EP3238185A1 - Method for certifying and authenticating security documents based on a measure of the relative position variations of the different processes involved in its manufacture - Google Patents
Method for certifying and authenticating security documents based on a measure of the relative position variations of the different processes involved in its manufactureInfo
- Publication number
- EP3238185A1 EP3238185A1 EP14837071.1A EP14837071A EP3238185A1 EP 3238185 A1 EP3238185 A1 EP 3238185A1 EP 14837071 A EP14837071 A EP 14837071A EP 3238185 A1 EP3238185 A1 EP 3238185A1
- Authority
- EP
- European Patent Office
- Prior art keywords
- document
- security document
- security
- message
- authentication
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Withdrawn
Links
- 238000000034 method Methods 0.000 title claims abstract description 105
- 238000004519 manufacturing process Methods 0.000 title claims abstract description 40
- 230000008569 process Effects 0.000 title claims description 60
- 238000012795 verification Methods 0.000 claims description 20
- 238000007639 printing Methods 0.000 claims description 15
- 238000012545 processing Methods 0.000 claims description 7
- 239000000758 substrate Substances 0.000 claims description 6
- 239000002994 raw material Substances 0.000 claims description 5
- 239000000835 fiber Substances 0.000 claims description 4
- 239000011888 foil Substances 0.000 claims description 4
- 238000007645 offset printing Methods 0.000 claims description 2
- 238000003703 image analysis method Methods 0.000 claims 1
- 238000007689 inspection Methods 0.000 claims 1
- 238000012567 pattern recognition method Methods 0.000 claims 1
- 230000006870 function Effects 0.000 description 27
- 239000000976 ink Substances 0.000 description 10
- 239000000463 material Substances 0.000 description 8
- 238000005516 engineering process Methods 0.000 description 5
- 239000000126 substance Substances 0.000 description 4
- 238000005286 illumination Methods 0.000 description 3
- 238000005259 measurement Methods 0.000 description 3
- 230000004044 response Effects 0.000 description 3
- 238000013459 approach Methods 0.000 description 2
- 230000008859 change Effects 0.000 description 2
- 230000003993 interaction Effects 0.000 description 2
- 238000007620 mathematical function Methods 0.000 description 2
- 238000012067 mathematical method Methods 0.000 description 2
- 238000012986 modification Methods 0.000 description 2
- 230000004048 modification Effects 0.000 description 2
- 238000001228 spectrum Methods 0.000 description 2
- 238000003860 storage Methods 0.000 description 2
- 238000012360 testing method Methods 0.000 description 2
- 238000010521 absorption reaction Methods 0.000 description 1
- 230000003190 augmentative effect Effects 0.000 description 1
- 230000004888 barrier function Effects 0.000 description 1
- 230000005540 biological transmission Effects 0.000 description 1
- 230000015556 catabolic process Effects 0.000 description 1
- 238000006731 degradation reaction Methods 0.000 description 1
- 230000006866 deterioration Effects 0.000 description 1
- 238000011161 development Methods 0.000 description 1
- 238000009826 distribution Methods 0.000 description 1
- MJEMIOXXNCZZFK-UHFFFAOYSA-N ethylone Chemical compound CCNC(C)C(=O)C1=CC=C2OCOC2=C1 MJEMIOXXNCZZFK-UHFFFAOYSA-N 0.000 description 1
- 230000003203 everyday effect Effects 0.000 description 1
- 238000010191 image analysis Methods 0.000 description 1
- 230000006872 improvement Effects 0.000 description 1
- 238000009776 industrial production Methods 0.000 description 1
- 238000009434 installation Methods 0.000 description 1
- 230000010354 integration Effects 0.000 description 1
- 238000002372 labelling Methods 0.000 description 1
- 238000010330 laser marking Methods 0.000 description 1
- 238000012417 linear regression Methods 0.000 description 1
- 239000000696 magnetic material Substances 0.000 description 1
- 239000011159 matrix material Substances 0.000 description 1
- 230000007246 mechanism Effects 0.000 description 1
- 230000003287 optical effect Effects 0.000 description 1
- 230000000704 physical effect Effects 0.000 description 1
- 239000000049 pigment Substances 0.000 description 1
- 238000012797 qualification Methods 0.000 description 1
- 238000003908 quality control method Methods 0.000 description 1
- 230000002040 relaxant effect Effects 0.000 description 1
- 230000000638 stimulation Effects 0.000 description 1
- 230000003655 tactile properties Effects 0.000 description 1
- 238000010200 validation analysis Methods 0.000 description 1
Classifications
-
- B—PERFORMING OPERATIONS; TRANSPORTING
- B42—BOOKBINDING; ALBUMS; FILES; SPECIAL PRINTED MATTER
- B42D—BOOKS; BOOK COVERS; LOOSE LEAVES; PRINTED MATTER CHARACTERISED BY IDENTIFICATION OR SECURITY FEATURES; PRINTED MATTER OF SPECIAL FORMAT OR STYLE NOT OTHERWISE PROVIDED FOR; DEVICES FOR USE THEREWITH AND NOT OTHERWISE PROVIDED FOR; MOVABLE-STRIP WRITING OR READING APPARATUS
- B42D25/00—Information-bearing cards or sheet-like structures characterised by identification or security features; Manufacture thereof
- B42D25/20—Information-bearing cards or sheet-like structures characterised by identification or security features; Manufacture thereof characterised by a particular use or purpose
- B42D25/29—Securities; Bank notes
-
- G—PHYSICS
- G07—CHECKING-DEVICES
- G07D—HANDLING OF COINS OR VALUABLE PAPERS, e.g. TESTING, SORTING BY DENOMINATIONS, COUNTING, DISPENSING, CHANGING OR DEPOSITING
- G07D7/00—Testing specially adapted to determine the identity or genuineness of valuable papers or for segregating those which are unacceptable, e.g. banknotes that are alien to a currency
- G07D7/20—Testing patterns thereon
- G07D7/202—Testing patterns thereon using pattern matching
- G07D7/2033—Matching unique patterns, i.e. patterns that are unique to each individual paper
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06K—GRAPHICAL DATA READING; PRESENTATION OF DATA; RECORD CARRIERS; HANDLING RECORD CARRIERS
- G06K19/00—Record carriers for use with machines and with at least a part designed to carry digital markings
- G06K19/06—Record carriers for use with machines and with at least a part designed to carry digital markings characterised by the kind of the digital marking, e.g. shape, nature, code
- G06K19/06009—Record carriers for use with machines and with at least a part designed to carry digital markings characterised by the kind of the digital marking, e.g. shape, nature, code with optically detectable marking
- G06K19/06037—Record carriers for use with machines and with at least a part designed to carry digital markings characterised by the kind of the digital marking, e.g. shape, nature, code with optically detectable marking multi-dimensional coding
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q30/00—Commerce
- G06Q30/018—Certifying business or products
- G06Q30/0185—Product, service or business identity fraud
Definitions
- This description generally relates to a process for the certification and authentication of security documents. Specifically, it refers to the utilization of the security features and unique characteristics which are already present in the security documents in order to certify and authenticate this kind of documents. More particularly, it relates to the certification and authentication of banknotes, checks or any other security documents by means of utilizing the natural variations during the production process; which is when the printing processes, the security features and other characteristics are incorporated into the document.
- the counterfeit of documents can include counterfeits based on systems using laser or inkjet printers (photocopy type counterfeits) and counterfeits using processes and materials similar to the genuine (counterfeits by process).
- the central banks include special features that printers cannot imitate: for example, watermarks, magnetic threads, transparent windows, engraved reliefs with tactile properties, holograms and optically variable features and inks that change with the viewing angle.
- the authenticity is difficult to determine by simple examination from a non-trained user.
- money counterfeiting this has a high impact in the finances of a nation.
- U. S. Patent Application No. 2004/0268130 discloses a system and method of authenticating an article that includes the steps of selecting an inherent feature of the article, and converting the feature into digital data to form an identification code for the article.
- An encryption system is used to encrypt the identification code, utilizing a secret private key of an asymmetric encryption key pair, and associated with the issuing party.
- the encrypted code is made available on a label accompanying the article.
- digital data relating to the feature is determined directly from the article and the code is decrypted utilizing a public key of the pair obtained from a third party in accordance with rules of a public key infrastructure.
- the inherent feature is the result of a chemical manipulation of the article or the inclusion of unique characteristics in or on the article. It also requires that the encrypted code is available on a label accompanying the article; however, the code is encrypted without applying a hash function. This flaw will allow a counterfeiter to obtain the original data that defines the uniqueness of the article and to start making modifications in order to approach the original data. By using a hash function, the counterfeiter will have no information on how to modify the article to try to make it pass the authentication. Moreover, it is not clear whether the chosen characteristics will be able to withstand the natural deterioration from the use of the articles.
