WO2023139599A1 - Method and system for authenticating display content - Google Patents

Method and system for authenticating display content Download PDF

Info

Publication number
WO2023139599A1
WO2023139599A1 PCT/IN2023/050042 IN2023050042W WO2023139599A1 WO 2023139599 A1 WO2023139599 A1 WO 2023139599A1 IN 2023050042 W IN2023050042 W IN 2023050042W WO 2023139599 A1 WO2023139599 A1 WO 2023139599A1
Authority
WO
WIPO (PCT)
Prior art keywords
dataset
digital signature
unit
electronic device
processor
Prior art date
Application number
PCT/IN2023/050042
Other languages
French (fr)
Inventor
Satyamurthy Konanur RAMACHANDRA
Meghana Prabhu
Original Assignee
Ramachandra Satyamurthy Konanur
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Ramachandra Satyamurthy Konanur filed Critical Ramachandra Satyamurthy Konanur
Publication of WO2023139599A1 publication Critical patent/WO2023139599A1/en

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/64Protecting data integrity, e.g. using checksums, certificates or signatures
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/03Indexing scheme relating to G06F21/50, monitoring users, programs or devices to maintain the integrity of platforms
    • G06F2221/032Protect output to user by software means

Definitions

  • the present invention relates to display contents displayed on a display unit, and more particularly relates to authenticating the display contents displayed on the display unit.
  • electronic devices utilize one or more display units to display information pertaining to a functioning thereof.
  • the dispenser includes the display unit to display a quantity of fuel dispensed and corresponding rate for the same.
  • the fuel dispenser typically includes a controller in communication with a plurality of sensors to measure the quantity of fuel and thereafter determine a corresponding cost for the quantity of fuel dispensed. Subsequent to determination, the controller transfers the information to the display unit for displaying the same.
  • the information may be accessed by unauthorized personnel.
  • the unauthorized personnel may include one of an employee, a consumer, and a social miscreant.
  • the third-party personnel may tamper or modify the information, such as one of lowering or raising the rate for the quantity of the fuel dispensed and thereby causing losses to all parties involved.
  • One or more embodiments of the present invention provide a system and method for authenticating display content.
  • a method of authenticating display content includes the step of receiving, by a processor, a first dataset from an electronic device.
  • the first dataset pertains to values corresponding to a function of the electronic device.
  • the method further includes the step of appending, by the processor, a digital signature to the first dataset to form a second dataset.
  • the method includes the step of relaying, by the processor, the second dataset to a display unit of the electronic device.
  • the relayed second dataset is representative of the display content displayed on the display unit.
  • the method includes the step of receiving, by the processor, the relayed second dataset displayed on the display unit and retrieving, by the processor, the digital signature from the relayed second dataset.
  • the method includes the step of verifying, by the processor, the digital signature utilizing the retrieved first digital signature and one of a public key and the at least one symmetric key and thereby authenticating the display content of the electronic device based on the satisfaction of the pre-defined criteria.
  • a system for authenticating a display content includes a memory and a processor coupled to the memory including executable instructions.
  • the processor is configured to receive a first dataset from an electronic device.
  • the first dataset pertains to values corresponding to a function of the electronic device.
  • the processor is configured to append a digital signature to the first dataset to form a second dataset.
  • the processor is configured to relay the second dataset to a display unit via the electronic device.
  • the relayed second dataset is representative of the display content displayed on the display unit.
  • the processor is configured to receive the relayed second dataset displayed on the display unit and retrieving, by the processor, the digital signature from the relayed second dataset. Further, the processor is configured to verify the digital signature utilizing the retrieved first digital signature and one of a public key and the at least one symmetric key and thereby authenticate the display content of the electronic device based on the satisfaction of the pre-defined criteria.
  • FIG. 1 is a block diagram of an environment for authenticating display content, according to one or more embodiments of the present invention
  • FIG. 2 is a schematic representation of a system for authenticating the display content, according to one or more embodiments of the present invention.
  • FIG. 3 shows a flow chart of a method for authenticating the display content, according to one or more embodiments of the present invention.
  • FIG. 1 illustrates a block diagram of an environment 100 for authenticating display content.
  • the environment 100 includes an electronic device 105.
  • the electronic device 105 is configured and adapted to be operated as per a requirement of the user, and further provide a visual representation indicative of the operation and functioning of the electronic device on a display unit 110 of the electronic device 105.
  • the visual representation includes values and/or data pertaining to the operation and a function of the electronic device 105.
  • the electronic device 105 of the present invention will be described and embodied with respect to a fuel dispenser. It is, however, to be noted that electronic device 105 may be one of, but not limited to, a weighing machine and a currency counting machine without deviating from the scope of the present disclosure.
  • the electronic device 105 further includes a controller 115.
  • the controller 115 is configured to one of receive and generate information pertaining to the functioning of the electronic device 105, and thereafter determines the values and/or data, hereinafter referred to as “a first dataset”.
  • the controller 115 may be implemented as one or more microprocessors, microcomputers, microcontrollers, digital signal processors, central processing units, state machines, logic circuitries, single board computer, and/or any devices that manipulate signals based on operational instructions.
  • the environment 100 includes a verifier unit 120.
  • the verifier unit 120 is communicably coupled to the controller 115 of the electronic device 105.
  • the verifier unit 120 is an integral element of the electronic device 105. In alternate embodiments the verifier unit 120 may be positioned at location remotely accessible by the controller 115.
  • the verifier unit 120 is configured to receive the first dataset from the controller 115 of the electronic device 105. On receiving, the verifier unit 120 is configured to append a digital signature to the first dataset and thereby form a second dataset.
  • the verifier unit 120 is configured to transfer the second dataset to the controller 115 of the electronic device 105. On receiving, the controller 115 is configured to the transfer the second dataset to the display unit 110 and thereafter display the second dataset thereon.
  • the verifier unit 120 one of receives and captures a representation indicative of the second dataset displayed on the display unit 110.
  • the verifier unit 120 is configured to authenticate an authenticity of the representation of the second dataset received.
  • the environment 100 further includes a server 125 in communication with the verifier unit 120 of the electronic device 105.
  • the server 125 is in communication with the verifier unit 120 via a network 130.
  • the verifier unit 120 is pre -registered with the server 125.
  • the verifier unit 120 is configured to receive input required to append the digital signature to the first dataset from the server 125.
  • the verifier unit 120 is not accumulated with data required to append the digital signature to the first dataset, and thereby, advantageously not burdening the verifier unit 120 with large volume of data to ensure effective and efficient operation of the verifier unit 120.
  • the server 125 may be implemented in a variety of computing systems, such as a mainframe computer, a network server, cloud, and the like.
  • FIG. 2 illustrates a system 200 for authenticating the display content.
  • the system 200 includes the electronic device 105 and the verifier unit 120.
