Pay at pump encryption device

US 20080103980A1
Filed: 10/31/2006
Published: 05/01/2008
Est. Priority Date: 10/31/2006
Status: Active Grant

First Claim

Patent Images

1. A system for securing information using cryptographically keyed units, the system comprising:

a. a pump device;

b. a first cryptographically keyed unit (“

CKU”

) receiving output information from the pump device over a first connection, wherein the first CKU comprises a first authentication unit for encrypting the output information;

c. a second CKU receiving the encrypted output information from the first CKU over a second connection that is unsecured, wherein the second CKU comprises a second authentication unit that decrypts the encrypted output information; and

d. a remote device that receives the output information from the second CKU.

View all claims

10 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Embodiments of the present invention are drawn to systems and methods for securing information using cryptographically keyed units. Specifically, in one embodiment of the present invention, a system is provided for securing information that uses two cryptographically keyed units to encrypt information flowing between a fuel pump device and a remote device. Thus, even if the information is intercepted, it could not be used to perpetrate fraud.

Citations

46 Claims

1. A system for securing information using cryptographically keyed units, the system comprising:
- a. a pump device;
  
  b. a first cryptographically keyed unit (“
  
  CKU”
  
  ) receiving output information from the pump device over a first connection, wherein the first CKU comprises a first authentication unit for encrypting the output information;
  
  c. a second CKU receiving the encrypted output information from the first CKU over a second connection that is unsecured, wherein the second CKU comprises a second authentication unit that decrypts the encrypted output information; and
  
  d. a remote device that receives the output information from the second CKU.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13)
- - 2. The system of claim 1, wherein the first connection and the second connection each use at least one of a current loop, RS485, RS422, RS232, or LON communications protocol.
  - 3. The system of claim 2, further comprising a pump housing that contains the pump device and the first CKU.
  - 4. The system of claim 3, wherein the remote device is at least one of another CKU, a point-of-sale terminal, a pump device, or a site controller.
  - 5. The system of claim 4, wherein the first CKU comprises a processor and a memory.
  - 6. The system of claim 5, wherein the output information comprises at least one of consumer payment information or consumer identity information.
  - 7. The system of claim 6, further comprising one or more tamper sensors coupled to the first CKU, wherein triggering of at least one of the one or more tamper sensors causes one or more pump devices to cease operation.
  - 8. The system of claim 7, wherein a sensor is at least one of an open door sensor, motion sensor, echo-cavitation sensor, or light sensor.
  - 9. The system of claim 8, wherein the memory stores a log comprising information from at least one of the one or more sensors.
  - 10. The system of claim 9, wherein the first authentication unit and the second authentication unit utilize one of a symmetric or asymmetric encryption algorithm.
  - 11. The system of claim 10, wherein the first authentication unit and the second authentication unit each comprise a secure authentication module.
  - 12. The system of claim 11, further comprising an enclosure that contains the first CKU, wherein the enclosure is located within the pump housing.
  - 13. The system of claim 12, wherein the pump device is at least one of a dispenser, pay-at-pump terminal, controller, electronic payment controller, magnetic card reader, bar code reader, biometric reader, radio frequency reader, or smartcard reader.

14. A method for securing information using cryptographically keyed units, comprising the steps of:
- a. receiving at a first cryptographically keyed unit (“
  
  CKU”
  
  ) output information from a pump device over a first connection;
  
  b. encrypting the output information by the first CKU;
  
  c. transmitting the encrypted information from the first CKU to a second CKU over a second connection, wherein the second connection is unsecured;
  
  d. receiving and decrypting the encrypted information by the second CKU to produce the output information; and
  
  e. communicating the output information from the second CKU to a remote device.
- View Dependent Claims (15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30)
- - 15. The method of claim 14, wherein the receiving at a first CKU step comprises:
    - a. receiving at a first CKU information from a plurality of pump devices over at least a first connection; and
      
      b. combining the information received from the plurality of pump devices to create the output information.
  - 16. The method of claim 15, wherein the combining step comprises multiplexing the information from a plurality of pump devices to create the output information.
  - 17. The method of claim 14, wherein the first connection and the second connection each use at least one of a current loop, RS485, RS422, RS232, or LON communications protocol.
  - 18. The method of claim 17, wherein the pump device is at least one of a dispenser, pay-at-pump terminal, controller, electronic payment controller, magnetic card reader, bar code reader, biometric reader, radio frequency reader, or smartcard reader.
  - 19. The method of claim 18, wherein the output information comprises at least one of consumer payment information or consumer identity information.
  - 20. The method of claim 14, wherein the encrypting step comprises encrypting the output information using one of a symmetric or asymmetric encryption algorithm.
  - 21. The method of claim 14, wherein the remote device is at least one of another CKU, a point-of-sale terminal, a pump device, or a site controller.
  - 22. The method of claim 14, wherein the first CKU is installed in a pump housing that contains the pump device.
  - 23. The method of claim 22, wherein the first CKU comprises a processor and a memory.
  - 24. The method of claim 23, further comprising the step of monitoring by the first CKU one or more sensors for an indication that there has been tampering with at least one of the pump device or the pump housing.
  - 25. The method of claim 24, wherein a sensor is at least one of an open door sensor, motion sensor, echo-cavitation sensor, or light sensor.
  - 26. The method of claim 25, further comprising the steps of:
    - a. determining by at least one of the one or more sensors that at least one of the pump device or the pump housing has been tampered with; and
      
      b. sending a message to the second CKU that tampering has occurred.
  - 27. The method of claim 26, further comprising the step of disabling operation of one or more pump devices until a command is received to resume operation.
  - 28. The method of claim 24, further comprising the step of logging sensor information.
  - 29. The method of claim 14, wherein the second CKU comprises one or more software modules.
  - 30. The method of claim 14, wherein the first CKU and the second CKU each comprise a secure authentication module for performing encryption and decryption.

