Transaction terminals are utilized in a variety of environments, such as retail establishments, automatic teller machines, gas pump payment terminals, and the like. These transaction terminals often have personal identification number (PIN) entry devices. These PIN entry devices typically include a keypad for entering data into the PIN entry device and a display for displaying messages to the customer, including prompting for the entry of data. The PIN entry device is often interfaced to a credit card reader to permit credit card numbers to be input into the PIN entry device by “swiping” them through the reader. Many of the messages displayed on the display are sent to the PIN entry device by the remote controller. The PIN entry device is typically linked to a remote device, such as a remote controller, such as via a network.
A concern with PIN entry devices that are linked to remote controllers via a network is that a hacker could hack into the network and monitor data that is being sent from the PIN entry device to the remote controller. To avoid the hacker obtaining sensitive data, such as credit card numbers and personal identification numbers, PIN entry devices have utilized security schemes to protect the data being sent to remote controllers, such as DES encryption. (Other types of encryption could also be used, such as double and triple DES, AES, RSI and PKI.) In this regard, in Jul., 1997, the Associations of Visa and MasterCard published a document entitled “Joint Point-Of-Sale PIN-Entry-Device Security Requirements,” commonly referred to as the PED Spec., in which they outlined what they considered to be “minimum acceptable security standards” in PIN entry devices.
In some transaction terminals, however, it is desirable that the PIN entry device be able to transmit clear text data to the remote controller. In the context of this application, the term “clear text data” or transmission of data in “clear text form” means data that is transmitted in a standard format, such as ASCII, without securing it using techniques such as encryption. For example, in some applications of PIN entry devices used on gas pumps, non-sensitive data, such as odometer readings and license numbers, is entered by the user via the PIN entry device and sent to the remote terminal as clear text data. An example of such an application would be a fueling station for a commonly owned fleet of vehicles where the fleet owner collects data, such as odometer readings of the vehicles, each time the vehicles are fueled in order to better manage the fleet of vehicles. This type of data is typically transmitted as clear text data to avoid the overhead involved in encrypting it.
A problem presented by the transmission of clear text data from the PIN entry device to the remote controller is that if a hacker is able to hack into the network connecting the PIN entry device to the remote controller, the hacker could emulate the remote controller sending a data entry prompt to the PIN entry device so that the PIN entry device displays the hacker's prompt. The hacker's prompt could be a prompt for the entry of sensitive information, such as credit card numbers or PINs. If a user then keys this information into the PIN entry device and it is transmitted in clear text form, the hacker would then be able to obtain the sensitive information with the possibility that this sensitive information would then be used for improper purposes, such as fraudulent ATM withdrawals.
To avoid sensitive information being transmitted in clear text form, the PED Spec. requires that data that is entered into the PIN entry device can be transmitted to the remote controller as “clear text” data only if it was input in response to a data entry prompt that is a “secure prompt.” In this regard, a “secure prompt” as that term is used herein means a prompt that prompts for the entry of non-sensitive data, such as odometer readings.
In order to comply with the PED Spec. requirements governing the transmission of clear text data, manufacturers of PIN entry devices have included a table of secure prompts in the memory of the PIN entry devices. The PIN entry device then transmits in clear text form data that is entered into it only if the data entry prompt received from the remote controller matches one of the secure prompts in the table.
A problem presented by the above described technique of matching the data entry prompt with the prompts in the secure prompt table is that remote controllers made by different manufacturers often use somewhat different prompts to prompt for the entry of the same information. For example, prompts for the entry of the user's zip code might take the form of “ENTER ZIP” or “ENTER ZIPCODE.” To accommodate the variations in these prompts, manufacturers of PIN entry devices have heretofore included each secure prompt variation in the secure prompt table. This, however, increases the size of the secure prompt table with a consequent increase in the amount of memory used to store it.
It is an objective of this invention to allow for variations in secure prompts without storing each variation in the secure prompt table.