EP1639563A1 - Secure housing containing a keyboard for inserting confidential data - Google Patents

Secure housing containing a keyboard for inserting confidential data

Info

Publication number
EP1639563A1
EP1639563A1 EP04767417A EP04767417A EP1639563A1 EP 1639563 A1 EP1639563 A1 EP 1639563A1 EP 04767417 A EP04767417 A EP 04767417A EP 04767417 A EP04767417 A EP 04767417A EP 1639563 A1 EP1639563 A1 EP 1639563A1
Authority
EP
European Patent Office
Prior art keywords
plate
glass
fraud detection
detection circuit
secure
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Withdrawn
Application number
EP04767417A
Other languages
German (de)
French (fr)
Inventor
Johan Van De Kamer
Frans Heesters
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Tokheim Holding BV
Original Assignee
Tokheim Holding BV
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Tokheim Holding BV filed Critical Tokheim Holding BV
Publication of EP1639563A1 publication Critical patent/EP1639563A1/en
Withdrawn legal-status Critical Current

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/70Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
    • G06F21/86Secure or tamper-resistant housings
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/70Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
    • G06F21/82Protecting input, output or interconnection devices
    • G06F21/83Protecting input, output or interconnection devices input devices, e.g. keyboards, mice or controllers thereof
    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07FCOIN-FREED OR LIKE APPARATUS
    • G07F7/00Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus
    • G07F7/08Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means
    • G07F7/10Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means together with a coded signal, e.g. in the form of personal identification information, like personal identification number [PIN] or biometric data

Definitions

  • the present invention relates to a secure box containing a keyboard making it possible to enter confidential data such as a personal identification number, intended for particular to an electronic payment system.
  • Electronic circuits have greatly contributed to the development of modern societies and are used in many fields of technology. These circuits have in particular enabled the creation and development of so-called “electronic payment” systems which make it possible to carry out various transactions from electronic payment terminals equipped with digital keyboards using credit cards. However, these systems must be secured so as to protect both customers and traders while avoiding any risk of fraudulent transactions. To this end, banks and credit card manufacturers assign personal identification numbers to them, which their owners must enter on the keypad on electronic payment terminals. After their introduction, the identification numbers and other confidential data appearing on credit cards are encrypted in security modules prior to the transaction.
  • the personal identification number therefore makes it possible to verify that the credit card is being used by its true owner, and not by an intruder having found or stolen it. For obvious security reasons, it is essential that between entering it into the digital keyboard of an electronic payment terminal and encrypting it a personal identification number is not accessible to malicious third parties. It is therefore necessary to associate protective devices with these keyboards.
  • fraudsters are showing more and more cunning in trying to obtain confidential data and consequently securing the digital keyboards of electronic payment terminals is increasingly difficult. For example, fraudsters can: - view the entry of a confidential code (directly or through video systems);
  • the object of the present invention is to fill this gap by proposing a secure box containing a digital keyboard designed so as to prevent intruders from being able to gain fraudulent access.
  • the object of the invention is in particular to make it possible to detect a device placed on the keyboard in order to determine the confidential data entered, or to prevent any alteration of the system carried out for the same purpose. Another object of the invention is to prevent any listening to the electromagnetic emissions generated by the electronics of the system.
  • the box which is the subject of the invention is specially adapted for securing the digital keyboards equipping the payment terminals of the electronic payment systems but can be adapted to the securing of any system in which confidential data is transmitted by keyboard.
  • the present invention therefore relates to a secure box making it possible to enter confidential data such as a personal identification number intended in particular for an electronic payment system and comprising a capacitive touch matrix connected on the one hand by wires connecting to a printed circuit board carrying an associated controller, a security module as well as electronics sensitive to variations in the capacity of the system and also sandwiched between two glass plates, namely a plate front glass or protective plate and a rear glass plate or support plate.
  • a box therefore makes it possible to use the properties of capacitive touch screens, well known to those skilled in the art, for detecting the presence of an external device fixed to the digital keyboard, such as for example a false keyboard or a substance deposited in order to to mark the keys pressed when entering the confidential code.
  • the numeric keypad is displayed below the glass plates by any device such as LCD screen, CRT, LED, sticker, ... and is read by transparency.
  • any device such as LCD screen, CRT, LED, sticker, ... and is read by transparency.
  • the user touches the protective plate with which the keypad is displayed, with their fingers.
  • This manipulation has the consequence of locally changing the capacity of the system, which allows the controller to know the position affected, and therefore to determine the confidential code entered. This is the classic operation of a capacitive touch screen.
  • the capacity of the system at rest at rest meaning there is no object next to or on the touch screen) at the different locations on the protective plate corresponding to the different keys on the keyboard.
  • the list of these capacity values is stored in memory as a reference. Any attempt to "hide” the keyboard for fraudulent purposes changes the capacity of the system. Consequently, during operation, the actual capacity values are constantly compared with the recorded values and any deviation greater than a predetermined authorized deviation level is interpreted as indicative of fraud and triggers an alarm or system shutdown.
  • the secure housing which is the subject of the invention is characterized in that the protective plate is made of a fragmentable glass and is equipped with an electrical conductor constituted by a long wire attached to it or by a loop-shaped metallization.
