The invention relates to the field of cheque protection, and more particularly to an apparatus and method for protecting negotiable documents from being fraudulently tampered with.
Negotiable transactions typically involve the following parties: a payor, a payee, and a corresponding financial institution such as a bank or other type of intermediary such as a clearing-house. A negotiable document or instrument issued as a form of payment, for instance a cheque, is used by the financial institution to transfer funds between accounts, typically to credit the payee""s account and debit the payor""s account. Information about all parties involved in the transaction is contained in the negotiable document.
Traditionally, the payor""s handwritten signature has been used as an indicia of the authenticity of the document and the information contained therein. The underlying reasons for this include:
(1) a signature is assumed to be difficult to forge, thereby serving as proof that the signor is cognizant of and in agreement with the contents of the document, particularly the amount and identity of the payee;
(2) a signature is assumed to be non-reusable xe2x80x94 it is thought of as being an integral or inseparable part of the document and cannot easily be transferred to, or reproduced onto, another document;
(3) once signed, it is assumed that the document cannot be modified or altered; and
(4) it is generally assumed that the signature cannot be repudiated.
In reality, these assumptions are generally false. Unless an expert in fraud detection is consulted, the typical financial clerk cannot detect a forged signature. Nor have electronic systems progressed to the point where they can accurately or consistently identify forged signatures. Even if a signature is authentic, it is not very difficult to alter documents after being signed, particularly the monetary value of the document or the identity of the payee. Moreover, the entire cheque may be fraudulently produced such that no alterations or additions to the negotiable document may be readily discerned.
Cheque fraud has been considered to be the third largest type of banking fraud, estimated to be about fifty million dollars per year in Canada according to a 1993 KPMG Fraud Survey Report. In the United States, such fraud is estimated to cause financial loss of over ten billion dollars per year, according to Abagnale and Associates. Financial institutions and corporations spend a great deal of time, effort and money in preventing or recovering from fraudulent cheques. With the recent proliferation and affordability of computer hardware such as document scanners, magnetic-ink laser printers, etc., cheque fraud is expected to reach new limits.
To date, various attempts have been made to protect cheques from fraudulent interference of the type described above. One method is to use mechanical amount-encoding machines which create perforations in the document reflecting the monetary value thereof. The perforations in the document define the profile of an associated character or digit. However, a cheque forger can still scan the payor""s signature and reprint the cheque with a new amount using the same type of readily available mechanical encoding machine to apply the perforations. This method also has a significant drawback due to the amount of time and human labour required to produce cheques, and thus may be considered expensive or impractical for certain organizations.
Indeed, even without the use of mechanical amount-encoding machines, a December 1992 study by the Hacket Group, cited in Canadian Business, Vol. 65, page 19, of 55 leading American Corporations found that the typical corporation spends over US$6 for preparing or processing every cheque. The breakdown of this expense includes:
a) costs to secure cheque storage;
b) costs to print variable data such as the amount of the cheque, the payee, etc., whether printed manually or electronically;
c) costs to decollate continuous cheque forms typically used in cheque printing; and
d) costs to manually or mechanically apply the requisite signature, assuming such signature is not pre-reproduced on the cheque stock.
Another prior art cheque protection method uses electronic means to print the numerical amount of the cheque using special fonts, supposedly difficult to reproduce. A negotiable document is considered unforged if it contains the special font and if the characters representing the monetary value of the cheque are not tampered with. Due to the fact that these characters are difficult to produce without a machine or a computer, the cheque is assumed to be protected. Given the ready availability if high quality scanners and printers, it is, however, possible that the cheque forger will copy one of the characters printed on the cheque and paste it as the most significant digit of the amount thereby increasing the monetary amount of the transaction. As such, after the forger reprints the cheque with a new most significant digit, the cheque will meet the criteria of having the special fonts defining the numerical amount, whereby the forged document may be interpreted as a valid cheque.
Other types of cheque validation techniques are disclosed in U.S. Pat. No. 4,637,634 to Troy et al. This reference disclose a sales promotional cheque which consists of a top cheque half, distributed through direct mail, flyers, newspaper inserts, etc., and a bottom cheque half which may be obtained, for example, when a stipulated purchase of goods or services has been made by the intended payee. If information on the top and bottom halves match, the cheque becomes a negotiable instrument. For validation purposes, the bottom half is provided with at least one code number that is generated, using a complex mathematical formula, from the cheque number, the register number, and the script dollar amount, all of which are present on the face of the cheque in human-readable form. The validation code number appears as a bar code or other machine readable code on the face of the cheque. For verification purposes, the same code number appears underneath an opaque xe2x80x9crub-offxe2x80x9d overlay which, if tampered with, renders the cheque void. To verify the cheque, the opaque overlay is removed to reveal the concealed code number which is then compared against the machine readable code number printed on the cheque. This system is still prone to tampering because one could alter the amount of the cheque without tampering with the code numbers. To avoid this situation, the cheque must be compared against a predefined list, i.e. an electronic file, listing all of the payor""s cheques to verify the original amount. Thus, this system may therefore be impractical for most organizations and is incompatible with current cheque clearing procedures.
There remains a need for securing information associated with negotiable documents form being fraudulently tampered with. Moreover, there remains a need for such a security system which is compatible with current cheque printing systems and cheque clearing systems, and which generates cheques that are essentially non-repudiable.