  • the verifier unit 120 is an integral component of the electronic device 105.
  • the verifier unit 120 may be located at a location that allows the verifier unit 120 to remotely access the electronic device 105.
  • the electronic device 105 includes the display unit 110 and the controller 115.
  • the controller 115 is configured to determine the first dataset.
  • the first dataset includes the values pertaining to the functioning of the electronic device 105, which in this exemplary illustration is the fuel dispenser.
  • the controller 115 is communicably coupled to the verifier unit 120 via one of a wired and/or wireless connections such as, Bluetooth, Near Field Communications (NFC), infrared, Wi-Fi, GPRS, LTE, Edge, and the like. Thereby, the controller 110 transmits the first dataset to the verifier unit 120.
  • a wired and/or wireless connections such as, Bluetooth, Near Field Communications (NFC), infrared, Wi-Fi, GPRS, LTE, Edge, and the like.
  • the system 200 includes one or more transceivers 205, a processor 210, an input/output (I/O) interface 215, and a memory 220.
  • the transceiver 205 may be implemented as a device capable of at least receiving and transmitting the first dataset and the second dataset to and from the controller 115, receiving and transmitting the data required to append the digital signature to and from the server 125, and information pertaining to the authenticity of the display content to one of the server 125, a user device and a combination thereof.
  • the processor 210 may be implemented as one or more microprocessors, microcomputers, microcontrollers, digital signal processors, central processing units, state machines, logic circuitries, single board computers, and/or any devices that manipulate signals based on operational instructions.
  • the system 200 includes one processor 210.
  • the system 200 may include multiple processors as per the requirement and without deviating from the scope of the present disclosure.
  • the processor 210 is configured to fetch and execute computer-readable instructions stored in the memory 220.
  • the RO interface 215 may include a variety of software and hardware interfaces, for example, a web interface, a graphical user interface, serial interface, MOD-BUS or BACnet interface and the like.
  • the RO interface 215 may allow a user to interact with the system 200 directly or via an auxiliary device.
  • the I/O interface 215 may enable the system 200 to communicate with other computing devices, such as the server 125, web servers and external data servers (not shown).
  • the I/O interface 215 may facilitate multiple communications within a wide variety of networks and protocol types, including wired networks, for example, LAN, cable, etc., and wireless networks, such as WLAN, cellular, or satellite.
  • the I/O interface 215 may include one or more ports for connecting a number of devices to one another or to another server. In the illustrated embodiment, the I/O interface 215 is communicably coupled to the memory 220 of the system 200.
  • the memory 220 may include any computer-readable medium known in the art including, for example, volatile memory, such as static random access memory (SRAM) and dynamic random access memory (DRAM), and/or non-volatile memory, such as read only memory (ROM), erasable programmable ROM, flash memories, hard disks, optical disks, and magnetic tapes.
  • volatile memory such as static random access memory (SRAM) and dynamic random access memory (DRAM)
  • DRAM dynamic random access memory
  • non-volatile memory such as read only memory (ROM), erasable programmable ROM, flash memories, hard disks, optical disks, and magnetic tapes.
  • the processor 210 of the verifier unit 120 includes a signature generation unit 225, a signature verification unit 230, an image processing unit 235, an image capture unit 240, a decision unit 245, and a storage unit 250.
  • each of the aforementioned units are configured to communicate with the processor 210 to authenticate the display content.
  • each of the aforementioned units include individual or multiple processors and memory to authenticate the display content.
  • the verifier unit 120 is configured to receive the first dataset from the controller 115 of the electronic device 115.
  • the first dataset includes values corresponding to the functioning of the electronic device 105.
  • the verifier unit 120 includes the signature generation unit 225.
  • the signature generation unit 225 of the verifier unit 120 is configured to receive the first dataset from the controller 115.
  • the signature generation unit 225 is an integral component of the verifier unit 120.
  • the signature generation unit 225 may be located within the server 125 and communicably coupled to the verifier unit 120.
  • the signature generation unit 225 receives the first dataset via the transceiver 205.
  • the signature generation unit 225 receives the first dataset via one or more user devices communicably coupled to the system 200 via the I/O interface 215.
  • the signature generation unit 225 is configured to append the digital signature to the first dataset.
  • the signature generation unit 225 utilizes the first dataset and one of, but not limited to, a private key and at least one symmetric key to generate the digital signature.
  • the signature generation unit 225 appends the digital signature to the first dataset to thereby form the second dataset.
  • the second dataset includes the first dataset and the digital signature.
  • the signature generation unit 225 receives one of, but not limited to, a private key and at least one symmetric key from the storage unit 250 of the processor 210 of the verifier unit 120.
  • the processor 210 receives one of, but not limited to, a private key and at least one symmetric key from one of, but not limited to, the server 125, a smart card, a secure element, and a user device (not shown).
  • the user device may be at least one of, but not limited to, a smartphone and a pen drive.
  • the signature generation unit 225 On receiving one of, but not limited to, a private key and at least one symmetric key, the signature generation unit 225 generates the digital signature and appends the digital signature to the first dataset to form the second dataset.
  • the signature generation unit 225 is located at the server 125. As such, the signature generation unit 225 receives the first dataset, and generates the digital signature utilizing one of, but not limited to, a private key and at least one symmetric key and thereafter appends the digital signature to the first dataset to form the second dataset. On appending, the signature generation unit 225 transmits the second dataset to the processor 210 of the verifier unit 120. In yet another embodiment, the signature generation unit 225 is configured to only generate the digital signature utilizing one of, but not limited to, a private key and at least one symmetric key and thereafter transmit the digital signature to the processor 210 of the verifier unit 120.
  • the processor 210 Upon receiving, the processor 210 appends the digital signature to the first dataset to form the second dataset. [0032] By doing so, the processor 210 is not accumulated with data pertaining to the one of the private key, the at least one symmetric key, and the hash function. Advantageously, the processor 210 is not burdened with large volume of data beyond the capacity of the processor 210, thereby ensuring effective and efficient operation of the controller 210.
  • the signature generation unit 225 on receiving the first dataset, is configured to, prior to appending, store the first dataset within the storage unit 250 so that the first dataset may be retrieved by the processor 210 when required at a later stage.
  • the signature generation unit 225 is configured to, prior to appending, encrypt the first dataset utilizing at least one encryption technique known to person skilled in the art. For example, a hash function is applied on the first dataset to generate a hash of the first dataset. Subsequently, the second dataset, including the first dataset and the hash, is formed.
  • the hash of the first dataset is subsequently stored in one of the storage unit 250 and the server 125 so that the hash of the first dataset may be retrieved by the processor 210 if required at a later stage.
  • the signature generation unit 225 relays the second dataset to the controller 115 of the electronic device 105.
  • the controller 115 transmits the second dataset to the display unit 110 in a manner in which an end user is able to visually comprehend.
  • the end user is at least one of, but not limited to, a customer, a vendor of the electronic device 105.
