WO2015196256A1 - Information verification - Google Patents

Information verification Download PDF

Info

Publication number
WO2015196256A1
WO2015196256A1 PCT/AU2015/050353 AU2015050353W WO2015196256A1 WO 2015196256 A1 WO2015196256 A1 WO 2015196256A1 AU 2015050353 W AU2015050353 W AU 2015050353W WO 2015196256 A1 WO2015196256 A1 WO 2015196256A1
Authority
WO
WIPO (PCT)
Prior art keywords
information
document
authentic
hash
verification
Prior art date
Application number
PCT/AU2015/050353
Other languages
French (fr)
Inventor
Edward John LEW
Original Assignee
Clicktix Pty Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Priority claimed from AU2014902479A external-priority patent/AU2014902479A0/en
Application filed by Clicktix Pty Ltd filed Critical Clicktix Pty Ltd
Publication of WO2015196256A1 publication Critical patent/WO2015196256A1/en

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/64Protecting data integrity, e.g. using checksums, certificates or signatures
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6209Protecting access to data via a platform, e.g. using keys or access control rules to a single file or object, e.g. in a secure envelope, encrypted and accessed using a key, or with access control rules appended to the object itself
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0823Network architectures or network communication protocols for network security for authentication of entities using certificates
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3236Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3247Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/12Applying verification of the received information
    • H04L63/123Applying verification of the received information received data contents, e.g. message integrity

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Theoretical Computer Science (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • Signal Processing (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Health & Medical Sciences (AREA)
  • Bioethics (AREA)
  • General Health & Medical Sciences (AREA)
  • Software Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Computing Systems (AREA)
  • Storage Device Security (AREA)

Abstract

An information verification system (10), including a first hash module using a hash function for generating a verification hash (23) of unencrypted authentic information from, to be on, or to be in an authentic document, wherein the authentic document having the authentic information thereon or therein and the verification hash (23) comprise the authentic document with verifiable unencrypted authentic information.

