System and method for selective encryption of input data during a retail transaction
First Claim
1. A method of collecting information at a retail terminal having a display and at least one input device, the method comprising:
- executing an application on the retail terminal, wherein the application comprises content to be presented on the display, wherein the content comprises at least one of advertising, instructions, and requests for confidential information from a user;
evaluating the application during execution thereof to determine whether the content contains one or more requests for confidential information;
authenticating the content to be presented on the display, regardless of whether the content contains one or more requests for confidential information;
presenting the content on the display if the content is authenticated;
if the content contains one or more requests for confidential information, encrypting data received from the at least one input device for transmission to a location separate from the retail terminal; and
transmitting the data received from the at least one input device as unencrypted if the information requested is not confidential information.
0 Assignments
0 Petitions
Accused Products
Abstract
A retail environment having retail terminals with data entry point devices selectively encrypts input received by the data entry point devices and passes the encrypted data to a security module. The selective encryption is based on whether or not sensitive or confidential information, such as a personal identification number (PIN) associated with a debit card, is being input. To prevent hacking of the software of the retail terminal, content destined for display on the retail terminal is authenticated prior to display. In this manner, the retail terminal may be assured that confidential information is input only when desired, and thus may be encrypted only as needed.
38 Citations
6 Claims
-
1. A method of collecting information at a retail terminal having a display and at least one input device, the method comprising:
-
executing an application on the retail terminal, wherein the application comprises content to be presented on the display, wherein the content comprises at least one of advertising, instructions, and requests for confidential information from a user; evaluating the application during execution thereof to determine whether the content contains one or more requests for confidential information; authenticating the content to be presented on the display, regardless of whether the content contains one or more requests for confidential information; presenting the content on the display if the content is authenticated; if the content contains one or more requests for confidential information, encrypting data received from the at least one input device for transmission to a location separate from the retail terminal; and transmitting the data received from the at least one input device as unencrypted if the information requested is not confidential information. - View Dependent Claims (2, 3, 4, 5, 6)
-
Specification