WO2024069159A1 - A token for authenticating a product - Google Patents

Abstract

Apparatus, methods and processes are provided for authenticating a product. The apparatus includes a token comprising a holographic image that includes a random pattern that depicts moving physical pieces at a particular point in time, wherein each of the plurality of physical pieces is configured to move with at least one degree of freedom, and wherein the random pattern is interpretable to produce a token descriptor unique to the random pattern.

Description

A Token for Authenticating a Product

The present invention relates generally to a token for authenticating a product, a method of using the token, and a method of making the token. The invention finds particular, although not exclusive, utility in identifying counterfeit products.

Products available to buy often indicate a brand to identify the producer of the product. This brand is identified using stitching, printing, or adhesive graphics of the producer’s name or logo. The brand is used to convey information, such as the source, quality, or features of the product. Branding can be very powerful when selling products, and often purchasers will pay a premium for a popular or well-known brand.

However, unscrupulous producers may seek to falsely identify their products as being made by a more popular or well-known producer to profit from that brand, without permission. This practice gives rise to counterfeit products. However, counterfeit products may have inferior quality, which may cause damage to the reputation of the genuine producer. In addition, counterfeit products can result in lost sales for the genuine product manufacturer. In extreme cases, counterfeit products may even cause risk to life, for example, from faulty electronics or low quality safety equipment.

Existing systems for identifying counterfeit products often rely on close scrutiny of minor details on the product, such as the joints, by a specialist. This process may be commonly known as forensic testing. However, it is impractical to send a specialist to check every product sold around the world to determine its authenticity, especially for relatively cheap products such as integrated circuits.

Alternatively, a serial number or generic hologram may be added to the product to identify it, but this serial number or generic hologram may easily be duplicated by unscrupulous producers and transferred to counterfeit products.

In addition, a user may identify the presence of a generic hologram without the ability to distinguish between a genuine generic hologram and a similar fake generic hologram.

This means that there is a problem in that the average consumer may be unable to reliably determine the authenticity of a product.

In a first aspect, there is provided a token for authenticating a product that comprises a holographic image that includes a random pattern that depicts moving physical pieces at a particular point in time, wherein each of the plurality of physical pieces is configured to move with at least one degree of freedom, and wherein the random pattern is interpretable to produce a token descriptor unique to the random pattern.

In this way, the average person is able to reliably determine the authenticity of a product, without specialist product specific tools or training, based on the information contained within the token. The token is trustworthy as it is relatively difficult to duplicate even with access to the original settings and equipment used to make the genuine token.

The random pattern depicts moving physical pieces at a particular point in time. That is to say, the random pattern is a representation of moving physical pieces. The moving physical pieces are a plurality of physical pieces. The angle at which the hologram is viewed may affect the physical pieces, or portions thereof, that are visible in the random pattern.

In some examples, the token descriptor is a digital token descriptor.

Each of the plurality of physical pieces may be configured to move with one or more degrees of freedom. For example, each of the physical pieces depicted in the random pattern of the holographic image may have no identifiable and/or no visible constraints in one or more degrees of freedom. It is noted that physical systems can move with a maximum of six degrees of freedom, three components of translation and three components of rotation. The three components of translation are represented by three straight lines, each perpendicular to the other two. The three components of rotation are roll, pitch, and yaw. Movement in one or more degrees of freedom may be understood to be observable movement within one or more degrees of freedom, such as observable movement within three degrees of freedom. In some examples, the plurality of physical pieces may be asymmetrical, such as in colour, pattern, and/or shape to provide movement with six observable degrees of freedom.

Each of the plurality of physical pieces may be configured to move with at least three degrees of freedom. For example, each of the plurality of physical pieces may be configured to move with three degrees of translation.

The token may be a physical item, such as a label, a sticker, or a tag. In some examples, it may include other traditional elements, such as a voucher or certificate of ownership. The token may be configured to provide a trustable label using the holographic image to provide one or more unique patterns.

The term holographic image may be defined as an image that presents different information depending on the viewing angle, or more specifically, as an image comprising light information of an imaged scene as scattered in a plurality of different directions to enable the image to present different information depending on the viewing angle to give the perception of depth. Alternatively, or additionally, a holographic image may be defined as an interference pattern of laser light recorded photographically in a physical medium, wherein the laser light approaches the physical medium from different directions. In this example, the laser light may approach from at least two directions, and two of these directions may be separated by an angle of at least 80 degrees, at least 90 degrees or at least 175 degrees. The imaged scene may be at least partially reflective to enhance the contrast of the holographic image.

The random pattern may represent a random three dimensional arrangement of a plurality of physical pieces. The physical pieces may otherwise be referred to as objects. The random pattern may be formed using ultraviolet, visible, and/or infrared light. However, it may be understood that visible light is advantageous as it is captured by readily available imaging devices, such as smartphone cameras, and makes the presence of the token for identifying the product origin more readily identifiable by the human eye.

A token descriptor derivable from the random pattern may be provided. The random pattern may be imaged and processed to provide the token descriptor, for example, using a machine vision system. The token descriptor may be derived based on size, position, or orientation of a plurality of physical pieces shown within the holographic image. It may be understood that the random pattern of moving physical pieces at a particular point in time is a holographic representation of said plurality of physical pieces. The plurality of physical pieces may be asymmetrical, e.g. in colour or shape. In this way, the number of possible token descriptors that may be derived from the random pattern is increased.

To avoid a predetermined arrangement of physical pieces, the arrangement may be created using a random process. A random process does not provide a repeating sequence. To avoid a reproducible arrangement of physical pieces, specific features of the arrangement may not be deliberately arrangeable other than by the random process. For example, features of the arrangement may depend on interactions between the plurality of physical pieces, such as collisions or vortices.

The random pattern of the holographic image may comprise a snapshot in time of a plurality of physical pieces with positions that vary randomly over time due to at least some uncontrolled physical movement.

In this way, the security of the token is enhanced as the pattern is particularly difficult to recreate accurately.

The snapshot may be, more specifically, a representation of a scene, such as a plurality of physical pieces, captured over a short period of time. For example, the short period of time may be less than three seconds, less than one second, or less than a microsecond. Capturing a scene in periods of less than a microsecond may be achieved by using, for example, a pulsed laser with a pulse length of less than a microsecond.

The random pattern may include one or more random features. Random features within the random pattern may be those that take a relatively large number of different configurations using a process that ensures that particular configurations cannot be deliberately recreated. The process may be a random process. By way of example, this process may include capturing a time instant of physical pieces, such as balls or grains, moving around in a transparent container that contains a fluid that is at least partially transparent, such as air, in a holographic image. Whilst it is relatively simple to take an image of a time instant of this scene, attempting to recreate the exact scene would be relatively difficult.

Random features within the scene may contribute to the token descriptor. In some examples, there may be enough variations of the characteristics of the random features that it would take an infeasible number of attempts to intentionally recreate identical characteristics of the random features. In this case, infeasible may mean that, statistically, it would be likely to take more than a month, more than a year, or more than ten years to recreate identical characteristics. Even recreating a token as frequently as one token a month would prevent a profit from most counterfeit products, making the process cost prohibitive.

A plurality of physical pieces bouncing in a vibrating container is a random system where tiny differences in the initial conditions or energy inputs may result in completely different states after a short period of time. In addition, the characteristics of individual pieces of the plurality cannot be affected individually without visible changes, such as suspension wires. In some examples, the plurality of physical pieces may be moved for a predetermined period of time before the holographic image is captured. This technique may be used to increase the variance in the patterns of pieces.

