Fuel dispensing payment system for secure evaluation of cardholder data

US 9,262,760 B2
Filed: 12/22/2010
Issued: 02/16/2016
Est. Priority Date: 12/22/2010
Status: Active Grant

First Claim

Patent Images

1. A system used in a retail environment for providing end-to-end encryption of payment cardholder data, said system comprising:

an input device configured to receive cardholder data, said input device further configured to encrypt said cardholder data according to a first encryption method to produce first encrypted cardholder data;

a cardholder data handling device in electronic communication with said input device; and

a secure evaluation assembly operatively connected to said cardholder data handling device and configured to receive said first encrypted cardholder data, said secure evaluation assembly comprising antitampering semiconductor chip,wherein said antitampering semiconductor chip is configured and programmed to decrypt said first encrypted cardholder data to produce unencrypted cardholder data, evaluate said unencrypted cardholder data to determine whether said unencrypted cardholder data is payment cardholder data or nonsentive cardholder data, encrypting said unencrypted cardholder data according to a second encryption method to produce second encrypted cardholder data and transmit said second encrypted cardholder data to a remote host processing system when said unencrypted cardholder data is payment cardholder data, and transmit said unencrypted cardholder data to a local process system in unencrypted form when said unencrypted cardholder data is nonsensitive cardholder data.

View all claims

3 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A system used in a retail environment for providing end-to-end encryption of payment cardholder data. An input device configured to receive cardholder data is operative to encrypt the cardholder data according to a first encryption method to produce first encrypted cardholder data. A cardholder data handling device is in electronic communication with the input device. A secure evaluation assembly (SEA) is operatively connected to the cardholder data handling device and comprises antitampering control electronics adapted to decrypt the first encrypted cardholder data to produce unencrypted cardholder data. The antitampering control electronics evaluate the unencrypted cardholder data to determine whether the unencrypted cardholder data is payment cardholder data or nonsensitive cardholder data. Finally, if the unencrypted cardholder data is payment cardholder data, the antitampering control electronics of the SEA are adapted to encrypt the unencrypted cardholder data according to a second encryption method to produce second encrypted cardholder data.

40 Citations

View as Search Results

18 Claims

1. A system used in a retail environment for providing end-to-end encryption of payment cardholder data, said system comprising:
- an input device configured to receive cardholder data, said input device further configured to encrypt said cardholder data according to a first encryption method to produce first encrypted cardholder data;
  
  a cardholder data handling device in electronic communication with said input device; and
  
  a secure evaluation assembly operatively connected to said cardholder data handling device and configured to receive said first encrypted cardholder data, said secure evaluation assembly comprising antitampering semiconductor chip,wherein said antitampering semiconductor chip is configured and programmed to decrypt said first encrypted cardholder data to produce unencrypted cardholder data, evaluate said unencrypted cardholder data to determine whether said unencrypted cardholder data is payment cardholder data or nonsentive cardholder data, encrypting said unencrypted cardholder data according to a second encryption method to produce second encrypted cardholder data and transmit said second encrypted cardholder data to a remote host processing system when said unencrypted cardholder data is payment cardholder data, and transmit said unencrypted cardholder data to a local process system in unencrypted form when said unencrypted cardholder data is nonsensitive cardholder data.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12)
- - 2. A system as in claim 1, wherein said secure evaluation assembly is implemented as a dongle.
  - 3. A system as in claim 2, wherein said dongle comprises a Univeral Serial Bus (USB) interface.
  - 4. A system as in claim 1, wherein remote host processing system provides payment authorization based at least in part on the second encrypted cardholder data.
  - 5. A system as in claim 1, wherein said first and second encryption methods are the same.
  - 6. A system as in claim 1, wherein said first and second encryption methods are different.
  - 7. A system as in claim 1, wherein said first encryption method comprises triple DES encryption of cardholder data.
  - 8. A system as in claim 7, wherein said input device is antitampering.
  - 9. A system as in claim 1, wherein said cardholder data handling device is selected from the group consisting of a fuel dispenser control system, a POS, and a site controller.
  - 10. A system as in claim 1, wherein said secure evaluation assembly comprises a memory for storing encryption keys related to said second encryption method, and said antitampering semiconductor chip is configured to delete said encryption keys from said memory based on detecting unauthorized access of said memory.
  - 11. A system as in claim 10, wherein said antitampering semiconductor chip comprise an internal memory for employing a third encryption to read and write from said memory, and said antitampering semiconductor chip is configured to delete at least a portion of contents of said internal memory based on detecting unauthorized access of said memory or said internal memory.
  - 12. A system as in claim 1, wherein said antitampering semiconductor chip comprise an internal memory for employing a third encryption to read and write from a memory of the secure evaluation assembly, and said antitampering semiconductor chip is configured to delete at least a portion of contents of said internal memory based on detecting unauthorized access of said memory or said internal memory.

