Transaction system comprising one or more host exchanges and a number of distributed terminal stations
First Claim
1. A transaction system comprising:
- (a) at least one host exchange;
(b) a network;
(c) a plurality of concentrators, coupled with the at least one host exchange via the network, each concentrator comprising;
(i) protocol means for executing protocolled data transports with at least one host exchange; and
(ii) cryptography means for performing cryptographic operations on and exchanging;
(A) user transaction requests; and
(B) request response information;
with said at least one host exchange;
(d) a first number of distributed terminal stations, respective subsets of the plurality of terminal stations each being associated with a respective one of the concentrators, each terminal station comprising(i) a respective first presentation location for receiving a portable user identification element; and
(ii) respective bidirectional communication elements for(A) receiving a respective user transaction request from a user, subject to receipt and verification of the user identification element,(B) transmitting the respective transaction request to the respective one of the concentrators,(C) receiving respective request response information from the respective one of the concentrators, and(D) transmitting the respective request response information to the user; and
(e) at least one second presentation location, associated with at least one respective terminal station but physically separate from the respective at least one first presentation location, for receiving a portable operator identification element containing data processing elements and key information for a so-called public algorithm, so that the at least one terminal station uses the data processing elements and the key information for(i) performing encryption operations with respect to the respective user transaction request prior to transmitting the respective user transaction request; and
(ii) performing decryption operations with respect to the respective request response information after receiving the respective request response information.
1 Assignment
0 Petitions
Accused Products
Abstract
A transaction system comprises terminal stations which can communicate with a host exchange. In order to improve the communication, concentrators are arranged between the host exchange and the terminal stations. Given functions can be accommodated within the concentrators so that they need not be provided in the terminal station. The concentrators as well as the terminal stations are provided with a security box in order to realize encryption/decryption of the data transport; for the terminal station this box is preferably realized in the form of a smart card which acts as an operator identification element. A customer can identify himself by means of a user identification element, for example a magstripe card or a further smart card. The encryption mechanism is preferably DES.
-
Citations
17 Claims
-
1. A transaction system comprising:
-
(a) at least one host exchange; (b) a network; (c) a plurality of concentrators, coupled with the at least one host exchange via the network, each concentrator comprising; (i) protocol means for executing protocolled data transports with at least one host exchange; and (ii) cryptography means for performing cryptographic operations on and exchanging; (A) user transaction requests; and (B) request response information;
with said at least one host exchange;(d) a first number of distributed terminal stations, respective subsets of the plurality of terminal stations each being associated with a respective one of the concentrators, each terminal station comprising (i) a respective first presentation location for receiving a portable user identification element; and (ii) respective bidirectional communication elements for (A) receiving a respective user transaction request from a user, subject to receipt and verification of the user identification element, (B) transmitting the respective transaction request to the respective one of the concentrators, (C) receiving respective request response information from the respective one of the concentrators, and (D) transmitting the respective request response information to the user; and (e) at least one second presentation location, associated with at least one respective terminal station but physically separate from the respective at least one first presentation location, for receiving a portable operator identification element containing data processing elements and key information for a so-called public algorithm, so that the at least one terminal station uses the data processing elements and the key information for (i) performing encryption operations with respect to the respective user transaction request prior to transmitting the respective user transaction request; and (ii) performing decryption operations with respect to the respective request response information after receiving the respective request response information. - View Dependent Claims (2, 3, 16, 17)
-
-
4. A transaction system, comprising:
-
(a) at least one host exchange; (b) a network; (c) a plurality of concentrators, coupled with said at least one host exchange via the network, each concentrator having (i) respective protocol means for executing protocolled data transports with the at least one host exchange, and (ii) respective cryptography means for performing cryptographic operations and for exchanging (A) user transaction requests, and (B) request response information with the at least one host exchange, (d) a plurality of distributed terminal stations, respective subsets of the plurality of terminal stations each being associated with a respective one of the concentrators, at least one of the terminal stations comprising (i) a respective first presentation location for receiving a portable user identification element, (ii) respective bidirectional communication elements for (A) receiving a respective user transaction request from a user, subject to receipt and verification of the user identification element, (B) transmitting the respective user transaction request to the respective one of the concentrators, (C) receiving respective request response information from the respective one of the concentrators, and (D) transmitting the respective request response information to the user; and (iii) a respective second presentation location, physically apart from said respective first presentation location, for receiving a portable operator identification element containing data processing elements and key information for a so-called public algorithm, so that the terminal station uses the data processing elements and the key information for; (A) performing encryption operations with respect to the respective user transaction request prior to transmitting the respective user transaction request; and (B) performing decryption operations with respect to the respective request response information after receiving the respective request response information. - View Dependent Claims (5, 6)
-
-
7. A concentrator for use in a transaction system, the concentrator comprising:
-
a first connection for coupling with one of a plurality of host exchanges via a network; a second connection for coupling with a plurality of terminal stations; protocol means for executing protocolled data transports with at least one of the host exchanges; cryptography means for exchanging user transaction requests and request granting information with said at least one host exchange under execution of cryptographic operations on said data; and means for connecting a local security box in order to execute a public key algorithm therein for at least partial encryption/decryption as part of a verification procedure for respective operator identification information and respective user information presented to respective ones of the terminal stations, after the latter information has been encrypted in the one terminal station, so that absent the respective operator information, the concentrator does not accept user requests from the terminal stations. - View Dependent Claims (8)
-
-
9. A terminal station for use in a transaction system, the terminal station comprising:
-
(a) a first presentation location for receiving a portable user identification element; (b) bidirectional communication elements for (i) receiving a user transaction request from a user, subject to receipt and verification of the user identification element, (ii) transmitting the user transaction request to a host exchange or a concentrator, (iii) receiving request response information from the host exchange or concentrator, and (iv) transmitting the request response information to the user; and (c) a second presentation location, physically apart from said first presentation location, for receiving a portable operator identification element containing data processing elements and key information for a so-called public algorithm, so that the terminal station uses the data processing elements and the key information for (i) performing encryption operations with respect to the user transaction request prior to transmitting the user transaction request; and (ii) performing decryption operations with respect to the request response information after receiving the request response information. - View Dependent Claims (10)
-
-
11. A portable operator identification element comprising:
-
(a) data processing means for executing encryption/decryption operations according to a public algorithm; (b) means for protective storage of a relevant key; and (c) communication means for bidirectional communication with one of an element of a transaction system, so that the operator identification element is suitable for acting as a security box for the element of the transaction system. - View Dependent Claims (12, 13, 14)
-
-
15. A transaction system, comprising:
-
(a) at least one host exchange; (b) a network; and (c) a first number of distributed terminal stations, at least one of the terminal stations comprising (i) a first presentation location for receiving a portable user identification element, (ii) bidirectional communication elements for; (A) receiving a user transaction request from a user, subject to receipt and verification of the user identification element, (B) transmitting the user transaction request to the host exchange via the network, (C) receiving request response information from the host exchange via the network, and (D) transmitting the request response information to the user; and (iii) a second presentation location, physically apart from said first presentation location, for receiving a portable operator identification element containing data processing elements and key information for a so-called public algorithm, so that the terminal station uses the data processing elements and the key information for (A) performing encryption operations with respect to the user transaction request prior to transmitting the user transaction request; and (B) performing decryption operations with respect to the request response information after receiving the request response information.
-
Specification