WO2005101330A1 - Document authentication system and related methods - Google Patents

Document authentication system and related methods Download PDF

Info

Publication number
WO2005101330A1
WO2005101330A1 PCT/GB2005/001405 GB2005001405W WO2005101330A1 WO 2005101330 A1 WO2005101330 A1 WO 2005101330A1 GB 2005001405 W GB2005001405 W GB 2005001405W WO 2005101330 A1 WO2005101330 A1 WO 2005101330A1
Authority
WO
WIPO (PCT)
Prior art keywords
document
information
encrypted
data
server
Prior art date
Application number
PCT/GB2005/001405
Other languages
French (fr)
Inventor
Trevor Pratt
Original Assignee
Kalamazoo Security Print Ltd.
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Kalamazoo Security Print Ltd. filed Critical Kalamazoo Security Print Ltd.
Publication of WO2005101330A1 publication Critical patent/WO2005101330A1/en

Links

Classifications

    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07DHANDLING OF COINS OR VALUABLE PAPERS, e.g. TESTING, SORTING BY DENOMINATIONS, COUNTING, DISPENSING, CHANGING OR DEPOSITING
    • G07D7/00Testing specially adapted to determine the identity or genuineness of valuable papers or for segregating those which are unacceptable, e.g. banknotes that are alien to a currency
    • G07D7/004Testing specially adapted to determine the identity or genuineness of valuable papers or for segregating those which are unacceptable, e.g. banknotes that are alien to a currency using digital security elements, e.g. information coded on a magnetic thread or strip
    • G07D7/0047Testing specially adapted to determine the identity or genuineness of valuable papers or for segregating those which are unacceptable, e.g. banknotes that are alien to a currency using digital security elements, e.g. information coded on a magnetic thread or strip using checkcodes, e.g. coded numbers derived from serial number and denomination

