1. Field of the Invention
The invention relates to self-authenticating negotiable documents to reduce the probability of fraud. In particular, the invention relates to self-authenticating negotiable documents, such as checks, in which a self-contained closed-loop system is provided to ensure the integrity and authenticity of the negotiable documents.
2. Description of the Related Art
Check fraud is a multi-billion-dollar-a-year problem in the United States alone. This problem is only getting worse as time progresses. The true cost, when monies spent on fraud prevention systems, fraud detection and tracking systems and other support functions are factored in, quickly escalates to truly staggering figures.
Meanwhile, checks remain the most widely used instrument for the transfer of corporate payments in the United States. While highly convenient, checks present the issuer with two major issues: fraud and reconciliation.
Fraud can take on many forms. Among these are forgery, duplication of an original check, and the alteration of legitimate checks to reflect an amount not originally intended. Each of these, and their many variations, present difficulties for the existing bank infrastructure to detect and prevent. To counteract check fraud, banks and corporations have devised a number of systems and tactics. One such system is called "Positive Pay", another is called "Automated Clearing House" (ACH) electronic funds transfer, and another is the use of secure check stock. ACH requires supporting transactions formatted just for the ACH system. Positive Pay requires the issuer to create a list of checks and their amounts. The issuer then transmits the list on a daily basis to the bank of origin. Under this arrangement the bank will then only honor or clear checks that appear on the lists and are made out for the exact amount indicated by the list. Secure check stock can range from a laser printer-based system that does not use pre-printed checks to a system that uses controlled inks and printing sources, embedded information, and Ultra Violet secondary printing techniques. While these fraud-prevention systems are somewhat effective, each has well understood limitations.
Positive Pay requires that the issuer's accounting or disbursement systems be able to create a properly formatted list of checks issued, and their corresponding amounts, on a daily basis. This list must then be securely transmitted to the issuer's bank in a timely manner. Because of the amount of effort involved in creating and maintaining these capabilities, Positive Pay's appeal is limited primarily to medium and large scale businesses. In addition to the burdens placed on the issuing company, the issuer's bank must also be set up to handle Positive Pay file transfers and integrate this information into its operational flow. Compounding this is the inability of small to medium sized companies to adequately spread the cost of this daily activity over a large volume of documents. This leads to per item processing costs, which may not be justifiable. Further limiting the appeal of Positive Pay are the costs associated with setting up and maintaining the requisite communication infrastructure to support the file transfers.
In a likewise manner, ACH requires tight integration with an established service provider. The user's check printing/accounting system must support, or be modified to support, the production of ACH formatted transactions. Furthermore, additional payee information (e.g., bank of deposit, deposit account number, etc.) must be known by the issuer in order to initiate the transaction. For those instances when this information is not known, standard paper based checks must be printed and disbursed. As with Positive Pay, the economies of scale and infrastructure requirements limit the use of ACH to medium and large businesses.
Laser check printing and other on-demand systems have eliminated the need for preprinted check stock to be kept on hand, reducing the possibility of pilfered stock being used to create fraudulent documents. While helpful, this check fraud countermeasure reduces, but does not eliminate the possibility of check fraud. Likewise, it does nothing to address the exposure from counterfeiting or the alteration of legitimate documents.
Another technique for counteracting check fraud involves the use of special Ultra-Violet (UV) inks to print information directly on the check stock at the time of creation. This creates a controlled source for the paper, and creates an audit path to ensure accountability of all stock printed. The presence of the UV on the paper is used in a manner similar to a watermark to prove authenticity of the paper. These UV fields can also be used to detect when a document has been altered. The major drawback of this and other similar systems (e.g., watermarks, pantographs, etc.) is that the UV printed information is static. This approach only validates the legitimacy of the paper. Because this static information is not linked to the dynamic negotiable information (payee, amount, etc.), stolen stock can still be used to create fraudulent documents.
U.S. Pat. No. 5,594,226, issued to Steger et al., discloses an automated check verification system in which a bar code is printed onto a check. A bar code scanner reads the information contained in the bar code, and based on that information, determines a bank code and an account code. The proper bank, traveler's check company, or money order company is then contacted automatically, to determine the account status. Based on the account status, the check will or will not be processed. This process only verifies that sufficient funds exist in the account to cover or honor the document presented, is does not indicate if the request should be honored or the funds transferred. Steger works to prevent the acceptance of bad or NSF (Non-Sufficient-Fund) checks. Steger et al. has no provision for authenticating the creator of the check as being authorized to do so, nor does Steger et al. authenticate or verify that data on the check (i.e., the amount, etc.) has or has not been modified. Summarizing, Steger et al. only addresses the availability of funds.
U.S. Pat. No. 5,432,506, issued to Chapman, discloses a counterfeit document detection system, in which a secret program selects certain characters written or already on the document, and then transforms those characters into strings of characters to print on the document as a unique code. While Chapman's system may increase the likelihood of detecting that data on a document has been modified, it may not be able to detect all such changes, since it uses key data points spaced in sporadic locations across the face of the document as checkpoints. Alterations between these checkpoints will not be detected. Further, only a single layer of authentication/verification is performed by Chapman's system.
U.S. Pat. No. 5,190,318, issued to Mantegazza, discloses a document with forgery prevention means, in which a sheet-like element is provided with at least one portion for writing indications. In the indication-writing portion, regions of magnetic material spaced by magnetically blank portions are provided so as to define a code which can be detected by a magnetic reading head. Mantegazza's system is useful for providing authenticity of the paper that makes up the negotiable instrument. Mantegazza's system does not prevent fraud resulting from someone stealing the paper and creating a fraudulent negotiable instrument using the stolen paper.
U.S. Pat. No. 4,879,747, issued to Leighton et al., discloses a private key/public key system for encrypting a non-secret password into a digital signature. The password and the digital signature are encoded and stored on a magnetic stripe or other memory device of a card. To effect a transaction, the digital signature on a received card must be shown to have been generated from a password on the received card. Leighton et al.'s system and method provide verification that the person physically presenting the card is indeed the person to whom the card was issued. Leighton et al.'s system and method utilize an interactive system that requires the interaction of both machine and human controls, such as having the user input his or her personal identification number (PIN), and is thus well-suited for interactive sessions. However, Leighton et al.'s system is not well suited to situations where the time and location of the document's creation are quite different from the time and location where the document must be authenticated. Furthermore, Leighton et al.'s system and method use a visual inspection to determine if the person presenting the card matches the "picture" password. Visual inspection is an inexact science and increases the possibility of fraud and/or counterfeiting. Lastly, the card and the information stored therein are used to authenticate a separate element, i.e., the person presenting the card. Therefore, Leighton et al.'s system and method are not self-authenticating.