Description

INFORMATION VERIFICATION FIELD OF THE INVENTION
[0001] The present invention is related to information verification, and in particular, information verification systems and methods. The invention may be particularly useful for verifying information recorded on or into documents.
BACKGROUND OF THE INVENTION
[0002] There are many documents which contain information that is important to verify as being correct. For example, one type of document is a list of courses taken by a student, say, at a university and the results obtained by the student in those courses. Often such a document is presented at job interviews, and the prospective employer may be interested in verifying the contents of the course results documents as being correct and true.
[0003] Throughout this specification the reference to "document" includes physical substrate documents, for example, paper and plastic and similar substrates on which text and/or images are applied and electronic media, for example, electronic storage devices and computer files that may contain any one or more of text, images, audio and multi-media. The document may also include a scent (smell) file in electronic or other form.
[0004] Previously, in such circumstances, an employer would either have had to trust the potential employee as being honest. Alternatively, the employer might try to verify the contents of the document by telephoning the issuing institution to try to verify the contents of the document.
[0005] Such procedures are inconvenient, very time consuming and are prone to error. For example, trying to verify results via a telephone call may be difficult as the employer may not know which person he or she should speak to, and the issuing institution may not in fact have such a person dedicated to verifying contents of documents issued to students.
[0006] Some institutions have issued documents with seals, watermarks and other such security devices. However, these security devices can be forged, with such forgery becoming easier given modern technology available for document reproduction.
[0007] The inventor has therefore identified a need for verifying documents and information thereon, which is reliable, quick and easy.
SUMMARY OF THE INVENTION
[0008] In one aspect, the present invention provides an information verification system, including: a first hash module using a hash function for generating a verification hash of unencrypted authentic information from, to be on, or to be in an authentic document, wherein the authentic document having the authentic information thereon or therein and the verification hash comprise the authentic document with verifiable unencrypted authentic information; a storage module separate from the authentic document for storing verification hashes so as to be accessible; a second hash module using a hash function for generating a hash of to be verified information from a presented document; and, a comparator for accessing the stored verification hashes and for comparing the hash of to be verified information with the accessed verification hashes, wherein, if the hash of to be verified information is the same as one verification hash in the accessed verification hashes, then the to be verified information is indicated by the comparator to be authentic information and the presented document is indicated by the comparator to be an authentic document, and wherein, if the hash of to be verified information is not the same as any one verification hash in the accessed verification hashes, then the to be verified information is indicated by the comparator to be not authentic information and the presented document is indicated by the comparator to be not an authentic document.
[0009] In another aspect, the present invention provides an information verification method using the system mentioned in the previous paragraph, including: using the first hash module to generate a verification hash of unencrypted authentic information from or to be on an authentic document, wherein the authentic document with the authentic information and the verification hash comprise the authentic document with verifiable unencrypted authentic information; using the storage module to store the verification hash so as to be accessible; using the second hash module to generate a hash of to be verified information from a presented document; and, using the comparator to compare the hash of to be verified information with the accessed verification hash, wherein, if the hash of to be verified information and the verification hash are same, then the to be verified information is indicated by the comparator to be authentic information and the presented document is indicated by the comparator to be an authentic document, and wherein, if the hash of to be verified information and the verification hash are not same, then the to be verified information is indicated by the comparator to be not authentic information and the presented document is indicated by the comparator to be not an authentic document.
SUMMARY OF OPTIONAL EMBODIMENTS OF THE INVENTION
[0010] In one embodiment, the authentic document and presented document are each physical substrate documents, including paper documents and plastic documents, and wherein the authentic information is printed on the authentic document and the to be verified information is printed on the presented document.
[0011] In another embodiment, the authentic document and presented document are each electronic documents, including text documents, mark-up language documents, such as XML; image files, audio files, video files and multi-media files; scent (smell) files, and wherein the authentic information is in the electronic authentic document and the to be verified information is in the electronic presented document.
[0012] In yet another embodiment a mixture of types of authentic and presented documents can be verified.
[0013] In a further embodiment, the hash function of the second hash module is same as the hash function of the first hash module. However, in other embodiments, the hash functions of the first and second hash modules can be different functions. Where the hash functions of the first and second hash modules are different, these different functions can use different hashing algorithms.
[0014] In yet another embodiment, the information verification system further includes a first interface for ascertaining the authentic information from, to be on, or to be in the authentic document and a second interface for ascertaining the to be verified information from the presented document, wherein, if the authentic document and the presented document are each physical substrate documents, the first interface and the second interface are selected from the group including: a personal computer having a user input interface, including a user input interface having one or more selectable lists, a scanner having optical character recognition, and a voice recognition input, and includes other means and methods of and for input interfaces, and, wherein, if the authentic document and the presented document are each electronic documents, a first interface transceiver device and a second interface transceiver device may be selected from the group including: a Wi-Fi transceiver, a near-field communication (NFC) transceiver, a Bluetooth™ transceiver and other transceiver devices.
[0015] In yet a further embodiment, the information verification system further includes a network connecting the first hash module, the storage module, the second hash module, the comparator, the first interface and the second interface.