Definitions

  • This invention relates to a document authentication system and related methods. In particular, but not exclusively, it relates to the authentication of documents relating to qualifications, for example university degree certificates.
  • the invention may also relate to the authentication of other documents, such as insurance certificates, invoices, bills of lading, vehicle licences, deeds of ownership, contracts, bonds, gun licenses, police check documents, fishing licenses, MOTs, driving licenses, vouchers, tickets, etc.
  • the veracity of information contained, for example, on a degree certificate can be checked against an alternative source of the information.
  • an alternative source of the information For example, in the past, it has been possible to check the authenticity of a university degree certificate by contacting the issuing authority. This is time consuming, and assumes that the issuing authority is open to such enquiry, maintains accurate records and is still in existence (a particular problem as educational certificates are likely to be required for a number of decades after their issue).
  • Similar systems may be in operation to allow the veracity of data displayed on other document types, such as invoices, other qualifications, security clearance documents, etc.
  • Such systems inherently require the duplication of information and the maintenance of at least two distinct sources of information. This obviously adds to the storage requirements of a system and causes delays in verifying information as a remote source must be accessed.
  • Hash values are generally used to ensure that electronic messages have not been tampered with.
  • the hash value is encrypted and sent with the message.
  • the recipient then decrypts the hash value and produces another hash value from the received message before comparing the two hash values. If the two hash values are the same, there is a very high probability that the message was transmitted intact.
  • a method of processing data in order to verify the authenticity of a document comprising: providing the document with a machine readable encrypted summary of at least a portion of the information contained on the document; using a reader to read the machine readable encrypted summary; using a processor to decrypt the encrypted summary; and causing the processor to display the summary once the decryption has been performed.
  • Such a method is advantageous because it allows the authenticity of a document to be verified without referring to anything other than the document itself.
  • the method may provide the technical effect of reducing the storage requirements needed in order to determine the authenticity of the document; only the information and the encrypted summary are required in order to check the authenticity, rather than a separate document or documents.
  • the method may allow a copy of a document to be provided and the contents of that copy still be verified.
  • the summary may be any data which allows authentication of the information on the document with reference to the summary. Therefore, the summary may contain some of the information or may contain equivalent information. For example, the summary may contain data of a different format to the information, or indeed different information giving enough information to verify the information on the document.
  • the machine readable portion is readable by an optical scanner and most preferably a flat bed optical scanner. It will be appreciated that a flat bed optical scanner is convenient because it allows a wide variety of documents to be scanned when compared to other forms of scanner.
  • the method may comprise sending the encrypted summary to the server across a network connection.
  • a network connection for example the Internet
  • the network connection may comprise the Internet.
  • display of the summary may be caused by sending the encrypted summary across a network connection to the processing apparatus.
  • Such a method is convenient since it allows the verification to occur at sites remote to the processing apparatus; i.e. at any site that has a network connection.
  • the method may further comprise obtaining an electronic copy of the information on the document, which may be by scanning or the like, and comparing the electronic copy with the decrypted encrypted summary in order to authenticate the document. Such an arrangement may allow the authenticity to be checked automatically. In such embodiments the method may not display the decrypted summary and may instead display the result of the authentication.
  • a method of verifying a document comprising: providing a server arranged to receive data containing an encrypted summary of data provided in a document from a network connection to the server; using a processor of the server to decrypt the summary; causing the server to send the decrypted summary across the network.
  • a method of verifying the contents of a document containing information comprising providing an input means arranged to have input thereto the information and to pass the information to a processing means, causing the processing means to process the information and generate encrypted data therefrom and the method further comprising using a printing means to print the encrypted data onto the document in a machine readable format.
  • the printing means is further arranged to print the information onto the document.
  • This provides a convenient means for completing the document with the information and the encrypted data such that the encrypted data may be decrypted at a later time and compared with the information.
  • the method may also comprise providing a scanning means arranged to read the encrypted data.
  • a scanning means provides a convenient way of reading the machine readable encrypted data.
  • printing may mean providing a magnetic strip, an RFID tag, or the like.
  • the scanning means is an optical scanner, and generally a flat bed scanner.
  • Use of such a scanner is advantageous because it allows the encrypted data to simply be printed on the document and subsequently read by the scanner.
  • Such a method may be cheaper than providing magnetic strips, RFID tags and the like.
  • the method further comprises causing the processing means to decrypt the encrypted data once it has been read by the scanning means.
  • Such a method comprises a convenient means of deriving the information used to generate the encrypted data and allowing a check as to the authenticity of the document to be made.
  • the method may further comprise providing a comparison means and causing the processing means to compare the decrypted data with the information using the comparison means.
  • a comparison means provides a convenient means to ensure that the information displayed on the document is not different from the document was intend to display.
  • the scanning means may be arranged to read the information from the document.
  • OCR Optical Character Recognition
  • authentication of the document may be performed automatically with only the document and no further communication may be required. This may reduce the storage requirements for providing the authentication since the information and/or the encrypted data would not need to be stored elsewhere.
  • the method further comprises providing an information storage means and storing the encrypted data in the information storage means.
  • This may provide a convenient mechanism for maintaining a copy of the information storage means .
  • the method comprises storing the encrypted data and at least some of the information the document is arranged to display in the information storage means. This may provide a convenient reference for the encrypted data.
  • the encrypted data is stored in an electronic format suitable for transmission over a network.
  • a system comprising a reader arranged to read at least a portion of a document, the document containing information and having a portion providing an encrypted summary of at least some of the information contained by the document, the system being arranged to read the encrypted summary with the reader, decrypt the summary with a processing means of the system, and to allow authentication of the information on the document with reference to the summary.
  • the system may comprise a server arranged to receive the encrypted summary across a connection to the reader.
  • the connection may be across the Internet, or other network connection. Such an arrangement is convenient since it allows a plurality of readers to be connected to the server.
  • the server may be arranged to transmit the decrypted summary across a network. This may provide a convenient means of allowing the information to be verified at a different location.
  • the system may further comprise a comparison means, arranged to compare the decrypted summary with the information and determine whether the information displayed thereon is correct or whether the information has been tampered with; by way of forgery, alteration, or the like. This provides a convenient means for authenticating the data displayed thereon.
  • a method of authenticating a document comprising providing a reader to read a machine readable portion of a document to be authenticated, the machine readable portion providing an encrypted summary of the information on the document, using a processing means to decrypt the summary to produce decrypted data which is subsequently compared with information on the document to determine whether the document is authentic.
  • Such a method is advantageous as it may allow the data on a document to be verified as the original data without maintaining a separate record of the document. This will result in decreased storage requirements (whether electronic storage or physical storage) over prior art systems.
  • the method may relate to exam certificates but could relate to other types of document.
  • the information may comprise any of the following non-exhaustive list: name, address, gender, one or more qualifications, grade achieved in the or each qualification, date of the award of the qualification, name of the or each institute awarding the qualification, picture of the candidate, or the like.
  • the encrypted summary may comprise any of the pieces of information provided by the document. In the preferred embodiment the summary comprises substantially all of the information provided by the document. In other embodiments the encrypted summary may contain more and/or different information than is provided by the document.
  • the method may be arranged to use the reader to read the information provided by the document.
  • OCR Optical Character Recognition
  • the method may be arranged to automatically compare the information read by the reader with the summary. Such a method is convenient because is it may automatically verify the document.
  • the method may provide a score as the certainty of the match.
  • the method may provide a percentage certainty that the document matches the summary. It will be appreciated that automatic document reading is unlikely to be 100% accurate and that errors may occur such that even the correct document may not verify against the summary information correctly.
  • the method may cause the processing means to reproduce the summary so that it can be checked against the information.
  • a server arranged to receive data comprising an encrypted summary of information contained upon a document, the server being arranged to pass the received data to a processing means which is arranged to decrypt the summary, the server being further arranged to transmit the decrypted summary across a network connection.
  • a method of verifying a document comprising: providing a server arranged to receive data containing an encrypted summary of data provided in a document from a network connection to the server; using a processor of the server to decrypt the summary; causing the server to send the decrypted summary across the network; and debiting an account for the decryption of the summary.
  • An advantage of such a method is that it allows third parties to send encrypted summary data to the server and have it decrypted.
  • the third party will be able to compare the summary data with the information on the document from which the summary data originated and will be able to verify whether or not the document is authentic.
  • a machine readable medium containing instructions which when read onto a computer cause that computer to provide at least a portion of the method of the first aspect of the invention.
  • a ninth aspect of the invention there is provided a machine readable medium containing instructions which when read onto a computer cause that computer to provide at least a portion of the method of the second aspect of the invention.
  • a machine readable medium containing instructions which when read onto a processing apparatus cause that processing apparatus to function as the system of the fourth aspect of the invention.
  • a machine readable medium containing instructions which when read onto a processing apparatus cause that processing apparatus to perform the method of the fifth aspect of the invention.
  • a thirteenth aspect of the invention there is provided a machine readable medium containing instructions which when read onto a processing apparatus cause that processing apparatus to function as the server of the sixth aspect of the invention.
  • a fourteenth aspect of the invention there is provided a machine readable medium containing instructions which when read onto a processing apparatus cause the processing apparatus to provide the method of the seventh aspect of the invention.
  • the machine readable medium of any of the aspects of the invention may be any one or more of the following: a floppy disk; a CDROM/RAM; a DND ROM /RAM (including + R/RW,-R/RW); any form of magneto optical disk; a hard drive; a memory; a transmitted signal (including an internet download, file transfer, or the like); a wire; or any other form of medium.
  • Figure 1 shows a computer system arranged to carry out one or more embodiments of the present invention
  • Figure 2 shows detail of the memory of the computer system of Figure 1;
  • Figure 3 shows an example of a certificate for use in an embodiment of the system;
  • Figure 4 shows a schematic representation of a system according to one embodiment of the present invention
  • Figure 5 shows a schematic representation of the messages sent between two computers according to one embodiment of the present invention
  • Figure 6 shows a schematic representation of a system according to a further embodiment of the present invention.
  • Figure 7 shows a schematic representation of the messages sent between four computers according to one embodiment of the present invention.
  • Figure 1 shows a computer 100 arranged to accept data and to process that data.
  • the computer 100 comprises a display means 102, in this case a Cathode Ray Tube (CRT) display, a keyboard 104, a mouse 106 and processing circuitry 108.
  • CTR Cathode Ray Tube
  • keyboard 104 keyboard 104
  • mouse 106 keyboard
  • processing circuitry 108 processing circuitry
  • LEP Light Emitting Polymer
  • LCD liquid crystal display
  • the processing circuitry 108 comprises a processing means 110, a hard drive 112 (containing a store of data), memory 114 (RAM and ROM), an I/O subsystem 116 and a display driver 117 which all communicate with one another, as is known in the art, via a system bus 118.
  • the processing means 110 typically comprises at least one INTELTM PENTIUMTM series processor, (although it is of course possible for other processors to be used) and performs calculations on data.
  • the other processors may include processors such as the AMDTM ATHLONTM, POWERPCTM, DIGITALTM ALPHATM, and the like.
  • the hard drive 112 is used as mass storage for programs and other data.
  • the memory 114 is described in greater detail below and with reference to Figure 2.
  • the keyboard 104 and the mouse 106 provide input means to the processing means.
