Abstract: A secure provisioning manifest used to authenticate and securely communicate with peripherals attached to a computer is provided with techniques to learn about a new peripheral not authorized to be attached to the computer and possibly gain authorization for the peripheral. A secure I/O module, that is separate from an operating system and transaction software executed by a processor of the computer, uses the secure provisioning manifest to authenticate and establish a secure encrypted session for communicating with each peripheral authorized to be attached to the computer. When an unauthorized peripheral is found, identifying information for the peripheral is transmitted to an enterprise provisioning server with a request to authorize the peripheral.

Abstract: A secure provisioning manifest used to authenticate and securely communicate with peripherals attached to a computer is provided with techniques to learn about a new peripheral not authorized to be attached to the computer and possibly gain authorization for the peripheral. A secure I/O module, that is separate from an operating system and transaction software executed by a processor of the computer, uses the secure provisioning manifest to authenticate and establish a secure encrypted session for communicating with each peripheral authorized to be attached to the computer. When an unauthorized peripheral is found, identifying information for the peripheral is transmitted to an enterprise provisioning server with a request to authorize the peripheral.

Abstract: A secure provisioning manifest used to authenticate and securely communicate with peripherals attached to a computer is provided with techniques to learn about a new peripheral not authorized to be attached to the computer and possibly gain authorization for the peripheral. A secure I/O module, that is separate from an operating system and transaction software executed by a processor of the computer, uses the secure provisioning manifest to authenticate and establish a secure encrypted session for communicating with each peripheral authorized to be attached to the computer. When an unauthorized peripheral is found, identifying information for the peripheral is transmitted to an enterprise provisioning server with a request to authorize the peripheral.

Abstract: A secure provisioning manifest used to authenticate and securely communicate with peripherals attached to a computer is provided with techniques to learn about a new peripheral not authorized to be attached to the computer and possibly gain authorization for the peripheral. A secure I/O module, that is separate from an operating system and transaction software executed by a processor of the computer, uses the secure provisioning manifest to authenticate and establish a secure encrypted session for communicating with each peripheral authorized to be attached to the computer. When an unauthorized peripheral is found, identifying information for the peripheral is transmitted to an enterprise provisioning server with a request to authorize the peripheral.

Abstract: A secure provisioning manifest used to authenticate and securely communicate with peripherals attached to a computer is provided with techniques to learn about a new peripheral not authorized to be attached to the computer and possibly gain authorization for the peripheral. A secure I/O module, that is separate from an operating system and transaction software executed by a processor of the computer, uses the secure provisioning manifest to authenticate and establish a secure encrypted session for communicating with each peripheral authorized to be attached to the computer. When an unauthorized peripheral is found, identifying information for the peripheral is transmitted to an enterprise provisioning server with a request to authorize the peripheral.

Abstract: There is provided a pluggable secure device identity module (SDIM) attached to a peripheral where the SDIM includes one or more secret functions provided by a third party that are used by the peripheral to provide additional security features or functions that can only be authenticated by the third party. The peripheral is attached to a computer and a secure provisioning manifest is used to authenticate and communicate with the peripheral. The computer includes a processor that executes an operating system and transaction software. A secure I/O module, that has a processor and software that is separate and isolated from the processing environment of the computer, uses the secure provisioning manifest to authenticate the peripheral and then to establish a secure encrypted session for communicating with the peripheral.

Abstract: A secure provisioning manifest used to authenticate and securely communicate with peripherals attached to a computer is provided with techniques to withdraw the authentication and terminate the secure communications with any peripheral when operating parameters for the peripheral indicate that there is a security threat associated with the peripheral. A secure I/O module, that is separate from an operating system and transaction software executed by a processor of the computer, uses the secure provisioning manifest to establish a secure encrypted session for communicating with each peripheral attached to the computer when a peripheral is authenticated and able to establish a secure encrypted session. The secure I/O module uses current and known operating parameters for each peripheral to periodically determine if a peripheral has been compromised by a security threat.

Abstract: A secure provisioning manifest used to authenticate and securely communicate with peripherals attached to a computer is provided with techniques to withdraw the authentication and terminate the secure communications with any peripheral when operating parameters for the peripheral indicate that there is a security threat associated with the peripheral. A secure I/O module, that is separate from an operating system and transaction software executed by a processor of the computer, uses the secure provisioning manifest to establish a secure encrypted session for communicating with each peripheral attached to the computer when a peripheral is authenticated and able to establish a secure encrypted session. The secure I/O module uses current and known operating parameters for each peripheral to periodically determine if a peripheral has been compromised by a security threat.

Abstract: There is provided a pluggable secure device identity module (SDIM) attached to a peripheral where the SDIM includes one or more secret functions provided by a third party that are used by the peripheral to provide additional security features or functions that can only be authenticated by the third party. The peripheral is attached to a computer and a secure provisioning manifest is used to authenticate and communicate with the peripheral. The computer includes a processor that executes an operating system and transaction software. A secure I/O module, that has a processor and software that is separate and isolated from the processing environment of the computer, uses the secure provisioning manifest to authenticate the peripheral and then to establish a secure encrypted session for communicating with the peripheral.

Abstract: A secure provisioning manifest used to authenticate and securely communicate with peripherals attached to a computer is provided with techniques to learn about a new peripheral not authorized to be attached to the computer and possibly gain authorization for the peripheral. A secure I/O module, that is separate from an operating system and transaction software executed by a processor of the computer, uses the secure provisioning manifest to authenticate and establish a secure encrypted session for communicating with each peripheral authorized to be attached to the computer. When an unauthorized peripheral is found, identifying information for the peripheral is transmitted to an enterprise provisioning server with a request to authorize the peripheral.

Abstract: A security module of a computer which is invisible to an operating system executed by a processor of the computer and which establishes an encrypted session for receiving payment data from a payment peripheral.