JP2001184567A - Transaction processing device - Google Patents

Abstract

PROBLEM TO BE SOLVED: To prevent secret information on security from being illegally acquired from a memory inside a main body by disassembling the main body of device without erasing the secret information from this memory. SOLUTION: A cover open detecting circuit 6 is provided for detecting the cover open of a main body 1 of transaction processing device. When the cover open of the main body 1 of transaction processing device is detected by this cover open detecting circuit 6, access to a second RAM 5, which stores the secret information on the security of account settling processing, is disabled.

Description

DETAILED DESCRIPTION OF THE INVENTION

[0001]

BACKGROUND OF THE INVENTION 1. Field of the Invention The present invention relates to a transaction processing apparatus such as a POS (Point Of Sales) terminal and a credit processing terminal for processing the settlement of a sales transaction using a settlement card such as a credit card or a debit card.

[0002]

2. Description of the Related Art Generally, a transaction processing apparatus for processing the settlement of a sales transaction using a settlement card such as a credit card or a debit card is provided with a communication message with a host computer of a financial institution designated by the settlement card. The security was enhanced by transmitting and receiving encrypted data. For this reason, the key data for encryption and the key data for recovery are previously set and stored in the memory built in the transaction processing device.

In this apparatus, key data can be obtained by disassembling the main body of the transaction processing apparatus, taking out a built-in memory, transferring the data stored in this memory to a personal computer and analyzing it. Was. Once the key data is known, it is possible to access the host computer of the financial institution using the network without using the transaction processing device, and to perform fraud such as transferring cash from another person's account to a predetermined account.

Therefore, as means for preventing this kind of fraud, conventionally, when the main body of the transaction processing apparatus is disassembled, the power supply from the battery that backs up the internal memory is stopped to thereby prevent the internal memory from being used. Means for erasing stored data to prevent fraud have been known.

[0005]

However, the means for stopping the backup power supply to the built-in memory in response to the disassembly of the transaction processing apparatus cannot recover the data once erased from the memory. When the main body was disassembled, the data had to be set again, and the restoration required a lot of trouble and time.

The present invention has been made in view of such circumstances, and an object of the present invention is to disassemble an apparatus main body and illegally obtain confidential information relating to security of settlement processing from a memory in the main body. It is an object of the present invention to provide a transaction processing device which can prevent confidential information from being erased from the memory without erasing the same, and can promptly restore a settlement process even if the device body is erroneously disassembled.

[0007]

The invention according to claim 1 of the present application processes the settlement of a sales transaction based on the card data of the settlement card read by the card reader and the personal identification number inputted via the pin pad. In transaction processing equipment,
A memory for storing secret information relating to security of the settlement processing, a cover open detecting means for detecting a cover open of the transaction processing apparatus main body having the memory therein, and a cover open of the transaction processing apparatus main body by the cover open detecting means. Unauthorized access means for making the memory inaccessible in response to the detection.
With such a configuration, even if the cover of the transaction processing apparatus body is opened illegally, the memory becomes inaccessible due to the opening of the cover. Information cannot be read. On the other hand, if the cover of the transaction processing apparatus body is accidentally opened, the memory becomes inaccessible, but the secret information related to the security of the payment processing stored in the memory is not erased, so that the recovery is easy. .

According to a second aspect of the present invention, in the first aspect of the present invention, a predetermined password is input via a pin pad when access to the memory is disabled by the unauthorized access prevention means. And a memory for preventing unauthorized access. By providing this fraud prevention release means, when the cover of the transaction processing apparatus body is accidentally opened, the memory can be accessed only by inputting a predetermined password through the pin pad, so that recovery is extremely easy. is there.

According to a third aspect of the present invention, in accordance with the first or second aspect of the present invention, it is determined whether or not the cover open of the transaction processing apparatus main body is detected by the cover open detecting means when the power is turned on. And a warning means for issuing a cover open warning when it is determined that a cover open is detected by the determination means. By taking such a measure, even if the cover of the transaction processing apparatus body is opened improperly and then returned to its original state and the appearance seems to be normal, the cover is opened by turning on the power of the apparatus body. A warning is issued so that fraud can be found.

[0010]

DESCRIPTION OF THE PREFERRED EMBODIMENTS One embodiment of the present invention will be described below with reference to the drawings. In this embodiment, the description will be continued assuming that the present invention is applied to a credit processing terminal.

