EP1386207A2 - Clavier a effleurement confirmant sa securite - Google Patents

Clavier a effleurement confirmant sa securite

Info

Publication number
EP1386207A2
EP1386207A2 EP01989739A EP01989739A EP1386207A2 EP 1386207 A2 EP1386207 A2 EP 1386207A2 EP 01989739 A EP01989739 A EP 01989739A EP 01989739 A EP01989739 A EP 01989739A EP 1386207 A2 EP1386207 A2 EP 1386207A2
Authority
EP
European Patent Office
Prior art keywords
data
entry
display
security
touch pad
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Withdrawn
Application number
EP01989739A
Other languages
German (de)
English (en)
Inventor
Llavanya X. Fernando
G. F. R. Sulak Soyca
Robert W. Wilmot
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Poscom Inc
Pos com Inc
Original Assignee
Poscom Inc
Pos com Inc
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Priority claimed from US09/887,150 external-priority patent/US20020196237A1/en
Application filed by Poscom Inc, Pos com Inc filed Critical Poscom Inc
Publication of EP1386207A2 publication Critical patent/EP1386207A2/fr
Withdrawn legal-status Critical Current

Links

Classifications

    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/70Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
    • G06F21/71Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information
    • G06F21/72Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information in cryptographic circuits
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/70Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
    • G06F21/71Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information
    • G06F21/74Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information operating in dual or compartmented mode, i.e. at least one secure mode
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/70Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
    • G06F21/82Protecting input, output or interconnection devices
    • G06F21/83Protecting input, output or interconnection devices input devices, e.g. keyboards, mice or controllers thereof
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2129Authenticate client device independently of the user