- Advanced Track and Trace has developed a method to certify printing plates, and their correspondingly printed banknotes. It uses robust cryptographic methods. However, it has a main drawback: the fact that the number of codes is restricted to the plates designed for the manufacture of banknotes using the ATT process; one can only reproduce the serials that were printed with the same plate, due to cryptographic protection. In addition, due to the complexity of the pattern that has to be printed, it requires a microscope or some augmenting device as well as an improved quality control, in order to minimize the variations of batches of security banknotes.
- aspects of the present disclosure provide a system of certification of banknotes, checks or any other security document. Aspects comprise the digital certification of the documents involving these variations, which imply the uniqueness of each piece. This is possible due to the natural variability of industrial production processes, as well as the information that changes in a predictable and controlled manner, such as: serial numbers, serial character, etc.
- a certification process of documents that consist of a hashed message that, even if decrypted, is only useful to check the authenticity of the document, and will not disclose any information about the characteristics of the original document that could be useful in the process of forgery.
- Another aspect provides an authentication process for banknotes, checks or any other security documents.
- Another aspect provides an authentication method to be conducted in an automated way.
- Another aspect provides a method for positive identification of counterfeited security documents with a low incidence of false negative and false positive authentication.
- Yet another aspect is to classify counterfeits by their quality and degree of sophistication.
- the data to individualize every security document which is obtained from a set of characteristics from the register variations between features added in different manufacturing processes. These characteristics are related to the particularity and even the uniqueness of each security document.
- a method of certification and authentication of any security document is based on the message described above, requiring a register variation which is the result of at least two production processes, the method of certification comprising the steps of:
- a method of authentication comprising the steps of:
- the certified hashed message is obtained from the digital certificate marked or printed on the security document, and the digital certificate is decrypted through the use of a public key to render a hashed message for reference; in some aspects, the certified hashed message is obtained from a database by accessing the database, [0034] authenticating the document by comparing the certified hashed message and the hashed message for verification, where if the certified hashed message and the hashed message for verification coincide, the document is considered as genuine, and if the certified hashed message and the hashed message for verification do not coincide, the document is considered as counterfeit.
- Fig. 1 shows the general certifying process.
- Fig. 2 shows a security document containing images and characters from different processes.
- Fig. 3 shows an example of a security document having different images from different processes and showing reference points and relative points.
- Fig. 4 is an example of a function MD for the mathematical treatment of data to obtain a message.
- Fig. 5 is an example of an authentication process of a security document.
- Fig. 6 is an algorithm for the authentication of a security document.
- the certification and authentication process is based on the variations which take place during the steps of the manufacturing process of the security documents, and particularly in the interaction of those steps.
- Some aspects are related to a system for certification and authentication of security documents.
- Some aspects also relate to a method for certification and authentication of an original document, wherein the unique characteristics of every document are identified, codified and optionally inserted in the security document itself, or stored in an external database. This method and proposed system prevents falsification of security documents.
- Certification Formal procedure by which an accredited or authorized person or agency assesses (and attests in writing by issuing a certificate) the attributes, characteristics, quality, qualification, or status of individuals or organizations, goods or services, procedures or processes, or events or situations, in accordance with established requirements or standards.
- Authentication the act of confirming the truth of an attribute of a single piece of data (datum) or entity. Authentication is the process of determining whether someone or something is, in fact, who or what it is declared to be.
- Security features - refers to the security characteristics present in the security document. Such characteristics are intended to be difficult to imitate through the use of commercially available products as is the case of security paper, security inks, watermarks, magnetic threads, transparent window, tactile features, foils, patches, holograms, etc.
- Security documents - is a document that states in writing some guaranty (of each of the Guarantors), and was produced using a security printing processes and may also include security features.
- Unique characteristics the characteristics from the natural register variations between features added in different manufacturing processes. These characteristics are related to the particularity and even the uniqueness of each manufactured security document.
- the characteristics can be acoustic, electric, or magnetic signals and can be measured on a part of the electromagnetic spectrum. It includes print errors or printing variations: random ink stains, unfilled lines, color, etc.
- Register - the register refers to the relative position, alignment or misalignment, between the features of a security document, and which were included by the different manufacturing processes. During the manufacture of a security document, the relative position between the variety of images or characters or security features from different processes varies from document to document, making the document unique and unrepeatable due to such variations.
- Metric function - A metric on a set X is a function (called the distance function or simply distance)
- Generalized metric function A generalized metric on a set X is like a metric function, but in some way of relaxing its axioms (for example, maybe only satisfy the axioms 1 and 3).
- Document ID data the data that act like an identifier for a particular document. They can be words, numbers, letters, symbols, or any combination of these.
- An identifier is a name that identifies (that is, labels the identity of) either a unique document or a set of documents.
- the abbreviation ID refers to identifier (that is, an instance of identification). In the case of banknotes, it contains the serial number.
- the message the concatenation of the outcome from applying some metrics, generalized metrics or other functions to the points in a previously selected subset of unique characteristics (of the security document register) and its document ID data.
- the hashed message the codified message by means of an unidirectional cryptographic hash function.
- unique characteristics is in use for all those natural variations of the document that arise in the manufacturing process and that are measurable; in particular, those provided by the security printing process for the fabrication of a security document.
- An example of a unique characteristic is the register.
- the security features are those parts or components which are present in a security document, having the purpose of facilitating to the different users of the document the authentication of the document by way of controlling the manufacturing process, distribution and commercialization, making it possible to prevent the acquisition of the security feature and falsification by an unauthorized individual or entity.
- the unique characteristics are those natural variations which are measurable along the manufacturing process.
- a method for digitally certifying security documents using security features and unique characteristics which are already present in mentioned document.
- the document will be digitalized, which can be done through a scanner or digital photography using different sources and kinds of illumination, as well as any other measurement of physical, chemical, or physicochemical properties of the document from which the unique characteristics can be obtained.
- the register can be measured.
- reflection, transmission, absorption, emission properties in any wavelength of the electromagnetic spectrum, or combination thereof either with stationary illumination or in a pulsating state.
- a message is constructed using some features as well as the mathematical correlation between them. According to aspects of the present disclosure, a metric function, which is a function of a distance between two points, is used.
- the message is constructed using those features which cannot be degraded or whose degradation is known and/ or predictable:
- the image is taken emphasizing those parts which are intended to be certified. For example, it could be of interest to certify only a half or quarter size of the security document, or to create multiple certifications using different messages for a single document.
- the manufacturing process of the security document according to aspects of the present disclosure comprises:
- step 1 1a Providing suitable supplies (step 1 1a) which include the substrate, inks, security features such as watermarks, threads, transparent windows, colored fibers, foils or patches, etc.
- step 13a Conducting the manufacturing process of the security document (step 13a), which involves the integration of all the supplies, the process comprising: placing a variety of features, characters or images on the substrate using at least two different manufacturing processes; and marking or placing the serial number of the document or any other document ID data;
- [0077] i. obtaining a digital image of the document (step 10) and obtaining the data (20) corresponding to a selected group of unique characteristics for every document and the document ID data. These unique characteristics are a result of the manufacturing process variations and the supplies used;
- a security document is depicted according to aspects of the present disclosure. For the manufacture of the security document, some processes are involved; as an example, four processes (A, B, C, E) are shown.
- the security document includes a variety of images and characters belonging to different manufacturing processes.
- Process A provides the initial substrate for a security document, the substrate including some security features such as a thread or foil (ai) and a watermark or electrotype image (aii).
- Process B provides a set of images (bi), for example in the form of offset printing.
- Process C provides the security document with an image (ci) and also characters (ciii), in the example referring to the denomination, and character (cii) referring to the name of the issuing institution; as an example, this could be an engraving process.
- process E provides the serial number of the security document (e l), exemplified as a banknote.
- the security document is certified according to the process depicted in Fig. 1 ; as a result, the digital certificate obtained by the certification process can optionally be printed on the security document as feature (fi).
- At least one of the following unique characteristics of the document is considered for certifying the document, and they are obtained from:
- Electromagnetic response (IR, Visible, UV)
- Fig. 1 discloses the certification process according to aspects of the present disclosure
- a security document is manufactured according to the well known processes of the prior art (Step 10), including the steps of providing special supplies 1 1a, manufacturing a substrate 13a, and conducting a manufacturing process comprising a variety of steps (13a).
- step 20 The document thus manufactured, it is then subjected to the process of obtaining data (step 20), Fig. 1 in order to obtain the particular data of each manufactured item, and in particular, the information concerning the relative positions between the variety of characters or images present in a security document.
- a security document is represented containing images produced by a sequence of process A, B, C and E.
- reference points Al , A2, .... AN
- B l , B2, BN C I , C2, CN
- C I C I , C2, CN
- El E2, EN
- a first relative position [D 1 (A1 ,A2)] of a fist relative point (A2) is calculated in image A with respect to reference point Al ;
- a second relative position [D2(A1 ,B1)J of relative point B l is calculated in image B with respect to reference point Al .
- a third relative position [D3(A1 ,C 1)] of relative point CI in image C is calculated as well.
