US20080027873A1 - Terminal adapter for atms - Google Patents
Terminal adapter for atms Download PDFInfo
- Publication number
- US20080027873A1 US20080027873A1 US11/734,192 US73419207A US2008027873A1 US 20080027873 A1 US20080027873 A1 US 20080027873A1 US 73419207 A US73419207 A US 73419207A US 2008027873 A1 US2008027873 A1 US 2008027873A1
- Authority
- US
- United States
- Prior art keywords
- terminal adapter
- network
- transaction
- terminal
- primary
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Abandoned
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/04—Payment circuits
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/08—Payment architectures
- G06Q20/10—Payment architectures specially adapted for electronic funds transfer [EFT] systems; specially adapted for home banking systems
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/08—Payment architectures
- G06Q20/20—Point-of-sale [POS] network systems
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/08—Payment architectures
- G06Q20/20—Point-of-sale [POS] network systems
- G06Q20/202—Interconnection or interaction of plural electronic cash registers [ECR] or to host computer, e.g. network details, transfer of information from host to ECR or from ECR to ECR
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/08—Payment architectures
- G06Q20/20—Point-of-sale [POS] network systems
- G06Q20/204—Point-of-sale [POS] network systems comprising interface for record bearing medium or carrier for electronic funds transfer or payment credit
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/382—Payment protocols; Details thereof insuring higher security of transaction
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q30/00—Commerce
- G06Q30/06—Buying, selling or leasing transactions
-
- G—PHYSICS
- G07—CHECKING-DEVICES
- G07F—COIN-FREED OR LIKE APPARATUS
- G07F19/00—Complete banking systems; Coded card-freed arrangements adapted for dispensing or receiving monies or the like and posting such transactions to existing accounts, e.g. automatic teller machines
- G07F19/20—Automatic teller machines [ATMs]
-
- G—PHYSICS
- G07—CHECKING-DEVICES
- G07F—COIN-FREED OR LIKE APPARATUS
- G07F19/00—Complete banking systems; Coded card-freed arrangements adapted for dispensing or receiving monies or the like and posting such transactions to existing accounts, e.g. automatic teller machines
- G07F19/20—Automatic teller machines [ATMs]
- G07F19/211—Software architecture within ATMs or in relation to the ATM network
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L12/00—Data switching networks
- H04L12/54—Store-and-forward switching systems
- H04L12/56—Packet switching systems
- H04L12/5691—Access to open networks; Ingress point selection, e.g. ISP selection
- H04L12/5692—Selection among different networks
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0853—Network architectures or network communication protocols for network security for authentication of entities using an additional device, e.g. smartcard, SIM or a different communication terminal
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L69/00—Network arrangements, protocols or services independent of the application payload and not provided for in the other groups of this subclass
- H04L69/18—Multiprotocol handlers, e.g. single devices capable of handling multiple protocols
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04M—TELEPHONIC COMMUNICATION
- H04M11/00—Telephonic communication systems specially adapted for combination with other electrical systems
- H04M11/06—Simultaneous speech and data transmission, e.g. telegraphic transmission over the same conductors
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L2463/00—Additional details relating to network architectures or network communication protocols for network security covered by H04L63/00
- H04L2463/102—Additional details relating to network architectures or network communication protocols for network security covered by H04L63/00 applying security measure for e-commerce
Definitions
- This invention generally relates to terminal adapters for terminals originating financial transactions, including credit/debit card readers, automatic teller machines, and point of sale terminals.
- terminals using various access protocols interact with a transaction oriented value added network using a versatile terminal adapter facilitating interaction of the terminal with a host processor, wherein the host is also connected to the network.
- the terminal adapter uses a wide area network, such as the Internet, as a primary means of accessing the value added network, and uses dial-up telephone service as a secondary means of accessing the value added network in the event of failure of the primary communication means.
- a network operations center manages the transaction oriented value added network for optimal performance.
- Electronic real-time transaction processing is common in many industries, including retail sales, inventory control, and healthcare. Businesses utilize devices such as card readers, including those reading magnetically encoded cards, to increase productivity and accuracy of various types of transactions.
- a common application is the use of credit cards for purchasing goods and services in retail sales.
- Many retailers have deployed automated card readers to facilitate credit and debit card authorization processing by store personnel. Not only do automated card readers provide greater accuracy than manually keying information at time of purchase, they offer greater speed, convenience, and accuracy.
- POS point-of-sale
- a card reader communicates with a host financial transaction processor using a dedicated phone line.
- the card reader incorporates a standard modem implemented by a single, low-cost integrated circuit based on modem standards such as V.22, V.22 bis, or V.34.
- the card reader dials a programmed telephone number (usually local or toll-free) and establishes a telephone connection via a network with the host processor.
- the card reader transmits the transaction information including the card number, a transaction number, and purchase amount to a host.
- the host processor accepts or declines the transaction and responds by returning an authorization number. This type of transaction typically occurs quickly as it is desirable to minimize delay and increase customer satisfaction.
- LAN local area network
- ISP Internet Service Provider
- the physical communication facility between the LAN and the ISP may be of various types, including digital private line, optical fiber, ISDN, DSL, cable modem, wireless, satellite, etc.
- digital access arrangements provide higher data communication speeds compared to dial-up connections.
- Using a LAN to access the Internet allows multiple users to access the Internet at the same time. While simultaneous usage may slow down response times, one user does not ‘block’ access by another, as is the case when a single telephone line is shared by multiple users or devices. Further, the cost of accessing the Internet does not necessarily require additional fees for each simultaneous user accessing the Internet.
- simultaneous access via telephone lines requires a plurality of telephone lines, each of which has a discrete incremental cost.
- U.S. Pat. No. 5,526,409 discloses the use of a second telephone line that can be used as a secondary means of communication in the event the primary telephone line or modem is inoperable.
- a single telephone line limits the data communication speed for transmitting data and limits the destination to a single host.
- the patent disclose automatically switching to the second telephone line or automatically switching back to the primary telephone line.
- U.S. Pat. No. 5,778,173 discloses using the Internet by a personal computer to facilitate a financial transaction, such as a purchase.
- a financial transaction such as a purchase.
- the complete transaction is not carried out using the Internet; a portion of the transaction conveying sensitive information is sent using a modem on a dial-up telephone connection.
- This arrangement still requires a dedicated phone line for each terminal and increases cost.
- the present invention interworks a terminal, typically incorporating a magnetic card reader, with a host processor by using a terminal adapter operating in conjunction with a network.
- the terminal adapter and network provide various value added services, including synchronization, error detection, security, backup communication, and authentication to achieve fast, reliable, low cost, and efficient transaction processing.
- Various embodiments of adapting existing terminals or personae computer based terminals are disclosed.
- a terminal adapter operating in conjunction with a network for interworking a terminal to a host
- the terminal adapter incorporates a processor to receive a first transaction request message from the terminal and interwork the message to the network using a second transaction request message.
- the network conveys the transaction to the host and interworks the message to a protocol used by the host.
- the response from the host is similarly conveyed back to the terminal.
- the terminal adapter in coordination with the network provides services including: synchronization, authentication, error detection, encryption, backup communication capability, automatic recognition of various terminal protocols and host addresses, automatic determination of network addresses to obtain configuration parameters, and the ability to automatically download new software.
- terminal adapter/terminal including a software version in which functions associated with the terminal adapter are accomplished by loading software into a computer, such as a personal computer based terminal having existing communication capability with a network.
- a network node for interworking a terminal adapter to a host.
- the network node incorporates a processor to receive a transaction request message from the terminal adapter and ensure the request is synchronized, encrypted, and error free and to relay the message to another network node and to a host processor. The response from the host is similarly conveyed back to the terminal.
- the network node in coordination with the terminal adapter provides services including: synchronization, authentication, error detection, encryption, and downloading of addresses, parameters and software to the terminal adapter.
- a method for interworking transaction messages by a terminal adapter wherein the messages originated from a terminal are interworked with a network for processing by a host.
- the method includes: receiving a first message from the terminal, determining the protocol and host destination, and mapping the first message to a second message to a network interface.
- the method includes ensuring synchronization between the terminal adapter and network, encrypting and decrypting messages, switching over to a backup communication path as required, authenticating the terminal adapter to the network, discovering service address information and new configuration parameters, and downloading software as required.
- a network operation center for maintaining information associated with each terminal, including primary and secondary communication path status, operational status, software version indicators, parameter file version indicators, and various service related address information.
- the network operations center may further initiate communication to a defined location, in a defined manner, based on a defined status condition.
- FIG. 1 illustrates one embodiment of the system in which the versatile Terminal Adapter operates according to the principles of one embodiment of the present invention.
- FIG. 2 further elaborates on one embodiment of the invention involving the Value Added Network according to the principles of one embodiment of the present invention.
- FIG. 3 illustrates the pre-transaction transfer procedures for the Terminal Adapter according to the principles of one embodiment of the present invention.
- FIG. 4 illustrates a Simple Transaction message exchange according to the principles of one embodiment of the present invention.
- FIG. 5 illustrates a Session Transaction message exchange according to the principles of one embodiment of the present invention.
- FIG. 6 illustrates the protocol architecture for one embodiment of the Terminal Adapter using the primary communication path according to the principles of one embodiment of the present invention.
- FIG. 7 illustrates various hardware components associated with one embodiment of the Terminal Adapter according to the principles of one embodiment of the present invention.
- FIG. 8 illustrates various software components associated with one embodiment of the Terminal Adapter according to the principles of the present invention.
- FIGS. 9A-9B illustrate various software related embodiments of the functions according to the principles of one embodiment of the present invention.
- FIG. 10 illustrates a flowchart for switching from the primary to secondary communication path (and vice versa) according to the principles of one embodiment of the present invention.
- FIG. 11 illustrates the protocol stacks for one embodiment of the Terminal Adapter using the secondary communication path according to the principles of one embodiment of the present invention.
- FIGS. 12A-12C illustrate embodiments of the Terminal Adapter automatically selecting a terminal protocol according to the principles of one embodiment of the present invention.
- FIGS. 13A and 13B illustrate the procedures and parameters provided to the Terminal Adapter to accomplish software download and configuration management according to the principles of one embodiment of the present invention.
- FIG. 14 illustrates various operational aspects of the Terminal Adapter according to the principles of one embodiment of the present invention.
- the present invention is directed in part to a versatile transaction terminal adapter (“Terminal Adapter”) interworking various types of terminals with a value added network (“Network”) for the purpose of accomplishing transactions, including financial transactions, which will be principally used to illustrate the principles of the present invention.
- the Terminal Adapter is designed to utilize the services of the Network, which in turn utilizes a communication infrastructure, such as the Internet, to provide the goals of reliable, secure and efficient communications in a low cost manner.
- the Network could utilize other communication infrastructures, such as virtual private networks, ATM networks, WANs, or similar technologies to accomplish these goals.
- the principles of the present invention are illustrated using certain types of embodiments, communication infrastructures, and categories of transaction types, it will be readily appreciated that other communication networks or devices could incorporate the principles of the present invention for a variety of transaction types.
- FIG. 1 A system perspective of one embodiment of the invention is shown in FIG. 1 .
- the terminals of system 1 are typically located on the premises of a business, such as a retail store, bank, merchant, etc. although it is not restricted to commercial sales applications.
- a common example is a card reader 2 located in a retail store, which can be a credit card reader, debit card reader, or any other type of magnetic card reader, optical card reader, or ‘smart’ card reader.
- the card reader 2 is illustrated as directly connected to the Terminal Adapter.
- the connection between the card reader and the Terminal Adapter can use a variety of connection means, and frequently incorporates an RJ-11 telephone-type jack based on a Plain Old Telephone (POTS) interface.
- POTS Plain Old Telephone
- the card reader expects to interface with the Public Switched Telephone Network (PSTN), which the Terminal Adapter emulates.
- PSTN Public Switched Telephone Network
- FIG. 1 also illustrates a plurality of card readers 4 , which can be of the same type as the previous card reader 2 , but which are connected to a multi-card reader controller 6 .
- the controller 6 aggregates a plurality of card readers and multiplexes their transactions onto a single communication facility.
- the controller 6 is connected to the Terminal Adapter 14 .
- the interface presented by the Terminal Adapter 14 to the card reader 2 could be the same interface presented by the Terminal Adapter 14 to the multi-card-reader controller 6 .
- These are but two of many arrangements that may be used to connect a terminal to the Terminal Adapter.
- the Terminal Adapter connects several identical card readers 2 , one terminal to each interface of the Terminal Adapter 14 .
- the terminal is not restricted to being a card reader, but may be a more sophisticated device, such as an Automatic Teller Machine (ATM) 8 .
- ATM Automatic Teller Machine
- This type of terminal performs financial transactions, although the nature of the transaction may be more complicated or varied than that of a credit card authorization associated with the previously identified card readers 2 , 4 .
- the ATM 8 is illustrated as directly connected to the Terminal Adapter 14 and the ATM and Terminal adapter can be co-located together or remotely located from each other. Again, various communication arrangements may be used to effect the communication between the ATM terminal and Terminal Adapter 14 including the use of multi-terminal controllers 6 previously disclosed.
- FIG. 1 also illustrates a personal computer (PC) based Point-of-Sale (POS) terminal 10 having an integrated card reader 11 accessing the Terminal Adapter 14 via a modem 12 .
- the POS terminal is typically a personal computer adapted for POS applications using standard operating software, such as the Microsoft WindowsTM operating system and controls the modem using one of several command languages, such as the HayesTM compatible modem command or XON/XOFF commands.
- standard operating software such as the Microsoft WindowsTM operating system
- the modem using one of several command languages, such as the HayesTM compatible modem command or XON/XOFF commands.
- the POS terminal 10 could interface with the Terminal Adapter 14 using a USB cable connected to USB ports, a serial RS-232, or RS-422 interface.
- the modem functions, or subset thereof, may exist in the POS terminal or in the Terminal Adapter as a virtual device driver. If the modem functionality is integrated into the Terminal Adapter, it could be a ‘software’ modem or virtual modem. Specifically, driver software emulating a modem's command interface in the Terminal Adapter allows the POS terminal to interact with the Terminal Adapter as if there were an actual hardware modem connected to the POS' serial interface. The POS terminal issues standard modem commands via the serial interface that are, in turn, processed by the Terminal Adapter emulation software. Further, the functionality of the Terminal Adapter can be integrated into the personal computer or the POS terminal by defining a ‘softmodem’ or virtual modem. Alternatively, the softmodem could be implemented in a client-server system comprising terminals and a server.
- Terminal Adapter providing interfaces incorporating a poll select asynchronous packet based protocol, such as the X3.28-1976 ISO protocol, X.25, frame relay, or bisync protocol to interface with other types of terminals.
- the invention is not limited to card reading or POS terminals, but includes terminals conducting transactions based on other inputs, including badge readers, OCR scanners, RF identifier tag readers, sensors, special purpose personal computers, computers processing manual keyboard input, or any other type of transaction-oriented processing device.
- the card reader need not be synonymous with the terminal or incorporated in the terminal, and instead, the terminal can be considered to have, or comprise, a card reader so long as the terminal, such as the POS embodiment, is in communication with a card reader or similar functioning input device.
- a preferred embodiment of the present invention is directed to financial transactions, the principles of the present invention could apply to transactions of a non-financial nature, such as telemetry, alarm, maintenance, health care, pharmacy, or other applications typically involving card readers for ‘card swipe’ transaction processing.
- the Terminal Adapter 14 can be considered as having a ‘front end’ comprising the terminal interfaces 2 , 4 , 8 , 10 .
- the front end of the Terminal Adapter can be configured in a variety of ways, including interfacing a single terminal or a plurality of terminals. If a plurality of devices are interfaced, then the interfaces may be identical (e.g., all POTS based), all different (e.g., a POTS and RS-232 serial interface), or a hybrid combination (e.g., two POTS interfaces and two RS-232 interfaces). In one embodiment, four POTS type interfaces are provided and in another embodiment, two POTS type interfaces and two asynchronous RS232 interfaces are provided. Obviously, other combinations of interfaces on the front end are possible and are dictated primarily by commercial business motivations, capacity, and cost concerns.
- the Terminal Adapter 14 can also be considered as having a ‘back end’ comprising network interfaces interconnecting with network communication facilities.
- the Terminal Adapter 14 has two network interfaces on the back end.
- One interface 16 is an Ethernet interface; typically connecting to a LAN 18 and designated the primary interface.
- This interface could be a 10BaseT type of Ethernet access, although those skilled in the art will readily recognize other types of LAN/MAN access standards could be used such as FDDI, token ring, token bus, 802.11x, etc.
- the LAN 18 facilitates interconnection 26 with the Internet 20 , since the Terminal Adapter may not always be in close proximity to the interface to the Internet interface.
- a store operating multiple sales stations may have a Terminal Adapter located in the store connected via the primary interface 16 to the corporate LAN 18 that in turn then provides access to the Internet 20 .
- the LAN also isolates the Terminal Adapter from the various Internet access arrangements.
- the Terminal Adapter 14 is isolated from changes or upgrades in the physical connection 26 to the Internet, whether it be DSL, wireless, T1, etc.
- the LAN 18 in turn interfaces to the Internet 20 using one of the variety of communication facilities 26 , including: DSL, T1, T3, dial-up, ISDN, optical fiber, cable modems, WiFi, satellite, etc.
- the Terminal Adapter accesses the Internet interface on the back end using either the PPPoE (Point-to-Point Protocol over Ethernet) protocol or the DHCP protocol when using Ethernet access.
- PPPoE and DHCP are well known approaches to achieve TCP/IP access to the Internet over Ethernet and are well known in the art of data communications.
- the primary interface 16 is preferably a high-speed interface, at least fast enough to accommodate the transaction volume of the plurality of terminals.
- the Terminal Adapter 14 may also have a secondary interface 22 on the back end illustrated by a connection to the Public Switched Telephone Network (PSTN).
- PSTN Public Switched Telephone Network
- the second interface provides back up communication capability in the event the primary communication path is inoperable and typically operates at a slower speed than the primary interface.
- This secondary interface typically uses a telephone line and the Terminal Adapter typically incorporates an integrated modem and PPP access protocol.
- the PPP is well known in the area of data communications for obtaining TCP/IP access to the Internet over dial-up.
- the PSTN is noted for its reliability and ubiquitous availability, although dial-up access speed is limited.
- the Terminal Adapter 14 could incorporate such alternative access arrangements for the secondary interface, including: DSL, ISDN, frame relay, X.25, or some other communication protocol for the secondary interface.
- the secondary interface could even be the same type as the primary interface.
- the secondary interface is based on modems providing speeds of 28.8 Kbps or 56 Kbps (e.g., V.34 or V.90), although other rates could be used.
- the Terminal Adapter of this embodiment relies on connectivity to the PSTN for secondary access in the situation where the primary communication path is not functional in two ways.
- a preferred embodiment uses a facility 30 to access the Internet 20 to provide an alternative route to the Network 33 so that the same set of services are provided.
- a second embodiment incorporates a facility 32 directly connecting the Transaction Processor 36 .
- the Transaction Processor 36 could implement the processes for providing the same value added services as provided by the aforementioned infrastructure 28 , or alternatively, the Financial Transaction Processor may not provide the additional services and allow the secondary communication path to have a reduced level of functionality, while still providing connectivity. This may be an acceptable business alternative, since transaction applications using a point-to-point POTS connection between the Terminal Adapter and Transaction Processor may find it acceptable to operate without all the value added services on an interim basis.
- the Internet 20 provides a communication infrastructure for transporting information and provides a set of well-known services using the TCP/IP protocol stack.
- the needs of the terminals to perform financial transactions may not fully be served by the data communication services provided by the Internet. For this reason, various service extensions are required.
- These Value Added Services 28 are provided by various Nodes connected to the Internet operating an additional protocol on top of the TCP/IP stack. Together, the Internet and the Nodes provide enhanced services and comprise the Network 33 .
- the Internet may be associated with one embodiment, the Value Added Service Network could be comprised of various Nodes operating on top of other networks such as WANs, LANs, or virtual private networks based on a variety of technologies.
- the value added services provided by the Network provide additional security, reliability, and flexibility to facilitate other functions that will be described in further detail. This architecture is based on the concept of protocol layers and is well known in the art of data communications.
- FIG. 2 further expands on one possible embodiment of the Internet 20 and Value Added Services 28 that comprise the Value Added Network 33 .
- the “Internet” is not a single network, but a collection of networks operating in a cohesive manner. This is illustrated in FIG. 2 by depicting the Internet 20 as two interconnected Internet Service Providers 27 . In practice, there are literally thousands of such networks comprising the “Internet.”
- the services provided by the Internet use the TCP/IP protocol and are well known, but may not be sufficient in terms of reliability and security for transaction processing. Consequently, Nodes 25 are defined providing these additional functions in the Network.
- the Nodes 25 are connected to the Internet and may be directly interconnected as well (not shown). While three Nodes are illustrated, in practice there may be many more, deployed in diverse geographic areas, replicated for redundancy, and interconnected for reliability. Further, some Nodes 25 may be collocated or integrated with other equipment, such as the Transaction Host Processors 36 or Internet routers, LANS, gateways, bridges or PBX's.
- the Client Node 25 a interfaces with the Terminal Adapter, typically using the transport capabilities of the Internet. Although not illustrated, it is possible that the Terminal Adapter could directly connect to the Client Node 25 a using any number of communication facilities. This would represent an embodiment where the Client Node and Internet router functionality are integrated.
- the Client Node 25 a recognizes the Terminal Adapter 14 and performs synchronization, security, authentication, and error detection functions in addition to relaying and/or interworking information to the Core Node 25 b .
- the Core Node is not always required, but if present, it relays information across the same or different ISP providers 27 .
- the Core Node 25 b may relay information to other Core Nodes or to a Service Node 25 c as illustrated in FIG. 2 .
- the Service Node 25 c interfaces with the Transaction Host Processor (“Host”) 36 using any number of point-to-point facilities 34 .
- the Service Node converts the protocols used when receiving transaction from another Node to the protocol used in communicating with the Host 36 .
- the Terminal Adapter provides with respect to a terminal can be provided by a Service Node to a Host Processor.
- a Host Processor could initiate a transaction to another Host.
- the connection 34 from the Service Node to the Host is a high-speed digital facility capable of multiplexing significant numbers of transactions.
- the Nodes 25 are typically replicated in diverse locations.
- the Service Node is duplicated (not shown in FIG. 2 ) in a diverse geographical location and also connected to the Host processor so that the Host can continue to communicate to an alternative Service Node if one Service Node or communication path fails.
- the Service Nodes may be load balanced (e.g., each typically providing 50% of the total transaction traffic to the Host) or configured with one Node as a hot standby (providing 100% of the transaction capacity, but switchable to the other Node when required).
- each Service Node is typically connected to a plurality of Core Nodes.
- the Host may be replicated in a geographic diverse location for redundancy and reliability reasons.
- FIG. 2 also illustrates a Network Operations Center (NOC) 29 connected to the various Nodes 25 .
- NOC 29 administers and manages the operation of the Nodes and Terminal Adapters with respect to the Network.
- the NOC receives measurements, alarm information, traffic statistics, load levels, and similar information and acts accordingly. For example, if a Node is not functioning correctly, adjacent Nodes will reroute around the non-functioning Node.
- the NOC becomes aware of the status of the non-functioning Node and can monitor the status of the Node while the problem is investigated and corrected.
- Terminal Adapters the NOC is also aware of their operation and maintains a profile for each Terminal Adapter 14 and its corresponding Client Node 25 a . This allows the NOC to know the current network conditions and operating status of each element, including both Nodes and Terminal Adapters.
- the NOC can further communicate indirectly to the Terminal Adapter by sending management messages relayed by the appropriate Node by piggybacking messages with the parameter file fetch response.
- the NOC (via the Network) can send a command to reset the Terminal Adapter, direct the Terminal Adapter to switch from its primary communication path to its secondary communication path, or switch to a different Client Node.
- pre-transaction processing refers to actions occurring prior to the processing of terminal originated transactions.
- the Terminal Adapter uses the transaction protocol procedures to bootstrap itself in order to subsequently process transactions from the terminal.
- transaction messaging is used between the Terminal Adapter and the Network in the ‘pre transaction processing’ phase.
- Terminal Adapter Identifier value that uniquely identifies the device.
- This value may in the format of: ⁇ manufacturer id> ⁇ model number> ⁇ serial number> suffix>.
- This structure forms a 24 byte identifier, although other structures and values may be used to achieve a unique identifier programmed into the Terminal Adapter.
- the MAC address associated with the Ethernet network interface
- the Terminal Adapter Identifier is typically sent in all messages to identify the particular Terminal Adapter to the Network and allows in part, the Network and NOC to maintain status and service profile information for each Terminal Adapter.
- Another instance of data programmed into the Terminal Adapter of one embodiment is a secret key used in encryption and authentication.
- the secret key value is not communicated over the interface, but used both by the Terminal Adapter and the Network to encrypt information that is communicated over the interface.
- the use of encryption also facilitates authentication of a particular Terminal Adapter. Authentication can be accomplished by the Terminal Adapter and Network encrypting a common data value, exchanging and then comparing the result. Only if the Terminal Adapter has the correct secret key will its encrypted value match the Network's value.
- encryption is accomplished using a key derived from the secret key, the session token and the transaction counter. In this manner, if an unauthorized user cracks a message, the secret key is not revealed, and hence other messages are not compromised.
- the Terminal Adapter of one embodiment also stores a default Configuration Service Name that describes the parameter file version currently held in non-volatile memory.
- a value is programmed into the Terminal Adapter describing the parameter file version initially present at power up, but then a dynamically determined value is obtained from the Network and supercedes the default value.
- the Service Name is a default URL of a server providing ‘bootstrap’ address information, typically in the form of a set of Client Nodes IP addresses that the Terminal Adapter uses to interact with for transactions and management functions (e.g., parameter downloading).
- a Terminal Adapter uses a single address for these functions, but for various reasons including reliability, alternative values are provided.
- These values are programmed into the Terminal Adapter as default values.
- the default values are typically augmented with dynamically determined values provided by the Network as part of the bootstrap process.
- the dynamically obtained values do not erase the default values (recall that the default values are hardcoded into the Terminal Adapter), but the Terminal Adapter stores both and knows by the presence of the dynamic values that the default values have been superceded.
- the Terminal Adapter Upon power up, the Terminal Adapter generally executes several related procedures. In one embodiment, these are: Service Discovery, Synchronization and Authentication, Parameter Downloading, and Software Downloading. All are executed upon initially powering up the Terminal Adapter, but thereafter, the procedures may be invoked separately.
- the Terminal Adapter of this embodiment first invokes a Service Discovery process to obtain a list of IP addresses that correspond to Client Nodes. This is accomplished by sending a Service Discovery request using the service name address that is permanently encoded into the Terminal Adapter.
- the Terminal Adapter of this embodiment then synchronizes and authenticates itself to the Network. These procedures occur together, so that authentication follows whenever synchronization occurs.