  • Other devices such as CDROMS, DVD ROMS, scanners, etc. could be coupled to the system bus 118 and allow for storage of data, communication with other computers over a network, etc. Any such devices may then comprise further input means.
  • the I/O (Input/ Output) subsystem 116 is arranged to receive inputs from the keyboard 104 and from the processing means 110 and may allow communication from other external and/or internal devices.
  • the display driver 117 allows the processing means 110 to display information on the display 102.
  • the processing circuitry 108 further comprises a transmitting/receiving means 120, which is arranged to allow the processing circuitry 108 to communicate with a network.
  • the transmitting/receiving means 120 also communicates with the processing circuitry 108 via the bus 118.
  • the processing circuitry 108 could have the architecture known as a PC, originally based on the IBMTM specification, but could equally have other architectures.
  • the server may be an APPLETM, or may be a RISC system, and may run a variety of operating systems (perhaps HP-UX, LINUX, UNIX, MICROSOFTTM NT, AIXTM, or the like) .
  • the processing circuitry 108 may also be provided by devices such as Personal Digital Assistants (PDA's) , mainframes, telephones, televisions, watches or the like.
  • PDA's Personal Digital Assistants
  • Figure 2 shows the memory 114 of the computer 100 of Figure 1 in greater detail.
  • the memory may be provided by a cache memory, a RAM memory, a local mass storage device such as the hard disk 112, any of these connected to the processing circuitry 108 over a network connection such as via the transmitting/receiving means 120.
  • the processing means 110 can access the memory via the system bus 118, accessing program code to instruct it what steps to perform and also to access the data samples. The processing means 110 then processes the data samples as outlined by the program code.
  • the memory 114 is used to hold instructions that are being executed, such as program code, etc., and contains a program storage portion 150 allocated to program storage.
  • the program storage portion 150 is used to hold program code that can be used to cause the processing means 110 to perform predetermined actions.
  • the memory 114 also comprises a data storage portion 152 allocated to holding data and in embodiments of the present invention in particular provides an image storage means 202, a particular information storage means 204, an encrypted data storage means 208, and a decrypted data storage means 209. The function of these will be expanded upon hereinafter.
  • the program code stored in the program storage pof tion 50 ⁇ includes an encryption means " 2T0 ⁇ a ⁇ decrypti ⁇ n means 212 , an image production means 214 and an image analysis means 216. Again, the function of these will be expanded upon hereinafter.
  • FIG. 3 shows an example of a document for use with the system, which in this example is a degree certificate 300.
  • the certificate 300 comprises two sections.
  • the first section which may be thought of as the information display section 302 is pre-printed with information identifying the awarding body and other standard sections of text.
  • the display section 302 further comprises particular information 304, which is personal to the candidate who has been awarded the degree, and a University seal 306.
  • the second section comprises an encrypted portion 308 comprising the particular information 304 of the display section 302 in an encrypted, machine readable, form as follows.
  • the encrypted portion 308 comprises a pattern formed of dots.
  • the position of the dots is determined by a computational process provided by the program storage portion 150 into which data representing the particular information 304 is fed. Therefore, an optical analysis of the encrypted portion can provide the position of the dots and this information can be used as inputs in the decryption means 212 and the printed information 304 re-generated.
  • the particular information is stored in the particular information storage means 204 and is provided to the encryption means 210 stored in the data storage portion 152 of the memory 114.
  • the encryption means 210 produces encrypted data which is stored in the encrypted data storage means 208.
  • the encrypted data is then used by the image production means 214 to produce an image comprising the encrypted data portion 308 which is stored in the image storage means 202.
  • the image is provided to the printers of the certificate 300 and is printed thereon at the same time as the particular information is added to the certificate 300.
  • FIG. 4 A schematic representation of a system 400 according to one embodiment of the present invention is shown in Figures 4 and 5.
  • the Figures show two computers 100a, 100b which have similar architecture to the computer 100 described in relation to Figure 1 above and like parts are given like reference numbers.
  • the memories 112, 114 of each computer 100a, 100b may not comprise all the data described in relation to the memories of the computer shown in Figure 1.
  • the first computer provides a means for decrypting data, referred to herein as a decryption computer 100a.
  • the second computer 100b comprises a means for supplying a document for validation and is herein labelled an employer computer 100b.
  • the employer computer 100b is capable of communicating with the decryption computer 100a over the Internet as is shown in Figure 4, and in particular the computers 100a, 100b are capable of sending and receiving emails via the transmitting/receiving means 120 of each computer 100a, 100b. It will be appreciated that the computers may be connected by any means of providing a data connection between the two and not necessarily by the Internet.
  • the employer computer comprises a scanner 402 arranged to make inputs to the I/O subsystem 116 and providing a reader for the document.
  • the scanner 402 is of the type known as a flatbed scanner and comprises an optical scanning device which, as will be familiar to those skilled in the art, comprises a means to create a digital image of a physical object, most usually a paper document.
  • a document to be scanned is placed on a clear glass plate within the scanner 402 and is scanned with a lamp, which is moved slowly across the plate. The reflected light is measured by a Charge-Coupled Device (CCD) array.
  • CCD Charge-Coupled Device
  • the CCD array comprises a collection of light sensitive diodes, which convert light into electrical charges; the brighter the light that hits an individual diode of the CCD array, the greater the electrical charge produced by that diode. Darker areas tend to absorb rather than reflect light. Therefore, lower levels of light result in little electrical charge and are interpreted and reproduced as dark areas.
  • FIG 5 a representation of the communications sent between the employer computer 100b and the decryption computer 100a is shown. It will be appreciated that such messages are sent in the form of emails over the Internet via the transmitting/receiving means 120 of the computers 100a, 100b.
  • the data may not be sent as an email and may be sent by any other means of transmitting data across a network.
  • the data may sent using the FTP (File Transfer Protocol), as an MMS (Multimedia Message Service), in a proprietary format or the like.
  • FTP File Transfer Protocol
  • MMS Multimedia Message Service
  • an employer requests sight of a prospective employee's, or candidate's, degree certificate 300 which is of the type shown in Figure 3.
  • the employer scans the certificate using the scanner 402 as step 502.
  • the employer computer 100b stores the image in the image storage mean 202. It will be appreciated that the image comprises both the display section 302 and the encrypted portion 308.
  • the employer attaches the image to an email and, in step 504, emails the image with a request for validation of the information displayed on the certificate 300 to the decryption computer 100a.
  • Other embodiments of the invention may transmit only part of the certificate 300.
  • the encrypted portion 308 may be transmitted which is advantageous because it can help to reduce communication overheads - reducing bandwidth requirements and the length of the communication.
  • the decryption computer 100a may be simpler for the employer to send the entire image.
  • the employer computer 100b may be arranged to automatically detect the encrypted portion 308 and scan substantially only that portion.
  • step 506 the image is received by the decryption computer 100a, is stored in the image storage means 202 and is supplied to the image analysis means 216.
  • the image analysis means 216 derives the encrypted data (step 508), which is in turn stored in the encrypted data storage means 208 (step 510) .
  • the encrypted data is then used as inputs to the decryption means 212 and the data is decrypted in step 512.
  • the decrypted data is stored in the decrypted data storage means 209.
  • the decrypted data is then attached to an email and sent to the employer computer 100b in an email as step 516.
  • the forgery of the display section 302 is more easily achieved that the forgery of the encrypted portion 308, which in particular requires the details of the encryption means 210 and/or the decryption means 212 to be known or derived.
  • the decrypted data will not correspond with the particular information 304 of the display section 302.
  • the employer can therefore determine whether a forgery of the display section 302 has occurred by comparing the decrypted data with the particular information 304 in step 518.
  • the candidate did obtain the degree mentioned but was awarded a different (presumably lower) grade. They may then have tampered with the particular information 304 on the certificate 300. If this is the case then the decrypted data will reveal the level of degree actually awarded. Second, the degree may have been awarded to a different person and the particular information relating to the name has been changed and the decrypted data would reveal the real name. Third, the certificate 300 could have been manufactured from scratch and a 'look-alike' portion produced in place of the encrypted portion 308.
  • the decryption means 212 will likely produce an error message.
  • data it will be substantially meaningless but will highlight that a forgery has likely occurred.
  • a plurality of computers each of which has similar architecture to that described in relation to the computer 100 of Figure 1.
  • the memories 112, 114 of each computer may not comprise all the data described in relation to the memories of the computer shown in Figure 1.
  • These computers 100a, 100b, 100c, lOOd are capable of communicating over a network, in this case the Internet, forming a network 600 as is shown in Figure 6.
  • the computers 100a, 100b, 100c, lOOd need not be capable of communicating with each other at the same time and indeed, for the purposes of carrying out some embodiments of the present invention, some computers 100a, 100b, 100c, lOOd need not be capable of communicating with specified others of the computers 100a, 100b, 100c, lOOd.
  • an employer computer 100b and a decryption computer 100a as described in relation to the above embodiment.
  • a document storage computer 100c and a document input computer lOOd.
  • the document input computer lOOd comprises a scanner 402d, which is similar to that described in relation to the scanner 402 of the employer computer 100b.
  • a preliminary step 702 which comprises scanning the certificate 300 using the scanner 402d of the document input computer lOOd to obtain an image of the certificate 300 before the certificate 300 is awarded to a student.
  • the University or the Examining body provides the document input computer lOOd
  • the printers of the certificates 100 may provide the document input computer lOOd .
  • the image is saved in the image storage means 202 and is emailed to the certificate storage computer 100c (step 704).
  • the certificate storage computer 100c comprises a computer of the candidate. There, it is stored in the image storage means 202 until required (step 706).
  • the certificate storage computer 100c may comprise a database of a number of certificates 100 rather than be the candidate's own computer. Further embodiments are envisaged in which the certificate is not scanned but the some or all of the information contained thereon represented in an alternative form, for example typed in using the keyboard 104.
  • the particular information 304 displayed thereon can be checked as follows.
  • An employer has sight of a prospective employee's, or candidate's, degree certificate 300 of the type shown in Figure 3 in one of two ways.
  • the certificate is provided by the candidate (step 708) .
  • the employer scans the certificate using the scanner 402 in the manner described above.
  • the certificate may be sent from the certificate storage computer 100c. This may be sent at the request of the employer.
  • the certificate 300 is then emailed to the employer computer 100b in step 710.
  • the employer computer 100b stores the image in the image storage mean 202 in step 712.
  • the employer attaches the image to an email and, in step 714, emails the image with a request for validation of the information displayed on the certificate 300 to the decryption computer 100a.
  • step 716 the image is received by the decryption computer 100a, is stored in the image storage means 202 and is supplied to the image analysis means 216.
  • the image analysis means 216 analyses the image
  • step 718) to derive the encrypted data (step 720), which is in turn stored in the encrypted data storage means 208.
  • the encrypted data is then used as inputs in the decryption means 212 and the data is decrypted in step 722.
  • the decrypted data is stored in the decrypted data storage means 209 in step 724.
  • the decrypted data is then attached to an email and sent to the employer computer 100b in an email as step 726. This is received by the employer in step 728 and is stored in the decrypted data storage means 209.
  • the employer then causes the decrypted data to be and is supplied to the image analysis means 216 which performs an optical character recognition test on the data and on the particular information 300.
  • the employer can then determine whether a forgery of the display section 302 has occurred (step 730). In this manner, the image analysis means is acting as a comparison means (step 732) .
  • the encrypted portion 308 of the certificate 300 may be on the reverse of the certificate 300 so as not to disrupt the aesthetics of the certificate. Equally, the encrypted portion 308 need not be scanned; the image may be captured in an alternative manner, for example by use of a digital camera or a facsimile machine.
  • the certificate 300 may comprise (on the front or back) instructions to the employer as to how to obtain the decrypted data, which may include a unique candidate number to identify the certificate 300.
  • a user of the decryption computer 100a compares the decrypted data with the particular information 304.
  • the decryption means may be provided, for example by software, on the employer computer 100b and steps 504 and 516 need not be carried out (i.e. the image need not be emailed). Storing the image of the certificate may enable true copies to be produced in the event that an original certificate 300 is lost.
  • the encrypted portion may be arranged to have a different appearance.
  • the encrypted data may be laid over a further image to improve the aesthetics of the certificate.
  • the method of encryption or decryption may be standard or may be chosen according to some aspect of the particular data 304.
  • the encrypted data may not comprise all of the particular data 304 or it may comprise information not included in the particular data 304. In the present example concerning a university certificate, the encrypted data may additionally comprise details of the candidate's age, gender, courses taken in making up the degree or other data. In alternative scenarios, the additional data may comprise other information.