- D4(A 1 ,E 1 )] of a relative point (El) in image D is calculated as well.
- the security document data is then associated with a mathematical function, such as a mathematical matrix as depicted in Fig. 4 which conforms the "Message" of the security document.
- a mathematical function such as a mathematical matrix as depicted in Fig. 4 which conforms the "Message" of the security document.
- MD Messages MDA referring to relative position of the dot A with respect to the remaining dots A, B , C and E, or a Message MDCB related to the relative position between dots C and B, or Message MDEC concerning to the relative position of dots from figures C and E.
- This is particularly useful when it is desirable to authenticate a document where only part of the document is available, for example in case of document fractions, or torn security documents.
- a process of digitalization or capture of an image is conducted, for example with, digital photography or a scanner; as well as any other physical and/ or chemical measurements of unique characteristics for every document, for example paper type, paper weight, paper texture, paper color, ink type, ink color, etc.
- the digitalization step could be conducted in a digitalization module subsequent to the manufacture ( 13a).
- the level of variation provides a unique and unrepeatable way to identify documents, whose exact reproduction is extremely complex even for the original manufacturer.
- step (30) is then transformed in step 40 through the use of a Mathematical Hash function and then encrypted in step 60 to yield a unique digital certificate.
- step 40 of figure 1 the message obtained in step (30) is then transformed using a mathematical function, such as a Hash function in order to obtain a Hashed message comprising at least one chain of characters in step 50 of Fig. 1.
- a mathematical function such as a Hash function
- There are some mathematical methods to run a Hash function for example, by means of a mathematic unidirectional process or model (algorithm) delivering a chain of characters.
- the Hashed function is then encrypted in step (60) to yield an encrypted hashed message or digital certificate.
- an asymmetric encryption algorithm is used that requires a private key (70) in order to generate a digital certificate (80) in the form of an encrypted alphanumeric chain.
- the digital certificate is, in turn, stored in a database (90) that can be kept in a server placed in secure installations, and/or it can be marked/ printed (97) back to the document ( 10) in a readable manner by the same mechanism to obtain the data (20), such as a barcode, code or plain text (fi) .
- a database (90) in addition to storing the digital certificate (80), it may also be useful to associate that digital certificate in the database with other ID data information such as the serial number of the security document, a scanned copy of the document, details on the place and time of manufacture of the document, etc.
- the digital certificate is then a validation element associated to the document ID data of the security document and refers to a particular relationship between images and characters which are present in a unique way for each security document.
- the digital certificate 80 acts as a barrier to an unauthorized third party with a reader who wants to read counterfeited documents or banknotes and print on them a label that represents the reader's scan according to the encryption scheme.
- the digital certificate for example a bar code label or other mark
- the digital certificate would represent a cryptogram decipherable by a public key, and the private key would be reserved for the authorized certifying party or authority.
- the digital certificate may not be included in the security document.
- the digital certificate represents the unique and unrepeatable physical characteristics of the images and characters present in a security document and will not disclose further information on how to forge a copy.
- the encrypted information is then placed as a mark or printed back in step 97 of Fig. 1.
- the digital certificate 80 and the hashed message 50 as well as the partial hashed messages and the document ID data of the security document are stored in a database 90, placed in a server available for public access.
- the digital certificate in the form of an element (fi) can optionally be inserted on the security document 10.
- the digital certificate can be selected from a bar code or a bidimensional bar code element or a character string (fl).
- the digital certificate 80 is the result of the unique and unrepeatable relationship between the variety of images and characters due to register, which are due their manufacturing processes, present in a security document.
- the security documents that have been certificated are subject to further authentication.
- the process of authentication of a security document in circulation is depicted in Figs. 5 and 6.
- the authentication of a security document is a task conducted by an authentication authority, for example the authentication authority of a issuing institution, but can also be performed by both a user of the document and the authentication authority when a user wishes to authenticate a document.
- a user or authentication authority that desires to know if an issued document ( 1 10) is genuine or not should first (step 120) verify the supplies and the existence of the security features (watermarks, security threads, security inks, security processes, etc.) intended to be present in a genuine document; simple photocopies and rough copies are discriminated in step 120 in Fig. 5 and step 121 in Fig. 6, and considered as low quality counterfeit ( 122, Fig. 6) .
- a hashed message must be generated according to the features of the document of the user.
- the user/authentication authority must obtain the data of the security documents (step 130) by means of any device capable of taking the required digital image, then construct a message through the use of a metric function and the document ID data (step 140), and apply a hash function ( 150) to obtain a hashed message (160) for verification.
- the user is provided with a smart phone, tablet or a different processing device with an application able to obtain the data ( 130) and automatically construct the message ( 140) through the metric function, as well as to apply the hash function ( 150) to the message in order to obtain a hashed message ( 160) for verification.
- the hashed message for verification (160) is compared with a decrypted hashed message (260).
- the digital certificate (80, Fig. 1) to obtain the decrypted hashed message (260) needs to be retrieved in some way.
- One source of digital certificates (80, Fig. 1) for verification is the database (280), created during the certification.
- the digital certificate can be decrypted (250) by means of a public key (230), in order to obtain a decrypted hashed message (260).
- the database may be part of a mass storage device that forms part of the reader apparatus, or may be at a remote location and accessed by the reader through a telecommunications link.
- the telecommunications link may take any conventional form, including wireless and fixed links, and may be available over the internet.
- the data acquisition and processing module may be operable, at least in some operational modes, to allow the signature to be added to the database if no match is found. This facility will usually only be allowed to authorized persons, for obvious reasons. It should be noted that the misuse of the public key does not facilitate the counterfeiting of the document, since the public key is useful for decrypting the digital certificate but is useless for encrypting a hashed message.
- the hashed message for verification ( 160) of the security document is provided to the authentication authority, which is able to obtain the correspondent decrypted hashed message (260) from the database (280) as described above, and perform a comparison to establish whether the hashed message for verification ( 160) is a match with the decrypted hashed message (260).
- Another source to retrieve the digital certificate (80, Fig. 1) is the bar code or a bidimensional bar code element or a character string (f 1 , in Fig. 2) marked /printed on the security document.
- the digital certificate can be decrypted (250) by means of a public key (230) to obtain a decrypted hashed message (260) and used to perform the comparison to establish whether the hashed message for verification ( 160) is a match with the decrypted hashed message (260), which can be locally performed by the user.
- the document is then qualified as an authentic document (400 in Fig. 6).
- the hashed message for verification (160) is not a match with the corresponding decrypted hashed message (260)
- the document is considered as a high quality counterfeit (305). The incidence of such counterfeits may provide elements/ evidence for investigating criminal patterns.
- the user should first conduct a verification step 121 for the presence of the genuine raw materials and the original security manufacturing processes present in security documents, such as banknotes. If such materials and processes are not present, then the document is considered as a low quality counterfeit (122). If the expected materials and processes are in the document and are considered as genuine, then the user should conduct a step of obtaining data ( 130).
- the authentication process is performed through the use of an application for an intelligent device, such as a smart phone or tablet.
- the application guides the user to obtain an accurate image and provides the means to connect to the Authentication Authority. After the authentication by the Authentication Authority, the result of the comparison process is delivered.
- the method provides the possibility of classifying counterfeits by their manufacturing characteristics; for such purposes, equipment is needed for automatic classification and registering (ID) of counterfeits, which is in charge of registering the features of all the counterfeits arriving at the issuing institution in order to create a database with all the information extracted from counterfeits, in order to statistically link pieces to "Counterfeiters" (not necessarily a person) and detect even slight improvements. Such information is useful in investigating and pursuing counterfeiting crimes.
- ID automatic classification and registering
- the Marking/ Printing device can be an inkjet printer, a numbering machine, laser marking devices, labeling devices, etc.
- image acquisition system digital cameras, cellphone camera, scanner, etc.
- image processing system such as CPUs [PCs, Servers, Tablet, Smartphones, etc.J, GPUs, FPGAs
- CPUs PCs, Servers, Tablet, Smartphones, etc.J
- GPUs GPUs
- FPGAs FPGAs
Landscapes
- Engineering & Computer Science (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Business, Economics & Management (AREA)
- Computer Vision & Pattern Recognition (AREA)
- Theoretical Computer Science (AREA)
- Accounting & Taxation (AREA)
- Finance (AREA)
- Economics (AREA)
- Development Economics (AREA)
- Marketing (AREA)
- Strategic Management (AREA)
- General Business, Economics & Management (AREA)
- Entrepreneurship & Innovation (AREA)
- Editing Of Facsimile Originals (AREA)
- Inspection Of Paper Currency And Valuable Securities (AREA)
- Storage Device Security (AREA)
- Management, Administration, Business Operations System, And Electronic Commerce (AREA)
- Credit Cards Or The Like (AREA)
Abstract
Methods for certifying a security document comprising the steps of: a) selecting a set of unique characteristics, obtained as the result of the variations in the manufacturing process and supplies, b) getting a digital image of a security document and obtaining data of the relative position between features selected from different manufacturing processes (register), c) constructing a message by measuring the register of selected features from the document and the document ID data, d) constructing a hashed message, the hashed message being the message obtained after being encoded by means of a unidirectional cryptographic hash function, e) encrypting the hashed message using a public key cryptographic system to obtain a digital certificate by means of a private key, and f) storing the digital certificate in an external database.