FIG. 1 is a block diagram showing a configuration of a main part of a credit processing terminal according to the present embodiment. The credit processing terminal includes a CPU (Central
singUnit) 2, ROM (Read Only Memory) 3, 1st R
AM (Random Access Memory) 4, second RAM 5, cover open detection circuit 6, encryption circuit 7, communication unit 8, display controller 9, printer controller 10, keyboard controller 11, card reader controller 12,
An I / O port 13, a buzzer circuit 14, and a battery 15 are mounted. And CPU2, ROM3, 1R
AM 4, second RAM 5, cover open detection circuit 6, encryption circuit 7, communication unit 8, display controller 9, printer controller 10, keyboard controller 11, card reader controller 12, I / O port 13, and buzzer circuit 14. A connection circuit is connected via a bus line 16 such as a bus or a data bus to constitute a control circuit of the credit processing terminal.

The CPU 2 plays a central role in control necessary for realizing all functions as a credit processing terminal. The ROM 3 stores a program for executing the control operation of the CPU 2 in advance. 1st RAM4
Form various memory areas used by the CPU 2 for arithmetic processing.

The second RAM 5 stores key data for encrypting a transmission message and key data for decrypting a reception message.
It stores confidential information and the like related to the security of the settlement process. The power is backed up by the battery 15. The cover open detection circuit 6 detects the cover open of the terminal body 1, and the power is backed up by the battery 15.

The encryption circuit 7 is a circuit for encrypting a transmission message using the encryption key data stored in the second RAM 5. The communication unit 8 is connected to a host computer of a financial institution designated by the credit card via a network, and controls transmission and reception of communication messages.

The display controller 9 connects a display unit 17 such as a display, controls the driving of the display unit 17, and displays data such as messages. The printer controller 10 is connected to a printer 18 such as a line thermal printer and controls the driving of the printer 18 to print a credit settlement slip or the like.

The keyboard controller 11 connects a keyboard 19 provided with various keys necessary for settlement of a sales transaction, controls the driving of the keyboard 19, and takes in key input data. The card reader controller 12 is connected to a card reader 20 capable of reading card data of a credit card.
Is controlled to take in card data such as a card issuing company code, a member number, and an expiration date read from a credit card.

The I / O port 13 connects to a pin pad 21 for inputting a personal identification number, and inputs and outputs signals to and from the pin pad 21. The buzzer circuit 14 generates a buzzer sound such as a warning sound.

The battery 15 backs up the power of the second RAM 5 and the cover open detection circuit 6, and stably stores and holds the data stored in the second RAM 5 even when the main power of the terminal body 1 is turned off. The operation of the cover open detection circuit 6 is guaranteed.

FIG. 2 is a circuit diagram of the cover open detection circuit 6 according to the present embodiment. The cover open detection circuit 6 includes a cover open switch SW that closes when the cover of the terminal body 1 is opened. A series circuit of a resistor R and the cover open switch SW is interposed between the power supply VB from the battery 15 and the ground level.

The cover open detection circuit 6 has a D-type flip-flop circuit FF. The power supply VB from the battery 15 is applied to the input terminal D and the set terminal S of the D-type flip-flop circuit FF, and the connection between the cover open switch SW and the resistor R is connected to the clock terminal CL. The voltage at the point is applied via the inverter circuit G1. The reset terminal R of the D-type flip-flop circuit FF has
The access prohibition release signal S1 is input from U2.

Further, the cover open detection circuit 6 includes a NAND gate circuit G2 having two inputs of negative logic. The output terminal Q of the D-type flip-flop circuit FF is connected to one negative logic input terminal of the NAND gate circuit G2.
, And an access signal S3 of the second RAM 5 is input to the other negative logic input terminal. The access enable signal S2
Is also input to the input port of the CPU 2. The power supply of the inverter circuit G1 and the D-type flip-flop circuit FF is backed up by the battery 15.

The cover open detection circuit 6 having such a configuration
The access enable signal S2 output from the output terminal Q of the D-type flip-flop circuit FF is low when the cover open switch SW is open when the cover of the terminal body 1 is closed. To maintain. As a result, the NAND gate circuit G2 is opened, and the second access signal S3 of the second RAM 5 causes the second gate circuit G2 to open.
The RAM 5 can be accessed.

