Automated banking machine system and method
First Claim
1. A method comprising:
- a) generating with an encrypting pin pad (EPP) at least one pair of keys, wherein the at least one pair of keys includes a public key of the EPP and a private key of the EPP, wherein the EPP is configured to be installed in an ATM, wherein the EPP is operative when installed in the Automated Teller Machine (ATM) to encrypt a personal identification number (PIN) inputted through the EPP;
b) storing the public key of the EPP and the private key of the EPP in a memory of the EPP;
c) generating at least one certificate request message with the EPP, wherein the certificate request message includes the public key of the EPP;
d) outputting the certificate request message from the EPP;
e) receiving with the EPP at least one EPP certificate signed by a certificate authority (CA), wherein the EPP certificate includes the public key of the EPP;
f) receiving with the EPP at least one certificate of the CA signed by the CA, wherein the certificate of the CA includes a public key of the CA; and
g) storing the EPP certificate and the public key of the CA in the memory of the EPP.
20 Assignments
0 Petitions
Accused Products
Abstract
An automated banking machine (12, 200, 302) is provided. The machine may be operative to install a terminal master key (TK) therein in response to at least one input from a single operator. The machine may include an EPP (204) that is operative to remotely receive an encrypted terminal master key from a host system (210, 304). The machine may authenticate and decrypt the terminal master key prior to accepting the terminal master key. The machine may further output through a display device (30) of the machine a one-way hash of at least one public key associated with the host system. The machine may continue with the installation of the terminal master key in response to an operator confirming that the one-way hash of the public key corresponds to a value independently known by the operator to correspond to the host system.
35 Citations
54 Claims
-
1. A method comprising:
-
a) generating with an encrypting pin pad (EPP) at least one pair of keys, wherein the at least one pair of keys includes a public key of the EPP and a private key of the EPP, wherein the EPP is configured to be installed in an ATM, wherein the EPP is operative when installed in the Automated Teller Machine (ATM) to encrypt a personal identification number (PIN) inputted through the EPP; b) storing the public key of the EPP and the private key of the EPP in a memory of the EPP; c) generating at least one certificate request message with the EPP, wherein the certificate request message includes the public key of the EPP; d) outputting the certificate request message from the EPP; e) receiving with the EPP at least one EPP certificate signed by a certificate authority (CA), wherein the EPP certificate includes the public key of the EPP; f) receiving with the EPP at least one certificate of the CA signed by the CA, wherein the certificate of the CA includes a public key of the CA; and g) storing the EPP certificate and the public key of the CA in the memory of the EPP. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17)
-
-
18. A method comprising:
-
a) generating with an encrypting pin pad (EPP) at least one pair of keys, wherein the at least one pair of keys includes a public key of the EPP and a private key of the EPP, wherein the EPP is configured to be installed in an ATM, wherein the EPP is operative when installed in the ATM to encrypt a personal identification number (PIN) inputted through the EPP; b) storing the public key of the EPP and the private key of the EPP in a memory of the EPP; c) generating at least one certificate request message with the EPP, wherein the certificate request message includes the public key of the EPP; d) outputting the certificate request message from the EPP; e) receiving with the EPP at least one EPP certificate signed by a certificate authority (CA), wherein the EPP certificate includes the public key of the EPP; f) receiving with the EPP at least one certificate of the CA signed by the CA, wherein the certificate of the CA includes a public key of the CA; g) storing the EPP certificate and the public key of the CA in the memory of the EPP; h) installing the EPP in the ATM, wherein the ATM includes a cash dispenser; i) receiving with the ATM a first message from a host system which is representative of a command to send from the ATM a second message to a host system, wherein the second message includes the EPP certificate, wherein the first message corresponds to a operational command message; and j) responsive to (i) sending from the ATM the second message to the host system, wherein the second message includes the EPP certificate, wherein the second message corresponds to a solicited status messages.
-
-
19. A method comprising:
-
a) generating with an encrypting pin pad (EPP) at least one pair of keys, wherein the at least one pair of keys includes a public key of the EPP and a private key of the EPP, wherein the EPP is configured to be installed in an ATM, wherein the EPP is operative when installed in the ATM to encrypt a personal identification number (PIN) inputted through the EPP; b) storing the public key of the EPP and the private key of the EPP in a memory of the EPP; c) generating at least one certificate request message with the EPP, wherein the certificate request message includes the public key of the EPP; d) outputting the certificate request message from the EPP; e) receiving with the EPP at least one EPP certificate signed by a certificate authority (CA), wherein the EPP certificate includes the public key of the EPP; f) receiving with the EPP at least one certificate of the CA signed by the CA, wherein the certificate of the CA includes a public key of the CA; g) storing the EPP certificate and the public key of the CA in the memory of the EPP; h) installing the EPP in the ATM, wherein the ATM includes a cash dispenser; i) receiving at least one first input through at least one input device of the ATM from a single operator; j) sending from the ATM a first message to a host system responsive to receiving the at least one first input, wherein the first message includes data that is representative of a request to send a public key of the host system to the ATM wherein the first message corresponds to a unsolicited status message; k) receiving with the ATM a second message from a host system, wherein the second message includes the public key of the host system, wherein the second message corresponds to a write command message; l) calculating a one-way hash of the public key of the host system; m) outputting through a display device of the ATM the one-way hash; and n) receiving at least one second input through the at least one input device of the ATM that is representative of a command to accept the public key of the host system.
