WO2012020291A2 - Système adapté pour contrôler l'authenticité d'articles - Google Patents

Système adapté pour contrôler l'authenticité d'articles Download PDF

Info

Publication number
WO2012020291A2
WO2012020291A2 PCT/IB2011/001729 IB2011001729W WO2012020291A2 WO 2012020291 A2 WO2012020291 A2 WO 2012020291A2 IB 2011001729 W IB2011001729 W IB 2011001729W WO 2012020291 A2 WO2012020291 A2 WO 2012020291A2
Authority
WO
WIPO (PCT)
Prior art keywords
article
information
label
labels
user
Prior art date
Application number
PCT/IB2011/001729
Other languages
English (en)
Other versions
WO2012020291A3 (fr
Inventor
Roberto Pittia
Original Assignee
Roberto Pittia
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Roberto Pittia filed Critical Roberto Pittia
Priority to EP11764282.7A priority Critical patent/EP2668606A2/fr
Publication of WO2012020291A2 publication Critical patent/WO2012020291A2/fr
Publication of WO2012020291A3 publication Critical patent/WO2012020291A3/fr

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/382Payment protocols; Details thereof insuring higher security of transaction
    • G06Q20/3829Payment protocols; Details thereof insuring higher security of transaction involving key management
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/08Payment architectures
    • G06Q20/20Point-of-sale [POS] network systems
    • G06Q20/203Inventory monitoring
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q30/00Commerce
    • G06Q30/06Buying, selling or leasing transactions

