EP2290619A1 - Method and device for verifying secure documents - Google Patents

Method and device for verifying secure documents Download PDF

Info

Publication number
EP2290619A1
EP2290619A1 EP09305786A EP09305786A EP2290619A1 EP 2290619 A1 EP2290619 A1 EP 2290619A1 EP 09305786 A EP09305786 A EP 09305786A EP 09305786 A EP09305786 A EP 09305786A EP 2290619 A1 EP2290619 A1 EP 2290619A1
Authority
EP
European Patent Office
Prior art keywords
device
characterized
secure document
identity information
document
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Withdrawn
Application number
EP09305786A
Other languages
German (de)
French (fr)
Inventor
Olivier Joffray
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Gemalto SA
Original Assignee
Gemalto SA
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Gemalto SA filed Critical Gemalto SA
Priority to EP09305786A priority Critical patent/EP2290619A1/en
Publication of EP2290619A1 publication Critical patent/EP2290619A1/en
Application status is Withdrawn legal-status Critical

Links

Images

Classifications

    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07DHANDLING OF COINS OR VALUABLE PAPERS, e.g. TESTING, SORTING BY DENOMINATIONS, COUNTING, DISPENSING, CHANGING OR DEPOSITING
    • G07D7/00Testing specially adapted to determine the identity or genuineness of valuable papers or for segregating those which are unacceptable, e.g. banknotes that are alien to a currency
    • G07D7/01Testing electronic circuits therein
    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07DHANDLING OF COINS OR VALUABLE PAPERS, e.g. TESTING, SORTING BY DENOMINATIONS, COUNTING, DISPENSING, CHANGING OR DEPOSITING
    • G07D7/00Testing specially adapted to determine the identity or genuineness of valuable papers or for segregating those which are unacceptable, e.g. banknotes that are alien to a currency
    • G07D7/004Testing specially adapted to determine the identity or genuineness of valuable papers or for segregating those which are unacceptable, e.g. banknotes that are alien to a currency using digital security elements, e.g. information coded on a magnetic thread or strip
    • G07D7/0047Testing specially adapted to determine the identity or genuineness of valuable papers or for segregating those which are unacceptable, e.g. banknotes that are alien to a currency using digital security elements, e.g. information coded on a magnetic thread or strip using checkcodes, e.g. coded numbers derived from serial number and denomination

Abstract

The present invention provides a method for verifying a secure document (2) of a bearer, said secure document (2) comprising identity information and an embedded electronic component comprising means for storing identity information of a bearer, said method comprising the following steps:
a) selecting an area on the document,
b) capturing an image of the selected area,
c) processing the captured image to obtain identity information,
d) extracting identity information stored in said embedded chip,
e) comparing identity information extracted from said captured image and identity information stored in the electronic chip,
f) signaling the counterfeiting of the secure document if step d) fails.