Description
METHOD FOR CERTIFYING AND AUTHENTICATING SECURITY DOCUMENTS BASED ON A MEASURE OF THE RELATIVE POSITION VARIATIONS OF THE DIFFERENT PROCESSES INVOLVED IN ITS
MANUFACTURE
DESCRIPTION
1. Field of the invention
[0001] This description generally relates to a process for the certification and authentication of security documents. Specifically, it refers to the utilization of the security features and unique characteristics which are already present in the security documents in order to certify and authenticate this kind of documents. More particularly, it relates to the certification and authentication of banknotes, checks or any other security documents by means of utilizing the natural variations during the production process; which is when the printing processes, the security features and other characteristics are incorporated into the document.
2. Background of the invention
[0002] Due to the remarkable advance in existing technologies for graphical reproduction that are commonly available on the market, the occurrence of counterfeits of good quality of security documents such as checks, banknotes, etc. are becoming common. Therefore, a certification and authentication method for security documents using methods that can withstand the technological advance of graphic equipment, and that makes use of commonly available devices such scanners or digital cameras, is of utmost importance.
[0003] Moreover, organized crime has found a way to use these professional technologies to produce large volumes of high-quality counterfeits; this fact jeopardizes the trust that society has in the issuing institution and the institution's ability to provide reliable instruments to detect counterfeits.
[0004] The commonly known authentication methods focused on verification based on devices or automatic equipment rely on processes and systems that require equipment with specific characteristics to verify the authenticity of one security feature of the document, where the difficulty is imposed either by a high cost of the equipment or the special material that is required. Examples are the inclusion of magnetic materials, UV fluorescent inks, infrared absorbing pigments, systems of dynamical optical response such as phosphorescence decay, magnetic bands and holograms which are included in security documents. Unfortunately, criminals are also using methods that are becoming more sophisticated, and with the help of modern ease of access to information and reproduction media, it is possible to imitate almost any security feature that manufacturers have incorporated into the documents by means of commercially available materials and equipment. The counterfeit of documents can include counterfeits based on systems using laser or inkjet printers (photocopy type counterfeits) and counterfeits using processes and materials similar to the genuine (counterfeits by process). In the case of photocopy type counterfeits, the central banks include special features that printers cannot imitate: for example, watermarks, magnetic threads, transparent windows, engraved reliefs with tactile properties,
holograms and optically variable features and inks that change with the viewing angle. In the case of a counterfeits by process, the authenticity is difficult to determine by simple examination from a non-trained user. In addition, for the particular case of money counterfeiting, this has a high impact in the finances of a nation. Actually, the efforts to counteract such counterfeits are focused on the materials and inks to be used in the manufacture of new security documents, trying to foresee which of them will have a high risk of becoming commercially available during the intended lifetime of the document in order to avoid them. In general, the standard approach requires predicting when the gap between commercially available technologies and those intended for security documents is closing due to the inevitable technological progress.
[0005] In the case of currencies such as U. S. Dollars and Euros which are used in many countries, the risk of counterfeiting increases as there opens an opportunity to criminals of those countries, including state-sponsored criminal organizations.
[0006] Therefore, it is desirable that the authenticity of a security document does not only rely on the fact that the genuine materials and processes are difficult, however not impossible, to counterfeit; but also on mathematically proven security such as a digital certificate.
[0007] On the other hand, in the case of banknotes, which are extensively used for everyday transactions, it is necessary to be able to immediately determine their authenticity. As an example, if a person, during
a transaction, fails to detect a counterfeit, this will result in a loss since he will receive a document with no value, deliver a valuable merchandise, and in some cases provide the change in cash when the value of the merchandise is lower than the value of the counterfeit. Thus, there is a requirement of being able to quickly authenticate security documents such as checks and banknotes to prevent the entrance of such forged documents into the national economy that affects the general public, and to keep trust in the issuing institutions.
[0008] Forensic tests are very accurate in determining whether a document is genuine or not; however, the processing time for one document is very large, and they usually require expensive and specialized equipment. On the other hand, computers and gadgets with constantly growing image acquisition quality and computing capacity are becoming more popular and more economically accessible to individuals and corporations. Thus, it would be desirable to authenticate security documents by the use of currently available technology for digital image acquisition in devices like smart phones or scanners connected to computers which can analyze data to check the authenticity of a security document, particularly in the case of banknotes.
[0009] It has also been recognized in the field of security documents testing that a balance must be struck between the conflicting goals of "acceptance" and "rejection", positive acceptance being the ability to correctly authenticate - identify and accept - all genuine security documents no matter their condition, and positive rejection being the ability to correctly discriminate and reject all non-genuine security documents. However, there
is a possibility of negative acceptance, wherein a non-genuine document is accepted as genuine; and negative rejection, wherein a genuine document is considered as a counterfeit and rejected. It is necessary for the authentication process to have a high level of accuracy regarding these definitions, thus avoiding negative acceptances and negative rejections.
[0010] U. S. Patent Application No. 2004/0268130 discloses a system and method of authenticating an article that includes the steps of selecting an inherent feature of the article, and converting the feature into digital data to form an identification code for the article. An encryption system is used to encrypt the identification code, utilizing a secret private key of an asymmetric encryption key pair, and associated with the issuing party. The encrypted code is made available on a label accompanying the article. During a subsequent phase and at an authentication station, digital data relating to the feature is determined directly from the article and the code is decrypted utilizing a public key of the pair obtained from a third party in accordance with rules of a public key infrastructure. According to the system and method of U. S. Patent Application No. 2004/0268130, the inherent feature is the result of a chemical manipulation of the article or the inclusion of unique characteristics in or on the article. It also requires that the encrypted code is available on a label accompanying the article; however, the code is encrypted without applying a hash function. This flaw will allow a counterfeiter to obtain the original data that defines the uniqueness of the article and to start making modifications in order to approach the original data. By using a hash function, the counterfeiter will have no information on how to modify the article to try
to make it pass the authentication. Moreover, it is not clear whether the chosen characteristics will be able to withstand the natural deterioration from the use of the articles.
[0011] Advanced Track and Trace (ATT) has developed a method to certify printing plates, and their correspondingly printed banknotes. It uses robust cryptographic methods. However, it has a main drawback: the fact that the number of codes is restricted to the plates designed for the manufacture of banknotes using the ATT process; one can only reproduce the serials that were printed with the same plate, due to cryptographic protection. In addition, due to the complexity of the pattern that has to be printed, it requires a microscope or some augmenting device as well as an improved quality control, in order to minimize the variations of batches of security banknotes.
[0012] As can be noticed, there is a need for a method to certify security documents as well as a trustable and quick process for authenticating documents. In addition, with the always-increasing development in information technology, this method adds to the security and confidence in a physical security document with a digital certificate counterpart on the understanding that both are needed to assess the validity of the document. Particularly, in this scenario, considering that the physical document and the digital certificate are uniquely linked together, a banknote without a valid digital certificate will be of no value even though the document is genuine.
SUMMARY
[0013] Aspects of the present disclosure provide a system of certification of banknotes, checks or any other security document. Aspects comprise the digital certification of the documents involving these variations, which imply the uniqueness of each piece. This is possible due to the natural variability of industrial production processes, as well as the information that changes in a predictable and controlled manner, such as: serial numbers, serial character, etc.
[0014] In aspects, a certification process of documents that consist of a hashed message that, even if decrypted, is only useful to check the authenticity of the document, and will not disclose any information about the characteristics of the original document that could be useful in the process of forgery.
[0015] Another aspect provides an authentication process for banknotes, checks or any other security documents.
[0016] Another aspect provides an authentication method to be conducted in an automated way.
[0017] Another aspect provides a method for positive identification of counterfeited security documents with a low incidence of false negative and false positive authentication.
[0018] Yet another aspect is to classify counterfeits by their quality and degree of sophistication.
[0019] In some aspects, the data to individualize every security document which is obtained from a set of characteristics from the register variations between features added in different manufacturing processes. These characteristics are related to the particularity and even the uniqueness of each security document.
[0020] The creation of a different message for each security document using the previously mentioned set of characteristics and the data related to the document ID data.
[0021] Further, in some aspects, a method of certification and authentication of any security document is based on the message described above, requiring a register variation which is the result of at least two production processes, the method of certification comprising the steps of:
[0022] selecting a set of unique characteristics, obtained as a result of the variations in the manufacturing process and supplies,
[0023] Getting a digital image of a security document and obtaining the data,
[0024] constructing a message by measuring the register differences between features from the document and the data related to the document ID data,
[0025] constructing a hashed message, the hashed message being the message obtained after the original message is codified by means of a unidirectional cryptographic hash function,
[0026] encrypting the hashed message using a public key cryptographic system to obtain a digital certificate by means of a private key, and
[0027] storing the digital certificate in an external database and /or marking or printing the digital certificate in the security document.
