Automated banking machine remote key load system and method

US 8,019,084 B1
Filed: 10/31/2007
Issued: 09/13/2011
Est. Priority Date: 04/23/2001
Status: Active Grant

First Claim

Patent Images

1. Apparatus comprising:

a card activated cash dispensing automated banking machine,wherein the automated banking machine includes at least one card reader device operative to read a card provided by a user of the machine,wherein the automated banking machine includes a cash dispenser,wherein the automated banking machine includes an encrypting pin pad (EPP), wherein the EPP includes at least one processor and a first private asymmetric key stored in the EPP,wherein the automated banking machine is operative to send at least one first message to a host banking system, wherein the at least one first message includes first data representative of a request to transfer a terminal master key to the automated banking machine, wherein the automated banking machine is operative to receive at least one second message from the host banking system, wherein the at least one second message includes an encrypted terminal master key, wherein the at least one processor of the EPP is operative to validate at least portions of the second message, wherein the at least one processor of the EPP is operative to decrypt the terminal master key with the first private asymmetric key using an asymmetric encryption algorithm, wherein the at least one processor of the EPP is operative to store the terminal master key in the EPP for use with decrypting at least one further key received from the host banking system.

View all claims

20 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A card activated cash dispensing automated banking machine is provided that is operative to send a message to a host banking system, which message includes data representative of a request to transfer an encrypted terminal master key from the host banking system to the automated banking machine. A processor in an encrypting pin pad (EPP) in the automated banking machine is operative to decrypt a received encrypted terminal master key using an asymmetric encryption algorithm with a first private asymmetric key previously stored in the EPP. The EPP is operative to store the terminal master key in the EPP for use with decrypting at least one further key received from the host banking system.

Citations

8 Claims

1. Apparatus comprising:
- a card activated cash dispensing automated banking machine,wherein the automated banking machine includes at least one card reader device operative to read a card provided by a user of the machine,wherein the automated banking machine includes a cash dispenser,wherein the automated banking machine includes an encrypting pin pad (EPP), wherein the EPP includes at least one processor and a first private asymmetric key stored in the EPP,wherein the automated banking machine is operative to send at least one first message to a host banking system, wherein the at least one first message includes first data representative of a request to transfer a terminal master key to the automated banking machine, wherein the automated banking machine is operative to receive at least one second message from the host banking system, wherein the at least one second message includes an encrypted terminal master key, wherein the at least one processor of the EPP is operative to validate at least portions of the second message, wherein the at least one processor of the EPP is operative to decrypt the terminal master key with the first private asymmetric key using an asymmetric encryption algorithm, wherein the at least one processor of the EPP is operative to store the terminal master key in the EPP for use with decrypting at least one further key received from the host banking system.
- View Dependent Claims (2, 3, 4, 5, 6, 7)
- - 2. The apparatus according to claim 1, wherein the automated banking machine is operative to receive at least one message from the host banking system, wherein the at least one message includes a command to initiate a transfer of a terminal master key to the automated banking machine, wherein the automated banking machine is operative to send the at least one first message to the host banking system responsive to the at least one third message.
  - 3. The apparatus according to claim 2, wherein the third message corresponds to an operational command message, wherein the first message corresponds to a solicited status message.
  - 4. The apparatus according to claim 1, wherein the first message corresponds to an unsolicited status message, wherein the second message corresponds to a write command message.
  - 5. The apparatus according to claim 1, wherein the at least one processor of the EPP is operative to determine that the terminal master key is a double-length key, wherein the at least one processor of the EPP is operative to configure a current encryption algorithm that is used by the at least one processor of the EPP to encrypt data, from a Single-DES encryption algorithm to a double-length Triple-DES encryption algorithm responsive to determining that the terminal master key is a double-length key.
  - 6. The apparatus according to claim 1, wherein the at least one processor of the EPP is operative to generate at least one pair of keys, wherein the at least one pair of keys includes a public key of the EPP and a private key of the EPP, wherein the private key of the EPP corresponds to the first private asymmetric key, wherein the at least one processor of the EPP is operative to encrypt a personal identification number (PIN) inputted through the EPP using the at least one further key received from the host banking system, wherein the at least one processor of the EPP is operative to store the public key of the EPP and the private key of the EPP in a memory of the EPP, wherein the at least one processor of the EPP is operative to generate at least one certificate request message with the EPP, wherein the certificate request message includes the public key of the EPP, wherein the at least one processor of the EPP is operative to output the certificate request message from the EPP, wherein the EPP is operative to receive at least one EPP certificate signed by a certificate authority (CA), wherein the EPP certificate includes the public key of the EPP, wherein the at least one processor of the EPP is operative to receive at least one certificate of the CA signed by the CA, wherein the certificate of the CA includes a public key of the CA, wherein the at least one processor of the EPP is operative to store the EPP certificate and the public key of the CA in the memory of the EPP.
  - 7. The apparatus according to claim 6, wherein the public key of the CA corresponds to an original public key of an initial CA, wherein the EPP includes the original public key of the initial CA and at least one original public key of the host banking system, wherein the at least one processor of the EPP is operative to validate the first message using the original public key of the host banking system, wherein the automated banking machine is operative to receive a new certificate of a new CA from the host banking system, wherein the new certificate of the new CA includes a new public key of the new CA, wherein the new certificate of the new CA is signed by the initial CA, wherein the new certificate of the new CA is further signed by the host banking system, wherein the at least one processor of the EPP is operative to validate the digital signature of the initial CA included with the new certificate of the new CA using the original public key of the initial CA, wherein the at least one processor of the EPP is operative to validate a digital signature of the host banking system included with the new certificate of the new CA using the at least one original public key of the host banking system, wherein the at least one processor of the EPP is operative to store the new public key of the new CA in the EPP.

