Method and apparatus for touch screen data entry
First Claim
1. A method for operating a combination touch pad and display screen device, wherein:
- said touch pad is controlled by a touch pad controller and said display screen is controlled by an application program processor in communication with said touch pad controller and said display screen, said touch pad controller and application program processor being situated within a physically secured transaction terminal, said application program processor being arranged to allow unknown application programs to be downloaded into the terminal and executed, and said touch pad controller being pre-programmed so that it is not subject to programming by downloading unknown application programs into the terminal, said method comprising the steps of;
a. said application program processor displaying on said display screen a set of functional components;
b. defining a plurality of touch pad hot spots corresponding in area and location to said functional components;
c. said touch pad controller sensing a touch event on said touch pad;
d. said touch pad controller comparing coordinates of said touch event with coordinates of said touch pad hot spots corresponding to said functional components; and
e. if said touch coordinates correspond to coordinates of one of said touch pad hot spots, said touch pad controller sending to said application program processor a touch event message identifying the touch pad hot spot corresponding to said touch event, and wherein a rogue program downloaded to said application program processor is precluded from access to said touch coordinates.
3 Assignments
0 Petitions
Accused Products
Abstract
Data entry apparatus comprising a display screen device, a touch pad mounted over the display screen device, and an application processor coupled to the touch pad and to the display screen device. The application processor has an application program processing module and a touch pad controller module. The application program processing module displays on the display screen a predefined data entry screen having a prearranged set of functional components and sends to the touch pad controller module a hot spot command defining a plurality of touch pad hot spots corresponding in area and location to the set of functional components. The touch pad controller module senses a touch event on the touch pad corresponding to one of the touch pad hot spots and sends to the application processor a touch event message identifying the touch pad hot spot corresponding to the touch event. PIN entry commands are issued by the application processor module and processed in the touch pad controller for secure PIN entry on the touch screen.
108 Citations
14 Claims
-
1. A method for operating a combination touch pad and display screen device, wherein:
-
said touch pad is controlled by a touch pad controller and said display screen is controlled by an application program processor in communication with said touch pad controller and said display screen, said touch pad controller and application program processor being situated within a physically secured transaction terminal, said application program processor being arranged to allow unknown application programs to be downloaded into the terminal and executed, and said touch pad controller being pre-programmed so that it is not subject to programming by downloading unknown application programs into the terminal, said method comprising the steps of;
a. said application program processor displaying on said display screen a set of functional components;
b. defining a plurality of touch pad hot spots corresponding in area and location to said functional components;
c. said touch pad controller sensing a touch event on said touch pad;
d. said touch pad controller comparing coordinates of said touch event with coordinates of said touch pad hot spots corresponding to said functional components; and
e. if said touch coordinates correspond to coordinates of one of said touch pad hot spots, said touch pad controller sending to said application program processor a touch event message identifying the touch pad hot spot corresponding to said touch event, and wherein a rogue program downloaded to said application program processor is precluded from access to said touch coordinates. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
said application processor displaying on said display screen device a set of said functional components comprising a PIN data entry screen comprising at least a set of data entry buttons corresponding to PIN numerals and an “
ENTER”
command button;
said application processor sending to said touch pad controller a special PIN data entry command differing from said hot spot command and requesting execution by said touch pad controller of a PIN entry touch event routine;
said touch pad controller responding to said PIN data entry command by executing the steps of;
defining a prearranged set of hot spots corresponding to active data entry and command buttons in said PIN data entry screen;
responding to a sequence of touch events corresponding to active data entry buttons by storing each of the associated PIN numerals; and
responding to a touch event corresponding to said “
ENTER”
command button by encrypting said stored PIN numerals using said security processor to produce encrypted PIN data and sending said encrypted PIN data to said application processor.
-
-
3. The method of claim 2, further comprising the steps of:
-
said touch pad controller responding to a hot spot command received from said application processor by determining if the number of said plurality of hot spots defined in said hot spot command is less than or equal to a predetermined hot spot limit less than the number of hot spots required for PIN entry;
if said determining step is positive, said touch pad controller directly executing said hot spot command by responding to each hot spot touch event and sending a corresponding touch event message to said application processor; and
if said determining step is negative, said touch pad controller declaring a hot spot command error and processing a hot spot error routine.
-
-
4. The method of claim 2, further comprising the steps of:
-
said touch pad controller responding to a hot spot command received from said application processor by determining if the number of said plurality of hot spots defined in said hot spot command is less than or equal to a predetermined hot spot limit less than the number of hot spots required for PIN entry;
if said determining step is positive, said touch pad controller directly executing said hot spot command by responding to hot spot touch events and sending corresponding touch event messages to said application processor; and
if said determining step is negative, said touch pad controller next determining if said hot spot command passes a set of prearranged command authentication tests, and executing said hot spot command if and only if said hot spot command passes said set of authentication tests.
-
-
5. The method of claim 4, further comprising the steps of:
-
said touch pad controller declaring a hot spot command error if said hot spot command fails said set of command authentication tests and then processing a hot spot error routine comprising the steps of;
defining a prearranged set of error clearance hot spots less than said predetermined hot spot limit;
refusing to execute subsequent hot spot commands received from said application processor until a predefined sequence of touch events on said error clearance hot spots is received.
-
-
6. The method of claim 1, wherein said touch pad and said display screen are both controlled by an application processor comprising a touch pad controller module for controlling said touch pad and an application program processing module for executing application program commands including commands for displaying functional components on said display screen, and wherein
said step a. is carried out by said application program processing module displaying on said display screen a set of functional components; -
said step b. is carried out by said application program processing module sending to said touch pad controller module a hot spot command defining a plurality of touch pad hot spots corresponding in area and location to said set of functional components;
said step c. is carried out by said touch pad controller module sensing a touch event on said touch pad corresponding to one of said touch pad hot spots and sending to said application program processing module a touch event message identifying the touch pad hot spot corresponding to said touch event.