[0028] According to other aspects, a method of authentication is provided, comprising the steps of:
[0029] providing a security document to be authenticated,
[0030] verifying that the security raw materials and manufacturing processes are present in the security document by means of well known image analysis techniques or by other kind of traditional verification,
[0031] constructing the correspondent message by measuring the register differences between features from the document and the data related to the document ID data,
[0032] applying a hash function to obtain a hashed message for verification,
[0033] obtaining the certified hashed message; in some aspects, the certified hashed message is obtained from the digital certificate marked or printed on the security document, and the digital certificate is decrypted through the use of a public key to render a hashed message for reference; in some aspects, the certified hashed message is obtained from a database by accessing the database,
[0034] authenticating the document by comparing the certified hashed message and the hashed message for verification, where if the certified hashed message and the hashed message for verification coincide, the document is considered as genuine, and if the certified hashed message and the hashed message for verification do not coincide, the document is considered as counterfeit.
BRIEF DESCRIPTION OF THE DRAWINGS [0035] Fig. 1 shows the general certifying process.
[0036] Fig. 2 shows a security document containing images and characters from different processes.
[0037] Fig. 3 shows an example of a security document having different images from different processes and showing reference points and relative points.
[0038] Fig. 4 is an example of a function MD for the mathematical treatment of data to obtain a message.
[0039] Fig. 5 is an example of an authentication process of a security document.
[0040] Fig. 6 is an algorithm for the authentication of a security document.
DETAILED DESCRIPTION
[0041] The certification and authentication process is based on the variations which take place during the steps of the manufacturing process of the security documents, and particularly in the interaction of those steps.
[0042] Some aspects are related to a system for certification and authentication of security documents.
[0043] Some aspects also relate to a method for certification and authentication of an original document, wherein the unique characteristics of every document are identified, codified and optionally inserted in the security document itself, or stored in an external database. This method and proposed system prevents falsification of security documents.
[0044] Aspects of the present disclosure will become more fully understood from the detailed description given herein below and the accompanying drawings which are given by way of illustration only, and thus, are not limits of the present invention, and wherein:
[0045] In the present disclosure, the following terms have the meaning indicated.
[0046] Certification - Formal procedure by which an accredited or authorized person or agency assesses (and attests in writing by issuing a certificate) the attributes, characteristics, quality, qualification, or status of individuals or organizations, goods or services, procedures or processes, or events or situations, in accordance with established requirements or standards.
[0047] Authentication - the act of confirming the truth of an attribute of a single piece of data (datum) or entity. Authentication is the process of determining whether someone or something is, in fact, who or what it is declared to be.
[0048] Security printing process - Special printing processes that commercially available processes cannot easily imitate; for example, those used in the printing of banknotes.
[0049] Security features - refers to the security characteristics present in the security document. Such characteristics are intended to be difficult to imitate through the use of commercially available products as is the case of security paper, security inks, watermarks, magnetic threads, transparent window, tactile features, foils, patches, holograms, etc.
[0050] Security documents - is a document that states in writing some guaranty (of each of the Guarantors), and was produced using a security printing processes and may also include security features.
[0051] Unique characteristics - the characteristics from the natural register variations between features added in different manufacturing processes. These characteristics are related to the particularity and even the uniqueness of each manufactured security document. The characteristics can be acoustic, electric, or magnetic signals and can be measured on a part of the electromagnetic spectrum. It includes print errors or printing variations: random ink stains, unfilled lines, color, etc.
[0052] Register - the register refers to the relative position, alignment or misalignment, between the features of a security document, and which were included by the different manufacturing processes. During the
manufacture of a security document, the relative position between the variety of images or characters or security features from different processes varies from document to document, making the document unique and unrepeatable due to such variations.
[0053] Metric function - A metric on a set X is a function (called the distance function or simply distance)
d: X x X→ R, where R is the set of real numbers). For all x, y, z in X, this function is required to satisfy the following conditions:
1. d(x, y)≥0
2. d(x, y) = 0 if and only if x = y
3. d(x, y) = d(y, x)
4. d(x, z)≤ d(x, y) + d(y, z).
[0054] Generalized metric function - A generalized metric on a set X is like a metric function, but in some way of relaxing its axioms (for example, maybe only satisfy the axioms 1 and 3).
[0055] Document ID data - the data that act like an identifier for a particular document. They can be words, numbers, letters, symbols, or any combination of these. An identifier is a name that identifies (that is, labels the identity of) either a unique document or a set of documents. The abbreviation ID refers to identifier (that is, an instance of identification). In the case of banknotes, it contains the serial number.
[0056] The message - the concatenation of the outcome from applying some metrics, generalized metrics or other functions to the points in a previously selected subset of unique characteristics (of the security document register) and its document ID data.
[0057] The hashed message - the codified message by means of an unidirectional cryptographic hash function.
[0058] Digital certificate - the encrypted hashed message stored in the process of certification (encrypted using a private key).
[0059] The term "unique characteristics" is in use for all those natural variations of the document that arise in the manufacturing process and that are measurable; in particular, those provided by the security printing process for the fabrication of a security document. An example of a unique characteristic is the register.
[0060] According to aspects of the present disclosure, the security features are those parts or components which are present in a security document, having the purpose of facilitating to the different users of the document the authentication of the document by way of controlling the manufacturing process, distribution and commercialization, making it possible to prevent the acquisition of the security feature and falsification by an unauthorized individual or entity.
[0061] According to aspects of the present disclosure, the unique characteristics are those natural variations which are measurable along the manufacturing process.
[0062] Also disclosed is a method for digitally certifying a security document through the data obtained from the unique characteristics, in particular the register.
[0063] In one aspect, a method is provided for digitally certifying security documents using security features and unique characteristics which are already present in mentioned document.
[0064] Particularly, the document will be digitalized, which can be done through a scanner or digital photography using different sources and kinds of illumination, as well as any other measurement of physical, chemical, or physicochemical properties of the document from which the unique characteristics can be obtained. Particularly, using visible light and a device to digitalize the image of the document, the register can be measured.
[0065] According to aspects of the present disclosure by "taking an image", it must be understood that the scanning and digitalization equipment measures features such as:
[0066] reflection, transmission, absorption, emission properties, in any wavelength of the electromagnetic spectrum, or combination thereof either with stationary illumination or in a pulsating state.
• magnetic and/ or electric properties, p.e. electromagnetic digital fingerprints of the materials constituting the security document;
• acoustic properties; the paper, when subject to cycles of stress of a particular magnitude, produces particular measurable levels of noise;
[0067] properties in response to a mechanical and /or chemical and/ or electrical stimulation of the paper or security features.
[0068] The features to be measured strongly depend on the nature of the manufacturing process employed during the manufacture of the security document, as well as the use that will be given to the document.
[0069] A message is constructed using some features as well as the mathematical correlation between them. According to aspects of the present
disclosure, a metric function, which is a function of a distance between two points, is used.
[0070] The message is constructed using those features which cannot be degraded or whose degradation is known and/ or predictable:
• Multiple zones of different sizes and/ or the whole document;
• The features to be measured depend on the document and the manufacturing process for obtaining thereof;
• The features that depend on the interaction between at least two different processes.
[0071] In the particular case of obtaining features from digital images, under any illumination, the image is taken emphasizing those parts which are intended to be certified. For example, it could be of interest to certify only a half or quarter size of the security document, or to create multiple certifications using different messages for a single document.
[0072] The system of certification and authentication of is disclosed with reference to the figures.
[0073] The manufacturing process of the security document according to aspects of the present disclosure comprises:
[0074] a) Providing suitable supplies (step 1 1a) which include the substrate, inks, security features such as watermarks, threads, transparent windows, colored fibers, foils or patches, etc.
[0075] b) Conducting the manufacturing process of the security document (step 13a), which involves the integration of all the supplies, the process comprising: placing a variety of features, characters or images on the substrate using at least two different manufacturing processes;
and marking or placing the serial number of the document or any other document ID data;
[0076] c) Certifying the security document by:
[0077] i. obtaining a digital image of the document (step 10) and obtaining the data (20) corresponding to a selected group of unique characteristics for every document and the document ID data. These unique characteristics are a result of the manufacturing process variations and the supplies used;
[0078] ii. constructing a message (30) by using a metric function for determining the relative position of the points previously selected as a group of unique characteristics, as well as the document ID data;
[0079] iii. constructing a hashed message by applying a hash function (40), the hashed message (50) being the message obtained by means of applying an unidirectional cryptographic hash function;
[0080] iv. Encrypting by means of a public key cryptography system (60) the hashed message using a private key (70) to obtain a digital certificate (80), and
[0081] v. storing the digital certificate in a database (90) and/or,
[0082] vi. marking or printing (97) the digital certificate on the security document ( 10).