  • This electrical conductor is on the one hand part of a fraud detection circuit comprising a voltage source as well as a current detector associated with an alarm member and on the other hand breaks under the effect of a fragmentation of the protection plate to cause the interruption of the current in the fraud detection circuit and the activation of the alarm device.
  • the fragmentable glass is preferably constituted by a tempered glass which breaks into a multitude of fragments in response to an impact.
  • the support plate is also made of a fragmentable glass and equipped with an electrical conductor forming part of the fraud detection circuit and breaking under the effect of a fragmentation of the latter. ci to cause the interruption of the current in the fraud detection circuit and the activation of the alarm device.
  • a third glass plate or cover plate covering the support plate on its rear face and extending at the rear face of the printed circuit board.
  • This cover plate improves the security of the printed circuit board.
  • This cover plate can also advantageously be made of a fragmentable glass and equipped with an electrical conductor forming part of the fraud detection circuit and breaking under the effect of a fragmentation thereof to cause the interruption of the current in the fraud detection circuit and activation of the alarm device.
  • any attempt to access the sensitive parts of the secure housing leads to the fragmentation of the glass plates and consequently the break of a conductor which is immediately detected by the current detector and interrupts the supply of a memory for backing up operating parameters of the keyboard stored during manufacture.
  • the detection of this break causes an alarm and advantageously deactivation of the system.
  • the card circuit board is located in the immediate vicinity of the capacitive touch matrix covered by the protective plate.
  • the printed circuit board and the electronic components fixed thereto are embedded in a brittle resin, in particular an epoxy resin.
  • a brittle resin in particular an epoxy resin.
  • This characteristic makes it possible to guarantee that the wires connecting the various electronic components are automatically broken in the event of a physical attack, in particular an attempt to "punch" the glass plates.
  • the configuration of the secure box according to the invention therefore makes it possible to prohibit an intruder from having access to confidential non-secure data downstream of the protection plate.
  • the fraud detection circuit is traversed by a high frequency oscillating current modulated in amplitude and in frequency so as to cause interference of the electromagnetic emissions of the system with respect to the outside and thereby preventing any attempt to read internal system signals using an external high frequency receiver.
  • a standard optical filter known in itself so as to make it possible to reduce the viewing angle over which the keyboard can be read.
  • FIG. 1 is a schematic "exploded” perspective illustrating the configuration of the secure housing
  • the secure housing 1 comprises a capacitive touch matrix sandwiched between two plates made of brittle glass, namely a protective plate 3 and a support plate 5.
  • the capacitive touch matrix 2 is connected by connecting wires 6 to a printed circuit board 7 carrying the associated controller, a security module 16 (FIG. 2) as well as electronics sensitive to variations in the system capacity.
  • the printed circuit board 7 and the electronic components fixed to it are embedded in a brittle epoxy resin 8.
  • the printed circuit board 7 is located in the immediate vicinity of the capacitive touch matrix 2 covered by the protective plate 3 whose length is greater than that of the support plate 5.
  • the support plate 5 may where appropriate be covered on its rear face opposite to the protective plate 3 by a third glass plate not shown in the figures, namely a covering plate extending at the rear face of the printed circuit board 7
  • This configuration makes it possible to reduce as far as possible the path in which confidential non-secure data pass after their introduction into the box 1. In fact, at the exit of the box 1, these data have undergone encryption preventing them from being intercepted by a fraudster.
  • the touch matrix operates according to the conventional technology of projected capacitive touch screens.
  • the tactile matrix is constituted by a matrix of fine micro wires connected to the controller.
  • An oscillation frequency is assigned to each of these micro wires.
  • the user touches with his fingers the protective plate 3 through which the keyboard is displayed by a display device 4. Touching the protective plate 3 changes the frequency of oscillation of the micro wires located at the corresponding location.
  • This modification which is a function of the capacity of the system allows the controller fixed on the printed circuit board 7 to determine where the protective plate 3 and consequently the projected screen has been touched by the user, and therefore to determine the confidential code entered.
  • the capacity at rest was measured at each crossing of the wires of the touch matrix 7.
  • the list of values thus measured is saved as a reference in a memory 9 associated with the security module. 16 in a manner shown diagrammatically in FIG. 2.
  • a “marking” device 10 such as a false keyboard or a layer of dust
  • the real capacity of the system is modified and this modification is noted by the control electronics which can in response generate an alarm or shut down the system.
  • the invention could be transposed to many other capacitive touch screen technologies without departing from the scope thereof.
  • the box 1 also contains a fraud detection circuit 11 essentially comprising a voltage source 12 as well as an electrical conductor in the form of a loop 13 attached to the protection plate 3.
  • This circuit 11 also contains a current detector 14 associated with an alarm device not shown.
  • An attempt to access the sensitive parts of the housing, in particular the printed circuit board 7 has the consequence of breaking the protective plate 3 and consequently of breaking the conductor 13 thus causing the emission of an alarm, and also the deactivation of the system following the erasure of the memory 9.
  • the fraud detection circuit 11 is also equipped with a protection device 15 making it possible to supply this circuit with a modulated high frequency oscillating current in amplitude and frequency so as to cause interference to the electromagnetic emissions of the system vis-à-vis the outside.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • Theoretical Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Computer Security & Cryptography (AREA)
  • Software Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Burglar Alarm Systems (AREA)

