PIN ENCRYPTION DEVICE SECURITY

US 20080288403A1
Filed: 05/18/2007
Published: 11/20/2008
Est. Priority Date: 05/18/2007
Status: Abandoned Application

First Claim

Patent Images

1. A method for securing transaction data, comprising:

reading token data from a token using a read apparatus and encrypting the token data at the read apparatus;

sending the encrypted token data to a security module over a communication link; and

verifying the integrity of the communication link based on encrypted token data.

View all claims

9 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

An apparatus and method for securing transaction data, includes reading token data from a token using a read apparatus and encrypting the token data at the read apparatus, sending the encrypted token data to a security module over a communication link, and verifying the integrity of the communication link based on encrypted token data. The apparatus and method can further include receiving authentication data for the token and encrypting the authentication data within the security module, and combining the encrypted token data and encrypted authentication data into a transaction data stream. In various embodiments, a detection apparatus with plurality of read structures (for example, read gaps), can be used to provide additional information in verifying the integrity of the communication link comprises determining whether the read structures are detecting token data with a spatially diversity in accordance with a geometry of the read structures.

113 Citations

View as Search Results

23 Claims

1. A method for securing transaction data, comprising:
- reading token data from a token using a read apparatus and encrypting the token data at the read apparatus;
  
  sending the encrypted token data to a security module over a communication link; and
  
  verifying the integrity of the communication link based on encrypted token data.
- View Dependent Claims (2, 3, 4, 5, 6, 7)
- - 2. The method of claim 1, further comprising the steps of:
    - receiving authentication data for the token and encrypting the authentication data within the security module; and
      
      combining the encrypted token data and encrypted authentication data into a transaction data stream.
  - 3. The method of claim 1, wherein the step of reading token data comprises the step of detecting token data at a plurality of read structures, and the step of verifying the integrity of the communication link comprises determining whether the read structures are detecting token data with a spatially diversity in accordance with a geometry of the read structures.
  - 4. The method of claim 1, wherein the step of reading token data comprises the step of detecting token data at a plurality of read structures, and the step of verifying the integrity of the communication link comprises detecting distances between transitions based on distances between the read structures.
  - 5. The method of claim 1, wherein the step of reading token data comprises the step of detecting token data at a plurality of read structures, and the step of verifying the integrity of the communication link comprises determining whether the first gap detects data different from that detected by the second gap at a given read time.
  - 6. The method of claim 1, wherein the step of reading token data comprises the step of detecting token data at a plurality of read structures, and the step of verifying the integrity of the communication link comprises determining whether, over a predetermined time period, the first and second gaps are sensing the same transitions at substantially the same time to verify the integrity of the link.
  - 7. The method of claim 1, further comprising the step of generating an alert if the integrity of the link is determined to be compromised.

8. A transaction terminal, comprising:
- a token data encryption module configured to encrypt data read from a token at the terminal;
  
  a communication link coupled to the encryption module and a verification module coupled to the communication link and configured to verify the integrity of the communication link.
- View Dependent Claims (9, 10, 11, 12, 13, 14, 15, 16)
- - 9. The transaction terminal of claim 8, further comprisinga user interface configured to accept authentication data for the token and an authentication data encryption module coupled to the interface;
    - anda data packaging module coupled to the authentication data encryption module and to the communication link and configured to package the encrypted authentication data and the encrypted token data into transaction data.
  - 10. The transaction terminal of claim 8, further comprising a secure module enclosing the authentication encryption module.
  - 11. The terminal of claim 8, wherein the data capture device is a multi-gap magnetic read head.
  - 12. The terminal of claim 8, wherein the data capture device comprises multiple read structures.
  - 13. The terminal of claim 12, wherein the verification module is further configured to determine whether the read structures are detecting token data with a spatially diversity in accordance with a geometry of the read structures.
  - 14. The terminal of claim 12, wherein the verification module is further configured to detect distances between transitions based on distances between the read structures.
  - 15. The terminal of claim 12, wherein the verification module is further configured to determine whether the first gap detects data different from that detected by the second gap at a given read time.
  - 16. The terminal of claim 12, wherein the verification module is further configured to determine whether, over a predetermined time period, the first and second gaps sense the same transitions at substantially the same time to verify the integrity of the link.

17. A computer program product having a computer program embodied in a computer readable medium adapted to verify the integrity of token data read at a transaction terminal, the computer program comprising machine readable code adapted to cause a processing device to:
- read token data from a token using a read apparatus and encrypting the token data at the read apparatus;
  
  send the encrypted token data to a security module over a communication link; and
  
  verify the integrity of the communication link based on encrypted token data.
- View Dependent Claims (18, 19, 20, 21, 22, 23)
- - 18. The computer program product of claim 17, further comprising machine readable code adapted to cause a processing device to:
    - receive authentication data for the token and encrypting the authentication data within the security module; and
      
      combine the encrypted token data and encrypted authentication data into a transaction data stream.
  - 19. The computer program product of claim 17, wherein the machine readable code adapted to cause a processing device to read token data comprises machine readable code adapted to cause a processing device to detect token data at a plurality of read structures, and the machine readable code adapted to cause a processing device to verify the integrity of the communication link comprises machine readable code adapted to cause a processing device to determine whether the read structures are detecting token data with a spatially diversity in accordance with a geometry of the read structures.
  - 20. The computer program product of claim 17, wherein the machine readable code adapted to cause a processing device to read token data comprises machine readable code adapted to cause a processing device to detect token data at a plurality of read structures, and the machine readable code adapted to cause a processing device to verify the integrity of the communication link comprises machine readable code adapted to cause a processing device to detect distances between transitions based on distances between the read structures.
  - 21. The computer program product of claim 17, wherein the machine readable code adapted to cause a processing device to read token data comprises machine readable code adapted to cause a processing device to detect token data at a plurality of read structures, and the machine readable code adapted to cause a processing device to verify the integrity of the communication link comprises machine readable code adapted to cause a processing device to determine whether the first gap detects data different from that detected by the second gap at a given read time.
  - 22. The computer program product of claim 17, wherein the machine readable code adapted to cause a processing device to read token data comprises machine readable code adapted to cause a processing device to detect token data at a plurality of read structures, and the machine readable code adapted to cause a processing device to verify the integrity of the communication link comprises machine readable code adapted to cause a processing device to determine whether, over a predetermined time period, the first and second gaps are sensing the same transitions at substantially the same time to verify the integrity of the link.
  - 23. The computer program product of claim 17, wherein the machine readable code further comprises machine readable code adapted to cause a processing device to generate an alert if the integrity of the link is determined to be compromised.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Verifone, Inc. (Verifone Systems, Inc.)
Original Assignee
Verifone, Inc. (Verifone Systems, Inc.)
Inventors
von Mueller, Clay

Application Number

US11/750,511
Publication Number

US 20080288403A1
Time in Patent Office

Days
Field of Search
US Class Current

705/44
CPC Class Codes

G06F 21/42   using separate channels for...

G06Q 20/40   Authorisation, e.g. identif...

H04L 63/0853   using an additional device,...

H04L 63/12   Applying verification of th...

H04L 63/18   using different networks or...

PIN ENCRYPTION DEVICE SECURITY

First Claim

9 Assignments

0 Petitions

Accused Products

Abstract

113 Citations

23 Claims

Specification

Solutions

Use Cases

Quick Links

PIN ENCRYPTION DEVICE SECURITY

First Claim

9 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

113 Citations

23 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links