Definitions

  • the invention relates primarily to a system for checking the authenticity of articles, particularly products that are on the market.
  • a series of existing solutions aims, in particular, to allow the buyer to directly check the authenticity of articles that are on the market.
  • One of these solutions requires that on the article is applied a label that contains an authentication code typically in written form.
  • Such authentication code is generated for example by the manufacturer of the article so that each article is uniquely associated with a different code and so that the number of possible codes is much higher than the total number of articles produced and marketed; for example, if a company has a catalog of 1 ,000 (one thousand) different models of article and produces a total of 1 ,000,000 (one million) of articles per year, or an average of one thousand copies for each model, it could use an alphanumeric authentication code of 12 (twelve) characters.
  • the authentication code of each article is generated randomly taking care to avoid any overlap and is then shown on the label of the article; furthermore, the generated code is stored in a database.
  • the buyer who wishes to check the authenticity of an article can read the authentication code from the label applied on the article, check whether the code read is present in the database (eg by a telephone call) and on the basis of such check deduce if the article is authentic or not.
  • the safety of this solution is entrusted to the difference between the number of possible authentication codes and the total number of articles produced and marketed, in fact, in the case of an authentication code length of 12 characters, the number of possible codes is equal to 36 (different letters and numbers) raised to 12 (code length), or about 10 18 (10exp18), the number of articles produced over ten years, for example, 10 7 (10exp7), this means that the probability that an infringer is able to guess a valid code is about 10 ⁇ 11 (10exp-11 ), which is low.
  • the main purpose of this invention is to provide a solution based on the use of one or more labels to be associated with the article, but that does not necessarily require access to a database at the moment of checking the authenticity of the said article.
  • Another purpose is to provide a solution that is secure, in particular more secure than those known.
  • Another purpose is to provide a solution that is very convenient for the user, in particular, more comfortable than those notes; the main users of the solution are to be considered buyers of the articles, but it is not excluded the use by supervisory authorities.
  • Another purpose is to provide a solution that allows more and better performances, in particular a more reliable check of authenticity, whenever is possible to connect to a database via the telephone network (eg mobile phone network) and / or data network (such as the Internet.)
  • a database via the telephone network (eg mobile phone network) and / or data network (such as the Internet.)
  • Another purpose is to provide a solution that is suitable to be used in the field of electronic commerce.
  • the present invention further relates to an electronic processing system and an authentication label specifically designed to be used for this checking system.
  • the idea behind the present invention is to use a label in which there are information encoded (in whole or in part) by an asymmetric encryption algorithm, then based on a private key and a public key, and related to the specific article associated to the label (for example, brand, model, color, size and point of sale for the specific article).
  • a forger it will be virtually impossible for a forger to generate false labels because he does not have the private key to use to encode (in whole or in part) the information and the user (primarily the buyer) will get a first check of authenticity on the basis of the information contained on the label after having decrypted them using the public key and thus without access to any database.
  • the checking system according to the present invention is capable of enabling the checking of authenticity of articles, and, in general, includes:
  • each of said authentication labels containing at least one unique label identification code and first information related to the associated article
  • an electronic processing system comprising an archive that stores for each of these labels at least the same unique label identification code and the second information related to the associated article, said second information may cover all or part of said first information, and which also stores at least a private encryption key and at least a corresponding public decryption key, and
  • a plurality of user terminals each including means adapted to, upon an user's request, to read information from such labels and means adapted to, upon an user's request, to decrypt said read information (albeit encrypted) through the said public decryption key;
  • said user terminals are adapted to directly and / or indirectly receive such public decryption key from said electronic processing system and to store it inside them; said first information are encrypted in whole or in part by said electronic processing system through said private encryption key.
  • the checking system according to the present invention may be adapted to manage a plurality of key pairs. This could be useful, for example, if you want to separate the articles according to the manufacturing company; in this case, typically, the user communicates to its user terminal (eg by selection among the items in a menu) which is the manufacturing company before to decrypt the information inside an authentication label of an article and the user terminal is able to store in it more than a decryption key and locate the public key associated with the manufacturing company selected by the user.
  • the user terminal eg by selection among the items in a menu
  • the user terminal is the manufacturing company before to decrypt the information inside an authentication label of an article and the user terminal is able to store in it more than a decryption key and locate the public key associated with the manufacturing company selected by the user.
  • there is only one pair of keys there will typically be a company that manages the service for guaranteeing the authenticity of the articles, on behalf of a large number of manufacturing companies, and this company will own the single pair of keys.
  • Said first information may include position information of the article indicating in particular the sales position of the article; thus, for example, the buyer can check the correspondence (possibly the identity) between its current position and the position contained in the label.
  • sales position is to be understood in a broad sense and therefore could correspond to, for example, a name of a shop or a name of a chain of stores or to geographic coordinates (eg longitude and latitude); the "location information” may also, in addition or alternatively to “sales position", refers to the production (factory) and / or to distribution of the article (warehouse).
  • Said first information may include the unique label identification code or a copy; in the first case (see, for example, Fig.l B and Fig.l D), the authentication label will not show to the user the label code which will be present only in the first information for example in encrypted form; in the second case (see for example Fig.1 and Fig.l C), instead, the user will be able to read freely and without the aid of any device the label code from the label itself (see for example section SE1 in Fig. 1 ) and a copy of such code will still be contained in the first information (see for example section SE2 in Fig. 1 ) eg in encrypted form.
  • authentication labels show the user at least the unique label identification code; it can be expected in alphanumeric format and / or a mono- dimensional barcode format (traditional barcode).
  • the checking system according to the present invention may further comprise: - a plurality of article labels designed to be applied respectively to said plurality of articles, each said article label containing and preferably showing to the user at least one unique article identification code (in alphanumeric format and / or mono- dimensional barcode); in fact, the presence of an authentication label does not exclude the presence of an article label (see, for example, and Fig.lC Fig.1 D): the article label can be generated and applied for example by the subject who produces the article to trace products for management purposes and the authentication label can be generated and applied for example by the subject that provides the guarantee service of the authenticity and then allows to prevent counterfeiting (the two subjects could also be the same).
  • the said first information, contained in the authentication label includes a copy of the said unique article identification code, contained in and possibly shown on the said article label; in this way it is possible to obtain a beneficial synergistic effect between the two labels.
  • said first information contained in such authentication labels may simply include a statement that the article is also equipped with an article label, but not the unique article identification code (so the user can read without the need for any device such code from the article label and compare it with an article identification code received by said electronic processing system).