In some examples, the holographic image may contain tamper-resistant elements that give a visual indication of whether the scene was under strong vibration, as it should be, or stationary to facilitate forced arrangement techniques. In some examples, a tamper-resistant element may include a visual indication that movement was present when the holographic image was captured, such as a small volume of liquid free to move and/or splash to indicate movement was occurring. Tamper-resistant elements may also include controlled features with known dimensions, such that optical distortions of these features are detectable if the random features are constrained by transparent media with a subtly incorrect refractive index, e.g. a transparent gel, frozen liquid or cured polymer. Tamper-resistant elements may also include one or more random features, such as liquid within a container, or a subdivided container, that is arranged to move around with the movement of the container, or subdivided container, to more clearly indicate that movement of the container is present.

In some examples, the plurality of physical pieces may be subdivided into a plurality of containers otherwise referred to as subdivided containers, with each container configured to retain one or more of the plurality of physical pieces. For example, the plurality of physical pieces may be subdivided into four containers within a cuboid. The four containers may be disposed in the interior corners directly adjacent to one face of the cuboid, such as the face of the cuboid that is first irradiated by a signal beam or reference beam of a laser of a holography setup. In this way, the holographic image of a token may be authenticated based on some but not all of the subdivided containers in the holographic image, such as least 50% or at least 75% of the subdivided containers, even if the portion of the holographic image comprising one of the subdivided containers is scratched or damaged. Each subdivided container may be associated with its own token descriptor in a signed data message (SDM).

In an example, a three dimensional arrangement includes a container subdivided into four containers comprising a total of twelve physical pieces therebetween, with each of the subdivided containers comprising at least one of the twelve physical pieces. Each physical piece has a coordinate in the X, Y, and Z axes of the container. Eight possible positions are provided in each axis. This means each subdivided container has 512 distinct positions a physical piece could occupy. In examples wherein the physical pieces are equally distributed between the subdivided containers, three per container, over 22 million combinations are available per subdivided container. Even if the chance of repeating the pattern of a single subdivided container was as high as once in a million, with four independent subdivided containers, the collision rate would be one per septillion; thus, making it impractical to replicate by chance. A token descriptor associated with this subdivided container configuration could be represented by a concatenated value or hash for each subdivided container, e.g. in a fourteen byte bitstring, which identifies the position of each of the physical pieces on each axis. The high degree of security per subdivided container means that a token could be accepted as genuine even if one of the four containers depicted in the hologram is unreadable, as the chance of replicating the other three is relatively small.

In some examples, the random pattern may be created using a process that is random and makes the chance of obtaining a particular target configuration through the process relatively minuscule. For example, the chances of the random pattern repeating itself exactly using the process in an hour may be less than one in a thousand, less than one in a million or less than one in a billion. This would mean that a counterfeiter must produce too many holograms in attempting to recreate a particular one that the expected cost in time and/or materials greatly exceeds the benefits of success.

The particular target configuration may be a particular arrangement of the physical pieces in the random pattern. In some examples, the token descriptor may be determined based at least in part on the characteristics of the physical pieces in the random pattern, such as at least four pieces, at least eight pieces, at least sixteen pieces, or at least thirty two pieces. Characteristics may include one or more of position in a first axis, position in a second axis, position in a third axis, orientation, shape and size. Each axis may be separated by at least ninety degrees from each other axis.

Alternatively, or additionally, the token descriptor may be determined based at least in part on the position of the physical pieces shown in the holographic image with a submillimetre accuracy. For example, the position of each physical piece shown within the holographic image may be determined or quantised with a resolution of better than 1000 micrometres, 500 micrometres or 250 micrometres.

The uncontrolled physical movement may be provided by a movement device that is configured to change the position of each of the plurality of physical pieces such that it is possible for the position of each of the plurality of physical pieces to be switched with any other piece of the plurality of physical pieces over time. In some examples, the movement device is vigorous enough that each of the plurality of physical pieces with positions that vary randomly over time may switch places with any other physical piece of the plurality of physical pieces with positions that vary randomly over time, due to the uncontrolled physical movement.

It may be understood that the characteristics of random features may be measured based on analogue characteristics and then assigned to the nearest discrete value of a set of predetermined discrete values in a process known as quantisation. Quantisation may be used to determine information from the arrangement of physical pieces more repeatably.

The physical movement of the plurality of physical pieces may be affected by one or more of the application of a vibration, fluid pressure, collisions between said physical pieces, and/or collisions with a surface proximate to the plurality of physical pieces.

A surface proximate to the plurality of physical pieces may be the surface beneath said physical pieces or a surface of a container configured to hold said pieces.

In some examples, fluid pressure may affect the movement of one or more of the plurality of physical pieces in the form of pressurised fluid, such as blown gas or pumped liquid.

In some examples, the vibration may be applied using a movement device. For example, the plurality of physical pieces may be moved by a movement device, wherein the movement device is configured to impart kinetic energy to the physical pieces, e.g. by tilting, rotating, or vibrating a surface or plate that at least momentarily contacts the physical pieces. Under the influence of kinetic energy imparted to the physical pieces by a movement device, the physical pieces may be caused to interact by exchanging kinetic energy with each other to influence the orientation and/or direction of travel of physical pieces of the plurality of physical pieces. An exchange of kinetic energy may be, for example, by sliding against each other or colliding with each other. The kinetic energy may be imparted to the physical pieces via a container configured to retain the physical pieces.

At least some uncontrolled movement may be provided by one or more of a vibrating plate, friction, interactions between said physical pieces, and/or collisions between said physical pieces

The holographic image may also comprise one or more controlled features arranged to provide one or more of: a serial number, a cryptographic key, a dimension of the area containing the random pattern and an indication of a specific pattern of movement that is not present in the physical pieces.

In this way, reference data may be provided by the holographic image to further enhance security. The predetermined pattern may be, or comprise, reference data. The reference data may appear in a specific predetermined position within the holographic image. In some examples, the reference data may be arranged to provide a reference frame that enables the data within the holographic image to be retrieved successfully from a larger range of scanning angles, distances and rotations. Moreover, the reference frame may enable the consistent scanning of the token by a greater range of camera sensors, resolutions and lenses. In some examples, the reference frame is a three dimensional reference frame.

A cryptographic key may be a cryptographic public key or a cryptographic private key. The cryptographic public key may be, for example, a temporary cryptographic public key, or a master cryptographic public key. The cryptographic private key may be, for example, a temporary cryptographic private key, or a master cryptographic private key.

The reference frame may form part of a moving scene, wherein movement effects of the frame are identifiable in the holographic image and used to provide an additional security element that may be authenticated. The reference frame may be a feature of, or on, a container.

In some examples, the container may be moved by a movement device to cause the physical pieces disposed within the container to move. The speed of movement of the container may be fast relative to an exposure time used to create the holographic image, such that artefacts of the moving container appear in the holographic image. These artefacts provide an indication of a specific pattern of movement that will not be present in the physical pieces. The plurality of physical pieces may be configured to move at a lower average speed than a container holding said pieces. In some examples, the artefacts may be features that are fuzzy, smudged or arranged with a sequential intensity. The physical pieces may be configured to move slower than the container and/or a greater distance than the container, such that the artefacts are not present in the physical pieces to further enhance security.

