EP2290619A1 - Procédé et dispositif pour la vérification de documents sécurisés - Google Patents

Procédé et dispositif pour la vérification de documents sécurisés Download PDF

Info

Publication number
EP2290619A1
EP2290619A1 EP09305786A EP09305786A EP2290619A1 EP 2290619 A1 EP2290619 A1 EP 2290619A1 EP 09305786 A EP09305786 A EP 09305786A EP 09305786 A EP09305786 A EP 09305786A EP 2290619 A1 EP2290619 A1 EP 2290619A1
Authority
EP
European Patent Office
Prior art keywords
secure document
document
identity information
electronic device
image
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Withdrawn
Application number
EP09305786A
Other languages
German (de)
English (en)
Inventor
Olivier Joffray
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Thales DIS France SA
Original Assignee
Gemalto SA
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Gemalto SA filed Critical Gemalto SA
Priority to EP09305786A priority Critical patent/EP2290619A1/fr
Priority to PCT/EP2010/062340 priority patent/WO2011023697A1/fr
Publication of EP2290619A1 publication Critical patent/EP2290619A1/fr
Withdrawn legal-status Critical Current

Links

Images

Classifications

    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07DHANDLING OF COINS OR VALUABLE PAPERS, e.g. TESTING, SORTING BY DENOMINATIONS, COUNTING, DISPENSING, CHANGING OR DEPOSITING
    • G07D7/00Testing specially adapted to determine the identity or genuineness of valuable papers or for segregating those which are unacceptable, e.g. banknotes that are alien to a currency
    • G07D7/01Testing electronic circuits therein
    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07DHANDLING OF COINS OR VALUABLE PAPERS, e.g. TESTING, SORTING BY DENOMINATIONS, COUNTING, DISPENSING, CHANGING OR DEPOSITING
    • G07D7/00Testing specially adapted to determine the identity or genuineness of valuable papers or for segregating those which are unacceptable, e.g. banknotes that are alien to a currency
    • G07D7/004Testing specially adapted to determine the identity or genuineness of valuable papers or for segregating those which are unacceptable, e.g. banknotes that are alien to a currency using digital security elements, e.g. information coded on a magnetic thread or strip
    • G07D7/0047Testing specially adapted to determine the identity or genuineness of valuable papers or for segregating those which are unacceptable, e.g. banknotes that are alien to a currency using digital security elements, e.g. information coded on a magnetic thread or strip using checkcodes, e.g. coded numbers derived from serial number and denomination

