1. Field of the Invention
The present invention relates, generally, to data communication and, more specifically, to a data transfer device, a transaction system, a method and an Application Specific Integrated Circuit (ASIC) device for exchanging data between remote processing devices.
2. Description of the Related Art
Data storage means, such as chip cards and other electronic data carriers have become increasingly popular for performing financial transactions, for purchasing merchandise, for banking, and other type of data transactions such as for identification and verification purposes.
With the present possibilities for purchasing merchandising, paying bills and the like via the Internet, there is a growing need for completing such transactions using chip cards, credit cards, and the like. However, for this type of “virtual” shopping and banking, security of the transactions is a major problem. This, because a transaction via the Internet involves transmission of data via public, unsecured networks.
U.S. Pat. No. 5,815,577 discloses an encryption module comprising pre-programmed software resident within the module and configured to identify and accommodate a plurality of data input devices, such as scanners, magnetic strip readers, smart card readers, and the like. This module, due to its pre-programmed resident software, fulfills the function of trusted device, such that transactions which are performed through this module can be trusted as to their authenticity. However, this known module has some inherent disadvantages.
Due to the need for pre-programmed software, the module is restricted to operate with data from a known type of chip card of a known transaction entity, such as a bank, for example. Those skilled in the art will appreciate that this concept is not suitable for the handling of chip cards of transaction entities for which suitable processing software has not been previously incorporated in the module. For adding such software later on, one has to understood that hundreds or even thousands of such modules have to be updated manually in such a case.
This is also true in the case of a change in the processing functions of known chip cards which are supported by the module and for which the already available software in the module has to be updated or even completely revised.
Although it is theoretically feasible to configure the known module for the processing of different chip cards of different transaction entities among others, due to lack of co-operation and standardization between such transaction entities, in practice, each module operates with a single chip card or other data storage device of a single transaction entity. Accordingly, for each chip card or data storage device a different trusted device has to be installed and used, which leads to an uncomprehensive, impractical and not to manage transaction system.
Although it is feasible to provide the trusted devices with a data receive or download facility, for example, for receiving or downloading suitable software for processing new chip cards, a problem arises in the case of transferring this software via common or public data networks, such as the Internet. This, because hackers and others may copy and change the software, such that the security of the trusted device and its proper operation in reading and/or writing data of a data storage device, such as a chip card, can no longer be guaranteed.