[0016] In an optional embodiment, the verification system further includes a document production module for recording the authentic information on the physical substrate to produce the authentic document. Alternatively, the system may include a document production module for recording the authentic information in to an electronically readable medium to produce the authentic document.
[0017] In an embodiment, the document further includes the authentic information recorded on the document as any one or more of: a bar code, an alpha-numerical code, a quick response (QR) code and an image.
[0018] In another embodiment, the second interface includes a display for displaying the to be verified information in a presented document. In optional embodiments the second interface is also enabled to display indications from the comparator as to the authenticity or otherwise of the information on or in a document. The second interface may also display an indication as to whether the document is authentic or inauthentic.
[0019] In yet another embodiment, the authentic information and the to be verified information each include multiple discrete parts of information, wherein the first hash module and the second hash module are adapted to apply the hash function separately to each discrete part of information to generate multiple verification hashes and multiple to be verified hashes, each verification and to be verified hash associated with a discrete part of information, and wherein the comparator is adapted to compare each verification hash with its corresponding to be verified hash, associated with a discrete part of information. Each discrete part of authentic information and to be verified information may be hashed with a unique identifier. Each of the whole authentic information and the whole to be verified information may be hashed with a unique identifier. [0020] Where the information verification system or method is used to separately hash multiple discrete parts of information, the second interface can display indications from the comparator as to which parts of information in a to be verified document are authentic or are inauthentic. The second interface can also display whether the to be verified document is authentic or inauthentic.
[0021] It will be appreciated that information gathered or displayed by the second interface can also optionally be gathered or displayed by the first interface. In some embodiments it may be that the first and second interfaces comprise a single interface, for example, where a party issuing an authentic document is later required to authenticate that same document.
[0022] In a further embodiment, the document, the authentic document and the presented document comprise course results documents. The authentic information and the to be verified information is selected from the group including: a mark, a grade, an average (including a grade point average), a grade classification (for example, first class, second class, and third class); a subject name and/or number, an exam name and/or number; a year number, a month name and/or number, a day name and/or number, a date (including day, month and year); an institution, university, college, name and/or number; a person's name and/or number (including student number); and, a company name and/or number.
[0023] Alternatively, the document, the authentic document and the presented document comprise identity documents including driver licences and passports. The authentic information and the to be verified information is selected from the group including: full name, address, licence number, licence expiry, licence type, date-of-birth, conditions, signature and image.
[0024] Further alternatively, the document, the authentic document and the presented document comprise marriage certificates. The authentic information and the to be verified information is selected from the group including: number in register, when and where married, names and surnames of each party, marital status, children by each former marriage, birthplace, occupation, age, residence of each party present, parents names father and mother, date of marriage, signature of minister or registrar of marriages, and signature of witnesses.
[0025] In yet another alternative embodiment, the document, the authentic document and the presented document comprise land titles. The authentic information and the to be verified information is selected from the group including: volume number, folio number, lot number, address, name(s) of owner(s), address(es) of owner(s), registrar's signature and registrar's seal.
BRIEF OF DESCRIPTION OF THE DRAWING
[0026] For an understanding of the invention, and to show how it may be performed, optional embodiments thereof will now be described, by way of non-limiting the examples only, and with reference to the accompanying drawing, in which:
[0027] FIG. 1 is a diagrammatic representation of an embodiment of the present invention showing process steps, methods, systems and components used by various actors for the information verification system and method.
DETAILED DESCRIPTION OF OPTIONAL EMBODIMENTS
[0028] The present invention is a system and method for verifying documents and verifying the information on those documents. The system and method can be applied to both physical substrate documents, such as paper and plastic documents. This system and method is also applicable to electronic documents, such as text documents, XML documents, PDF documents, scent (smell) files, and the like and/or a mixture of such documents. Further, the system and method can be applied to electronic documents such as image files, audio files, video files, scent (smell) files and multi-media files. It will be understood that the system and method can be applied to other types of documents not specifically mentioned whether documents of a physical substrate type or documents of an electronic or electronically readable type.
[0029] The system and method may be implemented by various parties.
In one example embodiment, a first party uses the first hash module to create the verification hash and stores the verification hash on the storage module. The first party is also responsible for creation, directly or indirectly, of the actual document using the document production module. When a document is presented for verification, the first party is also in control of the comparator for accessing stored verification hashes and for comparing the hash of the to be verified information with the accessed verification hashes. In such
embodiment, there may also be a second party operating the second hash module to create the hash of the to be verified information. The second party sends the to be verified hash to the first party for comparison.
[0030] In another possible arrangement, a first party is responsible for operating the first hash module and the document production module. A second party is responsible for operating the second hash module. However, in this embodiment, a third party is responsible for operating the storage module and the comparator. In this scenario, when the first party creates the verification hash of an authentic document, the first party sends the verification hash to the third party for storage in the storage module, along with other verification hashes related to other documents. When a document is presented for verification to the second party, the second party creates the to be verified hash to the third party, and the third party compares the to be verified hash with verification hashes stored in the storage module.
