DATA DEVICE INCLUDING OFN FUNCTIONALITY
A data entry device including a housing, data entry circuitry located within the housing, a keypad mounted in the housing and having a plurality of movable key elements which, when depressed, are displaced to at least a predetermined extent from a first location within the housing to a second location within the housing and Optical Finger Navigation (OFN) circuitry mounted inside the housing, being operative for sensing at least some of the plurality of movable key elements when depressed and displaced to at least the predetermined extent from the first location within the housing to the second location within the housing and providing a key displacement output indicating key displacement to the data entry circuitry.
Latest VERIFONE, INC. Patents:
Reference is hereby made to U.S. Provisional Patent Application Ser. No. 62/027,890, filed Jul. 23, 2014 and entitled “SENSITIVE DATA DEVICE”, the disclosure of which is incorporated by reference in its entirety and priority of which is hereby claimed pursuant to 37 CFR 1.78(a) (4) and (5)(i).
FIELD OF THE INVENTIONThe present invention relates generally to data devices.
BACKGROUND OF THE INVENTIONVarious types of data devices are known.
SUMMARY OF THE INVENTIONThe present invention seeks to provide an improved data entry device.
There is thus provided in accordance with a preferred embodiment of the present invention a data entry device including a housing, data entry circuitry located within the housing, a keypad mounted in the housing and having a plurality of movable key elements which, when depressed, are displaced to at least a predetermined extent from a first location within the housing to a second location within the housing and Optical Finger Navigation (OFN) circuitry mounted inside the housing, being operative for sensing at least some of the plurality of movable key elements when depressed and displaced to at least the predetermined extent from the first location within the housing to the second location within the housing and providing a key displacement output indicating key displacement to the data entry circuitry.
There is also provided in accordance with another preferred embodiment of the present invention a data entry device including a housing, data entry circuitry located within the housing, tamper detection circuitry located within the housing, a keypad mounted in the housing and having a plurality of movable key elements and OFN circuitry mounted inside the housing, being operative for sensing displacement of the plurality of movable key elements and tampering with the device and providing a key displacement output indicating key displacement to at least a predetermined extent to the data entry circuitry and a tamper indication output to the tamper detection circuitry.
There is further provided in accordance with yet another preferred embodiment of the present invention a sensitive data device including a housing, sensitive data handling circuitry located within the housing, tamper detection circuitry located within the housing and OFN circuitry mounted inside the housing, being operative for sensing tampering with the device and providing a tamper indication output to the tamper detection circuitry.
Preferably, the OFN circuitry is mounted on an electrical circuit board spaced from the movable key elements. Additionally, the device also includes a spacer mounted between the electrical circuit board and the keypad.
Preferably, the electrical circuit board is arranged such that displacement of a key from a first location within the housing to a second location within the housing by the finger of a user is detected and identified by the OFN circuitry.
In accordance with a preferred embodiment of the present invention the OFN circuitry is incorporated within an OFN module which includes an illuminator and optics. Additionally, the OFN module is generally centered with respect to the plurality of movable key elements and lies therebelow so as to be in a line of sight with all of the plurality of movable key elements. Preferably, the OFN module is also in a line of sight with other regions within the housing.
In accordance with a preferred embodiment of the present invention the OFN module views optically identifiable markings on the plurality of movable key elements as well as other objects which provide a background useful in detecting tampering. Additionally or alternatively, a background output of the OFN module is employed as a reference against which an output of said OFN module indicating possible tampering is compared. Preferably, at least one of the following events produces a tampering indication: creating a hole in the data entry device using a tool, the tool being seen by the OFN module and removal of the tool, allowing light to enter the housing, the light being seen by the OFN module.
Accordingly, even if tampering occurs in a darkened environment, such tampering will be detected.
The present invention will be understood and appreciated more fully from the following detailed description, taken in conjunction with the drawings in which:
Reference is now made to
As seen in
An optional anti-tamper circuit board 112, which preferably includes an anti-tampering grid 114 formed of a multiplicity of interconnected anti-tampering electrical conductors 116, underlies top surface 104 and is provided with key apertures 120 in registration with key apertures 110. Fixedly and electrically coupled to anti-tamper circuit board 112 is a peripheral anti-tamper keypad enclosure 122, which preferably includes an anti-tampering grid 124 formed of a multiplicity of interconnected anti-tampering electrical conductors.