  • the second dataset is displayed on the display unit 110 in a machine readable format such as a barcode, a Quick Response (QR) code, and a Radio Frequency Identification (RFID).
  • QR Quick Response
  • RFID Radio Frequency Identification
  • the processor 210 of the verifier unit 120 further includes the image capture unit 240.
  • the image capture unit 240 is a camera that is configured to one of capture an image of the second dataset relayed to the display unit 110, and more specifically the second dataset displayed on the display unit 110.
  • the image capture unit 240 is further embodied as a scanning unit 240. Accordingly, the scanning unit 240 is configured to scan the barcode, the QR code, and the RFID displayed on the display unit 110. Owing to the image capture unit 240, the verifier unit 120 avoids requirement of a direct connection between the display unit 110 of the electronic device 105 and the verifier unit 120, thereby advantageously avoiding risks of third party influences.
  • the verification unit 120 further includes the image processing unit 235.
  • the image processing unit 235 is embodied as separate from the image capture unit 240. However, in alternate embodiments, the image processing unit 235 may be an integral part of the image capture unit 240 or the signature verification unit 230.
  • the image processing unit 235 is communicably coupled to the image capture unit 240 to receive the image of the second dataset displayed on the display unit 110. On receiving, the image processing unit 235 is configured to process the image of the second dataset. More specifically, the image processing unit 235 processes the image of the second dataset to retrieve the first dataset, hereinafter referred to as “the third dataset”, and the digital signature in an electronic format from therein. The image processing unit 235 thereafter transmits the electronic format of the digital signature to the signature verification unit 230. In one embodiment, the image processing unit 235 processes the image of the second dataset to retrieve the third dataset and the hash in an electronic format from therein.
  • the signature verification unit 230 is configured to verify the digital signature retrieved from the image of the second dataset utilizing at least one of, but not limited to, a public key and the at least one symmetric key. Similar to the signature generation unit 225, the signature verification unit 230 receives one of, but not limited to, the public key and the at least one symmetric key required to verify the digital signature. In another embodiment, the signature verification unit 230 receives one of, but not limited to, the public key and the at least one symmetric key from one of, but not limited to, the server 125, a smart card, a secure element, and the user device (not shown).
  • the signature verification unit 230 is configured to verify the digital signature utilizing one of, but not limited to, the public key and the at least one symmetric key.
  • the signature verification unit 230 is configured to receive the hash of the first dataset in the electronic format from the image processing unit 235. On receiving, the signature verification unit 230 is configured to utilize a hash function and the third dataset to generate a hash, hereinafter referred to as “the verification hash”.
  • the verifier unit 120 further includes the decision unit 245 communicably coupled to the signature verification unit 230, the image processing unit 235, and the storage unit 250. Initially, the decision unit 245 is configured to receive confirmation of the verification of the digital signature retrieved from the image of the second dataset from the signature verification unit 230.
  • the decision unit 245 is configured to receive the third dataset from the image processing unit 235 and a copy of the first dataset stored in the storage unit 250 (as mentioned earlier). On receiving, the decision unit 245 is configured to verify if the third dataset satisfies a predefined criteria. More specifically, the decision unit 245 compares the third dataset with the with the copy of the first dataset to check if the pre-defined criteria are satisfied.
  • the predefined criteria pertain to third dataset received from the image processing unit 235 is identical to the copy of the first dataset received from the storage unit 250.
  • the decision unit 245 is configured to receive the verification hash from the signature verification unit 230 and the hash of the first dataset in an electronic format retrieved from the second dataset utilizing the image processing unit 235. Accordingly, the decision unit 245 compares the verification hash and the hash to check if the predefined criteria is satisfied. As per the present embodiment, the predefined criteria pertain to verification hash is identical to the hash. [0042] On satisfaction of the predefined criteria as mentioned in the above embodiments and verification of the digital signature, the decision unit 245 is configured to verify the first dataset and, thereby authenticate the display content displayed on the display unit 110 of the electronic device 105.
  • the decision unit 245 is configured to trigger a visual indication (not shown) on one of the electronic device 105 and the user devices of the end user. For example, on comparison, if the decision unit 245 determines that the predefined criteria is satisfied, the decision unit 245 provides a green colored visual indication which in turn indicates the authenticity of the display content. Similarly, if the decision unit 245 determines that the predefined criteria is not satisfied, the decision unit 245 provides a red colored visual indication.
  • the decision unit 245 is communicably coupled to the server 125. Doing so, the decision unit 245 is configured to transmit a decision corresponding to the satisfaction of the predefined criteria to the server 125 basis the comparison for one of, but not limited to, documentation, administrative purposes, and supervision. In yet another embodiment, the decision unit 245 is communicably coupled to the controller 115 of the electronic device 105. As such, on receiving the decision pertaining to the satisfaction of the predefined criteria, the controller 115 may be configured based on a repetition in failure to satisfy the predefined criteria. For example, if the predefined criteria is not satisfied for a fixed number of times, the user may switch off the electronic device 105.
  • the processor 210 via the image capture unit 240, the signature verification unit 230, and the decision unit 245 is configured to authenticate the display content independently and without directly communicating with the display unit 110 of the electronic device 105, thereby eliminating risks associated with tampering or modifications to the display content by third party.
  • FIG. 3 is a flow chart of a method 300 for authenticating the display content, according to one or more embodiments of the present invention. More specifically, the method 300 is directed toward authenticating the display content displayed on the display unit 110 of the electronic device 105. As mentioned earlier, the electronic device 105 is explained with respect to the fuel dispenser. Accordingly, the display content or the first dataset displayed on the display unit pertains to the rate and quantity of fuel dispensed, as determined by the controller 115 in real time. For the purpose of description, the method 300 is described with the embodiments as illustrated in FIGs 1-2. Further, in order to avoid repetition and for the sake of brevity, the description for the FIGs 1-2 should be referred and should nowhere be construed as limiting the scope of the present disclosure
  • the method 300 includes the step of receiving, by the processor 210, the first dataset from the electronic device 105.
  • the method 300 includes the step of appending, by the processor 210, the digital signature to the first dataset to form the second dataset.
  • the method 300 includes the step of relaying, by the processor 210, the second dataset to the display unit 110 of the electronic device 105 subsequent to appending the digital signature.
  • the method 300 includes the step of receiving, by the processor 210, the relayed second dataset displayed on the display unit 110.
  • the method 300 includes the step of retrieving, by the processor 210, the first dataset and the digital signature from the relayed second dataset.
  • the method 300 includes the step of verifying, by the processor 210, the digital signature utilizing the retrieved digital signature and one of a public key and the at least one symmetric key.
  • the method 300 includes the step of authenticating, by the processor 210, the display content of the electronic device 105 based on the satisfaction of the pre-defined criteria.