Abstract

A system comprising a reader (402) arranged to read at least a portion of a document (300), the document containing information and having a portion providing an encrypted summary (308) of at least some of the information contained by the document (300), the system being arranged to read the encrypted summary with the reader (402), decrypt the summary (308) with a processing means of the system, and to allow authentication of the information on the document with reference to the summary.

Description

DOCUMENT AUTHENTICATION SYSTEM AND RELATED METHODS
This invention relates to a document authentication system and related methods. In particular, but not exclusively, it relates to the authentication of documents relating to qualifications, for example university degree certificates. The invention may also relate to the authentication of other documents, such as insurance certificates, invoices, bills of lading, vehicle licences, deeds of ownership, contracts, bonds, gun licenses, police check documents, fishing licenses, MOTs, driving licenses, vouchers, tickets, etc.
Growing concern about personal, national and international safety means it is becoming increasingly relevant that documents are verified as having been issued from a recognised and trusted source and that the information they provide is correct. Further, an increasing level of corporate responsibility means that employers are more likely to desire to check the authenticity of prospective employees' qualifications.
A large industry has grown up around technologies such as watermarking, anti-photocopy paper, and the like, in an attempt to increase the security of documents. Such technologies generally aim to prevent a document from being copied, or to mark any copy in order that it is clearly identified as a copy. For example, technologies are known which rely on dots of at least two sizes, one above the copy threshold of a photocopier and one below the copy threshold, such that hidden markings are revealed when a document is copied on a photocopier.
However, a different, but related problem, is addressed by this application. It may be desirable to allow copying to take place' such that a holder of the document can use the document as they wish but should copies be made it is desirable to show that the information contained in the copy is the same as in the original.
Usually, the veracity of information contained, for example, on a degree certificate can be checked against an alternative source of the information. For example, in the past, it has been possible to check the authenticity of a university degree certificate by contacting the issuing authority. This is time consuming, and assumes that the issuing authority is open to such enquiry, maintains accurate records and is still in existence (a particular problem as educational certificates are likely to be required for a number of decades after their issue). Similar systems may be in operation to allow the veracity of data displayed on other document types, such as invoices, other qualifications, security clearance documents, etc. Such systems inherently require the duplication of information and the maintenance of at least two distinct sources of information. This obviously adds to the storage requirements of a system and causes delays in verifying information as a remote source must be accessed.
Further systems exist, such as that described in US2004/0049463 in the name of Kwon, in which certificates are issued via a network on request along with an encrypted version. This can be decrypted to verify that the certificate has been received in a complete and unamended form.
Further examples exist which rely on the use of hash values which are generated by a formula in such a way that it is highly improbable that some other text will produce the same hash value and generally requires less storage space than the text it represents. Hash values are generally used to ensure that electronic messages have not been tampered with. The hash value is encrypted and sent with the message. The recipient then decrypts the hash value and produces another hash value from the received message before comparing the two hash values. If the two hash values are the same, there is a very high probability that the message was transmitted intact.
A further system is described in WO02/19075, in the name of Spectros Corporation, which relates to storing checksums generated from a computer file on a server, which can later be used to verify the identity of a computer file. Again, this system requires two sources of data to be maintained.
In certain situations, such as when presenting any of the following kinds of document: a degree certificate for a job interview, an identity document such as an i.d. card, a vehicle inspection documents, or the like, it may be desirable to check the validity of the contents as quickly as possible in order to avoid delays. A problem therefore arises as to how this can be achieved without requiring specifically designed hardware and/or network connections, etc.
There is therefore a need to provide a secure, efficient means to authenticate documents while avoiding the need to maintain separate sources of information as is required by the prior art.
According to a first aspect of the invention there is provided a method of processing data in order to verify the authenticity of a document, the method comprising: providing the document with a machine readable encrypted summary of at least a portion of the information contained on the document; using a reader to read the machine readable encrypted summary; using a processor to decrypt the encrypted summary; and causing the processor to display the summary once the decryption has been performed.
Such a method is advantageous because it allows the authenticity of a document to be verified without referring to anything other than the document itself. As such the method may provide the technical effect of reducing the storage requirements needed in order to determine the authenticity of the document; only the information and the encrypted summary are required in order to check the authenticity, rather than a separate document or documents.
The method may allow a copy of a document to be provided and the contents of that copy still be verified.
It will be appreciated that the summary may be any data which allows authentication of the information on the document with reference to the summary. Therefore, the summary may contain some of the information or may contain equivalent information. For example, the summary may contain data of a different format to the information, or indeed different information giving enough information to verify the information on the document.
In a preferred embodiment the machine readable portion is readable by an optical scanner and most preferably a flat bed optical scanner. It will be appreciated that a flat bed optical scanner is convenient because it allows a wide variety of documents to be scanned when compared to other forms of scanner.
The method may comprise sending the encrypted summary to the server across a network connection. Such a method is convenient as it allows the authenticity of a document to be checked without requiring dedicated software and/or hardware; many typical computer installations have a scanner and a network connection thereto (for example the Internet) .
The network connection may comprise the Internet.
In some embodiments display of the summary, once decryption has been performed, may be caused by sending the encrypted summary across a network connection to the processing apparatus. Such a method is convenient since it allows the verification to occur at sites remote to the processing apparatus; i.e. at any site that has a network connection.
The method may further comprise obtaining an electronic copy of the information on the document, which may be by scanning or the like, and comparing the electronic copy with the decrypted encrypted summary in order to authenticate the document. Such an arrangement may allow the authenticity to be checked automatically. In such embodiments the method may not display the decrypted summary and may instead display the result of the authentication.
According to a second aspect of the invention there is provided a method of verifying a document comprising: providing a server arranged to receive data containing an encrypted summary of data provided in a document from a network connection to the server; using a processor of the server to decrypt the summary; causing the server to send the decrypted summary across the network. An advantage of such a method is that allows a third party to verify the authenticity of a document in their possession.
According to a third aspect of the invention there is provided a method of verifying the contents of a document containing information, the method comprising providing an input means arranged to have input thereto the information and to pass the information to a processing means, causing the processing means to process the information and generate encrypted data therefrom and the method further comprising using a printing means to print the encrypted data onto the document in a machine readable format.
This is advantageous as it allows a document to contain not only its information but also the encrypted data which may be used to validate the information. This may allow later forgery of the information to be detected from just the document without needing to refer to other sources.
Advantageously, the printing means is further arranged to print the information onto the document. This provides a convenient means for completing the document with the information and the encrypted data such that the encrypted data may be decrypted at a later time and compared with the information.
The method may also comprise providing a scanning means arranged to read the encrypted data. Such a scanning means provides a convenient way of reading the machine readable encrypted data.
The skilled person will appreciate that many scanning means exist and any of these would be suitable. For example any of the following non- exhaustive list may be suitable: optical scanner; bar code reader; magnetic strip reader; RFID (Radio Frequency I.D) tag reader; or the like. Thus, in some embodiments printing may mean providing a magnetic strip, an RFID tag, or the like.
However, in perhaps a preferred embodiment the scanning means is an optical scanner, and generally a flat bed scanner. Use of such a scanner is advantageous because it allows the encrypted data to simply be printed on the document and subsequently read by the scanner. Such a method may be cheaper than providing magnetic strips, RFID tags and the like.
Preferably, the method further comprises causing the processing means to decrypt the encrypted data once it has been read by the scanning means. Such a method comprises a convenient means of deriving the information used to generate the encrypted data and allowing a check as to the authenticity of the document to be made.
The method may further comprise providing a comparison means and causing the processing means to compare the decrypted data with the information using the comparison means. Such a method provides a convenient means to ensure that the information displayed on the document is not different from the document was intend to display. In some embodiments the scanning means may be arranged to read the information from the document. For example an optical scanner may use OCR (Optical Character Recognition) to generate the information. As such authentication of the document may be performed automatically with only the document and no further communication may be required. This may reduce the storage requirements for providing the authentication since the information and/or the encrypted data would not need to be stored elsewhere.
Preferably, the method further comprises providing an information storage means and storing the encrypted data in the information storage means. This may provide a convenient mechanism for maintaining a copy of the information storage means .
In some embodiments, the method comprises storing the encrypted data and at least some of the information the document is arranged to display in the information storage means. This may provide a convenient reference for the encrypted data.
In a preferred embodiment, the encrypted data is stored in an electronic format suitable for transmission over a network.
According to a fourth aspect of the invention there is provided a system comprising a reader arranged to read at least a portion of a document, the document containing information and having a portion providing an encrypted summary of at least some of the information contained by the document, the system being arranged to read the encrypted summary with the reader, decrypt the summary with a processing means of the system, and to allow authentication of the information on the document with reference to the summary.
The system may comprise a server arranged to receive the encrypted summary across a connection to the reader. The connection may be across the Internet, or other network connection. Such an arrangement is convenient since it allows a plurality of readers to be connected to the server.
