WO2010037429A1 - Method for generating a verification code, verification code, method and device for verifying the authenticity of objects - Google Patents

Method for generating a verification code, verification code, method and device for verifying the authenticity of objects Download PDF

Info

Publication number
WO2010037429A1
WO2010037429A1 PCT/EP2008/065924 EP2008065924W WO2010037429A1 WO 2010037429 A1 WO2010037429 A1 WO 2010037429A1 EP 2008065924 W EP2008065924 W EP 2008065924W WO 2010037429 A1 WO2010037429 A1 WO 2010037429A1
Authority
WO
WIPO (PCT)
Prior art keywords
random
verification code
string
permutation
generating
Prior art date
Application number
PCT/EP2008/065924
Other languages
German (de)
French (fr)
Inventor
Carlo A. Trugenberger
Albertus Geldenhuys
Original Assignee
Novelty Group Limited
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Priority to IB2008002992 priority Critical
Priority to IBPCT/IB2008/002992 priority
Application filed by Novelty Group Limited filed Critical Novelty Group Limited
Publication of WO2010037429A1 publication Critical patent/WO2010037429A1/en

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING; COUNTING
    • G06KRECOGNITION OF DATA; PRESENTATION OF DATA; RECORD CARRIERS; HANDLING RECORD CARRIERS
    • G06K19/00Record carriers for use with machines and with at least a part designed to carry digital markings
    • G06K19/06Record carriers for use with machines and with at least a part designed to carry digital markings characterised by the kind of the digital marking, e.g. shape, nature, code
    • G06K19/08Record carriers for use with machines and with at least a part designed to carry digital markings characterised by the kind of the digital marking, e.g. shape, nature, code using markings of different kinds or more than one marking of the same kind in the same record carrier, e.g. one marking being sensed by optical and the other by magnetic means
    • G06K19/10Record carriers for use with machines and with at least a part designed to carry digital markings characterised by the kind of the digital marking, e.g. shape, nature, code using markings of different kinds or more than one marking of the same kind in the same record carrier, e.g. one marking being sensed by optical and the other by magnetic means at least one kind of marking being used for authentication, e.g. of credit or identity cards
    • GPHYSICS
    • G09EDUCATION; CRYPTOGRAPHY; DISPLAY; ADVERTISING; SEALS
    • G09CCODING OR CIPHERING APPARATUS FOR CRYPTOGRAPHIC OR OTHER PURPOSES INVOLVING THE NEED FOR SECRECY
    • G09C1/00Apparatus or methods whereby a given sequence of signs, e.g. an intelligible text, is transformed into an unintelligible sequence of signs by transposing the signs or groups of signs or by replacing them by others according to a predetermined system
    • G09C1/02Apparatus or methods whereby a given sequence of signs, e.g. an intelligible text, is transformed into an unintelligible sequence of signs by transposing the signs or groups of signs or by replacing them by others according to a predetermined system by using a ciphering code in chart form

Abstract

The invention relates to a method whereby said object is achieved for generating a verification code for an object, comprising the steps: a) generating a random character string (zz) that can be divided into a first random partial character string (zz1) and a second random partial character string (zz2), b) generating a permutation character string (pzz) by copying the random character string (zz) according to a copy function (p), c) storing the second random partial character string (zz2) of the copy function (p) and an identification number in a database, d) generating a representation of the permutation character string (p22), the identification number, and the first random partial character string (zz1) as a verification code.

Description


  "Method for generating a verification code, verification code, method and device for verifying the authenticity of objects"

  
description

  
The invention relates to a method for generating a verification code for an article, a correspondingly produced verification code and a method and a device for verifying the authenticity of articles.

  
Product piracy is a major problem in the manufacture and distribution of mass-produced goods, especially pharmaceuticals. Products that have a certain associated value are often copied and distributed by counterfeiters. These counterfeit products are then channeled into sales and distribution channels and offered to end users or middlemen. This violates trademark rights, competition regulations, copyrights, designs and patents.

  
End users and intermediaries are deceived as to the origin and quality of the products. In the case of pharmaceuticals in particular, this can lead to serious consequences.

  
It is known (see DE 698 24 291 T2) to provide products with labels or labels containing a verification code. Reading devices or optical devices can be used to capture the verification code on a product and pass it on to a corresponding device that determines whether this is a valid verification code. For this, DE 698 24 291 T2 proposes forming a combination code from a random number and a non-random section, the non-random section providing information as to whether the object is genuine or counterfeit.

  
The specified procedure has some weaknesses. Thus, it is possible for counterfeiters who have spied the non-random portion of the combination code to label a plurality of counterfeit products as genuine.