- ‘synchronization’ implies synchronization and authorization wherever context dictates such. Synchronization is generally required prior to sending transaction requests, and occurs frequently after the Terminal Adapter has initially powered up. For example, if the Terminal Adapter has been idle for a long period, re-synchronization may be required. Synchronization is discussed in detail in conjunction with the normal transaction transfer, so that this explanation can focus on the initial power up functions.
- the Terminal Adapter of this embodiment selects one of the IP addresses obtained using service discovery and uses it to initiate a parameter download using a transaction request. As discussed subsequently, this is of the form known as a ‘simple’ transaction request.
- the parameter file contains various configuration and address information to facilitate operation of the Terminal Adapter.
- the parameters may indicate, in part: where transactions should be sent to, primary and secondary communication path information, and where to obtain new software applications for software downloads.
- the Terminal Adapter typically downloads a parameter file by indicating its current parameter file version to the Network. This is an implicit request to the Network to indicate whether a more current version exists. Upon initial powering up, this value indicated by the Terminal Adapter is typically the default Configuration Service Name encoded into the Terminal Adapter.
- the Network When the Network receives the default Configuration Service Name, it knows to route the request to a specified process server and a configuration version number of zero indicates that the Terminal Adapter is requesting an initial parameter download. The Network responds by sending the current name of the parameter file version along with the parameter data.
- the Terminal Adapter of this embodiment examines certain parameters in the parameter file to determine whether a software download should occur.
- Software download refers to downloading new application code (binary image file) for execution.
- the Terminal Adapter examines the binary image name of the most recent executable file as indicated by the Network in the parameter file and compares it with the current value stored in memory. If the Terminal Adapter finds a different executable file indicated compared to what is stored in default memory (which is likely the case upon initial powering up), the Terminal Adapter fetches the new executable file. The location to fetch the executed file from is typically indicated by an address in the parameter file. After the Terminal Adapter loads and executes the current application, it is ready to process transactions from a terminal. Thus, the transaction processing phase is ready to start.
- the Terminal Adapter Prior to sending a transaction, the Terminal Adapter is typically synchronized and authenticated to the Network. This generally occurs during initial power up, but may be required again. Resynchronization occurs frequently and is considered normal operating procedure. Synchronization facilitates orderly transaction processing between the Network (specifically, the Client Node) and the Terminal Adapter, as well as enhancing the security of the transaction by exchanging a new session token. Resynchronization may be required if errors occur when the Terminal Adapter switches from the primary to secondary communication path, or when the Terminal Adapter switches from one Client Node to another. Authentication is required to ensure the Network is communicating with a trusted entity and to pass encryption parameters (e.g., a session token, as discussed subsequently) to the Terminal Adapter.
- encryption parameters e.g., a session token, as discussed subsequently
- the Terminal Adapter 301 first opens a TCP connection with the Network 303 in step 300 .
- the Terminal Adapter sends a synchronization request at step 302 and includes a transaction counter (TC) in the header of the message. Thereafter in subsequent transactions, the Network will expect the transaction counter to be incremented over the current value each time a transaction is sent. If the Network receives an unexpected value, an error code is returned to the Terminal Adapter and the Terminal Adapter is required to re-synchronize its transaction counter. Re-synchronization is required under various conditions, including: the Terminal Adapter being idle for a long period, switching from primary to secondary communication paths, or being unable to complete a transaction.
- TC transaction counter
- the Network records the TC value and computes a Message Digest.
- a message digest is a condensed text string that has been distilled from the contents of a text message where its value is derived using a one-way hash function and is used to create a digital signature.
- the Network may use a particular form known as a Message Digest 5 (MD5) based on a Random Value (RV) and the Transaction Counter (TC). This is returned in a Synchronization Response at step 304 that signifies synchronization has occurred and that the Terminal Adapter should authenticate itself.
- MD5 Message Digest 5
- RV Random Value
- TC Transaction Counter
- the Terminal Adapter responds by formulating a Message Digest type 5 (MD5) based on a secret key (PUC) and the transaction counter (TC) in step 306 and sending it to the Network.
- the Network compares this value with its previously computed value, and assuming a match, returns a response in step 308 indicating authentication has successfully occurred and includes a session token (ST).
- the session token is encrypted using the Message Digest and is used by the Terminal Adapter to derive the key used for subsequent encryption/decryption in the data transfer phase.
- the Terminal Adapter may close the TCP connection in step 310 .
- the Terminal Adapter may leave the TCP connection open and avoid the additional steps of opening a TCP connection prior to entering a subsequent data transfer phase.
- the Transaction Processing Phase is used to convey transactions initiating from the terminal, and in one embodiment, there are two methods to accomplish this: simple transactions and session transactions.
- the simple transaction is composed of a single request-response pair of messages. These are often used in credit card or ATM based transactions where a single message pair is sufficient to complete the transaction. The process is illustrated in FIG. 4 .
- the Terminal Adapter 400 communicates with the Network 402 , typically with a Client Node 25 a .
- the Network 402 also communicates with the Host 404 , which is the Financial Transaction Processor 36 of FIG. 1 .
- the Terminal Adapter must open a TCP connection in step 406 if one has not already been opened. After that, a Simple Request 408 is sent to the Network, which then routes the message to the appropriate Host in step 410 .
- the Host processes the transaction 411 and responds in step 412 .
- the Network 402 receives the response and forwards it in step 414 to the Terminal Adapter 400 .
- the Terminal Adapter extracts the response 416 and sends the response to the Terminal (not shown). If there are additional transactions that can use the same TCP connection, then the process repeats at step 418 . If there are no further transactions, the Terminal Adapter will close the idle TCP connection at step 422 and any additional transactions at step 420 will result in re-opening a TCP connection at step 406 .
- the other method for sending a transaction in this embodiment is using the Session Transaction.
- the Session Transaction is used for more complex transactions, such as settlement activities occurring at the end of day.
- the POS terminal retains data for the financial transactions during the day and must send summary information to the Host for end-of-day settlements.
- a Session Transaction is composed of multiple request-response pairs and is more appropriate than the single request-response for transferring lengthy transactions.
- the Session Transaction is composed of multiple request-response pairs that are guaranteed to be delivered in sequential order to a Host on the same logical connection.
- the Client Node When a Session Transaction is initiated, the Client Node initiates a session with the appropriate Service Node and the Service Node responds with session context information, such as address and port information. This allows the Client Node to map subsequent message associated with the session. If transaction data is provided by the terminal, the Client Node includes the data in the session initiation message, and the Service Node forwards this to the Host.
- the session context also enables the terminal adapter to continue a session using a different Client Node in the event that the initial Client Node becomes unavailable. This process is illustrated in FIG. 5 .
- FIG. 5 illustrates the Terminal Adapter 500 communicating with the Network 502 , which in turn, communicates with the Host 504 .
- the Terminal Adapter must open a TCP connection in step 506 if one has not already been opened. Then, the Terminal Adapter communicates an Initiate Session request at step 508 to the Network, along with transaction data.
- the Network routes the message to the appropriate Host at step 510 .
- the Client Node receives and relays the message to the Service Node, which then relays the message to the Host.
- the Host processes the transaction data at step 512 and conveys the response 514 to the Network and then conveyed again 516 to the Terminal Adapter.
- the Terminal Adapter in step 518 is prepared to send transaction data and the Network has established internal session tables for mapping subsequent terminal messages to a specified session and host.
- the Transaction Data is formulated at step 520 and a Session Transaction request is sent to the Network at step 522 , which then routes the request 524 to the Host, which processes the transaction 526 .
- the response 528 is conveyed to the Network and back 530 to the Terminal Adapter that extracts the response data 532 . If additional transactions are desired, the process repeats at step 531 . Once all the transaction request-response messages are conveyed, the Terminal Adapter then formats a Terminate Session request 534 and sends it to the Network at step 536 .
- the Network forwards it to the Host 538 and processes the message 540 .
- the Host sends a response 542 that is forwarded by the Network to the Terminal Adapter 544 in the Terminate Session message closing the session 546 .
- the TCP connection can be closed 548 .
- Terminal Adapter Identification Number This may be the value hardcoded into the Terminal Adapter or, in the case of a PC executing software emulating a terminal adapter, the value can be programmed into the device.
- the Terminal Adapter Identification Number uniquely identifies the device connected to the Network 33 . This unique value allows the Network to maintain information for each Terminal Adapter using the Network. If an error condition exists the Network will be able to correlate the condition to a particular device and take action as necessary. This may include, for example, notifying appropriate service personnel to investigate a problem, such as a defective Terminal Adapter. Further, statistics regarding each transaction can be maintained and recorded for a given Terminal Adapter, allowing value added information to be mined from periodic reports.
- both types of messages utilize error detection using well-known techniques, such as cyclic redundancy codes (CRC).
- CRC cyclic redundancy codes
- both transaction forms utilize encryption based on a secret key that is programmed into the Terminal Adapter at the time of manufacture.
- the encryption schemes are based on the 3DES, AES, or any other scheme well known in the art.
- the 3DES and AES schemes encrypt multiples of 8 or 16 bytes cipher texts respectively, and when the cipher text is not a multiple of the block size, then the cipher text is zero padded to the appropriate length.
- the encryption key may be generated based on running MD5 on the concatenated value of the private key (known to the Terminal Adapter), the transaction counter, and the session token.
- both transaction forms indicate a service name that is used by the Network to determine the appropriate host for processing the transaction.
- the Service Name is derived from the parameter download and is used by the Network to identify a particular Service Node to then deliver the transaction to the appropriate host.
- messages indicate a packet type with values defined for session request/responses and simple transaction request/responses.
- a variety of encoding and structures can be used to convey the above information as well as encode the information.
- a protocol stack 650 is implemented in the card reader 2 comprising a POS application 651 , which is typically programmed at time of manufacturing.
- This application uses the services of a financial transaction protocol 652 such as the VISA-II (a.k.a. VISA-2) protocol to transmit credit card authorizations.
- VISA-II a.k.a. VISA-2
- the Terminal Adapter containing protocol stack 656 receives the information over the telephone cable 654 , decodes the information using a corresponding telephone protocol 655 , and relays 657 the financial transaction protocol information over the backside interface.
- This ‘backside’ interface uses the value added services layer 658 to provide a secure and robust transmission of data to the host 636 .
- the value added services layer 658 uses the TCP/IP protocol layer 659 and incorporates the aforementioned authentication, synchronization, and encryption procedures for sending transactions. The transactions are communicated using the TCP/IP over Ethernet requiring the use of the IEEE 802.3 Ethernet protocol layer 660 .
- the LAN is typically a 10BaseT Ethernet connected via the Internet.
- protocol stack 662 This Node is a combination Client Node and Service Node as it interfaces both to the Terminal Adapter and the Host. In practice, a separate protocol stack for a Client Node and a Service Node would typically exist, communicating with each other using the Internet or other facilities. Those skilled in the art will recognize many other variations as well.
- the Value Added Service Node receives data via the lower layer 665 , processed by the TCP/IP layer 664 and then processed by the added services layer 663 . If acceptable, the data is relayed by the financial transaction protocol layer 666 back down a TCP/IP layer 667 and a physical layer 668 , which can be based on a variety of protocols (e.g., T1, DSL, etc.).
- the relaying layer 666 in the Node may or may not convert the financial protocol to another variant as required by the Host.
- the data continues via the physical facility 669 and then to the Financial Transaction Host 636 that implements a protocol stack 674 comprising a physical layer 670 , TCP/IP layer 671 , a financial transaction protocol 672 , and a POS application.
- a protocol stack 674 comprising a physical layer 670 , TCP/IP layer 671 , a financial transaction protocol 672 , and a POS application.
- the two POS applications 651 , 673 communicate in a client-server fashion, as does the value added services protocol layer 658 in the Terminal Adapter with the value added services protocol layer 663 in the Value Added Service Node 25 .
- This type of modeling of protocol layers is well known in the art and indicates information that is transparently conveyed by a lower layer that provides services to the higher layers.
- the value added services layer typically is in communication with an internal management application executing in the Terminal Adapter and communicating with the NOC (not shown). This allows the value added services layer to respond to actions and events outside the direct scope of the value added services protocol itself.
- one service provided by the value added services layer 658 is data reliability.
- the management process in the Terminal Adapter detects a failure in the primary communication path from the backend of the Terminal Adapter.
- the failure detected on the backend of the primary network interface can be any type of failure in the Ethernet physical layer 660 (assuming Ethernet access for the primary communication path), the TCP/IP layer 659 , the added services layer 658 , or the PPP layer 666 (assuming dial-up access is used for the primary communication path).
- a physical cut in the Ethernet would result in a loss of electrical signals at the physical layer 660 .
- a physical cable cut would also result in a failure at the TCP/IP layer 659 , since no frames could be transmitted.
- failures could be solely at the TCP/IP layer, such as the failure to resolve an address request (e.g., URL), or failure to receive a response at the TCP/IP level.
- a failure at the added services layer 658 could occur if there was a catastrophic failure of the Services Node 25 , which would leave the lower layers functional from the Terminal Adapter's perspective.
- the management process directs the value added services layer 658 to establish secondary communication, redirects any subsequently received terminal transaction requests to the secondary communication path, and resumes the transaction processing.
- the Terminal Adapter returns an error to the terminal (which depends on the terminal interface).
- the terminal reattempts initiating the transactions and the Terminal Adapter typically has established the secondary communication path by this time.
- Another service provided by the Terminal Adapter's value added services layer 658 in conjunction with the Value Added Services Node 25 may be service discovery and transaction synchronization.
- Service discovery allows the Terminal Adapter to obtain addresses used to then discover the locations of the appropriate host to which transactions are directed. In this embodiment, an address and port location is provided to address transactions, but other addressing information could be used in other implementations.
- the Card Reader 2 is typically programmed with a telephone number establishing a direct connection to a host. Thus, each terminal is programmed with a destination address of the Host. In the present system, the Terminal Adapter determines the appropriate Host to relay the financial transaction information based on information provided by the Network 33 .
- Further services may include security features that involve a Terminal Adapter to first synchronize using a transaction counter prior to communication of transactions. Further, the Terminal Adapter may identify itself using a unique programmed identification number to the Network 33 . Finally, the Terminal Adapter may authenticate itself using a Message Digest. These activities ensure that Network is communicating with a known, trusted entity in a coordinated manner.
- the Terminal Adapter may also provide some value added functions separate from the data transfer capabilities of the value added service layer. These can be viewed as management oriented functions and augment the functionality of the Terminal Adapter.
- automatic configuration of the transaction protocol used by the card reader 2 allows a variety of terminals to interface with the Terminal Adapter.
- the card readers 2 are typically programmed with a pre-defined credit card authorization protocol, such as Visa-II, and rely on the recipient (typically the host, via the PSTN) to know, a priori, which protocol is used.
- the Terminal Adapter 14 can work with a variety of terminals and is programmed to automatically detect and determine which financial protocol to use and the address to which the transaction is to be directed.
- the auto configuration capability provides a versatile Terminal Adapter.
- the value added services layer in conjunction with the management application handles the downloading of new software and parameters. This ensures that when new value added network services are deployed requiring a corresponding enhancement in the software in the Terminal Adapter, this can be accomplished without having to physically replace the Terminal Adapter, replace an EPROM chip, or otherwise require manual intervention. This function allows the Network to remotely write parameters to the Terminal Adapter and maintain status information as well.
- FIG. 7 discloses the hardware configuration of the Terminal Adapter 14 .
- the Terminal Adapter is comprised of various readily available integrated circuits.
- the Terminal Adapter 700 comprises a ‘front end’ 706 , which refers to the terminal interfaces and users inputs/outputs, as well as a ‘back end’ 708 , which refers to the network interfaces.
- the Terminal Adapter uses a microprocessor 702 as the main controller. Although the embodiment discloses a microprocessor, other variations such as single chip microcomputers or programmable controllers could be used.
- the microprocessor uses an Input/Output bus to control the various ‘front end’ interfaces. These may include a series of LED indicators 710 that indicates the overall status of the Terminal Adapter, network interface status, and terminal interface status. Alternatively, LCD or other types of displays or visual indicators may be used to reflect the status, using, for example, text or icons. The status indicators indicate whether the primary or secondary network interface is currently in use, modem carriers status, and other diagnostic related indicators.
- the Console RS-232 interface 712 allows a local terminal to connect to the Terminal Adapter and facilitates programming the Terminal Adapter, indicating configuration changes, performing management functions, etc.
- the four POTS interfaces 714 are used to interface to the terminals using a standard RJ-11 telephone connector.
- the microprocessor I/O bus also communicates with the network interfaces 708 .
- the network interfaces may comprise an Ethernet Interface 724 , which uses a standard 10BaseT protocol, and this is used to convey the primary communication path.
- the Terminal Adapter may also incorporate another POTS interface 722 for conveying the secondary communication path as a backup network interface.
- the Ethernet interface 724 may be optional as the telephone interface 722 may be used for conveying both the primary and secondary communication paths. Regardless of the configuration, the network interface provides connectivity for both the primary and secondary communication paths.
- the microprocessor 702 also communicates with memory in the form of RAM 716 , ROM 718 , and non-volatile RAM 720 (e.g., ‘flash memory’).
- RAM 716 e.g., ROM 718
- non-volatile RAM 720 e.g., ‘flash memory’
- the ROM and limited RAM could be integrated in the microprocessor as commonly embodied with single chip microcomputers.
- a power supply 704 is present and this may incorporate a battery backup for saving data in the case of a temporary power outage.
- a watchdog timer 726 may be incorporated for resetting the Terminal Adapter in case of a lockup.
- a Manual Reset push button 728 provides another form for resetting the Terminal Adapter.
- the software components associated with the hardware components are illustrated in FIG. 8 .
- the software architecture of the system 800 involves a real-time operating system 802 interacting with a TCP/IP protocol stack 804 , value added services 832 and a transaction protocol handler, which in this embodiment, comprises the VISA terminal interface 844 .
- the TCP/IP stack comprises various well-known protocol handlers, such as PPPoE (point-to-point protocol over Ethernet) 806 , PPP (point-to-point protocol) 808 , and DHCP (dynamic host configuration protocol) 810 .
- PPPoE point-to-point protocol over Ethernet
- PPP point-to-point protocol
- DHCP dynamic host configuration protocol
- IP Internet protocol
- ICMP Internet control message protocol
- DNS domain name server
- the TCP/IP stack 804 interacts with the Network Interface Card 826 that is the primary network interface using the Ethernet transceiver 828 that connects to an RJ-45 connector 830 .
- the TCP/IP stack 804 also interacts with the secondary network interact 820 that incorporates a modem driver 822 connected to an RJ-11 connector 824 .
- the Real Time Operating System 802 also interacts with various Value Added Services 832 that may be implemented via modules for conveying payload data 836 , encrypting data 834 , exchanging security keys 838 , downloading software 840 , and effecting service discovery 842 .
- the Real Time Operating System 802 also interacts with the Terminal Interface 844 comprising the software modules for a financial protocol handler 846 , character handler 848 , and modem handler 850 .
- the Terminal Interface 844 then interacts with a POS interface 852 that multiplexes and formats the data to a modem standard 854 to one of the four RJ-11 connectors 856 .
- FIGS. 7 and 8 illustrate the principles of the current invention as embodied in a Terminal Adapter, but other embodiments exist.
- the Terminal Adapter 14 is involved with communication with the Network 33 , specifically the Nodes 25 or in other cases, indirectly with the NOC.
- the Nodes embody the inventive principles as well.
- the Nodes can be computer servers with large amounts of memory, parallel processing, and hundreds of I/O ports and operating using a variety of operating systems, including UNIX, Linux, and Windows.
- the associated hardware and software structure may vary from that disclosed in FIGS. 7 and 8 .
- FIGS. 7 and 8 Another embodiment is a variation of the Terminal Adapter 14 based on a personal computer. While the Terminal Adapter embodied in FIGS. 7 and 8 is a special purpose computer equipped with special purpose application software, a general-purpose personal computer could have software installed for accomplishing the same functions. Personal computers frequently incorporate many of the hardware and software components illustrated in FIGS. 7 and 8 and commonly incorporate a modem and/or an Ethernet Network Interface Card (NIC) for providing Internet access. The personal computer would similarly implement PPPoE or DHCP for Internet access over the Ethernet, and PPP over a dial-up connection to an ISP using the modem. Further, many of the software capabilities (e.g., the TCP/IP stack and modem interfaces) are already present in Internet enabled personal computers.
- NIC Ethernet Network Interface Card
- Terminal Adapter functions that provide a well-known software platform for software development.
- a PC is a common embodiment for the Terminal Adapter functions
- other embodiments are possible, such as installing the software in a minicomputer, or a server associated with a client-server implementation, where the server utilizes other operating systems, such as UNIXTM or LINUXTM.
- the personal computer is configured solely with a modem and dial-up capabilities, without Internet access.
- the connectivity from the personal computer uses a telephone line for both the primary and secondary communication means, but a different ISP is used and/or Client Node may be involved when dialing a secondary telephone number.
- the software for such an embodiment may be loaded into the memory of the personal computer, including downloading the software from a web site on the Internet or uploading the application from a removable media (e.g., floppy disk, tape, CD, etc.).
- a removable media e.g., floppy disk, tape, CD, etc.
- an API application programming interface
- a third party to develop a system incorporating the value added functions according to the principles of the present invention.
- the capabilities of the application are defined by the developer and loaded for execution on the PC.
- FIG. 9A two embodiments illustrate how PC currently can access the Internet via an Ethernet and/or a dial-up connection.
- the PC is executing a POS application 902 that uses the services of the Operation System 904 .
- the Operating System may be any of the common operating systems found on PCs.
- the Operating System 904 uses devices drivers to interact with hardware interfaces.
- One device driver 906 allows interaction with a modem 910 that connects to a telephone line 916 as is well known in the art.
- the other device driver 908 interacts with a Network Interface Card (NIC) that is connected to an Ethernet 914 .
- NIC Network Interface Card
- Alternative 2 920 An alternative embodiment is illustrated in Alternative 2 920 that similarly incorporates a POS application 902 , Operating System 904 , and device drivers 924 , 926 .
- these device drivers interact with interfaces on the PC.
- one device driver 924 interacts with a serial RS-232 interface connected to a modem 930 .
- the other device driver 926 interacts with a USB (Universal Serial Bus) connected to a NIC 928 .
- USB Universal Serial Bus
- the hardware for interacting with the Ethernet and telephone line are external to the PC and connect via well know serial interfaces.
- FIG. 9B one embodiment is illustrated whereby the modem and NIC are integrated into the PC (corresponding to Alternative 1 900 of FIG. 9A ).
- the PC 900 still incorporates the same POS application 902 and Operating System 904 .
- Minimal changes, if any, are required to use the software enhancement 956 .
- the softmodem 956 Once the softmodem 956 is loaded, it creates a virtual serial port that receives and sends data to the POS application and Operating System. In essence, the POS application sends data to the software as if it were another serial interface as illustrated via logical path 950 .
- the softmodem recognizes various modem commands and data, and after processing, uses the Operating System to interact with the device drivers.
- the softmodem interacts via a logical path 952 with the device driver 906 connected to the internal modem 910 and interacts via a logical path 954 with the device driver 908 connected to the NIC 912 .
- the modem 910 and NIC 912 are connected to a telephone line 916 and Ethernet 914 respectively. In this manner, the softmodem can use the NIC 912 for conveying a primary communication path using the Ethernet and the modem 910 for conveying a secondary communication path using the telephone line.
- An alternative embodiment utilizing a softmodem is feasible even if the PC only has an integrated modem, without a NIC accessing an Ethernet. Similar to the Terminal Adapter having only a telephone interface as a network connection, the PC softmodem can still initiate a secondary communication path using the modem to dial a second telephone number.
- One advantage of this embodiment is that value added services of the Network can be gained by adapting existing PCs without requiring additional hardware.
- FIG. 10 illustrates a flowchart depicting detecting an error associated with the primary communication path, switching to a secondary communication path, and restoring the primary communication path upon determination that the primary communication path is functioning.
- the Terminal Adapter is processing transactions normally using the primary communication path associated with the Ethernet based network interface at step 1002 .
- the system monitors for failures, errors, or anomalies associated with the primary communication path at step 1004 .
- the errors may be of different types. For example, an error could occur at the financial transaction protocol level 1006 as a result of incorrect structure or data.
- the error could be based at the TCP/IP level 1008 as a result of a failure to receive a response to a message.
- the error could be based on a physical layer error 1010 as a result of a cut cable. Obviously, a cut cable may trigger errors at other layers.
- the system flow controls the terminals 1012 while it determines whether the secondary communication path is configured 1014 . If not, then no further action can be taken 1018 . However, under normal conditions, there will be configuration data in the parameter file to configure the secondary communication path.
- the system retrieves the data, including the telephone number 1016 and originates a secondary communication path using the PPP protocol over a dial-up telephone connection 1020 . Once established, the terminal transaction processing can resume 1022 .
- the system also indicates the communication path status via the front panel LEDs 1024 indicating the secondary communication path is active.
- the sending of transactions using the secondary communication path is accomplished by altering the routing table for the IP address used to send the transaction.
- the Terminal Adapter routes the IP address to send a transaction over the primary communication path using the Ethernet network interface (in the embodiment where there are two network interfaces) using the PPPoE or DHCP protocol.
- Rerouting is accomplished by ‘pointing’ an IP address to the secondary communication path using the telephone based network interface and the PPP protocol.
- the system periodically monitors the condition that triggered the switchover at step 1026 . This typically involves sending a ‘probe’ message over the primary communication path using the Ethernet based network interface.
- the system has more than one IP address that it obtained via service discovery. While one address is used for transaction processing, the other is used to probe the primary connection. The probe is accomplished by setting up internal TCP/IP tables (ARP and routes) so that probe messages destined for an address not currently used for transaction processing are routed to the primary (Ethernet) interface.
- the Terminal Adapter may determine that transaction processing should continue at step 1022 using the secondary communication path. If however at step 1026 , it is determined that the primary communication path has been restored and is reliable, the transactions are moved to the primary communication path at step 1028 by ‘repointing’ the IP address to route the data over the Ethernet based network interface. The secondary communication path using the telephone connection can then be terminated 1030 and the probe messaging can be terminated.
- the Terminal Adapter can provide reliable, redundant transaction processing when a failure occurs associated with the primary communication path.
- FIG. 11 illustrates the protocol structure when the Terminal Adapter is using the secondary communication path.
- the communication between the card reader and the Terminal Adapter is not directly impacted.
- the protocol stack in the card reader 1170 interacts with the peer protocol stack in the Terminal Adapter 1175 in the same manner as normal operation (see FIG. 6 ).
- the interaction of the peer protocol stacks in the Node 1187 and the Financial Transaction Processor Host 1189 is the same.
- the main difference during use of the secondary communication path is in the communication between the back end of the Terminal Adaptor and the Value Added Client/Services Node (specifically, the left protocol stack of the Node representing the Client Node in FIG. 11 ).