Definitions

  • This invention relates to the touch pads, display, touchscreens and secure data entry. More particularly, the invention relates to confirming to the user the security of data to be entered on a touch pad during, for example, a consumer transaction.
  • Older conventional devices for debit transactions are physically and logically secure. Tamper-detect switches inside a device including a casing erase valuable information if the casing is broken. Security grids and ruggedized security shrouds prevented drilling into the device. Logical security measures manage cryptographic keys (to encrypt PIN numbers) and transaction data within the device. Additionally, the logical security ensures message authentication coding during message transit.
  • PDAs personal digital assistants
  • These newer devices enable customers to interact with the devices during transactions. However, the transactions from such devices are not as secure (physically or logically) as those from the older devices.
  • One such newer device is the iPOS TC transaction terminal available from the Assignee of the instant invention.
  • the iPOS TC is a web- enabled payment device for secure debit and credit transactions. Dual channels securely simultaneously transmit electronic transaction and signature data on one channel and advertising and promotional media from the World-Wide Web (the web), on the other.
  • These newer devices are more programmable and have more functionality than the older conventional devices. Because of their status on the web, however, they are increasingly susceptible to attacks by hackers. These malfeasants may re-program the device, for example, to make information normally encrypted appear in the clear or to
  • Figures 1 and 2 illustrate the touch pad of a payment device, according to one embodiment of the invention.
  • Figure 3 illustrates the circuitry of a payment device, according to one embodiment of the invention.
  • FIG. 3 illustrates the circuitry 3 of a payment device according to one embodiment of the invention.
  • the circuitry 3 includes a microprocessor 31, an encryption circuit 32, a MSR circuit 33, a signature- capture circuit 34, first and second display controllers 35, 3B, a touch-pad controller 36, a security-icon display 37, a touch pad 1 and a (general) display 39.
  • the microprocessor 31 communicatively couples to the encryption circuit 32, the MSR circuit 33, the signature-capture circuit 34 and the display controller 35.
  • the encryption circuit 32 communicatively couples with the display controller 3B that itself communicatively couples with the security display 37.
  • the display controller 35 and the (general) display 39 communicatively couple.
  • the encryption circuit 32 communicatively couples with the touch pad controller 36 that itself communicatively couples with the touch pad 1.
  • U.S. Patent Application No. 09/588,109 describes an encryption circuit 32. That encryption circuit 32 may include a CPU, a memory, a touch-pad interface and a POS-system interface (all not shown here).
  • the memory of the encryption circuit 32 may be programmed to perform the invention as described herein, including receiving, converting and encrypting input from the controller 36.
  • the encryption circuit 32 may include an application-specific integrated circuit (ASIC) or other hardware for performing encryption.
  • ASIC application-specific integrated circuit
  • the controllers 32, 33, 34, 35 and 36 are preferably within a single chip 3A (which also has a microprocessor as described above). Alternatively, a chip with an embedded microprocessor and other components (such as a digital-signal-processor block) to implement the various algorithms described herein) may be used instead.
  • the Intel XscaleTM Microarchitecture from Intel Corp. (Santa Clara, California) is an example. (See http://developer.intel.com/design/intelxscale/index.htm.)
  • the circuit 3A may be embedded using the chip-on-glass process known in the art.
  • the circuit 3A may be one or more ASICs.
  • FIGS 1 and 2 illustrate the touch pad 1 of a payment device, according to one embodiment of the invention.
  • the touch pad 1 may include a conductive flexible membrane 11, insulated dots 18 and a rigid backer 14. Between the membrane 11 and the rigid substrate 14, the touch pad 1 may include the display 37, control circuitry 3A and a communications link 16.
  • the display 37 may be one or more LCDs, one or more LEDs of the art or both.
  • the link 16 communicatively couples the control circuit 3A and the display 37.
  • keypad obfuscation Lungaro et al., U.S. Patent Application No. 09/588,109, "A Secure, Encrypting PIN Pad,” encrypts PIN pad data before the data travels beyond the PIN pad.
  • the touch pad 1 described herein may apply keypad obfuscation to data entered on it. Data such as PIN and account numbers may be obfuscated, as may data for transmission to payment processors, keys for password verification and program validation, etc.
  • the encryption circuit 32 may provide this service.
  • the signature-capture circuit 34 enables the device 1 to capture and validate signatures entered via the touch pad 1.
  • the encryption circuit 32 may direct the display controller 3B to display an icon or other predetermined indicator visible to the customer on the display 37.
  • the encryption circuit 32 may do so when it has determined that data to be entered on the touch pad 1 will be secure.
  • the visible indicator ensures the user that the device 1 is indeed secure for data entry.
  • the touchpad would be used primarily for data entry (e.g., as a graffiti pad).
  • the encryption functions are not used.
  • the security functions are activated.
  • a typical transaction may progress as follows:
  • the microprocessor 31 initiates the display of, say, a virtual PIN pad on the display 39 by invoking a software routine, say, the Virtual PIN Pad routine (VPPR).
  • the VPPR cues the security circuit 32 to initialize the security functions. Among the initializations is the display of the secure icon on the display 37.
  • the VPPR cue to the security circuit 32 may include a binary code. If the security circuit 32 does not recognize the code, it does not display the security icon on the display 37. If a further level of security is deemed necessary, the original VPPR may have a code generator synchronized with the security circuit 32. Then the binary coded cue changes each time it is generated. Then the user enters PIN data which is directed to the cryptography block 32 for encryption. Thus, information leaving the glass is encrypted.
  • a hypothesized hacker seeks to bypass the security block 32 to obtain unencrypted PIN data. Assume, arguendo, that he gains control of the microprocessor 31 and uses software of his design to mimic the actions of the original VPPR. He attempts to cue the microprocessor 32 to display the security icon.
  • the ersatz VPPR has to generate the valid cue. If the security block 32 does not recognize the code proffered, it will not initiate the display of the security icon. The user recognizes the absence of the security icon and refrains from entering sensitive data (e.g., a PIN). Indeed, the encryption circuit 32 may initiate the disablement of the PDA.
  • sensitive data e.g., a PIN
  • the device 1 may have a separate visible indicator for each type of data that a customer may enter.
  • a first icon may indicate a device 1 secure for PIN entry, while a second different icon may indicate that the device 1 is secure for signatures.
  • a single visible indicator may indicate that two or more types of data may be entered securely or that any of multiple types of data may be entered securely.
  • a visible security indicator is not part of the main display 39 of a touchscreen incorporating the touch pad 1 but is a separate display 37 under different control than the main display 39.
  • the main display 39 of a touchscreen is typically under the programmatic control of ⁇ processor 31 while the display 37 is under the control of the security circuit 32.
  • Data entered on and encrypted by the touch pad 1 is made available to external processors by means of a communications link from the control circuit 3A. This may be the "pigtail" of the art.
  • the class of devices incorporating a touch pad 1 may include point-of-sale (POS) devices, automated teller machines (ATMs), kiosks, mobile phones, keyboards, internet-protocol phones (Voice Over IP or VoIP), laptops and entertainment consoles. Payment terminals, internet appliances and PDAs have already been mentioned.
  • POS point-of-sale
  • ATMs automated teller machines
  • kiosks mobile phones
  • keyboards keyboards
  • internet-protocol phones Voice Over IP or VoIP
  • laptops laptops and entertainment consoles.
  • Payment terminals, internet appliances and PDAs have already been mentioned.
  • a device incorporating a touch pad 1 helps to reduce the cost of a card-payment transaction.
  • the physical security reduces or eliminates the opportunity for fraud.
  • Touch-pad data including PINs, passwords and signatures — are encrypted at the point-of- entry to ensure the security of this information and decrease the cost of the transaction.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • Theoretical Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • Computer Security & Cryptography (AREA)
  • Software Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Mathematical Physics (AREA)
  • User Interface Of Digital Computer (AREA)
  • Communication Control (AREA)