Definitions

  • the invention relates to the field of authentication of documents and in particular, relates to a method and a device for verifying the authenticity of secure documents.
  • Documents such as ID cards, passports, driving licenses, resident permits, and other types of identification documents are delivered to allow identification of the bearer. These documents contain information about the name, age, date of birth, address, photography, etc. of the bearer, and allow a controller his identification.
  • These identification documents have been secured in order to not to be easily reproduced or falsified. To avoid counterfeiting, these secure documents have been manufactured in specific ways and may comprise for example digital watermarks, specific layers or core layers with specific printing, such as a printed pattern in specific areas of the document, etc.
  • the verification of the integrity of the secure document is often made by a controller by screening the identification documents, using information located in the document identification.
  • Identification documents such as passports are for example already equipped with such an electronic chip.
  • the embedded electronic chip comprises stored information related to the bearer which can be the same information that can be seen on the document. Biometric information associated with the owner of the secure document such as fingerprint information, have been added to the secure element.
  • a controller uses a specific electronic device.
  • Current electronic devices are used at country frontiers and are dedicated to verify a single electronic document: the electronic passport. Future generation of electronic document will use different technologies that are not compatible with ePassport readers. Many type of identity electronic documents will be used in a near future such as national ID cards, health card,..., and the format of these documents will change depending on the issuer choices. Current electronic devices are not ready to accept these new documents' format.
  • the invention provides a method for verifying a secure document of a bearer, said secure document comprising identity information and an embedded electronic component comprising means for storing identity information of a bearer, said method comprising the following steps:
  • the invention provides an electronic device for verifying a secure document, said secure document comprising identity information and an embedded electronic component comprising means for storing identity information of a bearer, said electronic device comprising an image capturing device suitable for capturing an image of an area from said secure document, a processing device for processing the captured image, means for establishing a contactless communication (13) with the secure document.
  • This method and this electronic device are advantageously applicable for all government document verification applications.
  • Fig.1 Shown in Fig.1 is an electronic device 1 for verifying that a secure document 2 is not counterfeited, and more precisely when the secure document 2 is a secure electronic identity document.
  • a secure identity document is a secure document which comprises identity information. It may be an electronic identity document such as an electronic passport, or an electronic identity card, etc.
  • This electronic identity document is made of a standard paper passport and comprises text data about the bearer such as his name, his date of birth, and other type of data such as his photography, or his signature.
  • the electronic identity document also comprises an embedded electronic component not represented in figure 1 .
  • This electronic component such as a chip, stores identity information of the bearer and can not be removed from the electronic identity document 2 without damaging it.
  • the chip may be addressed through a contact or a contactless interface (ISO 7816-x or ISO 14443-x standard respectively, but not exclusively).
  • a contact or a contactless interface ISO 7816-x or ISO 14443-x standard respectively, but not exclusively.
  • the electronic identity document 2 also comprises a machine readable bearer data in an area usually called machine readable zone or MRZ which can be read with a dedicated device as it will be described further.
  • the MRZ comprises identification information of the bearer.
  • a method for verifying that the secure document is not counterfeited is to compare the information data stored in the electronic document with the identity information printed on the document.
  • the method comprises a step which consists in an extraction of the identification information printed on the document and a step which consists in an extraction of the identification information stored in the chip.
  • the MRZ has to be captured, and the data extracted from it are used to establish a link between the electronic device 1 and the document 2.
  • the electronic device 1 For processing the step which consists in the extraction of the information included in the MRZ, the electronic device 1 comprises an image capture device 11, means for processing 12 the captured image, also called a processing device 12 and means for establishing 13 a communication with the secure identity document 2.
  • the secure identity document is a secure identity card 2.
  • the image capture device 11 comprises means for selecting an area 10 from the secure identity document 2, means for capturing and storing a selected image stemming from said selected area 10, which is the MRZ.
  • These different means are not represented in Fig.1 and are suitable for capturing the MRZ in high resolution in order for the selected area to be well readable and well exploitable by the means for processing 12, such as a zoom lens, etc.
  • the image capturing device 11 is a camera, which is suitable for taking the picture of the secure identity document 2 in a whole or by directly selecting the MRZ, for example by zooming onto the MRZ.
  • this image capturing device is not a limited example, and every device suitable for capturing an image is available. Then the image capturing device may be for example a bar code electronic device 1 if the capturing image includes bar-code information.
  • the image is selected and captured by the controller, it is stored by the image capture device 11, for example in a memory card.
  • the stored image is then sent to the processing device 12.
  • the selected and captured image is directly stored in the processing device 12.
  • the processing device 12 comprises means for treating the captured image, for example a computer unit which embeds a software for the extraction of information data from the MRZ.
  • OCR optical character recognition
  • the algorithm depends on the nature of the selected image. Then if the MRZ includes bar-code information, the extraction of the identity information is made with an appropriate algorithm.
  • the means for processing the captured image may further includes stemming imaging application in order to facilitate the extraction of identity information from the MRZ.
  • the extraction may be automatically launched by the processing device 12 as soon as it detects that an image has been stored or may be launched by the controller.
  • the controller has captured the MRZ from the secure identity card 2 with the image capture device 11 and the identification information has been extracted from the MRZ by the processing device 12.
