Online verification method and system
Technical field
Present invention relates generally to online verification method and systems, more particularly to testing based on multiserver architecture
Demonstrate,prove the online verification method and system of such as product, packaging, file and other items.
Background technique
There are many technologies to be used for authenticity verification at present.These technologies especially include the anti-counterfeiting characteristic using naked eyes identification
Safety label and carry out online query by manually entering sequence number.But these prior arts are lacked there are following
It falls into:
Firstly, ordinary consumer is very inconvenient using these technologies progress authenticity verification, this is because:
It 1. these technologies are excessively abstruse for ordinary consumer, distinguish it can not between actual products and fake products
Difference;
2. the verifying equipment that these technologies need height to customize;
3. it is irksome for manually entering sequence number when carrying out online verification.
Secondly, these technologies can not provide tracking report below:
1. the sale locations of fake products;
2. time and the position of parallel trading.
The cost of third, these technologies is high, this is because:
1. ordinary consumer is typically reluctant to be actively engaged in verifying activity;
2. needing a large amount of professional inspector to guarantee the tight security of product supply chain;
3. the verifying equipment of custom-made can generate the expense of great number.
4th, due to focusing on various security level tasks, so that the infrastructure security of these technologies is poor.
Summary of the invention
This invention address that providing a kind of online verification method and system to overcome the drawbacks described above of the prior art.
It is related to a kind of method for online verification article according to the first aspect of the invention, this method includes following step
It is rapid:
A) movement or non-mobile device read machine readable data that can be surfed the Internet, the machine-readable data quilt are utilized
Setting is on the article;
B) user's checking request is sent to first server, user's checking request includes the machine-readable data, with
Afterwards by the user's checking request be transmitted to second server, responded in first server the user's checking request come generate for
The customization content of family viewing and/interaction, and the customization content sent back into the movement or non-mobile device immediately and
The forwarding of above-mentioned user's request will not be interfered;
C) relevant information and short sequence number are retrieved from user's checking request on second server;
D) the true of the article is verified by searching original sequence number in the database for being set to second server
Property, which corresponds to the short sequence number that is retrieved, wherein the original sequence number be uniquely assigned to it is described
Article;
E) in the case where the short sequence number for finding with being retrieved corresponding original sequence number, the original sequence is searched
Information belonging to row number;
F) survey report is generated on second server, which includes the relevant information and/or authenticity knot
Fruit;
G) login of response management person and/or brand owners and from the second server to the administrator and/or
Brand owners send the survey report.
It is related to a kind of method for online verification article according to the second aspect of the invention, this method includes following step
It is rapid:
A) movement or non-mobile device read machine readable data that can be surfed the Internet, the machine-readable data quilt are utilized
Setting is on the article;
B) user's checking request is sent to first server, user's checking request includes the machine-readable data, with
Afterwards by the user's checking request be transmitted to second server, responded in first server the user's checking request come generate for
The customization content of family viewing and/interaction, and the customization content sent back into the movement or non-mobile device immediately and
The forwarding of above-mentioned user's request will not be interfered;
C) relevant information and short sequence number are retrieved from user's checking request on second server;
D) passing through the third server that virtual private cloud mechanism (VPC set-up) is isolated with the second server
On, the authenticity of the article is verified by searching original sequence number in the database for being set to the third server, it should
Original sequence number corresponds to the short sequence number being retrieved, wherein the original sequence number is uniquely assigned to the article;
E) on third server in the short sequence number that finds be retrieved corresponding original sequence number the case where
Under, search information belonging to the original sequence number;
F) survey report is generated on second server, which includes the relevant information and/or authenticity knot
Fruit;
G) login of response management person and/or brand owners and from the second server to the administrator and/or
Brand owners send the survey report.
