PAYMENT TERMINAL DEVICE AND PAYMENT PROCESSING METHOD
First Claim
1. A payment terminal device comprising:
- an authentication information input unit that receives an input of authentication information;
an execution environment providing unit that separately provides a secure execution environment with a tamper-resistant property and a non-secure execution environment without a tamper-resistant property;
an input information management unit that is provided in the secure execution environment, and manages the authentication information which is input to the authentication information input unit;
a relay unit that is provided in the non-secure execution environment and relays a payment process between an external payment target device and the payment terminal device; and
a control unit that instructs the input information management unit and the relay unit to perform mutual authentication,wherein when the mutual authentication is established, the input information management unit and the relay unit form a first secure communication path between the input information management unit and the relay unit, andwherein after the first secure communication path is formed and a second secure communication path is formed between the payment target device and the relay unit, the relay unit relays the input information management unit and the payment target device through the first secure communication path and the second secure communication path, and performs transmission of payment process information regarding the payment process.
1 Assignment
0 Petitions
Accused Products
Abstract
In the payment process of a transaction, it is possible to ensure security of information regarding the payment process, and perform a suitable payment process. When mutual authentication is established, a secure input application and a command interpreter form a secure virtual private communication path (VPN). Transmission of payment-related information such as encrypted PIN information is started through the VPN. The command interpreter and a payment center form a secure virtual private communication path (VPN). Transmission of payment-related information is started through the VPN. When transmission using the VPNs and is normal, a secure input manager and a terminal UI payment application perform a card payment process in which the command interpreter is relayed.
-
Citations
2 Claims
-
1. A payment terminal device comprising:
-
an authentication information input unit that receives an input of authentication information; an execution environment providing unit that separately provides a secure execution environment with a tamper-resistant property and a non-secure execution environment without a tamper-resistant property; an input information management unit that is provided in the secure execution environment, and manages the authentication information which is input to the authentication information input unit; a relay unit that is provided in the non-secure execution environment and relays a payment process between an external payment target device and the payment terminal device; and a control unit that instructs the input information management unit and the relay unit to perform mutual authentication, wherein when the mutual authentication is established, the input information management unit and the relay unit form a first secure communication path between the input information management unit and the relay unit, and wherein after the first secure communication path is formed and a second secure communication path is formed between the payment target device and the relay unit, the relay unit relays the input information management unit and the payment target device through the first secure communication path and the second secure communication path, and performs transmission of payment process information regarding the payment process.
-
-
2. A payment processing method of a payment terminal device including an authentication information input unit, the payment processing method comprising:
-
separately providing a secure execution environment with a tamper-resistant property and a non-secure execution environment without a tamper-resistant property; receiving authentication information in the authentication information input unit; managing the authentication information that is input, in an input information management unit that is provided in the secure execution environment; performing mutual authentication between a relay unit that is provided in the non-secure execution environment and the input information management unit; forming a first secure communication path between the input information management unit and the relay unit, when the mutual authentication is established; forming a second secure communication path between the relay unit and an external payment target device; and performing transmission of payment process information regarding a payment process by relaying the information processing apparatus and the payment target device through the first secure communication path and the second secure communication path, after the first secure communication path and the second secure communication path are formed, in the relay unit.
-
Specification