Description

  • The invention relates to the field of authentication of documents and in particular, relates to a method and a device for verifying the authenticity of secure documents.
  • Documents such as ID cards, passports, driving licenses, resident permits, and other types of identification documents are delivered to allow identification of the bearer. These documents contain information about the name, age, date of birth, address, photography, etc. of the bearer, and allow a controller his identification.
  • These identification documents have been secured in order to not to be easily reproduced or falsified. To avoid counterfeiting, these secure documents have been manufactured in specific ways and may comprise for example digital watermarks, specific layers or core layers with specific printing, such as a printed pattern in specific areas of the document, etc. The verification of the integrity of the secure document is often made by a controller by screening the identification documents, using information located in the document identification.
  • Another way to verify the authentication is the use of an embedded electronic chip. Identification documents such as passports are for example already equipped with such an electronic chip. The embedded electronic chip comprises stored information related to the bearer which can be the same information that can be seen on the document. Biometric information associated with the owner of the secure document such as fingerprint information, have been added to the secure element. For such identification document, a controller uses a specific electronic device. Current electronic devices are used at country frontiers and are dedicated to verify a single electronic document: the electronic passport. Future generation of electronic document will use different technologies that are not compatible with ePassport readers. Many type of identity electronic documents will be used in a near future such as national ID cards, health card,..., and the format of these documents will change depending on the issuer choices. Current electronic devices are not ready to accept these new documents' format.
  • Next generation of ID cards, resident permits, driving licenses will embed an electronic component such as a chip as some current passports. Then there is a real need to provide a electronic device and a method suitable for securely authenticate any secure documents which comprise identity information and which are simpler and cheaper, and which are not easily hackered or corrupted as falsification is growing up.
  • It is an object of the invention to provide a method adapted to enhance the security for every type of identification document.
  • In this purpose, the invention provides a method for verifying a secure document of a bearer, said secure document comprising identity information and an embedded electronic component comprising means for storing identity information of a bearer, said method comprising the following steps:
  1. a) selecting an area on the document,
  2. b) capturing an image of the selected area,
  3. c) processing the captured image to obtain identity information,
  4. d) extracting identity information stored in said embedded chip,
  5. e) comparing identity information exctracted from said captured image and identity information stored in the electronic chip,
  6. f) signaling the counterfeiting of the secure document if step d) fails.
  • According to one aspect of the invention,
    • the method may comprise using an image capturing device;
    • the step a) may consist in zooming on said area with the image capturing device;
    • it may comprise using a machine readable zone (MRZ) as selected area;
    • it may comprise using a processing device, adapted to process the captured image;
    • the processing device may treat the captured image using optical character recognition process, and using cryptographic application;
    • it may comprise a step of establishing a communication with a remote server suitable to manage partially or totally the communication with the secure document;
    • the remote server may provide feedback regarding the verification of the secure document.
  • It is a further object of the invention to provide an electronic device that operate the method and which is adapted to enhance the security for every type of identification document as well.
  • In this purpose, the invention provides an electronic device for verifying a secure document, said secure document comprising identity information and an embedded electronic component comprising means for storing identity information of a bearer, said electronic device comprising an image capturing device suitable for capturing an image of an area from said secure document, a processing device for processing the captured image, means for establishing a contactless communication (13) with the secure document.
  • According to one aspect of the invention,
    • the image capturing device may be a camera;
    • the image capture device may be integrated to the processing device;
    • the electronic device may be a mobile phone;
    • the processing device may be a cash register;
    • the electronic device may comprise a receiving device adapted to receive said secure document so as to position the area of the secure document to be captured;
    • the receiving device may be a box with an upper face and a below face under the upper face, the below face comprising different stops so as to position the secure document.
  • This method and this electronic device are advantageously applicable for all government document verification applications.
  • The invention is now described, by way of example, with reference to the accompanying drawings. The specific nature of the following description should not be construed as limiting in any way the broad nature of this summary.
  • In order that the manner in which the above recited and other advantages and features of the invention are obtained, a more particular description of the invention briefly described above will be rendered by reference.
  • Notwithstanding any other forms that may fall within the scope of the present invention, preferred forms of the invention will now be described, by way of example only, with reference to the accompanying drawing in which:
    • FIG.1 schematically shows an embodiment of an electronic device for verifying a secure document device according to the invention.