Abstract

The invention concerns a secure housing containing a keyboard for inserting confidential data such as a personal identification number designed in particular for a secure electronic payment system in terms of mechanics, electronics and electromagnetic emission. Said housing comprises a capacitive touch-sensitive matrix (2) connected by conducting wires (6) to a printed board (7) bearing the associated controller, a security module (16) as well as an electronics sensitive to variations of the system capacitance, and sandwiched between two glass plates, namely a front glass plate or protective plate (3) and a rear glass plate or support plate (5).

Description

« Boîtier sécurisé renfermant un clavier permettant d'introduire des données confidentielles » Domaine de l'invention La présente invention concerne un boîtier sécurisé renfer- mant un clavier permettant d'introduire des données confidentielles telles qu'un numéro d'identification personnel, destinées en particulier à un système de paiement électronique. Les circuits électroniques ont largement contribué au développement des sociétés modernes et sont utilisés dans de nombreux do- maines de la technique. Ces circuits ont en particulier permis la création et l'essor des systèmes dits « de paiement électronique » qui permettent d'effectuer diverses transactions à partir de terminaux de paiement électronique équipés de claviers numériques en utilisant des cartes de crédit. Or, ces systèmes doivent être sécurisés de façon à protéger tant les clients que les commerçants en évitant tout risque de transactions frauduleuses. Dans ce but, les banques et les fabricants de cartes de crédit attribuent à celles-ci des numéros d'identification personnels que leurs propriétaires doivent entrer dans le clavier numérique équipant les terminaux de paiement électronique. Après leur introduction, les numéros d'identification ainsi que d'autres données confidentielles figurant sur les cartes de crédit sont cryptés dans des modules de sécurité préalablement à la transaction. Le numéro d'identification personnel permet donc de vérifier que la carte de crédit est bien utilisée par son véritable propriétaire, et non par un intrus ayant trouvé ou volé celle-ci. Pour des raisons évidentes de sécurité, il est essentiel qu'entre son introduction dans le clavier numérique d'un terminal de paiement électronique et son cryptage un numéro d'identification personnel ne soit pas accessible à des tiers malintentionnés. Il est par suite nécessaire d'associer des dispositifs de protection à ces claviers. Les fraudeurs font cependant preuve de plus en plus d'astuce pour tenter d'obtenir des données confidentielles et par suite la sécurisation des claviers numériques des terminaux de paiement électronique est de plus en plus difficile. A titre d'exemple, les fraudeurs peuvent : - visualiser la saisie d'un code confidentiel (directement ou par l'intermédiaire de systèmes vidéo) ;Field of the Invention The present invention relates to a secure box containing a keyboard making it possible to enter confidential data such as a personal identification number, intended for particular to an electronic payment system. Electronic circuits have greatly contributed to the development of modern societies and are used in many fields of technology. These circuits have in particular enabled the creation and development of so-called “electronic payment” systems which make it possible to carry out various transactions from electronic payment terminals equipped with digital keyboards using credit cards. However, these systems must be secured so as to protect both customers and traders while avoiding any risk of fraudulent transactions. To this end, banks and credit card manufacturers assign personal identification numbers to them, which their owners must enter on the keypad on electronic payment terminals. After their introduction, the identification numbers and other confidential data appearing on credit cards are encrypted in security modules prior to the transaction. The personal identification number therefore makes it possible to verify that the credit card is being used by its true owner, and not by an intruder having found or stolen it. For obvious security reasons, it is essential that between entering it into the digital keyboard of an electronic payment terminal and encrypting it a personal identification number is not accessible to malicious third parties. It is therefore necessary to associate protective devices with these keyboards. However, fraudsters are showing more and more cunning in trying to obtain confidential data and consequently securing the digital keyboards of electronic payment terminals is increasingly difficult. For example, fraudsters can: - view the entry of a confidential code (directly or through video systems);
- accéder à l'électronique du système, notamment en insérant dans celui-ci une carte électronique « moucharde » ; - « écouter » les émissions électromagnétiques émises par l'électronique du système pour les corréler avec les touches appuyées ;- access the electronics of the system, in particular by inserting into it a “snitch” electronic card; - "listen" to the electromagnetic emissions emitted by the system's electronics to correlate them with the keys pressed;
- voler les informations lorsqu'elles sont frappées, par exemple en posant un faux clavier au-dessus du clavier véritable, ou en répandant sur celui-ci une substance telle que de la poussière qui laisse des traces sur les touches utilisées. Etat de la technique Différents moyens ont déjà été proposés pour tenter de sécuriser les claviers numériques des terminaux de paiement électronique. On a à titre d'exemple déjà proposé de dissimuler les tou- ches des claviers des regards indiscrets (document WO 00/68859) ou encore de changer la position des touches à chaque nouvelle utilisation (document WO 98/27518). Ces différents moyens rendent plus difficile la détermination des données confidentielles en regardant un utilisateur les taper sur un clavier numérique. Il a également déjà été proposé d'enfermer le clavier, son contrôleur ainsi que le module de sécurité associé à celui-ci dans un boîtier scellé, de façon à interdire aux fraudeurs d'avoir accès au système électronique en amont du cryptage des données confidentielles introduites dans le clavier. A titre d'exemple, on a déjà proposé conformément au document WO 01/92349 d'enfermer l'électronique entre le clavier et une plaque de verre. De telles solutions s'avèrent cependant très onéreuses et particulièrement difficiles à mettre en œuvre. Par suite, jusqu'à ce jour, il n'a pas été proposé de moyen de sécurisation sûr et satisfaisant sur le plan économique des claviers numériques des terminaux de systèmes de paiement électronique. But de l'invention La présente invention a pour objet de combler cette lacune en proposant un boîtier sécurisé renfermant un clavier numérique conçu de manière à empêcher les intrus de pouvoir accéder frauduleusement aux données confidentielles introduites avant leur cryptage par un module de sécurité. L'invention a en particulier pour objet de permettre de détecter un dispositif placé sur le clavier afin de déterminer les données confidentielles entrées, ou de prévenir toute altération du système effectuée dans le même but. Un autre objet de l'invention est d'empêcher toute écoute des émissions électromagnétiques générées par l'électronique du système. Le boîtier qui fait l'objet de l'invention est tout spécialement adapté à la sécurisation des claviers numériques équipant les terminaux de paiement des systèmes de paiement électronique mais peut s'adapter à la sécurisation de tout système dans lequel des données confidentielles sont transmises par clavier. Exposé de l'invention La présente invention concerne donc un boîtier sécurisé permettant d'introduire des données confidentielles telles qu'un numéro d'identification personnel destiné en particulier à un système de paiement électronique et comportant une matrice tactile capacitive reliée d'une part par des fils de liaison à une carte de circuit imprimé portant un contrôleur associé, un module de