In some embodiments, the server may be arranged to transmit the decrypted summary across a network. This may provide a convenient means of allowing the information to be verified at a different location. The system may further comprise a comparison means, arranged to compare the decrypted summary with the information and determine whether the information displayed thereon is correct or whether the information has been tampered with; by way of forgery, alteration, or the like. This provides a convenient means for authenticating the data displayed thereon.
According to a fifth aspect of the invention there is provided a method of authenticating a document, the method comprising providing a reader to read a machine readable portion of a document to be authenticated, the machine readable portion providing an encrypted summary of the information on the document, using a processing means to decrypt the summary to produce decrypted data which is subsequently compared with information on the document to determine whether the document is authentic.
Such a method is advantageous as it may allow the data on a document to be verified as the original data without maintaining a separate record of the document. This will result in decreased storage requirements (whether electronic storage or physical storage) over prior art systems.
In one example the method may relate to exam certificates but could relate to other types of document.
The information may comprise any of the following non-exhaustive list: name, address, gender, one or more qualifications, grade achieved in the or each qualification, date of the award of the qualification, name of the or each institute awarding the qualification, picture of the candidate, or the like. The encrypted summary may comprise any of the pieces of information provided by the document. In the preferred embodiment the summary comprises substantially all of the information provided by the document. In other embodiments the encrypted summary may contain more and/or different information than is provided by the document.
The method may be arranged to use the reader to read the information provided by the document. For example OCR (Optical Character Recognition) may be used. Further, the method may be arranged to automatically compare the information read by the reader with the summary. Such a method is convenient because is it may automatically verify the document.
In such automatic methods the method may provide a score as the certainty of the match. For example the method may provide a percentage certainty that the document matches the summary. It will be appreciated that automatic document reading is unlikely to be 100% accurate and that errors may occur such that even the correct document may not verify against the summary information correctly.
In other additional, or alternative, embodiments the method may cause the processing means to reproduce the summary so that it can be checked against the information.
According to a fifth aspect of the invention there is provided a server arranged to receive data comprising an encrypted summary of information contained upon a document, the server being arranged to pass the received data to a processing means which is arranged to decrypt the summary, the server being further arranged to transmit the decrypted summary across a network connection. According to a sixth aspect of the invention there is provided a method of verifying a document comprising: providing a server arranged to receive data containing an encrypted summary of data provided in a document from a network connection to the server; using a processor of the server to decrypt the summary; causing the server to send the decrypted summary across the network; and debiting an account for the decryption of the summary.
An advantage of such a method is that it allows third parties to send encrypted summary data to the server and have it decrypted. The third party will be able to compare the summary data with the information on the document from which the summary data originated and will be able to verify whether or not the document is authentic.
According to an eighth aspect of the invention there is provided a machine readable medium containing instructions which when read onto a computer cause that computer to provide at least a portion of the method of the first aspect of the invention.
According to a ninth aspect of the invention there is provided a machine readable medium containing instructions which when read onto a computer cause that computer to provide at least a portion of the method of the second aspect of the invention. According to a tenth aspect of the invention there is provided a machine readable medium containing instructions which when read onto a processing apparatus cause that processing apparatus to perform at least a portion of the method of the third aspect of the invention.
According to an eleventh aspect of the invention there is provided a machine readable medium containing instructions which when read onto a processing apparatus cause that processing apparatus to function as the system of the fourth aspect of the invention.
According to a twelfth aspect of the invention there is provided a machine readable medium containing instructions which when read onto a processing apparatus cause that processing apparatus to perform the method of the fifth aspect of the invention.
According to a thirteenth aspect of the invention there is provided a machine readable medium containing instructions which when read onto a processing apparatus cause that processing apparatus to function as the server of the sixth aspect of the invention.
According to a fourteenth aspect of the invention there is provided a machine readable medium containing instructions which when read onto a processing apparatus cause the processing apparatus to provide the method of the seventh aspect of the invention.
The machine readable medium of any of the aspects of the invention may be any one or more of the following: a floppy disk; a CDROM/RAM; a DND ROM /RAM (including + R/RW,-R/RW); any form of magneto optical disk; a hard drive; a memory; a transmitted signal (including an internet download, file transfer, or the like); a wire; or any other form of medium. The skilled person will appreciate that any of the features discussed in relation to any of the above aspects of the invention may equally be applied to any of the other aspects of the invention.
Embodiments of the present invention are now described, by way of example only and with reference to the following figures of which:
Figure 1 shows a computer system arranged to carry out one or more embodiments of the present invention;
Figure 2 shows detail of the memory of the computer system of Figure 1; Figure 3 shows an example of a certificate for use in an embodiment of the system;
Figure 4 shows a schematic representation of a system according to one embodiment of the present invention;
Figure 5 shows a schematic representation of the messages sent between two computers according to one embodiment of the present invention; Figure 6 shows a schematic representation of a system according to a further embodiment of the present invention; and
Figure 7 shows a schematic representation of the messages sent between four computers according to one embodiment of the present invention. Figure 1 shows a computer 100 arranged to accept data and to process that data. The computer 100 comprises a display means 102, in this case a Cathode Ray Tube (CRT) display, a keyboard 104, a mouse 106 and processing circuitry 108. It will be appreciated that other display means such as LEP (Light Emitting Polymer), LCD (liquid crystal display) , projectors, televisions and the like may be equally possible.
The processing circuitry 108 comprises a processing means 110, a hard drive 112 (containing a store of data), memory 114 (RAM and ROM), an I/O subsystem 116 and a display driver 117 which all communicate with one another, as is known in the art, via a system bus 118. The processing means 110 typically comprises at least one INTEL™ PENTIUM™ series processor, (although it is of course possible for other processors to be used) and performs calculations on data. The other processors may include processors such as the AMD™ ATHLON™, POWERPC™, DIGITAL™ ALPHA™, and the like.
The hard drive 112 is used as mass storage for programs and other data. The memory 114 is described in greater detail below and with reference to Figure 2.
The keyboard 104 and the mouse 106 provide input means to the processing means. Other devices such as CDROMS, DVD ROMS, scanners, etc. could be coupled to the system bus 118 and allow for storage of data, communication with other computers over a network, etc. Any such devices may then comprise further input means.
The I/O (Input/ Output) subsystem 116 is arranged to receive inputs from the keyboard 104 and from the processing means 110 and may allow communication from other external and/or internal devices. The display driver 117 allows the processing means 110 to display information on the display 102.
The processing circuitry 108 further comprises a transmitting/receiving means 120, which is arranged to allow the processing circuitry 108 to communicate with a network. The transmitting/receiving means 120 also communicates with the processing circuitry 108 via the bus 118.
The processing circuitry 108 could have the architecture known as a PC, originally based on the IBM™ specification, but could equally have other architectures. The server may be an APPLE™, or may be a RISC system, and may run a variety of operating systems (perhaps HP-UX, LINUX, UNIX, MICROSOFT™ NT, AIX™, or the like) . The processing circuitry 108 may also be provided by devices such as Personal Digital Assistants (PDA's) , mainframes, telephones, televisions, watches or the like.
Figure 2 shows the memory 114 of the computer 100 of Figure 1 in greater detail. It will be appreciated that although reference is made to a memory 114 it is possible that the memory could be provided by a variety of devices. For example, the memory may be provided by a cache memory, a RAM memory, a local mass storage device such as the hard disk 112, any of these connected to the processing circuitry 108 over a network connection such as via the transmitting/receiving means 120. However, the processing means 110 can access the memory via the system bus 118, accessing program code to instruct it what steps to perform and also to access the data samples. The processing means 110 then processes the data samples as outlined by the program code.
The memory 114 is used to hold instructions that are being executed, such as program code, etc., and contains a program storage portion 150 allocated to program storage. The program storage portion 150 is used to hold program code that can be used to cause the processing means 110 to perform predetermined actions.
The memory 114 also comprises a data storage portion 152 allocated to holding data and in embodiments of the present invention in particular provides an image storage means 202, a particular information storage means 204, an encrypted data storage means 208, and a decrypted data storage means 209. The function of these will be expanded upon hereinafter.
In this embodiment, the program code stored in the program storage pof tion 50~ includes an encryption means"2T0~a~decryptiσn means 212 , an image production means 214 and an image analysis means 216. Again, the function of these will be expanded upon hereinafter.
Figure 3 shows an example of a document for use with the system, which in this example is a degree certificate 300. The certificate 300 comprises two sections. The first section, which may be thought of as the information display section 302 is pre-printed with information identifying the awarding body and other standard sections of text. The display section 302 further comprises particular information 304, which is personal to the candidate who has been awarded the degree, and a University seal 306. The second section comprises an encrypted portion 308 comprising the particular information 304 of the display section 302 in an encrypted, machine readable, form as follows.
In the example of the Figures, the encrypted portion 308 comprises a pattern formed of dots. The position of the dots is determined by a computational process provided by the program storage portion 150 into which data representing the particular information 304 is fed. Therefore, an optical analysis of the encrypted portion can provide the position of the dots and this information can be used as inputs in the decryption means 212 and the printed information 304 re-generated. In the system described herein, the particular information is stored in the particular information storage means 204 and is provided to the encryption means 210 stored in the data storage portion 152 of the memory 114. The encryption means 210 produces encrypted data which is stored in the encrypted data storage means 208. The encrypted data is then used by the image production means 214 to produce an image comprising the encrypted data portion 308 which is stored in the image storage means 202. The image is provided to the printers of the certificate 300 and is printed thereon at the same time as the particular information is added to the certificate 300.