  • the first and / or the second information may include: brand of the associated article and / or model of the associated article and / or color of the associated article and / or size of the associated article and / or materials contained in the associated article and / or description of the associated article and / or list price of the associated article and / or discounts on the associated article and / or date of being put on the market (especially on sale) of the associated article and / or date of sale of the associated article and / or place of being put on the market (especially on sale) of the associated article and / or details on the manufacturer of the associated article and / or place of production of the associated article and / or production date of the associated article and / or expiration date of the associated article and / or details relating to the production of the associated article and / or warranty details of the associated article and / or maintenance details of the associated article and
  • Said authentication labels can be advantageously of "two-dimensional barcode” type, in particular "QR code” and / or “RFID” type, particularly in “NFC” technology; and in this way, authentication labels can be easily read by user terminals.
  • Said user terminals may be advantageously mobile telephone user terminals, typically mobile phones; of course, nothing prevents some user terminals are telephone and others do not.
  • the "two-dimensional barcode" goes well with the use of mobile phones to implement the present invention; in fact, these, nowadays, very often integrate a digital camera, so it will be sufficient to load a program in the mobile phone adapted to decode the code.
  • RFID fits with the use of mobile phones to implement the present invention; in fact, it is anticipated that these, in the future, will frequently integrate a reader “RFID”.
  • Said user terminals may include means adapted to interrogate said electronic processing system based on said unique label identification code, in order to obtain information related to the associated article corresponding in whole or in part to said second information.
  • Said query can be done in various ways depending on the embodiment of the present invention; for example, the search may take place via computer network, such as the Internet or telephone network, for example by sending and receiving SMS or MMS, with cable connections and / or wireless.
  • Said query can be activated upon an user's request and / or automatically by the user terminal as in the case where the terminal itself detects the possibility of a connection to the Internet.
  • Said information obtained from said electronic processing system may include position information of the article indicating particularly the sale position of the article; thus, for example, the buyer can check the correspondence (possibly the identity) between its current position, ie the one in which the article is actually for sale, and the position obtained by the electronic processing system, ie the one where the article should be if it was the authentic one.
  • the checking of authenticity may also be performed automatically by said user terminals by comparing the position information of the article obtained from said authentication labels and / or position information of the article obtained from said electronic processing system and / or position information obtained from devices in stores and / or position information obtained from the user terminals themselves (eg by a GPS [Global Positioning System] or the mobile network).
  • in the point of sale could be placed some mechanical or optical devices (such as posters or displays) showing the position of the point of sale (eg in the form of a two-dimensional barcode) readable by the user terminal or by the user; alternatively or in addition, in the point of sale could be placed some electronic devices (eg BluetoothTM transmitter or access point Wi-Fi®) that automatically notify the user terminals the position of the point of sale.
  • some mechanical or optical devices such as posters or displays
  • electronic devices eg BluetoothTM transmitter or access point Wi-Fi®
  • Said electronic processing system may include means adapted to interact with cash registers in the point of sales.
  • said second information may be written (eg the date of sale) or read (eg price or discount).
  • Said electronic processing system may include means adapted to send said user terminals information relating to an article found in said archive after being encrypted, in whole or in part, through said private encryption key.
  • Said electronic processing system may include means adapted to send said user terminals information relating to an article found in said archive after being encrypted, in whole or in part, through said private encryption key.
  • Said electronic processing system may include means adapted to send to a point of sale and / or a distribution warehouse information related to an article found in such archive and adapted for generating an authentication label after being encrypted in whole or in part through said private encryption key - the private encryption key must not be circulated, as far as possible, and the electronic processing system stores it inside with appropriate protections.
  • a point of sale and / or a warehouse can generate and / or regenerate an authentication label (eg print and / or reprint a two-dimensional barcode or program and / or reprogram an RFID); and this is useful, for example, when an article is moved from one point of sale to another or from a warehouse to a point of sale.
  • Said electronic processing system can include at least a computer and a plurality of electronic devices connected to said computer and designed to being placed in point of sales, said electronic devices including means adapted to allow users and / or said user terminals interact with said computer; typically, said computer acts as a "server” and said electronic devices act as “clients” and could take the form of so-called “totems”.
  • Said electronic devices are adapted for the checking system according to the present invention, and may have one or more different functions: allowing to download on user terminals from said electronic processing system said public decryption key, enabling users to checking of authenticity even if they do not have the appropriate user terminal.
  • the appropriate electronic processing system and the appropriate user terminals and the appropriate authentication labels it is needed the appropriate electronic processing system and the appropriate user terminals and the appropriate authentication labels; however, the electronic components of the checking system can be made on the basis of electronic components already on the market with the addition of dedicated hardware and / or software.
  • Said system and said labels can also be used when articles are sold through the Internet (electronic commerce); possibly the labeling of an article can also be done after it was sold; the checking of authenticity may be made during the buying phase and / or when receiving the article at home. Everything will be clearer from the detailed description which follows.
  • said system is capable of enabling checking of authenticity for other types of articles (not just products that are on the market); for example, according to another embodiment of the present invention, it is possible to use the system also for checking the authenticity of documents, considering them as "particular articles" made of paper on which surfaces are some printed information that must not be altered once written. Said information are normally in plaintext eye-readable by a person and usually consist of:
  • an issuer of the document eg: a bank or insurance company
  • a unique document identifier eg: serial number of a check or insurance policy number
  • an intended recipient of the document eg: the recipient of a check
  • one or more identification elements eg: the license plate number of the insured vehicle; brand and model of the insured vehicle
  • an economic value eg the amount of the check in Euros or Dollars
  • the above information will constitute, as previously seen, the set of so called first and second information, where said second information may cover all or part of said first information that will be inserted in a label realized according to the present invention, which as mentioned before includes a phase of encrypting, in whole or in part, of said first information using a private encryption key and the realization of a two-dimensional barcode and / or RFID label, which will be then applied safely to the document to be protected (usually the label will be printed directly on the document and will present also a unique label identification code in alphanumeric format). Also in this case, priority must be given to the information, to be inserted in the label, that is most useful for the authentication of the document.
  • the system provides for a check of authenticity of the written content in plaintext on the document through the reading and subsequent decryption (using a user terminal containing the corresponding public decryption key) of said first information on the label applied to that document, which will finally be compared with those presented on the document itself: should anything be different, the authenticity is not guaranteed.