  • the electronic device 1 For the step which consists in the extraction of the identification information stored in the chip, the electronic device 1 has to establish a communication with the chip embedded in the secure identity card 2.
  • the communication between the electronic device 1 and the secure identity document 2 is a contactless communication and the means for establishing the communication 13 comprise an antenna.
  • the electronic device 1 embeds a so called CLF (Contactless Front End) which is constituted by an RF proximity antenna and a Near Field Contactless controller.
  • CLF Contactless Front End
  • the reading of the electronic component is then made in contactless mode such as define in ISO standard 14443.
  • a secure messaging is used.
  • the secure messaging protects electronic data exchange from disclosure or modification. It comprises the calculation of cryptographic keys on both the processing device 12 and the chip embedded in the secure identity card 2, said keys being based on information known by both.
  • the calculation of the encrypted keys is for example made in a microcontroller of the processing device 12. These cryptographic keys are loaded in the chip during the personalization and can be recalculated from the MRZ.
  • the electronic device 1 had to embed a secret (such as a master key) to open a secure channel between the electronic device 1 and the identity card 2, thus becoming a very sensitive device.
  • a secret such as a master key
  • PBM Password Based Mechanism
  • the use of algorithm requiring the electronic device 1 to hold a secret is replaced by a mechanism called PBM (Password Based Mechanism) that does not require any secret in the electronic device 1 to open a secure channel between the identity card 2 and the electronic device 1.
  • PBM Password Based Mechanism
  • Both the electronic device 1 and the chip share the same information.
  • Other algorithms such as the BAC or equivalent algorithm may also be used instead of a PBM.
  • the session keys are the output of the PBM and are shared by both the identity card 2 and the electronic device 1. By using the session keys, a secure channel between the card and the electronic device 1 is established allowing the exchanges to be protected.
  • the identification information included in the identity card 2 used as input to PBM may alternatively be a bar-code, a printed digital code, or a PIN, entered by the bearer on the electronic device 1 for example thanks to a keyboard.
  • the electronic device 1 comprises a keyboard in order to enter the card bearer PIN or password, said PIN or password being used as the input to the PBM.
  • the processing device 12 extracts identification information stored in the chip.
  • the next step is then the comparison of the data inside the chip with the data captured from the secure identity card 2.
  • the electronic device 1 sends a signal to the controller at the end of the verification. If these data are matching, a signal for example a green light, or a special sound, informs the controller that the identity card is not counterfeited.
  • a signal for example a green light, or a special sound
  • the processing device 12 is a handset such as a mobile phone, which comprises an antenna for the NFC contactless communication and a smart card.
  • the calculation of the encrypted keys can be made optionally by the smart card (e.g. SIM or UICC) in order to fasten the process.
  • the smart card e.g. SIM or UICC
  • the image capture device 1 is integrated to the processing device 12.
  • the electronic device is a mobile phone comprising an image capturing device 12, a smart card, a microcontroller, etc.
  • the image capturing device 11 is able to take picture, or to dynamically capture pictures if a video mode is used, to parse said picture(s) in order to extract the information to be used as the input of the PBM, or other information such as the name of the document bearer.
  • the handset may embed software applications which are able to complete cryptographic calculations in order to establish a secure channel with the electronic document.
  • the handset allows the controller to identify on a picture an area to parse by zooming and/or surrounding information on said picture by an external action, for example with a finger on the screen.
  • the calculation of session keys can be made for example by the microcontroller of the mobile phone or by the smart card.
  • the mobile phone can then embed a digital camera.
  • Such a mobile phone embeds a microcontroller running a software addressing the services provided by the device such as phone call, taking picture, sending SMS or MMS, etc.
  • a microcontroller running a software addressing the services provided by the device such as phone call, taking picture, sending SMS or MMS, etc.
  • Many mobile phones' manufacturers also provide a SDK (Software Development Kit) that permits to develop applications such as games, unit convertor, etc. These SDK also allow to address the camera and / or to work on picture taken by the camera.
  • the electronic device 1 for verifying the secure identity document comprises a receiving device 3 suitable for receiving the secure identity document.
  • the receiving device 3 is suitable for receiving secure documents with different formats in order to facilitate the caption of MRZ or of other information on the printed card. Each stop may be related to the.
  • the receiving device 3 is a box with an upper face 31 and a below face 32, under the upper face 31.
  • the below face 32 comprises different stops S such as abutments, designed in an interior face and which are able to position secure documents 2.
  • the upper face 31 may also comprises a positioning element that can be placed such that the relative position of the image capture device 11 and of the secure document 2 facilitate capturing an image of the secure document 2.
  • This device 3 allows maintaining the identity card 2 in order to facilitate the caption of the MRZ.
  • the electronic device 1 establishes a communication with a remoter server.
  • the electronic device has a data connection to the remote server (not represented) which can manage partially or totally the communication with the secure identity document 2.
  • the remote server uses the electronic device's characteristics as an extension to its own system (e.g. piloting the camera, sending APDU %) and provides feedback regarding the verification of the secure identity document 2.
  • the remote server is able to update the software of the processing device 12 and/or data for the secure identity document verification, for example, when a picture parsing software does not know how the electronic document is organized (e.g. foreign country electronic document).
  • the controller may indicate the country from which the secure document is issued to the electronic device 1. If the country is unknown to the electronic device 1, it connects to the remote server to get instructions or a software update for verifying the secure document 2.
  • This method can be advantageously being used by a storekeeper who uses a cash register as a processing device and a bar code electronic device or an image capture device connected to the register cash in order to verify that a secure document presented by a buyer is not counterfeited.
  • the cash register may also integrate the image capturing device 11.
  • This method and this electronic are able to enhance the security for every type of identification document and can be used by each person who want to verify that a secure document is not counterfeited.

