Automated banking machine component authentication system and method

US 7,229,009 B1
Filed: 02/21/2006
Issued: 06/12/2007
Est. Priority Date: 07/16/2002
Status: Active Grant

First Claim

Patent Images

1. An automated banking machine comprising:

a computer, wherein the computer includes at least one hardware device, wherein the hardware device includes identity data;

a cash dispenser in operative connection with the computer, wherein the cash dispenser includes an input device, wherein the input device is operative to receive an input through manual operation of the input device;

a safe, wherein the input device of the cash dispenser is located within the safe, wherein the computer is located in the machine outside the safe, wherein the cash dispenser is responsive to an input received through manual operation of the input device carried out within the safe to cause the cash dispenser to accept the identity data of the hardware device, wherein the cash dispenser is operative to establish a secure communication session with the computer responsive to the accepted identity data, wherein the cash dispenser is operative to dispense cash responsive to at least one message received through the secure communication session.

View all claims

19 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

An automated banking machine is provided which includes a first component and a second component. The first component is operative generate a first hash of a first identity data and a public key associated with the second component. The first component is operative to encrypt a randomly generated secret key using the public key associated with the second component. The second component is operative to receive at least one message from the first component which includes the encrypted secret key and the first hash. The second component is operative to decrypt the secret key with a private key that corresponds to the public key. The second component is operative to permit information associated with a transaction function to be communicated between the first and second components which is encrypted with the secret key when the first hash is determined by the second component to correspond to the first component.

49 Citations

View as Search Results

23 Claims

1. An automated banking machine comprising:
- a computer, wherein the computer includes at least one hardware device, wherein the hardware device includes identity data;
  
  a cash dispenser in operative connection with the computer, wherein the cash dispenser includes an input device, wherein the input device is operative to receive an input through manual operation of the input device;
  
  a safe, wherein the input device of the cash dispenser is located within the safe, wherein the computer is located in the machine outside the safe, wherein the cash dispenser is responsive to an input received through manual operation of the input device carried out within the safe to cause the cash dispenser to accept the identity data of the hardware device, wherein the cash dispenser is operative to establish a secure communication session with the computer responsive to the accepted identity data, wherein the cash dispenser is operative to dispense cash responsive to at least one message received through the secure communication session.
- View Dependent Claims (2, 3, 4)
- - 2. The machine according to claim 1, wherein the cash dispenser includes at least one data store, wherein the cash dispenser is operative to store the received identity data in the at least one data store of the cash dispenser.
  - 3. The machine according to claim 2, wherein the cash dispenser includes a processor in operative connection with the at least one data store, and wherein the processor is operative to generate at least one authentication value from the identity data, wherein the cash dispenser is operative to establish the secure communication session with the computer responsive to the at least one authentication value.
  - 4. The machine according to claim 1, wherein the identity data includes at least a portion of a serial number of the hardware device.

5. A method comprising:
- a) receiving with an input device located within a safe of an automated banking machine, at least one input responsive to manual operation of the input device carried out within the safe, wherein the automated banking machine includes a cash dispenser;
  
  b) responsive to (a), accepting with the cash dispenser, data associated with of a hardware device of a computer of the automated banking machine, wherein the computer is located outside the safe;
  
  c) establishing a secure communication session between the computer and the cash dispenser responsive to the data accepted in (b); and
  
  d) dispensing cash from the machine through operation of the cash dispenser responsive to at least one message received through the secure communication session.
- View Dependent Claims (6, 7, 8, 9)
- - 6. The method according to claim 5, wherein the cash dispenser includes at least one data store, further comprising:
    - e) subsequent to (b), storing the data accepted in (b) in the at least one data store of the cash dispenser.
  - 7. The method according to claim 5, further comprising:
    - e) subsequent to (b), generating with the cash dispenser, at least one authentication value from the data accepted in (b),wherein in (c) the cash dispenser is operative to enable the secure communication session to be established with the computer responsive to the at least one authentication value.
  - 8. The method according to claim 5, wherein the data accepted in (b) includes at least a portion of a serial number of the hardware device.
  - 9. The method according to claim 5, wherein the safe includes a door, wherein in (a) the door is open.

10. Computer readable media bearing instructions which are operative to cause a computer in an automated banking machine to cause the machine to carry out a method comprising:
- a receiving with an input device located within a safe of the automated banking machine, at least one input responsive to manual operation of the input device carried out within the safe, wherein the automated banking machine includes a cash dispenser;
  
  b) responsive to (a), accepting with the cash dispenser, data associated with a hardware device of the computer of the automated banking machine, wherein the computer is located outside the safe;
  
  c) establishing a secure communication session between the computer and the cash dispenser responsive to the data accepted in (b); and
  
  d) dispensing cash from the machine through operation of the cash dispenser responsive to at least one message received through the secure communication session.