It is related to a kind of system for online verification article according to the third aspect of the invention we, which includes:
The movement that can be surfed the Internet or non-mobile device;
First server;
Second server;
Wherein
The movement that can be surfed the Internet or non-mobile device include:
It is used for the device of read machine readable data, which to be set on the article;
For user's checking request to be sent to the device of first server, user's checking request includes the machine can
Read data;
First server includes:
For user's checking request to be transmitted to the device of second server,
Device, the device are used to respond user's checking request to generate in the customization of user's viewing and/interaction
Hold, and the customization content is sent back into the movement or non-mobile device without interfering turning for above-mentioned user's request immediately
Hair;
Second server includes:
For retrieving the device of relevant information and short sequence number from user's checking request;
For verifying the article by searching original sequence number in the database for being set to second server
The device of authenticity, the original sequence number correspond to the short sequence number that is retrieved, wherein the original sequence number uniquely by
Distribute to the article;
For it is original to search this in the case where the short sequence number for finding with being retrieved corresponding original sequence number
The device of information belonging to sequence number;
For generating the device of survey report, which includes the relevant information and/or authenticity result;
It is used for the login of response management person and/or brand owners and is sent out to the administrator and/or brand owners
Send the device of survey report.
It is related to a kind of system for online verification article according to the fourth aspect of the invention, which includes:
The movement that can be surfed the Internet or non-mobile device;
First server;
Second server;
Pass through the third server that virtual private cloud mechanism (VPC set-up) is isolated with the second server;
Wherein
The movement that can be surfed the Internet or non-mobile device include:
It is used for the device of read machine readable data, which to be set on the article;
For user's checking request to be sent to the device of first server, user's checking request includes the machine can
Read data;
First server includes:
For user's checking request to be transmitted to the device of second server,
Device, the device are used to respond user's checking request to generate in the customization of user's viewing and/interaction
Hold, and the customization content is sent back into the movement or non-mobile device without interfering turning for above-mentioned user's request immediately
Hair;
Second server includes:
For retrieving the device of relevant information and short sequence number from user's checking request;
For generating the device of survey report, which includes the relevant information and/or authenticity result;
It is used for the login of response management person and/or brand owners and is sent out to the administrator and/or brand owners
Send the device of survey report;
Third server includes:
For verifying the article by searching original sequence number in the database for being set to the third server
Authenticity device, which corresponds to the short sequence number that is retrieved, wherein the original sequence number is uniquely
It is assigned to the article;
For it is original to search this in the case where the short sequence number for finding with being retrieved corresponding original sequence number
The device of information belonging to sequence number.
In a preferred embodiment of the invention, the first server includes multiple child servers, this little clothes
Business device is respectively configured to be requested to provide a user or do not provide a user feedback information according to the user's checking.
In a preferred embodiment of the invention, the machine-readable data includes one-dimensional bar code and/or two dimension
The short sequence number of bar code and/or RFID label tag form, the short sequence number by using Encryption Algorithm (such as: according to data
Encryption standard that is: the Encryption Algorithm of DES either according to Advanced Encryption Standard that is: the Encryption Algorithm of AES) will be described original
Serial number encryption become encryption sequence number, then by using shorten algorithm (such as run length coding that is: RLE,
Kolmogorov compression, Lempel-Ziv-Welch lossless data compression algorithms) or application bijective function and should
The sequence number of encryption is compressed to obtain, and the relevant information is in relation to the movement that can be surfed the Internet or non-mobile device
The information of data read time and geographical location, according to whether having found the original series for corresponding to the short sequence number being retrieved
Number, the authenticity result shows whether the article being verified is personation, and if it find that the original sequence number is in
Except specified region, then the authenticity result shows that there are parallel tradings.Bijective function is that one kind can provide
Each set element of the function of the set element perfect match of two set, one of set accurately collects with another
The set element pairing closed, and each element of this another set accurately with one in above-mentioned first set
(further content may refer to for element pairinghttp://en.wikipedia.org/wiki/Bijection).
In a preferred embodiment of the invention, the one-dimensional bar code and/or two-dimensional bar can be by images
Acquiring unit (all scanners in this way or digital camera) is read, and the RFID label tag can be by preferably operating on high frequency
(HF) it or works in the RFID reader of hyperfrequency (UHF) and reads, wherein described image acquiring unit and/or RFID reader
It is arranged at the movement that can be surfed the Internet or non-mobile device.