  
From EP 1 593 088 B1 a method for generating a verification code is known in which a part of an encrypted product identifier is applied to the product itself. Another part is stored in a database. This method also has the disadvantage that once the algorithm for generating the code has become known, a large number of counterfeit articles can be marketed.

  
Generally, methods that allow verification of the authenticity of objects often have to meet many requirements:

  
a) The verification codes must be part of or easily attachable to the product. The cost of equipping a product with a verification code must be very low for mass-produced products, as the

  
Product is no longer marketable. Preferably, the costs required for the equipment should amount to only a few euro cents.

  
b) The management and storage of the verification codes must be very simple, since a large number of products are to be created and labeled annually.

  
c) Checking whether a verification code is valid or invalid must be very efficient and easy to carry out, since correspondingly high quantities of the product can lead to very high request rates with regard to the authenticity of a verification code. For example, several millions of products need to be verified per hour. The verification process may need only a few seconds, preferably less than a second, so as not to stop production and distribution unnecessarily.

  
d) A corresponding system for the production and verification of such verification codes must be so flexible that when a part of the system or the entire system becomes known at any time a change is possible which renders the information obtained useless or at least limits its economic value.

  
Based on the above-mentioned prior art, it is an object of the present invention to provide an improved method for generating a verification code for articles. In particular, verification codes are to be provided which enable secure and efficient authentication of objects. Furthermore, a corresponding verification code and a method as well as a device for verifying the authenticity of objects should be pointed out.

  
According to the invention, the object is achieved by a method for generating a verification code for an object, the method comprising the following steps:

  
a) generating a random string which can be divided into a first random substring and a second random substring,

  
b) generating a permutation string by mapping the random string according to a mapping function,

  
c) storing the second random substring and the mapping function in a database,

  
d) generating a representation of the permutation string and the first random substring as the verification code.

  
Furthermore, this object is achieved by a method for generating a verification code for an object, the method comprising the following steps:

  
a) generating a random string which can be divided into a first random substring and a second random substring,

  
b) generating a permutation string by mapping the random string according to a mapping function, c) storing the second random substring, the mapping function and an identification number in a database,

  
d) generating a representation of the permutation string, the identification number and the first random substring as the verification code.

  
The methods relate to various character strings. According to the invention, these are to be understood not only as simple sequences of characters but also as matrices which comprise several of these character sequences. The mapping of the random string to a permutation string may include a permutation of the random string. However, any illustration is conceivable at this point.

  
An essential concept of the present invention is to split the individual information necessary to generate a valid verification code and to verify it into two parts and to keep these parts separate from each other. That a first part, e.g. the first random substring is affixed to the product or article while the second part, e.g. the second random substring, central, e.g. B. is stored on a database. Thus, it is only possible to generate a valid verification code when accessing the

  
Database and the verification code has. Of course, this also requires a basic understanding of the coding of the verification code on the item.

  
The assignment of a verification code on an object to a specific data record can be done via the identification number mentioned. Alternatively, the identification number can be dispensed with and a plurality of data records containing the second random string can be checked. In the latter case, it should be prevented that identical records are generated in the database. In the present invention, it is thus true that the random character string, the mapping function and the permutation character string are closed

  
Make up picture chain. That is, only in the presence of the correct random string comprising the first random substring and the second random substring, the correct mapping function and the correct permutation string, a verification code is considered valid. Thus, it is possible to select a plurality of data sets without the presence of an identification number and to try in detail. Only one of the records may result in validation. The random string can be a binary string. In particular, it may be a matrix of binary characters generated at random.

  
Step d) may include mapping the permutation string and / or the identification number and / or the first random string to a raster graphic having a plurality of pixels. Such raster graphics are known. They can be detected easily and quickly with appropriate reading devices or scanners. The production of corresponding raster graphics can be done using conventional printers or labellers. The cost of producing a label with corresponding raster graphics is very low. The mapping of the information elements used represents a first coding of the information that can not be readily decrypted. Thus, this is already a first security mechanism to see.

  
The raster graphics may include a data area for representing the identification number, a plaintext area for representing the first random string, a permutation area for representing the permutation string, where the plaintext area may have n pixels and the permutation area may have 2 * n pixels.

  
The random character string may be divided into two equal length random substrings, with a representation of the first random substring affixed to the article. Even with the evaluation of a large number of objects equipped with a verification code, it is therefore difficult or impossible to reconstruct the schema used when generating the random character strings for the individual objects.