A key mat 132, preferably formed of a resilient plastic or rubber, defines a plurality of depressible keys 134, preferably integrally formed with mat 132, which partially extend through key apertures 110 and 120 and preferably have readily optically identifiable markings 136 formed on corresponding bottom facing surfaces 138 thereof. Additional optically identifiable markings 139 may be provided on other interior surfaces, such as inner surfaces of the housing.
An electrical circuit board 140, which functions, inter alia, as a mounting board for an OFN module 142, is disposed in predetermined spaced relationship with key mat 132. OFN module 142 is preferably a Model ADBS-A350 commercially available from Pixart Imaging Inc., No. 5, Innovation Road 1, HsinChu Science Park, Hsin-Chu, Taiwan, R.O.C. The arrangement of key mat 132 and of electrical circuit board 140 is such that depression of a key 134 by the finger of a user is detected and identified by OFN module 142. It is noted that the OFN module 142 is operative to sense changes in the level of light received by it from various locations within its field of view.
In the illustrated embodiment of
A spacer 143, preferably formed of a transparent material or defining open side walls, is provided between electrical circuit board 140 and key mat 132 in order to enhance the ability of the OFN module 142 to view not only all of the markings on all of the keys but also as much as possible of the interior of the housing and the markings and features thereof.
Circuit board 140 preferably includes an anti-tampering grid 144 formed of a multiplicity of interconnected anti-tampering electrical conductors.
It is appreciated that the anti tampering grids 144, 114 and 124 and enclosure 122 are preferably interconnected so as to define a keyboard anti-tampering enclosure, which is coupled to anti-tampering detection circuitry 160. Anti-tampering detection circuitry 160 is typically enclosed in an anti-tampering enclosure (not shown). Alternatively, anti-tampering detection circuitry 160 may itself be secure against tampering.
It is appreciated that the anti-tampering grids can be interconnected in numerous ways using various types of connectors.
In accordance with a preferred embodiment of the present invention, the OFN module 142 functions, inter alia, as a case-open switch which senses physical tampering with and opening of the housing. The output of the OFN module is preferably provided to anti-tampering detection circuitry 160 to enable the output of the OFN module to be used for detection of tampering. Upon detection of tampering one or both of the following actions may take place:
registration of a tampered condition and prevention of data entry, such as PIN entry.
It is appreciated that not all key displacements need be sensed by the OFN module. For example, the key displacements of one or more function keys, such as keys 162, 164, 166 and 168, may be sensed by engagement thereof with corresponding conventional electrical contacts, such as contacts 174, 176 and 178.
Preferably, the secure keypad device 100 includes a main microprocessor 180 which preferably includes, inter alia, encryption/decryption capabilities. Such a main microprocessor may beneficially be included in the secure keypad devices and data entry devices described hereinbelow with reference to
Reference is now made to
Reference is now made to
Reference is now made to
Reference is now made to
Reference is now made to
Reference is now made to
As seen in
An anti-tamper circuit board 312, which preferably includes an anti-tampering grid 314 formed of a multiplicity of interconnected anti-tampering electrical conductors 316, underlies top surface 304 and is provided with key apertures 320 in registration with key apertures 310. Fixedly and electrically coupled to anti-tamper circuit board 312 is a peripheral anti-tamper keypad enclosure 322, which preferably includes an anti-tampering grid 324 formed of a multiplicity of interconnected anti-tampering electrical conductors.
A key mat 332, preferably formed of a resilient plastic or rubber, defines a plurality of depressible keys 334, preferably integrally formed with mat 332, which partially extend through key apertures 310 and 320 and preferably have readily optically identifiable markings 336 formed on corresponding bottom facing surfaces 338 thereof. Additional optically identifiable markings 339 may be provided on other interior surfaces, such as inner surfaces of the housing.
An electrical circuit board 340, which functions, inter alia, as a mounting board for an OFN module 342, is disposed in predetermined spaced relationship with key mat 332. OFN module 342 is preferably a Model ADBS-A350 commercially available from Pixart Imaging Inc., No. 5, Innovation Road 1, HsinChu Science Park, Hsin-Chu, Taiwan, R.O.C. The arrangement of key mat 332 and of electrical circuit board 340 is such that depression of a key 334 by the finger of a user is detected and identified by OFN module 342. In the illustrated embodiment of
Circuit board 340 preferably includes an anti-tampering grid 344 formed of a multiplicity of interconnected anti-tampering electrical conductors.
It is appreciated that the anti tampering grids 344, 314 and 324 and enclosure 322 are preferably interconnected so as to define a keyboard anti-tampering enclosure, which is coupled to anti-tampering detection circuitry 360. Anti-tampering detection circuitry 360 is typically enclosed in an anti-tampering enclosure (not shown). Alternatively, anti-tampering detection circuitry 360 may itself be secure against tampering.