  • the user terminal in the presence of a data connection, it is also possible use the user terminal to access the said second information stored on electronic processing system to check if, for example, the photograph on the document is the same of the one stored in the system.
  • the user terminal is able to receive and store different public decryption keys inside it and is able to select from time to time the right key to be used to make the checking of authenticity; the user terminal is able to connect to an electronic processing system, using a telephone or Internet connection, in order to obtain said second information (if any) about the document being checked, and so on.
  • an article may be protected by the presence of one or more labels, each one could be of the two-dimensional barcode or RFID; so on the same article (or document) can coexist two- dimensional barcode and RFID labels with same content, with similar content or totally independent contents.
  • Fig.1 shows four examples of articles with different labels according to the present invention
  • Fig.2 is a block diagram of an example of a checking system according to the present invention.
  • Fig.3 is a partial block diagram of a computer contained in the system of Fig.2
  • Fig.4 is a flowchart related to an example of creating an authentication label according to the present invention
  • Fig.5 is a flowchart related to an example of reading an authentication label according to the present invention.
  • Fig.6 is a block diagram of a portion of the system of Fig.2 in which is shown the structure of a point of sale.
  • Fig.1 A shows an article AR on the surface of which is applied an authentication label EU according to the present invention.
  • the label EU includes a first section SE1 and a second section SE2; the first section SE1 shows a unique label identification code CU in the form of an alphanumeric string; the second section SE2 shows a "two-dimensional barcode", in particular a "QR code”, which corresponds to information IU relating to article AR encrypted using a private encryption key KPR; information IU (“authentication information”) include, among other things, a copy of the label code CU, an article code CR and position information for article AR, namely the name of the point of sale where the article AR is sold.
  • Section SE2 instead of being a "QR code” could be for example an "RFID” with "NFC” technology.
  • Article AR in Fig.l B differs from that of Fig.lA because the label EU does not include a section SE1 so does not show the code CU; the code CU is however included in the information IU of the section SE2.
  • Fig.lC and Fig.l D are similar to those of Fig.lA and Fig.l B respectively, but they also include an article label ER that shows the article code CR in the form of an alphanumeric string - the information IU then includes a copy of the article code CR.
  • the label ER may contain and show (in different ways) also other information IR ("article information").
  • the second section SE2 could correspond to the set of information IU-P1 relating to the article AR (for example, model, color and size) non-encrypted and of information IU-P2 relating to the article AR (such as brand and name of the point of sale) encrypted using the private encryption key KPR; such alternative then provides to encrypt a smaller amount of information and therefore also the size of the section SE2 is reduced (as is known, an encrypted information has a greater size of a non- encrypted information); it should be noted that the non-encrypted information and the encrypted information may also have one or more or all data in common - this is not a problem since, according to the present invention, the encryption is not intended to keep secret information relating to the article but to allow authentication.
  • the section SE2 does not simply match to some "authentication information”, but matches that information with the addition of a corresponding "digest” that can be considered a “summary”, or rather a “footprint” of such information; both this information and the "digest” are then encrypted using the private encryption key KPR.
  • a "cryptographic hash function” is a deterministic procedure that takes an arbitrary block of data and returns a bit string of fixed length, called “cryptographic hash value”, so that an accidental or intentional modification of data will modify the "hash value”; data to be encrypted are often called “message” and the “hash value” is often called “message digest” or simply “digest”; an ideal “cryptographic hash function” has four main significant properties: it is easy to calculate for any message, it is impossible to go back to the original message starting from the digest, it is not possible to change the message without changing the digest, it is impossible to find two messages with the same digest.
  • Fig. 1 The articles of the types shown in Fig. 1 can be used in the system of Fig.2; in particular in this system are presented articles of the type of Fig.lC (the most complete in terms of labels) and the information IU of the section SE2 of the label EU of the article AR are made of the code label CU as well as brand, model, color, size of the article and name of the point of sale that sells the article.
  • Fig.lC the most complete in terms of labels
  • the information IU of the section SE2 of the label EU of the article AR are made of the code label CU as well as brand, model, color, size of the article and name of the point of sale that sells the article.
  • information IU can include: brand and / or model and / or color and / or size and / or materials contained and / or description and / or list price and / or place of being put on the market and / or details of the manufacturer and / or place of production and / or date of manufacture and / or expiration date and / or details relating to production and / or details relating to warranty and / or details relating to maintenance and / or usage details and / or ....
  • section SE2 has a limited capacity to contain information (one can reasonably think of a minimum of 50 characters to a maximum of 1000 characters) therefore priority must be given to the information that is most useful for the authentication of the article.
  • the system of Fig.2 includes a computer PCS that acts as a "server" connected to a computer network NW, especially the Internet; connected to the network NW are two radio stations BS-1 and BS-2 that allow electronic mobile devices to connect to the network NW; the computer PCS, the network NW and the stations BS-1 and BS-2 are part of an electronic processing system SYS in accordance with the present invention.
  • the system SYS may include many other and / or different components - some of them are shown in Fig.6: can be present a different number of stations BS, the communication subsystem presents one or more computer networks and / or one or more telephone networks.
  • Fig.2 are shown in particular three mobile phones TU-1 , TU-2 and TU-3 that act as "user terminal" and that can be connected to the computer PCS via the stations BS-1 and BS-2 and the network NW; it is assumed that mobile phones TU-1 and TU-2 are within a range covered by the station BS-1 (in particular a point of sale PV-1 ) and that the mobile phone TU-3 is within a range covered by station BS-2 (in particular a point of sale PV-2).
  • Fig.2 are shown in particular two points of sale PV-1 and PV-2, that are in particular selling respectively articles AR-1 , AR-2, AR-3 and AR-4, AR-5 which is assumed all be produced by the same company CO-1 ; these five articles AR-1 , AR-2, AR-3, AR-4, AR-5 are each equipped with five authentication labels EU-1 , EU-2, EU-3, EU-4, EU-5.
  • Fig.3 shows a block diagram very partial of the computer PCS contained in the system of Fig.2: it showed only an archive DB (evidently an electronic archive or “database”) that stores a set of records, one for each label EU and then for each article AR and also a private encryption key KPR-1 of the producing company CO- 1 and a public decryption key KPU-1 of the producing company CO-1 ; as already mentioned, the embodiment described here assumed all articles are produced by the same company CO-1 ; Fig.3 shows only the records related to the five labels EU-1 , EU-2, EU-3, EU-4, EU-5 respectively of the five articles-AR 1 , AR-2, AR-3, AR-4, AR-5 shown in Fig.2.
  • archive DB electronic archive or "database”
  • Each record is conceptually divided into two parts: a first part corresponds to code CU of the label EU and a second part corresponds to the information IT relating to article AR.
  • information IT can include: brand and / or model and / or color and / or size and / or materials contained and / or description and / or list price and / or discounts and / or date of being put on the market and / or date of sale and / or place of being put on the market and / or details of the manufacturer and / or place of production and / or production date and / or expiration date and / or details relating to production and / or warranty details and / or maintenance details and / or usage details and / or ... .
  • the capacity to store information of the archive DB is much greater than that of section SE2 of the label EU and then it is possible store directly or indirectly a lot of information (for example, references to websites or web pages) as well as those useful for authentication of the article. It should be noted that it is reasonable to expect that, depending on the data, corresponding privileges are needed for access; in particular, the privileges will be different for reading, writing and erasing data.