sécurité ainsi qu'une électronique sensible aux variations de la capacité du système et prise d'autre part en sandwich entre deux plaques de verre, à savoir une plaque de verre avant ou plaque de protection et une plaque de verre arrière ou plaque de support. Un tel boîtier permet donc d'utiliser les propriétés des écrans tactiles capacitifs, bien connus de l'homme du métier, pour détecter la présence d'un dispositif extérieur fixé sur le clavier numérique, comme par exemple un faux clavier ou une substance déposée afin de marquer les touches enfoncées lors de la saisie du code confidentiel. Le clavier numérique est affiché au dessous des plaques de verre par un dispositif quelconque tel qu'écran LCD, CRT, LED, autocollant, ... et est lu par transparence. Pour introduire son code confidentiel, l'utilisateur touche avec ses doigts la plaque de protection au dessous de laquelle le clavier est affiché. Cette manipulation a pour conséquence de changer localement la capacité du système, ce qui permet au contrôleur de connaître la position touchée, donc de déterminer le code confidentiel introduit. Il s'agit là du fonctionnement classique d'un écran tactile capacitif. Pour que le système de sécurisation puisse fonctionner de manière satisfaisante, il est bien entendu nécessaire d'avoir déterminé lors d'une étape d'étalonnage préalable, mise en œuvre pendant la fabrication du boîtier, la capacité du système au repos (au repos signifiant qu'il n'y a aucun objet à côté ou sur l'écran tactile) au niveau des différents emplacements de la plaque de protection correspondant aux différentes touches du clavier. La liste de ces valeurs de capacité est enregistrée dans une mémoire en tant que référence. Toute tentative de « masquage » du clavier dans un but frauduleux modifie la capacité du système. Par suite, en cours de fonctionnement, les valeurs réelles de capacité sont constamment comparées aux valeurs enregistrées et toute déviation supérieure à un niveau de déviation autorisé prédéterminé est interprétée comme indicative d'une fraude et déclenche une alarme ou l'arrêt du système. Le boîtier sécurisé qui fait l'objet de l'invention est caracté- risé en ce que la plaque de protection est réalisée en un verre fragmenta- ble et est équipée d'un conducteur électrique constitué par un long fil accolé à celle-ci ou par une métallisation en forme de boucle. Ce conducteur électrique fait d'une part partie d'un circuit de détection de fraudes comportant une source de tension ainsi qu'un détecteur de courant associé à un organe d'alarme et se rompt d'autre part sous l'effet d'une fragmentation de la plaque de protection pour entraîner l'interruption du courant dans le circuit de détection de fraudes et l'activation de l'organe d'alarme. Selon l'invention, le verre fragmentable est de préférence constitué par un verre trempé se brisant en une multitude de fragments en réponse à un choc. Selon une autre caractéristique de l'invention, la plaque de support est elle aussi réalisée en un verre fragmentable et équipée d'un conducteur électrique faisant partie du circuit de détection de fraudes et se rompant sous l'effet d'une fragmentation de celle-ci pour entraîner l'interruption du courant dans le circuit de détection de fraudes et l'activation de l'organe d'alarme. Selon l'invention, il est également possible d'adjoindre au boîtier une troisième plaque de verre ou plaque de recouvrement recouvrant la plaque de support sur sa face arrière et se prolongeant au niveau de la face arrière de la carte de circuit imprimé. La présence de cette plaque de recouvrement permet d'améliorer la sécurisation de la carte de circuit imprimé. Cette plaque de recouvrement peut avantageusement être elle aussi réalisée en un verre fragmentable et équipée d'un conducteur électrique faisant partie du circuit de détection de fraudes et se rompant sous l'effet d'une fragmentation de celle-ci pour entraîner l'interruption du courant dans le circuit de détection de fraudes et l'activation de l'organe d'alarme. Compte tenu des caractéristiques susmentionnées, toute tentative d'accès aux parties sensibles du boîtier sécurisé (module de sé- curité par exemple entraîne la fragmentation des plaques de verre et par suite la rupture d'un conducteur qui est immédiatement détectée par le détecteur de courant et interrompt l'alimentation d'une mémoire de sauvegarde de paramètres de fonctionnement du clavier stockés lors de la fabrication. La détection de cette rupture entraîne une alarme et avantageusement la désactivation du système. Selon une autre caractéristique de l'invention, la carte de circuit imprimé est située à proximité immédiate de la matrice tactile capacitive recouverte par la plaque de protection. Cette caractéristique permet aux fils de liaison de la matrice tactile capacitive et de la carte de circuit imprimé d'être aussi court que possible, ce qui a pour résultat d'interdire l'accès au circuit où transitent des données confidentielles non sécurisées. Selon une autre caractéristique de l'invention, la carte de circuit imprimé et les composants électroniques fixés sur celle-ci sont noyés dans une résine cassante, notamment une résine époxy. Cette caractéristique permet de garantir que les fils reliant les différents composants électroniques soient automatiquement brisés en cas d'attaque physique, notamment de tentative de « poinçonnage » des plaques de verre. La configuration du boîtier sécurisé conforme à l'invention permet donc d'interdire à un intrus d'avoir accès à des données confidentielles non sécurisées en aval de la plaque de protection. En effet, toute tentative dans ce sens aurait pour conséquence de casser les différentes plaques de verre et/ ou la résine cassante dans laquelle est noyée la carte de circuit imprimé, et par suite d'endommager l'électronique du système et de détruire les données confi- dentielles qu'elle contient. Selon une autre caractéristique particulièrement avantageuse de l'invention, le circuit de détection de fraudes est parcouru par un courant oscillant à haute fréquence modulé en amplitude et en fréquence de façon à provoquer un brouillage des émissions électromagnétiques du système vis à vis de l'extérieur et à empêcher ainsi toute tentative de lecture des signaux internes du système à l'aide d'un récepteur haute fréquence extérieur. Selon l'invention, on peut également prévoir d'autres organes de sécurisation du boîtier, par exemple associer à l'écran un filtre op- tique standard connu en lui-même de façon à permettre de réduire l'angle de vision sur lequel le clavier peut être lu. Dessins Les caractéristiques du boîtier sécurisé qui fait l'objet de l'invention seront décrites plus en détail en se référant aux dessins an- nexés dans lesquels :- steal information when it is struck, for example by placing a false keyboard above the real keyboard, or by spreading on it a substance such as dust which leaves traces on the keys used. STATE OF THE ART Various means have already been proposed in an attempt to secure the digital keyboards of electronic payment terminals. By way of example, it has already been proposed to conceal the keys of the keyboards from prying eyes (document WO 00/68859) or else to change the position of the keys with each new use (document WO 98/27518). These various means make it more difficult to determine confidential data by watching a user type it on a digital keyboard. It has also already been proposed to enclose the keyboard, its controller and the security module associated with it in a sealed box, so as to prevent fraudsters from having access to the electronic system before encryption of confidential data. entered into the keyboard. For example, it has already been proposed in accordance with document WO 01/92349 to enclose the electronics between the keyboard and a glass plate. However, such solutions prove to be very expensive and particularly difficult to implement. Consequently, to date, no secure and economically satisfactory security means have been proposed for the digital keyboards of the terminals of electronic payment systems. OBJECT OF THE INVENTION The object of the present invention is to fill this gap