This invention relates to encryption circuits and to PIN pads. More specifically, this invention relates to the securing through encryption of information entered on a PIN pad.
Well established in the art of securing a financial transaction is the use of a key pad to verify that the person transacting business is in fact the rightful person authorized to perform the transaction. Many people are familiar with the personal identification numbers or “PINs” that are ubiquitous in transactions involving debit cards.
The reasoning behind PINs is that only the person authorized to use the account underlying the debit card knows the PIN for the card. As such, any person's ability to produce that PIN on demand verifies that he is in fact the person authorized to transact business using the account.
A weak link in this reasoning is the assumption that knowledge of a PIN proves that the knowledgeable person is the rightful person. A wrongful person of ill will may acquire the PIN through a number of means: She may trick the information from the rightful person. She may oversee the entry of the PIN into the pad. She may access the database of account numbers and PINs of a business that previously completed a transaction with the account. She may access the database of account numbers and PINs of the financial institution maintaining the account. At a more sophisticated level, she may intercept the transmission of the PIN information between the PIN pad on which it is entered and the computer that verifies it.
FIG. 1 illustrates a transaction-verification system 100 according to the prior art. The system 100 includes a merchant 120, alliances and partners 130, processing center 140 and service providers 1A0. The system 100 also include communications links 160, 170 and 180.
The links 160, 180 communicatively couple the merchant 120 and alliances and business partners 130. The links 170, 180 communicatively couple the alliance and partners 130 and the processing center 140. The link 180 communicatively interconnects the merchant 120, the alliances and partners 130, the processing center 140 and the service providers 1A0. The link 180 may be the Internet.
The merchant 120 includes a merchant data center 127, one or more point-of-sale (POS) platforms 126 and the communications link 128. The link 128 communicatively couples the POS system 126 and the merchant data center 127.
The POS platform 126 itself includes a cash register 1262 or the like, a keypad 1261 and a communications link 1263. The link 1263 communicatively couples the cash register 1262 and the keypad 1261.
Where a data center 130, 140, 1A0 verifies a PIN entered on the keypad 1261, the PIN information travels over several of the communications links 1263, 128, 160, 170, 180 before the data center receives the information for verification. A sophisticated malefactor may intercept the PIN information along any of these communications links.
In response, the art has evolved to encrypt or otherwise protect PIN information almost always over a communications link 160, 170 or 180 and sometimes over a communications link 128: The merchant's data center 127 encrypts the PIN before passing it on to the business partner 130, 140, 1A0 to verify.
However, the PIN information still travels unencrypted over multiple communications links. The sophisticated malefactor still may intercept PIN information along the link 1263 between the PIN keypad and the first computer system capable of encrypting the PIN information—here, the cash register 1262. The sophisticated malefactor may intercept PIN information between the cash register 1262 and the merchant's data center 127.
Accordingly, a method of securing the entry and verification of a PIN is desirable where the unencrypted PIN information virtually cannot be intercepted between its entry on a PIN pad and a first receiving computer system capable of encrypting the information.
These and other goals of the invention will be readily apparent to one of ordinary skill in the art on reading the background above and the description below.