  
The data area, the plaintext area and the permutation area can be arranged in blocks, in particular in contiguous blocks. Thus, the individual information on a corresponding label can better capture. It is possible to assign a meaning to the individual pixels or pixels based on their position (row and column) within the raster graphics. The application of self-describing data is not necessary. Thus, the raster graphics can be designed to contain only the essential information. Already with a raster graphic with 20 * 20 pixels 2 <400> bits can be coded. Thus, it is possible to use very long and secure random strings and identification numbers.

   The mapping function for an object may be selected from a variety of mapping functions, in particular randomly. Thus, there is no obvious systematics in the choice of mapping function that could be grasped and exploited based on the analysis of a variety of verification codes. The individual mapping functions are stored in the database. Of course, it is also conceivable to dispense with different imaging functions in favor of storage efficiency.

  
The step a) may comprise the generation of at least one random number by means of a non-deterministic random generator, in particular using a quantum random generator. It is known that even very sophisticated algorithms can only generate pseudorandom numbers. In order to increase the security of the verification code and to avoid exploitable systematics, non-deterministic random numbers are preferably used.

  
The method may include corrupting the raster graphics by multiplying by a noise matrix, in particular random numbers. Thus, the detection and duplication of the representation of the verification code is made more difficult. Although capturing thousands of individual representations of the verification codes on the products is in itself a very cumbersome task, falsification of the presentation complicates this process and duplicates the presentation. The controlled noise that is superimposed over the raster graphics creates a blurry image that makes reverse engineering very difficult. It is possible to remove the noise when scanning the representation of the verification code.

  
It is possible to store an activation state in the database, the verification code only becoming active if a corresponding request is made by at least one certification authority. Thus, verification codes can be generated that are not activated. Activation takes place only when the product and the marked item has passed a specific certification body, for example a quality inspection.

  
To activate the verification code, a plurality of requests from a plurality of different certification authorities, in particular in a predetermined order may be necessary. Thus, it is possible to specify and control a history of the manufactured article. Only the items are considered authentic, which can show a corresponding history. For example, appropriate certification bodies may be set up in product manufacturing, packaging and licensing of the product.

  
The above object is also achieved by a verification code for an article produced according to the method described above.

  
Furthermore, the object is achieved by a method for verifying the authenticity of objects, the method comprising the following steps:

  
a) reading a verification code attached to the article and / or its packaging, in particular a verification code, generated according to claim 12, the verification code comprising a first permutation string and a first random substring;

  
b) reading at least one comparison data set stored on a server, the comparison data set comprising a mapping function and a second random substring;

  
c) generating an output string by processing, in particular

  
Linking the first and second random substrings;

  
d) generating a second permutation string by mapping the output string according to the mapping function;

  
e) comparing the first permutation string with the second permutation string to determine the authenticity of the item.

  
The steps b), c), d) and e) can be performed several times to determine the authenticity of the object. It is therefore possible to read out a large number of comparison data sets, to generate a multiplicity of output character strings, to map them using the associated mapping functions and thus to obtain a multiplicity of second permutation character strings. The item is considered true only if one of the plurality of second permutation strings matches the first permutation string on the item. The item may then be considered non-genuine if step e) was performed for no or a predetermined set of comparison records without having found or generated a second permutation string matching the first permutation string.

  
Even with this method, false verification codes can only be generated if the counterfeiters have constant access to the associated storage medium.

  
Furthermore, the object is achieved by a method for verifying the authenticity of objects, the method comprising the following steps:

  
a) reading a verification code attached to the article and / or its packaging, the verification code comprising a first permutation string, an identification number and a first random substring;

  
b) reading a corresponding record stored on a server, the record being identified by the identification number, the record comprising a mapping function and a second random substring;

  
c) generating an output string by connecting the first and second random substrings;

  
d) generating a second permutation string by mapping the output string according to the mapping function;

  
e) comparing the first permutation string with the second permutation string to determine the authenticity of the item.

  
These processes have similar advantages to those already mentioned in advance.

  
Step e) may include determining if the verification code has been activated, and only activating a verification code if the verification code has been certified by at least one certification authority. The mapping function can be a bijective mapping function, in particular a permutation. In a bijective mapping, any information contained in the random string is mapped to the permutation string. Thus, an encryption of the random string and a decryption of the permutation string are possible. Preferably, but not necessarily, a permutation is used as a map.

  
The object is also achieved by an apparatus for verifying the authenticity of objects, comprising:

  
a generating device for generating a plurality of verification codes, in particular according to the method described above,

  
a verification device for verifying at least one verification code, in particular according to the method described above,

  
at least one database for storing random substrings and at least one mapping function for the verification codes.

  
Furthermore, the object is achieved by a device for verifying the authenticity of objects, this device comprising:

  
a generating device for generating a multiplicity of verification codes, in particular according to the method described,

  
a verification device for verifying at least one verification code, in particular according to the method described,

  
at least one database for storing random substrings, mapping functions and identification numbers for the verification codes.