  • The present invention may be understood according to the detailed description provided herein.
  • Shown in Fig.1 is an electronic device 1 for verifying that a secure document 2 is not counterfeited, and more precisely when the secure document 2 is a secure electronic identity document.
  • In the present invention, a secure identity document is a secure document which comprises identity information. It may be an electronic identity document such as an electronic passport, or an electronic identity card, etc.
  • This electronic identity document is made of a standard paper passport and comprises text data about the bearer such as his name, his date of birth, and other type of data such as his photography, or his signature.
  • The electronic identity document also comprises an embedded electronic component not represented in figure 1. This electronic component, such as a chip, stores identity information of the bearer and can not be removed from the electronic identity document 2 without damaging it.
  • The chip may be addressed through a contact or a contactless interface (ISO 7816-x or ISO 14443-x standard respectively, but not exclusively).
  • The electronic identity document 2 also comprises a machine readable bearer data in an area usually called machine readable zone or MRZ which can be read with a dedicated device as it will be described further. The MRZ comprises identification information of the bearer.
  • A method according to the invention for verifying that the secure document is not counterfeited, is to compare the information data stored in the electronic document with the identity information printed on the document. For this, the method comprises a step which consists in an extraction of the identification information printed on the document and a step which consists in an extraction of the identification information stored in the chip. To access the information available in the chip, the MRZ has to be captured, and the data extracted from it are used to establish a link between the electronic device 1 and the document 2.
  • For processing the step which consists in the extraction of the information included in the MRZ, the electronic device 1 comprises an image capture device 11, means for processing 12 the captured image, also called a processing device 12 and means for establishing 13 a communication with the secure identity document 2. In the following description, the secure identity document is a secure identity card 2.
  • The image capture device 11 comprises means for selecting an area 10 from the secure identity document 2, means for capturing and storing a selected image stemming from said selected area 10, which is the MRZ. These different means are not represented in Fig.1 and are suitable for capturing the MRZ in high resolution in order for the selected area to be well readable and well exploitable by the means for processing 12, such as a zoom lens, etc.
  • According to the invention, in a first embodiment, the image capturing device 11 is a camera, which is suitable for taking the picture of the secure identity document 2 in a whole or by directly selecting the MRZ, for example by zooming onto the MRZ.
  • It will be well understood that this image capturing device is not a limited example, and every device suitable for capturing an image is available. Then the image capturing device may be for example a bar code electronic device 1 if the capturing image includes bar-code information.
  • Once the image is selected and captured by the controller, it is stored by the image capture device 11, for example in a memory card. The stored image is then sent to the processing device 12. Optionally, the selected and captured image is directly stored in the processing device 12.
  • The processing device 12 comprises means for treating the captured image, for example a computer unit which embeds a software for the extraction of information data from the MRZ.
  • For doing so, an optical character recognition (OCR) algorithm is for example used for the extraction of the identification information of the bearer. This algorithm permits the extraction of text and symbols from an image using computer means. Classically, a printed or handwritten text, or a digital picture is scanned from the secure identity document 2.
  • The algorithm depends on the nature of the selected image. Then if the MRZ includes bar-code information, the extraction of the identity information is made with an appropriate algorithm.
  • The means for processing the captured image may further includes stemming imaging application in order to facilitate the extraction of identity information from the MRZ.
  • The extraction may be automatically launched by the processing device 12 as soon as it detects that an image has been stored or may be launched by the controller.
  • At this stage, the controller has captured the MRZ from the secure identity card 2 with the image capture device 11 and the identification information has been extracted from the MRZ by the processing device 12.
  • For the step which consists in the extraction of the identification information stored in the chip, the electronic device 1 has to establish a communication with the chip embedded in the secure identity card 2.
  • As represented in Fig.1, the communication between the electronic device 1 and the secure identity document 2 is a contactless communication and the means for establishing the communication 13 comprise an antenna. The electronic device 1 embeds a so called CLF (Contactless Front End) which is constituted by an RF proximity antenna and a Near Field Contactless controller.
  • The reading of the electronic component is then made in contactless mode such as define in ISO standard 14443.
  • In order to avoid the secure identity document 2 being read without the bearer agreement, a secure messaging is used. The secure messaging protects electronic data exchange from disclosure or modification. It comprises the calculation of cryptographic keys on both the processing device 12 and the chip embedded in the secure identity card 2, said keys being based on information known by both. The calculation of the encrypted keys is for example made in a microcontroller of the processing device 12. These cryptographic keys are loaded in the chip during the personalization and can be recalculated from the MRZ.