Abstract

A method and system for authenticating display content is provided. The method includes receiving a first dataset from an electronic device and further appending a digital signature to the first dataset to form a second dataset. Thereafter, the second dataset is relayed to a display unit of the electronic device. The relayed second dataset is representative of the display content displayed on the display unit. The method further includes receiving the relayed second dataset displayed on the display unit and retrieving the first dataset and the digital signature from the relayed second dataset. Further, the method includes verifying the digital signature utilizing the retrieved first digital signature and one of a public key and the at least one symmetric key and thereby authenticating the display content of the electronic device based on the satisfaction of the pre-defined criteria.

Description

METHOD AND SYSTEM FOR AUTHENTICATING DISPLAY CONTENT FIELD OF THE INVENTION
[0001] The present invention relates to display contents displayed on a display unit, and more particularly relates to authenticating the display contents displayed on the display unit.
BACKGROUND OF THE INVENTION
[0002] Generally, electronic devices utilize one or more display units to display information pertaining to a functioning thereof. For example, in a scenario where the electronic device is a fuel pump dispenser, the dispenser includes the display unit to display a quantity of fuel dispensed and corresponding rate for the same.
[0003] In this regard, for the fuel dispenser to display the aforementioned information, the fuel dispenser typically includes a controller in communication with a plurality of sensors to measure the quantity of fuel and thereafter determine a corresponding cost for the quantity of fuel dispensed. Subsequent to determination, the controller transfers the information to the display unit for displaying the same.
[0004] However, subsequent to determination and prior to displaying the information, the information may be accessed by unauthorized personnel. The unauthorized personnel may include one of an employee, a consumer, and a social miscreant. On accessing the information, the third-party personnel may tamper or modify the information, such as one of lowering or raising the rate for the quantity of the fuel dispensed and thereby causing losses to all parties involved.
[0005] In view of the above, there is a dire requirement for a system and/or method to authenticate the information displayed on the display unit of the electronic device.
BRIEF SUMMARY OF THE INVENTION
[0006] One or more embodiments of the present invention provide a system and method for authenticating display content.
[0007] In one aspect of the invention, a method of authenticating display content. The method includes the step of receiving, by a processor, a first dataset from an electronic device. The first dataset pertains to values corresponding to a function of the electronic device. The method further includes the step of appending, by the processor, a digital signature to the first dataset to form a second dataset. Thereafter, the method includes the step of relaying, by the processor, the second dataset to a display unit of the electronic device. The relayed second dataset is representative of the display content displayed on the display unit. The method includes the step of receiving, by the processor, the relayed second dataset displayed on the display unit and retrieving, by the processor, the digital signature from the relayed second dataset. Further, the method includes the step of verifying, by the processor, the digital signature utilizing the retrieved first digital signature and one of a public key and the at least one symmetric key and thereby authenticating the display content of the electronic device based on the satisfaction of the pre-defined criteria.
[0008] In another aspect of the invention, a system for authenticating a display content is disclosed. The system includes a memory and a processor coupled to the memory including executable instructions. The processor is configured to receive a first dataset from an electronic device. The first dataset pertains to values corresponding to a function of the electronic device. The processor is configured to append a digital signature to the first dataset to form a second dataset. Thereafter, the processor is configured to relay the second dataset to a display unit via the electronic device. The relayed second dataset is representative of the display content displayed on the display unit. The processor is configured to receive the relayed second dataset displayed on the display unit and retrieving, by the processor, the digital signature from the relayed second dataset. Further, the processor is configured to verify the digital signature utilizing the retrieved first digital signature and one of a public key and the at least one symmetric key and thereby authenticate the display content of the electronic device based on the satisfaction of the pre-defined criteria.
[0009] Other features and aspects of this invention will be apparent from the following description and the accompanying drawings. The features and advantages described in this summary and in the following detailed description are not all- inclusive, and particularly, many additional features and advantages will be apparent to one of ordinary skill in the relevant art, in view of the drawings, specification, and claims hereof. Moreover, it should be noted that the language used in the specification has been principally selected for readability and instructional purposes, and may not have been selected to delineate or circumscribe the inventive subject matter, resort to the claims being necessary to determine such inventive subject matter.
BRIEF DESCRIPTION OF THE DRAWINGS
[0010] Reference will be made to embodiments of the invention, examples of which may be illustrated in the accompanying figures. These figures are intended to be illustrative, not limiting. The accompanying figures, which are incorporated in and constitute a part of the specification, are illustrative of one or more embodiments of the disclosed subject matter and together with the description explain various embodiments of the disclosed subject matter and are intended to be illustrative. Further, the accompanying figures have not necessarily been drawn to scale, and any values or dimensions in the accompanying figures are for illustration purposes only and may or may not represent actual or preferred values or dimensions. Although the invention is generally described in the context of these embodiments, it should be understood that it is not intended to limit the scope of the invention to these particular embodiments.
[0011] FIG. 1 is a block diagram of an environment for authenticating display content, according to one or more embodiments of the present invention;
[0012] FIG. 2 is a schematic representation of a system for authenticating the display content, according to one or more embodiments of the present invention; and
[0013] FIG. 3 shows a flow chart of a method for authenticating the display content, according to one or more embodiments of the present invention.
DETAILED DESCRIPTION OF THE INVENTION
