Fuel dispensers dispense petroleum and alternative fuel products at retail service stations and convenience store operations around the world. Fuel dispensers have user interfaces, including displays and keypads, for effecting customer payment transactions. These user interfaces include credit/debit magnetic card readers for retrieving account information from the customer. Other point-of-sale (“POS”) terminals also include similar user interfaces.
These user interfaces, and in particular fuel dispenser interfaces accessible to the public in the open, have become subject to attack by individuals desiring to acquire account information from customers that have used the dispenser. There is a concern that display interfaces may be compromised so that the interfaces present false prompts to customers in an attempt to acquire this account information. When customers respond to these false prompts, their account information may be seized and used improperly and fraudulently.
The potential for such tampering has resulted in the adoption of certain physical security measures for fuel dispenser user interfaces. These security measures include mounting the display within a secure enclosure with the display controller. Alternatively, the display has been mounted to a secure enclosure and the display controller has been placed within the secure enclosure. In either case, the data and control lines for the display are not exposed and cannot be as easily compromised. Such arrangements, however, do not prevent removal of the entire user interface.
A conventional user interface for a fuel dispenser typically requires a user to complete several steps during a payment transaction. The user may provide sensitive information or data, such as a personal identification number (“PIN”) or account information, to complete the payment transaction. Attempts to intercept or otherwise obtain sensitive data provided to a payment terminal before it reaches its destination, such as a host processing system, have increased. With respect to fuel dispensers, for instance, attempts have been made to connect a device between the payment terminal and the processing system in order to intercept the sensitive data while in transit. As a result, payment terminals incorporate various mechanisms to protect and secure the sensitive data. For example, the payment terminal's circuit board comprising the components tasked with handling the sensitive data may be wrapped in a protective mesh covering that is operatively connected to the components. The components are disabled if the mesh covering's integrity is impaired in any way.
Additional room exists in the art for further security techniques.