-
-
20. A method comprising:
-
a) generating with an encrypting pin pad (EPP) at least one pair of keys, wherein the at least one pair of keys includes a public key of the EPP and a private key of the EPP, wherein the EPP is configured to be installed in an ATM, wherein the EPP is operative when installed in the ATM to encrypt a personal identification number (PIN) inputted through the EPP; b) storing the public key of the EPP and the private key of the EPP in a memory of the EPP; c) generating at least one certificate request message with the EPP, wherein the certificate request message includes the public key of the EPP; d) outputting the certificate request message from the EPP; e) receiving with the EPP at least one EPP certificate signed by a certificate authority (CA), wherein the EPP certificate includes the public key of the EPP; f) receiving with the EPP at least one certificate of the CA signed by the CA, wherein the certificate of the CA includes a public key of the CA; g) storing the EPP certificate and the public key of the CA in the memory of the EPP; h) installing the EPP in the ATM, wherein the ATM includes a cash dispenser; i) receiving with the ATM a first message from a host system, wherein the first message includes a public key of the host system; j) calculating a one-way hash of the public key of the host system; k) outputting through a display device of the ATM the one-way hash; l) receiving at least one first input through the at least one input device of the ATM that is representative of a command to accept the public key of the host system; and m) sending from the ATM to the host system a second message representative of an acknowledgement that the certificate of the host system was accepted by the ATM, wherein the second message corresponds to a solicited status message.
-
-
21. A method comprising:
-
a) generating with an encrypting pin pad (EPP) at least one public key of the EPP and at least one private key of the EPP, wherein the EPP is configured to be installed in an ATM, wherein the EPP is operative when installed in the ATM to encrypt a personal identification number (PIN) input through the EPP; b) storing the at least one public key of the EPP and the at least one private key of the EPP in a memory of the EPP; c) generating at least one certificate request message with the EPP, wherein the certificate request message includes the at least one public key of the EPP; d) outputting the at least one certificate request message from the EPP; e) receiving with the EPP at least one primary EPP certificate signed by a certificate authority (CA) and at least one secondary EPP certificate signed by the CA, wherein the at least one primary EPP certificate and the at least one secondary EPP certificate includes the at least one public key of the EPP; and f) receiving with the EPP a primary certificate of the CA signed by the CA and a secondary certificate of the CA signed by the CA, wherein the primary certificate of the CA includes a primary public key of the CA, wherein the secondary certificate of the CA includes a secondary public key of the CA; g) storing the at least one primary EPP certificate, the at least one secondary EPP certificate, the at least one primary public key of the CA, and the at least one secondary public key of the CA in the memory of the EPP. - View Dependent Claims (22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36, 37, 38, 39, 40, 41)
-
-
42. A method comprising:
-
a) generating with an encrypting pin pad (EPP) a first pair of keys and a second pair of keys, wherein the first pair of keys includes an encipherment public key of the EPP and a decipherment private key of the EPP, wherein the second pair of keys includes a verification public key of the EPP and a signature private key of the EPP, wherein the EPP is configured to be installed in an ATM, wherein the EPP when installed in the ATM is operative to encrypt a personal identification number (PIN) inputted through the EPP; b) storing the encipherment public key of the EPP, the verification public key of the EPP, the decipherment private key of the EPP and the signature private key of the EPP, in a memory of the EPP; c) generating at least one first certificate request message with the EPP, wherein the at least one first certificate request message includes the encipherment public key of the EPP; d) outputting the at least one first certificate request message from the EPP; e) receiving with the EPP at least one encipherment/decipherment certificate for the EPP signed by a certificate authority (CA), wherein the at least one encipherment/decipherment certificate for the EPP includes the encipherment public key of the EPP; f) storing the at least one encipherment/decipherment certificate of the EPP in the memory of the EPP; g) generating at least one second certificate request message with the EPP, wherein the at least one second certificate request message includes the verification public key of the EPP; h) outputting the at least one second certificate request message from the EPP; i) receiving with the EPP at least one signature/verification certificate for the EPP signed by the CA, wherein the at least one signature/verification certificate for the EPP includes the verification public key of the EPP; and j) storing the at least one signature/verification certificate of the EPP in the memory of the EPP; k) receiving with the EPP at least one certificate of the CA signed by the CA, wherein the at least one certificate of the CA includes a public key of the CA; and l) storing the public key of the CA in the memory of the EPP. - View Dependent Claims (43, 44, 45, 46, 47, 48, 49, 50, 51, 52, 53)
-
-
54. A method comprising:
-
a) generating with an encrypting pin pad (EPP) at least one encipherment public key of the EPP, at least one decipherment private key of the EPP, at least one verification public key of the EPP, and at least one signature private key of the EPP, wherein the EPP is configured to be installed in an ATM, wherein the EPP when installed in the ATM is operative to encrypt a personal identification number (PIN) inputted through the EPP; b) storing the at least one encipherment public key of the EPP, the at least one verification public key of the EPP, the at least one decipherment private key of the EPP and the at least one signature private key of the EPP in a memory of the EPP; c) generating at least one certificate request message with the EPP, wherein the at least one certificate request message includes the at least one encipherment public key of the EPP and the at least one verification public key of the EPP; d) outputting the at least one certificate request message from the EPP to a certificate authority (CA); e) receiving with the EPP a primary encipherment/decipherment certificate for the EPP signed by a certificate authority (CA), a primary signature/verification certificate for the EPP signed by the CA, a secondary encipherment/decipherment certificate for the EPP signed by the CA, a secondary signature/verification certificate for the EPP signed by the CA, wherein the primary and secondary encipherment/decipherment certificates for the EPP include the at least one encipherment public key of the EPP, where the primary and secondary signature/verification certificates for the EPP include the at least one verification public key of the EPP; and f) storing the primary and the secondly encipherment/decipherment certificates and the primary and the secondary signature/verification certificates of the EPP in the memory of the EPP.
-
Specification