In a preferred embodiment of the invention, the short sequence number can be decompressed and then be decrypted into use
Come the original sequence number verified.
In a preferred embodiment of the invention, the article is: such as: clothes, consumer electronics product, electricity
The product of pond, mobile phone, wallet, knapsack, wrist-watch, drug, sunglasses, footwear, tobacco etc.;By paper, carton (carton), modeling
It is packed made of material, blister package (blisterpack), glass, metal, wood materials etc.;Such as: certificate, window paste (window
Sticker), visa patch (visa sticker), identity card, token (voucher), safety label (security tag),
Operation instruction label (hangtag), RFID label tag, textile label for clothing (woven label), general printed label (generic
Printed label), the file of stamp (tax stamp) etc..
In a preferred embodiment of the invention, the movement that can be surfed the Internet or non-mobile device be can benefit
Such as with the following equipment of telecommunication technology (such as 3G telecommunication technology, 4G telecommunication technology) access internet: smart phone, above-knee
Type computer, palmtop computer, laptop, desktop computer.
In a preferred embodiment of the invention, it can use following technology to determine the movement that can be surfed the Internet
Or the geographical location of non-mobile device: IP address is determined by the multilateration (Mutilateration) of base station, the whole world
Position system (GPS).
In a preferred embodiment of the invention, the first server, second server, third server be respectively
Be respectively by such as MD5 Message-Digest algorithm, secure hash algorithm (SHA:Secure Hash Algorithm),
The Cloud Server of the safe encryption method protection of perfect privacy (PGP:Pretty Good Privacy) etc. is (such as
Rackspace Cloud Server, GeGrid Cloud Server, Amazon Cloud Server).
In a preferred embodiment of the invention, on the article, especially in the peace for being attached to the article
The machine-readable data and at least three kinds of security features are provided on full label.At least three kinds of security features are such as:
Safety turns round rope decorative pattern (security guilloche), wechat (microletter), microfilm of characters (nanotext), watermark
(water mark), hologram (hologram), fiber (fiber), watermark (planchette), ink (ink) etc. are shown
Property security feature;Such as: hologram, fiber, watermark, ink, ultraviolet marking, infrared markers, the miniature label of safety
The recessive security feature of (security taggant) etc.;Such as: there is the optics of evidence obtaining feature (forensic feature)
The miniature label of active ceramic (optical active ceramic taggant), biochemical miniature label (bio-chemical
Taggant) the evidence obtaining security feature of (these miniature labels respond single composition or double composition verification methods) etc.;It is all
Such as: the tamper-evident feature (tamper evident feature) in the label substrate of breach or frangible substrate.
Detailed description of the invention
Fig. 1 shows illustrative safety label according to the present invention.
Fig. 2 a shows the exemplary safety label with dominant character according to the present invention.
Fig. 2 b shows the exemplary safety label with recessive character according to the present invention.
Fig. 3 is the block diagram for representing user terminal and two server architecture according to the present invention.
Fig. 4 is the block diagram for representing user terminal and three server architecture according to the present invention.
Fig. 5 is the flow chart for the online verification method implemented in two server architecture according to the present invention.
Fig. 6 is the flow chart for the online verification method implemented in three server architecture according to the present invention.
Specific embodiment
In order to be expressly understood and easily and effectively implement the present invention, below in reference to attached drawing exemplarily to of the invention
Preferred embodiment is illustrated.It adopts in all the appended drawings and identical component is designated by like reference numerals.
Fig. 1 shows illustrative safety label according to the present invention.The safety label is preferably provided or attached
It is added on the article for needing to carry out anti-fake protection.These articles may, for example, be: clothes, consumer electronics product, battery, movement
The product of phone, wallet, knapsack, wrist-watch, drug, sunglasses, footwear, tobacco etc.;By paper, carton, plastics, blister package, glass
It is packed made of glass, metal, wood materials etc.;Such as: certificate, visa patch, identity card, token, safety label, makes window patch
With the file of care label, RFID label tag, textile label for clothing, general printed label, stamp etc..
