EP1337974B1 - Procede servant a porter des marques d'affranchissement sur des envois postaux - Google Patents
Procede servant a porter des marques d'affranchissement sur des envois postaux Download PDFInfo
- Publication number
- EP1337974B1 EP1337974B1 EP01995530.1A EP01995530A EP1337974B1 EP 1337974 B1 EP1337974 B1 EP 1337974B1 EP 01995530 A EP01995530 A EP 01995530A EP 1337974 B1 EP1337974 B1 EP 1337974B1
- Authority
- EP
- European Patent Office
- Prior art keywords
- data
- customer system
- value transfer
- transfer center
- value
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Expired - Lifetime
Links
Images
Classifications
-
- G—PHYSICS
- G07—CHECKING-DEVICES
- G07B—TICKET-ISSUING APPARATUS; FARE-REGISTERING APPARATUS; FRANKING APPARATUS
- G07B17/00—Franking apparatus
- G07B17/00733—Cryptography or similar special procedures in a franking system
-
- G—PHYSICS
- G07—CHECKING-DEVICES
- G07B—TICKET-ISSUING APPARATUS; FARE-REGISTERING APPARATUS; FRANKING APPARATUS
- G07B17/00—Franking apparatus
- G07B17/00016—Relations between apparatus, e.g. franking machine at customer or apparatus at post office, in a franking system
- G07B17/0008—Communication details outside or between apparatus
- G07B2017/00145—Communication details outside or between apparatus via the Internet
-
- G—PHYSICS
- G07—CHECKING-DEVICES
- G07B—TICKET-ISSUING APPARATUS; FARE-REGISTERING APPARATUS; FRANKING APPARATUS
- G07B17/00—Franking apparatus
- G07B17/00016—Relations between apparatus, e.g. franking machine at customer or apparatus at post office, in a franking system
- G07B17/0008—Communication details outside or between apparatus
- G07B2017/00153—Communication details outside or between apparatus for sending information
- G07B2017/00161—Communication details outside or between apparatus for sending information from a central, non-user location, e.g. for updating rates or software, or for refilling funds
-
- G—PHYSICS
- G07—CHECKING-DEVICES
- G07B—TICKET-ISSUING APPARATUS; FARE-REGISTERING APPARATUS; FRANKING APPARATUS
- G07B17/00—Franking apparatus
- G07B17/00733—Cryptography or similar special procedures in a franking system
- G07B2017/00741—Cryptography or similar special procedures in a franking system using specific cryptographic algorithms or functions
- G07B2017/00758—Asymmetric, public-key algorithms, e.g. RSA, Elgamal
- G07B2017/00766—Digital signature, e.g. DSA, DSS, ECDSA, ESIGN
-
- G—PHYSICS
- G07—CHECKING-DEVICES
- G07B—TICKET-ISSUING APPARATUS; FARE-REGISTERING APPARATUS; FRANKING APPARATUS
- G07B17/00—Franking apparatus
- G07B17/00733—Cryptography or similar special procedures in a franking system
- G07B2017/00741—Cryptography or similar special procedures in a franking system using specific cryptographic algorithms or functions
- G07B2017/00782—Hash function, e.g. MD5, MD2, SHA
-
- G—PHYSICS
- G07—CHECKING-DEVICES
- G07B—TICKET-ISSUING APPARATUS; FARE-REGISTERING APPARATUS; FRANKING APPARATUS
- G07B17/00—Franking apparatus
- G07B17/00733—Cryptography or similar special procedures in a franking system
- G07B2017/00846—Key management
- G07B2017/0087—Key distribution
- G07B2017/00879—Key distribution using session key
-
- G—PHYSICS
- G07—CHECKING-DEVICES
- G07B—TICKET-ISSUING APPARATUS; FARE-REGISTERING APPARATUS; FRANKING APPARATUS
- G07B17/00—Franking apparatus
- G07B17/00733—Cryptography or similar special procedures in a franking system
- G07B2017/00919—Random number generator
-
- G—PHYSICS
- G07—CHECKING-DEVICES
- G07B—TICKET-ISSUING APPARATUS; FARE-REGISTERING APPARATUS; FRANKING APPARATUS
- G07B17/00—Franking apparatus
- G07B17/00733—Cryptography or similar special procedures in a franking system
- G07B2017/00959—Cryptographic modules, e.g. a PC encryption board
- G07B2017/00967—PSD [Postal Security Device] as defined by the USPS [US Postal Service]
Definitions
- the invention relates to a method of providing postal items with indicia, wherein a customer system loads a fee amount from a value transfer center via a data line, wherein the customer system controls printing of indicia on mailpieces and wherein the value transfer center sends a data packet to the customer system.
- EP0927963 shows a method of providing postage with indicia, wherein the customer system controls printing of indicia on mailpieces and wherein the value transfer center sends a data packet to the customer system and validation of the indicia in a mail center is checked by an analysis of data contained in the indicium ,
- Another method is from the German Patent DE 31 26 785 C2 known.
- a recharging signal intended for a franking of mail items is generated in a separate area of a value transfer center operated by a mail carrier company.
- the unpublished German patent application 100 20 566.6 / 53 also relates to a method for providing postage with postage indicia.
- a customer system loads a charge amount via a data line from a value transfer center in the form of a data packet that the customer system uses to generate postage indicia.
- This method is characterized in that data are generated in the customer system that are encrypted in such a way that the value transfer center can decrypt them, that the data is sent from the customer system to the value transfer center and that the value transfer center decrypts the data and then re-encrypts the data with a key not known to the customer system and then transmits the data thus encrypted to the customer system.
- a preferred embodiment of this method is characterized in that the encryption takes place in the customer system using a random number which serves as an authentication key.
- the method is characterized in that the random number is generated in a security module to which a user of the customer system has no access.
- the invention has for its object to perform a generic method so that an abusive Generation of postage indicia is avoided.
