Not applicable.
Not applicable.
A point-of-sale (POS) terminal or station may receive payment information associated with a purchase and seek authorization for payment from a back-end financial system, for example a credit card authorization service. The point-of-sale terminal may receive the financial information from a contactless card. A contactless card communicates with a point-of-sale terminal or other device at least in part without physically contacting the point-of-sale terminal, for example through radio frequency communication conducted in the proximity of the point-of-sale terminal. This radio frequency communication may include near field communication (NFC) technology.
Various payment cards, retail loyalty cards, and product coupons may be employed in different payment and or purchase scenarios. For example, in paying for groceries at a point-of-sale terminal, a customer may present a loyalty card issued by the grocery store chain, one or more product coupons, and either a credit card or a debit card. In another payment scenario, a commuter may present a transit card to obtain access to a mass transit vehicle.
Systems for impeding reception of confidential information are disclosed. In an embodiment, the system comprises a point-of-sale transceiver configured to receive confidential information transmitted by a mobile device incorporating an electronic wallet. The system also comprises a signal generator in communication with the point-of-sale transceiver and configured to broadcast a jamming signal substantially concurrently with the point-of-sale transceiver receiving the confidential information.
In another embodiment, a method of impeding reception of confidential information is disclosed. The method comprises producing a jamming signal, broadcasting the jamming signal from a point-of-sale device, and receiving confidential information at the point-of-sale device. The jamming signal is broadcast substantially concurrently with receiving the confidential information, and the confidential information is received from a portable electronic device containing an electronic wallet.
In another embodiment, a method of jamming reception of confidential information is disclosed. The method comprises exchanging handshaking signals between a portable electronic device and a point-of-sale transceiver and the portable electronic device transmitting a preamble sequence during a first time interval, wherein the portable electronic device contains an electronic wallet. The method also comprises the point-of-sale transceiver transmitting a cancelling preamble sequence during the first time interval, wherein the cancelling preamble sequence is operable to substantially attenuate the preamble sequence. The method also comprises the portable electronic device transmitting confidential information during a second time interval, wherein the second time interval follows the first time interval in time.
These and other features will be more clearly understood from the following detailed description taken in conjunction with the accompanying drawings and claims.
For a more complete understanding of the present disclosure, reference is now made to the following brief description, taken in connection with the accompanying drawings and detailed description, wherein like reference numerals represent like parts.
It should be understood at the outset that although illustrative implementations of one or more embodiments are illustrated below, the disclosed systems and methods may be implemented using any number of techniques, whether currently known or in existence. The disclosure should in no way be limited to the illustrative implementations, drawings, and techniques illustrated below, but may be modified within the scope of the appended claims along with their full scope of equivalents.
When paying for goods and services with an electronic wallet at a point-of-sale (POS) terminal, confidential information may be transmitted from the electronic wallet to the point-of-sale terminal via contactless communication, for example using radio frequency transmissions and/or near field communication (NFC) and/or radio frequency identify (RFID) technologies. It may be desirable to prevent the theft of this confidential information, for example, by another who employs electronic interception equipment to capture the unintended emissions or radiations of the confidential information. A system and methods of jamming the reception of this confidential information at unauthorized receivers are disclosed.
Several generated jamming signals are contemplated by this disclosure. One generated signal is based on transmitting additive white Gaussian noise (AWGN) at a power level effective to reduce the signal-to-noise ratio (SNR) of the signal containing the confidential information to a level that the unauthorized receiver is unable to demodulate the confidential information. Another generated signal is based on transmitting a spoofing signal that conforms to the communication format for providing the confidential information to the point-of-sale terminal that contains information unassociated with the confidential information. The spoofing signal is transmitted at an effective power level to impede or prevent the unauthorized receiver from demodulating the confidential information. Another generated signal is based on transmitting a preamble cancelling signal to inhibit an unauthorized receiver from synchronizing and/or tracking the preamble signal and thereby inhibit the unauthorized receiver receiving the confidential information. In some contexts, the jamming signal may be referred to as a blocking signal and a jammer may be referred to as a blocker.