by proposing a secure box containing a digital keyboard designed so as to prevent intruders from being able to gain fraudulent access. confidential data entered before encryption by a security module. The object of the invention is in particular to make it possible to detect a device placed on the keyboard in order to determine the confidential data entered, or to prevent any alteration of the system carried out for the same purpose. Another object of the invention is to prevent any listening to the electromagnetic emissions generated by the electronics of the system. The box which is the subject of the invention is specially adapted for securing the digital keyboards equipping the payment terminals of the electronic payment systems but can be adapted to the securing of any system in which confidential data is transmitted by keyboard. SUMMARY OF THE INVENTION The present invention therefore relates to a secure box making it possible to enter confidential data such as a personal identification number intended in particular for an electronic payment system and comprising a capacitive touch matrix connected on the one hand by wires connecting to a printed circuit board carrying an associated controller, a security module as well as electronics sensitive to variations in the capacity of the system and also sandwiched between two glass plates, namely a plate front glass or protective plate and a rear glass plate or support plate. Such a box therefore makes it possible to use the properties of capacitive touch screens, well known to those skilled in the art, for detecting the presence of an external device fixed to the digital keyboard, such as for example a false keyboard or a substance deposited in order to to mark the keys pressed when entering the confidential code. The numeric keypad is displayed below the glass plates by any device such as LCD screen, CRT, LED, sticker, ... and is read by transparency. To enter their confidential code, the user touches the protective plate with which the keypad is displayed, with their fingers. This manipulation has the consequence of locally changing the capacity of the system, which allows the controller to know the position affected, and therefore to determine the confidential code entered. This is the classic operation of a capacitive touch screen. For the security system to function satisfactorily, it is of course necessary to have determined during a prior calibration step, implemented during the manufacture of the housing, the capacity of the system at rest (at rest meaning there is no object next to or on the touch screen) at the different locations on the protective plate corresponding to the different keys on the keyboard. The list of these capacity values is stored in memory as a reference. Any attempt to "hide" the keyboard for fraudulent purposes changes the capacity of the system. Consequently, during operation, the actual capacity values are constantly compared with the recorded values and any deviation greater than a predetermined authorized deviation level is interpreted as indicative of fraud and triggers an alarm or system shutdown. The secure housing which is the subject of the invention is characterized in that the protective plate is made of a fragmentable glass and is equipped with an electrical conductor constituted by a long wire attached to it or by a loop-shaped metallization. This electrical conductor is on the one hand part of a fraud detection circuit comprising a voltage source as well as a current detector associated with an alarm member and on the other hand breaks under the effect of a fragmentation of the protection plate to cause the interruption of the current in the fraud detection circuit and the activation of the alarm device. According to the invention, the fragmentable glass is preferably constituted by a tempered glass which breaks into a multitude of fragments in response to an impact. According to another characteristic of the invention, the support plate is also made of a fragmentable glass and equipped with an electrical conductor forming part of the fraud detection circuit and breaking under the effect of a fragmentation of the latter. ci to cause the interruption of the current in the fraud detection circuit and the activation of the alarm device. According to the invention, it is also possible to add to the housing a third glass plate or cover plate covering the support plate on its rear face and extending at the rear face of the printed circuit board. The presence of this cover plate improves the security of the printed circuit board. This cover plate can also advantageously be made of a fragmentable glass and equipped with an electrical conductor forming part of the fraud detection circuit and breaking under the effect of a fragmentation thereof to cause the interruption of the current in the fraud detection circuit and activation of the alarm device. Given the above-mentioned characteristics, any attempt to access the sensitive parts of the secure housing (security module for example leads to the fragmentation of the glass plates and consequently the break of a conductor which is immediately detected by the current detector and interrupts the supply of a memory for backing up operating parameters of the keyboard stored during manufacture. The detection of this break causes an alarm and advantageously deactivation of the system. According to another characteristic of the invention, the card circuit board is located in the immediate vicinity of the capacitive touch matrix covered by the protective plate. This characteristic allows the connecting wires of the capacitive touch matrix and the printed circuit board to be as short as possible, which result of prohibiting access to the circuit through which confidential non-secure data pass According to another characteristic of the invention, the printed circuit board and the electronic components fixed thereto are embedded in a brittle resin, in particular an epoxy resin. This characteristic makes it possible to guarantee that the wires connecting the various electronic components are automatically broken in the event of a physical attack, in particular an attempt to "punch" the glass plates. The configuration of the secure box according to the invention therefore makes it possible to prohibit an intruder from having access to confidential non-secure data downstream of the protection plate. Indeed, any attempt in this direction would result in breaking the various glass plates and / or the brittle resin in which the printed circuit board is embedded, and consequently damaging the electronics of the system and destroying the data. confidential information it contains. According to another particularly advantageous characteristic of the invention, the fraud detection circuit is traversed by a high frequency oscillating current modulated in amplitude and in frequency so as to cause interference of the electromagnetic emissions of the system with respect to the outside and thereby preventing any attempt to read internal system signals using an external high frequency receiver. According to the invention, it is also possible to provide other elements for securing the housing, for example associating with the screen a standard optical filter known in itself so as to make it possible to reduce the viewing angle over which the keyboard can be read. Drawings The characteristics of the secure housing which is the subject of the invention will be described in more detail with reference to the attached drawings in which:
- la figure 1 est une perspective « éclatée » schématique illustrant la configuration du boîtier sécurisé ;- Figure 1 is a schematic "exploded" perspective illustrating the configuration of the secure housing;
- la figure la est un schéma illustratif du mode d'utilisation du boîtier ;- Figure la is an illustrative diagram of the mode of use of the housing;