- this object is achieved in that the value transfer center generates a key and transmits the key to the customer system that generates data in the customer system, which are encrypted with the key so that the value transfer center can decrypt this that the data from the customer system are sent to the value transfer center and that the value transfer center decrypts the data and then re-encrypt the data with a key not known to the customer system and then transmits the data thus encrypted to the customer system.
- the random number is also generated centrally in the value transfer center for all backup modules at each load.
- the key is encrypted and transmitted digitally signed. The provision of a high-quality random number can be better ensured in the central value transfer center than in the security module in the customer system.
- a particularly advantageous embodiment of the method according to the invention is characterized in that data for identification and authentication as well as for the desired action are generated in the customer system, which are encrypted in such a way that the value transfer center it can decrypt that the data is being sent from the customer system to the value transfer center and that the value transfer center decrypts the data and then re-encrypts the data with a key not known to the customer system and subsequently encodes the encrypted data together with other newly added encrypted data; which can be decrypted by the customer system, however, transmits to the customer system.
- a preferred embodiment of the method according to the invention is characterized in that the encryption takes place in the value transfer center using a random number.
- the random number is encrypted together with a session key issued by the customer system and a public key of the customer system. Furthermore, the method is characterized in that the value transfer center signs the data with a private key.
- the decryption takes place in a security module in the customer system to which the customer has no access.
- a further advantageous embodiment of the method is characterized in that the decrypted random number is stored in the security module of the customer system to which the customer has no access.
- the customer system is preferably designed such that it is not able to completely decrypt data sent by the value transfer center, but a mail center in which the mailpieces are checked for correct franking can decrypt this data.
- the value transfer center can be designed in various ways.
- the term value transfer center includes both known value transfer centers and new forms of value transfer centers.
- the invention relates to such value transfer centers, via which a data communication line can be accessed directly, such as data servers connected to the Internet or to telephone lines.
- An advantageous embodiment of the method and a preferred embodiment of the value transfer center are characterized in that the encryption takes place in the value transfer center using a random number.
- the random number is generated in a secure area of the value transfer center.
- a preferred embodiment of the customer system and the value transfer center is characterized in that the random number with a session key issued by the value transfer center and a public key of the security module of the customer system is encrypted.
- the value transfer center signs the data with a private key.
- a preferred embodiment of the customer system and the value transfer center is characterized in that the private key is stored in the particularly secure area of the value transfer center.
- the data be transmitted from the customer system to the value transfer center with each request for a fee amount.
- An advantageous embodiment of the method, a preferred embodiment of the customer system and the value transfer center are characterized in that the value transfer center identifies the customer system on the basis of the transmitted data.
- the value transfer center sends the data encrypted by it to the customer system.
- a preferred embodiment of the customer system and the value transfer center is characterized in that the data sent from the value transfer center to the customer system has a first component that can not be decrypted by the customer system and that the data also has a second share, that of the customer system can be decrypted.
- the part of the data which can be decrypted in the customer system contains information about the identity of the customer system.
- the part of the data which can be decrypted in the customer system contains the random number formed in the value transfer center.
- a preferred embodiment of the customer system and the value transfer center are characterized in that the portion of the data which can be decrypted by the customer system contains information about the amount of a fee amount.
- An advantageous embodiment of the method, a preferred embodiment of the customer system and the value transfer center are characterized in that a hash value is formed in the value transfer center.
- the hash value is formed by including information about shipment data.
- An advantageous embodiment of the method, a preferred embodiment of the customer system and the value transfer center are characterized in that the hash value is formed by including a received and cached random number.
- the hash value is formed by including a loader identification number.
- An advantageous embodiment of the method, a preferred embodiment of the customer system and the value transfer center are characterized in that the franking mark contains logical data.
- the franking mark contains information about shipment data.
- An advantageous embodiment of the method, a preferred embodiment of the customer system and the value transfer center are characterized in that the logical data contain information about the encrypted random number.
- the logical data include information about the encrypted load history identification number.
- An advantageous embodiment of the method, a preferred embodiment of the customer system and the value transfer center are characterized in that the logical data contain information about the hash value.
- a preferred embodiment of the customer system and the value transfer center is characterized in that the franking mark contains both information transmitted by the value transfer center and data entered by the document manufacturer.
- the franking mark contains a hash value which is formed from a combination of a value transmitted by the default center and values entered by the document manufacturer.
- a preferred embodiment of the customer system and the value transfer center are characterized in that they include the following method steps:
- the customer system or the security module connected to the customer system initiates a loading process by transmitting the identity of the document manufacturer and / or the customer system used by him to the value transfer center ,
- An advantageous embodiment of the method, a preferred embodiment of the customer system and the value transfer center are characterized in that a random number is formed in the value transfer center.
- a Preferred embodiment of the customer system and the value transfer center are characterized by the fact that the value transfer center encrypts the formed load identification number together with the random number generated in such a way that only the security module in the customer system can decrypt it.
- a preferred embodiment of the customer system and the value transfer center is characterized in that a hash value from the load identification number and further data is formed in the particularly secure area of the value transfer center.
- An advantageous embodiment of the method, a preferred embodiment of the customer system and the value transfer center are characterized in that the validity of franking marks in the mail center is checked.
- a Preferred embodiment of the customer system and the value transfer center are distinguished by the fact that the test office forms a hash value from data contained in the postage indicium and checks whether this hash value agrees with a hash value contained in the postage indicium and, in the case of disagreement Postage due registered as fake.
- the invention provides a possible new form of franking, with which customers can print digital franking marks on letters, postcards, etc., using a conventional PC with printer and additional software and optionally hardware as well as Internet access.
- a payment to compensate for the value of the franking values printed by the customer can be done in various ways.
- a stored credit is reduced.
- This credit is preferably stored digitally.
- a digital storage takes place for example on a special customer card, a standardized cash card or in a virtual memory, which is located, for example, in a computer of the user.
- the amount of credit is loaded before printing franking values.
- the charge of the credit amount is carried out in a particularly preferred embodiment in a direct debit.