The invention applies or prints certain security features onto a negotiable instrument, e.g. a cheque, at the time it is created. In one aspect of the invention, a data key associated with a cryptographic scheme is used to encrypt preselected information pertaining to the cheque, thereby xe2x80x9clockingxe2x80x9d such information on the cheque and preventing it from being altered or forged. The encrypted information can only be decoded or validated by a financial intermediary, such as a bank or cheque clearing house, because only they, apart from the payor, possess a corresponding data key necessary to decode or validate the encrypted information.
In the preferred embodiment of the invention, the cryptographic scheme is a secret key scheme embodied in a cheque printing system which the payor uses to encrypt the monetary value of the cheque using at least one secret alphanumeric key. The system prints the encrypted information on the cheque in a machine readable form, such as a bar code. The encrypted information acts as a control code for verification purposes. When the financial intermediary is presented with the cheque for payment, it has a validation system which uses the same cryptographic scheme as the payor to re-encrypt the same information the payor originally encrypted, i.e. the monetary value of the cheque. If the resulting re-encrypted information, which constitutes a second control code, is not identical to that originally printed on the cheque, the cheque is not honoured by the financial intermediary.
Hence, according to one aspect of the invention, there is provided a process for enhancing the protection of selected information associated with a negotiable instrument from forgery, comprising the steps of: a) selecting an encryption key; b) encrypting a combination of the selected information and the encryption key with a relatively secure cryptographic scheme to thereby generate a first control code; and c) printing the selected information and the first control code on the negotiable instrument. Thereafter, a validator, such as the financial intermediary, who possesses a copy of the encryption key, can read the un-encrypted selected information from the negotiable instrument, re-combine it with the encryption key and re-encrypt the combination according to said scheme to generate a second control code. The negotiable instrument is not honoured by the validator if the first and second control codes are not identical. It will be appreciated that in this manner, the financial intermediary charged with validating the cheque does not require advance information about the preselected information such as the monetary value of the cheque form the payor in order to adequately verify the cheques.
In order to ensure security, the secret key encryption algorithm is non-linear and essentially irreversible. The preferred encryption algorithm is modeled after a 32 bit Cycle Redundancy Check (xe2x80x9cCRCxe2x80x9d) algorithm wherein the encryption key is concatenated with the data to be encrypted to form a source polynomial which then is divided by a 32 degree Tchebychev polynomial. The division produces a remainder which functions as the control code printed on the cheque.
Alternative embodiments of the invention can employ other types of cryptographic systems, including public key cryptosystems such as the known RSA scheme. According to this aspect of the invention a process is provided for enhancing the security of a cheque. The process includes selecting private and public encryption keys associated with a cheque payor or cheque validator; selecting information found on the cheque wherein the selected information varies for each instantiation of the cheque presented by the same payor; encrypting a combination of the selected information and one of the private and public keys with a practicably secure cryptographic scheme to thereby generate a control code; printing the selected information and the control code on the cheque; reading the selected information from the cheque; decrypting the control code using the other of the public and private encryption keys to thereby obtain decrypted information; and refusing to honour the cheque if the selected information found on the cheque does not match the decrypted information.
The preferred embodiment of the invention incorporates additional security measures to discourage forgery. In one of these, a security image is printed on the cheque, the image composed of a bit-map (or other form of digitized representation) of the payor""s signature which is superimposed over a background motif bit-map, such as the monetary value of the cheque depicted in a xe2x80x9cimprintxe2x80x9d font, i.e. a simulated three dimensional, character font. A variety of characteristics of the image are used to verify the authenticity of the cheque, as described below.
The cheque is authenticable by virtue of the fact that each of the signature and monetary value bitmaps (or bitmaps of other foreground and background images) has certain attributes, such as aspect ratios, dimensions, etc., and the combination of the bitmaps has certain attributes, such as the relative sizes of the bitmaps, which attributes are preselected and used when the payor prints the bitmaps on the cheque. The security image is later scanned by the verification system located at the financial intermediary for comparison to the preselected attributes, as described in greater detail below. This comparison makes it difficult for a forger to copy the imprinted monetary value and, for example, add a significant digit to the monetary value of the cheque because the respective preselected bit-map attributes, such as aspect ratio, relative sizes of the bit-maps etc., are liable to change and be detected.
In addition to the foregoing attributes, the three dimensional font of the imprinted monetary value has a fading factor associated with it, as described in greater detail below, which is set to a pre-selected value. When the security image is scanned in by the financial intermediary, the fading factor associated with the font of the scanned image is compared to a preselected fading factor. This comparison makes it difficult for a forger to copy the imprinted face value, add a significant digit and scale the resultant image to its original size (in an attempt to avoid changing the bit-map attributes) without affecting the original fading factor.
In the preferred embodiment, an additional image is printed on the cheque to provide another security feature. This image comprises a bit-map of the monetary or face value of the cheque in xe2x80x9creverse printxe2x80x9d (i.e. white characters for use over a dark background) superimposed on a background motif bit-map. Again, certain attributes of these bit-maps, such as aspect ratio, relative dimensions etc,. are preselected and analysed by the verification system located at the financial intermediary for any deviations from the pre-determined standards.