On the other hand, when the cover of the terminal body 1 is opened, the cover open switch SW is closed. Thereby, the clock terminal CL of the D-type flip-flop circuit FF
The level of the input signal becomes high level “H”, and the access enable signal S2 output from the output terminal Q becomes high level “H”. As a result, the NAND gate circuit G2 is in the closed state, making the second RAM 5 inaccessible (fraud prevention means).

FIG. 3 is a flowchart showing a main part of the cover open determination process executed by the CPU 2 in the present embodiment. The CPU 2 performs this process during the startup operation after the main power of the terminal body is turned on. Execute cover open determination processing. That is, when starting the cover open determination processing, the CPU 2 first determines the level of the access enable signal S2 input to a predetermined input port as ST (step) 1 (open history determination means). Here, if the level of the access enable signal S2 is low ("NO" in ST2), the cover open determination processing ends.

On the other hand, the access enable signal S2
Is high level "H" (YE in ST2).
S), ST3 stops the normal operation after the cover open determination processing. Then, the display unit 1 is set as ST4.
At the same time as displaying a message warning that there is a history of cover open at 7, a buzzer sound is generated by the buzzer 14 for warning at ST 5, and a warning indicating that the cover is open is issued (warning means). Thereafter, the cover open determination process ends.

FIG. 4 is a flow chart showing a main part of the pin pad input processing executed by the CPU 2 in the present embodiment.
The CPU 2 is connected to the pin pad 21 via the I / O port 21.
, The pin pad input process is executed. That is, when starting the pin pad input process, the CPU 2 first analyzes the input signal from the pin pad 21 as ST1, and determines whether or not numerical data of the number of digits corresponding to the password has been input. If it is determined that the numeric data having the number of digits corresponding to the password has been input, it is determined in ST2 whether the numeric data matches the preset password for instructing the release of the access prohibition state of the second RAM 5. Judge. If it is determined that the password matches the password for instructing the release of the access prohibition state of the second RAM 5, the level of the access prohibition release signal S1 is temporarily changed from the high level "H" to the low level "L" in step ST3, and the high level is restored. The level is returned to "H", and the D-type flip-flop circuit FF of the cover open detection circuit 6 is reset (fraud prevention release means).

Thus, the pin pad input processing is completed. If it is determined in ST1 that numerical data other than the password has been input, it is determined that an error has occurred. ST
If it is determined in step 2 that the password is a password other than the password for instructing the release of the access prohibition state of the second RAM 5, other processing corresponding to the password is executed.

In the credit processing terminal of the present embodiment configured as described above, in a normal state in which the cover of the terminal body 1 is closed, regardless of whether the main power supply of the terminal body 1 is on or not. Second RAM storing secret information related to security of settlement processing, such as key data for encrypting a transmission message and key data for decrypting a reception message.
5 accesses are possible. In this state, when the main power supply is turned on and the access signal S3 is output from the CPU 2 to read the data stored in the second RAM 5, the access signal S3 is supplied to the second RAM 5,
The data stored in the second RAM 5 is read.

On the other hand, when the cover of the terminal body 1 is opened, the cover open switch SW is closed.
Access to the RAM 5 becomes impossible. Thereafter, even if the cover is returned to the original position, the access prohibition release signal S1
Unless is output, the D-type flip-flop circuit FF is not reset, and the inaccessible state of the second ROM 5 is maintained. Therefore, even if the cover of the terminal body 1 is illegally opened to steal the confidential information relating to the security of the payment processing stored in the second RAM 5, once the cover of the terminal body 1 is opened, the second RAM 5 cannot be accessed. It is impossible to deliver. In addition, since the data stored in the second RAM 5 is not erased, it is not necessary to reset secret information relating to the security of the settlement processing in the second RAM 5 at the time of system recovery, and the time required for the recovery work can be shortened. The labor can be greatly simplified.