- Fig. 2 Preferably, several parties are involved in the franking process, with a particularly appropriate division of the parties in Fig. 2 is shown.
- the parties shown are a customer, a customer system and a shipping company.
- the customer system includes the hardware and software used by the customer for PC franking.
- the customer system interacts with the customer to load and save the billing amounts and print the indicium. Details of the customer system regulate the admission requirements.
- the shipping company undertakes the production of the consignments and carries out the required remuneration protection.
- a payment assurance is preferably carried out by detecting components of the franking marks.
- agreement data (customer / customer system data) is transferred from a central database to the system, which is required for checking the proper payment assurance.
- the size of the data to be stored shall be determined by the shipping company, in particular the operator of the postal service, in compliance with legal provisions such as the Postal Services Data Protection Ordinance (PDSV).
- PDSV Postal Services Data Protection Ordinance
- all data required for the proper determination, billing and evaluation as well as proof of the correctness of the after-payments can be stored afterwards. Basically, these are all shipment information without recipient name and possibly house number / PO box number of the recipient.
- a background system checks whether credit amounts contained in the customer system are actually reduced in the amount of fee amounts that are printed out as postage indicia.
- a detection system For acquisition of agreement data, a detection system is preferably provided.
- Agreement data for PC franking with the respective master data of the customer and the customer system (for example, security module ID) are provided and maintained via a database which can also be used, for example, for other franking types.
- a separate subarea for PC franking is implemented in the database.
- the data is provided in the value transfer center and the payment assurance system in the mail center. It is particularly convenient that the system includes interfaces that allow data and information to be exchanged with one another enable further systems.
- the interfaces are labeled "default”, "franking” and “debt collection”.
- Billing data is exchanged between the customer system and the dispatcher via a billing interface. For example, an amount of money can be loaded via the billing interface.
- the franking interface determines how franking marks are designed so that they can be read and checked in letter or freight centers.
- the billing interface and the collection interface are separated from one another.
- the billing interface and the debt collection interface are combined, for example, in billing via cash cards, credit cards or digital money, in particular digital coins.
- the collection interface determines how to settle billing amounts transferred via the billing interface.
- the other parameters of the franking process do not depend on the selected collection interface, but an efficient collection interface increases the efficiency of the overall system.
- Preferred collection options are direct debits and invoices.
- Non-safety-relevant processes such as logging on, logging off and re-registering customers that do not have to be made via the customer system, can be defined separately.
- Technical processes between the customer system and the customer system manufacturer are preferably determined in such a way that they correspond to the security standard presented here.
- the first two of these security problems are essentially solved by the system concept and measures in the overall system, the last three are preferably solved by the implementation of software and hardware of the backup module.
- asymmetric encryption is used with the public key of the communication partner (value transfer center or security module).
- the basic security architecture presented does not include the separately secured administration of the billing amounts (stock exchange function), the security of the communication between the customer system and the value transfer center, the mutual identification of the customer system and the value transfer center and the initialization for the safe start-up of a new customer system.
- a deployment for other forms of delivery such as parcel and express shipments is equally possible.
- the amount of charge that can be loaded at the maximum via the value transfer center is set to an appropriate amount.
- the amount can be selected according to the customer's requirement and the security needs of the postal service provider. While a fee amounting to a maximum of several hundred DM is particularly expedient for use in the private customer sector, substantially higher fee amounts are provided for use with large customers.
- the value stored in the exchange should preferably not exceed twice the value of the system.
- the return to a central point of the forwarding service provider for example Deutsche Post, enables a high level of remuneration protection by comparing the data with settlement amounts and the knowledge of the most frequent reasons for sending. As a result, there is the possibility of subsequent adjustment by changing the introduction requirements with the aim of reducing the return rate.
- billing values purchased by the customer are only valid for 3 months for reasons of payment security. A corresponding note must be included in the agreement with the customer. If franking values can not be used up within 3 months, the customer system must establish contact with the value transfer center for a new production of franking marks. With this contacting, as with the proper loading of Settlement amounts, the remainder of an old billing amount added to a newly issued billing amount and made available to the customer under a new loading service identification number.
- IPMAR International Postage Meter Approval Requirements
- UPU S-30 the regulations of the most recent version of the document International Postage Meter Approval Requirements (IPMAR), UPU S-30, as well as all standards and standards referred to in this document. Compliance with all the requirements mentioned there is, as far as possible, meaningful for the customer system.
- IPMAR International Postage Meter Approval Requirements
- regulations and provisions of the mailing service company also apply.
- System-technical interoperability refers to the functionality of the interfaces of the customer system or to compliance with the specifications specified in the interface descriptions.
- the communication via the interface billing amount preferably takes place via the public Internet on the basis of the protocols TCP / IP and HTTP.
- the data exchange can optionally be encrypted via HTTP over SSL (https). Shown here is the target process of a required transmission.
- the data exchange preferably takes place, if possible, via HTML and XML-coded files.
- the textual and graphical contents of the HTML pages are to be displayed in the customer system.
- the security case certificate and an action indicator A are unencrypted and transmitted unsigned.
- the value center feedback contains the certificate of the value center, an encrypted session key, and the digital signature of the encrypted session key.
- the backup module sends the re-encrypted session key and encrypted record with payload (amount of prepaid charging amount, residual value of current charging amount, ascending register of all charging amounts, last charging identification number) to the value transfer center (all asymmetrically encrypted with the value transfer center's public key ).
- payload amount of prepaid charging amount, residual value of current charging amount, ascending register of all charging amounts, last charging identification number
- the backup module sends the digital signature of this encrypted data to the value transfer center.
- the customer system may send other unencrypted and unsigned usage logs or usage profiles to the value transfer center.
- usage data it is expedient for the usage data to be entered in a usage log and for the usage log and / or the entries noted therein to be digitally signed.
- the value transfer center transmits the symmetrically encrypted random number and the symmetrically encrypted load ID number to the backup module.
- the value transfer center transmits the loader ID, random number generated, security module login information, and a new session key created with the backup module's public key to the backup module.