The predetermined pattern and reference data are examples of controlled features. Controlled features are those which are predetermined, e.g. by the manufacturer. Controlled features may be features that leave a visible feature in the holographic image. A given set of controlled features is reproducible. That is, controlled features may be recreated on demand. For example, the controlled features may be printed, etched, sticky, adhesive-backed, magnetic, or switchable.

Data may be encoded into the holographic image, using the controlled features, in a way that is retrievable from the holographic image, such as by using barcodes, OCR, QR codes, and/or machine vision arrangements. The data encoded in the controlled features may include a serial number to further differentiate tokens and thereby increase security. Alternatively, or additionally, the data encoded in the controlled features may include a publisher identifier or a temporary cryptographic public key for use with an associated reference image.

The random pattern may be exposed to form the holographic image at the same time as, or after, the controlled features, but not before. In this way, the cost and complexity of counterfeiting the token increases, as a duplication of the token requires matching of the controlled features each time before reproducing the random pattern by chance. If the controlled features could be added afterwards, a counterfeiter could instead produce many holographic images with random patterns, each trying to match with any token and then later add the controlled features to increase the likelihood of reproducing a token with the correct random pattern and controlled features combination.

The encoded data, e.g. in the controlled features may include redundancy, e.g. by including the data more than once in the holographic image, such that the data is retrievable even if a portion of the holographic image becomes damaged and/or a controlled feature is covered by a physical piece of the random pattern in the holographic image.

Controlled features within the holographic image may be arranged to provide further security features, such as a cryptographic key, a temporary cryptographic public key, a height of the area containing the random pattern, a width of the area containing the random pattern or a depth of the area containing the random pattern. Alternatively, or additionally, the controlled features may be indicative of a specific pattern of movement, such as vibration or rotation, which is not present in the physical pieces.

The position and/or orientation of each of the plurality of physical pieces in the random pattern may be determined with respect to a controlled feature, such as a reference frame.

In some examples, the holographic image may comprise an additional layer with an embossed hologram. The embossed hologram may only be visible with laser light outside of the spectrum of human vision, e.g. laser light outside of the range 380nm to 750nm. If the token is illuminated with a laser, such as in an attempt to clone the token, the embossed hologram will also be exposed in the holographic image, rather than as a separate embossed layer, thus revealing the counterfeit. In some examples, the additional layer with the embossed hologram may also be reflective of the wavelengths of light used to create the holographic image. In this way, an enhanced contrast exposure of the embossed hologram would be provided in cloned tokens to assist in revealing counterfeit holograms.

The holographic image may be a reflection hologram or a single beam reflection hologram and the holographic image may include one or two axes of parallax.

In this way, the holograms may be produced quickly and in a format that enables a user to identify the presence of the hologram with their eyes, as the holographic features are visible under ordinary white light.

In some examples, the holographic image may be a white light hologram. In some examples, the holographic image may be a Denisyuk hologram and/or an on-axis reflection hologram, and may be configured to provide different views from different angles. A reflection hologram may also provide features that are not visible when the holographic image is viewed at an angle orthogonal to its physical surface, but that are visible when viewing the holographic image from other angles. The holographic image may be monochromatic but otherwise the same in appearance as the original three dimensional arrangement captured in the holographic image. Each of the plurality of physical pieces may be either black or white to maximise the contrast of the holographic image.

The token may comprise a reference image comprising a signed data message (SDM) based at least in part on a signed copy of the token descriptor, wherein the signed copy of the token descriptor is signed with a cryptographic private key using asymmetric cryptography.

In this way, the random pattern and the reference image of the token may be scanned together at the same time to authenticate the origin and uniqueness of the token. In some examples, the token, and information shown thereon, may be scanned using an application with access to a camera on a mobile phone. The token may be integrated into the surface of a product, or form at least part of a separate label attached to the product. The label may be tied to the product using a cord or attached using an adhesive. The random pattern based on a three dimensional arrangement of a plurality of physical pieces may be present on the same token as the reference image. It may be understood that the token is a physical token. In some examples, the reference image may be adhered to the holographic image using a tamper-resistant adhesive or be printed over the holographic image, such that it is relatively difficult to remove the reference image without destroying the underlying holographic image label.

The SDM may include a message that can be authenticated to provide proof of origin. The SDM may include data based on the token descriptor associated with the random pattern in the holographic image sharing the label. This ensures that the SDM is only valid for one particular token descriptor and prevents the SDM from being copied to another label.

In some examples, the SDM may include the token descriptor determined based on the random pattern in the holographic image, wherein the token descriptor is determined by a trusted source. The trusted source may sign the token descriptor to be included in the SDM. The SDM may include a signed copy of the token descriptor, wherein the token descriptor is determined based on the holographic image by a trusted source and signed using a cryptographic algorithm to provide a digital signature with said token descriptor in the form of a signed copy of the token descriptor. The trusted source may be a trusted computer including a processor, a label creation device, or a label publication device.

The SDM may comprise a cryptographic digital signature that is verifiable using a master cryptographic public key to inform a user scanning the label that the label is unique and authenticate that the label carries a trustworthy message. In some examples, a user device may include a local copy of one or more cryptographic public keys, such as a master cryptographic public key or temporary cryptographic public key, to enable authentication of the product without an internet connection.

The SDM may identify details of the product to be authenticated. For example, the SDM may identify at least one of the manufacturer, the type of product, the style of product, the product colour, or the size of the product.

The core data contained within the SDM may include the token descriptor. The core data contained within the SDM may include product information such as the brand name, product name, SKU, and/or serial number. Alternatively, or additionally, the core data contained within the SDM may include a web URL to retrieve further information from the internet such as a user manual or promotional material. A unique ID, such as a database ID, may be included within the core data of the SDM to enable access to a database to retrieve further information about the product and/or register the product. In some examples, the unique ID or database ID may be the token descriptor.

A blockchain or nonfungible token ID may be included in the core data of the SDM to facilitate blockchain-based proof of ownership for the product associated with the token. In some examples, proof of ownership may be provided, based on the SDM, through a registration database, a blockchain, a nonfungible token, or a certificate.

The token may be present on a gift card where a covering may be scratched off to reveal a redeemable code, or a crypto wallet cryptographic private key that allows the contents to be transferred to the buyer’s secure wallet. The signed message may include a public wallet address, allowing the user to check on the blockchain that the contents of the gift card are still present, before buying the gift card.

The reference image may be a barcode. The barcode may be a one dimensional barcode, two dimensional barcode, matrix barcode or, more specifically, a QR code.

The signed data message may comprise one or more of: a cryptographic public key for verifying the signed copy of the token descriptor that is signed using the cryptographic private key; a temporary cryptographic public key for verifying the signed copy of the token descriptor that is signed using a temporary cryptographic private key; a digital signature for verifying the temporary cryptographic public key using a master cryptographic public key; and a digital signature for verifying the signed copy of the token descriptor that is signed using the cryptographic private key.

It may be understood that signing information, as described herein, may include applying a first cryptographic algorithm, such as a signature creation algorithm, to the original data using a private key, such as a temporary cryptographic private key or master cryptographic private key. Original data that has progressed through the signing process may be referred to as signed data. For example, signed data may be the original data concatenated with one or more digital signatures. It may be understood that signed data can be verified by applying a second cryptographic algorithm, such as a signature verifying algorithm, that is related to the first cryptographic algorithm to determine the original data, e.g. using a public key that is related to the private key.

