1. Technical Field
The present invention relates in general to communications between data processing systems and peripheral devices, and in particular to a system and method for hiding from a computer system entry of a personal identification number (PIN) to a smart card when the PIN is being entered to authorize a purchase transaction for charging a purchase to the smart card. Still more particularly, the present invention relates to a system and method for further securing the use of a smart card that requires entry of a PIN from hackers.
2. Description of the Related Art
The proliferation of computers that provide Universal Serial Bus (USB) ports has resulted in the creation and use of various peripheral devices that interface to computers via the USB and will hereafter be referred to as USB devices. The use of such USB devices is very attractive due to the low cost of implementing USB technology.
USB devices that presently exist include authorization devices, authentication devices, secure devices, etc. (hereinafter collectively referred to as xe2x80x9csecurity devicesxe2x80x9d). One well known example of such a security device is a smart card reader that reads a smart card. With reference now to the figures and in particular with reference to FIG. 1, a block diagram 100 illustrating a smart card reader 108 in communication with a computer system 102 via a USB communications line 106 according to the prior art is shown. As shown, smart card reader 108 has a smart card reader slot 110 in which a smart card 112 is inserted to be read. Smart card reader 108 may be easily connected to computer system 102 in a xe2x80x9cPlug-and-Playxe2x80x9d manner. The use of smart card reader 108 with computer system 102 is very attractive due to the low cost and ease of set up.
FIG. 1 further shows (in an exploded view) that smart card 112 has an electronic chip 114 embedded in a card body 115 of smart card 112. Smart card 112 further has module contacts 116 that overlie and are in contact with electronic chip 114. Module contacts 116 contact electronic contacts in smart card reader 108 and interface with smart card reader 108 when smart card 112 is inserted into slot 112 and read by smart card reader 108. Electronic chip 114 generally has a microprocessor and a memory system, that includes at least a write-only memory device and an internal read-only memory (ROM) device. Smart card reader 108 generally serves as an electronic interface device between smart card 112 and computer system 102.
A user uses computer system 102 to browse a product or service provider""s web site at web server 105B via Internet 101. Computer system 102 may be either in a typical residential or commercial setting. When the user enters into a purchase transaction with the product or service provider hosting web server 105B in order to purchase a product(s) or service(s) offered at the web site, web server 105B is programmed to send to computer system 102 a payment method request to prompt the user to provide a payment method for satisfying the charge(s) of the purchase transaction. The user indicates to computer system 102 that smart card 112 is to be used as the charge card to be charged for the purchase transaction. The user inserts smart card 112 into smart card reader 108. A message request is generated by web server 105B, and the message request generally involves an inquiry by the product or service provider to the user to verify the purchase(s) and the respective amount(s) to be charged to smart card 112 and to prompt entry of the correct PIN for smart card 112.
When smart card 112 is set up as a charge card used by a card holder only (i.e., user), the correct personal identification number (PIN) is assigned as an authorization code for smart card 112 and stored in the internal ROM device within electronic chip 114 of smart card 112. The internal ROM device is only able to be read internally by the microprocessor of smart card 112 and not by any other device, particularly external devices. The PIN is memorized by the user and provided to smart card 112 by the user when the user wishes to charge a purchase(s) to smart card 112.
As shown in FIG. 1, when smart card 112 is inserted into slot 110 of smart card reader 108, electronic chip 114 of smart card 112 is then in contact with smart card reader 108 via module contacts 116 and electronic contacts of smart card reader 108. Computer system 102 is programmed to sense insertion of smart card 112 into smart card reader 108 via USB communication line 106. Identity of smart card 112 is stored in a memory device of electronic chip 114 and is sent to computer system 102 and web server 105B in order to respectively identify smart card 112 as the card to be charged for a purchase(s) made in the purchase transaction. No other numbers or card information (i.e. credit or debit card numbers or expiration dates) are associated with smart card 112 in order to use smart card 112 as a charge card.
The message request prompts the user to enter the correct PIN (e.g., a four or five digit code) for authorizing use of smart card 112. The user then attempts entry of the PIN through keyboard 104, and the entered PIN is sent to computer system 102, which, in turn, sends the entered PIN to smart card 112 via USB communication line 106 and smart card reader 108. The entered PIN is received by electronic chip 114 of smart card 112. Electronic chip 114 directs storage of the entered PIN into the write-only memory device. The entry of the PIN is generally a one-time entry to smart card 112, and the entered PIN is used only one time per entry for authorizing smart card 112. The entered PIN may be programmed to be erased after authorization or after a pre-determined amount of time has elapsed.