- the entire transmitted data is also digitally signed.
- the security module transmits the new session key, the new charge identification number together with payload data for confirming the successful communication, all in encrypted and digitally signed form to the value transfer center.
- the value transfer center acknowledges the success of the transfer without using cryptographic methods.
- Interface Settlement Amount is provided with the concept of the Postal Value Transfer Center.
- a log entry In the customer system, as part of each generation of a franking mark, a log entry must be generated which should contain all the information of the respective franking mark - provided with a digital signature. Furthermore, every error status of the backup module should be recorded in the log in such a way that the manual deletion of this entry is noticed during the check.
- the usage profile contains a prepared summary of usage data since the last communication with the value transfer center.
- a customer system is divided into a component located at the customer's site and a central component (for example, on the Internet), then the usage profile should preferably be kept in the central component.
- the customer system must be able to generate PC franking markings which correspond exactly to the specifications of Deutsche Post or the framework of the current CEN and UPU standards.
- the barcode and plaintext of the PC postage indicium conveniently contain the following information: In the barcode In plain English annotation 1 Postal Company (Licensing Post Identifier) Yes No 2 Franking Type (Licensing Plate Type) Yes No 3 Version and version prices / products Yes No 4 License number from Safe Box ID (PSD Identifier) Yes Yes in plain text: the first 5 bytes of the Safe Box ID in hexadecimal format 5 running consignment no.
- the franking mark is advantageously in the Address field mounted left-aligned above the address on the consignment.
- FIG. 5 A preferred embodiment of the layout and the positioning of the individual elements of the franking mark is shown by way of example in FIG. 5 below.
- the "most critical" size is the height of the illustrated window of a window envelope with a size of 45 mm x 90 mm.
- a DataMatrix code with an edge length of approx. 13 mm is shown here, which is possible only with a pixel resolution of 0.3 mm when using the proposed data fields.
- a code with an edge length of 24 mm does not allow sufficient space for address information regarding the available height.
- the machine readability of franking marks depends on the used printing resolution and the contrast. If other colors are to be used instead of black, then a lower reading rate is required expected. It can be assumed that the required read rate can be guaranteed with a resolution of 300 dpi ("dots per inch") used in the printer with high print contrast. That's about 120 pixels per centimeter.
- the customer system must be able to produce indicia that are in size and size valid indicia, but are not destined for shipping, but serve for control printouts and printer fine-tuning.
- the customer system is designed so that the test prints differ from actual indicia in a manner recognizable to the mailing company.
- the inscription "PATTERNS - do not ship” attached. At least two thirds of the barcode should be obscured by the inscription or otherwise.
- no zero prints may be produced except separately marked test prints.
- the basic system serves as a link between the other components of the PC franking, namely the value transfer center, the security module, the printer and the customer. It consists of one or more computer systems, for example PCs, which may possibly also be interconnected by a network.
- the basic system also ensures the comfortable use of the entire system by the customer.
- the printer may be either a standard commercial printer or a specialty printer, as specified by the manufacturer of the customer system.
Landscapes
- Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Devices For Checking Fares Or Tickets At Control Points (AREA)
- Management, Administration, Business Operations System, And Electronic Commerce (AREA)
- Storage Device Security (AREA)
- Sorting Of Articles (AREA)
Claims (28)
- Procédé pour apposer des marques d'affranchissement sur des envois postaux, un système client chargeant un montant de taxe depuis un centre de transmission de valeurs via une ligne de données, le système client commandant une impression de marques d'affranchissement sur des envois postaux et le centre de transmission de valeurs envoyant un paquet de données au système client, et le centre de transmission de valeurs générant une clé et transmettant la clé au système client, des données étant générées dans le système client, lesquelles sont cryptées avec la clé de manière telle que le centre de transmission de valeurs peut les décrypter, les données étant envoyées par le système client au centre de transmission de valeurs, le centre de transmission de valeurs, qui décrypte les données, et le centre de transmission de valeurs générant un chiffre aléatoire, caractérisé en ce qu'une valeur de hachage est formée dans le centre de transmission de valeurs, le centre de transmission de valeurs cryptant les données compte tenu du nombre aléatoire non seulement avec une clé non connue du système client, mais aussi avec une clé connue du module de sécurisation du système client, et transmettant ensuite au système client les données ainsi cryptées, et une validité des marques d'affranchissement est vérifiée dans un centre postal par une analyse de données contenues dans la marque d'affranchissement, une entité de contrôle formant une valeur de hachage à partir de données contenues dans la marque d'affranchissement et vérifiant si cette valeur de hachage coïncide avec une valeur de hachage contenue dans la marque d'affranchissement et enregistrant, en cas de non-coïncidence, la marque d'affranchissement comme étant falsifiée.
- Procédé selon la revendication 1, caractérisé en ce que le nombre aléatoire est généré dans une zone sécurisée du centre de transmission de valeurs.
- Procédé selon l'une ou les deux revendications 2 ou 3, caractérisé en ce que le nombre aléatoire est crypté avec une clé de session et une clé publique.
- Procédé selon l'une ou plusieurs des revendications précédentes, caractérisé en ce que le centre de transmission de valeurs signe les données avec une clé privée.
- Procédé selon la revendication 4, caractérisé en ce que la clé privée est stockée dans la zone particulièrement sécurisée du centre de transmission de valeurs.
- Procédé selon l'une ou plusieurs des revendications précédentes, caractérisé en ce que les données sont transmises du système client au centre de transmission de valeurs à chaque demande de montant de taxe.
- Procédé selon l'une ou plusieurs des revendications précédentes, caractérisé en ce que le centre de transmission de valeurs identifie le système client à l'aide des données transmises.
- Procédé selon l'une ou plusieurs des revendications précédentes, caractérisé en ce que le centre de transmission de valeurs envoie au système client les données cryptées par lui-même.