  • the generation of a label EU starts from article authentication information IU (which may also contain the label code CU and, possibly, the article code CR), as shown in Fig.4.
  • An encryption phase 401 is needed which also needs a private encryption key KPR (this key could belong to the manufacturer of the article that is to be labeled or to the company that manages the service for guaranteeing the authenticity), evidently, therefore, encryption can be done only by those who have access under appropriate privileges to the archive DB of the computer PCS; it could be established that only the computer PCS can perform the encryption.
  • the outcome of the encryption phase 401 are the encrypted data DCR.
  • the data DCR are supplied in input to a generation phase 402 of label EU, specifically the section SE2; the generation phase 402 may also receive in input non-encrypted data (this is not shown in the example of Fig. 4); such generation is different depending on the type of label; for label with "two-dimensional barcode", it will be a print (to be followed by the application on the article AR - see Fig.4), while for labels such as "RFID”, it will be a radio programming.
  • the generation of label includes, before the encryption (phase 401 ), a selection phase of all or part of the authentication information IU and a calculation phase of the digest using a hash function applied to the selected information (these phases are not shown and presented in the example of Fig. 4).
  • the encryption (phase 401 ) can be performed either on the digest only, or on the digest and part of the information or on the digest and all the information; this means, with reference to Fig. 4, that, depending on the cases, the data input to the generation phase 402 may derive not only from data coming from the phase 401 (data DCR), but also directly from the input data.
  • a label EU in particular its section SE2, is accessed through an appropriate electronic device, such as a camera or a reader of "RFID"; in Fig. 5, such phase is indicated by the reference 502; the outcome of the reading can be the set of encrypted data and non-encrypted data or, as in Fig.
  • the outcome of the decryption phase 501 are the information IU (which may also contain the label code CU and, possibly, also the article code CR); if section SE2 contains also non- encrypted data, information IU will be formed by the set of output data from phase 502 and the output data from phase 501 (this is not shown in the example of Fig. 5); on the basis of the information, of code, or both, it is possible to check the authenticity of the article.
  • the information IU which may also contain the label code CU and, possibly, also the article code CR
  • section SE2 contains also non- encrypted data
  • information IU will be formed by the set of output data from phase 502 and the output data from phase 501 (this is not shown in the example of Fig. 5); on the basis of the information, of code, or both, it is possible to check the authenticity of the article.
  • both phase 501 and phase 502 are implemented by a user terminal at the time when a user wants to check the authenticity of an article with an identification label which is close to him (for example in his hands), moreover according to the present invention, the decryption public key can be received by the terminal in very different ways and times.
  • checking of authenticity requires not only the decryption (phase 501 ), but also a phase of calculating a digest from the information extracted from the label and a comparing phase between the digest calculated and the digest extracted from the label (these phases are not shown and not presented in the example of Fig. 5).
  • the user who is carrying his mobile phone TU-2 enters the point of sale PV-1 and see the article AR-3 on which is applied an authentication label EU-3 with a section SE2 made of a two-dimensional barcode; the user decides to check the authenticity of Article AR-3, takes the mobile phone TU-2, select the application of checking of authenticity previously loaded in the mobile phone and, with his camera, framing the section SE2 that is the two-dimensional barcode; the mobile phone TU-2 asks the user to insert the name of the manufacturer of the article (in this case CO-1 ) whose label was photographed (this action may not be necessary if the checking system provides a unique key pair), the mobile phone TU-2 verify to have, within its memory, a decryption key suitable for the operation (in this case the key KPU-1 ) and, if so, proceed to the decryption displaying on its screen the decrypted data, in particular information IU-3 that match the brand, model, color, size of the article and the name of the store that sells the article; the user can then
  • the decryption key In the event that the decryption key is not present in the mobile phone, it can be expected to try to retrieve it with the help of the user; must take into account that the existence of a decryption key for articles of any manufacturer is not guaranteed; in fact, the manufacturer may not subscribe to this service for checking of authenticity. This first check was done without any type of connection (either computer or telephone) at the time of the check itself.
  • the decrypted data include also the code label CU-3; this can be displayed on the screen of the mobile phone TU-2; the user can then check that the label code CU- 3 appearing in section SE1 of the authentication label EU-3 matches with the one displayed on the screen of his mobile phone. Also this second check was done without any type of connection (either computer or telephone) at the time of the check itself.
  • the decrypted data include also the article code CR-3; this can be displayed on the screen of the mobile phone TU-2; the user can then check that the article code CR-3 printed on the article label ER-3 corresponds to the one displayed on the screen of his mobile phone. Also this third test was done without any type of connection (either computer or telephone) at the time of the check itself.
  • the user gets the label code CU-3 from the label EU-3; this can be done manually thanks to section SE1 of the label EU-3 or automatically with a dedicated electronic device thanks to section SE2 of the label EU-3; then by connecting to the computer PCS, access is given to the archive DB providing the code CU-3 of label EU-3 as a search item and specifying the requirement to conduct an authenticity check; the computer PCS will provide in response all or some of the information relating to article AR-3; typically, just a few items of information IT-3 will be enough such as brand, model, color, size, date of being put on the market, date of sale (for example, if the article was already sold in the archive DB this would mean that the article in the hands of the user is not original), place of being put on the market; on the basis of the information provided by the computer PCS the user can check the authenticity of the article AR-3.
  • the user gets the label code CU-3 from the label EU-3; this can be done manually thanks to section SE1 of the label EU-3 or automatically with a dedicated electronic device thanks to section SE2 of the label EU-3; then by connecting to the computer PCS, access is given to the archive DB providing the code CU-3 of label EU-3 as a search item and specifying the requirement to gather some information; the computer PCS will provide in response all or some of the information relating to article AR-3; typically, the user will specify which items of information are required (for example, selecting them via a menu) and the computer will only provide such information.
  • a similar mechanism could also be used to collect user information relevant to the marketing of the articles.
  • connection to the computer PCS and the query of the archive DB can be done in various ways depending on the embodiment of the present invention: thanks to the terminal TU-1 used as a computer connected to the Internet and / or thanks to the terminal TU-1 used as a telephone terminal act in the exchange of SMS or MMS and / or thanks to the terminal TU-1 used as a telephone terminal for voice communication and / or thanks to a normal computer, such as a PC, connected to the Internet and to an Internet site connected to the computer PCS.
  • a normal computer such as a PC
  • Queries of the archive DB could be activated upon user's request. Alternatively or additionally, all or some of the queries provided by the system could be activated automatically; for example, if a user decides to check the authenticity of an article and activates the application of checking of authenticity on its mobile phone, this would automatically trigger a query of the archive DB in the computer PCS if the mobile phone was connected to the Internet.
  • the SW application that runs on the mobile phone can be used in many different ways.
  • the data input by the user e.g. the brand of one or more articles to be checked, the position of one or more products to be checked, etc..
  • the data input by the user can be done at different and variables times; for example, the user could insert into their mobile phone the name of the point of sale as soon as they enter the point of sale and then later make a series of checks; the same may hold true in the case of a "mono-brand" point of sale for the articles' brand.