Abstract

L'invention concerne un appareil et des procédés destinés à entrer des données de façon sécurisée. L'appareil comprend un dispositif destiné à entrer des données, un affichage destiné à afficher des informations confirmant la sécurité de l'appareil d'entrée de données et un circuit de chiffrement, couplé de manière communicative au dispositif d'entrée de données et à l'affichage. Le dispositif destiné à entrer des données peut être un clavier à effleurement. Le premier et le second affichage sont séparés physiquement et commandés par des unités de commande respectives, couplées à leur tour de manière communicative à un circuit de chiffrement et commandées par ce dernier. Les informations affichées peuvent être une icone. L'appareil d'entrée de données évite d'afficher des informations faisant valoir la capacité du dispositif à recevoir des données de manière sécurisée. Ce dispositif se prépare ensuite à recevoir des données chiffrées reçues, puis affiche des informations faisant valoir la capacité du dispositif d'entrée de données à recevoir les données de manière sécurisée.
EP01989739A 2000-11-21 2001-11-21 Clavier a effleurement confirmant sa securite Withdrawn EP1386207A2 (fr)

Applications Claiming Priority (5)

Application Number Priority Date Filing Date Title
US25280000P 2000-11-21 2000-11-21
US252800P 2000-11-21
US887150 2001-06-21
US09/887,150 US20020196237A1 (en) 2001-06-21 2001-06-21 Touch pad that confirms its security
PCT/US2001/043626 WO2002042891A2 (fr) 2000-11-21 2001-11-21 Clavier a effleurement confirmant sa securite

Publications (1)

Publication Number Publication Date
EP1386207A2 true EP1386207A2 (fr) 2004-02-04

Family

ID=26942676

Family Applications (1)

Application Number Title Priority Date Filing Date
EP01989739A Withdrawn EP1386207A2 (fr) 2000-11-21 2001-11-21 Clavier a effleurement confirmant sa securite

Country Status (3)

Country Link
EP (1) EP1386207A2 (fr)
AU (1) AU2002228624A1 (fr)
WO (1) WO2002042891A2 (fr)

Families Citing this family (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US8793786B2 (en) 2008-02-08 2014-07-29 Microsoft Corporation User indicator signifying a secure mode
WO2011051757A1 (fr) * 2009-10-26 2011-05-05 Gmx Sas Dispositif de transaction destiné à être utilisé pour des transactions impliquant des informations sécurisées et non sécurisées
WO2013183010A1 (fr) * 2012-06-05 2013-12-12 Fundamo (Pty) Ltd Dispositif d'entrée auxiliaire pour entrée de données chiffrées
DE102014224676B4 (de) 2014-12-02 2022-03-03 Aevi International Gmbh Benutzerschnittstelle und Verfahren zur geschützten Eingabe von Zeichen