- Procédé selon la revendication 8, caractérisé en ce que les données envoyées par le centre de transmission de valeurs au système client comportent une première composante qui ne peut pas être décryptée par le système client et en ce que les données comportent en outre une deuxième partie qui peut être décryptée par le système client.
- Procédé selon la revendication 9, caractérisé en ce que la partie des données qui peut être décryptée par le système client contient le nombre aléatoire et des informations sur l'opération de chargement.
- Procédé selon l'une ou les deux revendications 9 ou 10, caractérisé en ce que la partie des données qui peut être décryptée par le système client contient des informations sur la hauteur d'un montant de taxe.
- Procédé selon l'une ou plusieurs des revendications précédentes, caractérisé en ce qu'est transmis du centre de transmission de valeurs au système client, à chaque transmission de données, un montant qui suffit pour créer plusieurs marques d'affranchissement.
- Procédé selon la revendication 12, caractérisé en ce que la valeur de hachage formée dans le centre de transmission de valeurs est formée compte tenu d'indications relatives à des données d'envoi.
- Procédé selon l'une ou plusieurs des revendications 12 ou 13, caractérisé en ce que la valeur de hachage est formée compte tenu d'un nombre aléatoire reçu et stocké temporairement.
- Procédé selon l'une ou plusieurs des revendications 12 à 14, caractérisé en ce que la valeur de hachage est formée compte tenu d'un numéro d'identification d'opération de chargement.
- Procédé selon l'une ou plusieurs des revendications précédentes, caractérisé en ce que la marque d'affranchissement contient des données logiques.
- Procédé selon la revendication 16, caractérisé en ce que la marque d'affranchissement contient des informations sur des données d'envoi.
- Procédé selon l'une ou les deux revendications 16 ou 17, caractérisé en ce que les données logiques contiennent des informations sur le nombre aléatoire crypté.
- Procédé selon l'une ou plusieurs des revendications 16 à 18, caractérisé en ce que les données logiques contiennent des informations sur le numéro d'identification crypté de l'opération de chargement.
- Procédé selon l'une ou plusieurs des revendications 16 à 19, caractérisé en ce que les données logiques contiennent des informations sur la valeur de hachage.
- Procédé selon l'une ou plusieurs des revendications précédentes, caractérisé en ce que la marque d'affranchissement contient non seulement des informations transmises par le centre de transmission de valeurs, mais aussi des données introduites par le producteur de document.
- Procédé selon l'une ou plusieurs des revendications précédentes, caractérisé en ce que la marque d'affranchissement contient une valeur de hachage qui est formée à partir d'une combinaison d'une valeur transmise par le centre de spécification et d'une valeur introduite par le producteur de document.
- Procédé selon l'une ou plusieurs des revendications précédentes, caractérisé en ce qu'il comporte les étapes suivantes : un secret est généré dans le centre de transmission de valeurs ou dans une zone sécurisée reliée au centre de transmission de valeurs et est ensuite transmis au module de sécurisation dans le système client conjointement avec des informations sur l'opération de chargement.
- Procédé selon la revendication 23, caractérisé en ce que le système client décrypte le nombre aléatoire crypté.
- Procédé selon la revendication 24, caractérisé en ce que le numéro d'identification de chargement est transmis au système client.
- Procédé selon la revendication 25, caractérisé en ce qu'est formée, dans le module de sécurisation, une valeur de hachage à partir du numéro d'identification de chargement et d'autres données.
- Procédé selon la revendication 26, caractérisé en ce que la marque d'affranchissement est générée de manière telle qu'elle contient la valeur de hachage.
- Procédé selon la revendication 1, caractérisé en ce qu'il est vérifié, lors de l'analyse des données contenues dans la marque d'affranchissement, si elles contiennent des données cryptées du centre de transmission de valeurs.
Applications Claiming Priority (3)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
DE10056599A DE10056599C2 (de) | 2000-11-15 | 2000-11-15 | Verfahren zum Versehen von Postsendungen mit Freimachungsvermerken |
DE10056599 | 2000-11-15 | ||
PCT/DE2001/004258 WO2002041261A1 (fr) | 2000-11-15 | 2001-11-15 | Procede servant a porter des marques d'affranchissement sur des envois postaux |
Publications (2)
Publication Number | Publication Date |
---|---|
EP1337974A1 EP1337974A1 (fr) | 2003-08-27 |
EP1337974B1 true EP1337974B1 (fr) | 2013-07-24 |
Family
ID=7663386
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
EP01995530.1A Expired - Lifetime EP1337974B1 (fr) | 2000-11-15 | 2001-11-15 | Procede servant a porter des marques d'affranchissement sur des envois postaux |
Country Status (17)
Country | Link |
---|---|
US (1) | US20040059680A1 (fr) |
EP (1) | EP1337974B1 (fr) |
JP (1) | JP2004514360A (fr) |
AU (2) | AU2627202A (fr) |
CA (1) | CA2429202A1 (fr) |
CZ (1) | CZ20031357A3 (fr) |
DE (1) | DE10056599C2 (fr) |
DK (1) | DK1337974T3 (fr) |
EE (1) | EE04652B1 (fr) |
ES (1) | ES2428402T3 (fr) |
HR (1) | HRPK20030329B3 (fr) |
HU (1) | HUP0302270A3 (fr) |
IL (1) | IL155916A0 (fr) |
NO (1) | NO20032186L (fr) |
NZ (1) | NZ525535A (fr) |
PL (1) | PL361063A1 (fr) |
WO (1) | WO2002041261A1 (fr) |
Families Citing this family (11)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