This process of signing information may form a part of an asymmetric cryptography scheme or public-key cryptography scheme and use one of several known cryptographic algorithms. In some examples, signing may include the use of an encryption algorithm. This process of verifying information may form a part of an asymmetric cryptography scheme or public-key cryptography scheme and use one of several known cryptographic algorithms. In some examples, verifying may include the use of a decryption algorithm.

An asymmetric cryptography scheme may include generating a cryptographic public key, based on a cryptographic private key, using a cryptographic algorithm to provide a key pair of a corresponding cryptographic private key and cryptographic public key. In some examples, the cryptographic public key is generated by a processor on a signer device. The cryptographic public key may become associated with the signer device by publishing the cryptographic public key through existing authenticated channels, such as a manufacturer’s website.

The signer device may use a cryptographic algorithm, such as a signing algorithm, which produces a digital signature based on the cryptographic private key and a message. The digital signature may contain an encrypted version of the message and/or be appended to the message. Optionally, a hashing function may be applied to the message to provide a message hash to reduce it to a fixed size prior to signing.

A verifier device comprising a processor may use a cryptographic algorithm, such as digital signature verifying algorithm, to determine whether the corresponding cryptographic private key was used to sign the message based on the digital signature, the cryptographic public key corresponding to the cryptographic private key, and the message to be verified. The message to be verified may be a hashed copy of the message. If the message to be verified is altered, the associated digital signature will fail the verification. The digital signature verifying algorithm may include the use of a decryption algorithm. In some examples, determining whether the corresponding cryptographic private key was used to sign the message may include decrypting the digital signature using the cryptographic public key corresponding to the cryptographic private key and comparing the result of the decryption to the message or the hashed copy of the message. Verification may be considered successful if the result of the comparison is a match. For example, verification may be considered successful if the result of the decryption is identical to the message or the hashed copy of the message

The private key may be at least 32, 64, or 128 bits in length. In this way, the key and/or digital signature would take at least several decades to guess using commercially available computing hardware.

In some examples, the SDM comprises a bitstring, or collection of digital data embedded or encoded into a physical product, that may be scannable by a computer, such as a mobile device, to retrieve the data. The data may be cryptographically signed to prove that it originates from the holder of a trusted master cryptographic private key used to sign the data.

In some examples, the SDM comprises the following data components: a publisher ID; a temporary cryptographic public key; a digital signature to verify the temporary cryptographic public key using the master cryptographic public key; core data; and a digital signature to verify the core data using the temporary cryptographic public key.

The core data within an SDM may be trusted to originate from the publisher, due to it being cryptographically signed. It may be understood that a cryptographic private key may be used to create a digital signature for a block of data, with even a slightly different block of data requiring a completely different digital signature using known cryptographic digital signature techniques and standards, such as asymmetric cryptography or public-key cryptography. It may be advantageous to use short digital signatures, or more specifically, Boneh–Lynn–Shacham (BLS) digital signatures. Short digital signatures may be 32 bytes or less and facilitate the use of less detailed or smaller reference images.

A cryptographic public key associated with a cryptographic private key may be used to verify that data has not been altered and was in fact signed by a holder of the cryptographic private key. In this context, it may be understood that signed data means that a digital signature is provided with the data, wherein the digital signature is for verifying the authenticity of the data.

The SDM may contain a publisher ID for identifying the master cryptographic public key of an associated label publication device. A user device may determine the master cryptographic public key based on the publisher ID stored in the SDM or controlled features of the token. The master cryptographic public key may be used to verify the temporary cryptographic public key based on a digital signature in the SDM for verifying the temporary cryptographic public key. The core data of the SDM may be signed with a temporary cryptographic private key associated with the temporary cryptographic public key. The core data may be identified as trustworthy using a temporary cryptographic public key that has been verified based on a digital signature and the master cryptographic public key.

In some examples, an RFID tag may be integrated with the holographic image to provide a signed data message, rather than a reference image. That is, the token may comprise an RFID tag comprising a reproducible code including a signed data message based at least in part on a signed copy of the token descriptor that is signed using a cryptographic private key. The ID or unique identifier of an RFID tag may be included within the SDM, e.g. to make swapping labels more difficult.

In a second aspect, there is provided a system for authenticating a product, the system comprising the token of the first aspect, an image sensor and a processor. The image sensor is configured to provide one or more digital images of the token. The processor is configured to receive the one or more digital images of the token and quantise the random pattern based on a specific arrangement of the plurality of physical pieces captured from the holographic image of the token to provide a derived token descriptor, and configured to authenticate the token based on verifying the derived token descriptor, to authenticate the product.

The one or more digital images may be two dimensional or three dimensional, wherein the third dimension is reconstructed from a plurality of two dimensional images. In some examples, a scan of the token is taken by a scanning system, such as a smartphone with an image sensor, to provide scan data in the form of multiple images or a video. The scan data may be processed to provide a reconstruction of the holographic image as a three dimensional digital image.

There may be a number of security features that need to be identified within the scan data and digital images may be collected until all of the security features are identified. For example, there may be one or more primary security features such as the location and/or orientation of a plurality of physical pieces and digital images may be collected until said primary security features are identified. The scanning system may provide an indication to a user as to whether further features still need to be captured during the scan of the token and/or provide an indication directing a user to alter the angle or position of the image sensor in a way that allows the required measurements to be gathered. For example, the required measurements may include images taken at specific angles or angle ranges. These measurements may be required to gauge the depth of a holographic image through triangulation, or to see features that are occluded from some angles.

In a third aspect, a process for creating the token of the first aspect is provided. The process comprises: creating a random scene by moving a plurality of physical pieces, wherein the movement of each piece includes at least one degree of freedom; and directing a beam of laser light through a beam shaper at a photosensitive material that is semi-transparent such that a portion of the beam of laser light passes through the photosensitive material to the random scene and is reflected by the random scene back to the photosensitive material, wherein the beam shaper is configured to reduce beam intensity variations and increase the cross-sectional area of the beam of laser light that interacts with the photosensitive material.

In some examples, the process of the third aspect creates a product, which is a token of the first aspect. For example, there may be a token of the first aspect provided by the process of the third aspect.

A label creation device may comprise the random scene and beam shaper. The beam shaper may be configured to expand the beam diameter and enhance the uniformity of the beam.

In an example, the token may be created by a label creation device based on information received from a label publication device. The label publication device may generate a master cryptographic private key and a corresponding master cryptographic public key. The master cryptographic public key may be provided to a label creation device by a trusted source, such as one or more of a software application, a website, a trusted database, or a blockchain. The master cryptographic public key may be stored or transmitted without encryption. The master cryptographic private key may be stored relatively securely to avoid disclosure to a potential counterfeiter.

The label publication device may comprise a processor configured to generate one or more temporary cryptographic public keys, which are to be stored in the holographic image or reference image of the token. Additionally, the processor may be configured to generate a temporary cryptographic private key and the one or more temporary cryptographic public keys generated may correspond to the temporary cryptographic private key e.g. the one or more temporary cryptographic public keys generated may be for verifying information signed with the temporary cryptographic private key. The temporary cryptographic private key may be stored, or transmitted to a label creation device, relatively securely using encryption by the label publication device. The label publication device may create a digital signature for each of the temporary cryptographic public keys using the master cryptographic private key. The resultant digital signature and the associated temporary cryptographic public key may be included in an SDM.

The label publication device may transmit the temporary cryptographic private key to the label creation device to enable digital signatures to be generated for each SDM. In some examples, the temporary cryptographic private key may be transmitted to the label creation device using a signed transmission. The temporary cryptographic public key may also be transmitted to the label creation device for generating each SDM.