[0083] In Fig. 2 a security document is depicted according to aspects of the present disclosure. For the manufacture of the security document, some processes are involved; as an example, four processes (A, B, C, E) are shown. The security document includes a variety of images and characters belonging to different manufacturing processes. In the case of the Figure 2, Process A provides the initial substrate for a security document, the substrate including some security features such as a thread or foil (ai) and a watermark or electrotype image (aii). Process B provides a set of images (bi), for example in the form of offset printing. Process C provides the security document with an image (ci) and also characters (ciii), in the example referring to the denomination, and character (cii) referring to the name of the issuing institution; as an example, this could be an engraving process. Likewise, process E provides the serial number of the security document (e l), exemplified as a banknote. In some aspects, the security document is certified according to the process depicted in Fig. 1 ; as a result, the digital certificate obtained by the certification process can optionally be printed on the security document as feature (fi).
[0084] According to aspects of the present disclosure, at least one of the following unique characteristics of the document is considered for certifying the document, and they are obtained from:
[0085] Electromagnetic response (IR, Visible, UV),
[0086] Register
[0087] number and position of fluorescent fibers
[0088] printing errors or printing variations: random ink stains, unfilled lines, color, etc.
[0089] Physical properties,
• Acoustic properties,
• Electric properties,
• Magnetic properties,
• etc.
[0090] and require at least one document ID data:
• serial number,
• document denomination,
• names,
• dates, etc.
[0091] Fig. 1 discloses the certification process according to aspects of the present disclosure; a security document is manufactured according to the well known processes of the prior art (Step 10), including the steps of providing special supplies 1 1a, manufacturing a substrate 13a, and conducting a manufacturing process comprising a variety of steps (13a).
[0092] The document thus manufactured, it is then subjected to the process of obtaining data (step 20), Fig. 1 in order to obtain the particular data of each manufactured item, and in particular, the information concerning the relative positions between the variety of characters or images present in a security document.
[0093] The data from the relative position of the images and characters present in a security document are used to construct a numeric message. Fig. 3 depicts the way to obtain the data from the security document. The message
(30) obtained in step (20) consists of data concerning the relative positions between images and characters, whose positions depend on the process by which such images and characters are placed on the security document. For example, in Figure 3, a security document is represented containing images produced by a sequence of process A, B, C and E. As noted, there is a defined set of reference points (Al , A2, .... AN), (B l , B2, BN), (C I , C2, CN), ), (El , E2, EN) etc. for each image or process, in a defined random position providing an easy access or identification, for example certain corners of an image, some marked dots, etc. and then a first relative position [D 1 (A1 ,A2)] of a fist relative point (A2) is calculated in image A with respect to reference point Al ; a second relative position [D2(A1 ,B1)J of relative point B l is calculated in image B with respect to reference point Al . In the same way, there is calculated a third relative position [D3(A1 ,C 1)] of relative point CI in image C; and optionally, a fourth relative position (D4(A 1 ,E 1 )] of a relative point (El) in image D is calculated as well. In some aspects, there are also calculated other relative positions, taking as reference a second reference point in image B (B2), a third reference point in character C (C2) or a fourth reference position in character E (E2). The metrics are also calculated for each relative position from each reference point as well as other trigonometric values and other mathematical quantities associated with the distance between the points. Thus, there can be defined a variety of reference points and a variety of measurements.
[0094] The security document data is then associated with a mathematical function, such as a mathematical matrix as depicted in Fig. 4 which conforms the "Message" of the security document. As noted, it is
possible to construct one general security message MD for all the features measured, or it is also possible to construct a variety of messages coming from specific parts of the security document, for example the Messages MDA referring to relative position of the dot A with respect to the remaining dots A, B , C and E, or a Message MDCB related to the relative position between dots C and B, or Message MDEC concerning to the relative position of dots from figures C and E. This is particularly useful when it is desirable to authenticate a document where only part of the document is available, for example in case of document fractions, or torn security documents.
[0095] There are some mathematical methods in the previous art to obtain a message from the information collected. For example, the protocol that follows the value of the relative positions, or a mathematical regression, for example a linear regression, a logarithmic regression or other kind of mathematical regression. In some aspects, it is preferred to use a metric function.
[0096] In order to obtain the variety of the reference points and the relative positions, a process of digitalization or capture of an image is conducted, for example with, digital photography or a scanner; as well as any other physical and/ or chemical measurements of unique characteristics for every document, for example paper type, paper weight, paper texture, paper color, ink type, ink color, etc. The digitalization step could be conducted in a digitalization module subsequent to the manufacture ( 13a).
[0097] As an example, when the subset of unique characteristics arise from the register between the different processes involved in the manufacture of the security document, then variations between the images and characters
result considering the process A, B, C and E will result in the order of some quintillions depending on the resolution of the digital image of the document.
[0098] As noted, the level of variation provides a unique and unrepeatable way to identify documents, whose exact reproduction is extremely complex even for the original manufacturer.
[0099] Moreover, if not only the register but also other unique characteristics such as the number and position of colored or fluorescent fibers is used, the number of variations will increase by some hundreds of orders of magnitude.
[00100] By selecting the points according to aspects of the present disclosure, it is possible to obtain some quintillions of possible combinations; thus, it is very unlikely for a counterfeiter to obtain a document with the same unique characteristics as those contained in a digital certificate produced according to aspects.
[00101] In the particular case of banknotes, even if the original manufacturer wanted to forge an exact copy of one document, it would have to manufacture many documents (in the order of quintillions) and then select
one which has the same variation, and then paste the document ID data together with the same certificate of the original. Therefore, particularly for banknotes, this method using the register does not make the counterfeiting impossible, rather makes it economically unfeasible by making the counterfeiting a very complex and inefficient process.
[00102] However, to avoid an attacker statistically studying the variations of the official manufacturer, the message obtained in step (30) is then transformed in step 40 through the use of a Mathematical Hash function and then encrypted in step 60 to yield a unique digital certificate.
[00103] In step 40 of figure 1 , the message obtained in step (30) is then transformed using a mathematical function, such as a Hash function in order to obtain a Hashed message comprising at least one chain of characters in step 50 of Fig. 1. There are some mathematical methods to run a Hash function, for example, by means of a mathematic unidirectional process or model (algorithm) delivering a chain of characters.
[00104] The Hashed function is then encrypted in step (60) to yield an encrypted hashed message or digital certificate. In order to encrypt the Hashed message, an asymmetric encryption algorithm is used that requires a private key (70) in order to generate a digital certificate (80) in the form of an encrypted alphanumeric chain.
[00105] As shown in Fig. 1 , the digital certificate is, in turn, stored in a database (90) that can be kept in a server placed in secure installations, and/or it can be marked/ printed (97) back to the document ( 10) in a readable manner by the same mechanism to obtain the data (20), such as a barcode, code or plain text (fi) . When using a database (90) in addition to storing the
digital certificate (80), it may also be useful to associate that digital certificate in the database with other ID data information such as the serial number of the security document, a scanned copy of the document, details on the place and time of manufacture of the document, etc.
[00106] The digital certificate is then a validation element associated to the document ID data of the security document and refers to a particular relationship between images and characters which are present in a unique way for each security document.
[00107] The digital certificate 80 acts as a barrier to an unauthorized third party with a reader who wants to read counterfeited documents or banknotes and print on them a label that represents the reader's scan according to the encryption scheme. Typically, the digital certificate (for example a bar code label or other mark) would represent a cryptogram decipherable by a public key, and the private key would be reserved for the authorized certifying party or authority. However, as mentioned, the digital certificate may not be included in the security document. As previously mentioned, the digital certificate represents the unique and unrepeatable physical characteristics of the images and characters present in a security document and will not disclose further information on how to forge a copy.
[00108] The encrypted information is then placed as a mark or printed back in step 97 of Fig. 1. The digital certificate 80 and the hashed message 50 as well as the partial hashed messages and the document ID data of the security document are stored in a database 90, placed in a server
available for public access. The digital certificate in the form of an element (fi) can optionally be inserted on the security document 10.
[00109] In some aspects of the present disclosure, the digital certificate can be selected from a bar code or a bidimensional bar code element or a character string (fl).
[00110] Thus, the digital certificate 80 is the result of the unique and unrepeatable relationship between the variety of images and characters due to register, which are due their manufacturing processes, present in a security document.
[00111] Authentication process
[00112] The security documents that have been certificated are subject to further authentication. The process of authentication of a security document in circulation is depicted in Figs. 5 and 6. The authentication of a security document is a task conducted by an authentication authority, for example the authentication authority of a issuing institution, but can also be performed by both a user of the document and the authentication authority when a user wishes to authenticate a document. According to Fig. 5, a user or authentication authority that desires to know if an issued document ( 1 10) is genuine or not should first (step 120) verify the supplies and the existence of the security features (watermarks, security threads, security inks, security processes, etc.) intended to be present in a genuine document; simple photocopies and rough copies are discriminated in step 120 in Fig. 5 and step 121 in Fig. 6, and considered as low quality counterfeit ( 122, Fig. 6) .