DE10020566C2 (de) * | 2000-04-27 | 2002-11-14 | Deutsche Post Ag | Verfahren zum Versehen von Postsendungen mit Freimachungsvermerken |
DE10211265A1 (de) * | 2002-03-13 | 2003-10-09 | Deutsche Post Ag | Verfahren und Vorrichtung zur Erstellung prüfbar fälschungssicherer Dokumente |
DE10328328B4 (de) * | 2003-06-25 | 2015-06-03 | TÜV Rheinland Holding AG | Produktschutz-Portal und Verfahren zur Echtheitsprüfung von Produkten |
DE102004003004B4 (de) * | 2004-01-20 | 2006-10-12 | Deutsche Post Ag | Verfahren und Vorrichtung zur Frankierung von Postsendungen |
DE102004037695A1 (de) * | 2004-08-02 | 2006-02-23 | Deutsche Post Ag | Verfahren und Vorrichtungsanordnung zur digitalen Freimachung von Postsendungen |
US7937332B2 (en) * | 2004-12-08 | 2011-05-03 | Lockheed Martin Corporation | Automatic verification of postal indicia products |
US8209267B2 (en) * | 2004-12-08 | 2012-06-26 | Lockheed Martin Corporation | Automatic revenue protection and adjustment of postal indicia products |
US8005764B2 (en) | 2004-12-08 | 2011-08-23 | Lockheed Martin Corporation | Automatic verification of postal indicia products |
US7427025B2 (en) * | 2005-07-08 | 2008-09-23 | Lockheed Marlin Corp. | Automated postal voting system and method |
US8085980B2 (en) * | 2008-08-13 | 2011-12-27 | Lockheed Martin Corporation | Mail piece identification using bin independent attributes |
US20100100233A1 (en) * | 2008-10-22 | 2010-04-22 | Lockheed Martin Corporation | Universal intelligent postal identification code |
Family Cites Families (11)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US4376299A (en) * | 1980-07-14 | 1983-03-08 | Pitney Bowes, Inc. | Data center for remote postage meter recharging system having physically secure encrypting apparatus and employing encrypted seed number signals |
US5812991A (en) * | 1994-01-03 | 1998-09-22 | E-Stamp Corporation | System and method for retrieving postage credit contained within a portable memory over a computer network |
US5606507A (en) * | 1994-01-03 | 1997-02-25 | E-Stamp Corporation | System and method for storing, retrieving and automatically printing postage on mail |
US5822739A (en) * | 1996-10-02 | 1998-10-13 | E-Stamp Corporation | System and method for remote postage metering |
DE19642371C1 (de) * | 1996-10-14 | 1997-11-13 | Siemens Ag | Verfahren zum Austausch kryptographischen Schlüsselmaterials zwischen mindestens einer ersten Computereinheit und einer zweiten Computereinheit |
US6192473B1 (en) * | 1996-12-24 | 2001-02-20 | Pitney Bowes Inc. | System and method for mutual authentication and secure communications between a postage security device and a meter server |
US5812990A (en) * | 1996-12-23 | 1998-09-22 | Pitney Bowes Inc. | System and method for providing an additional cryptography layer for postage meter refills |
US6081795A (en) * | 1997-12-18 | 2000-06-27 | Pitney Bowes Inc. | Postage metering system and method for a closed system network |
US6064993A (en) * | 1997-12-18 | 2000-05-16 | Pitney Bowes Inc. | Closed system virtual postage meter |
US6039247A (en) * | 1997-12-19 | 2000-03-21 | Xico, Inc. | Secure, stored-value systems and methods of transferring monetary values in one or more transactions to a specific receiving device |
GB9906293D0 (en) * | 1999-03-18 | 1999-05-12 | Post Office | Improvements relating to postal services |
-
2000
- 2000-11-15 DE DE10056599A patent/DE10056599C2/de not_active Expired - Lifetime
-
2001
- 2001-11-15 JP JP2002543390A patent/JP2004514360A/ja active Pending
- 2001-11-15 ES ES01995530T patent/ES2428402T3/es not_active Expired - Lifetime
- 2001-11-15 NZ NZ525535A patent/NZ525535A/en unknown
- 2001-11-15 DK DK01995530.1T patent/DK1337974T3/da active
- 2001-11-15 EP EP01995530.1A patent/EP1337974B1/fr not_active Expired - Lifetime
- 2001-11-15 CZ CZ20031357A patent/CZ20031357A3/cs unknown
- 2001-11-15 EE EEP200300224A patent/EE04652B1/xx not_active IP Right Cessation
- 2001-11-15 AU AU2627202A patent/AU2627202A/xx active Pending
- 2001-11-15 CA CA002429202A patent/CA2429202A1/fr not_active Abandoned
- 2001-11-15 HU HU0302270A patent/HUP0302270A3/hu unknown
- 2001-11-15 IL IL15591601A patent/IL155916A0/xx not_active IP Right Cessation
- 2001-11-15 PL PL36106301A patent/PL361063A1/xx unknown
- 2001-11-15 WO PCT/DE2001/004258 patent/WO2002041261A1/fr active Application Filing
- 2001-11-15 US US10/416,619 patent/US20040059680A1/en not_active Abandoned
- 2001-11-15 AU AU2002226272A patent/AU2002226272B2/en not_active Ceased
-
2003
- 2003-04-28 HR HR20030329A patent/HRPK20030329B3/xx not_active IP Right Cessation
- 2003-05-14 NO NO20032186A patent/NO20032186L/no not_active Application Discontinuation
Also Published As
Publication number | Publication date |
---|---|
EE200300224A (et) | 2003-08-15 |
EP1337974A1 (fr) | 2003-08-27 |
PL361063A1 (en) | 2004-09-20 |
HRPK20030329B3 (en) | 2007-03-31 |
HUP0302270A2 (hu) | 2003-10-28 |
HUP0302270A3 (en) | 2003-11-28 |
JP2004514360A (ja) | 2004-05-13 |
WO2002041261A1 (fr) | 2002-05-23 |
EE04652B1 (et) | 2006-06-15 |
NO20032186L (no) | 2003-07-01 |
CZ20031357A3 (cs) | 2003-12-17 |
NZ525535A (en) | 2005-12-23 |
DE10056599C2 (de) | 2002-12-12 |
DE10056599A1 (de) | 2002-05-29 |
CA2429202A1 (fr) | 2002-05-23 |
AU2627202A (en) | 2002-05-27 |
ES2428402T3 (es) | 2013-11-07 |
NO20032186D0 (no) | 2003-05-14 |
US20040059680A1 (en) | 2004-03-25 |
AU2002226272B2 (en) | 2006-10-12 |
HRP20030329A2 (en) | 2005-10-31 |
DK1337974T3 (da) | 2013-10-14 |
IL155916A0 (en) | 2003-12-23 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
EP0944027B1 (fr) | Machine à affranchir et un procédé pour générer des données valables pour affranchir | |
EP1405274B1 (fr) | Procede de verification de la validite de mentions d'affranchissement numeriques | |
