In retail environments such as stores and service stations, there is a need for maintaining security of customer entered Personal Identification Numbers (PINs). This is especially true in Gasoline Service Stations where the customer may initiate the sale of the product by inserting a magnetic strip credit or debit card (or other type of card) into a card reader which is mounted on a gasoline dispenser, or perhaps elsewhere in a service station. The customer then enters a PIN number via a keypad. The PIN is transmitted along with data read from the magnetic strip to a host computer which can compare the PIN and data from the card to authorize a purchase.
The PIN must be protected from disclosure so that unauthorized persons may not use the PIN in conjunction with the card to defraud either the legitimate card holder, the vendor or an authorizing financial institution or card issuer. In some service station circumstances the customer is requested to enter his/her PIN number in a keypad which is a part of the dispenser housing. Alternatively, he/she may enter the number into a special purpose PIN pad (commercially available from several different companies), when the sale is controlled from a point of sale console. It is desirable, and required in most instances, that the PIN number be encrypted at the point of entry so that no transmissions of the clear text (i.e. not encrypted) PIN occur across any transmission medium that is subject to interception. Thus, it is desirable to use encryption techniques in the PIN pads and in the dispensers if they are such points of entry. Typically, the PIN pads and/or dispensers must be injected with cryptographic keys which are used in the encryption process for exchange of PIN data.
The injection must be done in a secure environment because the cryptographic keys must be initially loaded into PIN pads or dispensers in their clear text form and are therefore subject to interception. PIN pads are small, easily replaceable, and easily injected with cryptographic keys in a secure environment. However, this is not true of dispensers because they require periodic service, which cause them to lose their key data and necessitate another injection process. Since the dispensers are bulky, the removal of the dispenser and shipment to a secure environment for re-keying are impractical. Installing separate, replaceable PIN pads in the dispensers is feasible, but not cost effective for service stations which have a large number of dispensers and requires a large inventory of replacement devices.
Also, it would be desirable to have the encryption keys used in the host system as secure as possible, since unauthorized access to those keys could lead to large losses. If each dispenser has the host system encryption key in it, the chances for loss increase. Accordingly, it would be desirable to avoid injecting the host keys into the dispensers or any part of the dispenser, to enhance security.
Various other cryptographic efforts are known for various applications, of which the following patents and publications are exemplary, but none disclose or suggest the invention disclosed or claimed herein:
______________________________________ 4,658,094 4/1987 Clark 4,405,829 9/1983 Rivest et al 4,424,414 1/1984 Hellman et al ______________________________________
"A Method for Obtaining Digital Signatures and Public-Key Cryptosystems." By R. L. Rivest, A. Shamir, and L. Adelman, Communication of the ACM, February 1978, Volume 21 Number 2. Pages 120-126.
The Art of Computer Programming, Volume 2: Seminumerical Algorithms, By D. E. Knuth, Addison-Wesley, Reading, Mass. 1969.
"The First Ten Years of Public Key Cryptography", By Whitfield Diffie, Proceedings of the IEEE, Volume 6 Number 5, May 1988, Pages 560-577.
Thus, there still remains a need in the art for a suitable system and components for secure handling of PINs in service stations and other retail environments.