[00113] Then, if the raw materials and printing processes present in the document subject to authentication are considered as genuine (step
123, Fig. 6), a hashed message must be generated according to the features of the document of the user. For such purposes, the user/authentication authority must obtain the data of the security documents (step 130) by means of any device capable of taking the required digital image, then construct a message through the use of a metric function and the document ID data (step 140), and apply a hash function ( 150) to obtain a hashed message (160) for verification.
[00114] As a next step, the user is provided with a smart phone, tablet or a different processing device with an application able to obtain the data ( 130) and automatically construct the message ( 140) through the metric function, as well as to apply the hash function ( 150) to the message in order to obtain a hashed message ( 160) for verification.
[00115] In order to authenticate the security document, the hashed message for verification (160) is compared with a decrypted hashed message (260). The digital certificate (80, Fig. 1) to obtain the decrypted hashed message (260) needs to be retrieved in some way. One source of digital certificates (80, Fig. 1) for verification is the database (280), created during the certification. Considering the data acquisition and processing module is operable to access the database managed by the authentication authority, the digital certificate can be decrypted (250) by means of a public key (230), in order to obtain a decrypted hashed message (260). The database may be part of a mass storage device that forms part of the reader apparatus, or may be at a remote location and accessed by the reader through a telecommunications link. The telecommunications link may take any conventional form, including wireless and fixed links, and may be available
over the internet. The data acquisition and processing module may be operable, at least in some operational modes, to allow the signature to be added to the database if no match is found. This facility will usually only be allowed to authorized persons, for obvious reasons. It should be noted that the misuse of the public key does not facilitate the counterfeiting of the document, since the public key is useful for decrypting the digital certificate but is useless for encrypting a hashed message.
[00116] In some aspects of the present disclosure, the hashed message for verification ( 160) of the security document is provided to the authentication authority, which is able to obtain the correspondent decrypted hashed message (260) from the database (280) as described above, and perform a comparison to establish whether the hashed message for verification ( 160) is a match with the decrypted hashed message (260).
[00 17] Another source to retrieve the digital certificate (80, Fig. 1) is the bar code or a bidimensional bar code element or a character string (f 1 , in Fig. 2) marked /printed on the security document.
[00118] In some apsects of the present disclosure, the digital certificate can be decrypted (250) by means of a public key (230) to obtain a decrypted hashed message (260) and used to perform the comparison to establish whether the hashed message for verification ( 160) is a match with the decrypted hashed message (260), which can be locally performed by the user.
[00119] Finally, if the hashed message for verification ( 160) and the decrypted hashed message (260) are a match, the document is then qualified as an authentic document (400 in Fig. 6). On the other hand, if the hashed
message for verification (160) is not a match with the corresponding decrypted hashed message (260), the document is considered as a high quality counterfeit (305). The incidence of such counterfeits may provide elements/ evidence for investigating criminal patterns.
[00120] As depicted in figure 6, the user should first conduct a verification step 121 for the presence of the genuine raw materials and the original security manufacturing processes present in security documents, such as banknotes. If such materials and processes are not present, then the document is considered as a low quality counterfeit (122). If the expected materials and processes are in the document and are considered as genuine, then the user should conduct a step of obtaining data ( 130).
[00121] In some aspects of the present disclosure, the authentication process is performed through the use of an application for an intelligent device, such as a smart phone or tablet. The application guides the user to obtain an accurate image and provides the means to connect to the Authentication Authority. After the authentication by the Authentication Authority, the result of the comparison process is delivered.
[00122] The method provides the possibility of classifying counterfeits by their manufacturing characteristics; for such purposes, equipment is needed for automatic classification and registering (ID) of counterfeits, which is in charge of registering the features of all the counterfeits arriving at the issuing institution in order to create a database with all the information extracted from counterfeits, in order to statistically link pieces to "Counterfeiters" (not necessarily a person) and detect even slight
improvements. Such information is useful in investigating and pursuing counterfeiting crimes.
[00123] For the certification, image acquisition systems (digital camera, scanners), image processing equipment (such as CPUs, GPUs, FPGAs), storage system (data servers) are needed. In the case of 97, the Marking/ Printing device can be an inkjet printer, a numbering machine, laser marking devices, labeling devices, etc.
[00124] For authentication, image acquisition system (digital cameras, cellphone camera, scanner, etc.) image processing system (such as CPUs [PCs, Servers, Tablet, Smartphones, etc.J, GPUs, FPGAs) are needed. In the case of 280: access to the database (Internet, SMS, LAN, WAN, VPN, etc.) is needed.
[00125] Aspects of the present disclosure being thus described, it will be obvious that the same these aspects may be varied in many ways. Such variations are not to be regarded as a departure from the spirit and scope of the disclosure, and all such modifications as would be obvious to one skilled in the art are to be included within the scope of the following claims.
[00126] Acknowledgements:
[00127] The author would like to thank Mario Hernandez Tellez and Uriel Mancebo del Castillo for the numerous and useful discussions.
Claims
1. A method for certifying a security document, comprising:
selecting a set of unique characteristics, wherein the unique characteristics are related to variations in processes and supplies for manufacturing security documents,
obtaining a digital image of the security document and obtaining the data of a set of unique characteristics, such as the relative position between one or more features
constructing a message by measuring the register of the selected one or more features from the security document and from document ID data,
constructing a hashed message, wherein the hashed message is obtained by encoding the message with a unidirectional cryptographic hash function,
encrypting the hashed message using a public key cryptographic system to obtain a digital certificate by a private key, and
storing the digital certificate in an external database.
2. The method for certifying a security document according to Claim 1 , wherein the digital certificate is marked or printed on the security document.
3. The method for certification according to Claim 1 wherein the digital image is taken with light with a wavelength between 200 and 1500 nanometers.
4. The method for certification according to Claim 1 wherein the digital image is taken with visible light.
5. The method for certification according to Claim 1 wherein many parts of the same document are independently certified.
6. A method for certification according to Claim 1 , wherein the security document is a banknote, a check, a passport, visa, ID document or birth certificate.
7. The method for certifying a security document according to Claim 1 , wherein the data is obtained during the production line.
8. The method for certifying a security document according to Claim 1 , wherein the data is obtained during quality inspection.
9. A method for the authentication of a certified security document, comprising the steps of:
providing a security document to be authenticated;
verifying that the genuine security raw materials and manufacturing processes are present in the security document,
obtaining a digital image of a security document, obtaining a digital image of the security document and obtaining the data of a set of unique characteristics, such as the relative position between one or more features;
constructing a message by measuring the register of the selected one or more features from the security document and from document ID data, applying a hash function to the message to obtain a hashed message for verification,
retrieving and decrypting the stored digital certificate to obtain the certified hashed message for the security document;
authenticating the document by comparing the certified hashed message and the hashed message for verification, where if the certified hashed message and the hashed message for verification are a match, the document is considered as genuine, and if the certified hashed message and the hashed message for verification do not match, the document is considered as a counterfeit.
10. The method for the authentication of a security document according to Claim 9, wherein the certified hashed message is obtained from the digital certificate marked or printed on the security document, and the digital certificate is decrypted through the use of a public key to render the certified hashed message for reference.
1 1. The method for the authentication of a security document according to Claim 9, wherein the certified hashed message is obtained by accessing to the database.
12. The method for authenticating according to Claim 9, wherein the raw materials are verified via image analysis and pattern recognition methods.
13. The method for authentication according to Claim 9 wherein the security document is a banknote.
14. The method for authentication according to Claim 9, wherein the security document is a banknote with a substrate containing at least a watermark, or a security thread, or a foil, or a transparent window or fluorescent fibers.
15. The method for authentication according to Claim 9, wherein the banknote is printed using at least offset printing or intaglio printing.
16. The method for the authentication of a security document according to Claim 9, wherein the authentication is performed by commercially available scanners or digital cameras connected to computers.
17. The method for the authentication of a security document according to Claim 9, wherein the authentication is performed by smart phones or tablets.
18. The method for the authentication of a security document according to Claim 9, wherein the authentication is performed by cash processing equipment.