[0014] Reference will now be made in detail to specific embodiments or features, examples of which are illustrated in the accompanying drawings. Wherever possible, corresponding or similar reference numbers will be used throughout the drawings to refer to the same or corresponding parts. References to various elements described herein, are made collectively or individually when there may be more than one element of the same type. However, such references are merely exemplary in nature. It may be noted that any reference to elements in the singular may also be construed to relate to the plural and vice-versa without limiting the scope of the invention to the exact number or type of such elements unless set forth explicitly in the appended claims. Moreover, relational terms such as first and second, and the like, may be used to distinguish one entity from the other, without necessarily implying any actual relationship or between such entities.
[0015] FIG. 1 illustrates a block diagram of an environment 100 for authenticating display content. The environment 100 includes an electronic device 105. The electronic device 105 is configured and adapted to be operated as per a requirement of the user, and further provide a visual representation indicative of the operation and functioning of the electronic device on a display unit 110 of the electronic device 105. The visual representation includes values and/or data pertaining to the operation and a function of the electronic device 105. For the purpose of description and illustration, the electronic device 105 of the present invention will be described and embodied with respect to a fuel dispenser. It is, however, to be noted that electronic device 105 may be one of, but not limited to, a weighing machine and a currency counting machine without deviating from the scope of the present disclosure.
[0016] The electronic device 105 further includes a controller 115. The controller 115 is configured to one of receive and generate information pertaining to the functioning of the electronic device 105, and thereafter determines the values and/or data, hereinafter referred to as “a first dataset”. The controller 115 may be implemented as one or more microprocessors, microcomputers, microcontrollers, digital signal processors, central processing units, state machines, logic circuitries, single board computer, and/or any devices that manipulate signals based on operational instructions.
[0017] The environment 100 includes a verifier unit 120. The verifier unit 120 is communicably coupled to the controller 115 of the electronic device 105. In one embodiment, the verifier unit 120 is an integral element of the electronic device 105. In alternate embodiments the verifier unit 120 may be positioned at location remotely accessible by the controller 115. The verifier unit 120 is configured to receive the first dataset from the controller 115 of the electronic device 105. On receiving, the verifier unit 120 is configured to append a digital signature to the first dataset and thereby form a second dataset. The verifier unit 120 is configured to transfer the second dataset to the controller 115 of the electronic device 105. On receiving, the controller 115 is configured to the transfer the second dataset to the display unit 110 and thereafter display the second dataset thereon.
[0018] Subsequently, the verifier unit 120 one of receives and captures a representation indicative of the second dataset displayed on the display unit 110. The verifier unit 120 is configured to authenticate an authenticity of the representation of the second dataset received. The operational and constructional features of the verifier unit 120 will be explained in detail in the following figures.
[0019] The environment 100 further includes a server 125 in communication with the verifier unit 120 of the electronic device 105. The server 125 is in communication with the verifier unit 120 via a network 130. In one embodiment, the verifier unit 120 is pre -registered with the server 125. In one embodiment, the verifier unit 120 is configured to receive input required to append the digital signature to the first dataset from the server 125.
[0020] By doing so, the verifier unit 120 is not accumulated with data required to append the digital signature to the first dataset, and thereby, advantageously not burdening the verifier unit 120 with large volume of data to ensure effective and efficient operation of the verifier unit 120. It may be understood that the server 125 may be implemented in a variety of computing systems, such as a mainframe computer, a network server, cloud, and the like.
[0021] Referring to FIG. 2, FIG. 2 illustrates a system 200 for authenticating the display content. The system 200 includes the electronic device 105 and the verifier unit 120. In the illustrated embodiment, the verifier unit 120 is an integral component of the electronic device 105. However, in alternate embodiments, the verifier unit 120 may be located at a location that allows the verifier unit 120 to remotely access the electronic device 105. [0022] The electronic device 105 includes the display unit 110 and the controller 115. As mentioned earlier, the controller 115 is configured to determine the first dataset. The first dataset includes the values pertaining to the functioning of the electronic device 105, which in this exemplary illustration is the fuel dispenser. Accordingly, the controller 115 is communicably coupled to the verifier unit 120 via one of a wired and/or wireless connections such as, Bluetooth, Near Field Communications (NFC), infrared, Wi-Fi, GPRS, LTE, Edge, and the like. Thereby, the controller 110 transmits the first dataset to the verifier unit 120.
[0023] As per the illustrated embodiment, the system 200, and more specifically, the verifier unit 120 of the system 200, includes one or more transceivers 205, a processor 210, an input/output (I/O) interface 215, and a memory 220. The transceiver 205 may be implemented as a device capable of at least receiving and transmitting the first dataset and the second dataset to and from the controller 115, receiving and transmitting the data required to append the digital signature to and from the server 125, and information pertaining to the authenticity of the display content to one of the server 125, a user device and a combination thereof.
[0024] The processor 210 may be implemented as one or more microprocessors, microcomputers, microcontrollers, digital signal processors, central processing units, state machines, logic circuitries, single board computers, and/or any devices that manipulate signals based on operational instructions. As per the illustrated embodiment, the system 200 includes one processor 210. However, it is to be noted that the system 200 may include multiple processors as per the requirement and without deviating from the scope of the present disclosure. Among other capabilities, the processor 210 is configured to fetch and execute computer-readable instructions stored in the memory 220.
[0025] The RO interface 215 may include a variety of software and hardware interfaces, for example, a web interface, a graphical user interface, serial interface, MOD-BUS or BACnet interface and the like. The RO interface 215 may allow a user to interact with the system 200 directly or via an auxiliary device. Further, the I/O interface 215 may enable the system 200 to communicate with other computing devices, such as the server 125, web servers and external data servers (not shown). The I/O interface 215 may facilitate multiple communications within a wide variety of networks and protocol types, including wired networks, for example, LAN, cable, etc., and wireless networks, such as WLAN, cellular, or satellite. The I/O interface 215 may include one or more ports for connecting a number of devices to one another or to another server. In the illustrated embodiment, the I/O interface 215 is communicably coupled to the memory 220 of the system 200.
[0026] The memory 220 may include any computer-readable medium known in the art including, for example, volatile memory, such as static random access memory (SRAM) and dynamic random access memory (DRAM), and/or non-volatile memory, such as read only memory (ROM), erasable programmable ROM, flash memories, hard disks, optical disks, and magnetic tapes.