  
Preferably, this device comprises a non-deterministic random number generator, in particular a quantum random generator for generating random numbers. This increases the security of the generated verification code.

  
The device may comprise at least one reading device for detecting a raster graphic. By way of example, the reading device can be designed in such a way that it filters out a noise intentionally placed over the representation of the verification code. The reading device can also perform the task of reading the verification code from a raster graphic. Thus, the underlying information can be transmitted much more efficiently.

  
The apparatus may include a monitoring device that monitors requests directed to the verification device and, after a critical request, alters at least a portion of a random substring and mapping function associated with a verification code, wherein upon the change, a verification code generated using the mapping function and the random characters remains identical. It is conceivable to equip the device with a request device which answers corresponding verification requests (is this a permitted verification code or not?). In order to prevent a spying out of the database, it is conceivable to change the data contained therein so that the requested information becomes useless after each request.

   It is possible to change mapping function and random substrings in the database such that an adaptation of the verification code on the objects is not necessary. Changes to the random substring are thus compensated by the change of the mapping function.

  
The monitoring device can be configured such that it randomly classifies a request as critical and / or when fulfilling a predetermined criterion. It is thus possible to either make random changes to the data stored in the database or to provide algorithms that change the data at a necessary time.

  
The monitoring device can be designed in such a way that, in the case of a critical query, a multiplicity of mapping functions and random symbols are changed. It would therefore be conceivable to change the entire database or only individual records in a critical request.

  
The device may include an activation device that communicates with at least one certification authority that collects items that are equipped with the verification code, wherein the activation device does not activate a verification code until the associated item has been detected by the at least one certification authority. It is thus possible to track the individual manufacturing and / or quality inspection and / or sales steps of an item. Only if a given sequence is followed, the printed verification code is activated and confirms the authenticity of the object.

  
Further advantageous embodiments of the invention will become apparent from the UnteranSprüchen.

  
The invention will be described with reference to some embodiments, which are explained in more detail by means of illustrations. Hereby show:

  
1 shows an apparatus according to the invention for verifying the authenticity of objects;

  
FIG. 2 shows a product with a verification code according to the invention; FIG.

  
3: a plurality of pixels of a representation of the verification code;

  
4 shows the generation of a verification code from a random number; and

  
5 shows a schematic extract from a database for verifying a verification code.

  
As shown in FIG. 1, an embodiment of the device for verifying the authenticity of objects according to the invention comprises a server 20 and a client 40, which communicate with one another via a network, in particular a WAN 1 (Wide Area Network) or LAN (Local Area Network). The server 20 includes a database 30 configured to store information. This information includes information related to an individual verification code. The client 40 has a reader 10 that allows it to scan and process a representation of a verification code. According to the invention, the verification code is located on a label 60, which is attached to a product 50 (see FIG.

   After acquiring the verification code by the reader 10, the client 40 sends a request to the server 20 to verify the authenticity of the product 50. The server 20 processes the request and determines by means of a predetermined algorithm, for example according to the method described below, whether the verification code and thus the product 50 with the verification code is authentic. The device according to FIG. 1 can comprise further clients 40, which likewise communicate with the server via the WAN 1. For example, one of these clients 40 may comprise a printer device and be designed to produce corresponding labels 60. Alternatively, a corresponding printing device can be connected directly to the server 20.

  
Further, on the WAN 1, certification authorities can communicate with the server 20, which are similarly equipped as the client 40 shown. These certification authorities are geographically distributed at individual stations that pass through the designated product 50. By means of the certification authorities, it is logged that the product 50 has passed through a specific station. For example, a certification authority may document the manufacture of product 50. Another certification body covers the packaging of the product 50 and a third the shipment from a country of manufacture. The server 20 may process and store the information that the individual certification authorities forward to a product 50.

   It is possible to use the collected information in later verification of the authenticity of a product 50. For example, only the products 50 that have passed through predetermined stations can be considered genuine. Thus, the manufacturing and / or transportation and / or distribution history of a product 50 is detected and processed in the assessment of authenticity. It can be considered that fake products usually have a different history than an original product.

  
According to one embodiment of the invention, the label 60 comprises a representation of the verification code. This representation is subdivided into three areas, namely a plaintext area 62, a data area 64 and a permutation area 66.

