A method and apparatus is disclosed for protecting electronic devices from security breaches (e.g., in the form of DPA attacks) by managing input/output (I/O) pin states. The technique is particularly useful in financial applications in which data security related operations, such as those involving cryptography, are performed by payment card readers, and the power supplied to drive the operations are measured and analyzed by attackers to extract sensitive information. The technique prevents any external device from measuring the operation power by disabling the I/O pins. The I/O pins are set to a logic low at any given time a data security related operation is performed. As a result, no communication with the external environment is possible during the data security operation, and external power measurements by DPAs are prevented.

A multimode system for receiving data in a retail environment includes: a secure input module for receiving high security input and low security input from a customer, the high security input to be communicated by the secure input module in cipher text, and the low security input to be communicated by the secure input module in plaintext. The multimode system is adapted to operate in a high security mode and a low security mode. The multimode system is adapted to enter the low security mode upon detection by the multimode system of a security breach condition. In the high security mode, the secure input module accepts low security input and high security input. In the low security mode, the secure input module accepts the low security input and does not accept the high security input.

At least a first cryptogram and a second cryptogram are transmitted from a payment device reader component to a terminal component. A message including at least the first cryptogram and the second cryptogram is transmitted from the terminal component to an issuer of a payment device presented to the reader component, through a payment network. A message is obtained from the issuer, corresponding to authentication, by the issuer, of the payment device (and optionally the owner of the payment device) presented to the reader component, based at least on the first cryptogram and the second cryptogram. The payment network is configured in accordance with at least one of (i) a standard, and (ii) a specification, which normally employs only a single cryptogram for the message and the authentication. Apparatuses and computer program products are also disclosed.

A keypad is described. The keypad comprises: a keypad housing defining a plurality of key apertures; a plurality of physical keys, each physical key located in a respective key aperture and being moveable with respect to the key aperture; and a non-contact (for example, capacitive) sensing layer located beneath the plurality of keys. A touch controller is coupled to the capacitive sensing layer and is operable to ascertain a touch location corresponding to a depressed key. A cryptographic controller may be provided in communication with the touch controller and is operable to interpret the touch location.

The present invention provides a method and system for securing sensitive data from unauthorized access or use. The method and system of the present invention is useful in a wide variety of settings, including commercial settings generally available to the public which may be extremely large or small with respect to the number of users. The method and system of the present invention is also useful in a more private setting, such as with a corporation or governmental agency, as well as between corporation, governmental agencies or any other entity.

A multimode system for receiving data in a retail environment includes: a secure input module for receiving high security input and low security input from a customer, the high security input to be communicated by the secure input module in cipher text, and the low security input to be communicated by the secure input module in plaintext. The multimode system is adapted to operate in a high security mode and a low security mode. The multimode system is adapted to enter the low security mode upon detection by the multimode system of a security breach condition. In the high security mode, the secure input module accepts low security input and high security input. In the low security mode, the secure input module accepts the low security input and does not accept the high security input.

Disclosed is a writing implement for effecting an electronic transaction via a payment terminal. The writing implement includes a communications device comprising a payment vehicle identifier. The payment vehicle identifier is associated with a payment vehicle from which funds can be drawn for effecting the electronic transaction. The communications device is configured to send the payment vehicle identifier to the payment terminal. The writing implement also includes a writing member for producing an authenticating mark to authenticate use of the payment vehicle.

The present invention provides a method and system for securing sensitive data from unauthorized access or use. The method and system of the present invention is useful in a wide variety of settings, including commercial settings generally available to the public which may be extremely large or small with respect to the number of users. The method and system of the present invention is also useful in a more private setting, such as with a corporation or governmental agency, as well as between corporation, governmental agencies or any other entity.

The present invention provides a method and system for securing sensitive data from unauthorized access or use. The method and system of the present invention is useful in a wide variety of settings, including commercial settings generally available to the public which may be extremely large or small with respect to the number of users. The method and system of the present invention is also useful in a more private setting, such as with a corporation or governmental agency, as well as between corporation, governmental agencies or any other entity.

An electronic device may include a printed circuit board having a physically unclonable function (PUF) source. The electronic device may also include an integrated circuit (IC) chip positioned on the printed circuit board, and the first PUF source may be embedded in or formed on the printed circuit board external to the IC chip. The IC chip has processing circuitry that is configured to determine PUF data based on the PUF source. The processing circuitry is further configured to determine a cryptographic key or authentication token based on the PUF data and to perform at least one secure operation using the cryptographic key or authentication token.