- la figure lb est un schéma illustratif d'une tentative de fraudes ; - la figure 2 est un schéma représentant le circuit de détection de fraudes. Description de modes de réalisation Selon la figure 1, le boîtier sécurisé 1 comporte une matrice tactile capacitive prise en sandwich entre deux plaques réalisées en un verre cassant à savoir une plaque de protection 3 et une plaque de support 5. La matrice tactile capacitive 2 est reliée par des fils de liaison 6 à une carte de circuit imprimé 7 portant le contrôleur associé, un module de sécurité 16 (figure 2) ainsi qu'une électronique sensible aux variations de la capacité du système. La carte de circuit imprimé 7 et les composants électroniques fixés sur celle-ci sont noyés dans une résine époxy cassante 8. Comme représenté sur la figure 1, la carte de circuit imprimé 7 est située à proximité immédiate de la matrice tactile capacitive 2 recouverte par la plaque de protection 3 dont la longueur est supérieure à celle de la plaque de support 5. La plaque de support 5 peut le cas échéant être recouverte sur sa face arrière opposée à la plaque de protection 3 par une troisième plaque de verre non représentée sur les figures, à savoir une plaque de recouvrement se prolongeant au niveau de la face arrière de la carte de circuit imprimé 7. Cette configuration permet de réduire au maximum le trajet dans lequel transitent des données confidentielles non sécurisées après leur introduction dans le boîtier 1. En effet, à la sortie du boîtier 1, ces données ont subi un cryptage leur évitant d'être interceptées par un fraudeur. II est à noter que conformément à l'exemple de réalisation représenté sur les figures, la matrice tactile fonctionne selon la technologie classique des écrans tactiles capacitifs projetés. Par suite la matrice tactile est constituée par une matrice de fins micro fils connectés au contrôleur. Une fréquence d'oscillation est assignée à chacun de ces micro fils. Selon la figure la, pendant une utilisation normale, l'utilisateur touche avec ses doigts la plaque de protection 3 au travers de laquelle le clavier est affiché par un dispositif d'affichage 4. Le fait de toucher la plaque de protection 3 modifie la fréquence d'oscillation des micro fils situés à l'emplacement correspondant. Cette modification qui est une fonction de la capacité du système permet au contrôleur fixé sur la carte de circuit imprimé 7 de déterminer à quel endroit la plaque de protection 3 et par suite l'écran projeté a été touché par l'utilisateur, et donc de déterminer le code confidentiel introduit. Lors d'une étape d'étalonnage préalable on a mesuré la capacité au repos au niveau de chaque croisement de fils de la matrice tactile 7. La liste des valeurs ainsi mesurées est enregistrée en tant que référence dans une mémoire 9 associée au module de sécurité 16 d'une façon représentée schématiquement sur la figure 2. Selon la figure lb, si un intrus applique sur la plaque de protection 3 un dispositif de « marquage » 10 tel que faux clavier ou couche de poussière à des fins frauduleuses, la capacité réelle du système est modifiée et cette modification est constatée par l'électronique de com- mande qui peut en réponse générer une alarme ou arrêter le système. Bien entendu, l'invention pourrait être transposée à de nombreuses autres technologies d'écrans tactiles capacitifs sans pour cela sortie du cadre de celle-ci. Selon la figure 2, le boîtier 1 renferme en outre un circuit de détection de fraudes 11 comportant essentiellement une source de tension 12 ainsi qu'un conducteur électrique en forme de boucle 13 accolé à la plaque de protection 3. Ce circuit 11 renferme également un détecteur de courant 14 associé à un organe d'alarme non représenté. Une tentative d'accès aux parties sensibles du boîtier, notamment à la carte de circuit imprimé 7 a pour conséquence de casser la plaque de protection 3 et par suite de rompre le conducteur 13 entraînant ainsi l'émission d'une alarme, et également la désactivation du système par suite de l'effacement de la mémoire 9. Selon la figure 2, le circuit de détection de fraudes 11 est également équipé d'un dispositif de protection 15 permettant d'alimenter ce circuit en un courant oscillant à haute fréquence modulé en amplitude et en fréquence de façon à provoquer un brouillage des émissions électromagnétiques du système vis-à-vis de l'extérieur. - Figure lb is an illustrative diagram of an attempted fraud; - Figure 2 is a diagram showing the fraud detection circuit. Description of embodiments According to FIG. 1, the secure housing 1 comprises a capacitive touch matrix sandwiched between two plates made of brittle glass, namely a protective plate 3 and a support plate 5. The capacitive touch matrix 2 is connected by connecting wires 6 to a printed circuit board 7 carrying the associated controller, a security module 16 (FIG. 2) as well as electronics sensitive to variations in the system capacity. The printed circuit board 7 and the electronic components fixed to it are embedded in a brittle epoxy resin 8. As shown in Figure 1, the printed circuit board 7 is located in the immediate vicinity of the capacitive touch matrix 2 covered by the protective plate 3 whose length is greater than that of the support plate 5. The support plate 5 may where appropriate be covered on its rear face opposite to the protective plate 3 by a third glass plate not shown in the figures, namely a covering plate extending at the rear face of the printed circuit board 7 This configuration makes it possible to reduce as far as possible the path in which confidential non-secure data pass after their introduction into the box 1. In fact, at the exit of the box 1, these data have undergone encryption preventing them from being intercepted by a fraudster. It should be noted that in accordance with the embodiment shown in the figures, the touch matrix operates according to the conventional technology of projected capacitive touch screens. Consequently, the tactile matrix is constituted by a matrix of fine micro wires connected to the controller. An oscillation frequency is assigned to each of these micro wires. According to Figure la, during normal use, the user touches with his fingers the protective plate 3 through which the keyboard is displayed by a display device 4. Touching the protective plate 3 changes the frequency of oscillation of the micro wires located at the corresponding location. This modification which is a function of the capacity of the system allows the controller fixed on the printed circuit board 7 to determine where the protective plate 3 and consequently the projected screen has been touched by the user, and therefore to determine the confidential code entered. During a prior calibration step, the capacity at rest was measured at each crossing of the wires of the touch matrix 7. The list of values thus measured is saved as a reference in a memory 9 associated with the security module. 16 in a manner shown diagrammatically in FIG. 2. According to FIG. 1b, if an intruder applies a “marking” device 10 such as a false keyboard or a layer of dust to the protection plate 3 for fraudulent purposes, the real capacity of the system is modified and this modification is noted by the control electronics which can in response generate an alarm or shut down the system. Of course, the invention could be transposed to many other capacitive touch screen technologies without departing from the scope thereof. According to FIG. 2, the box 1 also contains a fraud detection circuit 11 essentially comprising a voltage source 12 as well as an electrical conductor in the form of a loop 13 attached to the protection plate 3. This circuit 11 also contains a current detector 14 associated with an alarm device not shown. An attempt to access the sensitive parts of the housing, in particular the printed circuit board 7 has the consequence of breaking the protective plate 3 and consequently of breaking the conductor 13 thus causing the emission of an alarm, and also the deactivation of the system following the erasure of the memory 9. According to FIG. 2, the fraud detection circuit 11 is also equipped with a protection device 15 making it possible to supply this circuit with a modulated high frequency oscillating current in amplitude and frequency so as to cause interference to the electromagnetic emissions of the system vis-à-vis the outside.