It is appreciated that the anti-tampering grids can be interconnected in numerous ways using various types of connectors.
In accordance with a preferred embodiment of the present invention, the OFN module functions, inter alia, as a case-open switch which senses physical tampering and opening of the housing. The output of the OFN module is preferably provided to anti-tampering detection circuitry 360 to enable the output of the OFN module to be used for detection of tampering.
It is appreciated that not all key displacements need be sensed by the OFN module. For example, the key displacements of one or more function keys, such as keys 362, 364, 366 and 368, may be sensed by engagement thereof with corresponding conventional electrical contacts, such as contacts 374, 376 and 378.
Preferably, the secure keypad device 300 includes a main microprocessor 380 which preferably includes, inter alia, encryption/decryption capabilities. Such a main microprocessor may beneficially be included in the secure keypad devices and data entry devices described hereinbelow with reference to
Reference is now made to
Reference is now made to
Reference is now made to
Reference is now made to
Reference is now made to
Reference is now made to
Reference is now made to
Reference is now made to
Reference is now made to
Reference is now made to
As seen in
In accordance with one embodiment of the invention, functional units 902 and 904 may be embodied in a microprocessor included on an OFN module, such as OFN module 142 (
The key displacement analysis unit 902 is preferably operable to ascertain which of a plurality of mechanical keys is mechanically depressed and to provide a corresponding output indication, preferably via a secure connection to a data receiver, such as a PIN data receiving module 906. The key displacement analysis unit 902 preferably employs optical information received from the OFN module including at least one of size, shape and intensity of reflected optical image elements.
The image-based tamper detection unit 904 is operative, for example, as described hereinabove with respect to one or more of the embodiments shown in
It is appreciated that both the key displacement analysis unit 902 and the image-based tamper detection unit 904 may receive stored information from an approved key-depression database 910, which stores data, such as image data or data derived therefrom, which corresponds to depressions of predetermined keys or combinations thereof.
The key displacement analysis unit 902 preferably employs the information stored in the database 910 for key displacement identification and the image-based tamper detection unit 904 preferably employs the information stored in the database 910 for eliminating false tamper alarms when actual key displacement to at least a predetermined extent is detected.
It is appreciated that the OFN circuitry in any of the OFN modules, such as OFN module 142 (
For the sake of conciseness, reference is made in the following discussion to one example, namely OFN module 142 (
Turning now to the example illustrated in
a. the tool that is inserted into the device is sensed by the OFN module as a foreign object, either by virtue of blocking a reflection from an identifiable marking, such as reflective surface 622, or by virtue of a reflection from the tool, which is not recognized as an identifiable marking;
b. a hole made in the device by such a tool is sensed by the OFN module as a change in the thumbprint; and
c. upon removal of the tool in a lighted environment, light enters the device via the hole, thereby flooding the interior of the device with light, which light is sensed by the OFN module.
Turning now to the example illustrated in
a. upon removal of the key, such as key 708, in a lighted environment, light enters the device via the hole remaining after removal of the key, thereby flooding the interior of the device with light, which light is sensed by the OFN module;
b. upon removal of the key, such as key 708, the absence of a readily optically identifiable marking, such as readily optically identifiable marking 736, formed on a bottom facing surface of the removed key is sensed by the OFN module;
c. removal of the key 708 produces a change in the thumbprint, which change is sensed by the OFN module.
Raw data outputted by an OFN module, such as OFN module 142 (
The OFN module typically includes a small on-board microcontroller and memory. The OFN module can operate in two operational modes: a Raw Data Mode and a Configurable Mode.
When operating in the Raw Data Mode, the OFN module sends the data array to the on board microcontroller when requested by the on board microcontroller.
When operating in the Configurable Mode, the OFN module can be programmed at the factory to sense and store in memory various alarm scenarios and to generate an alarm signal upon the occurrence of one of the pre-configured alarm scenarios. Alternatively, the OFN module can be configured to generate an alarm signal when the scene viewed by the OFN module does match a thumbprint stored in memory. Additionally, the OFN module can be configured to provide different alarm signals depending on the occurrence of different tampering scenarios as sensed by the OFN module.
Preferably, the encryption functionality of the OFN circuitry 900 vis a vis the main microprocessor 180 (
Preferably, at the factory, the main microprocessor 180 becomes aware that there is no encryption key for its OFN module 142.