8. Apparatus comprising:
- a card activated cash dispensing automated banking machine,wherein the automated banking machine includes a card reader, a cash dispenser, and an encrypting pin pad (EPP),wherein the automated banking machine reads card data corresponding to financial accounts from user cards with the card reader,wherein the EPP includes at least one processor, wherein the EPP includes a first private asymmetric key stored in the EPP,wherein the automated banking machine includes at least one computer in operative connection with the card reader, the cash dispenser, and the EPP,wherein the at least one computer is operatively configured to send at least one first message to a host banking system, wherein the at least one first message includes first data representative of a request to transfer a terminal master key to the automated banking machine, wherein the at least one computer is operatively configured to receive at least one second message from the host banking system, wherein the at least one second message includes an encrypted terminal master key,wherein the at least one processor of the EPP is operatively configured to validate at least portions of the at least one second message, wherein the at least one processor of the EPP is operatively configured to decrypt the terminal master key with the first private asymmetric key of the EPP using an asymmetric encryption algorithm, wherein the at least one processor of the EPP is operatively configured to store the terminal master key in the EPP for use with decrypting at least one further key received from the host banking system.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Diebold Nixdorf, Incorporated
Original Assignee
Diebold Incorporated (Diebold Nixdorf, Incorporated)
Inventors
Zajkowski, Timothy, Smith, Mark D., Doland, Anne
Primary Examiner(s)
Shiferaw; Eleni A
Assistant Examiner(s)
Gelagay; Shewaye

Application Number

US11/981,169
Time in Patent Office

1,413 Days
Field of Search

None
US Class Current

380/278
CPC Class Codes

G06Q 20/3552   Downloading or loading of p...

G06Q 20/382   insuring higher security of...

G06Q 20/3829   involving key management

G07D 11/28   Setting of parameters; Soft...

G07F 19/20   Automatic teller machines [...

G07F 19/206   Software aspects at ATMs

G07F 7/1008   Active credit-cards provide...

H04L 2209/56   Financial cryptography, e.g...

H04L 2209/80   Wireless

H04L 63/06   for supporting key manageme...

H04L 63/0823   using certificates cryptogr...

H04L 63/12   Applying verification of th...

H04L 9/0825   using asymmetric-key encryp...

H04L 9/0891   Revocation or update of sec...

H04L 9/3263   involving certificates, e.g...

Automated banking machine remote key load system and method

First Claim

20 Assignments

0 Petitions

Accused Products

Abstract

Citations

8 Claims

Specification

Solutions

Use Cases

Quick Links

Automated banking machine remote key load system and method

First Claim

20 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

8 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links