System and method for controlling secure content and non-secure content at a fuel dispenser or other retail device

US 20090265638A1
Filed: 10/10/2008
Published: 10/22/2009
Est. Priority Date: 10/10/2007
Status: Active Grant

First Claim

Patent Images

1. A method for controlling access to a user interface within a retail environment, comprising the steps of:

controlling a user-interface access switch within an anti-tampering module via a secure controller within the anti-tampering module, wherein the user-interface access switch is controlled via the secure controller to select either a secure source to provide secure content to the user interface or a non-secure source outside the anti-tampering module to provide non-secure content to the user interface;

selecting the secure source to provide the secure content to the user interface when the secure controller is in a secure mode; and

selecting the non-secure source to provide the non-secure content to the user interface when the secure controller is in a non-secure mode.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A retail payment, advertising, and content switching system and method are disclosed. According to one embodiment, a secure content source or a non-secure content source is allowed to drive a customer user interface, respectively, without compromising security requirements. The content may be video, audio, prompts, or any other type of content. A secure controller is provided to control one or more user input devices and a user interface access module to control whether a secure source or a non-secure source drives the user interface, depending on the security mode of the system. The secure controller, the user interface access module, and the customer input devices are provided in an anti-tampering module. The secure controller prevents the non-secure source from providing unauthorized prompts on the customer user interface to “fake out” the customer so that sensitive customer information is not passed “in the clear.”

Citations

54 Claims

1. A method for controlling access to a user interface within a retail environment, comprising the steps of:
- controlling a user-interface access switch within an anti-tampering module via a secure controller within the anti-tampering module, wherein the user-interface access switch is controlled via the secure controller to select either a secure source to provide secure content to the user interface or a non-secure source outside the anti-tampering module to provide non-secure content to the user interface;
  
  selecting the secure source to provide the secure content to the user interface when the secure controller is in a secure mode; and
  
  selecting the non-secure source to provide the non-secure content to the user interface when the secure controller is in a non-secure mode.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27)
- - 2. The method of claim 1, further comprising de-selecting the non-secure source to prevent it from providing the non-secure content to the user interface when the secure controller transitions from the non-secure mode to the secure mode.
  - 3. The method of claim 1, further comprising switching the secure controller to the secure mode if it is not in the secure mode when a transaction is requested by a customer.
  - 4. The method of claim 1, further comprising switching the secure controller to the secure mode if it is not in the secure mode when unsolicited input is received from a customer.
  - 5. The method of claim 4, further comprising disabling at least one customer input device associated with the anti-tampering module in response to the unsolicited input.
  - 6. The method of claim 4, further comprising enabling at least one customer input device associated with the anti-tampering module in response to authorization of the unsolicited input.
  - 7. The method of claim 1, further comprising controlling at least one customer input device associated with the anti-tampering module via the secure controller.
  - 8. The method of claim 7, further comprising enabling encryption of input from the at least one customer input device when the secure controller is in the secure mode.
  - 9. The method of claim 8, wherein the input further comprises payment authorization information and the encryption of the input further comprises encryption of the payment authorization information.
  - 10. The method of claim 1, further comprising receiving an input request from a non-secure controller associated with the non-secure source.
  - 11. The method of claim 10, further comprising switching the secure controller to the secure mode if it is in the non-secure mode in response to receiving the input request from the non-secure controller.
  - 12. The method of claim 11, further comprising authorizing the input request received from the non-secure controller.
  - 13. The method of claim 12, further comprising retrieving an authorized prompt if the input request received from the non-secure controller is authorized.
  - 14. The method of claim 13, further comprising providing the authorized prompt to the user interface if the input request is authorized.
  - 15. The method of claim 14, further comprising receiving a request to encrypt a response to the authorized prompt.
  - 16. The method of claim 15, further comprising enabling at least one customer input device associated with the anti-tampering module to encrypt the response to the authorized prompt.
  - 17. The method of claim 16, wherein the response to the authorized prompt is encrypted using a vendor-specific encryption algorithm.
  - 18. The method of claim 14, further comprising receiving a response to the authorized prompt.
  - 19. The method of claim 18, further comprising providing the response to the non-secure controller.
  - 20. The method of claim 1, wherein the user interface includes at least one of a video display and an audio output device, and controlling the user-interface access switch further comprises controlling signaling associated with the at least one of the video display and the audio output device.
  - 21. The method of claim 1, wherein the secure content further comprises at least one of secure video content and secure audio content, and controlling the user-interface access switch further comprises controlling signaling associated with the at least one of the secure video content and the secure audio content.
  - 22. The method of claim 1, wherein the non-secure content further comprises at least one of non-secure video content and non-secure audio content, and controlling the user-interface access switch further comprises controlling signaling associated with the at least one of the non-secure video content and the non-secure audio content.
  - 23. The method of claim 1, wherein the user-interface access switch further comprises hardware switching and controlling the user-interface access switch further comprises controlling signaling associated with the hardware switching.
  - 24. The method of claim 23, wherein the hardware switching further comprises at least one of a video switch and an audio switch and controlling the user-interface access switch further comprises controlling signaling associated with the at least one of the video switch and the audio switch.
  - 25. The method of claim 1, wherein the user-interface access module further comprises a software application and controlling the user-interface access switch further comprises controlling signaling associated with the software application.
  - 26. The method of claim 25, wherein the software application further comprises a streaming data application and controlling the user-interface access switch further comprises controlling signaling associated with the streaming data application.
  - 27. The method of claim 26, wherein controlling the user-interface access switch further comprises controlling the software application to control at least one transmission control protocol/Internet protocol (TCP/IP) socket.