  • Fig.6 is a block diagram of a portion of the system of Fig.2 in which is shown the structure of the point of sale PV-1 .
  • this scheme are incorporated many advantageous technical characteristics; however for the purposes of the present invention, it is not necessary that these are all present in a point of sale; in addition, the structure may be different depending on the point of sale.
  • Fig.6 shows a local computer network LAN at point of sale PV-1 which is connected, in a way that is well known, to the network NW.
  • An electronic device TTM is connected to the LAN which, in this embodiment, is a real computer in the "totem” form and serves as a "client” in relation to the computer PCS in the system SYS; the device TTM is located in the point of sale for use by persons who enter the point of sale PV-1 (if the point of sale is a considerable size the number of "totems" would be greater than one).
  • a computer PCC such as a PC, which acts as a "client” in relation to the computer PCS in the system SYS;
  • the computer PCC is associated with a cash register system CAS for use by personnel of the point of sale PV-1 .
  • a poster SGN is shown a poster SGN; according to this quite simple embodiment, the poster has printed on it, among other things, the name of the point of sale in the form of an alphanumeric string and a two-dimensional barcode that encoded typically in a non-encrypted form the same information (in addition to the name could be provided longitude and latitude of the point of sale); of course, the string is for a manual reading and the code is for an automatic reading for example by a mobile phone (as described above); the poster SGN could also be realized by an electronic device such as a "smart poster" with RFID technology, or an LCD screen, which displays the string and the code; as an alternative or in addition to the poster, in the point of sales could be placed some electronic devices (eg BluetoothTM transmitter or access point Wi-Fi®) that will automatically notify to the user terminals the location of the point of sale (position can be understood simply as such the name of the point of sale or name of the commercial chain that owns the point of sale or as longitude and latitude of the point
  • the totem TTM can have one or more functions that will be described below.
  • a first function may be to allow a user lacks of a suitable user terminal to connect to the computer PCS and check the authenticity of an article and / or a collection of information about an article.
  • a second function may be that to display to users and / or send to user terminals the position of the point of sale, in particular the name of the point of sale or the name of the retail chain that owns the point of sale.
  • a third function may be to send, for example by radio, to the user terminals the public decryption key or the public decryption keys, for example those of the companies whose products are sold at that "multi-brand" point of sale; that key may already exist in the totem TTM (having previously received from the computer PCS) or may be requested and obtained from the computer PCS when necessary and then sent to the user terminal.
  • a fourth function is to act as a two-way communication bridge between user terminals and electronic processing system SYS, in particular for interaction with computer PCS.
  • the checking of authenticity may also be done automatically by the user terminals by comparing the position information of the article obtained from the authentication labels (EU) and position information of the article obtained from the electronic processing system (shown with SYS in Fig.2, in particular computer PCS), or between position information of the article derived from authentication labels (EU) and position information obtained from devices installed in point of sales (eg poster SGN and / or the totem TTM) or using three elements: position information of the article obtained from the labels and position information of the article obtained from the system and position information obtained from the devices; it is worth to highlight that position information (eg longitude and latitude or cell in the mobile network) to be used for checking may be obtained directly from the user terminals (eg by a GPS [Global Positioning System] receiver or by the mobile network) and the comparison typically involve some tolerance.
  • position information eg longitude and latitude or cell in the mobile network
  • the association between computer PCC and cash register system CAS can be used, for example, to write the information (date of sale, %) into the archive DB when an article is sold or to read the information (price, discount, %) from the archive DB when an article is sold.
  • the labels and the information could be generated (and applied) at the end of the production of an article, when articles are in distribution warehouses, when articles are in point of sales.
  • These three possibilities could also be combined: for example, one could envisage that, as a rule, the labels are generated when the articles are in distribution warehouses or when it is already known to which point of sale they are going to, but the points of sale can regenerate the label for example if an article is transferred from one point of sale to another.
  • the electronic processing system may include means adapted to send to a point of sale and / or a distribution warehouse information related to an article stored in the archive and adapted to generate an authentication label after having encrypted them (in whole or in part) through the private encryption key.
  • the computer PCC could receive the encrypted information and then generate or regenerate the authentication label; for example, printing on adhesive paper the section SE2 of the label EU in the form of a "QR code" then could be applied on a card that already contains the label code in the section SE1.
  • the electronic processing system (shown in Fig.2 with SYS) comprising means adapted to send to user terminals information related to an article that appears in its archive (shown in Fig.3 with DB) after they have been encrypted through said private encryption key.
  • This feature enables, among other things, to communicate to a user a special price or discount reserved for him and to be able to use it in a point of sale; in fact, presenting at the cash register of the point of sale with such encrypted information (eg with a mobile phone displaying on its screen a "QR code") that can be decrypted by the cashier and then highlight the price or discount with the certainty of the authenticity of that price or discount because the user could not create such encrypted information since he is not being in possession of private encryption key.
  • such encrypted information eg with a mobile phone displaying on its screen a "QR code
  • the user terminal has at least a public decryption key, or rather the public decryption key associated with the private encryption key that has been used to encrypt the information of the authentication label.
  • the public key could be provided to user terminals via "totem" placed in the point of sale; as an alternative or in addition, the public key can be downloaded from an Internet site, for example from the Internet site of the manager of the system for check of the authenticity of articles or from an Internet site of a manufacturing company.
  • the user terminal must know the hash function used to calculate the digest; this could be fixed and then coded in the program loaded into the user terminal or it may be distributed in a similar manner to public decryption key; the hash function may be different depending on the subject who uses the service of check of the authenticity (manufacturing company).
  • the label can be applied directly to the article or, even more advantageously, the outside of the delivery package.
  • the "name of the point of sale" encoded and encrypted in the label might be the name of the portal through which has been made the purchase.
  • a "partial label” is displayed on the screen of the user's PC and he can read it through his mobile phone and make a partial check of authenticity before purchase; for example, the "partial label” may contain information such as a "unique label identification code " and a "name of the point of sale.”
  • the warehouse that contains the articles requires to the entity responsible of generating labels, a label that contains not only the "unique label identification code” and that "name of the point of sale,” but also for example the "unique article identification code” of the article that intends to ship and then applies the right label to that article and sends it.
  • a label that contains not only the "unique label identification code” and that "name of the point of sale,” but also for example the "unique article identification code” of the article that intends to ship and then applies the right label to that article and sends it.
  • the present invention (and thus the checking of authenticity) can be used even without a data connection and / or telephone connection, but for maximum performance and therefore the maximum guarantee of authenticity and the maximum completeness of information, a data connection (especially Internet) and / or telephone is required.
  • a data connection especially Internet
  • / or telephone is required.