The main microprocessor 180 generates an encryption key, which is typically a symmetric encryption key, and transmits it to the OFN module 142 as clear text. From then on, all communication between the main microprocessor 180 and the OFN module 142 is encrypted.
Upon occurrence of sensed tampering, the alarm detection circuitry 160 will cause the main microprocessor 180 to erase the encryption key and any other sensitive information and thus prevent further communication and PIN entry from taking place.
Considering the overall operation of the devices described hereinabove, it is appreciated that the OFN module of each device, as appropriate, can be configured, inter alia, to carry out any one or more of the following functions:
-
- Report a valid key displacement to at least a predetermined extent;
- Report a combination of key displacements to at least a predetermined extent;
- Not report when all or most of the keys are pressed;
- Report that a foreign object is present within the housing of the device;
- Report that a key has been removed;
- Report that the OFN “thumbprint” of the device has changed beyond a predetermined threshold;
- Remain in a sleep mode, as a default, to conserve energy, thereby prolonging battery life;
- Exit from sleep mode, without being prompted by the main microprocessor, to read its current thumbprint;
- If the thumbprint matches a stored thumbprint, return to sleep mode;
- If the current thumbprint does not match the stored thumbprint, send an alarm signal to the main microprocessor;
- Respond to a request from the main microprocessor to verify the current thumbprint before allowing PIN entry; and
- Accept an encryption key to facilitate encrypted communication between the OFN module and the main microprocessor.
When the OFN module is not in the sleep mode, the OFN module preferably verifies its current thumbprint every second and alerts the main microprocessor if the current thumbprint differs from stored thumbprint beyond a threshold amount. If requested by the main microprocessor, the OFN module verifies its current thumbprint as a condition to allowing PIN entry. When PIN entry is allowed, key displacement to at least a predetermined extent is reported by the OFN module to the main microprocessor.
During times of inactivity, the main microprocessor periodically requests the status of the OFN module.
When the device is in a sleep mode, the OFN module goes into deep sleep mode, and wakes up every second to validate its current thumbprint. If the current thumbprint matches the stored thumbprint, the OFN module returns to the sleep mode. If the current thumbprint does not match the stored thumbprint, the OFN module records this state in a nonvolatile memory, wakes up the main microprocessor and reports the not matching current thumbprint to the main microprocessor when the main microprocessor periodically requests the current status.
It is appreciated that the system can be configured so that the OFN module determines that a tamper condition has occurred, or can be configured it only report raw data, in which configuration the main microprocessor makes all determinations of tamper conditions based, inter alia, on the raw data received from the OFN module. Additionally, any suitable combination of configurations of the OFN module and the main microprocessor is also possible.
Preferably, the OFN module will also determine which PIN keys are pressed and report PIN keys to the main microprocessor.
Alternatively the OFN module sends raw data to the main microprocessor, which determines whether a tamper condition exists or not.
It is appreciated by persons skilled in the art that the present invention is not limited by what has been particularly shown and described hereinabove. Rather the scope of the present invention includes both combinations and subcombinations of various features described hereinabove as well as variations and modifications thereto which would occur to a person of skill in the art upon reading the above description and which are not in the prior art.
Claims
1. A data entry device comprising:
- a housing;
- data entry circuitry located within said housing;
- a keypad mounted in said housing and having a plurality of movable key elements which, when depressed, are displaced to at least a predetermined extent from a first location within said housing to a second location within said housing; and
- Optical Finger Navigation (OFN) circuitry mounted inside said housing, being operative for sensing at least some of said plurality of movable key elements when depressed and displaced to at least said predetermined extent from said first location within said housing to said second location within said housing and providing a key displacement output indicating key displacement to said data entry circuitry.
2. A data entry device according to claim 1 and wherein said OFN circuitry is mounted on an electrical circuit board spaced from said movable key elements.
3. A data entry device according to claim 2 and also comprising a spacer mounted between said electrical circuit board and said keypad.
4. A data entry device according to claim 2 and wherein said electrical circuit board is arranged such that displacement of a key from a first location within the housing to a second location within the housing by the finger of a user is detected and identified by said OFN circuitry.
5. A data entry device according to claim 1 and wherein said OFN circuitry is incorporated within an OFN module which includes an illuminator and optics.
6. A data entry device according to claim 5 and wherein said OFN module is generally centered with respect to said plurality of movable key elements and lies therebelow so as to be in a line of sight with all of said plurality of movable key elements.
7. A data entry device according to claim 6 and wherein said OFN module is also in a line of sight with other regions within the housing.