A variety of techniques to avoid the jamming signal impeding the exchange of the confidential information with the point-of-sale terminal are contemplated. Radio shielding material, hereinafter referred to as shielding, may be interposed between the point-of-sale transceiver and a signal generator, whereby the jamming signals transmitted by the signal generator in the direction of the point-of-sale transceiver may be attenuated. The signal generator may transmit the jamming signals with a directional radiation pattern and orient a null of the radiation pattern, a direction of substantially lowered radiation strength, towards the point-of-sale transceiver. The signal generator may provide a baseband jamming signal to the point-of-sale transceiver which the point-of-sale transceiver may employ to cancel the jamming signal, thereby to receive the confidential information unimpeded by the jamming signal.
Turning now to
When a purchase is completed at a point-of-sale terminal, a confidential information, for example, a credit card account number and optionally an authorization number, may be provided by the portable electronic device 108 to the point-of-sale terminal. The portable electronic device 108 may be a mobile phone, a personal digital assistant (PDA), a palm top computer, or other such electronic device. The portable electronic device 108 may include an electronic wallet application which provides financial functions such as credit cards, debit cards, transit cards, gift cards, loyalty cards, and other such payment functions. To complete a payment at the point-of-sale terminal, the portable electronic device 108 may exchange handshaking signals with the point-of-sale transceiver 102 and then transmit the confidential information to the point-of-sale transceiver 102.
The communication link between the portable electronic device 108 and the point-of-sale transceiver 102 may be provided by radio frequency (RF) communication and/or near field communication (NFC) and/or radio frequency identity (RFID) communication. In some embodiments, the radio transmission of the confidential information by the portable electronic device 108 may propagate beyond the point-of-sale terminal and be vulnerable to interception and capture by an identify thief, for example, using an electronic device with a directional antenna aimed to maximize reception of the confidential information transmission.
The point-of-sale controller 101 may be coupled to a cash register and/or bar code reader (not shown) to compose a point-of-sale terminal. The point-of-sale controller 101 mediates among and provides controlling functionality to the several components of the point-of-sale terminal. The point-of-sale controller 101 is coupled to the signal generator 104 and the point-of-sale transceiver 102 and provides control and coordination functions. In an embodiment, the point-of-sale controller 101 is implemented as a general purpose computer system. General purpose computer systems are discussed in more detail hereinafter.
In an embodiment, the signal generator 104 is coupled to the point-of-sale controller 101 and the point-of-sale transceiver 102. The signal generator 104 transmits a jamming or blocking signal to inhibit the ability of identity thieves to intercept and capture the transmission of the confidential information, for example, a credit card account number and optional authorization data. Several different types of jamming signals are contemplated. These different types of jamming signals may be used individually or, in some embodiments, more than one type of jamming signal may be transmitted at the same time by the signal generator 104. The signal generator 104 may transmit the blocking or jamming signal continuously while the point-of-sale terminal is powered on and ready for service. In another embodiment, the signal generator 104 may remain in a ready non-transmitting state until a trigger signal from the point-of-sale transceiver 102 and/or the POS controller 101 causes the signal generator 104 to begin transmitting the jamming signal. The signal generator 104 may transmit the jamming signal until a second trigger signal from the point-of-sale transceiver 102 and/or the POS controller 101 causes the signal generator 104 to return to the ready non-transmitting state. A visual indication may be provided to indicate when the signal generator 104 is actively transmitting. The visual indication may be useful to identify a possible failure of the signal generator 104 and to promote user confidence in the security of their financial information.
As is well known to those skilled in the communications art, receiving a signal typically requires that a minimum signal-to-noise ratio (SNR) be maintained. If the signal-to-noise ratio of the signal drops below the minimum level, the signal may not be decoded without errors. While different modulation techniques promote successful communications at different signal-to-noise ratios, each modulation technique generally can be associated with a minimum signal-to-noise ratio to promote reliable communications based on the modulation technique. Some approaches of the present disclosure are based on transmitting blocking or jamming signals that cause the signal-to-noise ratio of the signal containing the confidential information to drop below the level generally needed for error free reception at possible locations of an identity thief, for example, at least about 3 meters away from the point-of-sale terminal.