Landscapes

  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Editing Of Facsimile Originals (AREA)
EP09305786A 2009-08-25 2009-08-25 Procédé et dispositif pour la vérification de documents sécurisés Withdrawn EP2290619A1 (fr)

Priority Applications (2)

Application Number Priority Date Filing Date Title
EP09305786A EP2290619A1 (fr) 2009-08-25 2009-08-25 Procédé et dispositif pour la vérification de documents sécurisés
PCT/EP2010/062340 WO2011023697A1 (fr) 2009-08-25 2010-08-24 Procédé et dispositif pour la vérification de documents sécurisés

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
EP09305786A EP2290619A1 (fr) 2009-08-25 2009-08-25 Procédé et dispositif pour la vérification de documents sécurisés

Publications (1)

Publication Number Publication Date
EP2290619A1 true EP2290619A1 (fr) 2011-03-02

Family

ID=41647169

Family Applications (1)

Application Number Title Priority Date Filing Date
EP09305786A Withdrawn EP2290619A1 (fr) 2009-08-25 2009-08-25 Procédé et dispositif pour la vérification de documents sécurisés

Country Status (2)

Country Link
EP (1) EP2290619A1 (fr)
WO (1) WO2011023697A1 (fr)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP3206192A1 (fr) * 2016-02-11 2017-08-16 Safran Identity & Security Procédé de sécurisation et de verification d'un document

Families Citing this family (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
FR3118240B1 (fr) * 2020-12-23 2022-12-23 Idemia France Procédé d’ouverture d’un canal de communication sans-fil sécurisé entre une carte à microcircuit et un dispositif de lecture utilisant un code visuel et un motif en matériau électriquement conducteur

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
DE19734507A1 (de) * 1997-08-08 1999-02-11 Siemens Ag Verfahren zur Echtheitsprüfung eines Datenträgers
US20060108412A1 (en) * 1998-12-07 2006-05-25 Chikashi Okamoto Method of checking authenticity of sheet with built-in electronic circuit chip
US20070192850A1 (en) * 2004-03-12 2007-08-16 Ingenia Technology Limited Authenticity verification methods, products and apparatuses
EP2003622A2 (fr) * 2007-05-16 2008-12-17 Siemens Aktiengesellschaft Österreich Procédé, dispositif et système de vérification de l'authenticité de caractéristiques de valeur