8. A data entry device according to claim 6 and wherein said OFN module views optically identifiable markings on said plurality of movable key elements as well as other objects which provide a background useful in detecting tampering.
9. A data entry device according to claim 6 and wherein a background output of said OFN module is employed as a reference against which an output of said OFN module indicating possible tampering is compared.
10. A data entry device according to claim 6 and wherein at least one of the following events produces a tampering indication:
- creating a hole in the data entry device using a tool, said tool being seen by said OFN module; and
- removal of said tool, allowing light to enter the housing, said light being seen by said OFN module.
11. A data entry device comprising:
- a housing;
- data entry circuitry located within said housing;
- tamper detection circuitry located within said housing;
- a keypad mounted in said housing and having a plurality of movable key elements; and
- OFN circuitry mounted inside said housing, being operative for sensing displacement of said plurality of movable key elements and tampering with said device and providing a key displacement output indicating key displacement to at least a predetermined extent to said data entry circuitry and a tamper indication output to said tamper detection circuitry.
12. A data entry device according to claim 11 and wherein said OFN circuitry is mounted on an electrical circuit board spaced from said movable key elements.
13. A data entry device according to claim 12 and also comprising a spacer mounted between said electrical circuit board and said keypad.
14. A data entry device according to claim 11 and wherein said electrical circuit board is arranged such that displacement of a key from a first location within the housing to a second location within the housing by the finger of a user is detected and identified by said OFN circuitry.
15. A data entry device according to claim 11 and wherein said OFN circuitry is incorporated within an OFN module which includes an illuminator and optics.
16. A data entry device according to claim 15 and wherein said OFN module is generally centered with respect to said plurality of movable key elements and lies therebelow so as to be in a line of sight with all of said plurality of movable key elements.
17. A data entry device according to claim 16 and wherein said OFN module is also in a line of sight with other regions within the housing.
18. A data entry device according to claim 16 and wherein said OFN module views optically identifiable markings on said plurality of movable key elements as well as other objects which provide a background useful in detecting tampering.
19. A data entry device according to claim 16 and wherein a background output of said OFN module is employed as a reference against which an output of said OFN module indicating possible tampering is compared.
20. A data entry device according to claim 16 and wherein at least one of the following events produce a tampering indication:
- creating a hole in the data entry device using a tool, said tool being seen by said OFN module; and
- removal of said tool, allowing light to enter the housing, said light being seen by said OFN module.
21. A sensitive data device comprising:
- a housing;
- sensitive data handling circuitry located within said housing;
- tamper detection circuitry located within said housing; and
- OFN circuitry mounted inside said housing, being operative for sensing tampering with said device and providing a tamper indication output to said tamper detection circuitry.
22. A sensitive data device according to claim 21 and wherein said OFN circuitry is mounted on an electrical circuit board spaced from a plurality of movable key elements.
23. A sensitive data device according to claim 22 and also comprising a spacer mounted between said electrical circuit board and a keypad mounted in said housing and having said plurality of movable key elements.
24. A sensitive data device according to claim 22 and wherein said electrical circuit board is arranged such that displacement of a key from a first location within the housing to a second location within the housing by the finger of a user is detected and identified by said OFN circuitry.
25. A sensitive data device according to claim 22 and wherein said OFN circuitry is incorporated within an OFN module which includes an illuminator and optics.
26. A sensitive data device according to claim 25 and wherein said OFN module is generally centered with respect to said plurality of movable key elements and lies therebelow so as to be in a line of sight with all of said plurality of movable key elements.
27. A sensitive data device according to claim 26 and wherein said OFN module is also in a line of sight with other regions within the housing.
28. A sensitive data device according to claim 26 and wherein said OFN module views optically identifiable markings on said plurality of movable key elements as well as other objects which provide a background useful in detecting tampering.
29. A sensitive data device according to claim 26 and wherein a background output of said OFN module is employed as a reference against which an output of said OFN module indicating possible tampering is compared.
30. A sensitive data device according to claim 26 and wherein at least one of the following events produce a tampering indication:
- creating a hole in the data entry device using a tool, said tool being seen by said OFN module; and
- removal of said tool, allowing light to enter the housing, said light being seen by said OFN module.
Type: Application
Filed: Jul 17, 2015
Publication Date: Jan 28, 2016
Applicant: VERIFONE, INC. (San Jose, CA)
Inventors: John Henry BARROWMAN (Knoxville, TN), Doug Leigh MANCHESTER (Rocklin, CA), William Martin JOHANSEN, JR. (Rocklin, CA)
Application Number: 14/802,305