[0027] Further, in order to authenticate the display content, the processor 210 of the verifier unit 120 includes a signature generation unit 225, a signature verification unit 230, an image processing unit 235, an image capture unit 240, a decision unit 245, and a storage unit 250. In one embodiment, each of the aforementioned units are configured to communicate with the processor 210 to authenticate the display content. In an alternate embodiment, each of the aforementioned units include individual or multiple processors and memory to authenticate the display content.
[0028] As mentioned earlier, the verifier unit 120 is configured to receive the first dataset from the controller 115 of the electronic device 115. The first dataset includes values corresponding to the functioning of the electronic device 105. More specifically, the verifier unit 120 includes the signature generation unit 225. Accordingly, the signature generation unit 225 of the verifier unit 120 is configured to receive the first dataset from the controller 115. Further, as per the illustrated embodiment, the signature generation unit 225 is an integral component of the verifier unit 120. However, in alternate embodiments, the signature generation unit 225 may be located within the server 125 and communicably coupled to the verifier unit 120. In one embodiment, the signature generation unit 225 receives the first dataset via the transceiver 205. In an alternate embodiment, the signature generation unit 225 receives the first dataset via one or more user devices communicably coupled to the system 200 via the I/O interface 215.
[0029] On receiving, the signature generation unit 225 is configured to append the digital signature to the first dataset. The signature generation unit 225 utilizes the first dataset and one of, but not limited to, a private key and at least one symmetric key to generate the digital signature. Subsequently, the signature generation unit 225 appends the digital signature to the first dataset to thereby form the second dataset. The second dataset includes the first dataset and the digital signature.
[0030] Accordingly, the signature generation unit 225 receives one of, but not limited to, a private key and at least one symmetric key from the storage unit 250 of the processor 210 of the verifier unit 120. In one embodiment, the processor 210 receives one of, but not limited to, a private key and at least one symmetric key from one of, but not limited to, the server 125, a smart card, a secure element, and a user device (not shown). The user device may be at least one of, but not limited to, a smartphone and a pen drive. On receiving one of, but not limited to, a private key and at least one symmetric key, the signature generation unit 225 generates the digital signature and appends the digital signature to the first dataset to form the second dataset.
[0031] As mentioned earlier, in an alternate embodiment, the signature generation unit 225 is located at the server 125. As such, the signature generation unit 225 receives the first dataset, and generates the digital signature utilizing one of, but not limited to, a private key and at least one symmetric key and thereafter appends the digital signature to the first dataset to form the second dataset. On appending, the signature generation unit 225 transmits the second dataset to the processor 210 of the verifier unit 120. In yet another embodiment, the signature generation unit 225 is configured to only generate the digital signature utilizing one of, but not limited to, a private key and at least one symmetric key and thereafter transmit the digital signature to the processor 210 of the verifier unit 120. Upon receiving, the processor 210 appends the digital signature to the first dataset to form the second dataset. [0032] By doing so, the processor 210 is not accumulated with data pertaining to the one of the private key, the at least one symmetric key, and the hash function. Advantageously, the processor 210 is not burdened with large volume of data beyond the capacity of the processor 210, thereby ensuring effective and efficient operation of the controller 210.
[0033] In one embodiment, on receiving the first dataset, the signature generation unit 225 is configured to, prior to appending, store the first dataset within the storage unit 250 so that the first dataset may be retrieved by the processor 210 when required at a later stage. In an alternate embodiment, the signature generation unit 225 is configured to, prior to appending, encrypt the first dataset utilizing at least one encryption technique known to person skilled in the art. For example, a hash function is applied on the first dataset to generate a hash of the first dataset. Subsequently, the second dataset, including the first dataset and the hash, is formed. In yet another embodiment, the hash of the first dataset is subsequently stored in one of the storage unit 250 and the server 125 so that the hash of the first dataset may be retrieved by the processor 210 if required at a later stage.
[0034] On formation of the second dataset, the signature generation unit 225 relays the second dataset to the controller 115 of the electronic device 105. The controller 115, in turn, transmits the second dataset to the display unit 110 in a manner in which an end user is able to visually comprehend. The end user is at least one of, but not limited to, a customer, a vendor of the electronic device 105. In addition, in an alternate embodiment, the second dataset is displayed on the display unit 110 in a machine readable format such as a barcode, a Quick Response (QR) code, and a Radio Frequency Identification (RFID).
[0035] The processor 210 of the verifier unit 120 further includes the image capture unit 240. The image capture unit 240 is a camera that is configured to one of capture an image of the second dataset relayed to the display unit 110, and more specifically the second dataset displayed on the display unit 110. In one embodiment, the image capture unit 240 is further embodied as a scanning unit 240. Accordingly, the scanning unit 240 is configured to scan the barcode, the QR code, and the RFID displayed on the display unit 110. Owing to the image capture unit 240, the verifier unit 120 avoids requirement of a direct connection between the display unit 110 of the electronic device 105 and the verifier unit 120, thereby advantageously avoiding risks of third party influences.
[0036] The verification unit 120 further includes the image processing unit 235. In the illustrated embodiment, the image processing unit 235 is embodied as separate from the image capture unit 240. However, in alternate embodiments, the image processing unit 235 may be an integral part of the image capture unit 240 or the signature verification unit 230. The image processing unit 235 is communicably coupled to the image capture unit 240 to receive the image of the second dataset displayed on the display unit 110. On receiving, the image processing unit 235 is configured to process the image of the second dataset. More specifically, the image processing unit 235 processes the image of the second dataset to retrieve the first dataset, hereinafter referred to as “the third dataset”, and the digital signature in an electronic format from therein. The image processing unit 235 thereafter transmits the electronic format of the digital signature to the signature verification unit 230. In one embodiment, the image processing unit 235 processes the image of the second dataset to retrieve the third dataset and the hash in an electronic format from therein.