-
-
7. The method of claim 6, wherein said combination touch pad and display screen device are operated as a secured data entry device in a point-of-sale transaction environment in which secret PIN entries are required, and said touch pad controller module has an associated PIN encryption module, said method further comprising the steps of:
-
said application program processing module displaying on said display screen device a set of said functional components comprising a PIN data entry screen comprising at least a set of data entry buttons corresponding to PIN numerals and an “
ENTER”
command button;
said application program processing module sending to said touch pad controller module a special PIN data entry command differing from said hot spot command and requesting execution by said touch pad controller module of a PIN entry touch event routine;
said touch pad controller module responding to said PIN data entry command by executing the steps of;
defining a prearranged set of hot spots corresponding to active data entry and command buttons in said PIN data entry screen;
responding to a sequence of touch events corresponding to active data entry buttons by storing each of the associated PIN numerals; and
responding to a touch event corresponding to said “
ENTER”
command button by encrypting said stored PIN numerals using said PIN encryption module to produce encrypted PIN data and sending said encrypted PIN data to said application program processing module.
-
-
8. The method of claim 7, further comprising the steps of:
-
said touch pad controller module determining if the number of said plurality of hot spots defined in said hot spot command is less than or equal to a predetermined hot spot limit less than the number of hot spots required for PIN entry;
if said determining step is positive, said touch pad controller module directly executing said hot spot command by responding to each hot spot touch event and sending a corresponding touch event message to said application program processing module; and
if said determining step is negative, said touch pad controller declaring a hot spot command error and processing a hot spot error routine.
-
-
9. The method of claim 7, further comprising the steps of:
-
said touch pad controller module determining if the number of said plurality of hot spots defined in said hot spot command is less than or equal to a predetermined hot spot limit less than the number of hot spots required for PIN entry;
if said determining step is positive, said touch pad controller module directly executing said hot spot command by responding to hot spot touch events and sending corresponding touch event messages to said application program processing module; and
if said determining step is negative, said touch pad controller module next determining if said hot spot command passes a set of prearranged command authentication tests, and executing said hot spot command if and only if said hot spot command passes said set of authentication tests.
-
-
10. The method of claim 9, further comprising the steps of:
-
said touch pad controller module declaring a hot spot command error if hot spot command fails said set of command authentication tests and then processing a hot spot error routine comprising the steps of;
defining a prearranged set of error clearance hot spots less than said predetermined hot spot limit;
refusing to execute subsequent hot spot commands received from said application program processing module until a predefined sequence of touch events on said error clearance hot spots is received.
-
-
11. Data entry apparatus, comprising, in combination:
-
a display screen device;
a touch pad mounted over said display screen device;
a touch pad controller coupled to said touch pad; and
an application processor coupled to said touch pad controller and to said display screen device;
said application processor comprising;
means for displaying on said display screen a predefined data entry screen having a prearranged set of functional components; and
means for sending to said touch pad controller a hot spot command defining a plurality of touch pad hot spots corresponding in area and location to said set of functional components;
said touch pad controller comprising;
means for sensing a touch event on said touch pad corresponding to one of said touch pad hot spots;
means for comparing said coordinates of said touch event with coordinates of said touch pad hot spots corresponding to said functional components; and
means for, if said touch coordinates correspond to coordinates of one of said touch pad hot spots, sending to said application processor a touch event message identifying the touch pad hot spot corresponding to said touch event, wherein said touch pad controller and application program processor are situated within a physically secured transaction terminal, said application program processor being arranged to allow unknown application programs to be downloaded into the terminal and executed, and said touch pad controller being pre-programmed so that it is not subject to programming by downloading unknown application programs into the terminal, and wherein a rogue program downloaded to said application program processor is precluded from access to said touch coordinates. - View Dependent Claims (12, 13, 14)
a security processor operatively associated with said touch pad controller, a security module housing said touch pad controller and said security processor for protection against physical intrusion;
said application processor further including PIN entry command means for displaying on said display screen device a set of functional components in the form of a PIN data entry screen comprising at least a set of data entry buttons corresponding to PIN numerals and an “
ENTER”
command button and for sending to said touch pad controller a PIN data entry command requesting execution of a PIN entry touch event routine;
said touch pad controller being preprogrammed with a PIN entry touch routine including;
means defining a prearranged set of hot spots corresponding to active data entry and command buttons in said PIN data entry screen;
means for receiving a PIN data entry command from said application processor and thereafter responding to a sequence of touch events corresponding to active data entry buttons by storing each of the associated PIN numerals;
means responsive to a touch event corresponding to said “
ENTER”
command button for sending said stored PIN numerals to said security processor for encryption therein and for sending the resulting encrypted PIN data to said application processor.
-
-
13. Apparatus as claimed in claim 12, wherein
said touch pad controller further includes means for determining if the number of hot spots defined in a hot spot command is less than or equal to a predetermined hot spot limit which is less than the number of hot spots required for PIN entry; and wherein said touch pad controller directly executes said hot spot command and returns touch event messages to said application processor only if said number of hot spots defined in said hot spot command is less than or equal to said predetermined hot spot limit.
-
14. Apparatus as claimed in claim 12, wherein
said application processor includes a stored application program comprising a set of hot spot commands which define a number of hot spots greater than said predetermined hot spot limit and which include command authentication data elements; - and
said touch pad controller includes means for testing the authenticity of a received hot spot command based on said command authentication data elements therein;
and wherein said touch pad controller executes a hot spot command which includes a number of defined hot spots greater than said predetermined hot spot limit only if said means for testing authenticates said hot spot command.
- and
Specification