- the Terminal Adapter When the Terminal Adapter receives a message from a terminal, the message is passed down through the value added services layer 1177 via the TCP/IP layer 1178 , but now uses a PPP connection over a telephone layer 1179 . Because the secondary communication path is a telephone (dial-up) connection 1180 , PPP is used since it is a common method of conveying TCP/IP over a dial-up connection.
- the telephone connection interacts with the telephone network to complete the call to an ISP.
- the telephone network and ISP are shown as a combined entity 1181 , though those skilled in the art will realize that there is a conversion at some point from a physical telephone connection 1180 to another type of physical connection 1182 .
- This conversion is performed transparently to the Node, and the only requirement is that the physical layer 1183 in the Node corresponds to the protocol used by the Internet provider 1181 .
- the information flows up from the physical layer 1183 to the TCP/IP layer 1184 , but in this case the PPP protocol is not likely to be used, since it is not likely that a dial-up connection is used between the Node and the Internet.
- the added services layer 1185 ensures that transactions are seamlessly continued using the secondary communication path using the aforementioned security, authentication, and encryption procedures.
- the data is relayed to the financial transaction protocol layer 1186 where it continues on its way to the Host.
- the Services Node may be a physically different node than used in conjunction with the primary communication. Further, the Client Node may detect the existence of a new connection and notify the NOC of the situation. In this manner, the NOC is able to detect when a given Terminal Adapter is operating in backup mode. Additionally, different or additional Core Nodes may be used to route the Transaction to the Host.
- the Terminal Adapter indicates the change in status of the primary communication path operation via LEDs or other form of visual indications.
- LEDs are one embodiment for providing users with a visual indication of the status of the primary and/or secondary communication path.
- the terminal also updates a status indication associated with each communication path. This status indication may be used by the Terminal Adapter to direct transactions to the primary or secondary communication path.
- the Terminal Adapter is also sending ‘probe’ messages over the primary communication path to determine whether the connection is available.
- the criteria used to determine whether it is available may vary.
- the Terminal Adapter may have an error counter within a moving window for determining that the primary communication path is unacceptable for conveying transactions. In this situation, the probe messages may result in responses that are monitored for errors.
- the error causing the switchover may be a total lack of operation on the primary path and any response to a probe message may indicate that the primary communication path is available.
- the Terminal Adapter communicates the transaction using the primary communication path and the secondary path is terminated. The change in status is reflected in the LEDs and internal tables as appropriate.
- the Terminal Adapter may access the Network with the primary communication path associated with a dial-up network connection.
- the secondary communication path does not provide communication when certain faults occur (e.g., a cut telephone line).
- faults frequently occur in the ISP and are more likely than a failure of the telephone line or telephone network.
- an alternative dial-up connection can be established to an alternative access point of the same ISP or to an alternative ISP. In this manner, when the Terminal Adapter dials a second back up telephone number, it bypasses the original fault. This could result in an alternative Client Node serving the Terminal Adapter.
- Another embodiment involves the Terminal Adapter establishing a direct dial-up connection to the Client Node.
- the Terminal Adapter When dial-up is used for both primary and secondary communication paths (i.e., the primary and second communication paths use a common network interface), the Terminal Adapter is unable to determine when the primary communication path is restored. This is because the ‘probe’ messages cannot be sent out, since the phone line is dedicated for backup access.
- the NOC becomes aware when the Terminal Adapter is operating using the secondary communication path, and monitors the various conditions, including the event causing switchover on behalf of the Terminal Adapter. For example, if a link between the ISP and Client Node fails, the Terminal would switch to the secondary communication path, bypassing the failed link.
- the NOC is aware of the link failure, and when the link is restored, the NOC directs the Terminal Adapter to terminate the secondary communication path and reinitiate communication using the primary communication path.
- There are a variety of techniques for effecting NOC to Terminal Adapter communication and one approach involves using the capabilities of downloading new configuration parameters and code discussed herein.
- FIG. 12A illustrates one embodiment of the Terminal Adapter determining the appropriate protocol to use for a given terminal and the host to which the transaction should be sent.
- Terminals may use a variety of protocols, but typically use an industry standard or proprietary protocol for card authorizations. Common industry protocols include VISA-I and VISA-II for card readers and ATM machines, as well as internationally recognized protocols, such as ISO 8583.
- two techniques are generally relevant to determining the terminal protocol, the appropriate transaction type message, and the service name (address) associated with the transaction. These techniques are parsing and telephone number mapping. How these are used, depend in part, on the Host capabilities. Specifically, some Hosts may only recognize simple transaction types. In this case, each terminal accessing that Host is presumed to only require simple transaction type messages. Consequently, every message is mapped to a simple transaction message once the destination host is determined. Other Hosts may recognize and require both simple and session transactions. In this case, the Terminal Adapter must select the appropriate transaction request message when conveying a terminal transaction. Since most transactions are of the simple type, the Terminal Adapter in some instances presumes simple transactions are used, unless exception processing indicates a session transaction should be used.
- the Terminal Adapter and Host only sends/accepts simple transactions.
- the Terminal Adapter only has to recognize the protocol type (e.g., VISA-I or VISA-II) and the destination Host.
- One method for the Terminal Adapter to determine the protocol used by the Terminal is based on the telephone number dialed by the terminal. For example, in FIG. 12A , the card reader 2 is programmed to dial a defined number.
- the Terminal Adapter processes the dialed number using table 1290 .
- Table 1290 contains a column 1291 for each defined telephone number, a column for the associated protocol type 1224 and a column for the appropriate service name 1293 .
- a geographical area may be served by two host processors as identified by the names ‘fubar.1’ and ‘fubar.2’.
- Each service name can be associated with either the VISA-I or the VISA-II protocol.
- the Terminal Adapter must still parse the message to extract the relevant information and copy this into a simple transaction request message. This message is sent to the Client Node in the Network using routing tables to route the message to a specific Service Node. In this manner, the Terminal Adapter can easily automatically configure itself to use the appropriate protocol and select a host on the dialed number. Once at the Service Node, the transaction is then routed to the appropriate Host.
- FIG. 12B Another method wherein the Terminal Adapter determines the appropriate Terminal protocol is illustrated in FIG. 12B .
- This method is based on defined parsing rules and presumes the terminal and host can send/receive either simple transactions or session transactions. Typically, the vast majority of transactions are simple transactions with only a few instances requiring session transactions.
- the Terminal Adapter 14 sends an “ENQ” or Enquiry message 1298 to the Terminal.
- the Terminal will respond by sending a message 1299 that includes a predefined ASCII string.
- the message string will have certain characteristics. For example, the message string will be one of several lengths with certain values at the beginning and/or end. For example, one rule is:
- FIG. 12C illustrates the processing of the parsing rules of one embodiment in further detail.
- the process starts in step 1220 with retrieving the parsing rules 1221 .
- the start of the string is tested for validity 1224 and if no match, the next rule is applied 1225 and the process starts over. Otherwise, the end of the string is tested for validity 1226 and if so, it is tested for a match 1227 . If no match, then the next rule is applied 1225 and the process repeats. Otherwise, the length is tested for validity 1228 and if a match occurs 1229 , then the message is recognized 1231 and the process is completed 1233 , otherwise the next rule is applied 1225 and the process repeats. If no matches occur or the string is found invalid, and there are no more rules 1230 , then the message is not recognized 1232 and an error exists.
- the parsing for the string is completed at step 1233 .
- the Terminal Adapter can automatically recognize a plurality of protocols used by different terminals, and determine the appropriate message type and service host.
- Service discovery is the process by which the terminal adapter discovers the IP addresses for Nodes that can provide further information, such as the parameter file.
- Parameter file downloading involves receiving a file containing configuration parameters. A configuration version number describes this file.
- the software download allows new software to be downloaded into the Terminal Adapter and uses address and other parameters obtained in the parameter file. All three procedures rely on the Terminal Adapter interacting with a Network, but with different degrees of autonomy.
- Terminal Adapters can be updated without requiring manual replacement of Terminal Adapters, or manual replacement of a portion of memory chips, such as one or more read-only-memory (ROM) chips in the Terminal Adapters, or manual loading of new software. Updating can be done remotely, at convenient times, with minimal cost and interruption in service.
- the updating of software is controlled in part by the NOC.
- the NOC is the portion of the Network that maintains tables associating each Terminal Adapter with its parameters.
- the Terminal Adapter boot software of one embodiment comprises two separate programs referred to as DLM (Download Program Manager) and DLP (Downloaded Program).
- the Terminal Adapter may be factory programmed with the DLM only, and the DLP may be downloaded from the Network after the Terminal Adapter is installed in the client's premises.
- the DLP is typically stored in non-volatile memory, but in case of a failure of the non-volatile memory, the hardcoded DLM allows recovery.
- every Terminal Adapter is generally factory programmed with various parameters to allow it to initially connect to the Network. As previously discussed, these parameters typically include: the Terminal Adapter Identification Number, the secret or private encryption key, and the Configuration Service Name.
- the Terminal Adapter knows that absent a dynamically obtained Service Name stored in non-volatile memory, the default, programmed value is to be used.
- the purpose of the DLM is to download and run the latest version of firmware (DLP) that is stored in non-volatile memory.
- DLP firmware
- the basic operation of the DLM of one embodiment is illustrated in FIG. 13A and described in the following steps starting from a system reset or initial powering up.
- the process begins with powering up the Terminal Adapter 1350 , which is the same as resetting the unit. Upon the very first time of being powered up, there are no dynamic parameters stored in flash (non-volatile) memory. Thus, only the default programmed values exists.
- the Terminal Adapter obtains at least one TCP/IP address for a Client Node to interact with.
- a TCP connection is established using the Ethernet to access the Network, or using PPP over a dial-up telephone line.
- the Terminal Adapter is programmed with a default parameter file version (specifically, version zero, indicating a default parameter file is present and signifying that all the parameters are default values).
- the Terminal Adapter fetches the parameter data from the Configuration Server. This is done by the Terminal Adapter (specifically, the DLM) indicating its parameter file version number to the Network, and the Network responding with a more recent version followed by the parameter file. The Network will only send the parameter data if the Terminal Adapter parameter file version is not the same as the version value stored in the server database. In this example, the Network knows that the version sent by the Terminal Adapter (version zero) indicates a default parameter is present in the Terminal Adapter, indicating that no prior parameter downloads have occurred.
- the Terminal Adapter specifically, the DLM
- the Network knows that the version sent by the Terminal Adapter (version zero) indicates a default parameter is present in the Terminal Adapter, indicating that no prior parameter downloads have occurred.
- the Network will return the same parameter file version number. This informs the Terminal Adapter that it has the latest parameter file and reduces unnecessary transmission of network data. If the Terminal Adapter previously had downloaded parameters, but these were corrupted, the parameters can be requested from the server by sending a version number zero in the packet. Any received data is saved to non-volatile flash memory in step 1356 .
- the Terminal Adapter of this embodiment (using the DLM) checks the current DLP version indicated in the parameter file and compares it against the version that it is currently executing. It further checks to ensure the data is not corrupted (i.e., free from errors as detected by a cyclic redundancy check or similar mechanism). If present and uncorrupted, the DLM skips to executing the DLP application in step 1368 , which then completes the process at step 1370 . If instead, the DLP version is not current, then step 1360 is performed to obtain the must current version. The Terminal Adapter retrieves an address from the parameter file and connects to the IP address for the purpose of performing a file transfer using FTP at step 1360 .
- the Terminal Adapter then downloads the more recent DLP program at step 1362 . If the download is not correct, at step 1364 , then it resets itself at step 1366 and repeats the process. If the download is correct at step 1364 , then the new DLP program is executed at step 1368 and the process is completed at step 1370 .
- the DLP program is the main application program running on the Terminal Adapter and performs the financial transaction processing and interworking. It uses the same parameters (see FIG. 13B ) as used by the DLM.
- the DLP can, however, have a different Service Name based on a dynamically obtained value, as the DLM process uses the value hard coded in the firmware.
- the DLP periodically checks if there is a more current parameter file, and if any parameters have changed or a new DLP is needed, the DLP performs a reset and the process repeats as described above.
- the DLM only performs one parameter file fetch, obtains the DLP, and then executes the DLP.
- the DLP then periodically performs the parameter file fetch. Only if the DLP resets the Terminal Adapter does the DLM execute itself. However, in this case, the DLM will observer that various dynamically assigned parameters are present in flash memory and it will utilize those values over the embedded values, skipping some of the above identified steps.
- obtaining new parameters and new application code are closely related, but the capability exists to download new parameters without having to download new application code.
- the DLP Once the DLP is executing, it will periodically check with the Network to determine whether it has the most current parameter file version. The Network responds by downloading a new parameter file when a newer parameter version is appropriate.
- One parameter in the file is an indication of a new DLP, which triggers the DLP to initiate a file transfer. In this manner, the Network can control the loading of new parameters and software.
- the contents of the parameter file of one embodiment are illustrated in FIG. 13B .
- the first parameter in the file is Configuration Version 1300 . This value indicates the current parameter file version the Terminal Adapter should have stored in memory. This could incorporate a timestamp to signify the last version obtained.
- the Terminal Adapter periodically queries the Network as to what is the current version that the Terminal Adapter should be executing. If the Network requires downloading a new parameter file, it returns the current version present in the Terminal Adapter. Otherwise, the NOC returns a more recent parameter file version value as well as the full parameter file. In addition, the NOC can append management commands to control the Terminal Adapter indicating it to reset or switch communication paths.
- the frequency with which the Terminal Adapter checks the Configuration Version 1300 is determined by the Configuration Fetch Interval 1301 , typically expressed in seconds. This parameter is set to have the Terminal Adapter check its parameter file version every hour or so, although greater or lesser time intervals may be used. Because the downloading of new code suspends the normal operation of the Terminal Adapter, the Terminal Adapter may forego a periodic download, particularly if there are financial transactions underway.
- the “Maximum Skip Configuration Register” 1302 indicates the maximum number of times the Terminal Adapter may skip requesting the current parameter version. This value should not be exceeded by the Terminal Adapter regardless of the number of pending transactions.
- the periodic checking for a new parameter file version also functions as a ‘heartbeat’ indication from the Terminal Adapter to the Network.
- the Node receiving the parameter file request forwards the indication to the NOC, allowing the NOC to update its status tables for that Terminal Adapter.
- the receipt of a parameter file request by a Terminal Adapter indicates to the NOC that the Terminal Adapter is functioning. If the terminal has not requested its current parameter file version and the maximum skip interval is exceeded and has not initiated any transactions, then the NOC knows the Terminal Adapter is not functioning. In such a situation, the NOC can initiate another process, such as issuing a notification to a predefined destination in a predefined manner for that Terminal Adapter.
- the notification may be an e-mail to a network administrator associated with the business entity operating the Terminal Adapter identifying the malfunctioning Terminal Adapter.
- the NOC could initiate a page, a pre-recorded telephone call, or send an alarm message to a system, file, terminal or printer in the NOC. In this manner, the NOC can proactively react to a non-functioning Terminal Adapter.
- the Network may also monitor transaction usage, errors, or other conditions and report these to the NOC, which initiates a similar notification.
- the Terminal Adapter will initiate the request using File Transfer Protocol (FTP), a well known means for transferring files over the Internet.
- FTP File Transfer Protocol
- the address for making the request is obtained from the parameter file as well as required identification and security information.
- the FTP information 1330 comprises a URL, Port number, User Name, and Password.
- the User Name identifies the Terminal Adapter, and an alternative embodiment could use the Terminal Adapter Identification Number.
- the Password data authenticates the user as being authorized to receive the binary DLP file.
- FTP information is transferred without being encrypted using a TCP/IP connection to the Terminal Adapter
- Other embodiments are disclosed providing greater security.
- One approach is to communicate a ‘challenge’ based on a random value to the Terminal Adapter.
- the Terminal Adapter concatenates the challenge value with its secret key and computes a Message Digest 5 value to determine a password.
- the Terminal Adapter sends this value to the Network that has compared a similar value based on the Network's knowledge of the Terminal Adapter's secret key. If the two values match, the Terminal Adapter is authenticated.
- a Session Transaction is used to communicate the file in an encrypted manner.
- the Terminal Adapter and Network use the same encryption methods as for passing transactions originating from a terminal to a host.
- Various authentication and encryption schemes can be used to effect the file transfer to an authenticated Terminal Adapter, such as using secure FTP procedures.
- the parameter file of FIG. 13B also includes other parameters, including communication parameter information 1303 , binary file characteristics 1304 , service discovery information 1305 , primary communication information 1307 , and backup communication information 1309 .
- the communication parameters 1303 indicate the type of ‘backend’ interface currently used by the Terminal Adapter (e.g., Ethernet, secondary ISP, etc.). This value is included by the Terminal Adapter with every parameter file fetch request and indicates to the Network the current network interface used by the Terminal Adapter. In this manner, the Network is able to monitor the communication path status of each Terminal Adapter.
- the Service Discovery information 1305 indicates to the Terminal Adapter where terminal transactions should be directed to, typically in the form of a URL.
- the Client Node in the Network maps the host name to a URL, which in turn is resolved using the DNS service into an IP address.
- the actual IP addresses are ‘hidden’ from the Terminal Adapter, allowing Network changes in address to transparently occur. This could be similarly accomplished by providing the Terminal Adapter a URL, but if the terminal indicated a single URL, then all traffic would be routed to that single point of interconnection.
- the Client Node Since the Client Node maps the service to a URL, the Client Node may select one of several URLs based on geographic location, load capacity (e.g., transaction processing capacity), or other network management aspects. In this manner, diverse Host processors connected to separate Service Nodes may be used to provide seamless transaction services to the Terminal Adapter. Further, this approach never ‘exposes’ the host network addresses and thus provides added security and flexibility.
- load capacity e.g., transaction processing capacity
- the parameter file also contains primary communication path information 1307 including the telephone number of the primary ISP and any associated modem commands (this is only required if primary access is via dial-up), identification and password information. Additional control information regarding the PPP settings is included. Similarly, secondary or backup communication path information 1309 is provided.
- FIG. 14 is one embodiment and illustrates a subset of the elements that may be involved during normal operation.
- a card reader 2 is plugged into a Terminal Adapter 14 wherein the Terminal Adapter has access to the Internet 26 via a primary communication interface 16 .
- the Terminal Adapter also has a secondary communication interface 22 using a POTS telephone line 19 a connected to the Telephone Network 24 .
- the Terminal Adapter is powered on and determines that it does not have a current application program loaded. It examines its default Service Discovery Address information, which is programmed into the Terminal Adapter at time of manufacture, and it uses this information to fetch an updated Service Discovery Address.
- the Terminal Adapter then uses this information to synchronize and authenticate itself to the Network. After this has occurred, it uses a simple transaction to obtain a dynamically determined service name that it queries to obtain a current parameter file setting.
- One parameter in the file indicates the current software code that should be present and the Terminal Adapter determines whether it should initiate a file transfer to obtain the current software. It then downloads the information using the FTP address information in the parameter file.
- the Terminal Adapter is prepared to handle terminal transactions. It synchronizes its transaction counter (if required) with the Client Node 25 a and is authenticated by the Client Node using the aforementioned techniques. The authentication procedures also provide a session token to the Terminal Adapter allowing proper encrypting and decrypting of transactional information. Once completed, the Terminal Adapter is ready to process transactions from the Card Reader 2 .
- the Card Reader 2 upon detecting a card swipe, the Card Reader 2 initiates a phone call and the Terminal Adapter emulates the necessary telephone signals so that a connection is established between the card reader and Terminal Adapter. From the card reader's perspective, it appears to have established a telephone call.
- the Terminal Adapter queries the Card Reader using an ENQ (e.g., ASCII ENQ character) message to solicit a response message.
- ENQ e.g., ASCII ENQ character
- the Terminal Adapter parses the message and selects the appropriate protocol for interacting with the Card Reader.
- the Terminal Adapter also selects an appropriate service name that identifies a destination Host processor and transaction type, which is a simple transaction type in this illustration.
- the Terminal Adapter maps the transaction to a simple transaction protocol on an established TCP/IP connection and sends the message to the Client Node 25 a .
- the Client Node processes the transaction to ensure that the transaction is allowed, synchronized, authorized, error free, and determines the appropriate Node to which to forward the request to. This decision is based on the host name selected by the Terminal Adapter in the simple transaction protocol.
- the Client Node selects a route to forward the transaction based on, in part, the service name, link capacity, configuration, and processor loading.
- the Service Node 25 b then forwards the transaction to the Financial Transaction Processor 36 according to the protocol used to interconnect the Host 36 and the Service Node 25 b .
- the Host and Service Node are directly connected via a private line 34 .
- the message typically is decrypted prior to communication to the Host.
- the Host receives the card authorization request, responds, and the response is returned to the Service Node that typically encrypts the information and routes the response back to the Client Node 25 a , then to the Terminal Adapter 14 , and then the card reader 2 . This illustrates some aspects of a normal card authorization procedure.
- the Terminal Adapter recognizes the failure by various means (e.g., lack of response at TCP/IP layer or loss of electrical signals at the physical layer).
- the Terminal Adapter retrieves the secondary communication path parameters from its parameter file in non-volatile memory, and initiates a dial-up connection to the ISP using the telephone number as well as appropriate identification and password information. Referencing FIG. 14 , the dial-up connection travels from the telephone line 19 a through the telephone network 24 and then via an alternative connection 19 b to the Client Node 25 a .
- the Client Node reached may be the same or different from the one previously associated with the primary communication path.
- the Terminal Adapter must resynchronize the transaction counter, identify and authenticate itself before proceeding with transaction processing.
- the Terminal Adapter also updates its internal communication path status table and LED status indicators accordingly. Since the Client Node is aware of the establishment of the secondary communication path, it notifies the NOC 29 of the failure. The NOC then updates its status tables and then notifies the appropriate systems and/or personnel that the primary connection has malfunctioned.
- the Terminal Adapter Periodically, the Terminal Adapter sends a ‘probe’ message over the Ethernet interface using the primary communication path to determine if it is functional.
- the Terminal Adapter uses an Ethernet access to the Internet in conjunction with the primary communication path and dial-up access to the Internet in conjunction with the secondary communication path. Because separate physical access methods are used, the Terminal Adapter can send a ‘probe’ message to determine whether Internet access using the Ethernet access approach is restored while using the dial-up access for completing transactions.
- This scheme must be modified if a single telephone line is used to establish a first connection using a first telephone number for the primary communication path and a second connection using a second telephone number for the secondary communication path. That is because the primary communication path cannot convey a probe message while the telephone line is used to support the secondary communication line.
- more sophisticated telephony services such as ISDN allow two connections to exist on one telephone line, as do other telephony based services.
- only one communication path can be operational using a single telephone line and the NOC will indicate in response to a parameter file version request that the problem causing the primary communication path to be inoperable has been corrected and that the Terminal Adapter should switch back to using the primary communication path.
- the Terminal Adapter switches back to conveying transactions on the primary connection.
- the Terminal Adapter must first synchronize and authenticate itself on the primary communication path.
- the NOC is aware of when the switchback occurs.
- the Terminal Adapter also updates its communication status visually using LEDs, in order to facilitate local diagnosing of communication status.
- the Terminal Adapter updates its operational status tables regarding the primary and secondary communication paths.
- the Terminal Adapter 14 requests from the Client Node 25 a what parameter file version it should be executing. This is accomplished using a simple transaction request message that includes the Terminal Adapter's identification number and communication path status. The Client Node forwards this message to the NOC. As a result, the NOC is now aware of the operational status of the Terminal Adapter. The NOC responds to the Client Node with a parameter file version number, and the Client Node forwards the parameter file version number to the Terminal Adapter. Assuming that the version number in the response matches the version number in the Terminal Adapter, the Terminal Adapter continues operating normally. If the NOC responded with a newer version number, it would indicate that at least one parameter in the file had changes and would send the parameter file as well. The Terminal Adapter would examine the parameter file, and if the DLP binary image name was different, the Terminal Adapter would fetch the current software, load it, and then execute it.
- the Terminal Adapter is able to automatically interconnect a variety of Terminal Types, which may implement various protocols based on the destination host.
- the Terminal Adapter in conjunction with the Network ensures a reliable and secure communication capability is provided between the Terminal and Host. Should the primary communication path fail, the Terminal Adapter uses a secondary communication path, and automatically restores the primary communication path when available.
- the NOC is aware of the operational status of each Terminal Adapter, and provides alarm notifications as appropriate. Further, by the Client Node mapping the service name associated with transaction requests to a particular Service Node, the Network is able to route traffic to a selected Host based on various conditions. In this manner, the Terminal Adapter operating in conjunction with the Nodes 25 is able to provide a versatile and flexible transaction oriented network service.
Landscapes
- Business, Economics & Management (AREA)
- Accounting & Taxation (AREA)
- Engineering & Computer Science (AREA)
- Finance (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Theoretical Computer Science (AREA)
- Strategic Management (AREA)
- General Business, Economics & Management (AREA)
- Signal Processing (AREA)
- Computer Networks & Wireless Communication (AREA)
- Development Economics (AREA)
- Economics (AREA)
- Computer Security & Cryptography (AREA)
- Marketing (AREA)
- Software Systems (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Computer And Data Communications (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
- Telephonic Communication Services (AREA)
Abstract
Description
- This application is a continuation of application Ser. No. 10/461,175 filed on Jun. 12, 2003.
- This invention generally relates to terminal adapters for terminals originating financial transactions, including credit/debit card readers, automatic teller machines, and point of sale terminals. Specifically, terminals using various access protocols interact with a transaction oriented value added network using a versatile terminal adapter facilitating interaction of the terminal with a host processor, wherein the host is also connected to the network. In one embodiment, the terminal adapter uses a wide area network, such as the Internet, as a primary means of accessing the value added network, and uses dial-up telephone service as a secondary means of accessing the value added network in the event of failure of the primary communication means. A network operations center manages the transaction oriented value added network for optimal performance.
- Electronic real-time transaction processing is common in many industries, including retail sales, inventory control, and healthcare. Businesses utilize devices such as card readers, including those reading magnetically encoded cards, to increase productivity and accuracy of various types of transactions. A common application is the use of credit cards for purchasing goods and services in retail sales. Many retailers have deployed automated card readers to facilitate credit and debit card authorization processing by store personnel. Not only do automated card readers provide greater accuracy than manually keying information at time of purchase, they offer greater speed, convenience, and accuracy. Today, it is common for each point-of-sale (POS) terminal to have an integrated card reader or have the terminal connected to a nearby card reader.
- Typically, a card reader communicates with a host financial transaction processor using a dedicated phone line. The card reader incorporates a standard modem implemented by a single, low-cost integrated circuit based on modem standards such as V.22, V.22 bis, or V.34. The card reader dials a programmed telephone number (usually local or toll-free) and establishes a telephone connection via a network with the host processor. The card reader transmits the transaction information including the card number, a transaction number, and purchase amount to a host. The host processor accepts or declines the transaction and responds by returning an authorization number. This type of transaction typically occurs quickly as it is desirable to minimize delay and increase customer satisfaction.