[0031] It can be seen that there are various ways of distributing the control of various components of the system and actions in the method. The above arrangements, one having two parties, the other having three parties, are merely examples of possible arrangements. It is also possible, for example, that a single party operates the entire information verification system. [0032] The first party may be, for example, a university, a college or some other education institution. The first party may also be a registry responsible for distribution of documents such as marriage certificates, driver licenses, land titles and other such documents. The first party may also be, for example, a government responsible for creation and distribution of passports.
[0033] The second party may be an employer looking to verify information provided by a job seeker. The information may be a schedule of exam results attained by the job applicant at university or some other education institution. In other scenarios, the second party could be customs, border control, police or other government agents who require verification of documents and information on documents during the course of their duties.
[0034] The third party may be a service provider which specifically provides connectivity and functionality to allow the first party to store verification hashes and allow the second party to provide to be verified hashes for comparison, and to compare the to be verified hashes with the store of verification hashes. The third party also provides results of the comparison to the second party.
[0035] Although the authentic document having the authentic information thereon or therein and the verification hash comprise an authentic document with verifiable authentic information, it will be understood that the verification hash, the authentic document and the authentic information are each separate entities. In this regard, it will be appreciated that, in many embodiments, the verification hash is stored separately from the authentic document and/or the authentic information. Typically, the authentic information is in or on the authentic document, but it will be appreciated that the authentic information may exist before production of the document.
However, in some optional embodiments, the verification hash may be recorded on or in an authentic document. [0036] Connectivity between the first, the second and the third parties, and any other parties, may be by internet. However, other forms of connectivity can be envisaged and will work for the present invention. For example, it is possible that the second party sends the to be verified hash to the third party for comparison, and receives the results of the comparison by return postal mail. Though the previous example would be slow, it demonstrates that the invention is not limited to any particular form of communication between the parties.
[0037] It will be understood that the authentic information may be created and the first hash module can generate the verification hash related to the authentic information before a document is created. Alternatively, it is possible to create the document with the authentic information (an authentic document), and then to employ the first hash module to generate a verification hash of the authentic information.
[0038] The authentic document may be produced by various means, depending on the document type. For example, if the document is a simple paper document, it is possible to print same with a printer. A similar consideration applies to plastic physical substrate documents, which can be printed using an appropriate print technology.
[0039] If the document is an electronic document, then various electronic means may be employed to produce the document. If the electronic document is a file to be stored on a smart card, then the document can be created by a computer adapted to do same, then can be transferred to the smart card by a suitable radio antenna system. In other embodiments, the document may be stored on a mobile computing device, such as a smartphone or a tablet computing device. Electronic storage allows for more flexibility in the document types, so as to include image files, audio files, video files and multimedia files. [0040] When entering information into the first hash module or the second hash module, it is possible to use various interfaces, depending on the document type. For example, if the authentic document and the presented document are each physical substrate documents, the first and second interfaces may be a personal computer having facilities to accept the document information. The first and second interfaces may also be a scanner having optical character recognition for scanning in the information on the document. In another embodiment, information from the document could be read by a human and the interface is a voice recognition program. There are many different means for obtaining the information and feeding that information to the first and/or second hash module for hashing.
[0041] In one particular embodiment, the interface is a computer running a program, the program having pre-populated drop down lists with selectable items. For example, a first list may be a list of universities. When an operator selects one of the universities, a second dependent drop down list is populated with possible subjects offered by the university. When the operator selects one or more subjects from the second list, a third list is populated having possible result types for each of the subjects selected from the second list. The operator then selects the appropriate result type for each subject. It will be appreciated that there can be many ways of implementing such information capture, such as a series of HMTL pages with appropriate operating logic.
[0042] In another embodiment, when the authentic document or the presented document is an electronic document, the first and second interfaces could be transceivers of various kind, or could be simply a USB port. It will be appreciated that there are a vast number of ways that information can be transferred from a device carrying an electronic document to another such device. [0043] In embodiments where the first and second hash functions are different from each other, the comparator can operate to compare hashes by employing an appropriate algorithm. The following method is an example: first hash module
ABC + each character incremented by 1
hash output = BCD second hash module
ABC + each character incremented by 2
hash output = CDE comparator if (H M 1-H M2) != 1
then false
if(HM l-HM 2) = 1
then true
[0044] Where the comparator is required to compare hashes produced by different hash functions, the comparator can be adapted to compare corresponding but different hashes by being provided with an index associated with each hash. In this regard, corresponding different hashes from the first and second hash modules can each be provided with the same index to show the comparator that they are to be compared.
[0045] In some embodiments, the hash function is not applied to the whole of the authentic information, but is applied to discrete parts of the information. In such an example, the discrete parts of the authentic information can be hashed separately along with a unique identifier. For example, the following discrete authentic information parts may be hashed along with unique identifiers. Information Type Information Content Unique Identifier Hash
Organization University A 12345 JS *#&$(##)
First Name John 13432 JDN*#NN
Last Name Smith 23232 HDJS88BDN!#
Score 1 99 23233 HSH! @
Score 2 73 23231 prqX09?
Score 3 76 23234 3L29#@ :
[0046] In the above example, a single document provides a number of verification hashes, all of which can be stored in the storage module for
