A financial transaction system, as used herein, is a system that allows a merchant to use, for example, a mobile device, to accept payment for selling a product or a service to a purchaser.
In one example, the financial transaction system includes a mobile device (e.g., an iPad, an iPhone, etc.) and a card reader. The card reader is in the form of an accessory and couples to the mobile electronic device (e.g., the card reader couples to the mobile device through the audio jack of the mobile device). In this example, a purchaser uses a financial transaction card (e.g., a credit card or a debit card) to purchase the seller's product or service by allowing his credit card to be swiped through the card reader. The card reader communicates the card's data to the mobile electronic device, allowing the mobile device to confirm authenticity of the card and further initiate authorization of the purchase transaction. In another example, the financial transaction system may include a mobile electronic device that accepts card-less payments from purchasers. In this example, a purchaser may convey his credit card information to the seller through a direct or indirect form of wireless communication with the seller's mobile device. A person of any skill in this space would easily be aware of countless other mechanisms that allow similar financial transactions to proceed in the context of such “mobile” payments.
While such mobile payment opportunities offer convenience and ease of use to both the seller and the purchaser, there are scenarios that may present new security concerns. For example, as part of the transaction flow, the purchaser may sometimes be required to enter a PIN code as an additional layer of security. Such PIN codes are required, for example, in debit-card based purchases and even in some credit-card (e.g., EMV card) based purchased. In such scenarios, the financial transaction system needs to protect the PIN from being discovered by, for example, malware or other phishing events.
The figures depict various embodiments of the present invention for purposes of illustration only. One skilled in the art will readily recognize from the following discussion that alternative embodiments of the structures and methods illustrated herein may be employed without departing from the principles of the invention described herein.