- Many businesses have a single point-of-sale terminal, and thus require a phone line for handling card authorizations. This is usually in addition to a voice telephone line, used by the business, since the phone line is usually dedicated for the card reader. If the telephone line is shared with a telephone for voice communication, then operation becomes inconvenient, often resulting in delaying card authorizations or voice calls. For businesses having multiple POS terminals, a plurality of telephone lines are dedicated to the card readers, often on a shared basis. While sharing telephone lines among card readers allows some cost savings, this still may result in delays for a given card reader, depending on the current card authorization volume and the number of telephone lines. For a growing business with an increasing volume of card transactions or increase in the number of card readers, constantly monitoring and determining when to add new phone lines is difficult and distracting to the core business functions of the retailer. However, use of dedicated phone lines typically does provide a high degree of reliability and security.
- Many businesses now have Internet access to supplement various business functions. Internet access is often provided to various workers at personal computers using an internal local area network (LAN) providing gateway access to an Internet Service Provider (ISP). The physical communication facility between the LAN and the ISP may be of various types, including digital private line, optical fiber, ISDN, DSL, cable modem, wireless, satellite, etc. Typically, digital access arrangements provide higher data communication speeds compared to dial-up connections. Using a LAN to access the Internet allows multiple users to access the Internet at the same time. While simultaneous usage may slow down response times, one user does not ‘block’ access by another, as is the case when a single telephone line is shared by multiple users or devices. Further, the cost of accessing the Internet does not necessarily require additional fees for each simultaneous user accessing the Internet. In contrast, simultaneous access via telephone lines requires a plurality of telephone lines, each of which has a discrete incremental cost.
- If retailers could configure their card readers to utilize the Internet for accessing the host processor, the telephone lines dedicated for the card readers would not be required, thus reducing costs for the retailers. However, the use of separate telephone lines does provide the advantage of a reliable and redundant communication architecture. Replacing all the telephone lines with a single Internet access arrangement provides a single point of communication failure rendering all the card readers in the retailer's location non-functional if Internet access is unavailable. The potential for lost profits, even for a relatively short outage, can more than justify the higher cost of using separate telephone lines. Consequently, it would be desirable to have the advantages of Internet access while retaining the reliability and security of a dial-up connection.
- U.S. Pat. No. 5,526,409 discloses the use of a second telephone line that can be used as a secondary means of communication in the event the primary telephone line or modem is inoperable. However, using a single telephone line as the primary communication facility limits the data communication speed for transmitting data and limits the destination to a single host. Nor does the patent disclose automatically switching to the second telephone line or automatically switching back to the primary telephone line.
- U.S. Pat. No. 5,778,173 discloses using the Internet by a personal computer to facilitate a financial transaction, such as a purchase. However, the complete transaction is not carried out using the Internet; a portion of the transaction conveying sensitive information is sent using a modem on a dial-up telephone connection. This arrangement still requires a dedicated phone line for each terminal and increases cost.
- Therefore, what is needed is a system for using existing card reader terminals for accessing a host financial processor using an inexpensive, reliable, and secure transaction processing network while providing backup communication to ensure reliable and secure transaction processing.
- Generally described, the present invention interworks a terminal, typically incorporating a magnetic card reader, with a host processor by using a terminal adapter operating in conjunction with a network. The terminal adapter and network provide various value added services, including synchronization, error detection, security, backup communication, and authentication to achieve fast, reliable, low cost, and efficient transaction processing. Various embodiments of adapting existing terminals or personae computer based terminals are disclosed.
- According to one aspect of the invention, a terminal adapter operating in conjunction with a network is provided for interworking a terminal to a host where the terminal adapter incorporates a processor to receive a first transaction request message from the terminal and interwork the message to the network using a second transaction request message. The network conveys the transaction to the host and interworks the message to a protocol used by the host. The response from the host is similarly conveyed back to the terminal. The terminal adapter in coordination with the network provides services including: synchronization, authentication, error detection, encryption, backup communication capability, automatic recognition of various terminal protocols and host addresses, automatic determination of network addresses to obtain configuration parameters, and the ability to automatically download new software.
- According to another aspect of the invention, various embodiments of the terminal adapter/terminal are disclosed, including a software version in which functions associated with the terminal adapter are accomplished by loading software into a computer, such as a personal computer based terminal having existing communication capability with a network.
- According to one aspect of the invention, a network node is provided for interworking a terminal adapter to a host. The network node incorporates a processor to receive a transaction request message from the terminal adapter and ensure the request is synchronized, encrypted, and error free and to relay the message to another network node and to a host processor. The response from the host is similarly conveyed back to the terminal. The network node in coordination with the terminal adapter provides services including: synchronization, authentication, error detection, encryption, and downloading of addresses, parameters and software to the terminal adapter.
- According to another aspect of the invention, a method is disclosed for interworking transaction messages by a terminal adapter wherein the messages originated from a terminal are interworked with a network for processing by a host. The method includes: receiving a first message from the terminal, determining the protocol and host destination, and mapping the first message to a second message to a network interface. The method includes ensuring synchronization between the terminal adapter and network, encrypting and decrypting messages, switching over to a backup communication path as required, authenticating the terminal adapter to the network, discovering service address information and new configuration parameters, and downloading software as required.
- According to another aspect of the invention, a network operation center is disclosed for maintaining information associated with each terminal, including primary and secondary communication path status, operational status, software version indicators, parameter file version indicators, and various service related address information. The network operations center may further initiate communication to a defined location, in a defined manner, based on a defined status condition.
- Having thus described the invention in general terms, reference will now be made to the accompanying drawings, which are not necessarily drawn to scale, and wherein:
-
FIG. 1 illustrates one embodiment of the system in which the versatile Terminal Adapter operates according to the principles of one embodiment of the present invention. -
FIG. 2 further elaborates on one embodiment of the invention involving the Value Added Network according to the principles of one embodiment of the present invention. -
FIG. 3 illustrates the pre-transaction transfer procedures for the Terminal Adapter according to the principles of one embodiment of the present invention. -
FIG. 4 illustrates a Simple Transaction message exchange according to the principles of one embodiment of the present invention. -
FIG. 5 illustrates a Session Transaction message exchange according to the principles of one embodiment of the present invention. -
FIG. 6 illustrates the protocol architecture for one embodiment of the Terminal Adapter using the primary communication path according to the principles of one embodiment of the present invention. -
FIG. 7 illustrates various hardware components associated with one embodiment of the Terminal Adapter according to the principles of one embodiment of the present invention. -
FIG. 8 illustrates various software components associated with one embodiment of the Terminal Adapter according to the principles of the present invention. -
FIGS. 9A-9B illustrate various software related embodiments of the functions according to the principles of one embodiment of the present invention. -
FIG. 10 illustrates a flowchart for switching from the primary to secondary communication path (and vice versa) according to the principles of one embodiment of the present invention. -
FIG. 11 illustrates the protocol stacks for one embodiment of the Terminal Adapter using the secondary communication path according to the principles of one embodiment of the present invention. -
FIGS. 12A-12C illustrate embodiments of the Terminal Adapter automatically selecting a terminal protocol according to the principles of one embodiment of the present invention. -
FIGS. 13A and 13B illustrate the procedures and parameters provided to the Terminal Adapter to accomplish software download and configuration management according to the principles of one embodiment of the present invention. -
FIG. 14 illustrates various operational aspects of the Terminal Adapter according to the principles of one embodiment of the present invention. - The present inventions now will be described more fully hereinafter with reference to the accompanying drawings, in which some, but not all embodiments of the invention are shown. Indeed, these inventions may be embodied in many different forms and should not be construed as limited to the embodiments set forth herein; rather, these embodiments are provided so that this disclosure will satisfy applicable legal requirements. Like numbers refer to like elements throughout.
- The present invention is directed in part to a versatile transaction terminal adapter (“Terminal Adapter”) interworking various types of terminals with a value added network (“Network”) for the purpose of accomplishing transactions, including financial transactions, which will be principally used to illustrate the principles of the present invention. The Terminal Adapter is designed to utilize the services of the Network, which in turn utilizes a communication infrastructure, such as the Internet, to provide the goals of reliable, secure and efficient communications in a low cost manner. Alternatively, the Network could utilize other communication infrastructures, such as virtual private networks, ATM networks, WANs, or similar technologies to accomplish these goals. Further, although the principles of the present invention are illustrated using certain types of embodiments, communication infrastructures, and categories of transaction types, it will be readily appreciated that other communication networks or devices could incorporate the principles of the present invention for a variety of transaction types.
- A system perspective of one embodiment of the invention is shown in
FIG. 1 . InFIG. 1 , the terminals ofsystem 1 are typically located on the premises of a business, such as a retail store, bank, merchant, etc. although it is not restricted to commercial sales applications. A common example is acard reader 2 located in a retail store, which can be a credit card reader, debit card reader, or any other type of magnetic card reader, optical card reader, or ‘smart’ card reader. InFIG. 1 , thecard reader 2 is illustrated as directly connected to the Terminal Adapter. The connection between the card reader and the Terminal Adapter can use a variety of connection means, and frequently incorporates an RJ-11 telephone-type jack based on a Plain Old Telephone (POTS) interface. Specifically, the card reader expects to interface with the Public Switched Telephone Network (PSTN), which the Terminal Adapter emulates. -
FIG. 1 also illustrates a plurality ofcard readers 4, which can be of the same type as theprevious card reader 2, but which are connected to a multi-card reader controller 6. The controller 6 aggregates a plurality of card readers and multiplexes their transactions onto a single communication facility. In this illustration, the controller 6 is connected to theTerminal Adapter 14. The interface presented by theTerminal Adapter 14 to thecard reader 2 could be the same interface presented by theTerminal Adapter 14 to the multi-card-reader controller 6. These are but two of many arrangements that may be used to connect a terminal to the Terminal Adapter. For example, one embodiment of the Terminal Adapter connects severalidentical card readers 2, one terminal to each interface of theTerminal Adapter 14. - The terminal is not restricted to being a card reader, but may be a more sophisticated device, such as an Automatic Teller Machine (ATM) 8. This type of terminal performs financial transactions, although the nature of the transaction may be more complicated or varied than that of a credit card authorization associated with the previously identified
card readers ATM 8 is illustrated as directly connected to theTerminal Adapter 14 and the ATM and Terminal adapter can be co-located together or remotely located from each other. Again, various communication arrangements may be used to effect the communication between the ATM terminal andTerminal Adapter 14 including the use of multi-terminal controllers 6 previously disclosed. - Finally,
FIG. 1 also illustrates a personal computer (PC) based Point-of-Sale (POS) terminal 10 having anintegrated card reader 11 accessing theTerminal Adapter 14 via amodem 12. The POS terminal is typically a personal computer adapted for POS applications using standard operating software, such as the Microsoft Windows™ operating system and controls the modem using one of several command languages, such as the Hayes™ compatible modem command or XON/XOFF commands. Those skilled in the art will recognize that alternative configurations are possible. For example, thePOS terminal 10 could interface with theTerminal Adapter 14 using a USB cable connected to USB ports, a serial RS-232, or RS-422 interface. Alternatively, the modem functions, or subset thereof, may exist in the POS terminal or in the Terminal Adapter as a virtual device driver. If the modem functionality is integrated into the Terminal Adapter, it could be a ‘software’ modem or virtual modem. Specifically, driver software emulating a modem's command interface in the Terminal Adapter allows the POS terminal to interact with the Terminal Adapter as if there were an actual hardware modem connected to the POS' serial interface. The POS terminal issues standard modem commands via the serial interface that are, in turn, processed by the Terminal Adapter emulation software. Further, the functionality of the Terminal Adapter can be integrated into the personal computer or the POS terminal by defining a ‘softmodem’ or virtual modem. Alternatively, the softmodem could be implemented in a client-server system comprising terminals and a server. - Other variations are possible, including the Terminal Adapter providing interfaces incorporating a poll select asynchronous packet based protocol, such as the X3.28-1976 ISO protocol, X.25, frame relay, or bisync protocol to interface with other types of terminals. Further, the invention is not limited to card reading or POS terminals, but includes terminals conducting transactions based on other inputs, including badge readers, OCR scanners, RF identifier tag readers, sensors, special purpose personal computers, computers processing manual keyboard input, or any other type of transaction-oriented processing device. Additionally, the card reader need not be synonymous with the terminal or incorporated in the terminal, and instead, the terminal can be considered to have, or comprise, a card reader so long as the terminal, such as the POS embodiment, is in communication with a card reader or similar functioning input device. Although a preferred embodiment of the present invention is directed to financial transactions, the principles of the present invention could apply to transactions of a non-financial nature, such as telemetry, alarm, maintenance, health care, pharmacy, or other applications typically involving card readers for ‘card swipe’ transaction processing.
- The
Terminal Adapter 14 can be considered as having a ‘front end’ comprising theterminal interfaces - The
Terminal Adapter 14 can also be considered as having a ‘back end’ comprising network interfaces interconnecting with network communication facilities. InFIG. 1 , theTerminal Adapter 14 has two network interfaces on the back end. Oneinterface 16 is an Ethernet interface; typically connecting to aLAN 18 and designated the primary interface. This interface could be a 10BaseT type of Ethernet access, although those skilled in the art will readily recognize other types of LAN/MAN access standards could be used such as FDDI, token ring, token bus, 802.11x, etc. TheLAN 18 facilitatesinterconnection 26 with theInternet 20, since the Terminal Adapter may not always be in close proximity to the interface to the Internet interface. For example, a store operating multiple sales stations may have a Terminal Adapter located in the store connected via theprimary interface 16 to thecorporate LAN 18 that in turn then provides access to theInternet 20. The LAN also isolates the Terminal Adapter from the various Internet access arrangements. For example, theTerminal Adapter 14 is isolated from changes or upgrades in thephysical connection 26 to the Internet, whether it be DSL, wireless, T1, etc. - The
LAN 18 in turn interfaces to theInternet 20 using one of the variety ofcommunication facilities 26, including: DSL, T1, T3, dial-up, ISDN, optical fiber, cable modems, WiFi, satellite, etc. The Terminal Adapter accesses the Internet interface on the back end using either the PPPoE (Point-to-Point Protocol over Ethernet) protocol or the DHCP protocol when using Ethernet access. PPPoE and DHCP are well known approaches to achieve TCP/IP access to the Internet over Ethernet and are well known in the art of data communications. Theprimary interface 16 is preferably a high-speed interface, at least fast enough to accommodate the transaction volume of the plurality of terminals. - The
Terminal Adapter 14 may also have asecondary interface 22 on the back end illustrated by a connection to the Public Switched Telephone Network (PSTN). The second interface provides back up communication capability in the event the primary communication path is inoperable and typically operates at a slower speed than the primary interface. This secondary interface typically uses a telephone line and the Terminal Adapter typically incorporates an integrated modem and PPP access protocol. The PPP is well known in the area of data communications for obtaining TCP/IP access to the Internet over dial-up. The PSTN is noted for its reliability and ubiquitous availability, although dial-up access speed is limited. However, it is usually the case that a business location will have a telephone line for dial-up access for voice that can intermittently be used for dial-up access to an ISP, whereas alternative access methods (such as DSL) are not nearly as common. However, theTerminal Adapter 14 could incorporate such alternative access arrangements for the secondary interface, including: DSL, ISDN, frame relay, X.25, or some other communication protocol for the secondary interface. The secondary interface could even be the same type as the primary interface. Typically, the secondary interface is based on modems providing speeds of 28.8 Kbps or 56 Kbps (e.g., V.34 or V.90), although other rates could be used. - The Terminal Adapter of this embodiment relies on connectivity to the PSTN for secondary access in the situation where the primary communication path is not functional in two ways. First, a preferred embodiment uses a
facility 30 to access theInternet 20 to provide an alternative route to theNetwork 33 so that the same set of services are provided. A second embodiment incorporates afacility 32 directly connecting theTransaction Processor 36. In this embodiment, theTransaction Processor 36 could implement the processes for providing the same value added services as provided by theaforementioned infrastructure 28, or alternatively, the Financial Transaction Processor may not provide the additional services and allow the secondary communication path to have a reduced level of functionality, while still providing connectivity. This may be an acceptable business alternative, since transaction applications using a point-to-point POTS connection between the Terminal Adapter and Transaction Processor may find it acceptable to operate without all the value added services on an interim basis. - The
Internet 20 provides a communication infrastructure for transporting information and provides a set of well-known services using the TCP/IP protocol stack. However, the needs of the terminals to perform financial transactions (or, other applications as previously noted) may not fully be served by the data communication services provided by the Internet. For this reason, various service extensions are required. These Value AddedServices 28 are provided by various Nodes connected to the Internet operating an additional protocol on top of the TCP/IP stack. Together, the Internet and the Nodes provide enhanced services and comprise theNetwork 33. Although the Internet may be associated with one embodiment, the Value Added Service Network could be comprised of various Nodes operating on top of other networks such as WANs, LANs, or virtual private networks based on a variety of technologies. The value added services provided by the Network provide additional security, reliability, and flexibility to facilitate other functions that will be described in further detail. This architecture is based on the concept of protocol layers and is well known in the art of data communications. -
FIG. 2 further expands on one possible embodiment of theInternet 20 and Value AddedServices 28 that comprise the Value AddedNetwork 33. As is well known, the “Internet” is not a single network, but a collection of networks operating in a cohesive manner. This is illustrated inFIG. 2 by depicting theInternet 20 as two interconnectedInternet Service Providers 27. In practice, there are literally thousands of such networks comprising the “Internet.” The services provided by the Internet use the TCP/IP protocol and are well known, but may not be sufficient in terms of reliability and security for transaction processing. Consequently, Nodes 25 are defined providing these additional functions in the Network. - The Nodes 25 are connected to the Internet and may be directly interconnected as well (not shown). While three Nodes are illustrated, in practice there may be many more, deployed in diverse geographic areas, replicated for redundancy, and interconnected for reliability. Further, some Nodes 25 may be collocated or integrated with other equipment, such as the
Transaction Host Processors 36 or Internet routers, LANS, gateways, bridges or PBX's. - There are three types of Nodes that typically implement the value added services and these are the
Client Node 25 a, theCore Node 25 b, and theService Node 25 c. TheClient Node 25 a interfaces with the Terminal Adapter, typically using the transport capabilities of the Internet. Although not illustrated, it is possible that the Terminal Adapter could directly connect to theClient Node 25 a using any number of communication facilities. This would represent an embodiment where the Client Node and Internet router functionality are integrated. TheClient Node 25 a recognizes theTerminal Adapter 14 and performs synchronization, security, authentication, and error detection functions in addition to relaying and/or interworking information to theCore Node 25 b. The Core Node is not always required, but if present, it relays information across the same ordifferent ISP providers 27. TheCore Node 25 b may relay information to other Core Nodes or to aService Node 25 c as illustrated inFIG. 2 . When the Core Node routes to another Core Node, it can route the transactions to the least busy Core Node, or reroute to an alternative Node in case of a Node failure. TheService Node 25 c interfaces with the Transaction Host Processor (“Host”) 36 using any number of point-to-point facilities 34. The Service Node converts the protocols used when receiving transaction from another Node to the protocol used in communicating with theHost 36. In general, many of the services and features the Terminal Adapter provides with respect to a terminal can be provided by a Service Node to a Host Processor. Thus, for example, a Host Processor could initiate a transaction to another Host. Typically, theconnection 34 from the Service Node to the Host is a high-speed digital facility capable of multiplexing significant numbers of transactions. - Since reliability is a major concern in financial and other types of transactions, the Nodes 25 are typically replicated in diverse locations. For example, the Service Node is duplicated (not shown in
FIG. 2 ) in a diverse geographical location and also connected to the Host processor so that the Host can continue to communicate to an alternative Service Node if one Service Node or communication path fails. The Service Nodes may be load balanced (e.g., each typically providing 50% of the total transaction traffic to the Host) or configured with one Node as a hot standby (providing 100% of the transaction capacity, but switchable to the other Node when required). Similarly, each Service Node is typically connected to a plurality of Core Nodes. Those skilled in the art of network architecture will recognize the various arrangements that can be used for providing reliable access between the Host and the Terminal Adapter. Further, the Host may be replicated in a geographic diverse location for redundancy and reliability reasons. -
FIG. 2 also illustrates a Network Operations Center (NOC) 29 connected to the various Nodes 25. TheNOC 29 administers and manages the operation of the Nodes and Terminal Adapters with respect to the Network. With respect to the Nodes, the NOC receives measurements, alarm information, traffic statistics, load levels, and similar information and acts accordingly. For example, if a Node is not functioning correctly, adjacent Nodes will reroute around the non-functioning Node. The NOC becomes aware of the status of the non-functioning Node and can monitor the status of the Node while the problem is investigated and corrected. With respect to Terminal Adapters, the NOC is also aware of their operation and maintains a profile for eachTerminal Adapter 14 and itscorresponding Client Node 25 a. This allows the NOC to know the current network conditions and operating status of each element, including both Nodes and Terminal Adapters. - The NOC can further communicate indirectly to the Terminal Adapter by sending management messages relayed by the appropriate Node by piggybacking messages with the parameter file fetch response. The NOC (via the Network) can send a command to reset the Terminal Adapter, direct the Terminal Adapter to switch from its primary communication path to its secondary communication path, or switch to a different Client Node.
- Normal Operation
- The normal operation of the Terminal Adapter is typically divided into two phases: pre-transaction processing and transaction processing transfer. Several functions must be accomplished in the pre-transaction processing phase in order to communicate transactions in the data transfer phase. In this context, ‘pre-transaction processing’ refers to actions occurring prior to the processing of terminal originated transactions. As will be discovered, the Terminal Adapter uses the transaction protocol procedures to bootstrap itself in order to subsequently process transactions from the terminal. Thus, transaction messaging is used between the Terminal Adapter and the Network in the ‘pre transaction processing’ phase.
- Because various aspects of the pre-transaction processing and transaction processing phase generally rely on data that is hardcoded into the Terminal Adapter, this data is briefly discussed. In other embodiments, such as the softmodem incorporated into a PC, the PC manufacturer obviously does not hardcode these values into the PC's firmware. In these embodiments, these values are programmed into the device manually or loaded by reading a file.
- Embedded Data
- One type of data manufactured in the firmware of each Terminal Adapter of one embodiment is a Terminal Adapter Identifier value that uniquely identifies the device. This value may in the format of: <manufacturer id> <model number> <serial number> suffix>. This structure forms a 24 byte identifier, although other structures and values may be used to achieve a unique identifier programmed into the Terminal Adapter. For example, the MAC address (associated with the Ethernet network interface) could be concatenated with the serial number and used as an identifier. The Terminal Adapter Identifier is typically sent in all messages to identify the particular Terminal Adapter to the Network and allows in part, the Network and NOC to maintain status and service profile information for each Terminal Adapter.
- Another instance of data programmed into the Terminal Adapter of one embodiment is a secret key used in encryption and authentication. The secret key value is not communicated over the interface, but used both by the Terminal Adapter and the Network to encrypt information that is communicated over the interface. As is well known, the use of encryption also facilitates authentication of a particular Terminal Adapter. Authentication can be accomplished by the Terminal Adapter and Network encrypting a common data value, exchanging and then comparing the result. Only if the Terminal Adapter has the correct secret key will its encrypted value match the Network's value. As for using the secret key for encrypting transactions, encryption is accomplished using a key derived from the secret key, the session token and the transaction counter. In this manner, if an unauthorized user cracks a message, the secret key is not revealed, and hence other messages are not compromised.
- The Terminal Adapter of one embodiment also stores a default Configuration Service Name that describes the parameter file version currently held in non-volatile memory. In this embodiment a value is programmed into the Terminal Adapter describing the parameter file version initially present at power up, but then a dynamically determined value is obtained from the Network and supercedes the default value.
- Another instance of data programmed into the Terminal Adapter of one embodiment is a default Service Name. The Service Name is a default URL of a server providing ‘bootstrap’ address information, typically in the form of a set of Client Nodes IP addresses that the Terminal Adapter uses to interact with for transactions and management functions (e.g., parameter downloading). Usually, a Terminal Adapter uses a single address for these functions, but for various reasons including reliability, alternative values are provided.
- These values are programmed into the Terminal Adapter as default values. In many cases, the default values are typically augmented with dynamically determined values provided by the Network as part of the bootstrap process. The dynamically obtained values do not erase the default values (recall that the default values are hardcoded into the Terminal Adapter), but the Terminal Adapter stores both and knows by the presence of the dynamic values that the default values have been superceded.
- Pre-Transaction Processing Phase
- Upon power up, the Terminal Adapter generally executes several related procedures. In one embodiment, these are: Service Discovery, Synchronization and Authentication, Parameter Downloading, and Software Downloading. All are executed upon initially powering up the Terminal Adapter, but thereafter, the procedures may be invoked separately. Upon initial powering up, the Terminal Adapter of this embodiment first invokes a Service Discovery process to obtain a list of IP addresses that correspond to Client Nodes. This is accomplished by sending a Service Discovery request using the service name address that is permanently encoded into the Terminal Adapter.
- The Terminal Adapter of this embodiment then synchronizes and authenticates itself to the Network. These procedures occur together, so that authentication follows whenever synchronization occurs. Thus, ‘synchronization’ implies synchronization and authorization wherever context dictates such. Synchronization is generally required prior to sending transaction requests, and occurs frequently after the Terminal Adapter has initially powered up. For example, if the Terminal Adapter has been idle for a long period, re-synchronization may be required. Synchronization is discussed in detail in conjunction with the normal transaction transfer, so that this explanation can focus on the initial power up functions.
- After synchronization, the Terminal Adapter of this embodiment selects one of the IP addresses obtained using service discovery and uses it to initiate a parameter download using a transaction request. As discussed subsequently, this is of the form known as a ‘simple’ transaction request. The parameter file contains various configuration and address information to facilitate operation of the Terminal Adapter. The parameters may indicate, in part: where transactions should be sent to, primary and secondary communication path information, and where to obtain new software applications for software downloads. The Terminal Adapter typically downloads a parameter file by indicating its current parameter file version to the Network. This is an implicit request to the Network to indicate whether a more current version exists. Upon initial powering up, this value indicated by the Terminal Adapter is typically the default Configuration Service Name encoded into the Terminal Adapter. When the Network receives the default Configuration Service Name, it knows to route the request to a specified process server and a configuration version number of zero indicates that the Terminal Adapter is requesting an initial parameter download. The Network responds by sending the current name of the parameter file version along with the parameter data.
- Next, the Terminal Adapter of this embodiment examines certain parameters in the parameter file to determine whether a software download should occur. Software download refers to downloading new application code (binary image file) for execution. The Terminal Adapter examines the binary image name of the most recent executable file as indicated by the Network in the parameter file and compares it with the current value stored in memory. If the Terminal Adapter finds a different executable file indicated compared to what is stored in default memory (which is likely the case upon initial powering up), the Terminal Adapter fetches the new executable file. The location to fetch the executed file from is typically indicated by an address in the parameter file. After the Terminal Adapter loads and executes the current application, it is ready to process transactions from a terminal. Thus, the transaction processing phase is ready to start.