Claims

R E V E N D I C A T I O N S 1°) Boîtier sécurisé permettant d'introduire des données confidentielles telles qu'un numéro d'identification personnel destiné en particulier à un système de paiement électronique et comportant une matrice tactile capa- citive (2) reliée d'une part par des fils de liaison (6) à une carte de circuit imprimé (7) portant un contrôleur associé, un module de sécurité (16) ainsi qu'une électronique sensible aux variations de la capacité du système, et prise d'autre part en sandwich entre deux plaques de verre, à savoir une plaque de verre avant ou plaque de protection (3) et une plaque de verre arrière ou plaque de support (5), caractérisé en ce que la plaque de protection (3) est réalisée en un verre fragmentable et est équipée d'un conducteur électrique (13) constitué par un long fil accolé à celle-ci ou par une métallisation en forme de boucle, ce conducteur élec- trique faisant d'une part partie d'un circuit de détection de fraudes (11) comportant une source de tension (12) ainsi qu'un détecteur de courant (14) associé à un organe d'alarme, et se rompant d'autre part sous l'effet d'une fragmentation de la plaque de protection (3) pour entraîner l'interruption du courant dans le circuit de détection de fraudes (11) et l'activation de l'organe d'alarme.CLAIMS 1 °) Secure box for entering confidential data such as a personal identification number intended in particular for an electronic payment system and comprising a capacitive tactile matrix (2) connected on the one hand by wires connecting (6) to a printed circuit board (7) carrying an associated controller, a security module (16) and an electronic sensitive to variations in the capacity of the system, and sandwiched between two glass plates, namely a front glass plate or protection plate (3) and a rear glass plate or support plate (5), characterized in that the protection plate (3) is made of fragmentable glass and is equipped with an electrical conductor (13) constituted by a long wire attached to it or by a metallization in the form of a loop, this electrical conductor forming part of a circuit for detecting frauds (11) comprising a voltage source (12) as well as a current detector (14) associated with an alarm device, and breaking on the other hand under the effect of a fragmentation of the protective plate (3) to cause the interruption of the current in the fraud detection circuit (11) and the activation of the alarm device.
2°) Boîtier sécurisé selon la revendication 1, caractérisé en ce que la plaque de support (5) est elle aussi réalisée en un verre fragmentable et équipée d'un conducteur électrique faisant partie du circuit de détection de fraudes (11) et se rompant sous l'effet d'une fragmentation de celle-ci pour entraîner l'interruption du courant dans le circuit de détection de fraude (11) et l'activation de l'organe d'alarme.2) secure box according to claim 1, characterized in that the support plate (5) is also made of a fragmentable glass and equipped with an electrical conductor forming part of the fraud detection circuit (11) and breaking under the effect of a fragmentation thereof to cause the interruption of the current in the fraud detection circuit (11) and the activation of the alarm device.
3°) Boîtier sécurisé selon l'une quelconque des revendications 1 et 2, caractérisé en ce que la plaque de support (5) est recouverte sur sa face arrière d'une troisième plaque de verre ou plaque de recouvrement se prolongeant au niveau de la face arrière de la carte de circuit imprimé.3) secure housing according to any one of claims 1 and 2, characterized in that the support plate (5) is covered on its rear face with a third glass plate or cover plate extending at the level of the back of the printed circuit board.
4°) Boîtier sécurisé selon la revendication 3, caractérisé en ce que la plaque de recouvrement est elle aussi réalisée en un verre fragmentable et équipée d'un conducteur électrique faisant partie du circuit de détection de fraudes (11) et se rompant sous l'effet d'une fragmentation de celle-ci pour entraîner l'interruption du courant dans le circuit de détection de fraudes (11) et l'activation de l'organe d'alarme.4) secure housing according to claim 3, characterized in that the cover plate is also made of a fragmentable glass and equipped with an electrical conductor forming part of the fraud detection circuit (11) and breaking under the effect of a fragmentation thereof to cause the interruption current in the fraud detection circuit (11) and the activation of the alarm device.
5°) Boîtier selon l'une quelconque des revendications 1 à 4, caractérisé en ce que la carte de circuit imprimé (7) est située à proximité immédiate de la ma- trice tactile capacitive (2) recouverte par la plaque de protection (3).5 °) Box according to any one of claims 1 to 4, characterized in that the printed circuit board (7) is located in the immediate vicinity of the capacitive touch matrix (2) covered by the protective plate (3 ).
6°) Boîtier sécurisé selon l'une quelconque des revendications 1 à 5, la carte de circuit imprimé (7) et les composants électroniques fixés sur celle-ci sont noyés dans une résine cassante, notamment une résine époxy (8).6 °) secure housing according to any one of claims 1 to 5, the printed circuit board (7) and the electronic components fixed thereon are embedded in a brittle resin, in particular an epoxy resin (8).
7°) Boîtier selon l'une quelconque des revendications 1 à 6, caractérisé en ce que le circuit de détection de fraudes (11) est parcouru par un courant os- cillant à haute fréquence modulé en amplitude et en fréquence de façon à provoquer un brouillage des émissions électromagnétiques du système vis à vis de l'extérieur. 7 °) Box according to any one of claims 1 to 6, characterized in that the fraud detection circuit (11) is traversed by a high frequency oscillating current modulated in amplitude and in frequency so as to cause a interference from the system's electromagnetic emissions to the outside.
EP04767417A 2003-07-01 2004-06-23 Secure housing containing a keyboard for inserting confidential data Withdrawn EP1639563A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
FR0307947A FR2857113B1 (en) 2003-07-01 2003-07-01 SECURE BOX COMPRISING A KEYBOARD FOR INTRODUCING CONFIDENTIAL DATA
PCT/FR2004/001561 WO2005013219A1 (en) 2003-07-01 2004-06-23 Secure housing containing a keyboard for inserting confidential data

Publications (1)

Publication Number Publication Date
EP1639563A1 true EP1639563A1 (en) 2006-03-29

Family

ID=33522638

Family Applications (1)

Application Number Title Priority Date Filing Date
EP04767417A Withdrawn EP1639563A1 (en) 2003-07-01 2004-06-23 Secure housing containing a keyboard for inserting confidential data

Country Status (3)

Country Link
EP (1) EP1639563A1 (en)
FR (1) FR2857113B1 (en)
WO (1) WO2005013219A1 (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP2067980A1 (en) 2007-12-06 2009-06-10 Robert Bosch GmbH Control valve for a fuel injector