A schematic representation of a system 400 according to one embodiment of the present invention is shown in Figures 4 and 5. The Figures show two computers 100a, 100b which have similar architecture to the computer 100 described in relation to Figure 1 above and like parts are given like reference numbers. However the memories 112, 114 of each computer 100a, 100b may not comprise all the data described in relation to the memories of the computer shown in Figure 1.
The first computer provides a means for decrypting data, referred to herein as a decryption computer 100a. The second computer 100b comprises a means for supplying a document for validation and is herein labelled an employer computer 100b. The employer computer 100b is capable of communicating with the decryption computer 100a over the Internet as is shown in Figure 4, and in particular the computers 100a, 100b are capable of sending and receiving emails via the transmitting/receiving means 120 of each computer 100a, 100b. It will be appreciated that the computers may be connected by any means of providing a data connection between the two and not necessarily by the Internet.
The employer computer comprises a scanner 402 arranged to make inputs to the I/O subsystem 116 and providing a reader for the document. The scanner 402 is of the type known as a flatbed scanner and comprises an optical scanning device which, as will be familiar to those skilled in the art, comprises a means to create a digital image of a physical object, most usually a paper document. A document to be scanned is placed on a clear glass plate within the scanner 402 and is scanned with a lamp, which is moved slowly across the plate. The reflected light is measured by a Charge-Coupled Device (CCD) array. The CCD array comprises a collection of light sensitive diodes, which convert light into electrical charges; the brighter the light that hits an individual diode of the CCD array, the greater the electrical charge produced by that diode. Darker areas tend to absorb rather than reflect light. Therefore, lower levels of light result in little electrical charge and are interpreted and reproduced as dark areas.
In Figure 5, a representation of the communications sent between the employer computer 100b and the decryption computer 100a is shown. It will be appreciated that such messages are sent in the form of emails over the Internet via the transmitting/receiving means 120 of the computers 100a, 100b. In other embodiments the data may not be sent as an email and may be sent by any other means of transmitting data across a network. For example, the data may sent using the FTP (File Transfer Protocol), as an MMS (Multimedia Message Service), in a proprietary format or the like.
In the example now described, an employer requests sight of a prospective employee's, or candidate's, degree certificate 300 which is of the type shown in Figure 3. On receipt of the certificate 300, the employer scans the certificate using the scanner 402 as step 502. The employer computer 100b stores the image in the image storage mean 202. It will be appreciated that the image comprises both the display section 302 and the encrypted portion 308. The employer attaches the image to an email and, in step 504, emails the image with a request for validation of the information displayed on the certificate 300 to the decryption computer 100a. Other embodiments of the invention may transmit only part of the certificate 300. For example only, the encrypted portion 308 may be transmitted which is advantageous because it can help to reduce communication overheads - reducing bandwidth requirements and the length of the communication.
It will be appreciated from the ensuing description that only the encrypted portion 308 of the certificate is necessarily sent (and therefore necessarily scanned) to the decryption computer 100a. However, it may be simpler for the employer to send the entire image. In other embodiments the employer computer 100b may be arranged to automatically detect the encrypted portion 308 and scan substantially only that portion.
In step 506, the image is received by the decryption computer 100a, is stored in the image storage means 202 and is supplied to the image analysis means 216. The image analysis means 216 derives the encrypted data (step 508), which is in turn stored in the encrypted data storage means 208 (step 510) . The encrypted data is then used as inputs to the decryption means 212 and the data is decrypted in step 512. The decrypted data is stored in the decrypted data storage means 209. The decrypted data is then attached to an email and sent to the employer computer 100b in an email as step 516. It will be appreciated that the forgery of the display section 302 is more easily achieved that the forgery of the encrypted portion 308, which in particular requires the details of the encryption means 210 and/or the decryption means 212 to be known or derived. When such forgery of the display section 302 has occurred, the decrypted data will not correspond with the particular information 304 of the display section 302. The employer can therefore determine whether a forgery of the display section 302 has occurred by comparing the decrypted data with the particular information 304 in step 518.
Three possible ways in which a forgery of the certificate 300 may be carried out are now discussed although there may of course be other ways. First, the candidate did obtain the degree mentioned but was awarded a different (presumably lower) grade. They may then have tampered with the particular information 304 on the certificate 300. If this is the case then the decrypted data will reveal the level of degree actually awarded. Second, the degree may have been awarded to a different person and the particular information relating to the name has been changed and the decrypted data would reveal the real name. Third, the certificate 300 could have been manufactured from scratch and a 'look-alike' portion produced in place of the encrypted portion 308. In this case, it is unlikely that it will be possible to derive 'decrypted' data; the decryption means 212 will likely produce an error message. Alternatively, if data is produced, it will be substantially meaningless but will highlight that a forgery has likely occurred.
In a second embodiment now described, there are provided a plurality of computers (in this case four computers 100a, 100b, 100c, lOOd) each of which has similar architecture to that described in relation to the computer 100 of Figure 1. However the memories 112, 114 of each computer may not comprise all the data described in relation to the memories of the computer shown in Figure 1. These computers 100a, 100b, 100c, lOOd are capable of communicating over a network, in this case the Internet, forming a network 600 as is shown in Figure 6. However, as will be appreciated from the ensuing description, the computers 100a, 100b, 100c, lOOd need not be capable of communicating with each other at the same time and indeed, for the purposes of carrying out some embodiments of the present invention, some computers 100a, 100b, 100c, lOOd need not be capable of communicating with specified others of the computers 100a, 100b, 100c, lOOd.
In the embodiment here described, there is provided an employer computer 100b and a decryption computer 100a as described in relation to the above embodiment. There is further provided a document storage computer 100c and a document input computer lOOd. The document input computer lOOd comprises a scanner 402d, which is similar to that described in relation to the scanner 402 of the employer computer 100b.
The processes carried out on and between the computers 100a, 100b, 100c, lOOd are summarised in Figure 7. In the embodiment now described there are various mechanisms for checking the data shown on the certificate 300, which are described below.
In this embodiment, there is a preliminary step 702 which comprises scanning the certificate 300 using the scanner 402d of the document input computer lOOd to obtain an image of the certificate 300 before the certificate 300 is awarded to a student. It is envisaged that the University or the Examining body provides the document input computer lOOd Alternatively, the printers of the certificates 100 may provide the document input computer lOOd . The image is saved in the image storage means 202 and is emailed to the certificate storage computer 100c (step 704). In this example, the certificate storage computer 100c comprises a computer of the candidate. There, it is stored in the image storage means 202 until required (step 706). In an alternative embodiment, the certificate storage computer 100c may comprise a database of a number of certificates 100 rather than be the candidate's own computer. Further embodiments are envisaged in which the certificate is not scanned but the some or all of the information contained thereon represented in an alternative form, for example typed in using the keyboard 104.
When the certificate is later required by an employer, the particular information 304 displayed thereon can be checked as follows.
An employer has sight of a prospective employee's, or candidate's, degree certificate 300 of the type shown in Figure 3 in one of two ways.
As the first such way, the certificate is provided by the candidate (step 708) . On receipt of the certificate 300, the employer scans the certificate using the scanner 402 in the manner described above.
Second, the certificate may be sent from the certificate storage computer 100c. This may be sent at the request of the employer. The certificate 300 is then emailed to the employer computer 100b in step 710. In either case, the employer computer 100b stores the image in the image storage mean 202 in step 712. The employer attaches the image to an email and, in step 714, emails the image with a request for validation of the information displayed on the certificate 300 to the decryption computer 100a.
In step 716, the image is received by the decryption computer 100a, is stored in the image storage means 202 and is supplied to the image analysis means 216. The image analysis means 216, analyses the image
(step 718) to derive the encrypted data (step 720), which is in turn stored in the encrypted data storage means 208. The encrypted data is then used as inputs in the decryption means 212 and the data is decrypted in step 722. The decrypted data is stored in the decrypted data storage means 209 in step 724. The decrypted data is then attached to an email and sent to the employer computer 100b in an email as step 726. This is received by the employer in step 728 and is stored in the decrypted data storage means 209. The employer then causes the decrypted data to be and is supplied to the image analysis means 216 which performs an optical character recognition test on the data and on the particular information 300. The employer can then determine whether a forgery of the display section 302 has occurred (step 730). In this manner, the image analysis means is acting as a comparison means (step 732) .
It will be appreciated that some variations of the present invention are anticipated that do not depart from the scope and spirit of the invention. For example, the encrypted portion 308 of the certificate 300 may be on the reverse of the certificate 300 so as not to disrupt the aesthetics of the certificate. Equally, the encrypted portion 308 need not be scanned; the image may be captured in an alternative manner, for example by use of a digital camera or a facsimile machine. The certificate 300 may comprise (on the front or back) instructions to the employer as to how to obtain the decrypted data, which may include a unique candidate number to identify the certificate 300. In an alternative embodiment, a user of the decryption computer 100a compares the decrypted data with the particular information 304. Alternatively, the decryption means may be provided, for example by software, on the employer computer 100b and steps 504 and 516 need not be carried out (i.e. the image need not be emailed). Storing the image of the certificate may enable true copies to be produced in the event that an original certificate 300 is lost. The encrypted portion may be arranged to have a different appearance. For example, the encrypted data may be laid over a further image to improve the aesthetics of the certificate. The method of encryption or decryption may be standard or may be chosen according to some aspect of the particular data 304. The encrypted data may not comprise all of the particular data 304 or it may comprise information not included in the particular data 304. In the present example concerning a university certificate, the encrypted data may additionally comprise details of the candidate's age, gender, courses taken in making up the degree or other data. In alternative scenarios, the additional data may comprise other information.