- Transaction Processing Phase
- Prior to sending a transaction, the Terminal Adapter is typically synchronized and authenticated to the Network. This generally occurs during initial power up, but may be required again. Resynchronization occurs frequently and is considered normal operating procedure. Synchronization facilitates orderly transaction processing between the Network (specifically, the Client Node) and the Terminal Adapter, as well as enhancing the security of the transaction by exchanging a new session token. Resynchronization may be required if errors occur when the Terminal Adapter switches from the primary to secondary communication path, or when the Terminal Adapter switches from one Client Node to another. Authentication is required to ensure the Network is communicating with a trusted entity and to pass encryption parameters (e.g., a session token, as discussed subsequently) to the Terminal Adapter.
- In the embodiment of
FIG. 3 , theTerminal Adapter 301 first opens a TCP connection with theNetwork 303 instep 300. The Terminal Adapter sends a synchronization request atstep 302 and includes a transaction counter (TC) in the header of the message. Thereafter in subsequent transactions, the Network will expect the transaction counter to be incremented over the current value each time a transaction is sent. If the Network receives an unexpected value, an error code is returned to the Terminal Adapter and the Terminal Adapter is required to re-synchronize its transaction counter. Re-synchronization is required under various conditions, including: the Terminal Adapter being idle for a long period, switching from primary to secondary communication paths, or being unable to complete a transaction. - The Network records the TC value and computes a Message Digest. A message digest is a condensed text string that has been distilled from the contents of a text message where its value is derived using a one-way hash function and is used to create a digital signature. The Network may use a particular form known as a Message Digest 5 (MD5) based on a Random Value (RV) and the Transaction Counter (TC). This is returned in a Synchronization Response at
step 304 that signifies synchronization has occurred and that the Terminal Adapter should authenticate itself. - The Terminal Adapter responds by formulating a Message Digest type 5 (MD5) based on a secret key (PUC) and the transaction counter (TC) in
step 306 and sending it to the Network. The Network compares this value with its previously computed value, and assuming a match, returns a response instep 308 indicating authentication has successfully occurred and includes a session token (ST). The session token is encrypted using the Message Digest and is used by the Terminal Adapter to derive the key used for subsequent encryption/decryption in the data transfer phase. Finally, when completed, the Terminal Adapter may close the TCP connection instep 310. Alternatively, the Terminal Adapter may leave the TCP connection open and avoid the additional steps of opening a TCP connection prior to entering a subsequent data transfer phase. - There are alternative security and authentication means that could be used to authenticate and encrypt information, including other public and private key schemes such as RSA, PGP (Pretty Good Privacy), etc. Those skilled in the art will recognize that a variety of message types, formats, and encryption techniques could be used to accomplish the function of synchronizing and authenticating the Terminal Adapter and Network, but these are all within the principles of the present invention.
- The Transaction Processing Phase is used to convey transactions initiating from the terminal, and in one embodiment, there are two methods to accomplish this: simple transactions and session transactions. The simple transaction is composed of a single request-response pair of messages. These are often used in credit card or ATM based transactions where a single message pair is sufficient to complete the transaction. The process is illustrated in
FIG. 4 . - In
FIG. 4 , theTerminal Adapter 400 communicates with theNetwork 402, typically with aClient Node 25 a. TheNetwork 402 also communicates with theHost 404, which is theFinancial Transaction Processor 36 ofFIG. 1 . - The Terminal Adapter must open a TCP connection in
step 406 if one has not already been opened. After that, a Simple Request 408 is sent to the Network, which then routes the message to the appropriate Host instep 410. The Host processes thetransaction 411 and responds instep 412. TheNetwork 402 receives the response and forwards it instep 414 to theTerminal Adapter 400. The Terminal Adapter extracts theresponse 416 and sends the response to the Terminal (not shown). If there are additional transactions that can use the same TCP connection, then the process repeats atstep 418. If there are no further transactions, the Terminal Adapter will close the idle TCP connection atstep 422 and any additional transactions atstep 420 will result in re-opening a TCP connection atstep 406. - The other method for sending a transaction in this embodiment is using the Session Transaction. The Session Transaction is used for more complex transactions, such as settlement activities occurring at the end of day. For example, in some business implementations the POS terminal retains data for the financial transactions during the day and must send summary information to the Host for end-of-day settlements. A Session Transaction is composed of multiple request-response pairs and is more appropriate than the single request-response for transferring lengthy transactions. The Session Transaction is composed of multiple request-response pairs that are guaranteed to be delivered in sequential order to a Host on the same logical connection. When a Session Transaction is initiated, the Client Node initiates a session with the appropriate Service Node and the Service Node responds with session context information, such as address and port information. This allows the Client Node to map subsequent message associated with the session. If transaction data is provided by the terminal, the Client Node includes the data in the session initiation message, and the Service Node forwards this to the Host. The session context also enables the terminal adapter to continue a session using a different Client Node in the event that the initial Client Node becomes unavailable. This process is illustrated in
FIG. 5 . -
FIG. 5 illustrates theTerminal Adapter 500 communicating with theNetwork 502, which in turn, communicates with theHost 504. The Terminal Adapter must open a TCP connection in step 506 if one has not already been opened. Then, the Terminal Adapter communicates an Initiate Session request atstep 508 to the Network, along with transaction data. The Network routes the message to the appropriate Host atstep 510. Specifically, the Client Node receives and relays the message to the Service Node, which then relays the message to the Host. The Host processes the transaction data atstep 512 and conveys theresponse 514 to the Network and then conveyed again 516 to the Terminal Adapter. At this point, the Terminal Adapter instep 518 is prepared to send transaction data and the Network has established internal session tables for mapping subsequent terminal messages to a specified session and host. The Transaction Data is formulated atstep 520 and a Session Transaction request is sent to the Network atstep 522, which then routes therequest 524 to the Host, which processes thetransaction 526. Theresponse 528 is conveyed to the Network and back 530 to the Terminal Adapter that extracts theresponse data 532. If additional transactions are desired, the process repeats atstep 531. Once all the transaction request-response messages are conveyed, the Terminal Adapter then formats a TerminateSession request 534 and sends it to the Network atstep 536. If transaction data is included, the Network forwards it to theHost 538 and processes themessage 540. The Host sends aresponse 542 that is forwarded by the Network to theTerminal Adapter 544 in the Terminate Session message closing thesession 546. Once completed, the TCP connection can be closed 548. - Both transaction forms have common aspects. First, transaction messages in either form incorporate a Terminal Adapter Identification Number. This may be the value hardcoded into the Terminal Adapter or, in the case of a PC executing software emulating a terminal adapter, the value can be programmed into the device. The Terminal Adapter Identification Number uniquely identifies the device connected to the
Network 33. This unique value allows the Network to maintain information for each Terminal Adapter using the Network. If an error condition exists the Network will be able to correlate the condition to a particular device and take action as necessary. This may include, for example, notifying appropriate service personnel to investigate a problem, such as a defective Terminal Adapter. Further, statistics regarding each transaction can be maintained and recorded for a given Terminal Adapter, allowing value added information to be mined from periodic reports. - Second, both types of messages utilize error detection using well-known techniques, such as cyclic redundancy codes (CRC). This allows easy detection of errors in a transaction detectable by the Network, Host, or Terminal Adapter and ensures only uncorrupted data is processed.
- Further, both transaction forms utilize encryption based on a secret key that is programmed into the Terminal Adapter at the time of manufacture. The encryption schemes are based on the 3DES, AES, or any other scheme well known in the art. The 3DES and AES schemes encrypt multiples of 8 or 16 bytes cipher texts respectively, and when the cipher text is not a multiple of the block size, then the cipher text is zero padded to the appropriate length. The encryption key may be generated based on running MD5 on the concatenated value of the private key (known to the Terminal Adapter), the transaction counter, and the session token.
- Additionally, both transaction forms indicate a service name that is used by the Network to determine the appropriate host for processing the transaction. The Service Name is derived from the parameter download and is used by the Network to identify a particular Service Node to then deliver the transaction to the appropriate host.
- Those skilled in the art will recognize that the message formats for conveying this information can be of various formats. In one embodiment, messages indicate a packet type with values defined for session request/responses and simple transaction request/responses. A variety of encoding and structures can be used to convey the above information as well as encode the information.
- The above capabilities for communicating transactions between the Terminal, Network, and Host ensure that:
-
- only trusted entities are allowed to initiate a transaction with the Network;
- transactions are recognized in an orderly manner by the various entities;
- transactions are error checked at various points to ensure no errors occur during communication;
- transactions are encrypted prior to delivery to the Network to ensure unauthorized recipients cannot understand the contents; and
- Terminal Adapters are uniquely identified to allow correlation of transaction related events with a specific user of the Network.
- The system in which the Terminal Adapter operates can also be viewed with respect to the protocol stacks. As illustrated in
FIG. 6 , aprotocol stack 650 is implemented in thecard reader 2 comprising aPOS application 651, which is typically programmed at time of manufacturing. This application uses the services of afinancial transaction protocol 652 such as the VISA-II (a.k.a. VISA-2) protocol to transmit credit card authorizations. This in turn, relies on atelephone protocol 653 that comprises the physical, modem and traditional dial-up procedures to communicate over aphone line 654 to theTerminal Adapter 14. The Terminal Adapter containingprotocol stack 656 receives the information over thetelephone cable 654, decodes the information using acorresponding telephone protocol 655, and relays 657 the financial transaction protocol information over the backside interface. This ‘backside’ interface uses the value addedservices layer 658 to provide a secure and robust transmission of data to the host 636. The value addedservices layer 658 uses the TCP/IP protocol layer 659 and incorporates the aforementioned authentication, synchronization, and encryption procedures for sending transactions. The transactions are communicated using the TCP/IP over Ethernet requiring the use of the IEEE 802.3Ethernet protocol layer 660. The LAN is typically a 10BaseT Ethernet connected via the Internet. - Not all the protocol stacks for all the physical elements are illustrated, as they are not required to illustrate the principles of the present invention. For example, the Ethernet/Internet bridging the LAN and providing Internet access is not illustrated as it is transparent to the value added services layer and higher layers. Further, only one Value Added Service Node in the
Network 33 is illustrated by theprotocol stack 662. This Node is a combination Client Node and Service Node as it interfaces both to the Terminal Adapter and the Host. In practice, a separate protocol stack for a Client Node and a Service Node would typically exist, communicating with each other using the Internet or other facilities. Those skilled in the art will recognize many other variations as well. - The Value Added Service Node receives data via the
lower layer 665, processed by the TCP/IP layer 664 and then processed by the addedservices layer 663. If acceptable, the data is relayed by the financialtransaction protocol layer 666 back down a TCP/IP layer 667 and aphysical layer 668, which can be based on a variety of protocols (e.g., T1, DSL, etc.). The relayinglayer 666 in the Node may or may not convert the financial protocol to another variant as required by the Host. The data continues via thephysical facility 669 and then to the Financial Transaction Host 636 that implements aprotocol stack 674 comprising aphysical layer 670, TCP/IP layer 671, afinancial transaction protocol 672, and a POS application. - In this architecture, the two
POS applications services protocol layer 658 in the Terminal Adapter with the value addedservices protocol layer 663 in the Value Added Service Node 25. This type of modeling of protocol layers is well known in the art and indicates information that is transparently conveyed by a lower layer that provides services to the higher layers. The value added services layer typically is in communication with an internal management application executing in the Terminal Adapter and communicating with the NOC (not shown). This allows the value added services layer to respond to actions and events outside the direct scope of the value added services protocol itself. - For example, one service provided by the value added
services layer 658 is data reliability. The management process in the Terminal Adapter detects a failure in the primary communication path from the backend of the Terminal Adapter. The failure detected on the backend of the primary network interface can be any type of failure in the Ethernet physical layer 660 (assuming Ethernet access for the primary communication path), the TCP/IP layer 659, the addedservices layer 658, or the PPP layer 666 (assuming dial-up access is used for the primary communication path). For example, a physical cut in the Ethernet would result in a loss of electrical signals at thephysical layer 660. A physical cable cut would also result in a failure at the TCP/IP layer 659, since no frames could be transmitted. Other failures could be solely at the TCP/IP layer, such as the failure to resolve an address request (e.g., URL), or failure to receive a response at the TCP/IP level. A failure at the addedservices layer 658 could occur if there was a catastrophic failure of the Services Node 25, which would leave the lower layers functional from the Terminal Adapter's perspective. For whatever reason a failure is detected, the management process, directs the value addedservices layer 658 to establish secondary communication, redirects any subsequently received terminal transaction requests to the secondary communication path, and resumes the transaction processing. During a failure on the primary communication path, the Terminal Adapter returns an error to the terminal (which depends on the terminal interface). Typically, the terminal reattempts initiating the transactions and the Terminal Adapter typically has established the secondary communication path by this time. - Another service provided by the Terminal Adapter's value added
services layer 658 in conjunction with the Value Added Services Node 25 may be service discovery and transaction synchronization. Service discovery allows the Terminal Adapter to obtain addresses used to then discover the locations of the appropriate host to which transactions are directed. In this embodiment, an address and port location is provided to address transactions, but other addressing information could be used in other implementations. In conventional systems, theCard Reader 2 is typically programmed with a telephone number establishing a direct connection to a host. Thus, each terminal is programmed with a destination address of the Host. In the present system, the Terminal Adapter determines the appropriate Host to relay the financial transaction information based on information provided by theNetwork 33. Further services may include security features that involve a Terminal Adapter to first synchronize using a transaction counter prior to communication of transactions. Further, the Terminal Adapter may identify itself using a unique programmed identification number to theNetwork 33. Finally, the Terminal Adapter may authenticate itself using a Message Digest. These activities ensure that Network is communicating with a known, trusted entity in a coordinated manner. - The Terminal Adapter may also provide some value added functions separate from the data transfer capabilities of the value added service layer. These can be viewed as management oriented functions and augment the functionality of the Terminal Adapter. For example, automatic configuration of the transaction protocol used by the
card reader 2 allows a variety of terminals to interface with the Terminal Adapter. Thecard readers 2 are typically programmed with a pre-defined credit card authorization protocol, such as Visa-II, and rely on the recipient (typically the host, via the PSTN) to know, a priori, which protocol is used. TheTerminal Adapter 14 can work with a variety of terminals and is programmed to automatically detect and determine which financial protocol to use and the address to which the transaction is to be directed. Thus, the auto configuration capability provides a versatile Terminal Adapter. - Finally, the value added services layer in conjunction with the management application handles the downloading of new software and parameters. This ensures that when new value added network services are deployed requiring a corresponding enhancement in the software in the Terminal Adapter, this can be accomplished without having to physically replace the Terminal Adapter, replace an EPROM chip, or otherwise require manual intervention. This function allows the Network to remotely write parameters to the Terminal Adapter and maintain status information as well.
- Hardware Overview
- One embodiment of the principles of the current invention is illustrated in
FIG. 7 , which discloses the hardware configuration of theTerminal Adapter 14. The Terminal Adapter is comprised of various readily available integrated circuits. Turning toFIG. 7 , theTerminal Adapter 700 comprises a ‘front end’ 706, which refers to the terminal interfaces and users inputs/outputs, as well as a ‘back end’ 708, which refers to the network interfaces. - The Terminal Adapter uses a
microprocessor 702 as the main controller. Although the embodiment discloses a microprocessor, other variations such as single chip microcomputers or programmable controllers could be used. The microprocessor uses an Input/Output bus to control the various ‘front end’ interfaces. These may include a series ofLED indicators 710 that indicates the overall status of the Terminal Adapter, network interface status, and terminal interface status. Alternatively, LCD or other types of displays or visual indicators may be used to reflect the status, using, for example, text or icons. The status indicators indicate whether the primary or secondary network interface is currently in use, modem carriers status, and other diagnostic related indicators. - The Console RS-232
interface 712 allows a local terminal to connect to the Terminal Adapter and facilitates programming the Terminal Adapter, indicating configuration changes, performing management functions, etc. The fourPOTS interfaces 714 are used to interface to the terminals using a standard RJ-11 telephone connector. - The microprocessor I/O bus also communicates with the network interfaces 708. This typically is the same I/O bus as used for communicating with the terminal interfaces, but it is represented as two separate busses for clarity. The network interfaces may comprise an
Ethernet Interface 724, which uses a standard 10BaseT protocol, and this is used to convey the primary communication path. The Terminal Adapter may also incorporate another POTS interface 722 for conveying the secondary communication path as a backup network interface. In one embodiment, theEthernet interface 724 may be optional as thetelephone interface 722 may be used for conveying both the primary and secondary communication paths. Regardless of the configuration, the network interface provides connectivity for both the primary and secondary communication paths. - The
microprocessor 702 also communicates with memory in the form ofRAM 716,ROM 718, and non-volatile RAM 720 (e.g., ‘flash memory’). In other embodiments, the ROM and limited RAM could be integrated in the microprocessor as commonly embodied with single chip microcomputers. - Finally, a
power supply 704 is present and this may incorporate a battery backup for saving data in the case of a temporary power outage. Awatchdog timer 726 may be incorporated for resetting the Terminal Adapter in case of a lockup. A ManualReset push button 728 provides another form for resetting the Terminal Adapter. - Software Overview
- The software components associated with the hardware components are illustrated in
FIG. 8 . The software architecture of thesystem 800 involves a real-time operating system 802 interacting with a TCP/IP protocol stack 804, value addedservices 832 and a transaction protocol handler, which in this embodiment, comprises theVISA terminal interface 844. - The TCP/IP stack comprises various well-known protocol handlers, such as PPPoE (point-to-point protocol over Ethernet) 806, PPP (point-to-point protocol) 808, and DHCP (dynamic host configuration protocol) 810. In addition, the IP (Internet protocol), ICMP (Internet control message protocol), and DNS (domain name server)
protocols 812 are present, as well as the UDP/TCP (user datagram protocol/transmission control protocol) 814, and the 802.3Ethernet drivers 818. - The TCP/
IP stack 804 interacts with theNetwork Interface Card 826 that is the primary network interface using theEthernet transceiver 828 that connects to an RJ-45connector 830. The TCP/IP stack 804 also interacts with the secondary network interact 820 that incorporates amodem driver 822 connected to an RJ-11connector 824. - The Real
Time Operating System 802 also interacts with various Value AddedServices 832 that may be implemented via modules for conveyingpayload data 836, encryptingdata 834, exchangingsecurity keys 838, downloadingsoftware 840, and effectingservice discovery 842. - Finally, the Real
Time Operating System 802 also interacts with theTerminal Interface 844 comprising the software modules for afinancial protocol handler 846,character handler 848, andmodem handler 850. TheTerminal Interface 844 then interacts with aPOS interface 852 that multiplexes and formats the data to a modem standard 854 to one of the four RJ-11connectors 856. -
FIGS. 7 and 8 illustrate the principles of the current invention as embodied in a Terminal Adapter, but other embodiments exist. As previously indicated, theTerminal Adapter 14 is involved with communication with theNetwork 33, specifically the Nodes 25 or in other cases, indirectly with the NOC. Thus, the Nodes embody the inventive principles as well. The Nodes can be computer servers with large amounts of memory, parallel processing, and hundreds of I/O ports and operating using a variety of operating systems, including UNIX, Linux, and Windows. The associated hardware and software structure may vary from that disclosed inFIGS. 7 and 8 . - Another embodiment is a variation of the
Terminal Adapter 14 based on a personal computer. While the Terminal Adapter embodied inFIGS. 7 and 8 is a special purpose computer equipped with special purpose application software, a general-purpose personal computer could have software installed for accomplishing the same functions. Personal computers frequently incorporate many of the hardware and software components illustrated inFIGS. 7 and 8 and commonly incorporate a modem and/or an Ethernet Network Interface Card (NIC) for providing Internet access. The personal computer would similarly implement PPPoE or DHCP for Internet access over the Ethernet, and PPP over a dial-up connection to an ISP using the modem. Further, many of the software capabilities (e.g., the TCP/IP stack and modem interfaces) are already present in Internet enabled personal computers. These frequently use a Microsoft Windows™ operating system, providing a well-known software platform for software development. Although a PC is a common embodiment for the Terminal Adapter functions, other embodiments are possible, such as installing the software in a minicomputer, or a server associated with a client-server implementation, where the server utilizes other operating systems, such as UNIX™ or LINUX™. - Another embodiment is possible where the personal computer is configured solely with a modem and dial-up capabilities, without Internet access. In this case, the connectivity from the personal computer uses a telephone line for both the primary and secondary communication means, but a different ISP is used and/or Client Node may be involved when dialing a secondary telephone number.
- The software for such an embodiment may be loaded into the memory of the personal computer, including downloading the software from a web site on the Internet or uploading the application from a removable media (e.g., floppy disk, tape, CD, etc.).
- In yet another embodiment, an API (application programming interface) library is provided allowing a third party to develop a system incorporating the value added functions according to the principles of the present invention. In this instance, the capabilities of the application are defined by the developer and loaded for execution on the PC.
- The flexibility of the above embodiments is illustrated in
FIG. 9 with respect to how various value added functions can be developed. InFIG. 9A , two embodiments illustrate how PC currently can access the Internet via an Ethernet and/or a dial-up connection. Specifically, inAlternative 1 900, the PC is executing aPOS application 902 that uses the services of theOperation System 904. The Operating System may be any of the common operating systems found on PCs. In turn, theOperating System 904 uses devices drivers to interact with hardware interfaces. Onedevice driver 906 allows interaction with amodem 910 that connects to atelephone line 916 as is well known in the art. Theother device driver 908 interacts with a Network Interface Card (NIC) that is connected to anEthernet 914. - An alternative embodiment is illustrated in
Alternative 2 920 that similarly incorporates aPOS application 902,Operating System 904, anddevice drivers device driver 924 interacts with a serial RS-232 interface connected to amodem 930. Theother device driver 926 interacts with a USB (Universal Serial Bus) connected to aNIC 928. In this embodiment, the hardware for interacting with the Ethernet and telephone line are external to the PC and connect via well know serial interfaces. - These systems can be readily adapted by loading appropriate software (i.e., a “softmodem”) to incorporate some of the functionality of the Terminal Adapter. This allows the hardware of an existing PC configuration to be adapted to interact with the Network to receive the value added services. In
FIG. 9B , one embodiment is illustrated whereby the modem and NIC are integrated into the PC (corresponding toAlternative 1 900 ofFIG. 9A ). - In
FIG. 9B , thePC 900 still incorporates thesame POS application 902 andOperating System 904. Minimal changes, if any, are required to use thesoftware enhancement 956. Once thesoftmodem 956 is loaded, it creates a virtual serial port that receives and sends data to the POS application and Operating System. In essence, the POS application sends data to the software as if it were another serial interface as illustrated vialogical path 950. The softmodem recognizes various modem commands and data, and after processing, uses the Operating System to interact with the device drivers. Specifically, the softmodem interacts via alogical path 952 with thedevice driver 906 connected to theinternal modem 910 and interacts via alogical path 954 with thedevice driver 908 connected to theNIC 912. Themodem 910 andNIC 912 are connected to atelephone line 916 andEthernet 914 respectively. In this manner, the softmodem can use theNIC 912 for conveying a primary communication path using the Ethernet and themodem 910 for conveying a secondary communication path using the telephone line. - An alternative embodiment utilizing a softmodem is feasible even if the PC only has an integrated modem, without a NIC accessing an Ethernet. Similar to the Terminal Adapter having only a telephone interface as a network connection, the PC softmodem can still initiate a secondary communication path using the modem to dial a second telephone number. One advantage of this embodiment is that value added services of the Network can be gained by adapting existing PCs without requiring additional hardware. Some of the above value added services are now examined in detail as they pertain to the Terminal Adapter embodiment. As indicated above, the principles of the present inventions are not limited to the Terminal Adapter embodiment.
- Secondary Communication Path
- The switch from the primary communication path to a secondary communication path is illustrated in
FIG. 10 . Specifically,FIG. 10 illustrates a flowchart depicting detecting an error associated with the primary communication path, switching to a secondary communication path, and restoring the primary communication path upon determination that the primary communication path is functioning. - In
FIG. 10 , the process starts atstep 1000. The Terminal Adapter is processing transactions normally using the primary communication path associated with the Ethernet based network interface atstep 1002. The system monitors for failures, errors, or anomalies associated with the primary communication path atstep 1004. The errors may be of different types. For example, an error could occur at the financialtransaction protocol level 1006 as a result of incorrect structure or data. The error could be based at the TCP/IP level 1008 as a result of a failure to receive a response to a message. The error could be based on aphysical layer error 1010 as a result of a cut cable. Obviously, a cut cable may trigger errors at other layers. For whatever reason the data cannot be reliably transmitted, the system flow controls theterminals 1012 while it determines whether the secondary communication path is configured 1014. If not, then no further action can be taken 1018. However, under normal conditions, there will be configuration data in the parameter file to configure the secondary communication path. The system retrieves the data, including thetelephone number 1016 and originates a secondary communication path using the PPP protocol over a dial-uptelephone connection 1020. Once established, the terminal transaction processing can resume 1022. The system also indicates the communication path status via thefront panel LEDs 1024 indicating the secondary communication path is active. - The sending of transactions using the secondary communication path is accomplished by altering the routing table for the IP address used to send the transaction. In normal operation, the Terminal Adapter routes the IP address to send a transaction over the primary communication path using the Ethernet network interface (in the embodiment where there are two network interfaces) using the PPPoE or DHCP protocol. Rerouting is accomplished by ‘pointing’ an IP address to the secondary communication path using the telephone based network interface and the PPP protocol.
- The system periodically monitors the condition that triggered the switchover at
step 1026. This typically involves sending a ‘probe’ message over the primary communication path using the Ethernet based network interface. The system has more than one IP address that it obtained via service discovery. While one address is used for transaction processing, the other is used to probe the primary connection. The probe is accomplished by setting up internal TCP/IP tables (ARP and routes) so that probe messages destined for an address not currently used for transaction processing are routed to the primary (Ethernet) interface. - Based on the response or lack thereof from a probe message, the Terminal Adapter may determine that transaction processing should continue at
step 1022 using the secondary communication path. If however atstep 1026, it is determined that the primary communication path has been restored and is reliable, the transactions are moved to the primary communication path atstep 1028 by ‘repointing’ the IP address to route the data over the Ethernet based network interface. The secondary communication path using the telephone connection can then be terminated 1030 and the probe messaging can be terminated. - In this manner, the Terminal Adapter can provide reliable, redundant transaction processing when a failure occurs associated with the primary communication path.