11. Apparatus comprising:
- an automated banking machine including;
  
  a computer, wherein the computer includes at least one processor;
  
  at least one transaction function device in operative connection with the computer, wherein the at least one transaction function device includes at least one device processor;
  
  a first component operative in the at least one computer, wherein the first component is operative to resolve first identity data; and
  
  a second component in operative connection with the at least one transaction function device;
  
  wherein the first component is operative to cause to be generated at least one first authentication value responsive to the first identity data, wherein the computer responsive to the first component is operative to cause a randomly generated secret key to be generated, wherein the computer is operative to cause the generated secret key to be encrypted using a public key associated with the second component, wherein the computer is operative to cause at least one message to be sent to the second component which at least one message includes the encrypted secret key and the at least one first authentication value, wherein the second component is operative to cause the secret key to be decrypted with a private key that corresponds to the public key, wherein the second component is operative to cause at least one second authentication value and the first authentication value to be analyzed through operation of the at least one device processor to determine if the first authentication value and the second authentication value have a predetermined relationship, wherein responsive to the first authentication value and the second authentication value having the predetermined relationship, the second component is operative to enable the at least one transaction function device to perform a transaction function in response to at least one message received from the computer.
- View Dependent Claims (12, 13, 14, 15, 16)
- - 12. The apparatus according to claim 11, wherein the second component is operative to resolve second identity data, wherein the second component is operative to cause to be generated the at least one second authentication value responsive to the second identity data.
  - 13. The apparatus according to claim 12, wherein the machine further includes a safe, wherein the transaction function device includes an input device, wherein the input device is located within the safe, wherein the computer is located in the machine outside the safe, wherein the second component is operative responsive to an input received through the input device to accept the first identity data from the computer, wherein the resolved second identity data corresponds to the accepted first identity data.
  - 14. The machine according to claim 13, wherein the transaction function device includes a cash dispenser, wherein the transaction function includes dispensing cash.
  - 15. The apparatus according to claim 14, wherein the at least one transaction function device includes at least one data store, wherein the second component is operative to cause the accepted first identity data to be stored in the at least one data store of the at least one transaction function device.
  - 16. The machine according to claim 15, wherein the computer is in operative connection with at least one component, wherein the at least one component includes the first identity data stored therein.

17. A method comprising:
- a) resolving first identity data through operation of a computer in an automated banking machine responsive to at least one component in operative connection with the computer;
  
  b) generating through operation of the computer at least one first authentication value responsive to the first identity data;
  
  c) generating through operation of the computer a randomly generated secret key;
  
  d) encrypting through operation of the computer the secret key using a public key associated with a transaction function device of the automated banking machine;
  
  e) sending at least one message from the computer to the transaction function device which includes the encrypted secret key and the at least one first authentication value;
  
  f) decrypting the secret key with the transaction function device using a private key that corresponds to the public key associated with the transaction function device;
  
  g) analyzing through operation of the transaction function device, the at least one first authentication value and at least one second authentication value and determining that the at least one first authentication value and the at least one second authentication value have a predetermined relationship; and
  
  h) responsive to (g) enabling the transaction function device to perform at least one transaction function in response to at least one encrypted message received from the computer.
- View Dependent Claims (18, 19, 20, 21, 22)
- - 18. The method according to claim 17, wherein prior to (g) further comprising:
    - i) resolving second identity data with the transaction function device; and
      
      j) generation through operation of the transaction function device, the at least one second authentication hash from the second identity data.
  - 19. The method according to claim 18, wherein the automated banking machine includes a safe, wherein the transaction function device includes an input device, wherein the input device is located within the safe, wherein the computer is located outside the safe, further comprising:
    - k) receiving an input through the input device;
      
      l) responsive to (k), accepting with the transaction function device, the first identity data from the computer, wherein in (i) the resolved second identity data corresponds to the accepted first identity data.
  - 20. The method according to claim 19, wherein in (h) the transaction function device includes a cash dispenser and the transaction function includes dispensing cash.
  - 21. The method according to claim 20, further comprising:
    - m) storing the accepted first identity data in at least one data store of the transaction function device.
  - 22. The method according to claim 21, wherein in (a) the first identity data corresponds to at least a portion of a serial number of the at least one component.

23. Computer readable media bearing instructions which are operative to cause a computer in an automated banking machine to cause the machine to carry out the a method comprising:
- a) resolving first identity data through operation of the computer in the automated banking machine responsive to at least one component in operative connection with the computer;
  
  b) generating through operation of the computer at least one first authentication value responsive to the first identity data;
  
  c) generating through operation of the computer a randomly generated secret key;
  
  d) encrypting through operation of the computer the secret key using a public key associated with a transaction function device of the automated banking machine;
  
  e) sending at least one message from the computer to the transaction function device which includes the encrypted secret key and the at least one first authentication value;
  
  f) decrypting the secret key with the transaction function device using a private key that corresponds to the public key associated with the transaction function device;
  
  g) analyzing through operation of the transaction function device, the at least one first authentication value and at least one second authentication value and determining that the at least one first authentication value and the at least one second authentication value have a predetermined relationship; and
  
  h) responsive to (g) enabling the transaction function device to perform at least one transaction function in response to at least one encrypted message received from the computer.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Diebold Nixdorf, Incorporated
Original Assignee
Diebold Self-Service Systems (Diebold Nixdorf, Incorporated)
Inventors
Block, James, Edwards, Judith, McCoy, Donald, Parsons, Donald
Primary Examiner(s)
LE, THIEN MINH

Application Number

US11/359,912
Time in Patent Office

476 Days
Field of Search

235/379, 235/380, 235/382, 235/375, 235/492, 235/493, 705/42
US Class Current

235/379
CPC Class Codes

G06Q 20/341   Active cards, i.e. cards in...

G06Q 20/3823   combining multiple encrypti...

G06Q 20/3825   Use of electronic signatures

G07F 19/20   Automatic teller machines [...

G07F 19/206   Software aspects at ATMs

G07F 7/084   Additional components relat...

G07F 7/1008   Active credit-cards provide...

Automated banking machine component authentication system and method

First Claim

19 Assignments

0 Petitions

Accused Products

Abstract

49 Citations

23 Claims

Specification

Solutions

Use Cases

Quick Links

Automated banking machine component authentication system and method

First Claim

19 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

49 Citations

23 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links