[0037] On receiving, the signature verification unit 230 is configured to verify the digital signature retrieved from the image of the second dataset utilizing at least one of, but not limited to, a public key and the at least one symmetric key. Similar to the signature generation unit 225, the signature verification unit 230 receives one of, but not limited to, the public key and the at least one symmetric key required to verify the digital signature. In another embodiment, the signature verification unit 230 receives one of, but not limited to, the public key and the at least one symmetric key from one of, but not limited to, the server 125, a smart card, a secure element, and the user device (not shown). Subsequently, the signature verification unit 230 is configured to verify the digital signature utilizing one of, but not limited to, the public key and the at least one symmetric key. [0038] In yet another embodiment, the signature verification unit 230 is configured to receive the hash of the first dataset in the electronic format from the image processing unit 235. On receiving, the signature verification unit 230 is configured to utilize a hash function and the third dataset to generate a hash, hereinafter referred to as “the verification hash”.
[0039] The verifier unit 120 further includes the decision unit 245 communicably coupled to the signature verification unit 230, the image processing unit 235, and the storage unit 250. Initially, the decision unit 245 is configured to receive confirmation of the verification of the digital signature retrieved from the image of the second dataset from the signature verification unit 230.
[0040] Further, the decision unit 245 is configured to receive the third dataset from the image processing unit 235 and a copy of the first dataset stored in the storage unit 250 (as mentioned earlier). On receiving, the decision unit 245 is configured to verify if the third dataset satisfies a predefined criteria. More specifically, the decision unit 245 compares the third dataset with the with the copy of the first dataset to check if the pre-defined criteria are satisfied. The predefined criteria pertain to third dataset received from the image processing unit 235 is identical to the copy of the first dataset received from the storage unit 250.
[0041] In an alternate embodiment, the decision unit 245 is configured to receive the verification hash from the signature verification unit 230 and the hash of the first dataset in an electronic format retrieved from the second dataset utilizing the image processing unit 235. Accordingly, the decision unit 245 compares the verification hash and the hash to check if the predefined criteria is satisfied. As per the present embodiment, the predefined criteria pertain to verification hash is identical to the hash. [0042] On satisfaction of the predefined criteria as mentioned in the above embodiments and verification of the digital signature, the decision unit 245 is configured to verify the first dataset and, thereby authenticate the display content displayed on the display unit 110 of the electronic device 105.
[0043] Accordingly, in one embodiment, the decision unit 245 is configured to trigger a visual indication (not shown) on one of the electronic device 105 and the user devices of the end user. For example, on comparison, if the decision unit 245 determines that the predefined criteria is satisfied, the decision unit 245 provides a green colored visual indication which in turn indicates the authenticity of the display content. Similarly, if the decision unit 245 determines that the predefined criteria is not satisfied, the decision unit 245 provides a red colored visual indication.
[0044] In another embodiment, the decision unit 245 is communicably coupled to the server 125. Doing so, the decision unit 245 is configured to transmit a decision corresponding to the satisfaction of the predefined criteria to the server 125 basis the comparison for one of, but not limited to, documentation, administrative purposes, and supervision. In yet another embodiment, the decision unit 245 is communicably coupled to the controller 115 of the electronic device 105. As such, on receiving the decision pertaining to the satisfaction of the predefined criteria, the controller 115 may be configured based on a repetition in failure to satisfy the predefined criteria. For example, if the predefined criteria is not satisfied for a fixed number of times, the user may switch off the electronic device 105.
[0045] Accordingly and advantageously, the processor 210 via the image capture unit 240, the signature verification unit 230, and the decision unit 245 is configured to authenticate the display content independently and without directly communicating with the display unit 110 of the electronic device 105, thereby eliminating risks associated with tampering or modifications to the display content by third party.
[0046] FIG. 3 is a flow chart of a method 300 for authenticating the display content, according to one or more embodiments of the present invention. More specifically, the method 300 is directed toward authenticating the display content displayed on the display unit 110 of the electronic device 105. As mentioned earlier, the electronic device 105 is explained with respect to the fuel dispenser. Accordingly, the display content or the first dataset displayed on the display unit pertains to the rate and quantity of fuel dispensed, as determined by the controller 115 in real time. For the purpose of description, the method 300 is described with the embodiments as illustrated in FIGs 1-2. Further, in order to avoid repetition and for the sake of brevity, the description for the FIGs 1-2 should be referred and should nowhere be construed as limiting the scope of the present disclosure
[0047] At step 305, the method 300 includes the step of receiving, by the processor 210, the first dataset from the electronic device 105.
[0048] At step 310, the method 300 includes the step of appending, by the processor 210, the digital signature to the first dataset to form the second dataset.
[0049] At step 315, the method 300 includes the step of relaying, by the processor 210, the second dataset to the display unit 110 of the electronic device 105 subsequent to appending the digital signature.
[0050] At step 320, the method 300 includes the step of receiving, by the processor 210, the relayed second dataset displayed on the display unit 110.
[0051] At step 325, the method 300 includes the step of retrieving, by the processor 210, the first dataset and the digital signature from the relayed second dataset.
[0052] At step 330, the method 300 includes the step of verifying, by the processor 210, the digital signature utilizing the retrieved digital signature and one of a public key and the at least one symmetric key.
[0053] At step 335, the method 300 includes the step of authenticating, by the processor 210, the display content of the electronic device 105 based on the satisfaction of the pre-defined criteria.
[0054] Various embodiments disclosed herein are to be taken in the illustrative and explanatory sense and should in no way be construed as limiting of the present invention. While aspects of the present invention have been particularly shown and described with reference to the embodiments above, it will be understood by those skilled in the art that various additional embodiments may be contemplated by the modification of the disclosed machines, systems and methods without departing from the scope of what is disclosed. Such embodiments should be understood to fall within the scope of the present invention as determined based upon the claims and any equivalents thereof.