13. A method for processing a transaction involving cardholder data in a retail payment system, wherein the retail payment system comprises an input device, a cardholder data handling device in communication with said input device, a secure evaluation assembly operatively connected to said cardholder data handling device, said secure evaluation assembly comprising antitampering semiconductor chip, the method comprising the steps of:
- receiving cardholder data at the input device;
  
  encrypting, by the input device, said cardholder data according to a first encryption method to produce first encrypted cardholder data;
  
  receiving, by the secure evaluation assembly, said first encrypted cardholder data;
  
  decrypting, by the antitampering semiconductor chip, said first encrypted cardholder data to produce unencrypted cardholder data;
  
  evaluating, by the antitampering semiconductor chip, said unencrypted cardholder data and determining whether said unencrypted cardholder data is payment cardholder data or nonsentive cardholder data;
  
  encrypting, by the antitampering semiconductor chip, said unencrypted cardholder data according to a second encryption method to produce second encrypted cardholder data and transmitting said second encrypted cardholder data to a remote host processing system when said unencrypted cardholder data is payment cardholder data; and
  
  transmitting said unencrypted cardholder data to a local processing system in unencrypted form when said unencrypted cardholder data is nonsensitive cardholder data.
- View Dependent Claims (14, 15, 16, 17, 18)
- - 14. The method of claim 13, wherein said first and second encryption methods are different.
  - 15. The method of claim 14, wherein said remote host processing system provides payment authorization based at least in pail on the second encrypted cardholder data.
  - 16. The method of claim 13, wherein said cardholder data handling device is selected from the group consisting of a fuel dispenser control system, a POS, and a site controller.
  - 17. The method of claim 13, further comprising evaluating said unencrypted cardholder data in said antitampering semiconductor chip to perform transaction validation.
  - 18. The method of claim 13, wherein said secure evaluation assembly is implemented as a dongle having a Univeral Serial Bus (USB) interface.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Gilbarco Italia SRL (Vontier Corp.)
Original Assignee
Gilbarco SRL (Fortive Corp.), Gilbarco Incorporated (Vontier Corp.)
Inventors
Carapelli, Giovanni, Ringeman, Kenneth, Williams, Rodger
Primary Examiner(s)
KIM, STEVEN S

Application Number

US12/975,502
Publication Number

US 20120166343A1
Time in Patent Office

1,882 Days
Field of Search

705/44, 705/55, 705/64, 705/71, 705/906
US Class Current

1/1
CPC Class Codes

G06Q 20/34   using cards, e.g. integrate...

G06Q 20/382   insuring higher security of...

G06Q 20/3823   combining multiple encrypti...

G06Q 20/40   Authorisation, e.g. identif...

G06Q 2220/00   Business processing using c...

G07F 13/00   Coin-freed apparatus for co...

G07F 13/025   wherein the volume is deter...

H04L 9/50   using hash chains, e.g. blo...

Fuel dispensing payment system for secure evaluation of cardholder data

First Claim

3 Assignments

0 Petitions

Accused Products

Abstract

40 Citations

18 Claims

Specification

Solutions

Use Cases

Quick Links

Fuel dispensing payment system for secure evaluation of cardholder data

First Claim

3 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

40 Citations

18 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links