  
The representation of the verification code according to the embodiment shown in FIG. 2 is a two-dimensional data matrix with the dimension 20 × 20 (20 columns by 20 lines). It is a raster graphic. The individual places of the

  
Data matrix or the individual pixels 61, 61 'of the raster graphics, as shown in Fig. 3, white or black squares. They encode a binary matrix, where the white dots correspond to a 1 and the black dots to a 0. This encoding of strings is purely exemplary. The skilled person should be aware of numerous other ways to encode information graphically. The data area 64 comprises 10 × 10 pixels and is used to store an identification number ID of the product 50. Furthermore, this area can be used to store necessary open data, such as the company, the type of product, the series, or an expiration date.

   Furthermore, this area may contain a number that references a particular database used to verify the authenticity of the product.

  
In the present embodiment, codes stored in the database are used to identify the companies, the products, the expiration date, the series or batch of a

  
To encode pharmaceutical product. In this way approx. 10 <4> companies with approx.

  
10 <4> products, leaving 4 digits for the expiration date and 18 digits for the batch or ID number. The

  
Identification number ID serves to reference a corresponding data record 31 in the database 30. The identification number ID thus establishes a relationship between a particular database entry and a particular verification code.

  
The data area 64, plaintext area 62 and the permutation area 66 serve to verify the authenticity of the object. According to the invention, a random number ZZ is generated in a non-deterministic manner to produce this part of the verification code (compare FIG. 4). This random number of the present exemplary embodiment is a 200-bit long character string which, according to the invention, can be divided into a first random partial character string ZZ1 and a second random partial character string ZZ2. By applying a permutation function p to the random character string ZZ, a permutation character string PZZ is obtained. While the permutation function p and the second random substring ZZ2 are stored in a data record 31 in the database 30 together with the identification number ID (cf.

   5), the first random substring ZZ1 and the permutation string PZZ are stored in the plaintext area 62 and permutation area 66, respectively. Ie. the plaintext area 62 contains a graphic representation of the first random substring ZZ1, and the permutation area 66 contains a representation of the permutation string PZZ. Thus, verification of the verification code requires information from the database 30 and from the product 50, more specifically from the label 60. Only the one who has access to this separately stored information, the authenticity of the

  
Verify verification codes and thus the product. Accordingly, access to the database 30 must also be made for the production of a valid verification code. Preferably, the permutation function p is a permutation function p selected at random for the particular product 50 from a plurality of permutation functions.

  
There are about 200 (!) Permutations for the used 200 bit long random string ZZ. That's about 10 <200> possible permutations. The correct permutation character string PZZ for a specific identification number ID can therefore not be determined even in the case of a partial knowledge of the current random character string ZZ and of the permutation character string PZZ in a manageable time. As far as the used permutation function p varies, the reconstruction of the permutation function is obsolete anyway

  
As already stated, the entire random string ZZ, which consists of the first random substring ZZ1 in the

  
Plain text area 62 and the second random substring ZZ2 from the database 30 composed. Furthermore, one needs the specific permutation function p to determine the permutation string PZZ. For verification of the verification code, the determined permutation character string PZZ is compared with the permutation character string PZZ from the permutation domain 66. The server 20 is thus notified in a corresponding request from a client 40, the permutation string 66 shown on the label 60 and the first random substring ZZl. Based on the first random partial string ZZ1, the stored second random partial string ZZ2 and the stored permutation function p, it determines the corresponding permutation string 66 and compares this with the transmitted permutation string.

   Only if they are identical is the client 40 confirmed that it is an authentic verification code.

  
It is possible to multiply the entire representation of the verification code, as shown in FIG. 2, with a noise matrix which makes the decoding and duplication of the representation difficult.

  
In addition, it is provided to operate the server 20 in such a way that the database 30 is changed in each verification request with respect to a verification code. In this way, the well-known quantum effect can be simulated. After

  
In response to a request, the associated data record, for example the data record 31 of FIG. 5, is modified. That is, the second random substring ZZ2 and the permutation function p are modified such that, although the same permutation string PZZ results, but the individual entries in the database 30 are changed. Thus, any insight gained from a previous query over a particular record becomes useless.

  
As can be seen from FIG. 5, a data record 31 of the database 30 further includes a column describing the status of a particular verification code. Thus, a verification code may be considered disabled until a particular status is reached. For example, a certification authority enters a "1" in product manufacture when product 50 has been created. A second certification office at a packaging station adds a "2" when packaging the product 50. A third certification body completes the status by a "3" upon delivery of the product 50. Only after the entry of the code "1, 2, 3" the corresponding verification code is considered active. Thus, the history of a product 50 can be monitored. Because a change of status only by the individual

  
Certification bodies is possible, it can be ensured that the product 50 is genuine.