  • In fact, until very recently, the electronic device 1 had to embed a secret (such as a master key) to open a secure channel between the electronic device 1 and the identity card 2, thus becoming a very sensitive device. In order to avoid this drawback, the use of algorithm requiring the electronic device 1 to hold a secret is replaced by a mechanism called PBM (Password Based Mechanism) that does not require any secret in the electronic device 1 to open a secure channel between the identity card 2 and the electronic device 1. After the MRZ is captured and treated by the processing device, both the electronic device 1 and the chip share the same information. Other algorithms such as the BAC or equivalent algorithm may also be used instead of a PBM. The session keys are the output of the PBM and are shared by both the identity card 2 and the electronic device 1. By using the session keys, a secure channel between the card and the electronic device 1 is established allowing the exchanges to be protected.
  • It will be understood that the identification information included in the identity card 2 used as input to PBM may alternatively be a bar-code, a printed digital code, or a PIN, entered by the bearer on the electronic device 1 for example thanks to a keyboard. In this case, the electronic device 1 comprises a keyboard in order to enter the card bearer PIN or password, said PIN or password being used as the input to the PBM.
  • Once a secure session is established with the chip, the processing device 12 extracts identification information stored in the chip.
  • The next step is then the comparison of the data inside the chip with the data captured from the secure identity card 2.
  • The electronic device 1 sends a signal to the controller at the end of the verification. If these data are matching, a signal for example a green light, or a special sound, informs the controller that the identity card is not counterfeited.
  • It will be understood that the nature of the signal is not a limited example.
  • In accordance with another embodiment, the processing device 12 is a handset such as a mobile phone, which comprises an antenna for the NFC contactless communication and a smart card.
  • In this case, the calculation of the encrypted keys can be made optionally by the smart card (e.g. SIM or UICC) in order to fasten the process.
  • In accordance with another embodiment, in the electronic device 1, the image capture device 1 is integrated to the processing device 12.
  • It will be understood that all these embodiments can be combined and are not limited examples. Then according to an embodiment of the invention, the electronic device is a mobile phone comprising an image capturing device 12, a smart card, a microcontroller, etc. The image capturing device 11 is able to take picture, or to dynamically capture pictures if a video mode is used, to parse said picture(s) in order to extract the information to be used as the input of the PBM, or other information such as the name of the document bearer.
  • The handset may embed software applications which are able to complete cryptographic calculations in order to establish a secure channel with the electronic document.
  • Optionally, the handset allows the controller to identify on a picture an area to parse by zooming and/or surrounding information on said picture by an external action, for example with a finger on the screen.
  • The calculation of session keys can be made for example by the microcontroller of the mobile phone or by the smart card. The mobile phone can then embed a digital camera.
  • Such a mobile phone embeds a microcontroller running a software addressing the services provided by the device such as phone call, taking picture, sending SMS or MMS, etc. Many mobile phones' manufacturers also provide a SDK (Software Development Kit) that permits to develop applications such as games, unit convertor, etc. These SDK also allow to address the camera and / or to work on picture taken by the camera.
  • According to another embodiment, the electronic device 1 for verifying the secure identity document comprises a receiving device 3 suitable for receiving the secure identity document. The receiving device 3 is suitable for receiving secure documents with different formats in order to facilitate the caption of MRZ or of other information on the printed card. Each stop may be related to the.
  • In an embodiment, the receiving device 3 is a box with an upper face 31 and a below face 32, under the upper face 31. The below face 32 comprises different stops S such as abutments, designed in an interior face and which are able to position secure documents 2.
  • The upper face 31 may also comprises a positioning element that can be placed such that the relative position of the image capture device 11 and of the secure document 2 facilitate capturing an image of the secure document 2.
  • This device 3 allows maintaining the identity card 2 in order to facilitate the caption of the MRZ.
  • In another embodiment, the electronic device 1 establishes a communication with a remoter server. The electronic device has a data connection to the remote server (not represented) which can manage partially or totally the communication with the secure identity document 2.
  • The remote server uses the electronic device's characteristics as an extension to its own system (e.g. piloting the camera, sending APDU ...) and provides feedback regarding the verification of the secure identity document 2.
  • The remote server is able to update the software of the processing device 12 and/or data for the secure identity document verification, for example, when a picture parsing software does not know how the electronic document is organized (e.g. foreign country electronic document). In this case, the controller may indicate the country from which the secure document is issued to the electronic device 1. If the country is unknown to the electronic device 1, it connects to the remote server to get instructions or a software update for verifying the secure document 2.
  • This method can be advantageously being used by a storekeeper who uses a cash register as a processing device and a bar code electronic device or an image capture device connected to the register cash in order to verify that a secure document presented by a buyer is not counterfeited. The cash register may also integrate the image capturing device 11.
  • This method and this electronic are able to enhance the security for every type of identification document and can be used by each person who want to verify that a secure document is not counterfeited.
  • Claims (15)

