Computer graphics processing and selective visual display system – Display peripheral interface input device – Touch panel
Reexamination Certificate
1999-10-01
2003-10-07
Shalwala, Bipin (Department: 2673)
Computer graphics processing and selective visual display system
Display peripheral interface input device
Touch panel
C380S052000, C713S194000
Reexamination Certificate
active
06630928
ABSTRACT:
FIELD OF THE INVENTION
This invention relates generally to security of data terminals which utilize touch screens for data entry. This invention also relates to secure terminal systems which utilize a security processor to control access to data entry on a touch screen.
BACKGROUND OF THE INVENTION
Touch screens for data entry on a computer terminal are well known in the art. A touch screen allows the user of a terminal to enter a menu selection or data by placing a finger or other object at a location on the display screen that corresponds to the menu item, function or data numeral to be entered. A touch sensitive element detects the coordinates of the touch event and the meaning of the touch event is determined by the coordinate location and the corresponding menu or data button displayed on the screen.
When a touch screen is utilized to enter data such as a secret PIN number, it is vital that the PIN number be protected by encryption prior to being communicated to any external resource. Entry of other data or menu selections on the same touch screen does not require encryption security. Accordingly, utilizing a touch screen for entry of both secret data and nonconfidential data presents a difficult technical challenge.
OBJECTS OF THIS INVENTION
It is a principal object of this invention to provide an improved method and apparatus for operating a touch screen device.
It is another object of this invention to provide a method and apparatus for operating a touch screen device in a manner which provides security for confidential data entry and high flexibility for entry of general and nonconfidential data.
It is another object of this invention to provide a method and apparatus having improved logical security for sensitive data items entered on a touch screen.
FEATURES AND ADVANTAGES OF THIS INVENTION
In its broadest aspect, this invention features a method for operating a touch screen device (e.g. a combination touch pad and display screen) which involves displaying on the display screen a set of functional components. An additional step involves defining a plurality of touch pad hot spots corresponding in area and location to the functional components. The method further involves sensing a touch event on the touch pad corresponding to one of the touch pad hot spots and creating a touch event message identifying the touch pad hot spot corresponding to the touch event.
The touch event message is not the coordinates of the touch event, but rather an identification of which of the defined hot spots corresponds to the touch event.
In this aspect of the method of this invention the touch pad is controlled by a touch pad controller and the display screen is controlled by an application processor in communication with the touch pad controller and the display screen. These can be separate hardware modules or separate software modules in the same processor with a built in firewall between them.
The application processor carries out the step of displaying on the display screen the set of functional components and the step of defining hot spots is is carried out by the application processor by sending to the touch pad controller a hot spot command defining a plurality of touch pad hot spots corresponding in area and location to the set of functional components. The sensing step is carried out by the touch pad controller sensing a touch event on the touch pad corresponding to one of the touch pad hot spots and sending to the application processor a touch event message identifying the touch pad hot spot corresponding to the touch event. The touch event message is not the touch coordinates but rather an identification of the hot spot associated with the touch coordinates.
A variation of the invention features described in the preceding paragraph involves a method for operating a combination touch pad and display screen device as a secured data entry device in a point-of-sale transaction environment in which secret PIN entries are required. In this variation, the touch pad controller has an associated security processor and is located within a security module for protection against physical intrusion. The application processor displays on the display screen device a PIN data entry screen comprising at least a set of data entry buttons corresponding to PIN numerals and an “ENTERS” command button. In addition, the application processor sends to the touch pad controller a PIN data entry command requesting execution of a PIN entry touch event routine.
The touch pad controller responds to the PIN data entry command by defining a prearranged set of hot spots corresponding to active data entry and command buttons in the PIN data entry screen, then responding to a sequence of touch events corresponding to active data entry buttons by storing each of the associated PIN numerals, and finally by responding to a touch event corresponding to the “ENTER” command button by encrypting the stored PIN numerals using the security processor and sending the encrypted PIN data to the application processor.
In this secured data entry application of this invention, the touch pad hot spots associated with entry of general, nonconfidential data items are defined by the application processor whereas the touch pad hot spots associated with entry of confidential data items are predefined in touch pad controller itself to correlate with the data entry screen display set up by the application processor. In the former case, each touch event is returned to the application processor as an indication of one of the defined hot spot corresponding to the location of the touch event. In the latter case, each touch event is echoed in some fashion to the application processor, but the actual secret numerical data elements are stored in the touch pad controller and then encrypted in the security chip before being sent to the application processor.
In this secured data entry application, the invention preferably includes additional features which preclude hot spot definition commands from setting up a number and arrangement of hot spots that would permit entry of confidential data items without encryption. To achieve this the method of this invention further involves the touch pad controller determining if the number of hot spots defined in the data entry command is less than or equal to a predetermined hot spot limit less than the number of hot spots required for PIN entry. If the result of this step is positive, the touch pad controller directly executes the data entry command by responding to hot spot touch events and sending corresponding touch event messages to the application processor. If too many hot spots are defined, the touch pad controller declares a hot spot command error and processes a hot spot error routine.
Alternatively, the touch pad controller limits the number of touch events and touch event messages returned to a number less than that required for confidential data entry.
Instead of declaring a hot spot command error, this invention may include the feature of allowing the touch pad controller to execute a data entry command with more hot spots than the limit number if the data entry command includes one or more authentication parameters that permit the touch pad controller to authenticate the command before executing it. Such command authentication parameters would be added to data entry commands by a trusted agent after audit of the program routines to ensure that they didn't violate data entry security protocols.
The use of command authentication parameters in accordance with this invention provided complete flexibility in use of hot spots for data entry routines without compromising security during entry of confidential data items.
Another variation of the method of this invention involves permitting the application processor to define a number of hot spots sufficient for entry of a PIN number, but to provide that the touch pad controller will limit the number of touch events returned during the processing of a single hot spot command to a number fewer than a minimum number of digits in a PIN code. This
Faoro Dave
Gougeon Dominique Andre Jean
McIntyre Keith Eric
Morlang Keven Paul
Sheets John Foxe
Hewlett--Packard Development Company, L.P.
Lewis David L.
Shalwala Bipin
LandOfFree
Method and apparatus for touch screen data entry does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Method and apparatus for touch screen data entry, we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Method and apparatus for touch screen data entry will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-3173127