  
In the exemplary embodiments described above, both the label 60 and the associated data record 31 of the database 30 each contain an identification number ID which makes it possible to uniquely assign a corresponding data record 31 to a given product 50 or label 60. However, it is possible to dispense with the uniqueness of the identification number ID or the placing of the identification number ID on the product 50 and / or the label 60. Furthermore, the record 31 does not need an ID column for storing the identification numbers ID in order to associate a product 50 and / or a label 60 with the record 31.

   According to the invention, it is possible to select the permutation function p and / or the random character string ZZ and / or the permutation character string PZZ such that there is only one suitable permutation character string PZZ for each random character string ZZ for a given permutation function p. Thus, the random substrings ZZ1, ZZ2 can also be designed such that only one pair of random substrings ZZ1, ZZ2 leads to a suitable random string ZZ.

  
It is thus possible that the label 60 contains only the first random partial character string ZZ1 and the permutation character string PZZ. This data is transmitted to the server 20 in a verification request. The server 20 searches all the stored data records 31 for a record 31 corresponding to the given permutation character string PZZ and the given first random sub-string ZZ1.

  
For example, the server 20 may select a first data set 31 that respectively reads out the second random substring ZZ2 and a permutation function p. Thereafter, the given first random substring ZZl transmitted to the server 20 is connected to the read-out second random substring ZZ2 to generate a random string ZZ. As already described, the random character string ZZ is mapped by means of the read-out permutation function p and compared with the transmitted permutation character string PZZ. Only in the presence of the

  
Identity, the server 20 transmits a message indicating that it is a valid verification code. Otherwise, the next record 31 is selected and read out. Insofar as the verification request is a "false" verification code, all data records 31 must be processed before a corresponding message can be returned.

  
Numerous methods are conceivable which improve the performance of the server 20. In particular, it is possible to limit the data records 31 to be checked by corresponding specifications. For the implementation of the inventive method and the associated device, it is, as I said, not absolutely necessary to provide corresponding identification numbers ID.

  
Previously, a large number of measures were described which enable the verification of the authenticity by means of a verification code. The individual measures can be used both together and separately. Depending on the requirements for the security of a verification code, individual or all measures can be selected.

  
In particular, it is conceivable to dispense with a quantum random generator when generating the random character string ZZ. Furthermore, either a static or dynamic permutation function p or permutation mapping function can be used.

  
Finally, it is possible to dispense with the status entry shown in FIG. 5 or to add further statuses to the data record 31. Likewise, the representation of the verification code, as shown in FIG. 2, can be changed as desired. It is possible to choose a representation with fewer pixels 61, 61 'or more pixels 61, 61'. The raster graphic does not have to have the same number of rows and columns. Depending on the requirement, the associated matrix can be varied.

  
In the embodiments described above, square pixels 61, 61 'were used to encode individual bits in a representation. It is conceivable to use circles instead of the square pixels 61, 61 '.

  
Nor should the invention be limited to a raster graphics. It is conceivable, the verification code, for example, in the form of a bar code on the product. It is also possible to carry out purely digital storage, for example on an RFID tag or any other readable memory.

