A device receives position information from a sensor of the device, wherein the position information indicates a position of a user of the device and a position of a person proximate to the user. The device receives lighting information from the sensor, wherein the lighting information indicates lighting conditions around the device and the user. The device calculates a position adjustment for an infrared element of the device based on the position information and the lighting information, and calculates an intensity adjustment for the infrared element based on the position information and the lighting information. The device receives, via an input element of the device, input data provided by the user, and implements the position adjustment and the intensity adjustment to enable the infrared element, when illuminated, to reflect light away from the input element and to prevent image or video capture of the input data.

An automated teller machine (ATM) may include an input component and one or more processors. The input component may be configured to detect multi-factor input associated with an account. The multi-factor input may include at least two of: a sequence of characters input via the input component, a force with which at least one character, of the sequence of characters, is input via the input component, a length of time over which at least one character, of the sequence of characters, is input via the input component, or a combination of at least two characters, of the sequence of characters, that are input concurrently via the input component. The ATM may receive the multi-factor input, validate the multi-factor input in association with the account, and selectively permit or deny access to one or more actions associated with the account based on validating the multi-factor input.

Systems and methods for authentication code entry in touch-sensitive screen enabled devices are disclosed. In one embodiment, a method for entering authentication value data to a data entry device that comprises at least one computer processor and a touch-sensitive screen may include: (1) the touch-sensitive screen sensing a control touch on the touch-sensitive screen; (2) the touch-sensitive screen sensing a release of the control touch from the touch-sensitive screen; (3) the at least one computer processor determining a number of first touches sensed by the touch-sensitive screen in a period between the sensing of the control touch and the sensing of the release of the control touch; and (4) the at least one computer processor using the number of first touches to represent a value in an authentication code.

Systems and methods are disclosed for obfuscating entry of sensitive data at a mobile device, which may be infected with a rogue application configured to steal the sensitive data. One method comprises detecting a prompt for a user to enter sensitive data at a mobile device, and activating one or more of an audio speaker and a vibration motor of the mobile device. The activation of the one or more of the audio speaker and the vibration motor is terminated in response detection conclusion of the user's entry of sensitive data the mobile device.

A peripheral PINpad is connected to a host terminal. The PINpad includes an integrated camera/scanner, a secure processor, secure storage, and a network interface. The PINpad is configured to process in an independent mode of operation and a host-dependent mode of operation. Images captured by the integrated camera/scanner are decoded on the PINpad. The decoded image information, depending on a processing context, is not provided to and is not available to the host terminal. The PINpad is further configured to perform network interactions with external servers independent of the host terminal.

A handheld POS terminal is provided, which is wired to a secure base unit by a cable consisting of two pieces that are joined together by a plug-in connector. The plug-in connector has a pull-out force necessary to separate the connector that is greater than the weight of the POS terminal but less than the force necessary to damage the cable connections at the POS terminal or at the base unit. The cable may also include a coiled section, which acts as a spring, so that if the POS terminal is dropped, the coiled section brings the POS terminal gently to a stop before it hits the ground. If a customer drives away with the POS terminal still in the car, the cable will separate at the plug-in connector, preventing damage to the POS terminal.

There are provided systems and methods for a modular mobile point of sale device having separable units for configurable data processing. A modular device may include a main unit that includes data processing features to allow for a mobile point of sale, including a data entry unit for payment data, a communication component to secure communicate that data to a centralized transaction processor, and a processing unit to receive the data and instruct the centralized to process the data with an online service provider. The module device may also be physically and communicatively coupled to additional modules that may increase the on-device functionality of the main unit, include a module to allow user input and additional modules to accept other types of transaction input. On detection of a connected unit, the main unit may secure connect to and authenticate each attached module.

The invention provides a solution for secure authentication of an individual. The invention comprises methods and apparatus for secure input of a user's identifier e.g. PIN. An image of a keypad is superimposed over a scrambled, operable keypad within a display zone of a screen associated with an electronic device. The keypad image depicts a non-scrambled keypad, in that the keys depicted in the image are in an expected or standardised formal or order. The difference in positions of the keys depicted in the image, and those in the operable keypad, provides a mapping which enables an encoded form of the identifier to be generated, such that the un-encoded version is never stored in the device's memory. Preferably, the image depicts a keypad which is standard for the device which it is being shown on. The device may be a mobile phone, a tablet computer, laptop, PC, payment terminal or any other electronic computing device with a screen. The underlying keypad, which is at least partially obscured from the user's view by the image, may be generated at run time by a procedure call. Preferably, this procedure is native to the device ie part of a library which is provided as standard with the device.

A device receives position information from a sensor of the device, wherein the position information indicates a position of a user of the device and a position of a person proximate to the user. The device receives lighting information from the sensor, wherein the lighting information indicates lighting conditions around the device and the user. The device calculates a position adjustment for an infrared element of the device based on the position information and the lighting information, and calculates an intensity adjustment for the infrared element based on the position information and the lighting information. The device receives, via an input element of the device, input data provided by the user, and implements the position adjustment and the intensity adjustment to enable the infrared element, when illuminated, to reflect light away from the input element and to prevent image or video capture of the input data.

An indication is obtained of interaction of a putative human user with a computing device. Responsive to the indication, presentation of a haptic pattern to the putative human user is facilitated; the pattern is not amenable to machine perception. Prompting of the putative human user to input information indicative of human perception of the pattern is facilitated. Information input by the putative human user is obtained responsive to the prompting. When the information input by the putative human user indicates that the putative human user is an actual human user, the interaction is permitted to continue. Haptic techniques are also provided for access control and/or to defend against malevolent web sites which masquerade as legitimate web sites.