31. A method for securing information using cryptographically keyed units, comprising the steps of:
- a. receiving over a first connection at a first cryptographically keyed unit (“
  
  CKU”
  
  ) payment information from a pump device located within a pump housing, wherein the first CKU is located in an enclosure installed in the pump housing;
  
  b. encrypting the payment information by the first CKU to create encrypted information;
  
  c. transmitting the encrypted information from the first CKU to a second CKU over a second connection;
  
  d. receiving and decrypting the encrypted information by the second CKU to produce the payment information;
  
  e. communicating the payment information from the second CKU to a remote device;
  
  f. monitoring by the first CKU one or more sensors for an indication that at least one of the pump device, the pump housing, or the enclosure has been tampered with, wherein a sensor is at least one of an open door sensor, motion sensor, echo-cavitation sensor, or light sensor; and
  
  g. disabling operation of one or more pump devices upon determining by the one or more sensors that there has been tampering with at least one of the pump device, the pump housing, or the enclosure.
- View Dependent Claims (32, 33, 34, 35, 36)
- - 32. The method of claim 31, wherein the first connection and the second connection each use at least one of a current loop, RS485, RS422, RS232, or LON communications protocol.
  - 33. The method of claim 32, wherein the pump device is at least one of a dispenser, pay-at-pump terminal, controller, electronic payment controller, magnetic card reader, bar code reader, biometric reader, radio frequency reader, or smartcard reader.
  - 34. The method of claim 33, wherein the encrypting step comprises encrypting the payment information using one of a symmetric or asymmetric encryption algorithm.
  - 35. The method of claim 34, wherein the remote device is at least one of another CKU, a point-of-sale terminal, a pump device, or a site controller.
  - 36. The method of claim 31, further comprising the step of logging sensor information.

37. A method for retrofitting a pump to provide for secure communications, the method comprising the steps of:
- a. mounting a first encryption device in a housing of the pump, wherein the pump comprises a pump device that communicates with a remote device through a communications channel;
  
  b. inserting the first encryption device in the communications channel between the pump device and the remote device, wherein the first encryption device encrypts information being sent over the communications channel from the pump device to the remote device; and
  
  c. inserting a second encryption device in the communications channel between the first encryption device and the remote device, wherein the second encryption device decrypts information received from the first encryption device and communicates the decrypted information to the remove device.
- View Dependent Claims (38, 39, 40, 41, 42, 43, 44, 45, 46)
- - 38. The method of claim 37, further comprising the steps of:
    - a. installing a tamper sensor within the pump housing; and
      
      b. connecting the tamper sensor to the first encryption device so that the tamper sensor can be monitored.
  - 39. The method of claim 38, wherein a sensor is at least one of an open door sensor, motion sensor, echo-cavitation sensor, or light sensor.
  - 40. The method of claim 39, further comprising the step of configuring the first encryption device to disable one or more pump devices upon receiving an indication from the sensor that there has been tampering.
  - 41. The method of claim 37, further comprising the step of encasing the first encryption device in an enclosure.
  - 42. The method of claim 37, further comprising the step of configuring the first encryption device to receive information from a second pump device.
  - 43. The method of claim 37, wherein the pump device and the remote device communicate using at least one of a current loop, RS485, RS422, RS232, or LON communications protocol.
  - 44. The method of claim 37, wherein the second encryption device comprises one or more software modules.
  - 45. The method of claim 37, wherein the remote device is at least one of another encryption device, a point-of-sale terminal, a fuel pump device, or a site controller.
  - 46. The method of claim 37, wherein the pump device is at least one of a dispenser, pay-at-pump terminal, controller, electronic payment controller, magnetic card reader, bar code reader, biometric reader, radio frequency reader, or smartcard reader.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
NCR Voyix Corporation
Original Assignee
Radiant Systems Incorporated (NCR Voyix Corporation)
Inventors
Fortuna, James, Hervey, James, Finley, Michael C.

Granted Patent

US 7,966,262 B2
Time in Patent Office

Days
Field of Search
US Class Current

705/64
CPC Class Codes

G06Q 20/18   involving self-service term...

G06Q 20/24   Credit schemes, i.e. "pay a...

G06Q 20/3674   involving authentication

G06Q 20/382   insuring higher security of...

G06Q 20/3823   combining multiple encrypti...

G06Q 20/40   Authorisation, e.g. identif...

G07F 13/025   wherein the volume is deter...

G07F 7/1016   Devices or methods for secu...

H04L 2209/56   Financial cryptography, e.g...

H04L 2209/805   Lightweight hardware, e.g. ...

H04L 9/08   Key distribution or managem...

H04L 9/3234   involving additional secure...

Pay at pump encryption device

First Claim

10 Assignments

0 Petitions

Accused Products

Abstract

Citations

46 Claims

Specification

Solutions

Use Cases

Quick Links

Pay at pump encryption device

First Claim

10 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

46 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links