  
LIST OF REFERENCE NUMBERS

  
1 WAN

  
10 reader

  
20 servers

  
30 database

  
31 record

  
40 client

  
50 product

  
60 label

  
61, 61 'pixel

  
62 plain text area

  
64 data area

  
66 permutation area

  
Currently random string

  
ZZl, ZZ2 Random substring

  
P permutation function

  
PZZ permutation string

  
ID identification number

Claims

claims
A method of generating a verification code for an article, comprising the steps of: a) generating a random string (ZZ) that can be divided into a first random substring (ZZl) and a second random substring (ZZ2), b) generating a permutation string (PZZ c) storing the second random substring (ZZ2) and the mapping function (p) in a database (30), d) generating a representation (60) of the permutation string (PZZ ) and the first random substring (ZZl) as a verification code.
2. A method for generating a verification code for an article, comprising the steps of: a) generating a random character string (ZZ), which can be divided into a first random substring (ZZl) and a second random substring (ZZ2), b) generating a permutation string (PZZ by mapping the random character string (ZZ) according to a mapping function (p), c) storing the second random substring (ZZ2), the mapping function (p) and an identification number (ID) in a database (30), d) generating a representation (Z) 60) of the permutation string (PZZ), the Identification number (ID) and the first random substring (ZZl) as a verification code.
A method according to claim 1 or 2, characterized by that the random string (ZZ) is a binary string.
4. Method according to one of the preceding claims, characterized in that the step d) comprises mapping the permutation character string (PZZ) and / or the identification number (ID) and / or the first random substring (ZZl) to a plotted graphics with a plurality of pixels.
5. The method according to any one of the preceding claims, in particular according to claim 3, d adurch gekennz eichne t that the Rastagrafik a data area (64) for displaying the
Identification number (ID), a plaintext area (62) for representing the first random substring (ZZl), a permutation area (66) for displaying the permutation string (PZZ), the plaintext area (62) having n pixels and the permutation area (66) n * 2 Has pixels.
6. The method according to any one of the preceding claims, in particular according to claim 5, d adurch gekennz eichne t that the data area (64), the plaintext area (62) and the permutation area (66) are arranged in blocks, in particular in contiguous blocks.
7. The method according to any one of the preceding claims, in particular according to one of claims 3 - 6, gekennz eichne t by distorting the Rastagrafik by multiplying with a noise matrix, in particular from random numbers.
8. Method according to one of the preceding claims, characterized in that the step a) comprises the generation of at least one random number by means of a non-deterministic random number generator, in particular using a quantum random number generator.
9. Method according to one of the preceding claims, characterized in that the imaging function (p) for an object is selected from a plurality of imaging functions, in particular randomly.
10. The method according to any one of the preceding claims, gekennz eichn et by storing an activation state in the database (30), wherein the verification code is activated only if a corresponding request from at least one certification body takes place.
11. The method according to any one of the preceding claims, in particular according to claim 10, d adurch gekennz egg chnet that for activating the verification code a plurality of requests from a plurality of different certification bodies, in particular in a predetermined order is necessary.
12. A verification code for an article produced by a method according to one of the preceding claims.
13. A method of verifying the authenticity of articles, comprising the steps of: a) reading out a verification code attached to the article and / or its packaging, in particular a verification code generated according to claim 12, wherein the verification code comprises a first permutation string (PZZ) and a first random substring (ZZl); b) reading at least one comparison data record (31) stored on a server (20), the comparison data record (31) comprising a mapping function (p) and a second random substring (ZZ2); c) generating an output string by processing, in particular linking the first and the second random substring (ZZl, ZZ2); d) generating a second permutation string by mapping the output string according to the mapping function (p); e) comparing the first permutation string (PZZ) with the second permutation string to determine the authenticity of the item.
14. The method according to claim 13, characterized in that the steps b), the steps c), the steps d) and step e) are performed several times to determine the authenticity of the object.
15. The method according to claim 13, characterized in that an object is classified as not genuine if the step e) was carried out for a predetermined set of comparison data sets (31), without that one with the first permutation string (PZZ) matching second permutation string was found.
16. A method of verifying the authenticity of articles, comprising the steps of: a) reading a verification code attached to the article and / or its packaging, in particular a verification code generated according to one of the preceding claims, wherein the verification code comprises a first permutation character string (PZZ), an identification number (ID) and a first random substring (ZZl); b) reading at least one corresponding record (31) stored on a server (20), the record (31) being identified by the identification number (ID), the record (31) having a mapping function (p) and a second random substring (ZZ2) comprises; c) generating an output string by combining the first and second random substrings (ZZ1, ZZ2); d) generating a second permutation string by mapping the output string according to the mapping function (p); e) comparing the first permutation string (PZZ) with the second Permutation string to determine the authenticity of the item.
17. The method of claim 12, wherein the step e) comprises determining whether the verification code has been activated, wherein a verification code is activated only if the verification code has been certified by at least one certification authority.
18. The method according to any one of claims 12 to 17, d adurch gekennz eichne t that the verification code is a Rastagrafik with a plurality of pixels (61, 61 ').
19. The method of claim 12, characterized in that step a) comprises filtering out a noise matrix embedded in the raster graphics.
20. Method according to one of the preceding claims, characterized in that the mapping function (p) is a bijective mapping function, in particular a permutation.
21. A device for verifying the authenticity of objects, comprising: generating means for generating a plurality of verification codes, in particular according to the method according to one of claims 1 to 11, a verification device for verifying at least one verification code, in particular according to the method according to one of claims 13 to 20, at least one database (30) for storing
Random substrings (ZZ2) and at least one mapping function (p) for the verification codes.
22. A device for verifying the authenticity of objects, comprising: generating means for generating a plurality of Verification codes, in particular according to the method according to one of claims 1 to 11, a verification device for verifying at least one verification code, in particular according to the method according to one of claims 13 to 20, at least one database (30) for storing
Random substrings (ZZ2), at least one mapping function (p) and identification numbers (ID) for the verification codes.
23. The apparatus of claim 21 or 22, gekennz eichne t by a non-deterministic random number generator, in particular a quantum random number generator for generating random numbers.
24. Device according to one of claims 21 to 23, gekennz eichne t by at least one reading device (10) for detecting a Rastagrafik.
25. Device according to claim 21, characterized by a monitoring device that monitors requests directed to the verification device and, after a critical request, changes at least part of a random sub-string (ZZ2) and mapping function (p) belonging to a verification code, wherein the changes are such that a verification code generated using the mapping function (p) and the random substring (ZZ2) remains unchanged.
26. Device according to claim 25, characterized in that the monitoring device is designed in such a way that a request is classified as critical at random and / or when fulfilling a predetermined criterion.
27. Device according to claim 25 or 26, characterized in that the monitoring device is designed in such a way that, in the case of a critical request, a multiplicity of mapping functions (p) and random partial signs (ZZ2) will be changed.
28. The device according to one of claims 21 to 27, characterized by an activation device that communicates with at least one certification agency that detects the equipped with the verification code items, the activation device only activates a verification code when the associated item from the at least one certification authority was recorded.
29. The device according to claim 28, wherein the activation device is designed such that it activates a verification code only when the associated object has been detected by a plurality of certification bodies.
PCT/EP2008/065924 2008-09-30 2008-11-20 Method for generating a verification code, verification code, method and device for verifying the authenticity of objects WO2010037429A1 (en)