Claims

Claims: We Claim:
1. A method of authenticating display content, the method comprising the steps of: receiving, by a processor, a first dataset from an electronic device, the first dataset pertaining to values corresponding to a function of the electronic device; appending, by the processor, a digital signature to the first dataset to form a second dataset; relaying, by the processor, the second dataset to a display unit of the electronic device subsequent to appending the digital signature, the relayed second dataset representative of the display content displayed on the display unit; receiving, by the processor, the relayed second dataset displayed on the display unit; retrieving, by the processor, the first dataset and the digital signature from the relayed second dataset; verifying, by the processor, the digital signature utilizing the retrieved digital signature and one of a public key and the at least one symmetric key; and authenticating, by the processor, the display content of the electronic device based on the satisfaction of the pre-defined criteria.
2. The method as claimed in claim 1 , wherein the second dataset comprises the first dataset and the digital signature appended thereto.
3. The method as claimed in claim 1, wherein the step of appending, by the processor, the digital signature to the first dataset to form the second dataset comprises: generating the digital signature utilizing one of a private key, at least one symmetric key, and a hash function; and appending the digital signature to the original first dataset to form the second dataset. The method as claimed in claim 1 , wherein the relayed second dataset displayed on the display unit is captured from the display unit via one of an image capture unit and a scanning unit. The method as claimed in claim 4, wherein the image capture unit is configured to capture an image of the relayed second dataset displayed on the display unit The method as claimed in claim 4, wherein the scanning unit is configured to scan a barcode, a Quick Response (QR) code, and a Radio Frequency Identification (RFID) displayed on the display unit. The method as claimed in claim 6, wherein the barcode, the QR code, and the RFID pertains to machine readable information pertaining to the relayed second dataset. The method as claimed in claim 1, wherein the step of verifying further comprises: receiving a third dataset, wherein the third dataset pertains to the first dataset retrieved from the image of the relayed second dataset; receiving, from the storage unit, a copy of the relayed first dataset received from the electronic device; comparing the third dataset with the copy of the first dataset to check if a pre-defined criteria is satisfied. The method as claimed in claim 8, wherein the pre-defined criteria pertain to the third dataset is identical to the copy of the first dataset. A system for authenticating a display content, the system comprising: a memory; and a processor coupled to the memory including executable instructions, the processor configured to: receive a first dataset from an electronic device, the first dataset pertaining to values corresponding to a function of the electronic device; append a digital signature to the first dataset to form a second dataset; relay the second dataset to a display unit of the electronic device subsequent to appending the digital signature, the relayed second dataset representative of the display content displayed on the display unit; receive the relayed second dataset displayed on the display unit; retrieve the first dataset and the digital signature from the relayed second dataset; verify the digital signature to check if a pre-defined criteria is satisfied; and authenticate the display content of the electronic device based on the satisfaction of the pre-defined criteria.
PCT/IN2023/050042 2022-01-20 2023-01-16 Method and system for authenticating display content WO2023139599A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
IN202241003221 2022-01-20
IN202241003221 2022-01-20

Publications (1)

Publication Number Publication Date
WO2023139599A1 true WO2023139599A1 (en) 2023-07-27

Family

ID=87347954

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/IN2023/050042 WO2023139599A1 (en) 2022-01-20 2023-01-16 Method and system for authenticating display content

Country Status (1)

Country Link
WO (1) WO2023139599A1 (en)

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2015066334A1 (en) * 2013-10-30 2015-05-07 Gilbarco Inc. Cryptographic watermarking of content in fuel dispensing environments
US20190114733A1 (en) * 2017-10-12 2019-04-18 Red Hat, Inc. Display content currentness validation

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2015066334A1 (en) * 2013-10-30 2015-05-07 Gilbarco Inc. Cryptographic watermarking of content in fuel dispensing environments
US20190114733A1 (en) * 2017-10-12 2019-04-18 Red Hat, Inc. Display content currentness validation

Similar Documents

Publication Publication Date Title
AU2017404207B2 (en) Information processing device and information processing method
CN110457957B (en) Information processing method and device of electronic bill, electronic equipment and medium
US10025957B2 (en) Learning a new peripheral using a security provisioning manifest
AU2014331686B2 (en) Fuel dispensing environment utilizing active sniffer to upgrade legacy equipment
CN110290522B (en) Risk identification method and device for mobile equipment and computer system
CN108702621B (en) Method and system for providing secure precision timing measurement exchange
US10803454B2 (en) ATM network resource exchange system
CN106465126A (en) Verifying a secure connection between a network beacon and a user computing device
CN110427785A (en) Acquisition methods and device, the storage medium and electronic device of device-fingerprint
EP3848862A1 (en) Method and apparatus for managing information about measurement device
US10131531B1 (en) System and method for managing a fuel dispensing account
CN107122970A (en) Safety certifying method, device, system, equipment, ATM and storage medium
CN109727132A (en) Acquisition methods, device, electronic equipment and the storage medium of block chain common recognition node
EP3151180A1 (en) Identification method and system
CN106464502A (en) Methods and systems for authentication of a communication device
CN115987570A (en) Safety detection method and device for supply chain management system
US10469493B2 (en) Mobile device, authentication device and authentication methods thereof
KR20190016289A (en) Method of remotely controlling bill counter
CN106034031B (en) Method, device, terminal and cloud authentication platform for acquiring identity information
WO2023139599A1 (en) Method and system for authenticating display content
KR102243130B1 (en) Unmanned print processing system
WO2015114215A1 (en) Authentication system and method for authenticating a user
KR20140082949A (en) Access control system using NFC communication and data exchange methods
US20210127263A1 (en) Device self-calibration and component resolution
WO2019204860A1 (en) Transaction compliance monitoring

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 23743082

Country of ref document: EP

Kind code of ref document: A1