-
FIG. 11 illustrates the protocol structure when the Terminal Adapter is using the secondary communication path. The communication between the card reader and the Terminal Adapter is not directly impacted. Thus, the protocol stack in thecard reader 1170 interacts with the peer protocol stack in theTerminal Adapter 1175 in the same manner as normal operation (seeFIG. 6 ). Similarly, the interaction of the peer protocol stacks in theNode 1187 and the FinancialTransaction Processor Host 1189 is the same. The main difference during use of the secondary communication path is in the communication between the back end of the Terminal Adaptor and the Value Added Client/Services Node (specifically, the left protocol stack of the Node representing the Client Node inFIG. 11 ). - When the Terminal Adapter receives a message from a terminal, the message is passed down through the value added
services layer 1177 via the TCP/IP layer 1178, but now uses a PPP connection over atelephone layer 1179. Because the secondary communication path is a telephone (dial-up)connection 1180, PPP is used since it is a common method of conveying TCP/IP over a dial-up connection. The telephone connection interacts with the telephone network to complete the call to an ISP. The telephone network and ISP are shown as a combinedentity 1181, though those skilled in the art will realize that there is a conversion at some point from aphysical telephone connection 1180 to another type ofphysical connection 1182. This conversion is performed transparently to the Node, and the only requirement is that thephysical layer 1183 in the Node corresponds to the protocol used by theInternet provider 1181. Once the message is in the Node, the information flows up from thephysical layer 1183 to the TCP/IP layer 1184, but in this case the PPP protocol is not likely to be used, since it is not likely that a dial-up connection is used between the Node and the Internet. The addedservices layer 1185 ensures that transactions are seamlessly continued using the secondary communication path using the aforementioned security, authentication, and encryption procedures. The data is relayed to the financialtransaction protocol layer 1186 where it continues on its way to the Host. - In this situation, the Services Node (again represented as a combined Client/Service Node) may be a physically different node than used in conjunction with the primary communication. Further, the Client Node may detect the existence of a new connection and notify the NOC of the situation. In this manner, the NOC is able to detect when a given Terminal Adapter is operating in backup mode. Additionally, different or additional Core Nodes may be used to route the Transaction to the Host.
- At this point, the Terminal Adapter indicates the change in status of the primary communication path operation via LEDs or other form of visual indications. LEDs are one embodiment for providing users with a visual indication of the status of the primary and/or secondary communication path. The terminal also updates a status indication associated with each communication path. This status indication may be used by the Terminal Adapter to direct transactions to the primary or secondary communication path.
- During the time in which the secondary communication path is utilized the Terminal Adapter is also sending ‘probe’ messages over the primary communication path to determine whether the connection is available. The criteria used to determine whether it is available may vary. For example, the Terminal Adapter may have an error counter within a moving window for determining that the primary communication path is unacceptable for conveying transactions. In this situation, the probe messages may result in responses that are monitored for errors. Alternatively, the error causing the switchover may be a total lack of operation on the primary path and any response to a probe message may indicate that the primary communication path is available. Once the primary path is restored, the Terminal Adapter communicates the transaction using the primary communication path and the secondary path is terminated. The change in status is reflected in the LEDs and internal tables as appropriate.
- In some installations, the Terminal Adapter may access the Network with the primary communication path associated with a dial-up network connection. In this case, there is still a form of secondary communication path, but this relies on a dial-up connection using the same telephone line, but to a different telephone number. In this circumstance, the secondary communication path does not provide communication when certain faults occur (e.g., a cut telephone line). However, faults frequently occur in the ISP and are more likely than a failure of the telephone line or telephone network. In this situation, an alternative dial-up connection can be established to an alternative access point of the same ISP or to an alternative ISP. In this manner, when the Terminal Adapter dials a second back up telephone number, it bypasses the original fault. This could result in an alternative Client Node serving the Terminal Adapter. Another embodiment involves the Terminal Adapter establishing a direct dial-up connection to the Client Node.
- When dial-up is used for both primary and secondary communication paths (i.e., the primary and second communication paths use a common network interface), the Terminal Adapter is unable to determine when the primary communication path is restored. This is because the ‘probe’ messages cannot be sent out, since the phone line is dedicated for backup access.
- The NOC becomes aware when the Terminal Adapter is operating using the secondary communication path, and monitors the various conditions, including the event causing switchover on behalf of the Terminal Adapter. For example, if a link between the ISP and Client Node fails, the Terminal would switch to the secondary communication path, bypassing the failed link. The NOC is aware of the link failure, and when the link is restored, the NOC directs the Terminal Adapter to terminate the secondary communication path and reinitiate communication using the primary communication path. There are a variety of techniques for effecting NOC to Terminal Adapter communication and one approach involves using the capabilities of downloading new configuration parameters and code discussed herein.
- Automatic Protocol Configuration
-
FIG. 12A illustrates one embodiment of the Terminal Adapter determining the appropriate protocol to use for a given terminal and the host to which the transaction should be sent. Terminals may use a variety of protocols, but typically use an industry standard or proprietary protocol for card authorizations. Common industry protocols include VISA-I and VISA-II for card readers and ATM machines, as well as internationally recognized protocols, such as ISO 8583. - At a high level, two techniques are generally relevant to determining the terminal protocol, the appropriate transaction type message, and the service name (address) associated with the transaction. These techniques are parsing and telephone number mapping. How these are used, depend in part, on the Host capabilities. Specifically, some Hosts may only recognize simple transaction types. In this case, each terminal accessing that Host is presumed to only require simple transaction type messages. Consequently, every message is mapped to a simple transaction message once the destination host is determined. Other Hosts may recognize and require both simple and session transactions. In this case, the Terminal Adapter must select the appropriate transaction request message when conveying a terminal transaction. Since most transactions are of the simple type, the Terminal Adapter in some instances presumes simple transactions are used, unless exception processing indicates a session transaction should be used.
- In one embodiment, the Terminal Adapter and Host only sends/accepts simple transactions. The Terminal Adapter only has to recognize the protocol type (e.g., VISA-I or VISA-II) and the destination Host. One method for the Terminal Adapter to determine the protocol used by the Terminal is based on the telephone number dialed by the terminal. For example, in
FIG. 12A , thecard reader 2 is programmed to dial a defined number. The Terminal Adapter processes the dialed number using table 1290. Table 1290 contains acolumn 1291 for each defined telephone number, a column for the associatedprotocol type 1224 and a column for theappropriate service name 1293. In this example, a geographical area may be served by two host processors as identified by the names ‘fubar.1’ and ‘fubar.2’. Each service name can be associated with either the VISA-I or the VISA-II protocol. Thus, there are fourtelephone numbers - The Terminal Adapter must still parse the message to extract the relevant information and copy this into a simple transaction request message. This message is sent to the Client Node in the Network using routing tables to route the message to a specific Service Node. In this manner, the Terminal Adapter can easily automatically configure itself to use the appropriate protocol and select a host on the dialed number. Once at the Service Node, the transaction is then routed to the appropriate Host.
- Another method wherein the Terminal Adapter determines the appropriate Terminal protocol is illustrated in
FIG. 12B . This method is based on defined parsing rules and presumes the terminal and host can send/receive either simple transactions or session transactions. Typically, the vast majority of transactions are simple transactions with only a few instances requiring session transactions. When a terminal establishes a connection with the Terminal Adapter (e.g., dials a telephone number and an active connection is established), theTerminal Adapter 14 sends an “ENQ” orEnquiry message 1298 to the Terminal. The Terminal will respond by sending amessage 1299 that includes a predefined ASCII string. Based on the type of protocol implemented in the terminal, the message string will have certain characteristics. For example, the message string will be one of several lengths with certain values at the beginning and/or end. For example, one rule is: - (STARTS-WITH(“T.”) OR STARTS-WITH(“E.”)) AND LEN(32) AND ENDS-WITH(“98”).
This rule examines the message from the terminal and determines the starting ASCII character, the length, and the last two characters. If the conditions match, then a table lookup indicates the protocol type, message type, and host address. In this case, the Terminal Adapter maps a message starting with an ASCII “T.” or “E.” that is 32 bytes long and ends with an ASCII “98” to a Session Initiatetransaction request message 1289 using the “fubar.1” service name. This requires the Terminal Adapter to implement more sophisticated parsing rules to recognize every type of message for every type of protocol that can be received. One approach to simplify the parsing rules is to presume every terminal message maps to a simple transaction type unless the format indicates otherwise in some manner. In this case, exception processing can be used to simplify the parsing rules. -
FIG. 12C illustrates the processing of the parsing rules of one embodiment in further detail. The process starts instep 1220 with retrieving the parsing rules 1221. There are rules to recognize various messages, and a first rule is selected instep 1222. The start of the string is tested forvalidity 1224 and if no match, the next rule is applied 1225 and the process starts over. Otherwise, the end of the string is tested forvalidity 1226 and if so, it is tested for amatch 1227. If no match, then the next rule is applied 1225 and the process repeats. Otherwise, the length is tested forvalidity 1228 and if a match occurs 1229, then the message is recognized 1231 and the process is completed 1233, otherwise the next rule is applied 1225 and the process repeats. If no matches occur or the string is found invalid, and there are nomore rules 1230, then the message is not recognized 1232 and an error exists. The parsing for the string is completed atstep 1233. - While this approach requires a rule for every message, it does offer certain advantages over the telephone mapping approach. Specifically, it does not require administration of different telephone numbers in the card readers in order to direct transactions to different locations. However, using either technique, the Terminal Adapter can automatically recognize a plurality of protocols used by different terminals, and determine the appropriate message type and service host.
- Service Discovery, Parameter and Software Download
- The concepts of service discovery, parameter download, and software download are closely related. Service discovery is the process by which the terminal adapter discovers the IP addresses for Nodes that can provide further information, such as the parameter file. Parameter file downloading involves receiving a file containing configuration parameters. A configuration version number describes this file. The software download allows new software to be downloaded into the Terminal Adapter and uses address and other parameters obtained in the parameter file. All three procedures rely on the Terminal Adapter interacting with a Network, but with different degrees of autonomy.
- Downloading parameters or software into the Terminal Adapter facilitates remote correction of software bugs as well as software deployment to interact with new services with the Network. Terminal Adapters can be updated without requiring manual replacement of Terminal Adapters, or manual replacement of a portion of memory chips, such as one or more read-only-memory (ROM) chips in the Terminal Adapters, or manual loading of new software. Updating can be done remotely, at convenient times, with minimal cost and interruption in service. The updating of software is controlled in part by the NOC. The NOC is the portion of the Network that maintains tables associating each Terminal Adapter with its parameters.
- The Terminal Adapter boot software of one embodiment comprises two separate programs referred to as DLM (Download Program Manager) and DLP (Downloaded Program). The Terminal Adapter may be factory programmed with the DLM only, and the DLP may be downloaded from the Network after the Terminal Adapter is installed in the client's premises. The DLP is typically stored in non-volatile memory, but in case of a failure of the non-volatile memory, the hardcoded DLM allows recovery. In addition to the DLM, every Terminal Adapter is generally factory programmed with various parameters to allow it to initially connect to the Network. As previously discussed, these parameters typically include: the Terminal Adapter Identification Number, the secret or private encryption key, and the Configuration Service Name. These parameters (except for the Configuration Service Name) can be superceded by obtaining dynamically obtained values, though doing so does not erase the programmed values. For example, the Terminal Adapter knows that absent a dynamically obtained Service Name stored in non-volatile memory, the default, programmed value is to be used.
- The purpose of the DLM is to download and run the latest version of firmware (DLP) that is stored in non-volatile memory. The basic operation of the DLM of one embodiment is illustrated in
FIG. 13A and described in the following steps starting from a system reset or initial powering up. - In
FIG. 13A , the process begins with powering up theTerminal Adapter 1350, which is the same as resetting the unit. Upon the very first time of being powered up, there are no dynamic parameters stored in flash (non-volatile) memory. Thus, only the default programmed values exists. Using theService Discovery procedure 1352 and the default Configuration Service Name, the Terminal Adapter obtains at least one TCP/IP address for a Client Node to interact with. Instep 1353, a TCP connection is established using the Ethernet to access the Network, or using PPP over a dial-up telephone line. The Terminal Adapter is programmed with a default parameter file version (specifically, version zero, indicating a default parameter file is present and signifying that all the parameters are default values). Instep 1354, the Terminal Adapter fetches the parameter data from the Configuration Server. This is done by the Terminal Adapter (specifically, the DLM) indicating its parameter file version number to the Network, and the Network responding with a more recent version followed by the parameter file. The Network will only send the parameter data if the Terminal Adapter parameter file version is not the same as the version value stored in the server database. In this example, the Network knows that the version sent by the Terminal Adapter (version zero) indicates a default parameter is present in the Terminal Adapter, indicating that no prior parameter downloads have occurred. - If the Terminal Adapter already has the current version, the Network will return the same parameter file version number. This informs the Terminal Adapter that it has the latest parameter file and reduces unnecessary transmission of network data. If the Terminal Adapter previously had downloaded parameters, but these were corrupted, the parameters can be requested from the server by sending a version number zero in the packet. Any received data is saved to non-volatile flash memory in
step 1356. - Next, at
step 1358, the Terminal Adapter of this embodiment (using the DLM) checks the current DLP version indicated in the parameter file and compares it against the version that it is currently executing. It further checks to ensure the data is not corrupted (i.e., free from errors as detected by a cyclic redundancy check or similar mechanism). If present and uncorrupted, the DLM skips to executing the DLP application instep 1368, which then completes the process atstep 1370. If instead, the DLP version is not current, then step 1360 is performed to obtain the must current version. The Terminal Adapter retrieves an address from the parameter file and connects to the IP address for the purpose of performing a file transfer using FTP atstep 1360. The Terminal Adapter then downloads the more recent DLP program atstep 1362. If the download is not correct, atstep 1364, then it resets itself atstep 1366 and repeats the process. If the download is correct atstep 1364, then the new DLP program is executed atstep 1368 and the process is completed atstep 1370. - The DLP program is the main application program running on the Terminal Adapter and performs the financial transaction processing and interworking. It uses the same parameters (see
FIG. 13B ) as used by the DLM. The DLP can, however, have a different Service Name based on a dynamically obtained value, as the DLM process uses the value hard coded in the firmware. Advantageously, the DLP periodically checks if there is a more current parameter file, and if any parameters have changed or a new DLP is needed, the DLP performs a reset and the process repeats as described above. Thus, the DLM only performs one parameter file fetch, obtains the DLP, and then executes the DLP. The DLP then periodically performs the parameter file fetch. Only if the DLP resets the Terminal Adapter does the DLM execute itself. However, in this case, the DLM will observer that various dynamically assigned parameters are present in flash memory and it will utilize those values over the embedded values, skipping some of the above identified steps. - Thus, obtaining new parameters and new application code are closely related, but the capability exists to download new parameters without having to download new application code. Once the DLP is executing, it will periodically check with the Network to determine whether it has the most current parameter file version. The Network responds by downloading a new parameter file when a newer parameter version is appropriate. One parameter in the file is an indication of a new DLP, which triggers the DLP to initiate a file transfer. In this manner, the Network can control the loading of new parameters and software.
- The contents of the parameter file of one embodiment are illustrated in
FIG. 13B . The first parameter in the file isConfiguration Version 1300. This value indicates the current parameter file version the Terminal Adapter should have stored in memory. This could incorporate a timestamp to signify the last version obtained. The Terminal Adapter periodically queries the Network as to what is the current version that the Terminal Adapter should be executing. If the Network requires downloading a new parameter file, it returns the current version present in the Terminal Adapter. Otherwise, the NOC returns a more recent parameter file version value as well as the full parameter file. In addition, the NOC can append management commands to control the Terminal Adapter indicating it to reset or switch communication paths. - The frequency with which the Terminal Adapter checks the
Configuration Version 1300 is determined by the Configuration FetchInterval 1301, typically expressed in seconds. This parameter is set to have the Terminal Adapter check its parameter file version every hour or so, although greater or lesser time intervals may be used. Because the downloading of new code suspends the normal operation of the Terminal Adapter, the Terminal Adapter may forego a periodic download, particularly if there are financial transactions underway. The “Maximum Skip Configuration Register” 1302 indicates the maximum number of times the Terminal Adapter may skip requesting the current parameter version. This value should not be exceeded by the Terminal Adapter regardless of the number of pending transactions. - The periodic checking for a new parameter file version also functions as a ‘heartbeat’ indication from the Terminal Adapter to the Network. The Node receiving the parameter file request forwards the indication to the NOC, allowing the NOC to update its status tables for that Terminal Adapter. Thus, the receipt of a parameter file request by a Terminal Adapter indicates to the NOC that the Terminal Adapter is functioning. If the terminal has not requested its current parameter file version and the maximum skip interval is exceeded and has not initiated any transactions, then the NOC knows the Terminal Adapter is not functioning. In such a situation, the NOC can initiate another process, such as issuing a notification to a predefined destination in a predefined manner for that Terminal Adapter. For example, the notification may be an e-mail to a network administrator associated with the business entity operating the Terminal Adapter identifying the malfunctioning Terminal Adapter. Alternatively, the NOC could initiate a page, a pre-recorded telephone call, or send an alarm message to a system, file, terminal or printer in the NOC. In this manner, the NOC can proactively react to a non-functioning Terminal Adapter. Similarly, the Network may also monitor transaction usage, errors, or other conditions and report these to the NOC, which initiates a similar notification.
- If software download is required based on an updated binary image name (DLP version number), the Terminal Adapter will initiate the request using File Transfer Protocol (FTP), a well known means for transferring files over the Internet. The address for making the request is obtained from the parameter file as well as required identification and security information. The
FTP information 1330 comprises a URL, Port number, User Name, and Password. - The User Name identifies the Terminal Adapter, and an alternative embodiment could use the Terminal Adapter Identification Number. The Password data authenticates the user as being authorized to receive the binary DLP file.
- Since FTP information is transferred without being encrypted using a TCP/IP connection to the Terminal Adapter, other embodiments are disclosed providing greater security. One approach is to communicate a ‘challenge’ based on a random value to the Terminal Adapter. The Terminal Adapter concatenates the challenge value with its secret key and computes a Message Digest 5 value to determine a password. The Terminal Adapter sends this value to the Network that has compared a similar value based on the Network's knowledge of the Terminal Adapter's secret key. If the two values match, the Terminal Adapter is authenticated.
- Another variation to ensure secure file transfer is to use the secure data transfer service of the Network. Specifically, a Session Transaction is used to communicate the file in an encrypted manner. The Terminal Adapter and Network use the same encryption methods as for passing transactions originating from a terminal to a host. Various authentication and encryption schemes can be used to effect the file transfer to an authenticated Terminal Adapter, such as using secure FTP procedures.
- The parameter file of
FIG. 13B also includes other parameters, includingcommunication parameter information 1303,binary file characteristics 1304,service discovery information 1305,primary communication information 1307, andbackup communication information 1309. Thecommunication parameters 1303 indicate the type of ‘backend’ interface currently used by the Terminal Adapter (e.g., Ethernet, secondary ISP, etc.). This value is included by the Terminal Adapter with every parameter file fetch request and indicates to the Network the current network interface used by the Terminal Adapter. In this manner, the Network is able to monitor the communication path status of each Terminal Adapter. - Other information includes the binary image file (DLP program)
characteristics 1304 including the name, size and error checking information that the Terminal Adapter should be currently using. TheService Discovery information 1305 indicates to the Terminal Adapter where terminal transactions should be directed to, typically in the form of a URL. In turn, the Client Node in the Network maps the host name to a URL, which in turn is resolved using the DNS service into an IP address. In this manner, the actual IP addresses are ‘hidden’ from the Terminal Adapter, allowing Network changes in address to transparently occur. This could be similarly accomplished by providing the Terminal Adapter a URL, but if the terminal indicated a single URL, then all traffic would be routed to that single point of interconnection. Since the Client Node maps the service to a URL, the Client Node may select one of several URLs based on geographic location, load capacity (e.g., transaction processing capacity), or other network management aspects. In this manner, diverse Host processors connected to separate Service Nodes may be used to provide seamless transaction services to the Terminal Adapter. Further, this approach never ‘exposes’ the host network addresses and thus provides added security and flexibility. - The parameter file also contains primary
communication path information 1307 including the telephone number of the primary ISP and any associated modem commands (this is only required if primary access is via dial-up), identification and password information. Additional control information regarding the PPP settings is included. Similarly, secondary or backupcommunication path information 1309 is provided. - Illustration of Operation
- The overall operation of the system is illustrated in
FIG. 14 , which is one embodiment and illustrates a subset of the elements that may be involved during normal operation. - A
card reader 2 is plugged into aTerminal Adapter 14 wherein the Terminal Adapter has access to theInternet 26 via aprimary communication interface 16. The Terminal Adapter also has asecondary communication interface 22 using aPOTS telephone line 19 a connected to theTelephone Network 24. The Terminal Adapter is powered on and determines that it does not have a current application program loaded. It examines its default Service Discovery Address information, which is programmed into the Terminal Adapter at time of manufacture, and it uses this information to fetch an updated Service Discovery Address. The Terminal Adapter then uses this information to synchronize and authenticate itself to the Network. After this has occurred, it uses a simple transaction to obtain a dynamically determined service name that it queries to obtain a current parameter file setting. One parameter in the file indicates the current software code that should be present and the Terminal Adapter determines whether it should initiate a file transfer to obtain the current software. It then downloads the information using the FTP address information in the parameter file. - Once this is accomplished, the Terminal Adapter is prepared to handle terminal transactions. It synchronizes its transaction counter (if required) with the
Client Node 25 a and is authenticated by the Client Node using the aforementioned techniques. The authentication procedures also provide a session token to the Terminal Adapter allowing proper encrypting and decrypting of transactional information. Once completed, the Terminal Adapter is ready to process transactions from theCard Reader 2. - In this illustration, upon detecting a card swipe, the
Card Reader 2 initiates a phone call and the Terminal Adapter emulates the necessary telephone signals so that a connection is established between the card reader and Terminal Adapter. From the card reader's perspective, it appears to have established a telephone call. The Terminal Adapter queries the Card Reader using an ENQ (e.g., ASCII ENQ character) message to solicit a response message. Upon receipt of the response message, the Terminal Adapter parses the message and selects the appropriate protocol for interacting with the Card Reader. The Terminal Adapter also selects an appropriate service name that identifies a destination Host processor and transaction type, which is a simple transaction type in this illustration. - Continuing the illustration, the Terminal Adapter maps the transaction to a simple transaction protocol on an established TCP/IP connection and sends the message to the
Client Node 25 a. The Client Node processes the transaction to ensure that the transaction is allowed, synchronized, authorized, error free, and determines the appropriate Node to which to forward the request to. This decision is based on the host name selected by the Terminal Adapter in the simple transaction protocol. The Client Node selects a route to forward the transaction based on, in part, the service name, link capacity, configuration, and processor loading. Assuming it is forwarded directly to aService Node 25 b, theService Node 25 b then forwards the transaction to theFinancial Transaction Processor 36 according to the protocol used to interconnect theHost 36 and theService Node 25 b. The Host and Service Node are directly connected via aprivate line 34. The message typically is decrypted prior to communication to the Host. The Host receives the card authorization request, responds, and the response is returned to the Service Node that typically encrypts the information and routes the response back to theClient Node 25 a, then to theTerminal Adapter 14, and then thecard reader 2. This illustrates some aspects of a normal card authorization procedure. - Assuming now a failure associated with the Internet access on the primary communication path using the primary network interface 16 (e.g., the connection has broken), the Terminal Adapter recognizes the failure by various means (e.g., lack of response at TCP/IP layer or loss of electrical signals at the physical layer). The Terminal Adapter retrieves the secondary communication path parameters from its parameter file in non-volatile memory, and initiates a dial-up connection to the ISP using the telephone number as well as appropriate identification and password information. Referencing
FIG. 14 , the dial-up connection travels from thetelephone line 19 a through thetelephone network 24 and then via analternative connection 19 b to theClient Node 25 a. The Client Node reached may be the same or different from the one previously associated with the primary communication path. The Terminal Adapter must resynchronize the transaction counter, identify and authenticate itself before proceeding with transaction processing. The Terminal Adapter also updates its internal communication path status table and LED status indicators accordingly. Since the Client Node is aware of the establishment of the secondary communication path, it notifies theNOC 29 of the failure. The NOC then updates its status tables and then notifies the appropriate systems and/or personnel that the primary connection has malfunctioned. - Periodically, the Terminal Adapter sends a ‘probe’ message over the Ethernet interface using the primary communication path to determine if it is functional. In this illustration, the Terminal Adapter uses an Ethernet access to the Internet in conjunction with the primary communication path and dial-up access to the Internet in conjunction with the secondary communication path. Because separate physical access methods are used, the Terminal Adapter can send a ‘probe’ message to determine whether Internet access using the Ethernet access approach is restored while using the dial-up access for completing transactions.
- This scheme must be modified if a single telephone line is used to establish a first connection using a first telephone number for the primary communication path and a second connection using a second telephone number for the secondary communication path. That is because the primary communication path cannot convey a probe message while the telephone line is used to support the secondary communication line. Of course, more sophisticated telephony services such as ISDN allow two connections to exist on one telephone line, as do other telephony based services. Typically, only one communication path can be operational using a single telephone line and the NOC will indicate in response to a parameter file version request that the problem causing the primary communication path to be inoperable has been corrected and that the Terminal Adapter should switch back to using the primary communication path.
- If a response is received on the primary communication path access using the Ethernet, this indicates the communication path is restored. The Terminal Adapter switches back to conveying transactions on the primary connection. Of course, prior to conveying transaction requests, the Terminal Adapter must first synchronize and authenticate itself on the primary communication path. Correspondingly, the NOC is aware of when the switchback occurs. The Terminal Adapter also updates its communication status visually using LEDs, in order to facilitate local diagnosing of communication status. The Terminal Adapter updates its operational status tables regarding the primary and secondary communication paths.
- Periodically, the
Terminal Adapter 14 requests from theClient Node 25 a what parameter file version it should be executing. This is accomplished using a simple transaction request message that includes the Terminal Adapter's identification number and communication path status. The Client Node forwards this message to the NOC. As a result, the NOC is now aware of the operational status of the Terminal Adapter. The NOC responds to the Client Node with a parameter file version number, and the Client Node forwards the parameter file version number to the Terminal Adapter. Assuming that the version number in the response matches the version number in the Terminal Adapter, the Terminal Adapter continues operating normally. If the NOC responded with a newer version number, it would indicate that at least one parameter in the file had changes and would send the parameter file as well. The Terminal Adapter would examine the parameter file, and if the DLP binary image name was different, the Terminal Adapter would fetch the current software, load it, and then execute it. - In this manner, the Terminal Adapter is able to automatically interconnect a variety of Terminal Types, which may implement various protocols based on the destination host. The Terminal Adapter in conjunction with the Network ensures a reliable and secure communication capability is provided between the Terminal and Host. Should the primary communication path fail, the Terminal Adapter uses a secondary communication path, and automatically restores the primary communication path when available. The NOC is aware of the operational status of each Terminal Adapter, and provides alarm notifications as appropriate. Further, by the Client Node mapping the service name associated with transaction requests to a particular Service Node, the Network is able to route traffic to a selected Host based on various conditions. In this manner, the Terminal Adapter operating in conjunction with the Nodes 25 is able to provide a versatile and flexible transaction oriented network service.