Claims

1. A system comprising a reader arranged to read at least a portion of a document, the document containing information and having a portion providing an encrypted summary of at least some of the information contained by the document, the system being arranged to read the encrypted summary with the reader, decrypt the summary with a processing means of the system, and to allow authentication of the information on the document with reference to the summary.
2. A system according to claim 1 which comprises a server arranged to receive the encrypted summary across a connection to the reader.
3. A system according to claim 2 in which the connection is across a network.
4. A system according to claims 2 or 3 in which the server is arranged to transmit the decrypted summary across a network.
5. A document comprising information and further comprising machine readable encrypted summary of at least a portion of the information, the encrypted summary being such that a decryption thereof can be used to verify the authenticity of the document.
6. A document according to claim 5 in which a decryption of the encrypted portion provides at least some of the information.
7. A document according to claim 5 or claim 6 in which a decryption of the encrypted portion provides additional information to that contained in the document.
8. A document according to any of claims 5 to 7 which is certificate of qualification.
9. A method of processing data in order to verify the authenticity of a document, the method comprising: providing the document with a machine readable encrypted summary of at least a portion of the information contained on the document; using a reader to read the machine readable encrypted summary; using a processor to decrypt the encrypted summary; and causing the processor to display the summary once the decryption has been performed.
10. A method of processing data according to claim 9 in which the machine readable portion is readable by an optical scanner.
11. A method of processing data according to claim 9 or 10 which comprises sending the encrypted summary across a network connection to the processing apparatus.
12. A method of processing data according to any of claims 9 to 11 which comprises obtaining an electronic copy of the information on the document, and comparing the electronic copy with the decrypted encrypted summary in order to authenticate the document.
13. A method of processing data according to claim 12 which comprises displaying the result of the authentication.
14. A method of verifying a document comprising: providing a server arranged to receive data containing an encrypted summary of data provided in a document from a network connection to the server; using a processor of the server to decrypt the summary; causing the server to send the decrypted summary across the network.
15. A method of verifying the contents of a document containing information, the method comprising providing an input means arranged to have input thereto at least a summary of the information and to pass at least the summary to a processing means, causing the processing means to process at least the summary and generate encrypted data therefrom and the method further comprising using a printing means to print the encrypted data onto the document in a machine readable format.
16. A method of verifying the contents of a document according to claim 15 in which the printing means is arranged to print the information onto the document.
17. A method of verifying the contents of a document according claim 15 or claim 16 which comprises providing a scanning means arranged to read the encrypted data.
18. A method of verifying the contents of a document according claim 17 in which the scanning means is an optical scanner.
19. A method of verifying the contents of a document according to claim 17 or 18 which comprises causing the processing means to decrypt the encrypted data once it has been read by the scanning means.
20. A method of verifying the contents of a document according any of claims 15 to 19 which comprises providing a comparison means and causing the processing means to compare the decrypted data with the information using the comparison means.
21. A method of verifying the contents of a document according to claim 20 as it depends from any of claims 17 to 19 in which the scanning means is arranged to read the information from the document.
22. A method of authenticating a document, the method comprising providing a reader to read a machine readable portion of a document to be authenticated, the machine readable portion providing an encrypted summary of the information on the document, using a processing means to decrypt the summary to produce decrypted data which is subsequently compared with information on the document to determine whether the document is authentic.
23. A method of authenticating a document according to claim 22 in which the document is an exam certificate.
24. A method of authenticating a document according to claim 22 or 23 in which the information comprises any of the following: name, address, gender, one or more qualifications, grade achieved in the or each qualification, date of the award of the qualification, name of the or each institute awarding the qualification, picture of the candidate.
25. A method of authenticating a document according to any of claims 22 to 24 in which the encrypted summary comprises any or all of the pieces of information provided by the document.
26. A method of authenticating a document according to any of claims 22 to 25 in which the encrypted summary comprises more and/or different information than is provided by the document.
27. A method of authenticating a document according to any of claims 22 to 26 which is arranged to use the reader to read the information provided by the document.
28. A method of authenticating a document according to claim 27 which reads the information using OCR (Optical Character Recognition) .
29. A method of authenticating a document according to claim 27 or 28 which compares the information read by the reader with the summary.
30. A method of authenticating a document according to any of claims 23 to 31 which causes the processing means to reproduce the summary so that it can be checked against the information.
31. A server arranged to receive data comprising an encrypted summary of information contained upon a document, the server being arranged to pass the received data to a processing means which is arranged to decrypt the summary, the server being further arranged to transmit the decrypted summary across a network connection.
32. A method of verifying a document comprising: providing a server arranged to receive data containing an encrypted summary of data provided in a document from a network connection to the server; using a processor of the server to decrypt the summary; causing the server to send the decrypted summary across the network; and debiting an account for the decryption of the summary.
33. A machine readable medium containing instructions which when read onto a computer cause that computer to provide at least a portion of the method of claims 9 to 13.
34. A machine readable medium containing instructions which when read onto a computer cause that computer to provide at least a portion of the method of claim 14.
35. A machine readable medium containing instructions which when read onto a processing apparatus cause that processing apparatus to perform at least a portion of the method of claims 15 to 21.
36. A machine readable medium containing instructions which when read onto a processing apparatus cause that processing apparatus to function as the system of claims 1 to 4.
37. A machine readable medium containing instructions which when read onto a processing apparatus cause that processing apparatus to perform the method of claims 22 to 30.
38. A machine readable medium containing instructions which when read onto a processing apparatus cause that processing apparatus to function as the server of claim 31.
39. A machine readable medium containing instructions which when read onto a processing apparatus cause the processing apparatus to provide the method of claim 35.
PCT/GB2005/001405 2004-04-13 2005-04-13 Document authentication system and related methods WO2005101330A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
GBGB0408209.5A GB0408209D0 (en) 2004-04-13 2004-04-13 Document authentication system and related methods
GB0408209.5 2004-04-13