comparison by the comparator. In another embodiment, along with the
separate hashes of discrete parts of the entire information, the system and
method allows for also hashing the entire authentic information.
[0047] Referring now to FIG. 1, which shows an embodiment of the system and/or method 10 for verifying information. In the illustrated example, a first party 20 operates the document production module, the first hash module and the storage module. A second party 40 operates the second hash module and the comparator.
[0048] Content of an authentic document is created by, say, a particular institution 21. The content is then entered into the system via a first interface 22. The authentic information is hashed by the first hash module using a hash function, thus producing the verification hash 23. The verification hash is stored with other such verification hashes in the storage module 25.
[0049] In the embodiment shown in FIG. 1, the system and method also provides for updating information on the document, which leads to time based updated verification hashes 24 being stored in the storage module 25.
[0050] The institution then gives the document to an interested party, such as a student 31. The student may then be in process of applying for a job 30, where a potential employer 32 requests the information on the student's result sheet. The potential employer 32 wishes to check such information is correct and true, so uses a second interface 41 to input the to be verified information from the presented document. The second hash module 42 applies the same hash function as used in the first hash module. This produces a hash of the to be verified information which can be compared in the comparator 43 with the stored verification hashes in the storage module 25. A result is then delivered 44 to the potential employer 32 either confirming that the hash is stored in the storage module, thus indicating authenticity of the document and the information thereon or therein. Alternatively, if the comparator cannot find an equivalent hash in the storage module, then the potential employer 32 is notified that the information entered into the second interface 42 is not correct information.
[0051] The employer then has the option of re-entering the information to make sure that no errors were made during the first entry of information. The checking process can then be re-done. In some circumstances, the potential employer may try to input the information a number of times.
[0052] In optional embodiments of the present invention, documents may contain various different types of information, depending on the document type. [0053] In one example, the document may be a passport having the following information: passport type, code of issuing state, name, date of birth, sex, date of issue, date of expiry, authority, document number, place of birth and holder's signature. The passport may also contain an image file of the passport holder. In such an embodiment, it may be that all the textural information is hashed together, but the image file is hashed separately from the textural information.
[0054] The passport may also contain an image of a thumb print, hidden information or other type of bio-marker information. This information can also be hashed separately from the textural information and the passport holder's image information.
[0055] Another example is a driver's license containing the following information: full name, address, license number, license expiry, license type, date of birth, conditions, signature and image.
[0056] Another type of document is a marriage certificate which may have the following information: number in register, when and where married, name and surname of each party, marital status, children by each formal marriage, birth place, occupation, age, residence of each party present, parents names, date of marriage, signature of minister or registrar of marriages and signature of witnesses.
[0057] Yet another type of document is a land title or certificate of land title. This document may have various textural and image information. The textural information may include: volume, folio, lot number, street address, name of owner, date of birth of owner and the like. The image information may include survey images, images of the registrar's signature, the registrar's seal or stamp and other such image information.
[0058] Another type of document is a naturalization certificate which may contain the following information: name, date, signature of minister and signature of authorized officer. It may also contain address, occupation, place and date of birth, nationality prior to grant of new nationality, marital status, height, colour of eyes, colour of hair, visible distinguishing marks, specimen signature of applicant, children included in certificate, including name of child, date of birth and place of birth.
[0059] Yet another type of document is a birth certificate, which may contain the following information: when and where born, name, father's name, profession and birth place, and mother's name, profession and birth place, informant details, witness details, and registrar details.
[0060] A further type of document is a travel visa, containing the following information: place of issue, valid from, valid to, VAF number, number of entries, type, name, passport number, observations, number of dependants, dependant name and other such information.
[0061] A certificate of currency insurance may also be verified by the present system and method. The certificate may contain the following information: insurance company name, ABN, AFS license number, insurance company address, insurance company phone, insurance company facsimile, area of cover, for example, information technology, certificate of currency date, insured company name, covering, limits of liability, financial injury professional liability amount, public liability amount, products liability amount, policy period, and other such information.
[0062] Other types of documents are prescriptions, medical
prescriptions for pharmaceuticals, invoices, statements of attainment and share certificates.
[0063] The information verification system and method may use the following types of authentication and security:
Basic Access Control (BAC). BAC protects the communication channel between the chip and the reader by encrypting transmitted information. Before data can be read from a chip, the reader needs to provide a key which is derived from the Machine Readable Zone: the date of birth, the date of expiry and the document number. If BAC is used, an attacker cannot (easily) eavesdrop transferred information without knowing the correct key.
Passive Authentication (PA). PA prevents modification of passport chip data. The chip contains a Separation of Duty file (SOD) that stores hash values of all files stored in the chip (picture, fingerprint, etc.) and a digital signature of these hashes. The digital signature is made using a document signing key which itself is signed by a country signing key. If a file in the chip (e.g. the picture) is changed, this can be detected since the hash value is incorrect. Readers need access to all used public country keys to check whether the digital signature is generated by a trusted country.
Active Authentication (AA). AA prevents cloning of passport chips. The chip contains a private key that cannot be read or copied, but its existence can easily be proven.
[0064] The following is an example of a possible usage of the system and method as applied to university exam results:
Person A is a graduate of University A
University A provides a statement of results to Person A
Person A is applying for a job and provides a copy of this statement to Employer A
Employer A wants to verify that the information provided by person A matches precisely the information held by University A
As an example Employer A wants to make sure that Person A has not altered any grades on the statement of results
Employer A can access a website operated by Verification
Website A and input the data from the statement of results
Verification Website A applies a unique algorithm to this data which creates a hash value
This hash value is then transmitted to University A
An application running on a server at University A checks to see if the hash value exists in the system
University A has a pre-existing table of hash values and creates these hash values by running the same algorithm that is running on Verification Website A
If the hash value DOES EXIST in the system then a response is sent to Employer A via Verification Website A informing Employer A that the information presented IS A match
If the hash value DOES NOT exist in the system then a response is sent to Employer A via Verification Website A informing
Employer A that the information presented IS NOT A match
By only comparing hash values security and privacy of the original information can be protected and maintained and does not need to be exposed unnecessarily.
For the system to function efficiently a unique identifier comprised of pertinent information such as Organisation Name and Person A details may also be created.
This means that Verification Website A knows to check the hash values in University A rather than to check the hash values created by any other university or organisation.
This process is applicable to many different areas such as land titles, insurance documents, passports , birth certificates, prescriptions , medical certificates etc.
It is also possible that rather than Verification Website A accessing A's own server that University A updates the hash table on a server operated by Verification Website A in real time or any frequency that is required.
The method for inputting a copy of data into Verification Website A can take many different forms it can be scanned in, it can be manually entered, it can be contained on an NFC or RFID chip, etc.
Data on any document can be altered but it is about making sure that any such alteration is detectable which is a purpose of this process. [0065] In an embodiment, a document (authentic document with authentic information therein) can be created by, for example, a university. The university may produce a physical substrate version of the document, say, on paper, and give the physical substrate version to a student. The university can also retain an electronic version of the document in a suitable storage means (which could be the storage module of the information verification system).
[0066] It will be understood that an authentic document can be reproduced, and the reproduction document will also be authentic. The information verification system and method allows for multiple authentic documents to be produced without compromising the integrity of the verification.
[0067] In embodiments where multiple discrete parts of information are hashed separately, it will be understood that parts of a document can be verified as being authentic while other parts will be shown to be inauthentic. For example, if the document contains course results, the document could have results for a number of different subjects and/or exams. If each subject and/or exam result is hashed separately, then it is possible to verify each subject and/or exam result separately with the comparator. It may be the case that a particular presented document has five (5) course results printed on it; the results can be separately hashed by the second hash module (in one
embodiment each separate result is hashed with a unique identifier); the hashed to be verified results can be compared with verification hashes in the storage module. The comparator may find four of the five results are correct and authentic, but that one result is not correct, and is not authentic. By using this particular method, the information verification is more fine-grained, so that if only a part of the information on a document is not correct, then the incorrect part does not render the whole document as being incorrect or inauthentic. Accordingly, the system and method of the present invention may be used in such embodiments to determine which parts of a document's information is authentic and which is inauthentic. Optionally, the system and method can provide for displaying results showing which parts of a document's
information is authentic and which is inauthentic.
[0068] In other circumstances, information on a physical document may be authentic, but information in an electronic document on, for example, a chip embedded into or on the physical document may be inauthentic or incorrect. Alternatively, in such circumstances, the information in the chip may be authentic or correct and the information on the document may be inauthentic or incorrect. The system and method of the present invention can indicate to a user any inconsistencies in this information and identify which is authentic information and which is inauthentic information.
[0069] In some embodiments, the system and method of verifying information may be used for a number of different institutions, each having a number of people using the system and method. For example, there may be a number of universities, each having a large number of students with exam results to be recorded and verified when those students apply for jobs. The system and method may also use multiple hash tables to be stored on the storage module. Each table, for example, could be for a separate institution. In the case of universities, each table could be for a separate university. In such an embodiment, the comparator can access a table of a particular institution when searching for hashes. This may result in a more efficient search and comparison for the comparator than if all hashes were to be stored for all institutions in a single table. It will be appreciated that there are various possible embodiments employing this concept. For example, it may be that each school or department in a university has its own table.
[0070] In yet another embodiment, each hash can be stored in a table with an index according to an identifier. For example, the index may accord with the identity of the authentic document and may include information related to a person's name, address or other such information. In another example, the index may accord with the identity of the institution, school, subject or other such information. [0071] Throughout this specification the words "authentic" and
"inauthentic" have been used to describe information in or on a document. It will be understood that the terms "correct" and "incorrect", "true" and "false" and other such terminology could be used to describe the information.
[0072] Throughout this specification and the claims which follow, unless the context requires otherwise, the word "comprise", and variations such as "comprises" and "comprising", will be understood to imply the inclusion of a stated integer or step or group of integers or steps but not the exclusion of any other integer or step or group of integers or steps.
[0073] The reference to any prior art in this specification is not, and should not be taken as, an acknowledgment or any form of suggestion that the prior art forms part of the common general knowledge.