Priority Applications (2)

Application Number Priority Date Filing Date Title
IB2008002992 2008-09-30
IBPCT/IB2008/002992 2008-09-30

Publications (1)

Publication Number Publication Date
WO2010037429A1 true WO2010037429A1 (en) 2010-04-08

Family

ID=41110986

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/EP2008/065924 WO2010037429A1 (en) 2008-09-30 2008-11-20 Method for generating a verification code, verification code, method and device for verifying the authenticity of objects

Country Status (1)

Country Link
WO (1) WO2010037429A1 (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2017071541A1 (en) * 2015-10-28 2017-05-04 北京金山办公软件股份有限公司 Numerical verification code generation method and device

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US4972475A (en) * 1987-02-10 1990-11-20 Veritec Inc. Authenticating pseudo-random code and apparatus
WO2004070682A2 (en) * 2003-02-04 2004-08-19 Dietrich Heinicke Product security system and method therefor
WO2007120247A2 (en) * 2005-12-29 2007-10-25 Chemimage Corporation Method and apparatus for counterfeiting protection

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US4972475A (en) * 1987-02-10 1990-11-20 Veritec Inc. Authenticating pseudo-random code and apparatus
WO2004070682A2 (en) * 2003-02-04 2004-08-19 Dietrich Heinicke Product security system and method therefor
WO2007120247A2 (en) * 2005-12-29 2007-10-25 Chemimage Corporation Method and apparatus for counterfeiting protection

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2017071541A1 (en) * 2015-10-28 2017-05-04 北京金山办公软件股份有限公司 Numerical verification code generation method and device

Similar Documents

Publication Publication Date Title
CA2170441C (en) Identification card verification system and method
DE69908425T2 (en) Method and system for authentication reproduction of any article
JP4783021B2 (en) 耐偽 forming resistance and tambour labels having characteristics generated at random
JP4944109B2 (en) Product items having coded data identifying the layout
US7080041B2 (en) System and method for production and authentication of original documents
DE19960769B4 (en) Method and system for creating an image of an object authentifizerbaren
US6111953A (en) Method and apparatus for authenticating a document
US8542871B2 (en) Brand protection and product authentication using portable devices
CN100375111C (en) Method for anti false verification based on identification technique in radio frequency, and anti false system
US6823075B2 (en) Authentication watermarks for printed objects and related applications
EP1515268A2 (en) Method and system for individual authentication and digital signature utilizing article having DNA based ID information mark
US20050049979A1 (en) Method, apparatus, and system for determining a fraudulent item
US8671062B2 (en) Methods and systems for making, tracking and authentication of products
DK1854239T3 (en) System and method for network-based objektautentificering
CN105706107B (en) The method of the certification of two-dimensional bar and this bar code
US7222791B2 (en) Counterfeit detection method
US20050169496A1 (en) Steganographic data embedding in objects for authenticating and associating value with the objects
US6536665B1 (en) Method and apparatus for transaction card security utilizing embedded image data
US20020178363A1 (en) System and method for authentication of items
CA2538517C (en) Product authentication method
CN101501680B (en) Method and system for deterring product counterfeiting, diversion and piracy
CN101089871B (en) System and method for antiforge of article with certificate based on radio frequency technology
CA2518359C (en) System and method for authenticating objects
US7757952B2 (en) Method and apparatus for counterfeiting protection
US7815117B2 (en) Method and apparatus for counterfeiting protection

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 08875347

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase in:

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 08875347

Country of ref document: EP

Kind code of ref document: A1