Schematically illustrate in Fig. 1: hologram item 11, embossment with dominant character and stealth characteristics are schemed safely
Shape 12, miniature stealth characteristics 13, safety torsion rope decorative pattern figure 14, two-dimensional bar 15, evidence obtaining security feature 16, stealth are ultraviolet glimmering
Optical coating (Covert UV-florescent paint) 17, web page address 18, short sequence number 19, each angle breach 100().Its
Middle short sequence number 19 is to print the short sequence number of digital form, and two-dimensional bar 15(is such as: QR-code, PDF 417,
Aztec code, Data MatriX, SPARQCODE, Semacode, High Capacity Color Barcode, or
Any other kind of suitable two-dimensional bars of person) in contain the information of the short sequence number.The short sequence number can be by
One unique original sequence number export.The heart has been uniquely attributed to be criticized the unique original sequence number in the verification
Product, packaging, file of hair etc. are so as to judge that the product, packaging, file are true or palm off or have exceeded
Exclusive region.Preferably, this original sequence number by using Encryption Algorithm (such as: according to DES Cipher encryption calculate
Method is either according to the Encryption Algorithm of Advanced Encryption Standard AES) original sequence number encryption is become to the sequence number of encryption, with
Prevent personator from replicating.Then by using shorten algorithm (such as run length coding that is: RLE, Kolmogorov compression,
Lempel-Ziv-Welch lossless data compression algorithms) or apply bijective function and compress the sequence number of the encryption
At short sequence number, to further increase the difficulty of reproduction of personator, and it is being set to equipment (such as the intelligence electricity that can be surfed the Internet
Words) low-resolution camera obtain two-dimensional bar form short sequence number have any problem in the case where, client can be easily
Manually type in the sequence number.Based on above-mentioned " encryption+compression " method, personator at all can not be according to the short sequence of print form
It number derives original sequence number or regenerates and the identical one group of short sequence of short sequence number used in client's project
Number.
In fact, this short sequence number of the invention is arranged in such as packaging, product, the file confined space in which can be convenient
It is interior.In addition, the short sequence number or mobile phone of two-dimensional bar form can not be read in barcode scanner application program
Low-resolution camera is manually entered when can not obtain the short sequence number of two-dimensional bar form convenient for client.
The short sequence number that ciphering sequence number can not be replicated for generating personator is very important.Generating short sequence
After the sequence of row number, if the database corruption of short sequence number, it may require that and short sequence is regenerated by the ciphering sequence number
Number sequence.Therefore, for security reasons, ciphering sequence number is stored in the server of separation preferably as backup or storage is situated between
In matter.
For the sake of clarity, Fig. 2 a, Fig. 2 b respectively illustrate the safety label with dominant character and have recessive character
Safety label.Safety label shown by Fig. 2 a are as follows: hologram 21(embossing), it is sequence number 22, miniature text 23, machine readable
Code 24, safety turn round rope decorative pattern 25, breach 26.Safety label shown by Fig. 2 b are as follows: invisible Ultraluminescence Yellow ink 27, life
Change label 28(to collect evidence feature), the infrared miniature label 29(of multiple features is recessive and evidence obtaining feature), tamper-evident feature 210.
In addition, it is proposed that safety label is designed to be extremely hard to replicate or imitate so that can not surf the Internet
The evidence that can be used for prosecuting personator or parallel trading person still safely can be verified or be provided in area.For reality
Existing above-mentioned technical effect can be chosen at least from dominant character listed by demonstration in table 1, recessive character, evidence obtaining feature
10 kinds of features are arranged on safety label.
The security feature on safety label of the invention can be set in table 1.