Claims

CLAIMS:
1. An information verification system, including:
a first hash module using a hash function for generating a verification hash of unencrypted authentic information from, to be on, or to be in an authentic document, wherein the authentic document having the authentic information thereon or therein and the verification hash comprise the authentic document with verifiable unencrypted authentic information;
a storage module separate from the authentic document for storing verification hashes so as to be accessible;
a second hash module using a hash function for generating a hash of to be verified information from a presented document, wherein the hash function of the second hash module is same as the hash function of the first hash module; and,
a comparator for accessing the stored verification hashes and for comparing the hash of to be verified information with the accessed verification hashes,
wherein, if the hash of to be verified information is the same as one verification hash in the accessed verification hashes, then the to be verified information is indicated by the comparator to be authentic information and the presented document is indicated by the comparator to be an authentic document, and
wherein, if the hash of to be verified information is not the same as any one verification hash in the accessed verification hashes, then the to be verified information is indicated by the comparator to be not authentic information and the presented document is indicated by the comparator to be not an authentic document.
2. An information verification system according to claim 1, wherein the authentic document and presented document are each physical substrate documents, including paper documents and plastic documents, and wherein the authentic information is printed on the authentic document and the to be verified information is printed on the presented document.
3. An information verification system according to claim 1, wherein the authentic document and presented document are each electronic documents, including text documents, mark-up language documents, such as XML; image files, audio files, video files and multi-media files; and scent files, and wherein the authentic information is in the electronic authentic document and the to be verified information is in the electronic presented document.
4. An information verification system according to any one of claims 1 to 3, further including a first interface for ascertaining the authentic information from, to be on, or to be in the authentic document and a second interface for ascertaining the to be verified information from the presented document,
wherein, if the authentic document and the presented document are each physical substrate documents, the first interface and the second interface are selected from the group including, but not limited to: a personal computer having a user input interface, including a user input interface having one or more selectable lists, a scanner having optical character recognition, and a voice recognition input, and,
wherein, if the authentic document and the presented document are each electronic documents, a first interface transceiver device and a second interface transceiver device are selected from the group including: a wireless local area network transceiver, a near-field communication (NFC) transceiver and other transceiver devices.
5. An information verification system according to claim 4, further including a network connecting the first hash module, the storage module, the second hash module, the comparator, the first interface and the second interface.
6. An information verification system according to claim 2, further including a document production module for recording the authentic information on the physical substrate to produce the authentic document.
7. An information verification system according to claim 3, further including a document production module for recording the authentic information in to an electronically readable medium to produce the authentic document.
8. An information verification system according to claim 6, wherein the document further includes the authentic information recorded on the document as any one or more of: a bar code, an alpha-numerical code, a quick response (QR) code and an image.
9. An information verification system according to any one of claim 4 to 8, wherein the second interface includes a display for displaying the to be verified information in a presented document.
10. An information verification system according to any one of claims 1 to 9, wherein the authentic information and the to be verified information each include multiple discrete parts of information, wherein the first hash module and the second hash module are adapted to apply the hash function separately to each discrete part of information to generate multiple verification hashes and multiple to be verified hashes, each verification and to be verified hash associated with a discrete part of information, and wherein the comparator is adapted to compare each verification hash with its corresponding to be verified hash, associated with a discrete part of information.
11. An information verification system according to claim 10, wherein each discrete part of authentic information and to be verified information is hashed with a unique identifier.
12. An information verification system according to claim 11, wherein each of the whole authentic information and the whole to be verified information is hashed with a unique identifier.
13. An information verification system according to any one of claims 1 to 12, wherein the document, the authentic document and the presented document comprise course results documents.
14. An information verification system according to claim 13, wherein the authentic information and the to be verified information is selected from the group including: a mark, a grade, an average (including a grade point average), a grade classification (for example, first class, second class, and third class); a subject name and/or number, an exam name and/or number; a year number, a month name and/or number, a day name and/or number, a date (including day, month and year); an institution, university, college, name and/or number; a person's name and/or number (including student number); and, a company name and/or number.
15. An information verification system according to any one of claims 1 to 12, wherein the document, the authentic document and the presented document comprise identity documents including driver licences and passports.
16. An information verification system according to claim 15, wherein the authentic information and the to be verified information is selected from the group including: full name, address, licence number, licence expiry, licence type, date-of-birth, conditions, signature and image.
17. An information verification system according to any one of claims 1 to 12, wherein the document, the authentic document and the presented document comprise marriage certificates.
18. An information verification system according to claim 17, wherein the authentic information and the to be verified information is selected from the group including: number in register, when and where married, names and surnames of each party, marital status, children by each former marriage, birthplace, occupation, age, residence of each party present, parents names father and mother, date of marriage, signature of minister or registrar of marriages, and signature of witnesses.
19. An information verification system according to any one of claims 1 to 12, wherein the document, the authentic document and the presented document comprise land titles.
20. An information verification system according to claim 19, wherein the authentic information and the to be verified information is selected from the group including: volume number, folio number, lot number, address, name(s) of owner(s), address(es) of owner(s), registrar's signature and registrar's seal.
21. An information verification method using the system according to any one of claims 1 to 17, including:
using the first hash module to generate a verification hash of unencrypted authentic information from or to be on an authentic document, wherein the authentic document with the authentic information and the verification hash comprise the authentic document with verifiable unencrypted authentic information;
using the storage module to store the verification hash so as to be accessible;
using the second hash module to generate a hash of to be verified information from a presented document; and,
using the comparator to compare the hash of to be verified information with the accessed verification hash,
wherein, if the hash of to be verified information and the verification hash are same, then the to be verified information is indicated by the comparator to be authentic information and the presented document is indicated by the comparator to be an authentic document, and
wherein, if the hash of to be verified information and the verification hash are not same, then the to be verified information is indicated by the comparator to be not authentic information and the presented document is indicated by the comparator to be not an authentic document.
PCT/AU2015/050353 2014-06-27 2015-06-25 Information verification WO2015196256A1 (en)

