This invention relates generally to data terminals which utilize a touch screen for data entry. This invention relates more particularly to data terminals which utilize a touch screen for PIN code entry.
Touch screens for data entry on a computer terminal are well known in the art. A touch screen allows the user of a terminal to enter a menu selection or data by placing a finger or other object at a location on the display screen that corresponds to the menu item, function or data numeral to be entered. A touch sensitive element detects the coordinates of the touch event and the meaning of the touch event is determined by the coordinate location and the corresponding menu or data button displayed on the screen associated with the touch sensitive element.
When a touch screen is utilized to enter data such as a secret PIN number, it is vital that the PIN number be protected by encryption prior to being communicated to any external resource. Even if an encrypted PIN is utilized after PIN data is entered, the use of a touch screen for entry of a PIN code involves other risks that unscrupulous persons will be able to obtain the numerals of the PIN. For example, it may be possible for such persons to clean the touch screen prior to a particular target PIN entry and then analyze the fingermarks on the touch pad afterwards to determine the locations of the PIN entry touches and thus the numerals of the entered PIN.
Alternatively, such persons sight overlay the touch pad with another touch sensitive medium that detects the location and sequence of touches for later analysis to steal the target PIN.
Accordingly, utilizing a touch screen for entry of PIN data in a secure fashion present a difficult technical challenge.
It is a principal object of this invention to provide a more secure method for operating a touch screen device for entry of PIN data.
This invention provides a secure method for operating a combination touch pad and display screen device as a PINpad for entering a confidential personal identification number by defining a plurality of numerical keypad layouts for the display screen, each of the layouts having a unique arrangement of decimal number locations differing from all other layouts. For each PIN entry event a random one of the numerical keypad layouts is selected and this random one of the numerical keypad layouts is displayed on the display screen. Using a random layout effectively prevents persons from stealing the PIN numerals by analyzing the touches on the touch screen after the fact of PIN entry, since there is no way to correlate touch locations with PIN numerals.
Preferably the method of this invention is carried out in a a combination touch pad and display screen device with the touch pad being controlled by a touch pad controller and having an associated security processor, and the display being controlled by an application processor in communication with the touch pad controller and the display screen. The plurality of defined numerical keypad layouts each include an ENTER control key and each has an associated touch pad hot spot arrangement which is stored in association with the touch pad controller. The application processor stores a set of display layouts corresponding to the plurality of numerical keypad layouts. The touch pad controller selects for each PIN entry event a random number in the number range corresponding to the plurality of numerical keypad layouts. The application processor displays on the display screen a data entry screen having a set of discretely labeled data entry buttons corresponding to the display layout associated with the random number. The touch pad controller sets a corresponding one of the touch pad hot spot arrangements associated with the random number, responds to a sequence of touch events corresponding to active data entry buttons in the touch pad hot spot arrangement by storing each of the associated PIN numerals, and responds to a touch event corresponding to the xe2x80x9cENTERxe2x80x9d command button by encrypting the stored PIN numerals using the security processor and sending the encrypted PIN data to the application processor.
By using the touch pad controller and its associated security chip to select the random number and thus to control the numerical keypad layout and the associated hot spot arrangement, further security of PIN entry is achieved.
Other object, features and advantages of this invention will be apparent from the detailed description below taken in conjunction with the accompanying drawings.