Automated banking machine system and method
First Claim
1. At least one article of computer readable mediaincluding non-transitory computer executable instructions operative to cause at least one processor of a host system to cause the host system to carry out a method comprising:
- a) through operation of the at least one processor, communicating with a plurality of cash dispensing automated teller machines (ATMs),b) through operation of the at least one processor, authorizing banking transactions carried out through operation of the ATMs,c) through operation of the at least one processor, receiving from an ATM from among the plurality of ATMs, data representative of a public key associated with the ATM,d) through operation of the at least one processor, causing first encrypted data to be generated using the public key associated with the ATM and at least one asymmetric cryptography algorithm,wherein the first encrypted data includes data corresponding to a first key,e) through operation of the at least one processor, causing to be sent to the ATM, at least one message including data corresponding to the first encrypted data,f) through operation of the at least one processor, causing second encrypted data to be generated using the first key and at least one symmetric cryptography algorithm,wherein the second encrypted data includes data corresponding to a second key,g) through operation of the at least one processor, causing to be sent to the ATM, at least one message including data corresponding to the second encrypted data,h) through operation of the at least one processor, receiving from the ATM, at least one message including data corresponding to third encrypted data encrypted using the second key,i) responsive at least in part to the data corresponding to the third encrypted data, through operation of the at least one processor, causing a determination to be made as to whether a banking transaction is authorized, andj) through operation of the at least one processor, causing to be sent to the ATM, at least one message including data corresponding to the determination as to whether the banking transaction is authorized.
20 Assignments
0 Petitions
Accused Products
Abstract
An automated banking machine (12, 200, 302) is provided. The machine may be operative to install a terminal master key (TK) therein in response to at least one input from a single operator. The machine may include an EPP (204) that is operative to remotely receive an encrypted terminal master key from a host system (210, 304). The machine may authenticate and decrypt the terminal master key prior to accepting the terminal master key. The machine may further output through a display device (30) of the machine a one-way hash of at least one public key associated with the host system. The machine may continue with the installation of the terminal master key in response to an operator confirming that the one-way hash of the public key corresponds to a value independently known by the operator to correspond to the host system.
95 Citations
29 Claims
-
1. At least one article of computer readable media
including non-transitory computer executable instructions operative to cause at least one processor of a host system to cause the host system to carry out a method comprising: -
a) through operation of the at least one processor, communicating with a plurality of cash dispensing automated teller machines (ATMs), b) through operation of the at least one processor, authorizing banking transactions carried out through operation of the ATMs, c) through operation of the at least one processor, receiving from an ATM from among the plurality of ATMs, data representative of a public key associated with the ATM, d) through operation of the at least one processor, causing first encrypted data to be generated using the public key associated with the ATM and at least one asymmetric cryptography algorithm, wherein the first encrypted data includes data corresponding to a first key, e) through operation of the at least one processor, causing to be sent to the ATM, at least one message including data corresponding to the first encrypted data, f) through operation of the at least one processor, causing second encrypted data to be generated using the first key and at least one symmetric cryptography algorithm, wherein the second encrypted data includes data corresponding to a second key, g) through operation of the at least one processor, causing to be sent to the ATM, at least one message including data corresponding to the second encrypted data, h) through operation of the at least one processor, receiving from the ATM, at least one message including data corresponding to third encrypted data encrypted using the second key, i) responsive at least in part to the data corresponding to the third encrypted data, through operation of the at least one processor, causing a determination to be made as to whether a banking transaction is authorized, and j) through operation of the at least one processor, causing to be sent to the ATM, at least one message including data corresponding to the determination as to whether the banking transaction is authorized. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22)
-
-
23. At least one article of computer readable media
including non-transitory computer executable instructions operative to cause at least one, processor of a host system to cause the host system to carry out a method comprising: -
a) through operation of the at least one processor, communicating with a plurality of cash dispensing automated teller machines (ATMs), wherein each of the ATMs includes a cash dispenser and an encrypting pin pad (EPP), b) through operation of the at least one processor, using public key cryptography to securely transfer a respective key encrypting key to each respective EPP, c) through operation of the at least one processor, using each respective key encrypting key with a symmetric cryptography algorithm to securely communicate a respective personal identification number (PIN) encrypting key to each respective EPP, d) through operation of the at least one processor, receiving from each respective EPP respective PIN data encrypted with the respective PIN encrypting key associated with each respective EPP, e) through operation of the at least one processor, decrypting the respective PIN data received from each respective EPP using the respective PIN encrypting key associated with each respective EPP, f) through operation of the at least one processor, using the respective PIN data received from each respective EPP to make a respective determination as to whether a respective cash dispense transaction is authorized to be carried out by each respective ATM that includes the respective EPP from which the respective PIN data was received, g) through operation of the at least one processor, causing the host system to communicate a respective message to each respective ATM responsive at least in part to each respective determination, whereby the cash dispensers of each ATM are operated by each ATM responsive at least in part to the respective determinations communicated by the host system. - View Dependent Claims (24, 25, 26, 27)
-
-
28. At least one article of computer readable media including non-transitory computer executable instructions operative to cause at least one processor to carry out a method comprising:
-
through operation of the at least one processor, communicating with a plurality of cash dispensing automated teller machines (ATMs), through operation of the at least one processor, authorizing banking transactions carried out through operation of the ATMs, through operation of the at least one processor, receiving from an ATM from among the plurality of ATMs, data representative of a public key associated with the ATM, through operation of the at least one processor, causing first encrypted data to be generated using the public key associated with the ATM and at least one asymmetric cryptography algorithm, wherein the first encrypted data includes data corresponding to a first key, through operation of the at least one processor, causing to be sent to the ATM, at least one message including data corresponding to the first encrypted data, through operation of the at least one processor, causing second encrypted data to be generated using the first key and at least one symmetric cryptography algorithm, wherein the second encrypted data includes data corresponding to a second key, through operation of the at least one processor, causing to be sent to the ATM, at least one message including data corresponding to the second encrypted data, through operation of the at least one processor, receiving from the ATM, at least one message including data corresponding to third encrypted data encrypted using the second key, responsive at least in part to the data corresponding to the third encrypted data, through operation of the at least one processor, causing a determination to be made as to whether a banking transaction is authorized, and through operation of the at least one processor, causing to be sent to the ATM, at least one message including data corresponding to the determination as to whether the banking transaction is authorized.
-
-
29. At least one article of computer readable media including non-transitory computer executable instructions operative to cause at least one processor to carry out a method comprising:
-
through operation of the at least one processor, communicating with a plurality of cash dispensing automated teller machines (ATMs) that each include a cash dispenser and an encrypting pin pad (EPP), through operation of the at least one processor, using public key cryptography to securely transfer a respective key encrypting key to each respective EPP, through operation of the at least one processor, using each respective key encrypting key with a symmetric cryptography algorithm to securely transfer a respective personal identification number (PIN) encrypting key to each respective EPP, through operation of the at least one processor, receiving from each respective EPP respective PIN data encrypted with the respective PIN encrypting key associated with each respective EPP, through operation of the at least one processor, decrypting the respective PIN data received from each respective EPP using the respective PIN encrypting key associated with each respective EPP, through operation of the at least one processor, using the respective PIN data received from each respective EPP to make a respective determination as to whether a respective cash dispense transaction is authorized to be carried out by each respective ATM that includes the respective EPP from which the respective PIN data was received, through operation of the at least one processor, causing a respective message to be sent to each respective ATM responsive at least in part to each respective determination.
-
Specification