Families Citing this family (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20060169764A1 (en) * 2005-01-28 2006-08-03 Ncr Corporation Self-service terminal
DE102008009936A1 (en) * 2008-02-20 2009-09-03 Hypercom Gmbh Keyboard with capacitive touch keypads
FR2964772A1 (en) 2010-09-15 2012-03-16 Ingenico Sa DEVICE FOR PROTECTING AN ELECTRONIC PRINTED CIRCUIT.
FR2964769B1 (en) 2010-09-15 2013-11-29 Compagnie Ind Et Financiere Dingenierie Ingenico PROTECTIVE DEVICE, METHOD AND CORRESPONDING COMPUTER PROGRAM PRODUCT.
FR2964778B1 (en) 2010-09-15 2012-09-14 Ingenico Sa DEVICE FOR PROTECTING A CONNECTOR AND A COMMUNICATION WIRE OF A MEMORY CARD READER.
FR2964768B1 (en) 2010-09-15 2016-02-05 Compagnie Ind Et Financiere Dingenierie Ingenico PROTECTIVE DEVICE, METHOD AND CORRESPONDING COMPUTER PROGRAM PRODUCT.
US8970796B2 (en) 2013-04-26 2015-03-03 Cypress Semiconductor Corporation Field-line repeater (FLR) structure of a sense array
US10977539B1 (en) * 2019-12-20 2021-04-13 Capital One Services, Llc Systems and methods for use of capacitive member to prevent chip fraud

Family Cites Families (9)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
FR2596176B1 (en) * 1986-03-19 1990-12-21 Dassault Electronique PROTECTED CASE FOR THE CONTROL OF A CONFIDENTIAL CODE
JPH0769767B2 (en) * 1991-10-16 1995-07-31 インターナショナル・ビジネス・マシーンズ・コーポレイション Touch overlay for detecting finger touch or stylus position, and detection system
US5457289A (en) * 1994-03-16 1995-10-10 Microtouch Systems, Inc. Frontally shielded capacitive touch sensor system
DE19600769A1 (en) * 1996-01-11 1997-07-17 Ibm Security module with integral safety foil e.g. for electronic cash protection
WO1998030967A2 (en) * 1996-12-20 1998-07-16 Logitech, Inc. Flexible touchpad circuit with mounted circuit board
WO2000057262A1 (en) * 1999-03-24 2000-09-28 Radiant Systems, Inc. System for securing entry of encrypted and non-encrypted information on a touch screen
AU6199900A (en) * 1999-06-22 2001-01-31 Cirque Corporation An improved touchpad having increased noise rejection, decreased moisture sensitivity, and improved tracking
US7305565B1 (en) * 2000-05-31 2007-12-04 Symbol Technologies, Inc. Secure, encrypting pin pad
DE10032496A1 (en) * 2000-07-04 2002-01-17 Heinz Sechting Alarm sensor unit for preventing unauthorised window opening has coupling element capacitively coupled to window for providing touch-sensitive capacitance

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
See references of WO2005013219A1 *

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP2067980A1 (en) 2007-12-06 2009-06-10 Robert Bosch GmbH Control valve for a fuel injector
DE102007058766A1 (en) 2007-12-06 2009-06-10 Robert Bosch Gmbh Control valve for a fuel injector

Also Published As

Publication number Publication date
FR2857113A1 (en) 2005-01-07
WO2005013219A1 (en) 2005-02-10
FR2857113B1 (en) 2005-09-02

Similar Documents

Publication Publication Date Title
US10438106B2 (en) Smartcard
Drimer et al. Thinking inside the box: system-level failures of tamper proofing
US20070204173A1 (en) Central processing unit and encrypted pin pad for automated teller machines
EP2431911B1 (en) Device for protecting a connector and a communication wire of a memory-card reader.
EP0800209B1 (en) Safety device for a semi-conductor chip
EP2431899B1 (en) Protection device and corresponding method
EP1639563A1 (en) Secure housing containing a keyboard for inserting confidential data
EP2634754A1 (en) Document verification method and device for carrying out such a method
EP2241997B1 (en) Memory card reader
EP0776498B1 (en) Protected keyboard device
US10678958B2 (en) Intrusion-protected memory component
EP2431901A1 (en) Protection device, corresponding method and computer program product.
FR2893436A1 (en) SECURING BETWEEN ELECTRONIC COMPONENTS OF A PORTABLE SECURE ELECTRONIC ENTITY
EP3132403B1 (en) Device for processing data from a contactless smart card, method and corresponding computer program
FR2819067A1 (en) Method for controlling access to a secure system, such as an automatic teller machine, using a keyboard for PIN entry, where the values of the keys displayed on a touch screen are changed in a random manner to prevent fraud
EP2927857A1 (en) Method for verifying the authenticity of a terminal, corresponding device and program
EP3350745B1 (en) Management of a display of a view of an application on a screen of an electronic data input device, corresponding method, device and computer program product
FR2834366A1 (en) SELF-LOCKING CHIP CARD, DEVICE FOR SECURING SUCH A CARD AND RELATED METHODS
JPH11272829A (en) Electronic money card
CN111868729B (en) Intrusion protected storage component
EP3113056B1 (en) Securing a validation of a character sequence, corresponding method, device and computer program product
EP2622526B1 (en) Protection device, electronic payment terminal and magnetic reading head corresponding thereto
Yang et al. Security systems of point-of-sales devices
FR2892544A1 (en) DETECTION OF BREAKING ATTEMPT ON A CHIP THROUGH ITS SUPPORT STRUCTURE
FR2910991A1 (en) Hardware security module e.g. small computer system interface/Internet protocol external device, for electronic payment terminal, has processor acting on secret in case of reception of signal corresponding to variation in property of gas

Legal Events

Date Code Title Description
PUAI Public reference made under article 153(3) epc to a published international application that has entered the european phase

Free format text: ORIGINAL CODE: 0009012

17P Request for examination filed

Effective date: 20051222

AK Designated contracting states

Kind code of ref document: A1

Designated state(s): AT BE BG CH CY CZ DE DK EE ES FI FR GB GR HU IE IT LI LU MC NL PL PT RO SE SI SK TR

17Q First examination report despatched

Effective date: 20060803

DAX Request for extension of the european patent (deleted)
STAA Information on the status of an ep patent application or granted ep patent

Free format text: STATUS: THE APPLICATION IS DEEMED TO BE WITHDRAWN

18D Application deemed to be withdrawn

Effective date: 20070214