One embodiment (two server architecture) of online verification system according to the present invention is illustrated in general in Fig. 3
Main component, such as: user terminal 4, processing user request server 1, server 2, server 2 for implement verifying simultaneously
It is used to store comprising for the original sequence number of verifying, ciphering sequence number, the database of short sequence number, administrator's (or brand
Owner) equipment 5.User terminal 4 is preferably the smart phone for having camera, which can pass through 3G network
The access of the telecommunication links such as (such as CDMA 2000, UMTS, EDGE) or 4G network (such as Wimax2, LTE-Advance)
Internet.Manager device 5 can be an interface equipment (such as interface computer) and be used to receive verifying report or will test
Card report is shown to for example authorized brand-owner.The brand-owner be allowed through login check with sequence number and
Be verified the relevant data of product, such as: date of issuance of original sequence number, production site (original sequence number sends destination,
Such as the manufacturer positioned at Shenzhen to secure permission).
Preferably, server 1 and server 2 based on Amazon computer cloud (Amazon EC2, referring tohttp:// aws.amazon.com/ec2/) platform on realize.The platform provides selection different instances (instance) number of types
Flexibility is to meet the calculating requirement of each server.Each example provides predictable dedicated computing capacity and according to example
Hourly.
Specifically, server 1 is used as interface computer, request and generate to see for user for handling the user of arrival
User's request is transmitted to the server 2 verified without interfering user's at the same time by the customization content seen/interacted
Interaction.
Optionally, server 1 can be the low capacity server for being enough to handle user's request.It is exemplarily arranged in table 2
The typical technical indicator of server 1 is gone out.
The technical indicator of 2. server 1 of table
Optionally, server 2 is designed to safely handle a large amount of operations in a short time.It is exemplarily arranged in table 3
The typical technical indicator of server 2 is gone out.
The technical indicator of 3. server 2 of table
Server 1 and server 2 are calculated preferably by such as MD5 Message-Digest algorithm, secure hash between each other
Method (such as SHA-0, SHA-1, SHA-2), perfect privacy (PGP) algorithm are communicated to improve the safety of server architecture
Property.
Preferably, in the present embodiment, the safety of server architecture can be by being implemented as AMS for server 2
RDS (Amazon Relation Database Service) server and further improved.AMS RDS is by sub- horse
The distributed relational database business that inferior company (Amazon.com) provides.The business is operate in " cloud " and provides a user
Relational database used in its application program.AMS RDS is established, is run Relational database with making it easy to.Automatically it manages all
Such as: repairing data library software, backup database, activationary time recovery point complexity management process (reference can be made tohttp:// en.wikipedia.org/wiki/Amazon_Relational_Database_Service).In addition, being stored in server 2
On database safety by by server 2 and server 1 with virtual private cloud mechanism (VPC set-up) is isolated and
It is further improved.The support of the VPC functionality preferably by MySQL database engine.
Alternatively, can select other suitable Cloud Servers, such as Rackspace Cloud Server and
Geodrid Cloud Server is as server 1 and server 2.
Referring now to Fig. 5, the figure shows the online verification methods implemented in two server architecture shown in Fig. 3
Exemplary flow chart.Specifically, the client in such as point of sale can be used its smart phone and scan its purchase product safety
QR-Code or key entry short sequence number and one user of transmission on label are requested to watch any interested content or have
Close the content (such as amusement and related content) of its customization for buying product.Server 1 requests to generate customization according to the user
The content of change and the smart phone that the content is sent back to client.At the same time, user's request of arrival is transmitted to from server 1
Server 2.The data read time/or ground of the smart phone of the client in relation to sending user request are obtained at server 2
Institute in the QR code that smart phone is scanned simultaneously is retrieved from the user of forwarding request by the corresponding functional module of server 2 in reason position
The short sequence number perhaps manually typed in that includes or optionally any other information in relation to the smart phone, such as equipment
Type, explorer type, language setting etc..The content of the customization can be for example: related specific subject disappears
Breath, popular cartoon figure, information of discount etc..