In one embodiment, additive white Gaussian noise (AWGN) is transmitted by the signal generator 104 at an effective transmission power level to inhibit or defeat the ability to demodulate or receive the transmission of the confidential information. In combination with this disclosure, one skilled in the art may readily determine the effective transmission power level. In some cases, a minimum signal-to-noise ratio to demodulate or receive a transmission based on known modulation techniques may be calculated theoretically. Alternatively, environmental testing may be performed to verify and/or determine the effective transmission power level. Other types of noise signals are also contemplated by the present disclosure for use as blocking or jamming signals.
In another embodiment, a spoofing signal is transmitted by the signal generator 104 at an effective transmission power level to dominate the transmission of confidential information. Expressed in another way, the spoofing signal is transmitted with enough power that an attempt to receive the transmitted confidential information may demodulate the spoofing signal as the desired signal and exclude the transmitted confidential information as noise. The spoofing signal is similar in structure to the signal transmitted by the portable electronic device 108.
For example, in an embodiment the signal transmitted by the portable electronic device 108 may include a preamble portion, and a series of packets. The packets may comprise a header and a payload portion. In this exemplary case, the spoofing signal would include appropriate preamble information and header information but the payload portion would contain information unassociated with the confidential information. When an identity thief attempts to intercept and capture the confidential information transmitted by the portable electronic device 108 to the point-of-sale transceiver 102, the identity thief will instead intercept and capture the information unassociated with the confidential information. In an embodiment, the information unassociated with the confidential information may be deliberately invalid to avoid inadvertently revealing an operable credit card account number and/or authorization number. While an exemplary communication format is described above comprising a preamble followed by one or more packets, where each packet comprises a header portion and a data portion, the present disclosure also contemplates other communication formats, all of which may be spoofed to inhibit identity theft according to the present disclosure.
In an embodiment, the signal generator 104 may transmit a cancelling signal. In some communication formats, a preamble or training sequence comprising a known signal may be transmitted by either the point-of-sale transceiver 102 or the portable electronic device 108. The known signal may be used to synchronize communications and adjust operational parameters. The signal generator 104 may transmit a signal that effectively cancels the preamble sequence, thereby inhibiting the ability of an identity thief to receive the later transmitted confidential information. Additionally, the signal generator 104 may transmit a cancelling signal to cancel portions of an initial handshaking communication session, for example, the portion to be transmitted by the point-of-sale transceiver 102. In this case, the point-of-sale transceiver 102 may send the information to be transmitted by the point-of-sale transceiver 102 during the handshaking session to the signal generator 104, whereby the signal generator 104 may produce a signal cancelling the corresponding handshaking transmission, thereby inhibiting the ability of an identity thief to receive the later transmitted confidential information.
In some embodiments, the optional shielding 106 is located between the signal generator 104 and the point-of-sale transceiver 102 to attenuate the blocking or jamming signal that is incident upon the point-of-sale transceiver 102 and/or on the portable electronic device 108, in order to avoid inhibiting the reception of the confidential information at the point-of-sale transceiver 102. In another embodiment, the signal generator 104 may be configured with a directional antenna to create a null in the radiation pattern in the direction of the point-of-sale transceiver 102 and or the portable electronic device 108, in order to avoid inhibiting the reception of the confidential information by the point-of-sale transceiver 102. In another embodiment, the signal generator 104 sends a form of the blocking or jamming signal or signals to the point-of-sale transceiver 102, and the point-of-sale transceiver 102 is able to use this signal or signals to cancel the known blocking or jamming signal or signals broadcast by the signal generator 104 and to receive the confidential information. For example, in an embodiment, the signal generator 104 may send the jamming signal over a coaxial cable to the point-of-sale transceiver 102, up-convert the jamming signal, and broadcast the jamming signal. The point-of-sale transceiver 102 may down convert the received signal which includes both the signal transmitted by the portable electronic device 108 and the up-converted jamming signal broadcast by the signal generator 104, equalize the power level of the jamming signal received from the signal generator 104 over the coaxial cable, and subtract the jamming signal from the down converted received signal, thereby substantially attenuating the jamming signal.
