Card reader module with pin decryption
First Claim
1. A fuel dispensing system comprising:
- a fuel dispenser for dispensing fuel to a customer in response to an authorization signal;
a control system for providing said authorization signal to said fuel dispenser based on determined authorization information;
an indicia entry device for allowing a customer to input a verification indicia, said indicia entry device adapted to encrypt said input verification indicia to form an encrypted verification indicia for transfer to said control system; and
a card reader separate from said indicia entry device, wherein said card reader is operatively associated with said control system for determining said authorization information based on obtaining a transaction authorization from a customer payment card, said card reader adapted to receive said encrypted verification indicia from said control system and decrypt said encrypted verification indicia to form a decrypted verification indicia, and further adapted to provide said payment card with said decrypted verification indicia to obtain the transaction authorization.
2 Assignments
0 Petitions
Accused Products
Abstract
A card reader module includes capabilities for receiving and decrypting an encrypted user PIN to facilitate off-line transaction authorization. In an off-line transaction, a transaction processing system need not communicate with an outside authorization network to obtain transaction authorization. Off-line transaction authorization is particularly relevant when a customer uses a secure payment device, such as a smart card. With a smart card, the transaction processing system, in cooperation with the smart card, compares a user-entered PIN, input through a keypad, with a user PIN stored on the smart card. If the input PIN matches the stored PIN, the transaction processing system authorizes the customer'"'"'s transaction. Rather than including the keypad, the card reader module receives the PIN in encrypted format directly or indirectly from a separate keypad. To minimized fraud, the separate keypad encrypts the PIN before it is sent to the card reader module. The card reader module decrypts received PIN information for comparison to card-stored PIN information. Based on the comparison, the card reader module provides authorization information to other elements in the transaction processing system. Preferably, the card reader module is used in a fuel dispensing system. This allows off-line authorization of fueling transactions, based on verifying a user-entered PIN against a stored payment card PIN. By separating the PIN-entry keypad from the card reader module, the card reader module may be individually serviced, thereby reducing maintenance expenses, for the transaction processing system in which the card reader module is used.
114 Citations
32 Claims
-
1. A fuel dispensing system comprising:
-
a fuel dispenser for dispensing fuel to a customer in response to an authorization signal;
a control system for providing said authorization signal to said fuel dispenser based on determined authorization information;
an indicia entry device for allowing a customer to input a verification indicia, said indicia entry device adapted to encrypt said input verification indicia to form an encrypted verification indicia for transfer to said control system; and
a card reader separate from said indicia entry device, wherein said card reader is operatively associated with said control system for determining said authorization information based on obtaining a transaction authorization from a customer payment card, said card reader adapted to receive said encrypted verification indicia from said control system and decrypt said encrypted verification indicia to form a decrypted verification indicia, and further adapted to provide said payment card with said decrypted verification indicia to obtain the transaction authorization. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13)
-
-
14. A card reader module for authorizing a transaction comprising:
-
a communications interface for receiving encrypted customer verification information and providing a transaction authorization signal;
a payment card interface separate from said communications interface, wherein said payment card interface communicates with a payment card present in said payment card interface; and
a processing unit for determining said transaction authorzation signal based on processing said encrypted customer verification information, said processing unit further adapted to decrypt said encrypted customer verification information to form a decrypted customer verification information and communicate said decrypted customer verification information to said payment card via said payment card interface;
said processing unit further adapted to receive a signal from said payment card via said payment card interface if the transaction is authorized and to provide said transaction authorization signal in response thereto. - View Dependent Claims (15, 16, 17)
-
-
18. A method of securely determining a transaction authorization for a retail transaction, comprising the steps of:
-
interfacing with a customer payment card using a card reader;
receiving verification indicia input by a customer into an indicia input device which is separate from said card reader;
encrypting the verification indicia in said indicia input device;
transferring the encrypted verification indicia to said card reader;
decrypting the encrypted verification indicia using said card reader;
processing the decrypted verification indicia using said card reader in cooperation with said customer payment card;
determining said transaction authorization based on said processing step; and
outputting a transaction authorization signal from said card reader based on said determining step. - View Dependent Claims (19, 20, 21, 22, 23, 24, 25, 26)
-
-
27. A fuel dispenser comprising:
-
a dispenser controller for dispensing fuel to a customer based on receiving a control signal from an associated control system; and
an indicia input device for allowing the customer to input a verification indicia, said input indicia device adapted to output said verification indicia in an encrypted format;
a magnetic card reader separate from said indicia input device, wherein said magnetic card reader reads account information from a credit/debit card and transfers said account information to said associated control system; and
a smart card reader for communicating with a smart card and further adapted to determine a transaction authorization signal for output to said associated control system based on decrypting said encrypted verification indicia and processing said decrypted verification indicia in cooperation with said smart card;
said associated control system adapted to generate said control signal based on either receiving an authorization response from an outside authorizing network in response to transferring said account information and a processed version of said encrypted verification indicia to said outside authorizing network or on receiving said transaction authorization signal from said smart card reader. - View Dependent Claims (28, 29, 30, 31, 32)
a communications interface for receiving said encrypted verification indicia;
a processing unit for determining said transaction authorization signal based on decrypting said encrypted verification indicia and processing said decrypted verification indicia in cooperation with said smart card; and
a smart card interface for communicating with said smart card.
-
-
30. The fuel dispenser of claim 29 wherein said processing unit in said smart card reader receives stored verification information from said smart card through said smart card interface and determines said transaction authorization signal based on verifying said decrypted verification indicia against said stored verification information.
-
31. The fuel dispenser of claim 29 wherein said processing unit in said smart card reader determines said transaction authorization signal based on authorization information returned from said smart card via said smart card interface, said authorization information determined by said smart card based on receiving said decrypted verification indicia from said processing unit via said smart card interface.
-
32. The fuel dispenser of claim 27 wherein said smart card reader is housed in a tamper-resistant enclosure suitable for mounting in said fuel dispenser, and wherein said tamper-resistant enclosure is adapted to disable a critical electrical circuit that forms a portion of said smart card reader in response to attempted tampering.
Specification