1. Field of the Invention
The present invention relates to an apparatus for entering a Personal Identification Number (hereinafter, PIN) in a cash transaction machine. More particularly, the present invention relates to a PIN entry apparatus for protecting a PIN and encrypting a user's valuable information in a cash transaction machine (terminal), and relates to a tamper resistant PIN entry apparatus in which the apparatus, in case that the PIN entry apparatus is disassembled to hack into a password, detects the event, makes the password or key data unreadable, and in case that a key pad is to be partially incised, prevents hacking of the password by disabling the incision.
2. Description of the Related Art
Generally, a device such as a financial terminal that prevents illegal access of another person for personal purpose, grants a password per user so as to authenticate financial transactions. In addition, the device like above lets the user input the password before performing financial transactions, and allows the next step to be performed only when the input password is confirmed to be identical to the pre-registered password.
Like above, a financial terminal requires the maximum security, and an encryptor for encrypting inputted data is coupled with a key pad for input of a password. As for the encryptor like above, there is being widely used an encryption PIN pad module that adopts DES (Data Encryption Standard) algorithm.
The DES PIN pad module is a module for processing encryption with respect to a user's password or a key. Therefore, the DES PIN pad module comprises number buttons for inputting a password, a plurality of selection buttons for performing all kinds of functions, and SRAM storing an encryption key. At this time, the SRAM is included in an electric circuit embedded inside the device, so as to disable the external random manipulation. On the other hand, the number buttons, the selection buttons, and the like are exposed on a position where a user can manipulate easily.
However, in case that a user with unjust intentions disassembles the DES PIN pad module embedded in a financial terminal and connects a separate hacking equipment to a key input unit, there is a problem that passwords might remain in a memory might be leaked.
The prior art to solve the aforementioned problem is the U.S. Pat. No. 6,512,454, and said United States Patent relates to technology which destroys information stored in a memory so as to maintain information stored in an electronic device, in case that a third person tries to access thereto.
For this, said United States Patent comprises an enclosure for protecting the electronic device and an electrical assembly adopting the enclosure.
FIG. 1 is a perspective view illustrating the conventional PIN pad module.
Briefly describing a technical configuration referred to said United States Patent, as shown in FIG. 1, an electronic device 10 is enclosed by first and second covers 20 and 30, and a fixing component 40 (e.g., a screw) passes through the first cover 20, so as to bind the covers 20 and 30 to each other, and passes through the electronic device 10, so as to form a part of an electric circuit.
In a normal state, fixing components 40 according to said United States Patent enable an electric current to pass to a part of circuit stably. However, in a state where any one of fixing components 40 is partially removed by an intruder or the like, the electric current circulating the fixing components 40 is cut off and a detector detects the event.
That is, although said United States Patent relates to technology for detecting external intrusion with respect to the electronic device 10, it is apparent that a detecting method is mainly concentrated on the fixing components 40 such as screws or the like. At this time, the fixing component 40 should form a part of circuit, not a simple fixing means, and separation thereof 40 or partial removal thereof 40 is required to detect an intruder's intrusion. The detector should detect the event directly through control of relevant circuits.
However, according to the conventional technology for protecting the electronic device, such as said United States Patent, in case that the intruder cuts off any one of the first and the second covers 20 and 30 of the electronic device 10, without touching the fixing component 40, thereby maintaining an electric current in a normal state, the electronic device 10 does not detect the external intrusion. Thus, there is a problem that information stored in the memory of the electronic device 10 might be leaked by hacking equipment.
Furthermore, only in case that the fixing component 40 such as a screw is completely removed from the electronic device 10, the flow of electric current is blocked and the detector detects the event. Therefore, in case that an intruder unscrews and cuts off the fixing component 40 by predetermined length, so as to maintain the flow of electric current of the electronic device 10 as it is, the first and the second covers 20 and 30 that enclose the electronic device 10 are opened to each other, and the electronic device 10 enclosed thereby 20 and 30 is completely exposed. Thus, there is a problem that the intruder may obtain useful information from the memory of the electron device 10 by using hacking equipments.