DE69434621T2 (de) | Postgebührensystem mit nachprüfbarer Unversehrtheit | |
DE3841389C2 (de) | Informationsübermittlungssystem zur zuverlässigen Bestimmung der Echtheit einer Vielzahl von Dokumenten | |
DE3841393C2 (de) | Zuverlässiges System zur Feststellung der Dokumentenechtheit | |
DE69836375T2 (de) | System und verfahren zum steuern einer zum drucken erforderlichen daten verwendeten frankierung | |
DE69533611T2 (de) | Frankiermaschinenvorrichtung, System und Verfahren zum Kommunizieren mit Frankiermaschinen | |
EP2058769B1 (fr) | Procédé d'affranchissement et système d'expédition de courrier avec augmentation de frais de port centrale | |
EP1337974B1 (fr) | Procede servant a porter des marques d'affranchissement sur des envois postaux | |
EP1279147B1 (fr) | Procede servant a pourvoir des envois postaux de mentions d'affranchissement | |
DE10305730B4 (de) | Verfahren zum Überprüfen der Gültigkeit von digitalen Freimachungsvermerken | |
EP1150256B1 (fr) | Procédé pour la distribution sécurisée de modules de sécurité | |
EP1340197B1 (fr) | Procede pour apposer des marques d'affranchissement sur des envois postaux | |
EP1807808B1 (fr) | Procede et dispositif d'affranchissement d'envois postaux | |
EP1486028B1 (fr) | Procede et dispositif permettant de creer des documents infalsifiables verifiables | |
EP2140429A1 (fr) | Procédé et dispositif d'affranchissement d'un envoi postal avec enregistrement d'une information d'identification dans une liste positive | |
DE102004047221A1 (de) | Verfahren und Vorrichtung zum Frankieren von Postsendungen |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PUAI | Public reference made under article 153(3) epc to a published international application that has entered the european phase |
Free format text: ORIGINAL CODE: 0009012 |
|
17P | Request for examination filed |
Effective date: 20030616 |
|
AK | Designated contracting states |
Designated state(s): AT BE CH CY DE DK ES FI FR GB GR IE IT LI LU MC NL PT SE TR |
|
AX | Request for extension of the european patent |
Extension state: AL LT LV MK RO SI |
|
REG | Reference to a national code |
Ref country code: HK Ref legal event code: DE Ref document number: 1058850 Country of ref document: HK |
|
REG | Reference to a national code |
Ref country code: HK Ref legal event code: WD Ref document number: 1058850 Country of ref document: HK |
|
GRAP | Despatch of communication of intention to grant a patent |
Free format text: ORIGINAL CODE: EPIDOSNIGR1 |
|
GRAS | Grant fee paid |
Free format text: ORIGINAL CODE: EPIDOSNIGR3 |
|
GRAA | (expected) grant |
Free format text: ORIGINAL CODE: 0009210 |
|
AK | Designated contracting states |
Kind code of ref document: B1 Designated state(s): AT BE CH CY DE DK ES FI FR GB GR IE IT LI LU MC NL PT SE TR |
|
AX | Request for extension of the european patent |
Extension state: LT LV SI |
|
REG | Reference to a national code |
Ref country code: GB Ref legal event code: FG4D Free format text: NOT ENGLISH |
|
REG | Reference to a national code |
Ref country code: CH Ref legal event code: EP |
|
REG | Reference to a national code |
Ref country code: AT Ref legal event code: REF Ref document number: 623811 Country of ref document: AT Kind code of ref document: T Effective date: 20130815 |
|
REG | Reference to a national code |
Ref country code: IE Ref legal event code: FG4D Free format text: LANGUAGE OF EP DOCUMENT: GERMAN |
|
REG | Reference to a national code |
Ref country code: CH Ref legal event code: NV Representative=s name: R. A. EGLI AND CO. PATENTANWAELTE, CH |
|
REG | Reference to a national code |
Ref country code: DE Ref legal event code: R096 Ref document number: 50116310 Country of ref document: DE Effective date: 20130919 |
|
REG | Reference to a national code |
Ref country code: NL Ref legal event code: T3 |
|
REG | Reference to a national code |
Effective date: 20131007 Ref country code: DK Ref legal event code: T3 |
|
REG | Reference to a national code |
Ref country code: ES Ref legal event code: FG2A Ref document number: 2428402 Country of ref document: ES Kind code of ref document: T3 Effective date: 20131107 |
|
REG | Reference to a national code |
Ref country code: SE Ref legal event code: TRGR |
|
REG | Reference to a national code |
Ref country code: LT Ref legal event code: MG9D |
|
PG25 | Lapsed in a contracting state [announced via postgrant information from national office to epo] |
Ref country code: PT Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT Effective date: 20131125 Ref country code: CY Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT Effective date: 20130619 |
|
PG25 | Lapsed in a contracting state [announced via postgrant information from national office to epo] |
Ref country code: GR Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT Effective date: 20131025 |
|
PG25 | Lapsed in a contracting state [announced via postgrant information from national office to epo] |
Ref country code: CY Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT Effective date: 20130724 |
|
PLBE | No opposition filed within time limit |
Free format text: ORIGINAL CODE: 0009261 |
|
STAA | Information on the status of an ep patent application or granted ep patent |
Free format text: STATUS: NO OPPOSITION FILED WITHIN TIME LIMIT |
|
26N | No opposition filed |
Effective date: 20140425 |
|
PG25 | Lapsed in a contracting state [announced via postgrant information from national office to epo] |
Ref country code: MC Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT Effective date: 20130724 |
|
REG | Reference to a national code |