Abstract

La présente invention se rapporte à un système adapté pour contrôler l'authenticité de divers articles. Le système selon l'invention comprend : - une pluralité d'étiquettes d'authentification (EU) adaptées pour être associées à une pluralité correspondante d'articles (AR), les étiquettes (EU) contenant au moins un code d'identification d'étiquette unique (CU) et des premières informations (IU) en rapport avec l'article ; le système selon l'invention comprend aussi : - un système de traitement électronique (SYS) comprenant une base de données (DB) qui contient, pour chacune desdites étiquettes (EU), au moins le code correspondant (CU) et des deuxièmes informations (IT) en rapport avec l'article. Lesdites deuxièmes informations (IT) peuvent contenir, partiellement ou en totalité, lesdites premières informations (IU), et la base de données contient également au moins une clé de chiffrement privée (KPR-1) et au moins une clé de déchiffrement publique (KPU-1) correspondante ; le système selon l'invention comprend d'autre part : - une pluralité de terminaux d'utilisateur (TU) qui comprennent chacun des moyens adaptés pour lire des informations à partir des étiquettes (EU) ainsi que des moyens adaptés pour déchiffrer les informations lues au moyen de la clé publique (KPU-1). Les terminaux (TU) sont adaptés pour recevoir ladite clé publique (KPU-1), directement et/ou indirectement, depuis le système de traitement électronique (SYS) et pour l'enregistrer. Par ailleurs, lesdites premières informations (IU) ont été chiffrées, partiellement ou en totalité, par le système de traitement électronique (SYS) au moyen de la clé privée (KPR-1).
PCT/IB2011/001729 2010-08-11 2011-07-25 Système adapté pour contrôler l'authenticité d'articles WO2012020291A2 (fr)

Priority Applications (1)

Application Number Priority Date Filing Date Title
EP11764282.7A EP2668606A2 (fr) 2010-08-11 2011-07-25 Système adapté pour contrôler l'authenticité d'articles

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
ITMI2010A001537 2010-08-11
ITMI2010A001537A IT1401912B1 (it) 2010-08-11 2010-08-11 Sistema per verificare l'autenticita' di articoli

Publications (2)

Publication Number Publication Date
WO2012020291A2 true WO2012020291A2 (fr) 2012-02-16
WO2012020291A3 WO2012020291A3 (fr) 2012-05-18

Family

ID=43739521

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/IB2011/001729 WO2012020291A2 (fr) 2010-08-11 2011-07-25 Système adapté pour contrôler l'authenticité d'articles

Country Status (3)

Country Link
EP (1) EP2668606A2 (fr)
IT (1) IT1401912B1 (fr)
WO (1) WO2012020291A2 (fr)