Publications (1)

Publication Number Publication Date
WO2005101330A1 true WO2005101330A1 (en) 2005-10-27

Family

ID=32320740

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/GB2005/001405 WO2005101330A1 (en) 2004-04-13 2005-04-13 Document authentication system and related methods

Country Status (2)

Country Link
GB (1) GB0408209D0 (en)
WO (1) WO2005101330A1 (en)

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2010100485A1 (en) * 2009-03-02 2010-09-10 E-Plate Limited Data collection device and method
CN105681041A (en) * 2014-11-18 2016-06-15 航天信息股份有限公司 RFID ownership transfer method
CN109637000A (en) * 2018-10-23 2019-04-16 深圳壹账通智能科技有限公司 The invoice method of inspection and device, storage medium, electric terminal

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5671282A (en) * 1995-01-23 1997-09-23 Ricoh Corporation Method and apparatus for document verification and tracking
EP0889448A2 (en) * 1997-07-01 1999-01-07 Pitney Bowes Inc. Method for preventing counterfeiting of articles of manufacture
EP1039420A2 (en) * 1999-03-26 2000-09-27 International Computers Limited Printed document authentication
US20030225695A1 (en) * 2002-06-04 2003-12-04 Bottomline Technologies (De) Inc. System and method for producing and verifying secure negotiable instruments

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5671282A (en) * 1995-01-23 1997-09-23 Ricoh Corporation Method and apparatus for document verification and tracking
EP0889448A2 (en) * 1997-07-01 1999-01-07 Pitney Bowes Inc. Method for preventing counterfeiting of articles of manufacture
EP1039420A2 (en) * 1999-03-26 2000-09-27 International Computers Limited Printed document authentication
US20030225695A1 (en) * 2002-06-04 2003-12-04 Bottomline Technologies (De) Inc. System and method for producing and verifying secure negotiable instruments

Cited By (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2010100485A1 (en) * 2009-03-02 2010-09-10 E-Plate Limited Data collection device and method
CN105681041A (en) * 2014-11-18 2016-06-15 航天信息股份有限公司 RFID ownership transfer method
CN105681041B (en) * 2014-11-18 2019-09-17 航天信息股份有限公司 A kind of RFID ownership transfer method
CN109637000A (en) * 2018-10-23 2019-04-16 深圳壹账通智能科技有限公司 The invoice method of inspection and device, storage medium, electric terminal
CN109637000B (en) * 2018-10-23 2021-12-28 深圳壹账通智能科技有限公司 Invoice detection method and device, storage medium and electronic terminal

Also Published As

Publication number Publication date
GB0408209D0 (en) 2004-05-19

Similar Documents

Publication Publication Date Title
US20190005268A1 (en) Universal original document validation platform
US9081987B2 (en) Document image authenticating server
US20070079139A1 (en) Signature authentication
US8340291B2 (en) Systems and processes of automatic verification and protection of paper documents against falsification, adulteration and leakage
US20130247218A1 (en) System And Method For Verifying Authenticity Of Documents
US20110161674A1 (en) Document authentication using document digest verification by remote server
KR101039390B1 (en) A method and system of examining the genuineness of the issued document using a bar-code
US20080028220A1 (en) Method and System for Verifying Documents
US20100161993A1 (en) Notary document processing and storage system and methods
EP0676877A2 (en) Method and apparatus for authentication and verification of printed documents using digital signatures and authentication codes
US20060263134A1 (en) Method for managing transaction document and system therefor
CN1354935A (en) Digital file management and imaging system and method including secure file marking
US7861307B2 (en) Unlocking digital content on remote systems
US20020069358A1 (en) Method and system for generating a secure electronic signature file
US7881467B2 (en) Image forming apparatus and electronizing method for information mentioned in paper
TW200816061A (en) Scanner authentication
US20040216031A1 (en) Verifying the veracity and creator of a printed document
US7970169B2 (en) Secure stamping of multimedia document collections
US10814661B2 (en) Method and system for verifying authenticity of a document
KR20090123555A (en) A online confirming system for issued documents and the method thereof
KR20000049674A (en) Method for providing and authenticating an electronic signature using a web site
US7455216B2 (en) Printed-matter issuing managing system, printed-matter verifying device and contents managing device
WO2005101330A1 (en) Document authentication system and related methods
KR102256922B1 (en) Method and System for authenticating documents using inquiry history notice
US20220129569A1 (en) Method and system for verifying authenticity of a document

Legal Events

Date Code Title Description
AK Designated states

Kind code of ref document: A1

Designated state(s): AE AG AL AM AT AU AZ BA BB BG BR BW BY BZ CA CH CN CO CR CU CZ DE DK DM DZ EC EE EG ES FI GB GD GE GH GM HR HU ID IL IN IS JP KE KG KM KP KR KZ LC LK LR LS LT LU LV MA MD MG MK MN MW MX MZ NA NI NO NZ OM PG PH PL PT RO RU SC SD SE SG SK SL SM SY TJ TM TN TR TT TZ UA UG US UZ VC VN YU ZA ZM ZW

AL Designated countries for regional patents

Kind code of ref document: A1

Designated state(s): GM KE LS MW MZ NA SD SL SZ TZ UG ZM ZW AM AZ BY KG KZ MD RU TJ TM AT BE BG CH CY CZ DE DK EE ES FI FR GB GR HU IE IS IT LT LU MC NL PL PT RO SE SI SK TR BF BJ CF CG CI CM GA GN GQ GW ML MR NE SN TD TG

121 Ep: the epo has been informed by wipo that ep was designated in this application
NENP Non-entry into the national phase

Ref country code: DE

WWW Wipo information: withdrawn in national office

Country of ref document: DE

122 Ep: pct application non-entry in european phase