In some examples, the availability of a temporary cryptographic public key and temporary cryptographic private key removes the need for accessing the master cryptographic private key for signing each label. Accordingly, the master cryptographic private key is more secure as it is accessed less often and by fewer devices. The master cryptographic private key may only be accessed to calculate the digital signatures, associated with one or more key pairs, using the master cryptographic private key, each key pair comprising a temporary cryptographic public key and temporary cryptographic private key.

User devices may store the master cryptographic public key corresponding to a master cryptographic private key used by one or more label publication devices to enable offline label verification of tokens originating from said one or more label publication devices. Each manufacturer to be authenticated may have one or more label publication devices that may share a master cryptographic private key or, in some examples, each use at least one distinct master cryptographic private key. Temporary cryptographic public keys may be stored by the token in one or both of the holographic image and the reference image.

A digital signature for the core data of each SDM may be calculated using a temporary cryptographic private key, with this particular cryptographic private key being shared with a number of other labels. For example, a particular temporary cryptographic private key may be used to calculate digital signatures for the core data of labels published in the same hour, same week, or same month. Alternatively, a particular temporary cryptographic private key may be used to calculate digital signatures for the core data of a number of published labels not greater than 100, not greater than 1000, or not greater than 10000.

The temporary cryptographic public key corresponding to the temporary cryptographic private key may be included in the token, together with a digital signature for the temporary cryptographic public key calculated using the master cryptographic private key. The temporary cryptographic public key may be encoded within one or both of the controlled features and the SDM.

An apparatus may be provided to produce tokens containing a holographic image including a random pattern, wherein the random pattern is based on a three dimensional arrangement of a plurality of physical pieces.

The apparatus to produce tokens may comprise a holography setup to produce reflection holograms on a reel of transparent material using a single laser pulse. The reflection holograms may be white light reflection holograms.

The apparatus to produce tokens may comprise a physical 3D scene, to be captured in the hologram, with a plurality of physical pieces with positions that vary over time with at least some uncontrolled physical movement, such as colliding physical pieces. The physical 3D scene may comprise controlled features, such as switching display elements.

It may be understood that the holographic image of the token includes at least some elements that are not computer generated. In some examples, the holography setup may include a laser configured to provide a beam of coherent light from a laser to illuminate a plurality of physical pieces. The coherent light may illuminate a photosensitive material with a reference beam. At least a portion of the reference beam intensity may pass through the photosensitive material and reflect off the physical pieces with positions that vary over time as a ‘signal beam’. The signal beam also illuminates the photosensitive material. The signal beam and reference beam may form an interference pattern through diffraction, and this pattern of light and dark areas is recorded in the photosensitive material to form a hologram. When a hologram is later exposed to a beam of light, the arrangement of physical pieces may be visible in the reflected or transmitted image of the photosensitive material.

The holographic image may be a white light hologram and may have two axes of parallax, such as a white light Denisyuk single beam reflection hologram.

The apparatus to produce tokens may comprise a reel-to-reel system, wherein the reel-to-reel system is configured to receive a first reel comprising a plurality of photosensitive material portions arranged linearly on a tape. The reel-to-reel system may be configured to arrange each photosensitive material portion such that it is exposed simultaneously to a laser reference beam and a signal beam before winding it onto a second reel, wherein the second reel comprises photosensitive material portions containing holographic images. In some examples, the photosensitive material may be treated with chemicals and shielded from light for a period of time after exposure but before being wound onto the second reel, wherein the period of time is at least thirty seconds, at least two minutes or at least five minutes.

The reference beam may be shaped by a beam shaper so that it exposes at least 25%, at least 50% or at least 75% of each photosensitive portion with even intensity. The reference beam may be provided by an ultrafast pulsed laser source with relatively high pulse energy, wherein the pulse length is less than one microsecond, less than one nanosecond, or less than one picosecond. Ultrafast pulsed lasers provide relatively high pulse energies which enable exposure times for creating holographic images on the order of a single pulse. In some examples, relatively short exposure times may be used to ensure that the movement of the plurality of physical pieces does not produce excessive smear across the holographic image. In some examples, relatively short exposure times may be used to minimise artefacts caused by relative movement between the reel-to-reel system and the container and/or physical pieces.

Pulses may be repeated more than once per second, or more specifically, between 100 and 1000 times per second. Accordingly, the apparatus to produce tokens may produce more than one holographic image per second, or more specifically, between 100 and 1000 holographic images per second.

The pulses of the laser may be synchronised to the movement of the reel-to-reel system. Each holographic image may be created by exposure to a single pulse. In some examples, a mask may be provided to limit the area of the reel-to-reel system exposed to the laser beam, such that no photosensitive portion is exposed to more than one pulse. In some examples, changes to one or more controlled features, such as an electronically configurable display system, may be synchronised to the pulses of the laser and/or the movement of the reel-to-reel system.

The interference pattern captured in a hologram has feature sizes dependent on the wavelength of light used to expose the pattern. In some examples, the smallest features in the holographic image may be less than a micrometre in size or less than half a micrometre in size.

In some examples, the reel of photosensitive material portions may be provided with a designated publisher ID encoded into controlled features on each photosensitive material portion. In this way, the photosensitive material portions of that reel may be restricted for use by the designated publisher associated with that ID. Alternatively, or additionally, the reel of photosensitive material portions may be provided with a particular temporary cryptographic public key encoded into controlled features on each photosensitive material portion. In this way, the use of misappropriated photosensitive material portions is prevented, unless a temporary cryptographic private key corresponding to the particular temporary cryptographic public key is also misappropriated.

In some examples, the controlled features are electronically configurable. For example, different configurations of controlled features may be present in each subsequently exposed holographic image. In some examples, at least some controlled features may be provided by an electronically configurable display system, e.g. an LCD display or a microoptoelectromechanical system (MOEMS). A digital micromirror device is an example of a MOEMS. A diffuser may be implemented to reduce unwanted interference patterns from the controlled features. Each switchable element of the electronically configurable system may encode 1 bit of information.

In an example, a container configured to retain the physical pieces may be configured to display barcodes on one or more of its walls. At least one wall of the container may be an electronically configurable display system. Alternatively, or additionally, at least one of the walls may be formed of an at least partially transparent material with an electronically configurable display system arranged to display through said wall. The electronically configurable display system may be disconnected from the wall of the container, such that a barcode shown on the electronically configurable display system does not move when the container is vibrated.

Creating the random scene may comprise vibrating a container, which is at least partially transparent, using a vibration device. The container may contain a plurality of physical pieces therein. The random scene may further comprise one or more controlled features provided by an electronically configurable display configured to change over time.

The vibration device may be configured to move the plurality of physical pieces to pass through at least 25 percent of a cross-section of the beam of the laser light that passes through the photosensitive material.

In some examples, the vibration device may be configured to move the plurality of physical pieces to pass through at least 25 percent, at least 50 percent, or at least 75 percent of a cross-section of the beam of the laser light that passes through the photosensitive material. The vibration device may be configured to alter the vibration frequency over time to prevent harmonic motion. In some examples, the vibration device may be coupled to the container to vibrate the container. The vibration device may be configured to move the container in height, width and depth, such that the physical pieces spend the majority of their time moving under the influence of the vibration device and the time each physical piece is at rest is minimised.

