan Core. The Cayan Core will be shipped with a public root certificate. When the Cayan Core is initialized a Java Key Store (JKS) is created and secured. If there is no public certificate stored in the JKS then the root certificate file is located and converted to an encrypted certificate file and stored securely in the JKS. The public root certificate file is then deleted from the installation folder.

The certificate is required in order to create the secure socket required for the https session with the authorization host.

Once the encryption key has been created and stored, and the certificate also secured, the install procedure requires the entry of a few details such as merchantid to be entered via the POS. As these are entered, they are stored and encrypted as required, and connection to the pin terminal is then possible. Full details of the procedure are available in the installation guide for Cayan.

Starting from v24, as mentioned in the Oracle Retail EFTLink Core Configuration Guide, the Cayan Core enforces the use of a dedicated truststore.