Printed documents of any kind are becoming substantially easier to forge as technology advances. Personal and business checks are no exception. For example, enhanced and inexpensively available home desktop publishing technology now widely available makes forging checks easier than ever.
In addition, check processing is rapidly evolving. To reduce the costs of processing personal checks tendered for payment at a point of sale, banks, electronic fund transfer networks, and merchants seek new, more efficient methods for processing personal checks. For example, one new check processing method converts a check into an electronic funds transfer at the time the check is tendered. Specifically, the checking account information in the magnetic ink character recognition (MICR) code line at the bottom of a personal check provides the customers account information to a process that initiates an electronic funds transfer from the customers checking account to the merchant.
Because producing a paper check that looks legitimate is much easier than it once was, and because novel, non-traditional check processing introduces new security risks, enhanced anti-fraud measures are particularly important.
Although authentication methods have been proposed to address these serious concerns, many of these proposals include the use of encryption-based techniques, such as a smart card (or device with similar functionality). With such smart cards, information is usually secured through the use of a data encryption algorithm. Problematically, the use of encryption and encryption smart cards as specified in this approach would likely require export control review by appropriate United States federal agencies before products based on this approach could cross an international boundary. In addition, every participating payee must be issued a smart card containing sensitive, highly private encryption parameters. This form of encryption key management is expensive and may be no more secure than the smart cards themselves.
It is therefore desirable to provide a self-authentication system that is free of the above defects—namely, that does not require the use of numerous expensive smart cards or similar devices, and that does not require data encryption.