    1. A method for verifying a secure document (2) of a bearer, said secure document (2) comprising identity information and an embedded electronic component comprising means for storing identity information of a bearer, said method comprising the following steps:
      a) selecting an area on the document,
      b) capturing an image of the selected area,
      c) processing the captured image to obtain identity information,
      d) extracting identity information stored in said embedded chip,
      e) comparing identity information extracted from said captured image and identity information stored in the electronic chip,
      f) signaling the counterfeiting of the secure document if step d) fails.
    2. A method according to claim 1, characterized in that it comprises using an image capturing device (11).
    3. A method according to claim 2, characterized in that step a) consists in zooming on said area with the image capturing device (11).
    4. A method according to claim 3, characterized in that it comprises using a machine readable zone (MRZ) as selected area.
    5. A method according to one of the preceding claims, characterized in that it comprises using a processing device (12), adapted to process the captured image.
    6. A method according to claim 6, characterized in that the processing device (12) treats the captured image using optical character recognition process, and using cryptographic application.
    7. A method according to one of the preceding claims, characterized in that it comprises a step of establishing a communication with a remote server suitable to manage partially or totally the communication with the secure document (2).
    8. A method according to claim 7, characterized in that the remote server provides feedback regarding the verification of the secure document (2).
    9. An electronic device (1) for verifying a secure document (2), said secure document (2) comprising identity information and an embedded electronic component comprising means for storing identity information of a bearer, said electronic device (1) comprising:
      a. an image capturing device (11) suitable for capturing an image of an area from said secure document (2),
      b. a processing device (12) for processing the captured image,
      c. means for establishing a contactless communication (13) with the secure document (2).
    10. An electronic device (1) according to claim 11, characterized in that the image capturing device (11) is a camera.
    11. An electronic device (1) according to claim 10 to 11, characterized in that the image capture device (11) is integrated to the processing device (12).
    12. An electronic device (1) according to claim 9 to 11, characterized in that the electronic device (1) is a mobile phone.
    13. An electronic device (1) according to claim 9 to 11, characterized in that the processing device (12) is a cash register.
    14. An electronic device (1) according to claim 9 to 13, characterized in that it comprises a receiving device (3) adapted to receive said secure document (2) so as to position the area of the secure document (2) to be captured.
    15. An electronic device (1) according to claim 14, characterized in that the receiving device (3) is a box with an upper face (31) and a below face (32) under the upper face (31), the below face (32) comprising different stops (S) so as to position the secure document (2).
    EP09305786A 2009-08-25 2009-08-25 Method and device for verifying secure documents Withdrawn EP2290619A1 (en)

