METHODS AND SYSTEMS FOR SECURITY AUTHENTICATION AND KEY EXCHANGE

US 20100299265A1
Filed: 04/17/2008
Published: 11/25/2010
Est. Priority Date: 04/17/2007
Status: Abandoned Application

First Claim

Patent Images

1. A modular Point-Of-Sale (POS) terminal comprising:

a payment controller having a first encryption sub-component;

a display in communication with the payment controller;

a user interface having a second encryption sub-component, the user interface comprising at least one of a payment keyboard and a payment card reader, wherein the user interface is configured to receive financial data; and

wherein the financial data is encrypted prior to transmission in the modular POS terminal, and wherein the modular POS terminal is configured to detect tampering with the modular POS terminal.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

This is for a payment device that may be constructed from separate modules in a secure fashion such that the aggregation of the modules constitutes an overall secure device without the use of additional covers, cases, or tamper-resistant housings. The methods and system are provided whereby the devices within a modular payment system can exchange data between each-other in a secure fashion. While data encryption is being used elsewhere, the present invention extends the security zone from each secure payment module within a modular device out over the cable to the next device. This allows the user to purchase payment device components, place them as they see fit, and not have to obtain certification on their end product as a POS-A level payment device.

66 Citations

View as Search Results

10 Claims

1. A modular Point-Of-Sale (POS) terminal comprising:
- a payment controller having a first encryption sub-component;
  
  a display in communication with the payment controller;
  
  a user interface having a second encryption sub-component, the user interface comprising at least one of a payment keyboard and a payment card reader, wherein the user interface is configured to receive financial data; and
  
  wherein the financial data is encrypted prior to transmission in the modular POS terminal, and wherein the modular POS terminal is configured to detect tampering with the modular POS terminal.
- View Dependent Claims (2, 3)
- - 2. The modular POS terminal of claim 1, wherein the payment controller and the user interface mutually authenticate using digital certificates.
  - 3. The modular POS terminal of claim 1, wherein the payment controller and the user interface mutually use asymmetric keys and generate a random symmetric key for communications.

4. A method of assembling and using a modular Point-Of-Sale (POS) terminal, the method comprising:
- arranging a plurality of components of the modular POS terminal within a housing;
  
  synchronizing the plurality of components of the modular POS terminal;
  
  receiving financial data at a user interface;
  
  encrypting the financial data prior to transmission to a payment controller; and
  
  wherein each component of the plurality of components which handles financial data is certified for financial transactions.
- View Dependent Claims (5)
- - 5. The method of claim 4, the synchronizing of the plurality of components of the modular POS terminal further comprising:
    - transmitting an encrypting certificate from a first module to a second module, wherein the second module verifies the encrypting certificate;
      
      generating a random second module key and a random second module value;
      
      encrypting, at the second module, a second module identifier, the random second module key, and the random second module value;
      
      transmitting, from the second module to the first module, the encryption certificate, the encrypted second module identifier, the encrypted random second module key, and the encrypted random second module value;
      
      verifying the encryption certificate, and decrypting the encrypted second module identifier, the encrypted random second module key, and the encrypted random second module value;
      
      generating a random first module key and a random first module value;
      
      transmitting, from the first module to the second module, a first module identifier, an encrypted random first module key, an encrypted random first module value, and an encrypted random second module value;
      
      creating, at the second module, a protocol base key when the first module is verified, wherein the protocol base key is a combination of the random first module key and the random second module key; and
      
      creating, at the first module, the protocol base key when a received plain random first module key is verified, wherein the protocol base key is a combination of the random first module key and the random second module key.

6. A Point-Of-Sale (POS) terminal configured for secure data transmissions, the POS terminal comprising:
- a first module and a second module in communication;
  
  wherein each of the first and second modules are certified for secure financial data transmissions;
  
  a housing containing an assembly of the first and second modules, wherein the assembly is configured to process financial transactions.

7. A method of designing a Point-Of-Sale (POS) terminal layout, the method comprising:
- selecting two or more components of a POS terminal, wherein each of the two or more components is certified for financial transactions;
  
  arranging the two or more components within a housing; and
  
  connecting the two or components such that transmission of transaction data is secure, wherein the POS terminal is certified for a financial transaction upon arranging the two or more components.
- View Dependent Claims (8, 9)
- - 8. The method of claim 7, wherein the two or more components of a POS terminal comprise at least two of a payment controller, a payment keyboard, a display, a payment card reader, a payment contactless reader, a smart card reader, and a printer module.
  - 9. The method of claim 7, wherein the financial transaction comprises at least one of a credit transaction, a debit transaction, a loyalty point transaction, a reward point transaction, and a preloaded value transaction.

10. A Point-Of-Sale (POS) terminal comprising a first component of the POS terminal, wherein the first component is separately certified for secure financial transactions.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Hypercom Corporation (Verifone Systems, Inc.)
Original Assignee
Hypercom Corporation (Verifone Systems, Inc.)
Inventors
Andersson, Ulf, Walters, Paul

Application Number

US12/596,127
Publication Number

US 20100299265A1
Time in Patent Office

Days
Field of Search
US Class Current

705/67
CPC Class Codes

G06Q 20/3674   involving authentication

G07F 19/20   Automatic teller machines [...

G07F 19/205   Housing aspects of ATMs

G07G 1/0018   Constructional details, e.g...

H04L 2209/56   Financial cryptography, e.g...

H04L 2463/061   applying further key deriva...

H04L 63/061   for key exchange, e.g. in p...

H04L 63/0823   using certificates cryptogr...

H04L 9/0825   using asymmetric-key encryp...

H04L 9/3263   involving certificates, e.g...

H04L 9/3273   for mutual authentication n...

METHODS AND SYSTEMS FOR SECURITY AUTHENTICATION AND KEY EXCHANGE

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

66 Citations

10 Claims

Specification

Solutions

Use Cases

Quick Links

METHODS AND SYSTEMS FOR SECURITY AUTHENTICATION AND KEY EXCHANGE

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

66 Citations

10 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links