28. A system for controlling access to a user interface within a retail environment, comprising:
- an anti-tampering module adapted to prevent tampering with user input devices which are associated with the anti-tampering module;
  
  a user-interface access switch within the anti-tampering module adapted to select between a secure source and a non-secure source to access the user interface; and
  
  a secure controller within the anti-tampering module adapted to control the user-interface access switch to;
  
  select the secure controller to provide secure content to the user interface when the secure controller is in a secure mode; and
  
  select the non-secure source to provide non-secure content to the user interface when the secure controller is in a non-secure mode.
- View Dependent Claims (29, 30, 31, 32, 33, 34, 35, 36, 37, 38, 39, 40, 41, 42, 43, 44, 45, 46, 47, 48, 49, 50, 51, 52, 53, 54)
- - 29. The system of claim 28, wherein the secure controller is further adapted to de-select the non-secure source to prevent it from providing the non-secure content to the user interface when the secure controller transitions from the non-secure mode to the secure mode.
  - 30. The system of claim 28, wherein the secure controller is further adapted to switch to the secure mode if it is not in the secure mode when a transaction is requested by a customer.
  - 31. The system of claim 28, wherein the secure controller is further adapted to switch to the secure mode if it is not in the secure mode when unsolicited input is received from a customer.
  - 32. The system of claim 31, wherein the secure controller is further adapted to disable at least one customer input device associated with the anti-tampering module in response to the unsolicited input.
  - 33. The system of claim 31, wherein the secure controller is further adapted to enable at least one customer input device associated with the anti-tampering module in response to authorization of the unsolicited input.
  - 34. The system of claim 28, wherein the secure controller is further adapted to control at least one customer input device associated with the anti-tampering module.
  - 35. The system of claim 34, wherein the secure controller is further adapted to enable encryption of input from the at least one customer input device when the secure controller is in the secure mode.
  - 36. The system of claim 35, wherein the input further comprises payment authorization information and the secure controller is further adapted to enable encryption of the payment authorization information.
  - 37. The system of claim 28, wherein the secure controller is further adapted to receive an input request from a non-secure controller associated with the non-secure source.
  - 38. The system of claim 37, wherein the secure controller is further adapted to switch to the secure mode if it is in the non-secure mode in response to receiving the input request from the non-secure controller.
  - 39. The system of claim 38, wherein the secure controller is further adapted to authorize the input request received from the non-secure controller.
  - 40. The system of claim 39, wherein the secure controller is further adapted to retrieve an authorized prompt if the input request received from the non-secure controller is authorized.
  - 41. The system of claim 40, wherein the secure controller is further adapted to provide the authorized prompt to the user interface if the input request is authorized.
  - 42. The system of claim 41, wherein the secure controller is further adapted to receive a request to encrypt a response to the authorized prompt.
  - 43. The system of claim 42, wherein the secure controller is further adapted to enable at least one customer input device associated with the anti-tampering module to encrypt the response to the authorized prompt.
  - 44. The system of claim 43, wherein the secure controller is further adapted to enable the at least one customer input device to encrypt the response using a vendor-specific encryption algorithm.
  - 45. The system of claim 41, wherein the secure controller is further adapted to receive a response to the authorized prompt.
  - 46. The system of claim 45, wherein the secure controller is further adapted to provide the response to the non-secure controller.
  - 47. The system of claim 28, wherein the user interface includes at least one of a video display and an audio output device, and the secure controller is further adapted to control signaling associated with the at least one of the video display and the audio output device.
  - 48. The system of claim 28, wherein the secure content further comprises at least one of secure video content and secure audio content, and the secure controller is further adapted to control signaling associated with the at least one of the secure video content and the secure audio content.
  - 49. The system of claim 28, wherein the non-secure content further comprises at least one of non-secure video content and non-secure audio content, and the secure controller is further adapted to control signaling associated with the at least one of the non-secure video content and the non-secure audio content.
  - 50. The system of claim 28, wherein the user-interface access module further comprises hardware switching and the secure controller is further adapted to control signaling associated with the hardware switching.
  - 51. The system of claim 50, wherein the hardware switching further comprises at least one of a video switch and an audio switch and the secure controller is further adapted to control signaling associated with the at least one of the video switch and the audio switch.
  - 52. The system of claim 28, wherein the user-interface access switch further comprises a software application and the secure controller is further adapted to control signaling associated with the software application.
  - 53. The system of claim 52, wherein the software application further comprises a streaming data application and the secure controller is further adapted to control signaling associated with the streaming data application.
  - 54. The system of claim 53, wherein the secure controller is further adapted to control at least one transmission control protocol/Internet protocol (TCP/IP) socket.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Gilbarco Incorporated (Vontier Corp.)
Original Assignee
Gilbarco Incorporated (Vontier Corp.)
Inventors
Williams, Michael E., Filippini, Paolo, Carapelli, Giovanni

Granted Patent

US 11,169,954 B2
Time in Patent Office

Days
Field of Search
US Class Current

715/741
CPC Class Codes

G06F 15/173   using an interconnection ne...

G06Q 20/3821   Electronic credentials

G07F 9/023   Arrangements for display, d...

System and method for controlling secure content and non-secure content at a fuel dispenser or other retail device

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

54 Claims

Specification

Solutions

Use Cases

Quick Links

System and method for controlling secure content and non-secure content at a fuel dispenser or other retail device

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

54 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links