- Many modifications and other embodiments of the inventions set forth herein will come to mind to one skilled in the art to which these inventions pertain having the benefit of the teachings presented in the foregoing descriptions and the associated drawings. Therefore, it is to be understood that the inventions are not to be limited to the specific embodiments disclosed and that modifications and other embodiments are intended to be included within the scope of the appended claims. Although specific terms are employed herein, they are used in a generic and descriptive sense only and not for purposes of limitation.
Claims (21)
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
US11/734,192 US20080027873A1 (en) | 2003-06-12 | 2007-04-11 | Terminal adapter for atms |
Applications Claiming Priority (3)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
US10/461,175 US7219149B2 (en) | 2003-06-12 | 2003-06-12 | Versatile terminal adapter and network for transaction processing |
US10/613,129 US7225253B2 (en) | 2003-06-12 | 2003-07-03 | Versatile network operations center and network for transaction processing |
US11/734,192 US20080027873A1 (en) | 2003-06-12 | 2007-04-11 | Terminal adapter for atms |
Related Parent Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
US10/613,129 Continuation US7225253B2 (en) | 2003-06-12 | 2003-07-03 | Versatile network operations center and network for transaction processing |
Publications (1)
Publication Number | Publication Date |
---|---|
US20080027873A1 true US20080027873A1 (en) | 2008-01-31 |
Family
ID=32655772
Family Applications (5)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
US10/461,175 Expired - Lifetime US7219149B2 (en) | 2002-08-14 | 2003-06-12 | Versatile terminal adapter and network for transaction processing |
US10/613,129 Expired - Lifetime US7225253B2 (en) | 2003-06-12 | 2003-07-03 | Versatile network operations center and network for transaction processing |
US11/734,223 Abandoned US20070237311A1 (en) | 2003-06-12 | 2007-04-11 | Network access model and methods |
US11/734,204 Expired - Fee Related US7873726B2 (en) | 2003-06-12 | 2007-04-11 | Versatile terminal adapter and network for transaction processing |
US11/734,192 Abandoned US20080027873A1 (en) | 2003-06-12 | 2007-04-11 | Terminal adapter for atms |
Family Applications Before (4)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
US10/461,175 Expired - Lifetime US7219149B2 (en) | 2002-08-14 | 2003-06-12 | Versatile terminal adapter and network for transaction processing |
US10/613,129 Expired - Lifetime US7225253B2 (en) | 2003-06-12 | 2003-07-03 | Versatile network operations center and network for transaction processing |
US11/734,223 Abandoned US20070237311A1 (en) | 2003-06-12 | 2007-04-11 | Network access model and methods |
US11/734,204 Expired - Fee Related US7873726B2 (en) | 2003-06-12 | 2007-04-11 | Versatile terminal adapter and network for transaction processing |
Country Status (3)
Country | Link |
---|---|
US (5) | US7219149B2 (en) |
CA (1) | CA2529319C (en) |
WO (1) | WO2004111961A1 (en) |
Cited By (7)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20080067238A1 (en) * | 1996-05-10 | 2008-03-20 | Barcelou David M | Automated transaction machine |
US20080105743A1 (en) * | 2003-12-02 | 2008-05-08 | Mills Kevin J | Y-adapter with embedded wireless port |
US20090144450A1 (en) * | 2007-11-29 | 2009-06-04 | Kiester W Scott | Synching multiple connected systems according to business policies |
WO2015148579A1 (en) * | 2014-03-24 | 2015-10-01 | Omalley Matthew | Systems and methods to manage traffic in a mobile network |
US10083483B2 (en) | 2013-01-09 | 2018-09-25 | Bank Of America Corporation | Actionable exception alerts |
CN111459915A (en) * | 2020-04-14 | 2020-07-28 | 南京工业大学 | Panoramic data opening method and system suitable for colleges and universities |
US20230368623A1 (en) * | 2021-02-03 | 2023-11-16 | Hyosung TNS Inc. | Communication method between host and devices in atm |
Families Citing this family (150)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20030167231A1 (en) * | 2002-03-04 | 2003-09-04 | First Data Corporation | Method and system for processing credit card payments |
US7219149B2 (en) * | 2003-06-12 | 2007-05-15 | Dw Holdings, Inc. | Versatile terminal adapter and network for transaction processing |
JP2004206463A (en) * | 2002-12-25 | 2004-07-22 | Sharp Corp | Remote maintenance system |
US7324512B2 (en) * | 2003-06-12 | 2008-01-29 | International Business Machines Corporation | MAC layer bridging of network frames between isolated and external networks |
US7167705B2 (en) * | 2003-06-27 | 2007-01-23 | Oracle International Corporation | Roaming across different access mechanisms and network technologies |
US7085838B2 (en) * | 2003-08-04 | 2006-08-01 | Sbc Knowledge Ventures, Lp | Communications system for identifying remote digital subscriber line (DSL) customer premises equipment (CPE) devices during a discovery phase |
US7165111B2 (en) | 2003-08-04 | 2007-01-16 | Sbc Knowledge Ventures, L.P. | System and method to identify devices employing point-to-point-over Ethernet encapsulation |
US7752550B2 (en) * | 2003-09-23 | 2010-07-06 | At&T Intellectual Property I, Lp | System and method for providing managed point to point services |
US7831519B2 (en) * | 2003-12-17 | 2010-11-09 | First Data Corporation | Methods and systems for electromagnetic initiation of secure transactions |
GB0329499D0 (en) * | 2003-12-19 | 2004-01-28 | Nokia Corp | Communication network |
US7566000B2 (en) * | 2004-02-17 | 2009-07-28 | Walgreen Co. | Method and system for providing a flexible product purchase account for members of a healthcare organization |
US7526568B1 (en) * | 2004-02-20 | 2009-04-28 | Broadcast Pix, Inc. | Integrated live video production system |
US7761375B2 (en) * | 2004-03-16 | 2010-07-20 | Hewlett-Packard Development Company, L.P. | Transaction switch and a method for use thereof |
US7344070B2 (en) * | 2004-03-25 | 2008-03-18 | Seiko Epson Corporation | POS system, input/output control apparatus for use in a POS system, and method |
US20050216589A1 (en) * | 2004-03-29 | 2005-09-29 | Sbc Knowledge Ventures, L.P. | System and method for indicating network connectivity and access to an information service offering |
KR100621571B1 (en) * | 2004-06-25 | 2006-09-14 | 삼성전자주식회사 | Apparatus and method for interconnecting networks using different protocols |
EP1615390B1 (en) * | 2004-07-09 | 2008-10-29 | Sap Ag | Mapping of network configuration data to network interfaces |
CN100466659C (en) * | 2004-07-13 | 2009-03-04 | 华为技术有限公司 | A method for automatic configuration of terminal equipment |
US7656901B2 (en) * | 2004-08-10 | 2010-02-02 | Meshnetworks, Inc. | Software architecture and hardware abstraction layer for multi-radio routing and method for providing the same |
US20060095517A1 (en) * | 2004-10-12 | 2006-05-04 | O'connor Clint H | Wide area wireless messaging system |
FI20041377A0 (en) * | 2004-10-25 | 2004-10-25 | Nokia Corp | Delivery of services in a telecommunications system |
US7782877B2 (en) * | 2004-11-03 | 2010-08-24 | Verizon Business Global Llc | Network-based dedicated backup service |
US7520430B1 (en) * | 2004-11-04 | 2009-04-21 | Acumera, Inc. | Multiservice merchant gateway |
US10248951B2 (en) | 2004-12-01 | 2019-04-02 | Metavante Corporation | E-coupon settlement and clearing process |
US7866548B2 (en) * | 2004-12-01 | 2011-01-11 | Metavante Corporation | Account control method and system that allows only eligible and authorized items to be purchased using the account |
US20070288313A1 (en) * | 2006-06-09 | 2007-12-13 | Mark Brodson | E-Coupon System and Method |
US20060149529A1 (en) * | 2005-01-04 | 2006-07-06 | Loc Nguyen | Method for encoding messages between two devices for transmission over standard online payment networks |
US7650308B2 (en) * | 2005-01-04 | 2010-01-19 | Visa U.S.A. Inc. | Auto substantiation for over-the-counter transactions |
US20060149603A1 (en) * | 2005-01-04 | 2006-07-06 | Barbara Patterson | Method and system for determining healthcare eligibility |
WO2006090941A2 (en) * | 2005-02-28 | 2006-08-31 | Systembase Co., Ltd. | Internet communication translation apparatus for difficulty information |
JP4704073B2 (en) * | 2005-03-02 | 2011-06-15 | サンデン株式会社 | Connection device for communication equipment |
EP1713041A1 (en) * | 2005-04-12 | 2006-10-18 | Axalto SA | Payment system with bank card |
GB2425854A (en) * | 2005-04-21 | 2006-11-08 | Saleh Al-Sarawi | Transactions using mobile devices |
US7840682B2 (en) * | 2005-06-03 | 2010-11-23 | QNX Software Systems, GmbH & Co. KG | Distributed kernel operating system |
US8667184B2 (en) * | 2005-06-03 | 2014-03-04 | Qnx Software Systems Limited | Distributed kernel operating system |
US7522904B1 (en) * | 2005-09-09 | 2009-04-21 | Sprint Communications Company Lp | Customer premises equipment alternate path architecture for configuration and troubleshooting |
US8660862B2 (en) | 2005-09-20 | 2014-02-25 | Visa U.S.A. Inc. | Determination of healthcare coverage using a payment account |
US8694435B1 (en) * | 2005-11-14 | 2014-04-08 | American Express Travel Related Services Company, Inc. | System and method for linking point of sale devices within a virtual network |
US8199743B1 (en) * | 2005-11-29 | 2012-06-12 | Rockstar Bidco, LP | Enhanced services for a pots line |
EP1955471A4 (en) * | 2005-12-01 | 2009-03-11 | Firestar Software Inc | System and method for exchanging information among exchange applications |
US7861003B2 (en) * | 2006-01-31 | 2010-12-28 | Genband Us Llc | Adaptive feedback for session over internet protocol |
US7865612B2 (en) | 2006-01-31 | 2011-01-04 | Genband Us Llc | Method and apparatus for partitioning resources within a session-over-internet-protocol (SoIP) session controller |
US7860990B2 (en) * | 2006-01-31 | 2010-12-28 | Genband Us Llc | Session data records and related alarming within a session over internet protocol (SOIP) network |
US7333464B2 (en) * | 2006-02-01 | 2008-02-19 | Microsoft Corporation | Automated service discovery and wireless network set-up |
US8271340B2 (en) * | 2006-02-10 | 2012-09-18 | 3M Innovative Properties Company | Order taking system and method with local and/or remote monitoring |
US8204043B2 (en) * | 2006-02-28 | 2012-06-19 | Genband Us Llc | Quality of service prioritization of internet protocol packets using session-aware components |
US8509218B2 (en) * | 2006-02-28 | 2013-08-13 | Genband Us Llc | Prioritization within a session over internet protocol (SOIP) network |
US8259706B2 (en) * | 2006-02-28 | 2012-09-04 | Genband Us Llc | Multistage prioritization of packets within a session over internet protocol (SOIP) network |
US20070205275A1 (en) * | 2006-03-06 | 2007-09-06 | First Data Corporation | Portable point of sale systems and methods |
US20070213970A1 (en) * | 2006-03-09 | 2007-09-13 | Utstarcom, Inc. | Application communication session method and apparatus |
JP4668815B2 (en) * | 2006-03-10 | 2011-04-13 | サンデン株式会社 | Connection device for communication equipment. |
JP2007286697A (en) * | 2006-04-12 | 2007-11-01 | Mastercard Internatl Japan Inc | Payment processing support device and payment processing support method |
WO2008005102A2 (en) * | 2006-05-13 | 2008-01-10 | Sap Ag | Consistent set of interfaces derived from a business object model |
US8788284B2 (en) * | 2006-05-30 | 2014-07-22 | Visa U.S.A. Inc. | Method and system using combined healthcare-payment device and web portal for receiving patient medical information |
CA2654562A1 (en) * | 2006-06-08 | 2007-12-21 | Visa U.S.A. Inc. | System and method using extended authorization hold period |
US20080010094A1 (en) * | 2006-06-21 | 2008-01-10 | Mark Carlson | Distribution of health information for providing health related services |
US7769599B2 (en) * | 2006-07-31 | 2010-08-03 | Visa U.S.A. Inc. | Electronic payment delivery service |
CN1933448A (en) * | 2006-08-17 | 2007-03-21 | 华为技术有限公司 | Business fast convergent method and network equipment |
JP4410804B2 (en) * | 2007-02-23 | 2010-02-03 | インターナショナル・ビジネス・マシーンズ・コーポレーション | System management method, information processing apparatus and program in distributed network environment |
US20080304473A1 (en) * | 2007-06-11 | 2008-12-11 | At&T Corp. | Enhanced terminal adapter |
US20080319794A1 (en) * | 2007-06-20 | 2008-12-25 | Mark Carlson | Health information services using phone |
US8125998B2 (en) * | 2007-08-02 | 2012-02-28 | Phybridge Inc. | Backup system and method for network data communications |
US7912062B2 (en) * | 2007-09-28 | 2011-03-22 | Genband Us Llc | Methods and apparatus for managing addresses related to virtual partitions of a session exchange device |
DE102007000963B4 (en) * | 2007-10-11 | 2011-03-10 | Rüterbories, Karin | I / O interface for establishing a secure connection between network servers for requesting data in the event of an alarm |
US8983862B2 (en) * | 2008-01-30 | 2015-03-17 | Toshiba Global Commerce Solutions Holdings Corporation | Initiating a service call for a hardware malfunction in a point of sale system |
US8417593B2 (en) | 2008-02-28 | 2013-04-09 | Sap Ag | System and computer-readable medium for managing consistent interfaces for business objects across heterogeneous systems |
GB0804703D0 (en) * | 2008-03-13 | 2008-04-16 | Annadale Technologies Ltd | Operating system |
US8589263B2 (en) * | 2008-03-31 | 2013-11-19 | Sap Ag | Managing consistent interfaces for retail business objects across heterogeneous systems |
US20090248463A1 (en) * | 2008-03-31 | 2009-10-01 | Emmanuel Piochon | Managing Consistent Interfaces For Trading Business Objects Across Heterogeneous Systems |
US20090248429A1 (en) * | 2008-03-31 | 2009-10-01 | Sap Ag | Managing Consistent Interfaces for Sales Price Business Objects Across Heterogeneous Systems |
US20090249358A1 (en) * | 2008-03-31 | 2009-10-01 | Sap Ag | Managing Consistent Interfaces for Kanban Business Objects Across Heterogeneous Systems |
US8856899B1 (en) | 2008-06-20 | 2014-10-07 | United Services Automobile Association (Usaa) | Systems and methods for obscuring entry of electronic security term |
US20100057621A1 (en) * | 2008-06-30 | 2010-03-04 | Faith Patrick L | Payment processing system secure healthcare data trafficking |
JP4591582B2 (en) * | 2008-09-09 | 2010-12-01 | ソニー株式会社 | Network adapter and communication device |
US8730863B2 (en) * | 2008-09-09 | 2014-05-20 | The Charles Stark Draper Laboratory, Inc. | Network communication systems and methods |
DE102008060863A1 (en) * | 2008-12-09 | 2010-06-10 | Wincor Nixdorf International Gmbh | System and method for secure communication of components within self-service terminals |
US20100153297A1 (en) | 2008-12-12 | 2010-06-17 | Sap Ag | Managing Consistent Interfaces for Credit Portfolio Business Objects Across Heterogeneous Systems |
GB0904877D0 (en) | 2009-03-20 | 2009-05-06 | Global Refund Holdings Ab | Interface module, system and method |
EP2416504A1 (en) * | 2009-03-31 | 2012-02-08 | Panasonic Corporation | Relay apparatus and relay method |
US8738973B1 (en) * | 2009-04-30 | 2014-05-27 | Bank Of America Corporation | Analysis of self-service terminal operational data |
US8019839B2 (en) * | 2009-05-11 | 2011-09-13 | Accenture Global Services Limited | Enhanced network adapter framework |
US8939356B2 (en) | 2009-06-08 | 2015-01-27 | Visa International Service Association | Portable prescription payment device management platform apparautses, methods and systems |
US8413905B2 (en) * | 2009-10-05 | 2013-04-09 | Visa U.S.A. Inc. | Portable prescription transaction payment device |
US10614458B2 (en) * | 2009-08-14 | 2020-04-07 | Visa U.S.A. Inc. | Influenza vaccine administration payment device processing |
US20110166872A1 (en) * | 2009-08-14 | 2011-07-07 | Cervenka Karen L | Auto-substantiation for healthcare upon sponsor account through payment processing system |
US8572394B2 (en) * | 2009-09-04 | 2013-10-29 | Computer Associates Think, Inc. | OTP generation using a camouflaged key |
US20110079643A1 (en) * | 2009-10-05 | 2011-04-07 | Stacy Pourfallah | Prescription sample transaction payment card |
US8843757B2 (en) * | 2009-11-12 | 2014-09-23 | Ca, Inc. | One time PIN generation |
US20120226565A1 (en) * | 2011-03-05 | 2012-09-06 | Motreus Inc. | Method and apparatus for payment with mobile device at point of sale terminal |
US9135585B2 (en) | 2010-06-15 | 2015-09-15 | Sap Se | Managing consistent interfaces for property library, property list template, quantity conversion virtual object, and supplier property specification business objects across heterogeneous systems |
WO2012006737A1 (en) * | 2010-07-13 | 2012-01-19 | Sierra Wireless Inc. | Wireless network connection system and method |
US20120066079A1 (en) * | 2010-09-07 | 2012-03-15 | Revel Systems, Inc. | Point of sale system |
TWI473465B (en) * | 2010-09-08 | 2015-02-11 | Arcadyan Technology Corp | Method of line-swithing and connecting for a connector with a combo port |
US8806030B2 (en) | 2010-12-06 | 2014-08-12 | Microsoft Corporation | Multichannel connections in file system sessions |
US20120158528A1 (en) * | 2010-12-21 | 2012-06-21 | Ebay, Inc. | Efficient transactions at a point of sale location |
CN102542688A (en) * | 2010-12-28 | 2012-07-04 | 中国银联股份有限公司 | Electronic payment device and electronic payment system using same |
US8593971B1 (en) | 2011-01-25 | 2013-11-26 | Bank Of America Corporation | ATM network response diagnostic snapshot |
JP5715838B2 (en) * | 2011-01-28 | 2015-05-13 | 中国電力株式会社 | Network monitoring system |
US20120203695A1 (en) * | 2011-02-09 | 2012-08-09 | American Express Travel Related Services Company, Inc. | Systems and methods for facilitating secure transactions |
US9760871B1 (en) | 2011-04-01 | 2017-09-12 | Visa International Service Association | Event-triggered business-to-business electronic payment processing apparatuses, methods and systems |
CA2831890A1 (en) | 2011-04-01 | 2012-10-04 | Visa International Service Association | Restricted-use account payment administration apparatuses, methods and systems |
CN102314733A (en) * | 2011-04-29 | 2012-01-11 | 四川长虹电器股份有限公司 | Method for preventing cashes in bank card from being falsely withdrawn |
US8819499B2 (en) * | 2011-06-09 | 2014-08-26 | At&T Mobility Ii Llc | Sending network reject/error codes from a terminal adaptor to terminal equipment through an at command interface |
US8725654B2 (en) | 2011-07-28 | 2014-05-13 | Sap Ag | Managing consistent interfaces for employee data replication business objects across heterogeneous systems |
US8775280B2 (en) | 2011-07-28 | 2014-07-08 | Sap Ag | Managing consistent interfaces for financial business objects across heterogeneous systems |
AU2012347439A1 (en) * | 2011-12-09 | 2014-07-10 | Jerome Simonoff | System and method for delaying execution of financial transactions |
US9081656B2 (en) * | 2011-12-20 | 2015-07-14 | Ncr Corporation | Methods and systems for predicting a fault |
US9183518B2 (en) | 2011-12-20 | 2015-11-10 | Ncr Corporation | Methods and systems for scheduling a predicted fault service call |
US20130166447A1 (en) * | 2011-12-21 | 2013-06-27 | Verizon Patent And Licensing Inc. | Gateway applications for transaction services |
US8746551B2 (en) | 2012-02-14 | 2014-06-10 | Bank Of America Corporation | Predictive fault resolution |
US9232368B2 (en) | 2012-02-16 | 2016-01-05 | Sap Se | Consistent interface for user feed administrator, user feed event link and user feed settings |
US9237425B2 (en) | 2012-02-16 | 2016-01-12 | Sap Se | Consistent interface for feed event, feed event document and feed event type |
US8762453B2 (en) | 2012-02-16 | 2014-06-24 | Sap Ag | Consistent interface for feed collaboration group and feed event subscription |
US8756274B2 (en) | 2012-02-16 | 2014-06-17 | Sap Ag | Consistent interface for sales territory message type set 1 |
US8762454B2 (en) | 2012-02-16 | 2014-06-24 | Sap Ag | Consistent interface for flag and tag |
US8984050B2 (en) | 2012-02-16 | 2015-03-17 | Sap Se | Consistent interface for sales territory message type set 2 |
US9367826B2 (en) | 2012-06-28 | 2016-06-14 | Sap Se | Consistent interface for entitlement product |
WO2014000200A1 (en) | 2012-06-28 | 2014-01-03 | Sap Ag | Consistent interface for document output request |
US9400998B2 (en) | 2012-06-28 | 2016-07-26 | Sap Se | Consistent interface for message-based communication arrangement, organisational centre replication request, and payment schedule |
US8949855B2 (en) | 2012-06-28 | 2015-02-03 | Sap Se | Consistent interface for address snapshot and approval process definition |
US8756135B2 (en) | 2012-06-28 | 2014-06-17 | Sap Ag | Consistent interface for product valuation data and product valuation level |
US9246869B2 (en) | 2012-06-28 | 2016-01-26 | Sap Se | Consistent interface for opportunity |
US9076112B2 (en) | 2012-08-22 | 2015-07-07 | Sap Se | Consistent interface for financial instrument impairment expected cash flow analytical result |
US9043236B2 (en) | 2012-08-22 | 2015-05-26 | Sap Se | Consistent interface for financial instrument impairment attribute values analytical result |
US9547833B2 (en) | 2012-08-22 | 2017-01-17 | Sap Se | Consistent interface for financial instrument impairment calculation |
US20140215034A1 (en) * | 2013-01-29 | 2014-07-31 | Huawei Device Co., Ltd. | Processing Method and Processing Device for Automatically Setting Internet Access Mode |
US9191357B2 (en) | 2013-03-15 | 2015-11-17 | Sap Se | Consistent interface for email activity business object |
US9191343B2 (en) | 2013-03-15 | 2015-11-17 | Sap Se | Consistent interface for appointment activity business object |
US9904915B2 (en) * | 2013-08-08 | 2018-02-27 | Ncr Corporation | Virtualized ATM |
US9842027B1 (en) * | 2013-12-27 | 2017-12-12 | EMC IP Holding Company LLC | Intelligent application optimized backups |
CN104518960B (en) * | 2014-12-05 | 2018-01-19 | 华为技术有限公司 | A kind of method, equipment and the system of the switchback that is delayed |
US10027684B1 (en) | 2015-04-22 | 2018-07-17 | United Services Automobile Association (Usaa) | Method and system for user credential security |
US11232448B2 (en) * | 2015-06-30 | 2022-01-25 | Worldpay, Llc | Configurable transaction management controller and method thereof |
US10332090B2 (en) | 2015-08-27 | 2019-06-25 | Acumera, Inc. | Providing secure remote access to a device at a merchant location |
CN106936616B (en) | 2015-12-31 | 2020-01-03 | 伊姆西公司 | Backup communication method and device |
US10832367B2 (en) * | 2016-02-17 | 2020-11-10 | Justin Andrew Frankert | System for arranging transportation services and associated methods |
US10521344B1 (en) | 2017-03-10 | 2019-12-31 | Pure Storage, Inc. | Servicing input/output (‘I/O’) operations directed to a dataset that is synchronized across a plurality of storage systems |
US10587534B2 (en) * | 2017-04-04 | 2020-03-10 | Gray Research LLC | Composing cores and FPGAS at massive scale with directional, two dimensional routers and interconnection networks |
US10588016B2 (en) | 2017-06-23 | 2020-03-10 | Visa International Service Association | Adapter for providing unified transaction interface |
CN109547870B (en) * | 2017-09-21 | 2022-01-18 | 中国电信股份有限公司 | Method and system for scheduling optical cable cutting task |
CN110022225A (en) * | 2019-01-07 | 2019-07-16 | 深圳市先河系统技术有限公司 | Communication means, system, mine machine and the storage medium of decentralization storage system |
CN109981816B (en) * | 2019-03-21 | 2023-04-18 | 上海风汇网络科技有限公司 | Value transmission system and method based on DNS (Domain name System) and DNS server |
US10958567B1 (en) * | 2019-03-29 | 2021-03-23 | Juniper Networks, Inc. | Controlling paths in a network via a centralized controller or network devices |
US11294693B2 (en) * | 2020-04-14 | 2022-04-05 | Ncr Corporation | Virtualized transaction terminal platform |