The physical pieces may be contained within a vibrating frame or container. The container may have one or more transparent or semi-transparent walls. The container may have one or more opaque or translucent walls, e.g. for attaching to a vibration device or for including controlled features. The container may be attached to more than one independent vibration device to increase the variance of the physical pieces within the container.

The one or more controlled features may change from token to token.

In a fourth aspect, a method is provided for authenticating a token according to the first aspect using an electronically stored signed data message. The method comprises: obtaining one or more digital images, using an image sensor, of the token, wherein the one or more digital images include at least the holographic image; quantising the random pattern based on a specific arrangement of the plurality of physical pieces captured from the holographic image of the token to determine a derived token descriptor; authenticating the derived token descriptor based on locating an electronically stored signed data message corresponding to the derived token descriptor; and responsive to successfully authenticating the derived token descriptor, providing an indication of authenticity.

In some examples, locating the electronically stored signed data message corresponding to the derived token descriptor includes issuing a request for said signed data message to a server, database, data store, or data repository and, responsive to the request, receiving the signed data message. The request may include at least one identifier, such as a publisher ID, token ID, and/or the derived token descriptor. One or more identifiers may be derived from one or more controlled features in the holographic image of the token.

In a fifth aspect, a method is provided for authenticating a token using a printed signed data message. The method comprises: obtaining one or more digital images, using an image sensor, of the token according to the first aspect, wherein the one or more digital images include at least the holographic image and the reference image; quantising the random pattern based on a specific arrangement of the plurality of physical pieces captured from the holographic image of the token to determine a derived token descriptor; decoding the reference image to obtain the signed data message; authenticating the derived token descriptor based on the signed data message; and responsive to authenticating the derived token descriptor successfully, providing an indication of authenticity.

In some examples, more than one image of the token may be obtained using the image sensor to facilitate a more accurate measurement of the 3D coordinates of the physical pieces depicted within the holographic image of the token.

Some examples further comprise determining, by a protocol, the token descriptor based on the quantised values of the random features and, optionally, based on the values identified from the controlled features. The same process and/or protocol may be used by a user device to derive the token descriptor from the random pattern as is used by a trusted device to determine the token descriptor included in the SDM. The token descriptor may be a bitstring or binary encoded number of a fixed length. In some examples, the protocol may include concatenating values determined based on the controlled and random features in a predetermined order to form the token descriptor. The protocol may include encrypting or signing one or more portions of data obtained from the token, such as the quantised values of the random features, to obtain the token descriptor.

In some examples, the token descriptor may be a cryptographic hash based on a bitstring determined by quantising characteristics of the physical pieces in the random pattern depicted in the holographic image. This additional hashing step makes it relatively difficult to guess or falsify the measured characteristics from the token descriptor alone, which provides additional security

In some examples, each random pattern produces a token descriptor that is unique. The label publication device or label creation device may record a token descriptor based on definitive position measurements taken at the time of creation of the token, this may otherwise be referred to as a definitive token descriptor. This token descriptor may be included in an SDM associated with the random pattern e.g. as the token descriptor of the SDM. The token descriptor of the SDM may be included as a signed copy of the token descriptor. A user may scan the random pattern and check that the token descriptor they derive matches the token descriptor in the SDM. This token descriptor of the SDM may be used as an authenticated ID in data transmissions and storage to prove the authenticity of the random pattern, the signed label and/or the product to which the token is attached.

In some examples, if authenticating the derived token descriptor against the token descriptor included in the SDM is not successful, further token descriptors may be derived by calculating and substituting borderline values obtained during the quantisation process for their neighbouring values. If a combination of substituted values enables the derived token descriptor to be authenticated, then an indication of authenticity is provided. If no combination of substituted values enables authentication to be completed successfully, then an indication of suspected counterfeiting is provided. An indication of suspected counterfeiting or an indication of authenticity may be, for example, a transmitted signal, a transmitted packet of information, a sound, a light or text on a display.

In some examples, deriving the token descriptor from the random pattern may be facilitated using the token descriptor of the SDM. The token descriptor of the SDM may be interpretable to identify expected characteristics of the plurality of physical pieces depicted within the holographic image, such as their size, position, or orientation. For example, the token descriptor of the SDM may be stored in plaintext or stored using a reversible encryption algorithm. The token descriptor derived from the random pattern may be based in part on the expected characteristics identified. For example, if at least 60 percent, at least 75 percent, or at least 90 percent, of the expected characteristics match the token descriptor derived from the random pattern then the token descriptor derived from the random pattern may be determined to be a sufficient match to the expected characteristics and/or the token descriptor of the SDM to authenticate the associated token as genuine.

In this way, damaged tokens may still be authenticated based on the remaining plurality of physical pieces depicted within the holographic image.

In some examples, one or more physical pieces of the plurality of physical pieces depicted in an incorrect position may cause the authentication to fail, even if enough of the expected characteristics match the token descriptor derived from the random pattern. In this way, damaged tokens with missing features may still be authenticated, but without enabling the authentication of similar tokens that depict additional physical pieces that are recognised in unexpected locations.

The SDM may be trusted as originating from the authentic publisher if one or more digital signatures within the SDM are verified successfully. In some examples, one or more digital signatures within the SDM may be successfully verified, but the authentication of the derived token descriptor may fail if the SDM was not created for the specific token descriptor quantised from the random pattern in the holographic image of the token. For example, the authentication of the derived token descriptor may fail if the SDM was created for a different token with a different holographic image, as the token descriptor in the SDM would not match the token descriptor quantised from the random pattern in the holographic image of the token to be authenticated.

In some examples, a cryptographic public key and/or corresponding cryptographic private key may be identified as compromised and stored on a blacklist. Authenticating the derived token descriptor may further comprise checking a blacklist for one or more pieces of information contained within the holographic image, SDM or random pattern, and failing the authentication if said one or more pieces of information, such as a cryptographic key, are present on the blacklist.

Authenticating the derived token descriptor based on the signed data message may comprise: determining a temporary cryptographic public key from the reference image or the holographic image; determining a master cryptographic public key; determining a first digital signature from the signed data message; determining a second digital signature from the signed data message; determining a signed copy of the token descriptor from the signed data message; verifying the temporary cryptographic public key; verifying the signed copy of the token descriptor; responsive to successfully verifying the temporary cryptographic public key and successfully verifying the signed copy of the token descriptor, comparing the derived token descriptor quantised from the random pattern to the token descriptor of the signed copy of the token descriptor from the signed data message, and determining that the signed copy of the token descriptor from the signed data message is authentic if they match.

In some examples, verifying the temporary cryptographic public key includes determining a successful result from a first digital signature verifying algorithm applied to the temporary cryptographic public key, the first digital signature and the master cryptographic public key.

In some examples, verifying the temporary cryptographic public key comprises applying a first cryptographic algorithm. The first cryptographic algorithm may be a signature verifying algorithm. For example, verifying the temporary cryptographic public key may comprise applying a first cryptographic algorithm to the first digital signature using the master cryptographic public key and determining that the verification of the temporary cryptographic public key is successful based on a first cryptographic algorithm result. Determining that the verification of the temporary cryptographic public key is successful based on the first cryptographic algorithm result may include comparing the result with the temporary cryptographic public key or data derived therefrom.

In some examples, verifying the signed copy of the token descriptor includes determining a successful result from a second signature verifying algorithm applied to the signed copy of the token descriptor, the second signature and the temporary cryptographic public key.