Family Cites Families (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CA2078020C (fr) * 1992-09-11 2000-12-12 Rodney G. Denno Clavier et terminal connexes
US5832206A (en) * 1996-03-25 1998-11-03 Schlumberger Technologies, Inc. Apparatus and method to provide security for a keypad processor of a transaction terminal
US5970146A (en) * 1996-05-14 1999-10-19 Dresser Industries, Inc. Data encrypted touchscreen
US5768386A (en) * 1996-05-31 1998-06-16 Transaction Technology, Inc. Method and system for encrypting input from a touch screen
AU3898200A (en) * 1999-03-24 2000-10-09 Radiant Systems, Inc. System for securing entry of encrypted and non-encrypted information on a touch screen

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
See references of WO0242891A3 *

Also Published As

Publication number Publication date
WO2002042891A3 (fr) 2003-11-13
AU2002228624A1 (en) 2002-06-03
WO2002042891A2 (fr) 2002-05-30

Similar Documents

Publication Publication Date Title
US11823186B2 (en) Secure wireless card reader
CN105164694B (zh) 可信终端平台
EP3394811B1 (fr) Procédé et système pour améliorer la sécurité d'une transaction
US8108317B2 (en) System and method for restricting access to a terminal
CN103714460B (zh) 使用安全输入和非安全输出来验证交易的方法
US20140195429A1 (en) Method for protecting cardholder data in a mobile device that performs secure payment transactions and which enables the mobile device to function as a secure payment terminal
WO2006120365A1 (fr) Transactions securisees a l'aide d'un ordinateur personnel
CN115311779B (zh) 用于保护在消费者移动设备和计算装置上的个人识别号码输入隐私的系统和方法
KR20100016579A (ko) 크리덴셜 배포를 위한 시스템 및 방법
BR112015000980B1 (pt) Método de verificação implementado por computador
EP2915116A1 (fr) Environnement informatique sécurisé
US20020196237A1 (en) Touch pad that confirms its security
CN104937626A (zh) 认证设备和相关方法
US20120095919A1 (en) Systems and methods for authenticating aspects of an online transaction using a secure peripheral device having a message display and/or user input
AU2019204157A1 (en) Method, system and device for e-commerce payment intelligent access control
KR20170133307A (ko) 실물카드를 이용한 온라인 금융거래 본인인증 시스템 및 방법
EP2713328B1 (fr) Validation d'une transaction avec une entrée sécurisée sans nécessiter de saisie de code pin
US7305565B1 (en) Secure, encrypting pin pad
US11551220B2 (en) Method for processing transaction data, corresponding communications terminal, card reader and program
Petri An introduction to smart cards
EP1386207A2 (fr) Clavier a effleurement confirmant sa securite
US20150288684A1 (en) Device assembly for carrying out or enabling an electronic service and a method for securely inputting authorization data
US10146966B2 (en) Device for processing data from a contactless smart card, method and corresponding computer program
CN102654896A (zh) 数字签名设备显示交易数据关键信息的方法
CA3043405C (fr) Procede de traitement de donnees transactionnelles, terminal de communication, lecteur de cartes et programme correspondant

Legal Events

Date Code Title Description
PUAI Public reference made under article 153(3) epc to a published international application that has entered the european phase

Free format text: ORIGINAL CODE: 0009012

17P Request for examination filed

Effective date: 20020827

AK Designated contracting states

Kind code of ref document: A2

Designated state(s): AT BE CH CY DE DK ES FI FR GB GR IE IT LI LU MC NL PT SE TR

AX Request for extension of the european patent

Extension state: AL LT LV MK RO SI

RBV Designated contracting states (corrected)

Designated state(s): DE FR GB

17Q First examination report despatched

Effective date: 20050707

STAA Information on the status of an ep patent application or granted ep patent

Free format text: STATUS: THE APPLICATION IS DEEMED TO BE WITHDRAWN

18D Application deemed to be withdrawn

Effective date: 20101001