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
DE19734507A1 (de) * 1997-08-08 1999-02-11 Siemens Ag Verfahren zur Echtheitsprüfung eines Datenträgers
US20060108412A1 (en) * 1998-12-07 2006-05-25 Chikashi Okamoto Method of checking authenticity of sheet with built-in electronic circuit chip
US20070192850A1 (en) * 2004-03-12 2007-08-16 Ingenia Technology Limited Authenticity verification methods, products and apparatuses
EP2003622A2 (fr) * 2007-05-16 2008-12-17 Siemens Aktiengesellschaft Österreich Procédé, dispositif et système de vérification de l'authenticité de caractéristiques de valeur

Cited By (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP3206192A1 (fr) * 2016-02-11 2017-08-16 Safran Identity & Security Procédé de sécurisation et de verification d'un document
FR3047688A1 (fr) * 2016-02-11 2017-08-18 Morpho Procede de securisation et de verification d'un document
US10403076B2 (en) 2016-02-11 2019-09-03 Safran Identity & Security Method for securing and verifying a document
AU2017200935B2 (en) * 2016-02-11 2022-07-28 Idemia Identity & Security France Method for securing and verifying a document

Also Published As

Publication number Publication date
WO2011023697A1 (fr) 2011-03-03

Similar Documents

Publication Publication Date Title
EP3646247B1 (fr) Authentification d'un utilisateur basée sur un document d'identité avec rfid et un protocole challenge-response dont le challenge est un geste.
JP5064563B2 (ja) イメージパズル型暗号化イメージを用いた暗号化システム
US8479007B2 (en) Document creation and authentication system
JP2009531752A (ja) 個人用セキュアカードの作成方法及びその動作過程
KR101675728B1 (ko) 정보처리기기를 이용한 사용자 인증 처리 방법 및 장치
JP6803804B2 (ja) 画像情報検証装置
EP2825993A1 (fr) Procédé et appareil de passeport numérisé
KR20170001929A (ko) 디지털 이미지를 이용한 인증 방법, 이를 위한 애플리케이션 시스템, 및 인증 시스템
US20150161594A1 (en) Payment unit, system and method
US12026670B2 (en) Systems and methods for aligning documents with near field communication devices
JP6513866B1 (ja) 本人認証装置およびプログラム
JP2011060107A (ja) 証明書判定装置、証明書判定方法および証明書判定プログラム
KR101654520B1 (ko) 사용자 인증 처리 방법 및 장치
EP3171296B1 (fr) Procede et scanner destines a verifier l'authenticite d'un document d'identite
KR101748136B1 (ko) 디지털 이미지를 이용한 인증 방법, 이를 위한 애플리케이션 시스템, 디지털 이미지 판단시스템, 및 인증 시스템
EP2290619A1 (fr) Procédé et dispositif pour la vérification de documents sécurisés
JP7112320B2 (ja) 検証装置及び検証方法
JP4971001B2 (ja) インターホン装置
JP7163573B2 (ja) 登録システム
KR20120107043A (ko) 카메라를 이용한 비대면 인증 제공 방법 및 시스템과 이를 위한 휴대단말
KR20170121737A (ko) 카메라를 이용한 비대면 인증 제공 방법
KR101210264B1 (ko) 코드 이미지 인증 방법 및 시스템과 이를 위한 스마트폰
KR100436454B1 (ko) 생체인식기술을 이용한 금융/신원확인용 카드 및 여권의자동발급기
JP2008108090A (ja) 認証システム及び認証方法並びに制御プログラム
JP2010277439A (ja) 認証装置および認証サーバ

Legal Events

Date Code Title Description
PUAI Public reference made under article 153(3) epc to a published international application that has entered the european phase

Free format text: ORIGINAL CODE: 0009012

AK Designated contracting states

Kind code of ref document: A1

Designated state(s): AT BE BG CH CY CZ DE DK EE ES FI FR GB GR HR HU IE IS IT LI LT LU LV MC MK MT NL NO PL PT RO SE SI SK SM TR

AX Request for extension of the european patent

Extension state: AL BA RS

STAA Information on the status of an ep patent application or granted ep patent

Free format text: STATUS: THE APPLICATION IS DEEMED TO BE WITHDRAWN

18D Application deemed to be withdrawn

Effective date: 20110903