Security apparatus and system for retail environments
First Claim
1. A secure data handling system for assembly into a network for securely communicating data from data handling devices at a retail site to a host computer over unsecured data lines comprising a plurality of data entry modules at least some of which are self-service dispensers, a security module and a site controller, said data entry modules and said security module including means for encryption of data and means for communicating encrypted data to said site controller, said site controller having means for directing encrypted data received from said data entry modules to said security module and from said security module to said data entry modules or the host computer as needed for properly directing encrypted data to a desired destination.
3 Assignments
0 Petitions
Accused Products
Abstract
A gasoline service station includes gasoline dispensers and a PIN pad including keypads for receiving personal identification numbers and assembled into a network for securely communicating personal identification numbers from the PIN pads and dispensers to a host computer over unsecured data lines. The PIN pads and dispensers each include means for encryption and outputting of personal identification numbers. A security module includes means for decryption of data associated with each PIN pad and dispenser in a process for the respective PIN pads and dispensers and means for encryption of data associated with the host computer in a process which is different from its decryption of data associated with the PIN pads and dispensers. A site controller, which is not secure from unauthorized signal detection, has means for directing encrypted data received from the PIN pads and the dispensers to the security module and from the security module to the dispensers or the host computer as needed for properly directing encrypted data to a desired destination.
90 Citations
54 Claims
- 1. A secure data handling system for assembly into a network for securely communicating data from data handling devices at a retail site to a host computer over unsecured data lines comprising a plurality of data entry modules at least some of which are self-service dispensers, a security module and a site controller, said data entry modules and said security module including means for encryption of data and means for communicating encrypted data to said site controller, said site controller having means for directing encrypted data received from said data entry modules to said security module and from said security module to said data entry modules or the host computer as needed for properly directing encrypted data to a desired destination.
-
28. A process for protecting the security of a PIN entered into a gasoline dispenser comprising the steps of:
-
encrypting the PIN in the dispenser with a working key, transmitting the encrypted PIN to a security module, decrypting the PIN in the security module with the working key, re-encrypting the PIN with a host key and transmitting the re-encrypted PIN to a host and the preliminary step of equipping the security module so as to erase the working key and the host key upon a physical intrusion into the security module. - View Dependent Claims (29)
-
-
30. A gasoline service station comprising
gasoline dispensers and a PIN pad including keypads for receiving personal identification numbers and assembled into a network for securely communicating personal identification numbers from the PIN pads and gasoline dispensers to a host computer over unsecured data lines, said PIN pads and gasoline dispensers each including means for encryption of personal identification numbers and outputting encrypted personal identification numbers, a security module including means for decryption of data associated with each PIN pad and gasoline dispenser in a process at least unique to the respective gasoline dispensers and means for encryption of data associated with the host computer in a process which is different from its decryption of data associated with said PIN pads and gasoline dispensers and means for outputting encrypted data, a site controller which is not secure from unauthorized signal detection and having means for directing encrypted data received from said PIN pads and said gasoline dispensers to said security module and from said security module to said gasoline dispensers or the host computer as needed for properly directing encrypted data to a desired destination, said means for encrypting in said PIN pads, gasoline dispensers and said security module encrypting data in a manner which is infeasible to decrypt without possession of a decryption key, wherein said security module and only the security module includes means for receiving a cryptographic key associated with the host computer usable with the host for the encryption and decryption of data or further working keys used for the encryption and decryption of data, wherein said means for encryption in said security module encrypts with keys associated with said gasoline dispensers, which keys are unrelated to the cryptographic key associated with the host, and said security module and said PIN pads and gasoline dispensers may cooperatively change their respective keys in response to the passage of time or in response to the occurrence of an event, wherein at least one of said means for encryption encrypts with a process selected from the group consisting of the Rivest-Shamir-Adelman algorithm (RSA), the Diffie-Hellman algorithm (DH), the Data Encryption Standard using a unique key per transaction (DES/UKPT), the Data Encryption Standard using a Master key/Session key (DES/MKSK), and more than one of RSA, DH and DES/UKPT and DES/MKSK.
-
34. A security module for storing sensitive data in electronic form in a memory comprising
an enclosure for an electronic circuit including said memory and data input leads to supply the sensitive data to the memory and to allow selective outputting of data from memory, a barrier within said enclosure and enclosing said memory and electrically connected with said memory such that a penetration of said barrier electrically induces said memory to lose the data stored therein, said barrier being scored to induce the breaking of said electrical connection upon a manipulation of said barrier.
-
46. A security module for storing sensitive data in electronic form in a memory comprising
an enclosure for an electronic circuit including said memory and data input leads to supply the sensitive data to the memory and to allow selective outputting of data from memory, a battery to supply power to said memory and a battery voltage detector to detect a low voltage in said battery and a circuit to induce the memory to lose the data stored therein when a low voltage is sensed.
-
52. A security module for storing sensitive data in electronic form in a memory comprising
an enclosure for an electronic circuit including said memory and data input leads to supply the sensitive data to the memory and to allow selective outputting of data from memory, said circuit including a connector protruding from said enclosure and a thin conductor extending behind said connector and in a circuit so that a break in said conductor will induce said memory to lose the data stored in said memory.
-
54. A method of operating a gasoline service station comprising the steps of
inserting a card belonging to a cardholder into a card reader to derive data, entering a PIN into a keypad in an enclosure, encrypting the PIN in the enclosure using a first encryption key, transmitting the encrypted PIN to a security module, de-encrypting the PIN in the security module and re-encrypting the PIN using a second encryption key, transmitting the re-encrypted PIN and data read from the card to a remote host computer, transmitting authorization of a gasoline sale to the holder of the card from the remote host computer to a gasoline dispenser at the service station.
Specification