CN113726915A (en) * | 2020-05-25 | 2021-11-30 | 华为技术有限公司 | Network system, message transmission method therein and related device |
US11528334B2 (en) | 2020-07-31 | 2022-12-13 | Oracle International Corporation | Methods, systems, and computer readable media for preferred network function (NF) location routing using service communications proxy (SCP) |
US11570262B2 (en) | 2020-10-28 | 2023-01-31 | Oracle International Corporation | Methods, systems, and computer readable media for rank processing for network function selection |
US11829811B2 (en) | 2021-09-17 | 2023-11-28 | International Business Machines Corporation | Systems and methods for exchanging electronic data |
US11816654B2 (en) * | 2021-12-17 | 2023-11-14 | Bank Of America Corporation | Geographic location based mobile transaction adapter |
CN116758681B (en) * | 2023-08-22 | 2023-11-17 | 杭银消费金融股份有限公司 | Financial terminal and financial terminal safety control method |
Citations (10)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US5526409A (en) * | 1993-10-26 | 1996-06-11 | Visa International Service Association | Adaptive communication system within a transaction card network |
US5621731A (en) * | 1994-02-04 | 1997-04-15 | Omnilink Communications Corporation | Private exchange for ISDN |
US20030120936A1 (en) * | 2001-08-01 | 2003-06-26 | Eft Datalink | Encryption of financial information |
US6769479B2 (en) * | 2002-06-11 | 2004-08-03 | Solar Turbines Inc | Primary surface recuperator sheet |
US6792472B1 (en) * | 2000-03-31 | 2004-09-14 | International Business Machines Corporation | System, method and computer readable medium for intelligent raid controllers operating as data routers |
US6886742B2 (en) * | 1999-08-09 | 2005-05-03 | First Data Corporation | Systems and methods for deploying a point-of sale device |
US6990470B2 (en) * | 2000-04-11 | 2006-01-24 | Mastercard International Incorporated | Method and system for conducting secure payments over a computer network |
US7219149B2 (en) * | 2003-06-12 | 2007-05-15 | Dw Holdings, Inc. | Versatile terminal adapter and network for transaction processing |
US7223920B2 (en) * | 2005-06-17 | 2007-05-29 | Siemens Power Generation, Inc. | Through-bolt insulating boot |
US20080110974A1 (en) * | 2002-11-25 | 2008-05-15 | Diebold Self-Service Systems Division Of Diebold, Incorporated | Cash dispensing automated banking machine diagnostic method |
Family Cites Families (50)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US52966A (en) * | 1866-03-06 | Stove-pipe drum | ||
GB2146814A (en) * | 1983-09-17 | 1985-04-24 | Ibm | Electronic fund transfer systems |
US4972463A (en) * | 1986-09-15 | 1990-11-20 | Norand Corporation | In-store multiple device communications unit and centralized data system utilizing same |
US4808803A (en) * | 1987-08-24 | 1989-02-28 | Figgi International, Inc. | Security system |
JP2766381B2 (en) * | 1990-06-19 | 1998-06-18 | 株式会社東芝 | Terminal adapter pooling system |
US5144651A (en) * | 1990-11-19 | 1992-09-01 | Exxon Research And Engineering Company | Reduced time remote access method and system |
EP0523061B1 (en) * | 1991-02-05 | 1998-04-22 | International Business Machines Corporation | Transaction command routing |
US5619559A (en) * | 1992-06-25 | 1997-04-08 | Compuserve Incorporated | Financial card authorization system |
US5535334A (en) * | 1993-01-29 | 1996-07-09 | Storage Technology Corporation | Fault-tolerant system-to-system communications system and method utilizing multiple communications methods to transfer a single message |
US5444763A (en) * | 1993-06-17 | 1995-08-22 | Research In Motion Limited | Translation and connection device for radio frequency point of sale transaction systems |
US5541925A (en) * | 1995-03-27 | 1996-07-30 | Compuserve Incorporated | Point of sale system that bypasses the public telephone network |
US5727163A (en) * | 1995-03-30 | 1998-03-10 | Amazon.Com, Inc. | Secure method for communicating credit card data when placing an order on a non-secure network |
US5678010A (en) * | 1995-06-07 | 1997-10-14 | Compuserve Incorporated | Automated routing of messages over a network |
US5781534A (en) * | 1995-10-31 | 1998-07-14 | Novell, Inc. | Method and apparatus for determining characteristics of a path |
US5828847A (en) * | 1996-04-19 | 1998-10-27 | Storage Technology Corporation | Dynamic server switching for maximum server availability and load balancing |
US5778173A (en) * | 1996-06-12 | 1998-07-07 | At&T Corp. | Mechanism for enabling secure electronic transactions on the open internet |
US6026379A (en) * | 1996-06-17 | 2000-02-15 | Verifone, Inc. | System, method and article of manufacture for managing transactions in a high availability system |
US6058250A (en) * | 1996-06-19 | 2000-05-02 | At&T Corp | Bifurcated transaction system in which nonsensitive information is exchanged using a public network connection and sensitive information is exchanged after automatically configuring a private network connection |
US5845267A (en) * | 1996-09-06 | 1998-12-01 | At&T Corp | System and method for billing for transactions conducted over the internet from within an intranet |
US6505170B1 (en) * | 1996-10-04 | 2003-01-07 | Western Union North America | Distributed device management system |
JP3625983B2 (en) | 1997-03-12 | 2005-03-02 | 三菱商事株式会社 | Data management system |
US5875291A (en) * | 1997-04-11 | 1999-02-23 | Tandem Computers Incorporated | Method and apparatus for checking transactions in a computer system |
US6134678A (en) * | 1997-05-13 | 2000-10-17 | 3Com Corporation | Method of detecting network errors |
WO1998058356A2 (en) | 1997-06-16 | 1998-12-23 | Keilani Badieh Z Ii | System and method for processing multiple financial applications using a three-tier value network |
AU1618999A (en) * | 1997-12-02 | 1999-06-16 | Bruce R. Korman | Multi-transactional network architecture |
US6324174B2 (en) * | 1997-12-31 | 2001-11-27 | At&T Corporation | Telecommunications network architecture for transporting fax, voice and data via an ATM switch including a STM to ATM terminal adapter |
US6311288B1 (en) * | 1998-03-13 | 2001-10-30 | Paradyne Corporation | System and method for virtual circuit backup in a communication network |
US6260158B1 (en) * | 1998-05-11 | 2001-07-10 | Compaq Computer Corporation | System and method for fail-over data transport |
US6415341B1 (en) * | 1999-01-29 | 2002-07-02 | Tekserve Pos, Llc | Point-of-sale terminal adapter |
US6827260B2 (en) * | 1999-08-09 | 2004-12-07 | First Data Corporation | Systems and methods for utilizing a point-of-sale system |
EP1219079B1 (en) | 1999-09-15 | 2013-10-23 | Datawire Communication Networks Inc. | System and method for secure transactions over a network |
US6614803B1 (en) * | 2000-01-14 | 2003-09-02 | Adtran Inc. | Mechanism for conducting in-band communications between terminal adapter and digital terminal device during internet session |
TW550477B (en) * | 2000-03-01 | 2003-09-01 | Passgate Corp | Method, system and computer readable medium for Web site account and e-commerce management from a central location |
AU2001251656A1 (en) * | 2000-04-17 | 2001-10-30 | Criticalarc Technologies, Inc. | Business management system |
US6763479B1 (en) * | 2000-06-02 | 2004-07-13 | Sun Microsystems, Inc. | High availability networking with alternate pathing failover |
US7233920B1 (en) * | 2000-09-07 | 2007-06-19 | Paymentech, L.P. | System and apparatus for credit transaction data transmission |
US7133939B1 (en) | 2000-11-20 | 2006-11-07 | Symbol Technologies, Inc. | Distributed-service architecture at the point of sale or service |
JP2002196990A (en) * | 2000-12-27 | 2002-07-12 | Kddi Corp | Service discovery protocol conversion gateway |
US20020087724A1 (en) * | 2000-12-29 | 2002-07-04 | Ragula Systems D/B/A Fatpipe Networks | Combining connections for parallel access to multiple frame relay and other private networks |
JP4362977B2 (en) * | 2001-01-16 | 2009-11-11 | セイコーエプソン株式会社 | Device status monitoring device |
US6854010B1 (en) * | 2001-04-05 | 2005-02-08 | Bluecube Software, Inc. | Multi-location management system |
WO2003017600A1 (en) | 2001-08-18 | 2003-02-27 | Smallbig Technology Inc. | An apparatus connected multi ip broadband line and fallback method thereof |
US6870917B2 (en) * | 2001-11-05 | 2005-03-22 | At&T Corp | Methods and systems for call interruption services |
US7647422B2 (en) * | 2001-11-06 | 2010-01-12 | Enterasys Networks, Inc. | VPN failure recovery |
US20030126256A1 (en) * | 2001-11-26 | 2003-07-03 | Cruickshank Robert F. | Network performance determining |
US20030101262A1 (en) * | 2001-11-27 | 2003-05-29 | Isochron Data Corporation | Method and system for scheduling the maintenance of remotely monitored devices |
JP4393032B2 (en) * | 2002-03-27 | 2010-01-06 | 富士通株式会社 | Information processing system having path switching function in case of failure and information terminal thereof |
US20040010711A1 (en) * | 2002-07-10 | 2004-01-15 | Weiming Tang | Secure communications and control in a fueling environment |
US6685088B1 (en) * | 2002-12-13 | 2004-02-03 | American Express Travel Related Services Company, Inc. | System and method for selecting an account |
US7232063B2 (en) * | 2003-06-09 | 2007-06-19 | Fujitsu Transaction Solutions Inc. | System and method for monitoring and diagnosis of point of sale devices having intelligent hardware |
-
2003
- 2003-06-12 US US10/461,175 patent/US7219149B2/en not_active Expired - Lifetime
- 2003-07-03 US US10/613,129 patent/US7225253B2/en not_active Expired - Lifetime
-
2004
- 2004-06-11 WO PCT/CA2004/000848 patent/WO2004111961A1/en active Application Filing
- 2004-06-11 CA CA2529319A patent/CA2529319C/en not_active Expired - Lifetime
-
2007
- 2007-04-11 US US11/734,223 patent/US20070237311A1/en not_active Abandoned
- 2007-04-11 US US11/734,204 patent/US7873726B2/en not_active Expired - Fee Related
- 2007-04-11 US US11/734,192 patent/US20080027873A1/en not_active Abandoned
Patent Citations (10)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US5526409A (en) * | 1993-10-26 | 1996-06-11 | Visa International Service Association | Adaptive communication system within a transaction card network |
US5621731A (en) * | 1994-02-04 | 1997-04-15 | Omnilink Communications Corporation | Private exchange for ISDN |
US6886742B2 (en) * | 1999-08-09 | 2005-05-03 | First Data Corporation | Systems and methods for deploying a point-of sale device |
US6792472B1 (en) * | 2000-03-31 | 2004-09-14 | International Business Machines Corporation | System, method and computer readable medium for intelligent raid controllers operating as data routers |
US6990470B2 (en) * | 2000-04-11 | 2006-01-24 | Mastercard International Incorporated | Method and system for conducting secure payments over a computer network |
US20030120936A1 (en) * | 2001-08-01 | 2003-06-26 | Eft Datalink | Encryption of financial information |
US6769479B2 (en) * | 2002-06-11 | 2004-08-03 | Solar Turbines Inc | Primary surface recuperator sheet |
US20080110974A1 (en) * | 2002-11-25 | 2008-05-15 | Diebold Self-Service Systems Division Of Diebold, Incorporated | Cash dispensing automated banking machine diagnostic method |
US7219149B2 (en) * | 2003-06-12 | 2007-05-15 | Dw Holdings, Inc. | Versatile terminal adapter and network for transaction processing |
US7223920B2 (en) * | 2005-06-17 | 2007-05-29 | Siemens Power Generation, Inc. | Through-bolt insulating boot |
Cited By (11)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20080067238A1 (en) * | 1996-05-10 | 2008-03-20 | Barcelou David M | Automated transaction machine |
US7837101B2 (en) * | 1996-05-10 | 2010-11-23 | Transaction Holdings Ltd, L.L.C. | Automated transaction machine |
US20080105743A1 (en) * | 2003-12-02 | 2008-05-08 | Mills Kevin J | Y-adapter with embedded wireless port |
US20090144450A1 (en) * | 2007-11-29 | 2009-06-04 | Kiester W Scott | Synching multiple connected systems according to business policies |
US10083483B2 (en) | 2013-01-09 | 2018-09-25 | Bank Of America Corporation | Actionable exception alerts |
US10853875B2 (en) | 2013-01-09 | 2020-12-01 | Bank Of America Corporation | Actionable exception alerts |
US11403701B2 (en) | 2013-01-09 | 2022-08-02 | Bank Of America Corporation | Actionable exception alerts |
WO2015148579A1 (en) * | 2014-03-24 | 2015-10-01 | Omalley Matthew | Systems and methods to manage traffic in a mobile network |
CN111459915A (en) * | 2020-04-14 | 2020-07-28 | 南京工业大学 | Panoramic data opening method and system suitable for colleges and universities |
US20230368623A1 (en) * | 2021-02-03 | 2023-11-16 | Hyosung TNS Inc. | Communication method between host and devices in atm |
US12020546B2 (en) * | 2021-02-03 | 2024-06-25 | Hyosung TNS Inc. | Communication method between host and devices in ATM |
Also Published As
Publication number | Publication date |
---|---|
US7225253B2 (en) | 2007-05-29 |
US7219149B2 (en) | 2007-05-15 |
US20070237311A1 (en) | 2007-10-11 |
US7873726B2 (en) | 2011-01-18 |
US20040128201A1 (en) | 2004-07-01 |
WO2004111961A1 (en) | 2004-12-23 |
CA2529319C (en) | 2015-11-24 |
US20070185991A1 (en) | 2007-08-09 |
CA2529319A1 (en) | 2004-12-23 |
US20050005190A1 (en) | 2005-01-06 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US7873726B2 (en) | Versatile terminal adapter and network for transaction processing | |
US6671729B1 (en) | Autonomously established secure and persistent internet connection and autonomously reestablished without user intervention that connection if it lost | |
RU2436148C2 (en) | Adaptive gateway for switching transactions and data on untrusted networks using context-based rules | |
US7520430B1 (en) | Multiservice merchant gateway | |
US20050195799A1 (en) | Method and device for coupling a POTS terminal to a non-PSTN communications network | |
US20130166447A1 (en) | Gateway applications for transaction services | |
KR102063910B1 (en) | IoT Terminal and IoT Trandsaction System using IoT Network | |
US20020082927A1 (en) | Intelligent caching routers | |
US20130166638A1 (en) | Transaction services data system | |
US9667474B2 (en) | Systems and methods for broadband backup | |
TW200928777A (en) | Data processing method and apparatus based on cluster | |
WO2020180812A1 (en) | Gateway device for secure machine-to-machine communication | |
KR100471790B1 (en) | Device for sending data using multi-tunneled virtual private network gateway | |
US8046305B1 (en) | Gateway to transaction processing network | |
Cisco | Cisco Access Connection Guide Cisco Internetwork Operating System Release 10.3 | |
Cisco | Protocol Translator Manual | |
MXPA05013662A (en) | Versatile terminal adapter and network for transaction processing | |
Debono et al. | A secure wireless point of sale system | |
WO2001084779A2 (en) | Remote point of sale system | |
US20070242612A1 (en) | Electronic Payment Terminal Diagnostics | |
JPH11154128A (en) | Application connection point selection system | |
AU2011202576A1 (en) | Electronic payment terminal diagnostics |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
AS | Assignment |
Owner name: CREDIT SUISSE, CAYMAN ISLANDS BRANCH, AS COLLATERA Free format text: SECURITY AGREEMENT;ASSIGNORS:FIRST DATA CORPORATION;CARDSERVICE INTERNATIONAL, INC.;FUNDSXPRESS, INC.;AND OTHERS;REEL/FRAME:020045/0165 Effective date: 20071019 |
|
AS | Assignment |
Owner name: DW HOLDINGS, INC., COLORADO Free format text: ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNOR:DATAWIRE COMMUNICATION NETWORKS, INC.;REEL/FRAME:020104/0254 Effective date: 20070216 |
|
STCB | Information on status: application discontinuation |
Free format text: ABANDONED -- FAILURE TO RESPOND TO AN OFFICE ACTION |
|
AS | Assignment |
Owner name: WELLS FARGO BANK, NATIONAL ASSOCIATION, AS COLLATE Free format text: SECURITY AGREEMENT;ASSIGNORS:DW HOLDINGS, INC.;FIRST DATA RESOURCES, INC. (K/N/A FIRST DATA RESOURCES, LLC);FUNDSXPRESS FINANCIAL NETWORKS, INC.;AND OTHERS;REEL/FRAME:025368/0183 Effective date: 20100820 Owner name: WELLS FARGO BANK, NATIONAL ASSOCIATION, AS COLLATERAL AGENT, NEW YORK Free format text: SECURITY AGREEMENT;ASSIGNORS:DW HOLDINGS, INC.;FIRST DATA RESOURCES, INC. (K/N/A FIRST DATA RESOURCES, LLC);FUNDSXPRESS FINANCIAL NETWORKS, INC.;AND OTHERS;REEL/FRAME:025368/0183 Effective date: 20100820 |
|
AS | Assignment |
Owner name: WELLS FARGO BANK, NATIONAL ASSOCIATION, AS COLLATE Free format text: SECURITY AGREEMENT;ASSIGNORS:DW HOLDINGS, INC.;FIRST DATA RESOURCES, LLC;FUNDSXPRESS FINANCIAL NETWORKS, INC.;AND OTHERS;REEL/FRAME:025719/0590 Effective date: 20101217 Owner name: WELLS FARGO BANK, NATIONAL ASSOCIATION, AS COLLATERAL AGENT, NEW YORK Free format text: SECURITY AGREEMENT;ASSIGNORS:DW HOLDINGS, INC.;FIRST DATA RESOURCES, LLC;FUNDSXPRESS FINANCIAL NETWORKS, INC.;AND OTHERS;REEL/FRAME:025719/0590 Effective date: 20101217 |
|
AS | Assignment |
Owner name: TELECHECK INTERNATIONAL, INC., TEXAS Free format text: RELEASE BY SECURED PARTY;ASSIGNOR:CREDIT SUISSE AG, CAYMAN ISLANDS BRANCH;REEL/FRAME:049902/0919 Effective date: 20190729 Owner name: DW HOLDINGS INC., COLORADO Free format text: RELEASE BY SECURED PARTY;ASSIGNOR:CREDIT SUISSE AG, CAYMAN ISLANDS BRANCH;REEL/FRAME:049902/0919 Effective date: 20190729 Owner name: SIZE TECHNOLOGIES, INC., COLORADO Free format text: RELEASE BY SECURED PARTY;ASSIGNOR:CREDIT SUISSE AG, CAYMAN ISLANDS BRANCH;REEL/FRAME:049902/0919 Effective date: 20190729 Owner name: CARDSERVICE INTERNATIONAL, INC., CALIFORNIA Free format text: RELEASE BY SECURED PARTY;ASSIGNOR:CREDIT SUISSE AG, CAYMAN ISLANDS BRANCH;REEL/FRAME:049902/0919 Effective date: 20190729 Owner name: LINKPOINT INTERNATIONAL, INC., CALIFORNIA Free format text: RELEASE BY SECURED PARTY;ASSIGNOR:CREDIT SUISSE AG, CAYMAN ISLANDS BRANCH;REEL/FRAME:049902/0919 Effective date: 20190729 Owner name: TASQ TECHNOLOGY, INC., CALIFORNIA Free format text: RELEASE BY SECURED PARTY;ASSIGNOR:CREDIT SUISSE AG, CAYMAN ISLANDS BRANCH;REEL/FRAME:049902/0919 Effective date: 20190729 Owner name: FUNDSXPRESS, INC., TEXAS Free format text: RELEASE BY SECURED PARTY;ASSIGNOR:CREDIT SUISSE AG, CAYMAN ISLANDS BRANCH;REEL/FRAME:049902/0919 Effective date: 20190729 Owner name: FIRST DATA RESOURCES, LLC, COLORADO Free format text: RELEASE BY SECURED PARTY;ASSIGNOR:CREDIT SUISSE AG, CAYMAN ISLANDS BRANCH;REEL/FRAME:049902/0919 Effective date: 20190729 Owner name: FIRST DATA CORPORATION, COLORADO Free format text: RELEASE BY SECURED PARTY;ASSIGNOR:CREDIT SUISSE AG, CAYMAN ISLANDS BRANCH;REEL/FRAME:049902/0919 Effective date: 20190729 Owner name: TELECHECK SERVICES, INC., TEXAS Free format text: RELEASE BY SECURED PARTY;ASSIGNOR:CREDIT SUISSE AG, CAYMAN ISLANDS BRANCH;REEL/FRAME:049902/0919 Effective date: 20190729 Owner name: INTELLIGENT RESULTS, INC., COLORADO Free format text: RELEASE BY SECURED PARTY;ASSIGNOR:CREDIT SUISSE AG, CAYMAN ISLANDS BRANCH;REEL/FRAME:049902/0919 Effective date: 20190729 |
|
AS | Assignment |
Owner name: DW HOLDINGS, INC., NEW YORK Free format text: TERMINATION AND RELEASE OF SECURITY INTEREST IN PATENT RIGHTS;ASSIGNOR:WELLS FARGO BANK, NATIONAL ASSOCIATION;REEL/FRAME:050090/0060 Effective date: 20190729 Owner name: SIZE TECHNOLOGIES, INC., NEW YORK Free format text: TERMINATION AND RELEASE OF SECURITY INTEREST IN PATENT RIGHTS;ASSIGNOR:WELLS FARGO BANK, NATIONAL ASSOCIATION;REEL/FRAME:050090/0060 Effective date: 20190729 Owner name: INTELLIGENT RESULTS, INC. (K/N/A FIRST DATA SOLUTI Free format text: TERMINATION AND RELEASE OF SECURITY INTEREST IN PATENT RIGHTS;ASSIGNOR:WELLS FARGO BANK, NATIONAL ASSOCIATION;REEL/FRAME:050090/0060 Effective date: 20190729 Owner name: FIRST DATA RESOURCES, INC. (K/N/A FIRST DATA RESOU Free format text: TERMINATION AND RELEASE OF SECURITY INTEREST IN PATENT RIGHTS;ASSIGNOR:WELLS FARGO BANK, NATIONAL ASSOCIATION;REEL/FRAME:050090/0060 Effective date: 20190729 Owner name: MONEY NETWORK FINANCIAL, LLC, NEW YORK Free format text: TERMINATION AND RELEASE OF SECURITY INTEREST IN PATENT RIGHTS;ASSIGNOR:WELLS FARGO BANK, NATIONAL ASSOCIATION;REEL/FRAME:050090/0060 Effective date: 20190729 Owner name: TASQ TECHNOLOGY, INC., NEW YORK Free format text: TERMINATION AND RELEASE OF SECURITY INTEREST IN PATENT RIGHTS;ASSIGNOR:WELLS FARGO BANK, NATIONAL ASSOCIATION;REEL/FRAME:050090/0060 Effective date: 20190729 Owner name: FUNDSXPRESS FINANCIAL NETWORKS, INC., NEW YORK Free format text: TERMINATION AND RELEASE OF SECURITY INTEREST IN PATENT RIGHTS;ASSIGNOR:WELLS FARGO BANK, NATIONAL ASSOCIATION;REEL/FRAME:050090/0060 Effective date: 20190729 Owner name: FIRST DATA CORPORATION, NEW YORK Free format text: TERMINATION AND RELEASE OF SECURITY INTEREST IN PATENT RIGHTS;ASSIGNOR:WELLS FARGO BANK, NATIONAL ASSOCIATION;REEL/FRAME:050090/0060 Effective date: 20190729 Owner name: LINKPOINT INTERNATIONAL, INC., NEW YORK Free format text: TERMINATION AND RELEASE OF SECURITY INTEREST IN PATENT RIGHTS;ASSIGNOR:WELLS FARGO BANK, NATIONAL ASSOCIATION;REEL/FRAME:050090/0060 Effective date: 20190729 Owner name: TELECHECK INTERNATIONAL, INC., NEW YORK Free format text: TERMINATION AND RELEASE OF SECURITY INTEREST IN PATENT RIGHTS;ASSIGNOR:WELLS FARGO BANK, NATIONAL ASSOCIATION;REEL/FRAME:050090/0060 Effective date: 20190729 Owner name: MONEY NETWORK FINANCIAL, LLC, NEW YORK Free format text: TERMINATION AND RELEASE OF SECURITY INTEREST IN PATENT RIGHTS;ASSIGNOR:WELLS FARGO BANK, NATIONAL ASSOCIATION;REEL/FRAME:050091/0474 Effective date: 20190729 Owner name: LINKPOINT INTERNATIONAL, INC., NEW YORK Free format text: TERMINATION AND RELEASE OF SECURITY INTEREST IN PATENT RIGHTS;ASSIGNOR:WELLS FARGO BANK, NATIONAL ASSOCIATION;REEL/FRAME:050091/0474 Effective date: 20190729 Owner name: FIRST DATA RESOURCES, LLC, NEW YORK Free format text: TERMINATION AND RELEASE OF SECURITY INTEREST IN PATENT RIGHTS;ASSIGNOR:WELLS FARGO BANK, NATIONAL ASSOCIATION;REEL/FRAME:050091/0474 Effective date: 20190729 Owner name: TASQ TECHNOLOGY, INC., NEW YORK Free format text: TERMINATION AND RELEASE OF SECURITY INTEREST IN PATENT RIGHTS;ASSIGNOR:WELLS FARGO BANK, NATIONAL ASSOCIATION;REEL/FRAME:050091/0474 Effective date: 20190729 Owner name: DW HOLDINGS, INC., NEW YORK Free format text: TERMINATION AND RELEASE OF SECURITY INTEREST IN PATENT RIGHTS;ASSIGNOR:WELLS FARGO BANK, NATIONAL ASSOCIATION;REEL/FRAME:050091/0474 Effective date: 20190729 Owner name: SIZE TECHNOLOGIES, INC., NEW YORK Free format text: TERMINATION AND RELEASE OF SECURITY INTEREST IN PATENT RIGHTS;ASSIGNOR:WELLS FARGO BANK, NATIONAL ASSOCIATION;REEL/FRAME:050091/0474 Effective date: 20190729 Owner name: FIRST DATA CORPORATION, NEW YORK Free format text: TERMINATION AND RELEASE OF SECURITY INTEREST IN PATENT RIGHTS;ASSIGNOR:WELLS FARGO BANK, NATIONAL ASSOCIATION;REEL/FRAME:050091/0474 Effective date: 20190729 Owner name: FUNDSXPRESS FINANCIAL NETWORK, INC., NEW YORK Free format text: TERMINATION AND RELEASE OF SECURITY INTEREST IN PATENT RIGHTS;ASSIGNOR:WELLS FARGO BANK, NATIONAL ASSOCIATION;REEL/FRAME:050091/0474 Effective date: 20190729 Owner name: FIRST DATA SOLUTIONS, INC., NEW YORK Free format text: TERMINATION AND RELEASE OF SECURITY INTEREST IN PATENT RIGHTS;ASSIGNOR:WELLS FARGO BANK, NATIONAL ASSOCIATION;REEL/FRAME:050091/0474 Effective date: 20190729 Owner name: TELECHECK INTERNATIONAL, INC., NEW YORK Free format text: TERMINATION AND RELEASE OF SECURITY INTEREST IN PATENT RIGHTS;ASSIGNOR:WELLS FARGO BANK, NATIONAL ASSOCIATION;REEL/FRAME:050091/0474 Effective date: 20190729 Owner name: FIRST DATA RESOURCES, INC. (K/N/A FIRST DATA RESOURCES, LLC), NEW YORK Free format text: TERMINATION AND RELEASE OF SECURITY INTEREST IN PATENT RIGHTS;ASSIGNOR:WELLS FARGO BANK, NATIONAL ASSOCIATION;REEL/FRAME:050090/0060 Effective date: 20190729 Owner name: INTELLIGENT RESULTS, INC. (K/N/A FIRST DATA SOLUTIONS, INC.), NEW YORK Free format text: TERMINATION AND RELEASE OF SECURITY INTEREST IN PATENT RIGHTS;ASSIGNOR:WELLS FARGO BANK, NATIONAL ASSOCIATION;REEL/FRAME:050090/0060 Effective date: 20190729 |