Turning now to
Turning now to
Turning now to
Turning now to
Turning now to
At block 174, the jamming signal is broadcast. Broadcasting the jamming signal includes broadcasting the jamming signal from an antenna. In an embodiment, the jamming signal may be broadcast with a directional radiation pattern that directs a null or low amplitude portion of the radiation pattern towards the point-of-sale transceiver 102. In an embodiment, the jamming indicator 152 indicates when the jamming signal is being transmitted.
At block 176, the point-of-sale transceiver 102 receives confidential information, for example, a credit card account number and an optional authorization number, while the jamming signal is being broadcast. In an embodiment, the point-of-sale transceiver 102 has access to the jamming signal, either the baseband jamming signal or the radio frequency jamming signal, and uses the jamming signal to create a cancelling signal to avoid inhibition of the ability to receive the confidential information from the portable electronic device 108.
Turning now to
At block 190, a cancelling preamble sequence is transmitted. In an embodiment, the cancelling preamble sequence may be transmitted by the signal generator 104. The cancelling preamble sequence is determined to substantially cancel or attenuate the preamble sequence signal that is incident at a point greater than about three meters away from the point-of-sale transceiver 102. In an embodiment, the cancelling preamble sequence may be transmitted while the preamble sequence is transmitted, for example, during the first time interval.
At block 192, the confidential information is transmitted by the portable electronic device 108. In an embodiment, at block 194 the signal generator 104 transmits a jamming signal while the portable electronic device 108 transmits the confidential information. In an embodiment, the preamble sequence is transmitted before the confidential information, and receiving the confidential information may be based on first having received and decoded correctly the preamble sequence. Thus, an identity thief may be prevented from intercepting and capturing the confidential information by preventing the identity thief from receiving and decoding correctly the preamble sequence. For example, the preamble sequence and the preamble cancelling sequence may be transmitted during the first time interval, and the confidential information may be transmitted during a second time interval, wherein the second time interval follows the first time interval in time.
Portions of the system 100 described above, for example the POS controller 101, may be implemented on any general-purpose computer with sufficient processing power, memory resources, and network throughput capability to handle the necessary workload placed upon it.
The secondary storage 384 is typically comprised of one or more disk drives or tape drives and is used for non-volatile storage of data and as an over-flow data storage device if RAM 388 is not large enough to hold all working data. Secondary storage 384 may be used to store programs which are loaded into RAM 388 when such programs are selected for execution. The ROM 386 is used to store instructions and perhaps data which are read during program execution. ROM 386 is a non-volatile memory device which typically has a small memory capacity relative to the larger memory capacity of secondary storage. The RAM 388 is used to store volatile data and perhaps to store instructions. Access to both ROM 386 and RAM 388 is typically faster than to secondary storage 384.
I/O devices 390 may include printers, video monitors, liquid crystal displays (LCDs), touch screen displays, keyboards, keypads, switches, dials, mice, track balls, voice recognizers, card readers, paper tape readers, or other well-known input devices.
The network connectivity devices 392 may take the form of modems, modem banks, ethernet cards, universal serial bus (USB) interface cards, serial interfaces, token ring cards, fiber distributed data interface (FDDI) cards, wireless local area network (WLAN) cards, radio transceiver cards such as code division multiple access (CDMA) and/or global system for mobile communications (GSM) radio transceiver cards, and other well-known network devices. These network connectivity devices 392 may enable the processor 382 to communicate with an Internet or one or more intranets. With such a network connection, it is contemplated that the processor 382 might receive information from the network, or might output information to the network in the course of performing the above-described method steps. Such information, which is often represented as a sequence of instructions to be executed using processor 382, may be received from and outputted to the network, for example, in the form of a computer data signal embodied in a carrier wave.