Ref country code: DE Ref legal event code: R097 Ref document number: 50116310 Country of ref document: DE Effective date: 20140425 |
|
REG | Reference to a national code |
Ref country code: DE Ref legal event code: R119 Ref document number: 50116310 Country of ref document: DE Effective date: 20140603 |
|
PG25 | Lapsed in a contracting state [announced via postgrant information from national office to epo] |
Ref country code: DE Free format text: LAPSE BECAUSE OF NON-PAYMENT OF DUE FEES Effective date: 20140603 |
|
PGFP | Annual fee paid to national office [announced via postgrant information from national office to epo] |
Ref country code: FI Payment date: 20141112 Year of fee payment: 14 Ref country code: SE Payment date: 20141119 Year of fee payment: 14 Ref country code: FR Payment date: 20141119 Year of fee payment: 14 Ref country code: IE Payment date: 20141124 Year of fee payment: 14 |
|
PGFP | Annual fee paid to national office [announced via postgrant information from national office to epo] |
Ref country code: IT Payment date: 20141125 Year of fee payment: 14 |
|
PGFP | Annual fee paid to national office [announced via postgrant information from national office to epo] |
Ref country code: BE Payment date: 20141118 Year of fee payment: 14 |
|
PG25 | Lapsed in a contracting state [announced via postgrant information from national office to epo] |
Ref country code: TR Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT Effective date: 20130724 |
|
PG25 | Lapsed in a contracting state [announced via postgrant information from national office to epo] |
Ref country code: LU Free format text: LAPSE BECAUSE OF NON-PAYMENT OF DUE FEES Effective date: 20131115 |
|
PGFP | Annual fee paid to national office [announced via postgrant information from national office to epo] |
Ref country code: CH Payment date: 20151118 Year of fee payment: 15 Ref country code: DK Payment date: 20151118 Year of fee payment: 15 Ref country code: GB Payment date: 20151118 Year of fee payment: 15 |
|
PGFP | Annual fee paid to national office [announced via postgrant information from national office to epo] |
Ref country code: ES Payment date: 20151111 Year of fee payment: 15 Ref country code: AT Payment date: 20151119 Year of fee payment: 15 Ref country code: NL Payment date: 20151118 Year of fee payment: 15 |
|
PG25 | Lapsed in a contracting state [announced via postgrant information from national office to epo] |
Ref country code: IT Free format text: LAPSE BECAUSE OF NON-PAYMENT OF DUE FEES Effective date: 20151115 |
|
REG | Reference to a national code |
Ref country code: IE Ref legal event code: MM4A |
|
REG | Reference to a national code |
Ref country code: FR Ref legal event code: ST Effective date: 20160729 |
|
PG25 | Lapsed in a contracting state [announced via postgrant information from national office to epo] |
Ref country code: SE Free format text: LAPSE BECAUSE OF NON-PAYMENT OF DUE FEES Effective date: 20151116 |
|
PG25 | Lapsed in a contracting state [announced via postgrant information from national office to epo] |
Ref country code: IE Free format text: LAPSE BECAUSE OF NON-PAYMENT OF DUE FEES Effective date: 20151115 |
|
PG25 | Lapsed in a contracting state [announced via postgrant information from national office to epo] |
Ref country code: FR Free format text: LAPSE BECAUSE OF NON-PAYMENT OF DUE FEES Effective date: 20151130 |
|
REG | Reference to a national code |
Ref country code: DK Ref legal event code: EBP Effective date: 20161130 |
|
PG25 | Lapsed in a contracting state [announced via postgrant information from national office to epo] |
Ref country code: FI Free format text: LAPSE BECAUSE OF NON-PAYMENT OF DUE FEES Effective date: 20151115 |
|
REG | Reference to a national code |
Ref country code: CH Ref legal event code: PL |
|
REG | Reference to a national code |
Ref country code: NL Ref legal event code: MM Effective date: 20161201 |
|
REG | Reference to a national code |
Ref country code: AT Ref legal event code: MM01 Ref document number: 623811 Country of ref document: AT Kind code of ref document: T Effective date: 20161115 |
|
GBPC | Gb: european patent ceased through non-payment of renewal fee |
Effective date: 20161115 |
|
PG25 | Lapsed in a contracting state [announced via postgrant information from national office to epo] |
Ref country code: LI Free format text: LAPSE BECAUSE OF NON-PAYMENT OF DUE FEES Effective date: 20161130 Ref country code: CH Free format text: LAPSE BECAUSE OF NON-PAYMENT OF DUE FEES Effective date: 20161130 Ref country code: BE Free format text: LAPSE BECAUSE OF NON-PAYMENT OF DUE FEES Effective date: 20151130 |
|
PG25 | Lapsed in a contracting state [announced via postgrant information from national office to epo] |
Ref country code: AT Free format text: LAPSE BECAUSE OF NON-PAYMENT OF DUE FEES Effective date: 20161115 |
|
PG25 | Lapsed in a contracting state [announced via postgrant information from national office to epo] |
Ref country code: NL Free format text: LAPSE BECAUSE OF NON-PAYMENT OF DUE FEES Effective date: 20161201 |
|
PG25 | Lapsed in a contracting state [announced via postgrant information from national office to epo] |
Ref country code: DK Free format text: LAPSE BECAUSE OF NON-PAYMENT OF DUE FEES Effective date: 20161130 Ref country code: GB Free format text: LAPSE BECAUSE OF NON-PAYMENT OF DUE FEES Effective date: 20161115 |
|
PG25 | Lapsed in a contracting state [announced via postgrant information from national office to epo] |
Ref country code: ES Free format text: LAPSE BECAUSE OF NON-PAYMENT OF DUE FEES Effective date: 20161116 |
|
REG | Reference to a national code |
Ref country code: ES Ref legal event code: FD2A Effective date: 20180626 |