Applications Claiming Priority (4)

Application Number Priority Date Filing Date Title
AU2014902479A AU2014902479A0 (en) 2014-06-27 Information verification
AU2014902479 2014-06-27
NZ630964 2014-09-10
NZ630964A NZ630964A (en) 2014-06-27 2014-09-10 Information verification

Publications (1)

Publication Number Publication Date
WO2015196256A1 true WO2015196256A1 (en) 2015-12-30

Family

ID=53189469

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/AU2015/050353 WO2015196256A1 (en) 2014-06-27 2015-06-25 Information verification

Country Status (2)

Country Link
NZ (1) NZ630964A (en)
WO (1) WO2015196256A1 (en)

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20020023220A1 (en) * 2000-08-18 2002-02-21 Distributed Trust Management Inc. Distributed information system and protocol for affixing electronic signatures and authenticating documents
US20080077798A1 (en) * 2006-09-26 2008-03-27 Nachtigall Ernest H System and method for secure verification of electronic transactions

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20020023220A1 (en) * 2000-08-18 2002-02-21 Distributed Trust Management Inc. Distributed information system and protocol for affixing electronic signatures and authenticating documents
US20080077798A1 (en) * 2006-09-26 2008-03-27 Nachtigall Ernest H System and method for secure verification of electronic transactions

Also Published As

Publication number Publication date
NZ630964A (en) 2015-02-27

Similar Documents

Publication Publication Date Title
CN113853775B (en) Credential verification and issuance by credential service provider
US11790118B2 (en) Cloud-based system for protecting sensitive information in shared content
CN110462658B (en) System and method for providing digital identity records to verify the identity of a user
US10972281B2 (en) System and method for document information authenticity verification
US10402784B2 (en) Dynamic notary system
US20190005268A1 (en) Universal original document validation platform
US20160125680A1 (en) Identification scan in compliance with jurisdictional or other rules
US10249015B2 (en) System and method for digitally watermarking digital facial portraits
US20180197263A1 (en) Virtual credentials and licenses
US9218589B2 (en) Issuance, conveyance and management of endorsements
US11126999B1 (en) Officially authorized virtual identification cards
US20230177137A1 (en) Derived child verifiable credential with selective claims
US11550892B2 (en) Presentation of a verifiable credential having usage data
US10460163B2 (en) System and method for digitally watermarking digital facial portraits
US9697350B1 (en) Electronic signing of content
US10469699B2 (en) Remote mark printing on a security document
US20230179588A1 (en) Verifiable credential with dynamic claim
WO2015196256A1 (en) Information verification
Blue et al. A review of identity, identification and authentication
US20200372469A1 (en) Business card information management system and business card information management program
KR20090036036A (en) Verification service system of educational background inquiry based on internet environment
EP3671503B1 (en) Graphometric document signing method and system
EP3142064A1 (en) Virtual credentials and licenses
JP2003022350A (en) Electronic personal history system, server, terminal device and storage medium
US11019007B1 (en) Systems and methods for providing electronic official documents

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 15811126

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 15811126

Country of ref document: EP

Kind code of ref document: A1