In some examples, verifying the signed copy of the token descriptor comprises applying a second cryptographic algorithm. The second cryptographic algorithm may be a signature verifying algorithm. For example, verifying the signed copy of the token descriptor may comprise applying a second cryptographic algorithm to the second digital signature using the temporary cryptographic public key and determining that the verification of the token descriptor of the signed copy of the token descriptor is successful based on a second cryptographic algorithm result. Determining that the verification of the token descriptor of the signed copy of the token descriptor is successful based on a second cryptographic algorithm result may include comparing the result with the signed copy of the token descriptor or data derived therefrom.

In some examples, the signed copy of the token descriptor and/or the token descriptor of the signed copy of the token descriptor included in the signed data message may be in the form of a cryptographic hash. In these examples, verifying the signed copy of the token descriptor may include applying a cryptographic hashing function as a part of deriving the token descriptor from the random pattern.

It may be understood that the token descriptor of the signed copy of the token descriptor from the signed data message refers to the token descriptor of the signed data message without the modifications introduced by the digital signature.

The token descriptor of the signed copy of the token descriptor may be otherwise referred to as the identification code.

The token descriptor derived by quantising the random pattern based on a specific arrangement of the plurality of physical pieces in the holographic image may be otherwise referred to as the pattern descriptor.

In a sixth aspect, there is provided a machine readable medium carrying machine readable instructions, which when executed by a processor of a machine, causes the machine to carry out methods disclosed herein.

The machine readable medium may be a non-transitory computer readable storage medium, a non-volatile storage medium, a physical storage medium, or a storage medium comprising at least one transistor.

The above and other characteristics, features and advantages of the present invention will become apparent from the following detailed description, taken in conjunction with the accompanying drawings, which illustrate, by way of example, the principles of the invention. This description is given for the sake of example only, without limiting the scope of the invention. The reference figures quoted below refer to the attached drawings.

is a schematic view of an example token for authenticating a product.

is a schematic view of an example equipment setup for token creation.

The present invention will be described with respect to certain drawings but the invention is not limited thereto but only by the claims. The drawings described are only schematic and are non-limiting. Each drawing may not include all of the features of the invention and therefore should not necessarily be considered to be an embodiment of the invention. In the drawings, the size of some of the elements may be exaggerated and not drawn to scale for illustrative purposes. The dimensions and the relative dimensions do not correspond to actual reductions to practice of the invention.

Furthermore, the terms first, second, third and the like in the description and in the claims, are used for distinguishing between similar elements and not necessarily for describing a sequence, either temporally, spatially, in ranking or in any other manner. It is to be understood that the terms so used are interchangeable under appropriate circumstances and that operation is capable in other sequences than described or illustrated herein. Likewise, method steps described or claimed in a particular sequence may be understood to operate in a different sequence.

Moreover, the terms top, bottom, over, under and the like in the description and the claims are used for descriptive purposes and not necessarily for describing relative positions. It is to be understood that the terms so used are interchangeable under appropriate circumstances and that operation is capable in other orientations than described or illustrated herein.

It is to be noticed that the term “comprising”, used in the claims, should not be interpreted as being restricted to the means listed thereafter; it does not exclude other elements or steps. It is thus to be interpreted as specifying the presence of the stated features, integers, steps or components as referred to, but does not preclude the presence or addition of one or more other features, integers, steps or components, or groups thereof. Thus, the scope of the expression “a device comprising means A and B” should not be limited to devices consisting only of components A and B. It means that with respect to the present invention, the only relevant components of the device are A and B.

Similarly, it is to be noticed that the term “connected”, used in the description, should not be interpreted as being restricted to direct connections only. Thus, the scope of the expression “a device A connected to a device B” should not be limited to devices or systems wherein an output of device A is directly connected to an input of device B. It means that there exists a path between an output of A and an input of B which may be a path including other devices or means. “Connected” may mean that two or more elements are either in direct physical or electrical contact, or that two or more elements are not in direct contact with each other but yet still co-operate or interact with each other. For instance, wireless connectivity is contemplated.

It is also to be noticed that the term “random”, used in the description, should be interpreted as describing an arrangement or value that can only be described probabilistically in advance. For example, a random pattern, arrangement or value is that taken from several similarly or equally likely patterns, arrangements or values. Varying randomly is a process of varying between these similarly or equally likely arrangements or values.

It is also to be noticed that terms, such as “corresponding”, “related”, or “associated” as may be used interchangeably herein in relation to keys or algorithms are describing the key-pair relationship or algorithm-pair relationship of asymmetric signature schemes or asymmetric encryption schemes.

Reference throughout this specification to “an embodiment” or “an aspect” means that a particular feature, structure or characteristic described in connection with the embodiment or aspect is included in at least one embodiment or aspect of the present invention. Thus, appearances of the phrases “in one embodiment”, “in an embodiment”, or “in an aspect” in various places throughout this specification are not necessarily all referring to the same embodiment or aspect, but may refer to different embodiments or aspects. Furthermore, the particular features, structures or characteristics of any one embodiment or aspect of the invention may be combined in any suitable manner with any other particular feature, structure or characteristic of another embodiment or aspect of the invention, as would be apparent to one of ordinary skill in the art from this disclosure, in one or more embodiments or aspects.

Similarly, it should be appreciated that in the description various features of the invention are sometimes grouped together in a single embodiment, figure, or description thereof for the purpose of streamlining the disclosure and aiding in the understanding of one or more of the various inventive aspects. This method of disclosure, however, is not to be interpreted as reflecting an intention that the claimed invention requires more features than are expressly recited in each claim. Moreover, the description of any individual drawing or aspect should not necessarily be considered to be an embodiment of the invention. Rather, as the following claims reflect, inventive aspects lie in fewer than all features of a single foregoing disclosed embodiment. Thus, the claims following the detailed description are hereby expressly incorporated into this detailed description, with each claim standing on its own as a separate embodiment of this invention.

Furthermore, while some embodiments described herein include some features included in other embodiments, combinations of features of different embodiments are meant to be within the scope of the invention, and form yet further embodiments, as will be understood by those skilled in the art. For example, in the following claims, any of the claimed embodiments can be used in any combination.

In the description provided herein, numerous specific details are set forth. However, it is understood that embodiments of the invention may be practised without these specific details. In other instances, well-known methods, structures and techniques have not been shown in detail in order not to obscure an understanding of this description.

In the discussion of the invention, unless stated to the contrary, the disclosure of alternative values for the upper or lower limit of the permitted range of a parameter, coupled with an indication that one of said values is more highly preferred than the other, is to be construed as an implied statement that each intermediate value of said parameter, lying between the more preferred and the less preferred of said alternatives, is itself preferred to said less preferred value and also to each value lying between said less preferred value and said intermediate value.

The use of the term “at least one” may mean only one in certain circumstances. The use of the term “any” may mean “all” and/or “each” in certain circumstances.

The principles of the invention will now be described by a detailed description of at least one drawing relating to exemplary features. It is clear that other arrangements can be configured according to the knowledge of persons skilled in the art without departing from the underlying concept or technical teaching, the invention being limited only by the terms of the appended claims.

shows an example token 100 for authenticating a product. The token 100 includes a photosensitive material portion containing a holographic image 102, with a reference image 112 disposed thereon.

The holographic image 102 depicts a three dimensional arrangement of a plurality of physical pieces 104. In this example, the plurality of physical pieces 104 are balls. Each of the plurality of physical pieces has a position within the holographic image and controlled features 110 are provided to assist in quantising said positions. The controlled features 110 shown include grid lines as reference features. The grid lines may be used to accurately establish the 3D coordinates of the spheres and barcode stripes, using multiple images from different angles.