Such information, which may include data or instructions to be executed using processor 382, for example, may be received from and outputted to the network, for example, in the form of a computer data baseband signal or signal embodied in a carrier wave. The baseband signal or signal embodied in the carrier wave generated by the network connectivity devices 392 may propagate in or on the surface of electrical conductors, in coaxial cables, in waveguides, in optical media, for example, optical fiber, or in the air or free space. The information contained in the baseband signal or signal embedded in the carrier wave may be ordered according to different sequences, as may be desirable for either processing or generating the information or transmitting or receiving the information. The baseband signal or signal embedded in the carrier wave, or other types of signals currently used or hereafter developed, referred to herein as the transmission medium, may be generated according to several methods well known to one skilled in the art.
The processor 382 executes instructions, codes, computer programs, scripts which it accesses from hard disk, floppy disk, optical disk (these various disk based systems may all be considered secondary storage 384), ROM 386, RAM 388, or the network connectivity devices 392.
While several embodiments have been provided in the present disclosure, it should be understood that the disclosed systems and methods may be embodied in many other specific forms without departing from the spirit or scope of the present disclosure. The present examples are to be considered as illustrative and not restrictive, and the intention is not to be limited to the details given herein. For example, the various elements or components may be combined or integrated in another system or certain features may be omitted or not implemented.
Also, techniques, systems, subsystems, and methods described and illustrated in the various embodiments as discrete or separate may be combined or integrated with other systems, modules, techniques, or methods without departing from the scope of the present disclosure. Other items shown or discussed as directly coupled or communicating with each other may be indirectly coupled or communicating through some interface, device, or intermediate component, whether electrically, mechanically, or otherwise. Other examples of changes, substitutions, and alterations are ascertainable by one skilled in the art and could be made without departing from the spirit and scope disclosed herein.
This application is a continuation of and claims priority to U.S. patent application Ser. No. 12/022,903, entitled “System and Method for Active Jamming of Confidential Information Transmitted at a Point-of-Sale Reader”, filed on Jan. 30, 2008, which is incorporated herein by reference for all purposes.
Number | Name | Date | Kind |
---|---|---|---|
5453601 | Rosen | Sep 1995 | A |
5496966 | Hightower et al. | Mar 1996 | A |
6122625 | Rosen | Sep 2000 | A |
6446049 | Janning et al. | Sep 2002 | B1 |
6584326 | Boydston et al. | Jul 2003 | B1 |
6679423 | Ijichi et al. | Jan 2004 | B2 |
6879965 | Fung et al. | Apr 2005 | B2 |
6880085 | Balczewski et al. | Apr 2005 | B1 |
7146159 | Zhu | Dec 2006 | B1 |
7233785 | Yamagishi et al. | Jun 2007 | B2 |
7269256 | Rosen | Sep 2007 | B2 |
7413113 | Zhu | Aug 2008 | B1 |
7434723 | White et al. | Oct 2008 | B1 |
7475044 | Kawai et al. | Jan 2009 | B1 |
7494067 | Zhu | Feb 2009 | B1 |
7546956 | Adams et al. | Jun 2009 | B2 |
