The present invention relates to a scheme for providing one-time use access codes for a lock mechanism as may be employed with secured doors to and/or from buildings, secured access points and/or containers, etc., including secure storage devices for the delivery and pickup of goods and/or other applications/appliances/mechanisms that require security.
U.S. Pat. No. 5,774,053, which is hereby incorporated by reference, describes a storage device for the delivery and pickup of goods. As recognized in that disclosure, home delivery of goods has become more and more popular with the rise of shopping over the Internet, by catalog, and so on. In addition to clothing, appliances, furniture, books and other materials previously available from catalogs and the like, the Internet has spawned e-shopping services for groceries and other items. Similarly, in many areas local merchants such as dry cleaners offer residential pickup and delivery services for their customers.
The storage device described in U.S. Pat. No. 5,774,053 provided a means for such home pickups and deliveries even when the homeowner was absent. Briefly, the storage device provided a secure environment for the goods and included a communication apparatus for providing notification that the goods had been picked up or delivered. Access to the storage device was gained by entering a so-called vendor code into a controller via a keypad. The controller oversees locking/unlocking of the storage device. Entering a valid vendor code unlocks the storage device, allowing couriers and/or others to pickup and/or deliver goods from/to the storage device.
One shortcoming with the storage device described by U.S. Pat. No. 5,774,053 concerns the use of the vendor codes. As contemplated, the vendor codes are static, reusable codes assigned to each vendor that delivers and/or picks up goods to/from the storage device. xe2x80x9cFor example, a laundry and drycleaning (sic) business may be assigned a vendor code of 333, whereas a local grocery store may be assigned a vendor code of 444.xe2x80x9d U.S. Pat. No. 5,774,053 at col. 5, 11. 39-45. The use of such vendor codes presents a security risk in that once an unauthorized person learns one of the codes, that individual has access to the storage device until such time as the code is removed from the list of authorized vendor codes stored in the controller""s memory. This presents a problem inasmuch as several days or weeks may pass before a storage box owner learns that one or more of the vendor codes has been compromised and has time to reprogram the controller with new vendor codes. During this time, the security of the storage box is questionable at best. Moreover, the assigning, canceling and reassigning of the vendor codes requires what could be a significant amount of time and effort (key management) on the part of a storage device owner/end-user. Also, the vendors are required to keep track of codes for different customers and, presumably, must take steps to ensure that the security of these codes are maintained.
Described herein is a scheme for providing locking mechanisms (that may be used in a variety of applications) for use with one-time access codes. The present scheme avoids the drawbacks of the system described above, for example by providing a third-party service that handles key management. The third-party service may issue access codes to vendors, etc., for one-time use and thereby free the storage device owners from having to perform and manage this task. Also, because the access codes are intended for one-time use only, vendors and others are freed from the responsibility of maintaining the security of a number of keys for different customers for indefinite periods. Keys (or access codes) may be distributed to the locking mechanism in a variety of ways (including via a RF network and/or at the time of manufacture).
In one embodiment, a request for an access code for a locking mechanism is received; and a one-time use access code for the locking mechanism is subsequently issued. The one-time use access code may be issued from a list of currently available access codes for the locking mechanism in response to a request therefor, for example by a merchant or delivery service. Such a code may be issued by a server, which server is further responsible for updating the list of available access codes in response to an indication that a code has been issued, used or has otherwise expired. The list of currently available access codes is preferably a subset of all access codes for the locking mechanism, which codes may be generated using a cryptographically strong random number generator. Such a locking mechanism may be used with a storage device, a door or gate, or any appliance or other mechanism or may find application in a variety of security systems.
In a further embodiment, a storage device that includes an enclosure adapted to allow for the storage of goods and having a door fitted with a locking mechanism; and a locking mechanism controller coupled to the locking mechanism and adapted to unlock the locking mechanism upon receipt of an entry code, said entry code expiring within a first predetermined time interval of its first use to unlock the locking mechanism (which may include some time after the locking mechanism has been re-locked), is provided. The entry code may expire within a second predetermined time interval (or, in other cases, a time window that varies, e.g., according to past usage of the locking mechanism) regardless of whether it is used to unlock the locking mechanism or not. The locking mechanism controller preferably includes a micro-controller configured to operate an actuator in response to receiving the entry code and may be adapted to receive the entry code via at least one of a keypad, a bar code scanner, a magnetic stripe reader, a wireless (e.g., RF or IR receiver) or a smart card reader. In some cases, the locking mechanism controller may be configured to communicate with a server (e.g., via at least one of the Internet, a wireless network or the public switched telephone network) configured to provide the entry code.
In a further embodiment, a computer-based service configured to dispense one-time use access codes for remotely located locking devices in response to requests therefor is provided. Transaction fees may be assessed for each access code dispensed and the access codes may be so dispensed from a server accessible through at least one of the Internet, a wireless network or the public switched telephone network. Preferably, each access code so dispensed expires upon the earlier occurrence of (i) its use to access an associated one of the storage devices, or (ii) a predetermined time period.
These and other features and advantages of the present invention are discussed in detail below.