The microprocessor in electronic chip 114 compares the entered PIN stored in the write-only memory device with the correct PIN stored in the ROM device (i.e., PIN comparison is performed). If the entered PIN in the write-only memory device matches the correct PIN stored in the ROM device, then an authorization signal for authorizing the purchase transaction and allowing the purchase(s) from the purchase transaction to be charged to smart card 112 is generated by smart card 112. The authorization signal does not contain any PIN information. The authorization signal is sent from smart card 112 to computer system 102 via smart card reader 108 and USB communication line 106 and then to web server 105B via Internet 101. Web server 105B accordingly acknowledges authorization of the purchase transaction and respectively charges smart card 112 for the purchase(s) from the purchase transaction. On the other hand, if the entered PIN in the write-only memory device does not match the correct PIN stored in the ROM device, then a decline signal for declining the purchase transaction and prohibiting the purchase(s) from the purchase transaction to be charged to smart card 112 is generated by smart card 112. The decline signal is sent from smart card 112 to computer system 102 via smart card reader 108 and USB communication line 106 and then to web server 105B via Internet 101. Computer system 102 may be directed to prompt the user to re-attempt entry of the correct PIN, and the process of verifying the correct PIN for smart card 112 is again repeated for the re-entered PIN. After a number of attempts to enter the PIN have been tried, computer system 102 may be programmed to finally prevent the user from making any further attempts to enter the correct PIN.
Since the identity of smart card 112 is sent to computer system 102 by smart card 112 and the PIN is entered by the user into computer system 102 through keyboard 104, an unauthorized person using another computer system 105A may be able to gain illicit access into computer system 102 and learn the identity of smart card 112 and the PIN for smart card 112 when the PIN is being entered into computer system 102. For example, when computer system 102 is in on-line communications with web server 105B via Internet 101, the unauthorized person can use computer system 105A to gain illicit access into computer system 102 through Internet 101. The unauthorized person could use a program, such as a xe2x80x9cTrojan Horsexe2x80x9d program or a xe2x80x9cBack Orificexe2x80x9d program, from computer system 105A that would enable every input and entry being made to computer system 102 to be viewed at computer system 105A. The unauthorized person would be able to learn the identity of smart card 112 and the user""s PIN by respectively gaining access and watching on a display screen at computer system 105A the information transmitted from smart card 112 to computer system 102 and key strokes being depressed on keyboard 104 of computer system 102 when the user is entering the PIN for smart card 112. With the unauthorized person knowing the identity and the correct PIN of smart card 112, the unauthorized person would be able to configure a duplicate smart card with the same identity and the correct PIN and use the duplicate smart card to make unauthorized purchases. This situation poses a serious security problem with user""s being able to use smart cards 112 as a charge card.
Due to the existence of such serious security problems, smart cards 112 are generally not compliant with standards for credit cards, debit cards, or other secure transaction cards (hereinafter collectively referred to as xe2x80x9csecure transaction cardsxe2x80x9d). An example of such standards is provided by the Euro Card/Master Card/Visa Card (EMV) standards. The fact that smart cards 112 are not compliant with these security standards is quite unfortunate since the use of smart card 112 would provide an inexpensive and easy way for implementing a charge card for authorizing purchase transactions for charging purchases to smart card 112, particularly for purchase transactions made over Internet 101.
A system and method for isolating a computer system from entry of a personal identification number (PIN) to a smart card. The system and method includes a computer system that is in communication with an unsecure network to allow a user to engage in a purchase transaction. The system and method also includes a smart card reader in which a smart card is inserted and read. A secure personal-identification-number (PIN) entry device is coupled between the computer system and the smart card reader. The secure PIN entry device is used for entering a correct code for the PIN. Communication between computer system and secure PIN entry device is disconnected until the correct code for the PIN is entered at secure PIN entry device and sent to the smart card in order to authorize use of the smart card for the purchase transaction. In response to the correct code for the PIN being entered and sent to the smart card, communication between computer system and secure PIN entry device is established. The secure PIN entry device has a processor for controlling the disconnection and connection of communication between the computer system and the secure PIN entry device. The secure PIN entry device also has a display for displaying a message request relating to the purchase transaction. The message request prompts a user to provide the PIN to authorize use of the smart card for a purchase transaction.
The above as well as additional objects, features, and advantages of the present invention will become apparent in the following detailed written description.