Classifications

• • G—PHYSICS
  • G07—CHECKING-DEVICES
  • G07F—COIN-FREED OR LIKE APPARATUS
  • G07F19/00—Complete banking systems; Coded card-freed arrangements adapted for dispensing or receiving monies or the like and posting such transactions to existing accounts, e.g. automatic teller machines
  • G07F19/20—Automatic teller machines [ATMs]
  • G07F19/201—Accessories of ATMs
• • G—PHYSICS
  • G06—COMPUTING OR CALCULATING; COUNTING
  • G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
  • G06Q20/00—Payment architectures, schemes or protocols
  • G06Q20/08—Payment architectures
  • G06Q20/10—Payment architectures specially adapted for electronic funds transfer [EFT] systems; specially adapted for home banking systems
  • G06Q20/108—Remote banking, e.g. home banking
  • G06Q20/1085—Remote banking, e.g. home banking involving automatic teller machines [ATMs]
• • G—PHYSICS
  • G07—CHECKING-DEVICES
  • G07F—COIN-FREED OR LIKE APPARATUS
  • G07F19/00—Complete banking systems; Coded card-freed arrangements adapted for dispensing or receiving monies or the like and posting such transactions to existing accounts, e.g. automatic teller machines
  • G07F19/20—Automatic teller machines [ATMs]
• • G—PHYSICS
  • G07—CHECKING-DEVICES
  • G07F—COIN-FREED OR LIKE APPARATUS
  • G07F19/00—Complete banking systems; Coded card-freed arrangements adapted for dispensing or receiving monies or the like and posting such transactions to existing accounts, e.g. automatic teller machines
  • G07F19/20—Automatic teller machines [ATMs]
  • G07F19/206—Software aspects at ATMs
• • G—PHYSICS
  • G07—CHECKING-DEVICES
  • G07F—COIN-FREED OR LIKE APPARATUS
  • G07F7/00—Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus
  • G07F7/08—Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means
• • G—PHYSICS
  • G07—CHECKING-DEVICES
  • G07F—COIN-FREED OR LIKE APPARATUS
  • G07F7/00—Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus
  • G07F7/08—Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means
  • G07F7/0806—Details of the card
  • G07F7/0833—Card having specific functional components