7644039 | Magee et al. | Jan 2010 | B1 |
7644859 | Zhu | Jan 2010 | B1 |
7707113 | DiMartino et al. | Apr 2010 | B1 |
7748636 | Finn | Jul 2010 | B2 |
7819307 | Lyons et al. | Oct 2010 | B2 |
7822688 | Labrou et al. | Oct 2010 | B2 |
7926714 | Zhu | Apr 2011 | B1 |
8055184 | DiMartino et al. | Nov 2011 | B1 |
8060449 | Zhu | Nov 2011 | B1 |
8107953 | Zimmerman et al. | Jan 2012 | B2 |
8123128 | Zhu | Feb 2012 | B1 |
8126806 | DiMartino et al. | Feb 2012 | B1 |
8165961 | DiMartino et al. | Apr 2012 | B1 |
20010005184 | Tsuno et al. | Jun 2001 | A1 |
20020006806 | Kinnunen et al. | Jan 2002 | A1 |
20020011519 | Shults, III | Jan 2002 | A1 |
20020052754 | Joyce et al. | May 2002 | A1 |
20020062284 | Kawan | May 2002 | A1 |
20020123971 | Maritzen et al. | Sep 2002 | A1 |
20020147913 | Lun Yip | Oct 2002 | A1 |
20030009382 | D'Arbeloff et al. | Jan 2003 | A1 |
20030028481 | Flitcroft et al. | Feb 2003 | A1 |
20030032409 | Hutcheson et al. | Feb 2003 | A1 |
20030045328 | Natsuno | Mar 2003 | A1 |
20030070080 | Rosen | Apr 2003 | A1 |
20030083933 | McAlear | May 2003 | A1 |
20030149900 | Glassman et al. | Aug 2003 | A1 |
20030211862 | Hutchison, IV et al. | Nov 2003 | A1 |
20040093265 | Ramchandani et al. | May 2004 | A1 |
20040122771 | Celi et al. | Jun 2004 | A1 |
20040166839 | Okkonen et al. | Aug 2004 | A1 |
20040192303 | Puthenkulam | Sep 2004 | A1 |
20040203601 | Morriss et al. | Oct 2004 | A1 |
20050216424 | Gandre et al. | Sep 2005 | A1 |
20050234778 | Sperduti et al. | Oct 2005 | A1 |
20060073808 | Buchert | Apr 2006 | A1 |
20060085847 | Ikeuchi et al. | Apr 2006 | A1 |
20060136334 | Atkinson et al. | Jun 2006 | A1 |
20060165060 | Dua | Jul 2006 | A1 |
20060167823 | York et al. | Jul 2006 | A1 |
20060191995 | Stewart et al. | Aug 2006 | A1 |
20060211408 | Yamagishi et al. | Sep 2006 | A1 |
20070010213 | Dewan | Jan 2007 | A1 |
20070011461 | Jeng | Jan 2007 | A1 |
20070080215 | Ramachandran et al. | Apr 2007 | A1 |
20070095892 | Lyons et al. | May 2007 | A1 |
20070125840 | Law et al. | Jun 2007 | A1 |
20070145152 | Jogand-Coulomb et al. | Jun 2007 | A1 |
20070198410 | Labgold et al. | Aug 2007 | A1 |
20070223685 | Boubion et al. | Sep 2007 | A1 |
20070233615 | Tumminaro | Oct 2007 | A1 |
20070234427 | Gardner et al. | Oct 2007 | A1 |
20070244811 | Tumminaro | Oct 2007 | A1 |
20070248232 | Driscoll et al. | Oct 2007 | A1 |
20070255620 | Tumminaro | Nov 2007 | A1 |
20070255652 | Tumminaro | Nov 2007 | A1 |
20070281664 | Kaneko et al. | Dec 2007 | A1 |
20070291995 | Rivera | Dec 2007 | A1 |
20080059379 | Ramaci et al. | Mar 2008 | A1 |
20080067240 | Nakano et al. | Mar 2008 | A1 |
20080126260 | Cox et al. | May 2008 | A1 |
20080201212 | Hammad et al. | Aug 2008 | A1 |
20080238610 | Rosenberg | Oct 2008 | A1 |
20080297306 | Huajun et al. | Dec 2008 | A1 |
20080315989 | Mirkazemi-Moud et al. | Dec 2008 | A1 |
20090018964 | Liu et al. | Jan 2009 | A1 |
20090046858 | Iyer et al. | Feb 2009 | A1 |
20090050689 | Sako et al. | Feb 2009 | A1 |
20090078761 | Sines | Mar 2009 | A1 |
20090097531 | Franceschini et al. | Apr 2009 | A1 |
20090253409 | Slavov et al. | Oct 2009 | A1 |
20090270174 | Kelly et al. | Oct 2009 | A1 |
20090313689 | Nyström et al. | Dec 2009 | A1 |
20100030651 | Matotek et al. | Feb 2010 | A1 |
20100094752 | Heath | Apr 2010 | A1 |
20100133337 | Van Rensburg | Jun 2010 | A1 |
20110006112 | Mueller | Jan 2011 | A1 |
20110053560 | Jain et al. | Mar 2011 | A1 |
Number | Date | Country | |
---|---|---|---|
Parent | 12022903 | Jan 2008 | US |
Child | 13207645 | US |