Methods and apparatus for secure personal identification number and data encryption
First Claim
1. A secure apparatus for encrypting data comprising:
- a touch screen device, the screen layout of said touch screen comprising a protected data entry screen area and an unprotected data entry screen area;
a first processor, said first processor being affixed to a circuit board, said first processor being further operative to communicate with an encryption device and a touch screen device, and the first processor being further operative to determine whether a touch input detected by the touch screen device originated in the protected data entry screen area or the unprotected data entry screen area;
an encryption device operative to encrypt touch inputs that originated in the protected data entry screen area; and
a tamper detection mechanism.
6 Assignments
0 Petitions
Accused Products
Abstract
A system and methods for implementing a low cost and simple PIN encryption device is disclosed. The PIN encryption device may be incorporated into customer transaction terminals, ATMs and PIN pads for use with POS terminals or other transaction devices. The PIN encryption device securely stores PIN encryption keys and PIN encryption algorithms that are used to encrypt user entered PINs on a cryptographic smart card. The system disclosed is a physically secure device that protects the integrity of the encryption keys and algorithms. The system also protects the cryptographic smart card from tampering, and prevents the discovery of PIN data by tapping the external interfaces of the customer transaction terminal.
145 Citations
25 Claims
-
1. A secure apparatus for encrypting data comprising:
-
a touch screen device, the screen layout of said touch screen comprising a protected data entry screen area and an unprotected data entry screen area;
a first processor, said first processor being affixed to a circuit board, said first processor being further operative to communicate with an encryption device and a touch screen device, and the first processor being further operative to determine whether a touch input detected by the touch screen device originated in the protected data entry screen area or the unprotected data entry screen area;
an encryption device operative to encrypt touch inputs that originated in the protected data entry screen area; and
a tamper detection mechanism. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A secure apparatus for encrypting data comprising:
-
a touch screen device, the screen layout of said touch screen comprising a protected data entry screen area and an unprotected data entry screen area;
a first processor, said first processor being affixed to a circuit board, said first processor being further operative to communicate with an encryption device and a touch screen device, and the first processor being further operative to determine whether a touch input detected by the touch screen device originated in the protected data entry screen area or the unprotected data entry screen area;
a second processor, said second processor being affixed to the circuit board, said second processor being further operative to communicate with the first processor and the touch screen device;
an encryption device operative to encrypt touch inputs that originated in the protected data entry screen area; and
a tamper detection mechanism. - View Dependent Claims (9)
wherein the second processor is a microprocessor enabled to communicate with the first processor, the touch screen device, and is operative to communicate with any devices external to the secure apparatus.
-
-
10. A system for encrypting data comprising:
-
a display device comprising an LCD flat panel display and a touch panel device;
a first processor connected to said touch panel overlay device, said first processor being operative to decode touch input signals from said touch panel overlay device;
a second processor, said second processor being operative to execute application software for controlling the images displayed on the LCD flat panel display;
a cryptographic smart card operable to encrypt data; and
a tamper detection device, said tamper detection device being operative to signal said cryptographic smart card if the tamper detection device detects tampering. - View Dependent Claims (11, 12, 13, 14, 15)
-
-
16. A method of encrypting data, the method comprising the steps of:
-
detecting touch input signals from a touch screen;
determining whether said touch input signals originated in a protected data entry portion of said touch screen or in a non protected data entry portion of said touch screen;
translating only the touch input signals that originated in the protected data entry portion of the touch screen into data;
sending the data to a cryptographic smart card; and
encrypting the data. - View Dependent Claims (17)
-
-
18. A method of encrypting PIN data, the PIN data comprising one or more data elements, the method comprising the steps of:
-
detecting a first touch input signal from a touch screen;
determining whether said first touch input signal originated in a protected PIN data entry portion of said touch screen;
translating the first touch input signal into a first data element if the first detected touch input signal originated in the protected PIN data entry portion of the touch screen;
determining if the first data element is an alphanumeric character or a command; and
storing said first data element that is an alphanumeric character as a first PIN data element or executing said first data element that is a command. - View Dependent Claims (19)
determining if a predetermined number of data elements have been stored, the predetermined number of data elements comprising a PIN;
detecting subsequent data elements if said predetermined number of data elements have not been stored; and
sending said predetermined number of data elements comprising the PIN to a cryptographic smart card and encrypting the PIN.
-
-
20. A method of generating a master key storage (MSK) key for a device, the method comprising the steps of:
-
generating a first random seed;
sending the first random seed to a cryptographic smart card;
generating a second random seed;
combining said second random seed with a cryptographic smart card serial number and a device serial number thereby generating an intermediate data key;
encrypting said data key with the first random seed, thereby generating the MSK key; and
storing the MSK key within the cryptographic smart card. - View Dependent Claims (21)
-
-
22. A method for maintaining the integrity of data keys stored within a cryptographic smart card, the method comprising the steps of:
-
monitoring a tamper detection signal, the absence of the tamper detection signal indicating that the cryptographic smart card has not been tampered with;
monitoring a power supply input and a battery input, the presence of the power supply input and the battery input indicating that the supply of electrical power to the cryptographic smart card is uninterrupted; and
clearing a data erasure byte upon the detection of the presence of the tamper detection signal, or upon the absence of both the power supply input and the battery input, thereby putting the cryptographic smart card into a data erasure state. - View Dependent Claims (23, 24, 25)
issuing a message to any devices communicating with the cryptographic smart card, the message indicating that the cryptographic smart card is entering a data erasure state;
halting the execution of any other processing within the cryptographic smart card; and
executing a process to erase one or more data keys stored within the cryptographic smart card.
-
-
24. The method of claim 23, further comprising the step of issuing a message to any devices communicating with the cryptographic smart card, the message indicating that the cryptographic smart card has erased all of the one or more data keys stored within the cryptographic smart card.
-
25. The method of claim 24, further comprising the steps of:
-
detecting the interruption and resumption of the supply of electrical power to the cryptographic smart card;
issuing a message to any devices communicating with the cryptographic smart card, the message indicating that the process of erasing all of the one or more data keys stored within the cryptographic smart card; and
completing the process of erasing all of the one or more data keys stored within the cryptographic smart card.
-
Specification