Definitions

• the present invention relates to secure terminals, such as for example bank terminals or health terminals.
• a bank terminal connected to a telecommunications network, enables a bank type transaction to be carried out by inserting a bank card of the magnetic and / or chip type in the terminal, authentication of the card holder, and input of the nature and details of the transaction.
• a health terminal connected to a telecommunications network, similarly allows access to medical or social security data concerning a holder of a magnetic and / or smart type health card.
• FIG. 1 illustrates the functional diagram of a secure terminal TS, in particular banking, according to the prior art.
• Such a terminal integrates a set of functions, such as: a central processing unit 1 (microcontroller),
• a means of connection to a telecommunications network such as a modem 10
• a telecommunications network such as a modem 10
• a power supply 11 (battery and / or mains).
• buses 12 of different natures (power supply, memory, control) and are well known to those skilled in the art.
• the whole is based on one or more printed circuits distributed in one or more boxes.
• the realization of this type of terminal is conventional except that certain security elements must be added in order to prohibit any manipulation that can alter or extract confidential or financial information (personal identification code PIN, bank transactions, medical files, etc.). ..).
• the central unit microcontroller
• memories and certain sensitive data input / output devices are confined in the same box.
• This box has an intrusion detector in order to guarantee the integrity of the security domain of said box.
• Security remains mainly physical for this type of solution.
• the sensitive data which travels on the buses and between the functional units is encrypted.
• This mode is generally restricted to the central unit which encrypts this data to the memories or the remote sets via the modem.
• a first configuration is a monolithic assembly, in which all the functional sub-assemblies are grouped in a single housing.
• a second configuration is the bi-module assembly, in which the functional sub-assemblies are grouped in two boxes in two combinations. According to the first combination, in a first box are grouped all the sub-assemblies except the printer and the main power supply, and in a second box are grouped together the printer and the main power supply (for example the sector). According to the second combination, in a first housing are grouped all the sub-assemblies except the main power supply, and in a second housing is the main power supply (for example the sector).
• a first object of the present invention is to reduce the cost of a secure terminal.
• a second object of the invention is to improve the security of a secure terminal. At least one of these objects is reached by a secure terminal according to claim 1.
• the noble functions can be dissociated from those which are not.
• the central processing unit, memory, applications and data, as well as the security associated with protecting these elements are of great value. within a secure terminal.
• the ancillary peripherals such as the printer, the card reader, the modem have a low added value. The same goes for power and mechanics (housing). With the secure terminal according to the invention, the most valued part of the terminal is detached from the peripheral peripherals and concentrates the security efforts.
• the secure terminal according to the invention therefore has advantages both economically and in terms of security.
• FIG. 2 schematically illustrates the functional elements of a secure terminal, in particular banking, according to the invention.
• FIG. 2 illustrates the functional breakdown of a secure banking terminal TS 'according to the invention.
• the valued part is confined within a protected SEP sub-assembly which includes: - a central unit 1,
• keyboard 2 which is a delicate device to protect.
• the display 5 can be a constituent element of this protected SEP sub-assembly, in particular if the latter does not have an encryption means.
• the display 5 can be a constituent element of the basic sub-assembly SEB constituting the part with low added value.
• an encrypted communication can be established with the display.
• the display has symmetrical or asymmetrical cryptographic means.
• the basic SEB subset includes:
• a means of connection to a telecommunications network such as a modem 10
• a telecommunications network such as a modem 10
• a power supply 11 (battery and / or mains).
• This protected sub-assembly can be inserted, for example via a connector 13, into a basic SEB sub-assembly constituting in the part with low added value.
• the connector 13 is for example a connector of the PCMCIA type. There is no need for the SEB base subset to be certified.
• the part (s) with low added value are grouped in one or more boxes and one of them is intended to contain the valued and detachable SEP sub-assembly.
• the SEP protected sub-assembly includes:
• the means ensuring security for example the SAM module, etc.
• the SEP protected sub-assembly constitutes a detachable module, easily distributable and integrable in a bank terminal of the same manufacturer or a third party (OEM Original Equipment Manufacturer "or ODM" Original Design Manufacturer ").
• the SEP protected sub-assembly constitutes, for example, a sealed module, which cannot be dismantled without destruction. It can be certified. It contains the keyboard for entering sensitive data.
• the connection between the keyboard 2 and the microcontroller 1 of the SEP protected sub-assembly is direct, internal and not accessible outside the protected sub-assembly.
• the sealing of the SEP protected sub-assembly prohibits any repair but authorizes the use of insecure components.
• the SEP protected sub-assembly can be manufactured from standard components, including in particular a standard keyboard whose securing is simple and economical.
• the level of security achieved is that traditionally known as “obvious fraud detection” (or “obvious tamper”).
• the solution according to the invention also makes it possible to solve the migration and maintenance problems.
• the invention it is possible to standardize the dimensions and / or the connection of the SEP protected sub-assembly in order to allow a simplified migration for the terminal manufacturer. Indeed, the latter can develop the architecture and technology of the SEP protected sub-assembly according to the opportunities offered by the market.

Landscapes

• Business, Economics & Management (AREA)
• Accounting & Taxation (AREA)
• Physics & Mathematics (AREA)
• Finance (AREA)
• General Physics & Mathematics (AREA)
• Development Economics (AREA)
• Strategic Management (AREA)
• General Business, Economics & Management (AREA)
• Economics (AREA)
• Engineering & Computer Science (AREA)
• Theoretical Computer Science (AREA)
• Storage Device Security (AREA)
• Accessory Devices And Overall Control Thereof (AREA)

Priority Applications (1)

Applications Claiming Priority (3)

Publications (1)

Family

ID=34486489

Family Applications (2)

Family Applications Before (1)

Country Status (3)

Families Citing this family (3)

Family Cites Families (7)

• 2003
  • 2003-12-18 EP EP03293219A patent/EP1544818A1/de not_active Withdrawn
• 2004
  • 2004-12-16 EP EP04806364A patent/EP1700280A1/de not_active Ceased
  • 2004-12-16 WO PCT/IB2004/004160 patent/WO2005062266A1/fr not_active Ceased
  • 2004-12-16 US US10/583,571 patent/US7757102B2/en not_active Expired - Lifetime

Non-Patent Citations (1)

Also Published As

Similar Documents

Legal Events