Fuel dispensing payment system for secure evaluation of cardholder data
First Claim
1. A system used in a retail environment for providing end-to-end encryption of payment cardholder data, said system comprising:
- an input device configured to receive cardholder data, said input device further configured to encrypt said cardholder data according to a first encryption method to produce first encrypted cardholder data;
a cardholder data handling device in electronic communication with said input device; and
a secure evaluation assembly operatively connected to said cardholder data handling device and configured to receive said first encrypted cardholder data, said secure evaluation assembly comprising antitampering semiconductor chip,wherein said antitampering semiconductor chip is configured and programmed to decrypt said first encrypted cardholder data to produce unencrypted cardholder data, evaluate said unencrypted cardholder data to determine whether said unencrypted cardholder data is payment cardholder data or nonsentive cardholder data, encrypting said unencrypted cardholder data according to a second encryption method to produce second encrypted cardholder data and transmit said second encrypted cardholder data to a remote host processing system when said unencrypted cardholder data is payment cardholder data, and transmit said unencrypted cardholder data to a local process system in unencrypted form when said unencrypted cardholder data is nonsensitive cardholder data.
3 Assignments
0 Petitions
Accused Products
Abstract
A system used in a retail environment for providing end-to-end encryption of payment cardholder data. An input device configured to receive cardholder data is operative to encrypt the cardholder data according to a first encryption method to produce first encrypted cardholder data. A cardholder data handling device is in electronic communication with the input device. A secure evaluation assembly (SEA) is operatively connected to the cardholder data handling device and comprises antitampering control electronics adapted to decrypt the first encrypted cardholder data to produce unencrypted cardholder data. The antitampering control electronics evaluate the unencrypted cardholder data to determine whether the unencrypted cardholder data is payment cardholder data or nonsensitive cardholder data. Finally, if the unencrypted cardholder data is payment cardholder data, the antitampering control electronics of the SEA are adapted to encrypt the unencrypted cardholder data according to a second encryption method to produce second encrypted cardholder data.
-
Citations
18 Claims
-
1. A system used in a retail environment for providing end-to-end encryption of payment cardholder data, said system comprising:
-
an input device configured to receive cardholder data, said input device further configured to encrypt said cardholder data according to a first encryption method to produce first encrypted cardholder data; a cardholder data handling device in electronic communication with said input device; and a secure evaluation assembly operatively connected to said cardholder data handling device and configured to receive said first encrypted cardholder data, said secure evaluation assembly comprising antitampering semiconductor chip, wherein said antitampering semiconductor chip is configured and programmed to decrypt said first encrypted cardholder data to produce unencrypted cardholder data, evaluate said unencrypted cardholder data to determine whether said unencrypted cardholder data is payment cardholder data or nonsentive cardholder data, encrypting said unencrypted cardholder data according to a second encryption method to produce second encrypted cardholder data and transmit said second encrypted cardholder data to a remote host processing system when said unencrypted cardholder data is payment cardholder data, and transmit said unencrypted cardholder data to a local process system in unencrypted form when said unencrypted cardholder data is nonsensitive cardholder data. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12)
-
-
13. A method for processing a transaction involving cardholder data in a retail payment system, wherein the retail payment system comprises an input device, a cardholder data handling device in communication with said input device, a secure evaluation assembly operatively connected to said cardholder data handling device, said secure evaluation assembly comprising antitampering semiconductor chip, the method comprising the steps of:
-
receiving cardholder data at the input device; encrypting, by the input device, said cardholder data according to a first encryption method to produce first encrypted cardholder data; receiving, by the secure evaluation assembly, said first encrypted cardholder data; decrypting, by the antitampering semiconductor chip, said first encrypted cardholder data to produce unencrypted cardholder data; evaluating, by the antitampering semiconductor chip, said unencrypted cardholder data and determining whether said unencrypted cardholder data is payment cardholder data or nonsentive cardholder data; encrypting, by the antitampering semiconductor chip, said unencrypted cardholder data according to a second encryption method to produce second encrypted cardholder data and transmitting said second encrypted cardholder data to a remote host processing system when said unencrypted cardholder data is payment cardholder data; and transmitting said unencrypted cardholder data to a local processing system in unencrypted form when said unencrypted cardholder data is nonsensitive cardholder data. - View Dependent Claims (14, 15, 16, 17, 18)
-
Specification