Other controlled features 110 are also provided to encode predetermined data into the holographic image 102. The predetermined data in this example is encoded in the form of a first barcode 106 and a second barcode 108. An identifier of the manufacturer, identifier of the label creation device and/or a temporary cryptographic public key may be derived from one or more of the barcodes. In some examples, one or more of the barcodes may provide a serial number. The first barcode 106 and the second barcode 108 may provide one long barcode.

In this example, the reference image 112 of the token 100 comprises a QR code 114 configured to provide the SDM. The reference image 112 of the token 100 includes reference markers 116 for assisting the extraction of information from the QR code 114. The QR code 114 also includes an optional logo 118 to assist in communicating the purpose of the QR code 114 to a user. Alternatively or additionally, the optional logo may form a part of the holographic image 102. The reference image 112 does not form a part of the holographic image 102 in this example, rather it is disposed on top of the holographic image 102 using ink or an adhesive label. The background colour of the QR code is shown in white, but may be transparent in some examples to enable better visibility of the underlying holographic image.

The reference features of the holographic image 102 and the reference image 112 are different in this example to provide additional context to the position of each set of features when scanning and to ensure the rotation of the label relative to the user will not change the value quantised from the token.

is a schematic view of an example equipment setup 200 for token creation. In this example, a laser 202 light source is provided and provides a coherent beam of light 203. The coherent beam of light 203 is passed through a beam shaper 206 to provide a larger reference beam 204 with enhanced uniformity. The reference beam 204 is shaped to cover a majority of a photosensitive material portion 208b. At least some of the reference beam 204 passes through the photosensitive material portion 208b to reach a scene 212. The scene 212 is a 3D scene and in this example is at least partially reflective for use with this holography equipment setup 200. Reflections from the scene create a signal beam 214, which interacts with the reference beam 204 to form a holographic image on the photosensitive material portion 208b. A mask is provided to limit the area photosensitive portion that is exposed to the reference beam, a reference beam mask 216a-b, and to the signal beam, a signal beam mask 218a-b.

A plurality of photosensitive portions 208a-d are arranged linearly on a reel 209 of material configured to retain the plurality of photosensitive portions 208a-d. The reel is arranged on a reel-to-reel system that advances the reel of material in a direction 210 through the reference beam 204 and signal beam 214 of the token creation setup 200. In this example, the reel is advanced based on the pulse timing of the laser 202, which is a pulsed laser.

Claims (15)

1. A token for authenticating a product comprising:
   a holographic image that includes a random pattern that depicts moving physical pieces at a particular point in time, wherein each of the plurality of physical pieces is configured to move with at least one degree of freedom, and wherein the random pattern is interpretable to produce a token descriptor unique to the random pattern.
2. The token of claim 1, wherein each of the plurality of physical pieces is configured to move with at least three degrees of freedom.
3. The token of claim 2, wherein the physical movement of the plurality of physical pieces is affected by one or more of the application of a vibration, fluid pressure, collisions between said physical pieces, and/or collisions with a surface proximate to the plurality of physical pieces.
4. The token of any preceding claim, wherein the holographic image also comprises one or more controlled features arranged to provide one or more of: a serial number, a cryptographic key, a dimension of the area containing the random pattern and an indication of a specific pattern of movement that is not present in the physical pieces.
5. The token of any preceding claim, wherein the holographic image is a reflection hologram or a single beam reflection hologram, and wherein the holographic image includes one or two axes of parallax.
6. The token of any preceding claim, the token comprising:
   a reference image comprising a signed data message based at least in part on a signed copy of the token descriptor, wherein the signed copy of the token descriptor is signed with a cryptographic private key using asymmetric cryptography.
7. The token of claim 6, wherein the reference image is a barcode.
8. The token of one of claims 6 or 7, wherein the signed data message comprises one or more of:
   a cryptographic public key for verifying the signed copy of the token descriptor that is signed using the cryptographic private key;
   a temporary cryptographic public key for verifying the signed copy of the token descriptor that is signed using a temporary cryptographic private key;
   a digital signature for verifying the temporary cryptographic public key using a master cryptographic public key; and
   a digital signature for verifying the signed copy of the token descriptor that is signed using the cryptographic private key.
9. A system for authenticating a product comprising:
   the token of any preceding claim;
   an image sensor configured to provide one or more digital images of the token; and
   a processor configured to receive the one or more digital images of the token and quantise the random pattern based on a specific arrangement of the plurality of physical pieces captured from the holographic image of the token to provide a derived token descriptor, and configured to authenticate the token based on verifying the derived token descriptor, to authenticate the product.
10. A process for creating the token of one of claims 1 to 8 comprising:
    creating a random scene by moving the plurality of physical pieces, wherein the movement of each piece includes at least one degree of freedom; and
    directing a beam of laser light through a beam shaper at a photosensitive material that is semi-transparent such that a portion of the beam of laser light passes through the photosensitive material to the random scene and is reflected by the random scene back to the photosensitive material, wherein the beam shaper is configured to reduce beam intensity variations and increase the cross-sectional area of the beam of laser light that interacts with the photosensitive material.
11. The process of claim 10, wherein creating the random scene comprises vibrating a container, using a vibration device, that is at least partially transparent, and wherein the container contains the plurality of physical pieces therein, and wherein the random scene further comprises one or more controlled features provided by an electronically configurable display configured to change over time.
12. A method for authenticating a token using an electronically stored signed data message, the method comprising:
    obtaining one or more digital images, using an image sensor, of the token of one of claims 1 to 8, wherein the one or more digital images include at least the holographic image;
    quantising the random pattern based on a specific arrangement of the plurality of physical pieces captured from the holographic image of the token to determine a derived token descriptor;
    authenticating the derived token descriptor based on locating an electronically stored signed data message corresponding to the derived token descriptor; and
    responsive to successfully authenticating the derived token descriptor , providing an indication of authenticity.
13. A method for authenticating a token using a printed signed data message, the method comprising:
    obtaining one or more digital images, using an image sensor, of the token of one of claims 6 to 8, wherein the one or more digital images include at least the holographic image and the reference image;
    quantising the random pattern based on a specific arrangement of the plurality of physical pieces captured from the holographic image of the token to determine a derived token descriptor;
    decoding the reference image to obtain the signed data message;
    authenticating the derived token descriptor based on the signed data message; and
    responsive to authenticating the derived token descriptor successfully, providing an indication of authenticity.
14. The method of claim 13, wherein authenticating the derived token descriptor based on the signed data message comprises:
    determining a temporary cryptographic public key from the reference image or the holographic image;
    determining a master cryptographic public key;
    determining a first digital signature from the signed data message;
    determining a second digital signature from the signed data message;
    determining a signed copy of the token descriptor from the signed data message;
    verifying the temporary cryptographic public key;
    verifying the signed copy of the token descriptor;
    responsive to successfully verifying the temporary cryptographic public key and successfully verifying the signed copy of the token descriptor, comparing the derived token descriptor quantised from the random pattern to the token descriptor of the signed copy of the token descriptor from the signed data message, and determining that the signed copy of the token descriptor from the signed data message is authentic if they match.
15. A machine readable medium carrying machine readable instructions, which when executed by a processor of a machine, causes the machine to carry out the method of any one of claims 12 to 14.