Further, in the present embodiment, when the main power is turned on after the cover of the terminal body 1 is once opened, the D-type flip-flop circuit FF of the cover open detection circuit 6
The normal operation thereafter is stopped on condition that the access enable signal output from the CPU is maintained at the high level "H", and a message warning that the cover is open is displayed on the display unit 17 and the buzzer is sounded at the same time. Circuit 1
4 generates a warning sound. Therefore, the terminal body 1
Even if the cover is opened improperly and then returned to its original state and the appearance seems to be normal, a warning that the cover is open will be issued by turning on the power of the terminal body 1.
You can reliably detect fraud.

In this embodiment, even if the access to the second RAM 5 becomes impossible due to the cover of the terminal body 1 being opened, the access can be made by inputting a predetermined PIN code from the pin pad 21. The disabled state can be released. Therefore, if the cover of the terminal body 1 is accidentally opened, the terminal can be restored only by inputting a predetermined password through the pin pad 21, so that the labor and time required for the restoration work can be greatly simplified. . However, in this case, it is needless to say that it is important for only the manager of the credit processing terminal to be able to know the personal identification number and to enhance the security.

In the embodiment, the terminal body 1
When the cover open is detected by the cover open switch SW, an access enable signal S2 is generated by a hardware circuit such as a D-type flip-flop circuit FF, and the access of the second RAM 5 is disabled.
The access enable signal S is softened by the processing of U2.
2, it is also possible to disable access to the second RAM 5.

In the above-described embodiment, the password for instructing the release of the access prohibition state is input to the pin pad 2.
Although the input is made at 1, the input may be made at the keyboard 19. In this case, when a special operation such as pressing two specific keys at the same time is performed, a password input mode is set, and the password can be input from the keyboard 19.

The present invention is not limited to a credit processing terminal, but can be applied to any transaction processing apparatus such as a POS terminal in which secret information relating to security of settlement processing is stored in an internal memory.

[0035]

As described above in detail, according to the first aspect of the present invention, it is possible to disassemble the apparatus main body and illegally obtain secret information relating to the security of settlement processing from the memory in the main body. It is possible to provide a transaction processing apparatus that can prevent confidential information from being erased from the memory without erasing the information and can promptly restore the settlement process even if the apparatus body is erroneously disassembled. According to the invention described in claim 2 of the present application,
In addition to the effects of the first aspect of the present invention, a transaction processing apparatus capable of performing a recovery operation extremely easily and with high security can be provided.

Further, according to the invention of claim 3 of the present application, not only the same effect as the invention of claim 1 or 2 is obtained, but also the cover of the transaction processing apparatus main body is illegally opened. And a transaction processing apparatus that can detect fraud even when it is considered that there is no abnormality in appearance and can further enhance security and reliability.

[Brief description of the drawings]

FIG. 1 is a block diagram showing a main configuration of a credit processing terminal according to an embodiment of the present invention.

FIG. 2 is a circuit diagram of a cover open detection circuit according to the embodiment, which is tinned.

FIG. 3 is a flowchart showing a main part of a cover open determination process executed by a CPU in the embodiment.

FIG. 4 is a flowchart showing a main part of a pin pad input process executed by a CPU in the embodiment.

[Explanation of symbols]

 DESCRIPTION OF SYMBOLS 1 ... Terminal main body (transaction processing device main body) 2 ... CPU 3 ... ROM4 ... 1st RAM 5 ... 2nd RAM 6 ... Cover open detection circuit 14 ... Buzzer circuit 15 ... Battery 17 ... Display part 21 ... Pin pad

Claims (3)

[Claims] 1. A transaction processing apparatus for processing settlement of a sales transaction based on card data of a settlement card read by a card reader and a password input via a pin pad, wherein secret information relating to security of settlement processing is stored. A memory for storing, a cover open detecting means for detecting a cover open of the transaction processing apparatus main body having the memory mounted therein, and a cover open detecting means for detecting the cover open of the transaction processing apparatus main body by the cover open detecting means. A transaction processing device, comprising: fraud prevention means for making a memory inaccessible. 2. An anti-fraud release means for enabling access to the memory when a predetermined password is input via a pin pad when access to the memory is disabled by the anti-fraud means. The transaction processing device according to claim 1, wherein 3. An open history judging means for judging whether or not a cover open of the transaction processing apparatus body is detected by a cover open detecting means at the time of power-on, and judging that the cover open is detected by the judging means. 3. The transaction processing apparatus according to claim 1, further comprising: a warning unit that issues a warning indicating that a cover is open when the operation is performed.