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
PCT/IB2014/002906 WO2016102987A1 (en) | 2014-12-24 | 2014-12-24 | Method for certifying and authenticating security documents based on a measure of the relative position variations of the different processes involved in its manufacture |
Publications (1)
Publication Number | Publication Date |
---|---|
EP3238185A1 true EP3238185A1 (en) | 2017-11-01 |
Family
ID=52478017
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
EP14837071.1A Withdrawn EP3238185A1 (en) | 2014-12-24 | 2014-12-24 | Method for certifying and authenticating security documents based on a measure of the relative position variations of the different processes involved in its manufacture |
Country Status (12)
Country | Link |
---|---|
EP (1) | EP3238185A1 (en) |
JP (1) | JP6532534B2 (en) |
KR (1) | KR20170097760A (en) |
CN (1) | CN107209970A (en) |
AU (1) | AU2014415184A1 (en) |
BR (1) | BR112017013482A2 (en) |
CA (1) | CA2971325A1 (en) |
CO (1) | CO2017007331A2 (en) |
MX (1) | MX367980B (en) |
RU (1) | RU2684498C2 (en) |
SG (1) | SG11201704940PA (en) |
WO (1) | WO2016102987A1 (en) |
Families Citing this family (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
DE102016001449A1 (en) * | 2016-02-09 | 2017-08-10 | Giesecke & Devrient Gmbh | Verification of an item provided with a security element |
FR3093836A1 (en) * | 2019-03-13 | 2020-09-18 | Lcsys | Numeric identity |
IT201900016688A1 (en) * | 2019-09-19 | 2021-03-19 | St Poligrafico E Zecca Dello Stato S P A | STICKERS |
Family Cites Families (17)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US5974150A (en) * | 1997-09-30 | 1999-10-26 | Tracer Detection Technology Corp. | System and method for authentication of goods |
US7152047B1 (en) * | 2000-05-24 | 2006-12-19 | Esecure.Biz, Inc. | System and method for production and authentication of original documents |
EP1423829A2 (en) | 2001-09-04 | 2004-06-02 | Ip And Innovation Company Holdings (Proprietary) Limited | System and method of authenticating an article |
JP2003223435A (en) * | 2002-01-31 | 2003-08-08 | Canon Inc | Document printing device, document authentication device, document printing method, document authentication method, document authentication system, program, and storage media |
DE10331798B4 (en) * | 2003-07-14 | 2012-06-21 | Giesecke & Devrient Gmbh | Security element, valuable item, transfer material and manufacturing process |
US7497379B2 (en) * | 2004-02-27 | 2009-03-03 | Microsoft Corporation | Counterfeit and tamper resistant labels with randomly occurring features |
GB2417707B (en) * | 2004-08-13 | 2006-07-26 | Ingenia Technology Ltd | Methods and apparatuses for creating authenticatable printed articles and subsequently verifying them |
EP1825419A4 (en) * | 2004-11-09 | 2008-08-06 | Digimarc Corp | Authenticating identification and security documents |
CN101743130B (en) * | 2007-05-14 | 2013-10-02 | 国际先端技术综合研究所株式会社 | Authenticity validation subject, authenticity validation chip reader, and authenticity judging method |
JP5023992B2 (en) * | 2007-11-16 | 2012-09-12 | 富士ゼロックス株式会社 | Counterfeit discrimination system and counterfeit discrimination device |
US8781153B2 (en) * | 2008-06-05 | 2014-07-15 | New York University | Method, system, and computer-accessible medium for authentication of paper using a speckle pattern |
EP2605218A1 (en) * | 2011-12-14 | 2013-06-19 | Gemalto SA | Method for securing an electronic document |
JP5993158B2 (en) * | 2012-02-08 | 2016-09-14 | 国立大学法人横浜国立大学 | Authentication system and authentication method using carbon nanotube-containing body |
JP2015084006A (en) * | 2012-02-13 | 2015-04-30 | 三菱電機株式会社 | Dynamic link library protection method, dynamic link library authentication method, dynamic link library protection device, dynamic link library authentication device, program administrative system, program and dynamic link library protection method, program and dynamic link library authentication method |
CN202916903U (en) * | 2012-05-02 | 2013-05-01 | 深圳长城开发科技股份有限公司 | System for authenticating invoice |
US9349237B2 (en) * | 2012-12-28 | 2016-05-24 | Konica Minolta Laboratory U.S.A., Inc. | Method of authenticating a printed document |
US9141823B2 (en) * | 2013-03-15 | 2015-09-22 | Veridicom, Sa De Cv | Abstraction layer for default encryption with orthogonal encryption logic session object; and automated authentication, with a method for online litigation |
-
2014
- 2014-12-24 SG SG11201704940PA patent/SG11201704940PA/en unknown
- 2014-12-24 CA CA2971325A patent/CA2971325A1/en not_active Abandoned
- 2014-12-24 RU RU2017122622A patent/RU2684498C2/en active IP Right Revival
- 2014-12-24 WO PCT/IB2014/002906 patent/WO2016102987A1/en active Application Filing
- 2014-12-24 BR BR112017013482A patent/BR112017013482A2/en not_active Application Discontinuation
- 2014-12-24 KR KR1020177020435A patent/KR20170097760A/en not_active Application Discontinuation
- 2014-12-24 MX MX2015016808A patent/MX367980B/en active IP Right Grant
- 2014-12-24 CN CN201480084583.9A patent/CN107209970A/en active Pending
- 2014-12-24 AU AU2014415184A patent/AU2014415184A1/en not_active Abandoned
- 2014-12-24 EP EP14837071.1A patent/EP3238185A1/en not_active Withdrawn
- 2014-12-24 JP JP2017534603A patent/JP6532534B2/en active Active
-
2017
- 2017-07-24 CO CONC2017/0007331A patent/CO2017007331A2/en unknown
Also Published As
Publication number | Publication date |
---|---|
WO2016102987A1 (en) | 2016-06-30 |
RU2684498C2 (en) | 2019-04-09 |
JP6532534B2 (en) | 2019-06-19 |
SG11201704940PA (en) | 2017-07-28 |
RU2017122622A3 (en) | 2019-01-24 |
CO2017007331A2 (en) | 2017-07-28 |
KR20170097760A (en) | 2017-08-28 |
MX2015016808A (en) | 2016-08-26 |
BR112017013482A2 (en) | 2018-02-27 |
CA2971325A1 (en) | 2016-06-30 |
AU2014415184A1 (en) | 2017-07-13 |
JP2018504829A (en) | 2018-02-15 |
CN107209970A (en) | 2017-09-26 |
RU2017122622A (en) | 2019-01-24 |
MX367980B (en) | 2019-09-12 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US9871660B2 (en) | Method for certifying and authentifying security documents based on a measure of the relative variations of the different processes involved in its manufacture | |
US7080041B2 (en) | System and method for production and authentication of original documents | |
US8756707B2 (en) | Method of manufacturing security document and method for authenticating the document | |
JP4783021B2 (en) | Anti-counterfeit and tamper-resistant labels with randomly generated features | |
US20050132194A1 (en) | Protection of identification documents using open cryptography | |
CN112424781B (en) | Digital document anti-counterfeit protection | |
US20090008924A1 (en) | Authenticating banknotes or other physical objects | |
CN112384373B (en) | Anti-counterfeit protection for articles | |
US20110038012A1 (en) | Method and device against forgery | |
CN112534775B (en) | Digital document anti-counterfeit protection | |
CN108602374B (en) | Authentication of an object provided with a security element | |
US20050182729A1 (en) | Method of preventing counterfeiting | |
WO2007072793A1 (en) | Card capable of authentication | |
WO2015154646A1 (en) | Currency or security anti-counterfeiting tracing system based on one-time certificate technology | |
CN104881811B (en) | Management method, system and device for electronization of bill information | |
Wang et al. | Anti-counterfeiting for polymer banknotes based on polymer substrate fingerprinting | |
JP6532534B2 (en) | A method for authentication and verification of security documents based on the measurement of relative position variations in different processes involved in the creation of security documents | |
RU2647375C2 (en) | Money code, method of its manufacture and method of confirmation of its genuineness and unique characters | |
WO2010040987A1 (en) | Method of manufacturing security document and method for authenticating the document | |
Wezza et al. | A novel model for securing seals using blockchain and digital signature based on qr codes | |
WO2024200313A1 (en) | Method and system for registration of banknotes | |
WO2020057582A1 (en) | A system and method for binding information to a tangible object | |
AU2013101090A4 (en) | Secure Object System | |
EA040918B1 (en) | PROTECTION OF THE PRODUCT FROM FORGERY | |
EA007836B1 (en) | Protection system of authenticity of printed information carrier |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PUAI | Public reference made under article 153(3) epc to a published international application that has entered the european phase |
Free format text: ORIGINAL CODE: 0009012 |
|
STAA | Information on the status of an ep patent application or granted ep patent |
Free format text: STATUS: REQUEST FOR EXAMINATION WAS MADE |
|
17P | Request for examination filed |
Effective date: 20151210 |
|
AK | Designated contracting states |
Kind code of ref document: A1 Designated state(s): AL AT BE BG CH CY CZ DE DK EE ES FI FR GB GR HR HU IE IS IT LI LT LU LV MC MK MT NL NO PL PT RO RS SE SI SK SM TR |
|
AX | Request for extension of the european patent |
Extension state: BA ME |
|
DAX | Request for extension of the european patent (deleted) | ||
STAA | Information on the status of an ep patent application or granted ep patent |
Free format text: STATUS: THE APPLICATION IS DEEMED TO BE WITHDRAWN |
|
18D | Application deemed to be withdrawn |
Effective date: 20200701 |