Cited By (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
FR2992087A1 (fr) * 2012-06-15 2013-12-20 Romain Guirec Piotte Systeme d'authentification base sur un certificat electronique combinant etiquette lisible, puce rfid et base de donnees centralisee
WO2014204231A1 (fr) * 2013-06-20 2014-12-24 Chang Dong Hoon Procédé de vérification de chiffrement et de vérification de déchiffrement, et appareil électronique approprié pour petits environnements de mise en oeuvre d'une mémoire
EP3065091A1 (fr) 2015-03-05 2016-09-07 Istituto Poligrafico e Zecca dello Stato S.p.A. Système d'authentification de produit
NL2015976B1 (en) * 2015-12-16 2017-06-30 Alcomij Beheer B V System comprising a pool of product carriers
ITUA20162411A1 (it) * 2016-04-08 2017-10-08 Berbrand S R L Unipersonale Metodo e sistema di autenticazione per verificare l’autencitià di un prodotto

Family Cites Families (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
DE10222569A1 (de) * 2002-05-17 2003-12-04 Aventis Pharma Gmbh Methode zum fälschungssicheren Kennzeichen von Produkten
GB0504573D0 (en) * 2005-03-04 2005-04-13 Firstondemand Ltd Traceability and authentication of security papers
CN1878057A (zh) * 2005-06-07 2006-12-13 王向东 一种加密二维条码的组成及应用方法
JP2007122469A (ja) * 2005-10-28 2007-05-17 Joho Kankyo Design Kk バーコード対を利用した商品の真偽判別方法およびシステム

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
None

Cited By (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
FR2992087A1 (fr) * 2012-06-15 2013-12-20 Romain Guirec Piotte Systeme d'authentification base sur un certificat electronique combinant etiquette lisible, puce rfid et base de donnees centralisee
WO2014204231A1 (fr) * 2013-06-20 2014-12-24 Chang Dong Hoon Procédé de vérification de chiffrement et de vérification de déchiffrement, et appareil électronique approprié pour petits environnements de mise en oeuvre d'une mémoire
EP3065091A1 (fr) 2015-03-05 2016-09-07 Istituto Poligrafico e Zecca dello Stato S.p.A. Système d'authentification de produit
NL2015976B1 (en) * 2015-12-16 2017-06-30 Alcomij Beheer B V System comprising a pool of product carriers
ITUA20162411A1 (it) * 2016-04-08 2017-10-08 Berbrand S R L Unipersonale Metodo e sistema di autenticazione per verificare l’autencitià di un prodotto
EP3244364A1 (fr) * 2016-04-08 2017-11-15 1Trueid S.R.L. Procédé et système d'authentification pour vérifier l'authenticité d'un produit
US11354677B2 (en) 2016-04-08 2022-06-07 1Trueid S.R.L. Authentication method and system to verify the authenticity of a product

Also Published As

Publication number Publication date
ITMI20101537A1 (it) 2012-02-12
EP2668606A2 (fr) 2013-12-04
WO2012020291A3 (fr) 2012-05-18
IT1401912B1 (it) 2013-08-28

Similar Documents

Publication Publication Date Title
US20170206532A1 (en) System and method for streamlined registration and management of products over a communication network related thereto
US7548889B2 (en) Payment information security for multi-merchant purchasing environment for downloadable products
US20160098730A1 (en) System and Method for Block-Chain Verification of Goods
US20010044785A1 (en) Method and system for private shipping to anonymous users of a computer network
US20140258127A1 (en) Using Low-Cost Tags to Facilitate Mobile Transactions
CN108370314A (zh) 使用数据的安全存储和检索的装置
WO2015070055A2 (fr) Authentification et gestion de propriété et d'authenticité d'article
CN105378774A (zh) 安全交易系统和方法
CN104995656A (zh) 未经授权的产品检测技术
US20060167812A1 (en) Communication mechanisms for multi-merchant purchasing environment for downloadable products
JPWO2003017157A1 (ja) 識別情報発行装置及び方法、認証装置及び方法、プログラム、並びに記録媒体
JP2006209766A (ja) 購入されたデジタルコンテンツを管理するためのシステム
CN102007508A (zh) 物品处理方法
US20130036059A1 (en) Electronic price-proposing system, electronic price-proposing device, and electronic price-proposing method
EP2779669B1 (fr) Procédé et système pour acquérir des droits d'accès à un contenu à accès conditionnel
CN108763937B (zh) 一种配送单据生成、配送及推广信息处理方法及装置
US20020034305A1 (en) Method and system for issuing service and method and system for providing service
WO2012020291A2 (fr) Système adapté pour contrôler l'authenticité d'articles
KR101798603B1 (ko) 물품의 진위 인증용 코드를 포함하는 라벨의 제조방법
CN103577996A (zh) 在线验证方法和系统
CN101521670B (zh) 一种应用数据获取的方法及系统
CA3033479A1 (fr) Systeme et methode d'emission et de gestion confidentielles de livraisonde lettre de transport au moyen de renseignements personnels virtuels lies aux renseignements de carte de credit
CN100492968C (zh) 基于动态密码的防伪方法
JP2004171039A (ja) 識別情報発行システム、装置及び方法、プログラム、並びに記録媒体
JP2003124920A (ja) 識別情報管理システム、方法及び装置、識別情報発行装置、並びにプログラム

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 11764282

Country of ref document: EP

Kind code of ref document: A2

NENP Non-entry into the national phase

Ref country code: DE

WWE Wipo information: entry into national phase

Ref document number: 2011764282

Country of ref document: EP