    Priority Applications (1)

    Application Number Priority Date Filing Date Title
    EP09305786A EP2290619A1 (en) 2009-08-25 2009-08-25 Method and device for verifying secure documents

    Applications Claiming Priority (2)

    Application Number Priority Date Filing Date Title
    EP09305786A EP2290619A1 (en) 2009-08-25 2009-08-25 Method and device for verifying secure documents
    PCT/EP2010/062340 WO2011023697A1 (en) 2009-08-25 2010-08-24 Method and device for verifying secure documents

    Publications (1)

    Publication Number Publication Date
    EP2290619A1 true EP2290619A1 (en) 2011-03-02

    Family

    ID=41647169

    Family Applications (1)

    Application Number Title Priority Date Filing Date
    EP09305786A Withdrawn EP2290619A1 (en) 2009-08-25 2009-08-25 Method and device for verifying secure documents

    Country Status (2)

    Country Link
    EP (1) EP2290619A1 (en)
    WO (1) WO2011023697A1 (en)

    Cited By (1)

    * Cited by examiner, † Cited by third party
    Publication number Priority date Publication date Assignee Title
    EP3206192A1 (en) * 2016-02-11 2017-08-16 Safran Identity & Security Method for securing and verifying a document

    Citations (4)

    * Cited by examiner, † Cited by third party
    Publication number Priority date Publication date Assignee Title
    DE19734507A1 (en) * 1997-08-08 1999-02-11 Siemens Ag A method for testing the authenticity of a data carrier
    US20060108412A1 (en) * 1998-12-07 2006-05-25 Chikashi Okamoto Method of checking authenticity of sheet with built-in electronic circuit chip
    US20070192850A1 (en) * 2004-03-12 2007-08-16 Ingenia Technology Limited Authenticity verification methods, products and apparatuses
    EP2003622A2 (en) * 2007-05-16 2008-12-17 Siemens Aktiengesellschaft Österreich Method, device and system for checking the authenticity of currency

    Patent Citations (4)

    * Cited by examiner, † Cited by third party
    Publication number Priority date Publication date Assignee Title
    DE19734507A1 (en) * 1997-08-08 1999-02-11 Siemens Ag A method for testing the authenticity of a data carrier
    US20060108412A1 (en) * 1998-12-07 2006-05-25 Chikashi Okamoto Method of checking authenticity of sheet with built-in electronic circuit chip
    US20070192850A1 (en) * 2004-03-12 2007-08-16 Ingenia Technology Limited Authenticity verification methods, products and apparatuses
    EP2003622A2 (en) * 2007-05-16 2008-12-17 Siemens Aktiengesellschaft Österreich Method, device and system for checking the authenticity of currency

    Cited By (3)

    * Cited by examiner, † Cited by third party
    Publication number Priority date Publication date Assignee Title
    EP3206192A1 (en) * 2016-02-11 2017-08-16 Safran Identity & Security Method for securing and verifying a document
    FR3047688A1 (en) * 2016-02-11 2017-08-18 Morpho Method of securing and verifying a document
    US10403076B2 (en) 2016-02-11 2019-09-03 Safran Identity & Security Method for securing and verifying a document

    Also Published As

    Publication number Publication date
    WO2011023697A1 (en) 2011-03-03

    Similar Documents

    Publication Publication Date Title
    EP2081135B1 (en) Contactless data carrier
    DE69932643T2 (en) Identification device with secured photo, and method and method for authenticating this identification device
    US10395019B2 (en) Method, system and computer program for comparing images
    US9269010B2 (en) Mobile phone payment system using integrated camera credit card reader
    KR100472584B1 (en) Method and system for generating data of application attached portrait thereon, and computer-readable medium having program stored on thereon
    US8058972B2 (en) Methods and devices for enrollment and verification of biometric information in identification documents
    JP2009543176A (en) Traceless biometric identification system and method
    CN102812498B (en) Inlet control means
    EP2189924B1 (en) Terminal device authentication method, terminal device, and program
    KR101062532B1 (en) personal card for security
    US7647279B2 (en) Method to make transactions secure by means of cards having unique and non-reproducible identifiers
    US20050220326A1 (en) Mobile identification system and method
    JPWO2005024645A1 (en) Information processing server and information processing method
    WO2007018233A1 (en) Account opening method
    AU2016269559B2 (en) Airport security check system and method therefor
    WO2001097115A1 (en) Electronic settling method by mobile terminal
    AU2003285786B2 (en) System and method for automatic verification of the holder of an authorisation document
    JP2001067399A (en) Electronic money transaction system
    JP2006107398A (en) Biometric authentication device
    CN100578554C (en) Mobile verification device for checking the authenticity of travel documents
    EP2659413B1 (en) System providing an improved skimming resistance for an electronic identity document
    CN101165726B (en) Method and system for preventing credit card embezzlement
    CN1635533A (en) Digital stamp system
    US20130243266A1 (en) iPassport Apparatus and Method
    JP4670464B2 (en) Information reading apparatus, information processing apparatus, information communication system, information reading method, and program

    Legal Events

    Date Code Title Description
    AK Designated contracting states:

    Kind code of ref document: A1

    Designated state(s): AT BE BG CH CY CZ DE DK EE ES FI FR GB GR HR HU IE IS IT LI LT LU LV MC MK MT NL NO PL PT RO SE SI SK SM TR

    AX Request for extension of the european patent to

    Countries concerned: ALBARS

    18D Deemed to be withdrawn

    Effective date: 20110903