Preferably, the geographical location for sending the smart phone of the client of user request is determined using following technological means: logical
Cross the multilateration (such as 3 dependent surveillances: trilateration, precision are ± 500 meters) of base station, GPS or
The technology of GPS auxiliary (precision is ± 10 meters).In addition, as an alternative, the case where desktop computer sends user's request
Under, it can use the geographical location that IP address determines client terminal (precision is ± 100 kilometers).
In addition, by server 2 the corresponding function module by the short sequence number retrieved decompression contract then be decrypted into it is original
Sequence number.The authentication function module of server 2 is verified by searching original sequence number in the database for being set to server 2
The authenticity of the article, wherein if finding original series identical with the original sequence number being decrypted in the database
Number, then it is assumed that bought product has the original serial number for being uniquely assigned to it, thus is true product.
Above-mentioned verification result be can use to export following characterization information:
A. if in the database not with from user request in the identical original sequence number of acquired original sequence number,
Then bought product is personation;
B. if there is the original sequence number obtained from user's request in database, but (do not have in unactivated state
Have from the confirmation for receiving the sequence number for being licensed manufacturer), then the sequence number is stolen in transmission process;
C. if the sequence number is scanned outside specified region, there are parallel trades;
D. if identical sequence number is scanned repeatedly in same place or different location, there is personation.
According to above-mentioned characterization information, a survey report is generated by the corresponding functional module of server 2.
Finally, administrator or brand owner can check the survey report by login in detail or interrupt true
Property verify and the report classified according to various criterion.
Another embodiment (three server architecture knot of online verification system according to the present invention are illustrated in general in Fig. 4
Structure) main component.The difference of the embodiment and embodiment illustrated in fig. 3, which is only that, also possesses server 3.In this embodiment
Server 3 is specifically used to store the database comprising the original sequence number for verifying.In addition, with two server shown in Fig. 3
The safety that architecture is compared to improve entire server architecture, without direct between server 3 and server 1
Communication, and the safety for the database being stored on server 3 by by server 3 and server 2 with virtual private cloud machine
Structure (VPC set-up) is isolated and is further improved.The branch of the VPC functionality preferably by MySQL database engine
It holds.Server technology index listed by table 3 is equally applicable to the server 2 in server 3 and the present embodiment, and takes listed by table 1
The business equally applicable server 1 in this present embodiment of device technical indicator.It can also be used between server 2 and server 3 all
As MD5 Message-Digest algorithm, secure hash algorithm (such as SHA-0, SHA-1, SHA-2), perfect privacy (PGP) are calculated
Method is protected to further increase the safety of server architecture.Server 3 also may be implemented as AMS RDS
(Amazon Relation Database Service) server.
Referring now to Fig. 6, the figure shows implement online verification of the invention in three server architecture shown in Fig. 4
The exemplary flow chart of method.The difference of flow chart shown in Fig. 6 and flow chart shown in Fig. 5 is to search original sequence number to verify
The step of authenticity of the article and the step of searching the original sequence number affiliated information, carry out in server 3, and
It is not as shown in Figure 5 to be carried out in server 2.Obvious Fig. 4, Fig. 6 disclosed embodiment and Fig. 3, Fig. 5 disclosed embodiment phase
Than with higher safety and higher verification efficiency.
By originally using multiserver architecture of the invention, and combine the safety post of special designing of the present invention
Label and sequence number (original sequence number, ciphering sequence number, short sequence number) (are produced with the article that the sequence number has been uniquely assigned
Product, packaging, file) between unique relationship, on the one hand due between each server security protection and parallel processing greatly
It improves security verified and improves verification efficiency;And still further aspect has been greatly promoted due to the automatic participation of customer
Effect is determined to be acquired with the data of positioning fake products, parallel trade, unauthorized production.
It should be noted that: it will be apparent to practitioners skilled in the art any to defined herein
The modifications and changes of preferred embodiment belong to content of this disclosure range.For example, can according to system requirements, performance requirement,
And other requirements are arranged and exchange to each configuration unit according to a known manner.