This invention relates to electronic postage meters and metering systems, and particularly to an improved method and apparatus for insuring the validity of a postal indicia printed by a postage metering system. The terms electronic postage meter and metering system, as used herein, also refer to other similar systems, such as parcel registers and tax stamp meters that dispense and account for value, and generally to systems for applying indicia to items to verify payment, or other status for that item.
Since a postage meter may be looked upon as a machine for printing money (i.e. symbols having value) security has always been considered the heart of postage meter operation. In prior postage meters indicia are printed by letter press, using a uniquely engraved dye containing postal information; the information being such that the metered postage indicia is traceable to a particular postage meter. Newer postage meters have been developed that include electronically controlled printers such as thermoprinters, ink jet, or dot matrix pin printers for printing the indicia. While these newer meters work well in concept, they have significant security problems which must be addressed since such indicia are easily printed by anyone having a suitably programmed computer and an appropriate printer. One way to insure the validity of a particular indicia has been to encode a message in the indicia in such a manner that an unauthorized person who does not know the encryption scheme cannot reproduce the appropriate encoding. Such meters using encoded information in the indicia are disclosed, for example in co-pending application Ser. Nos. 724,372, to: Arno Mueller, filed Apr. 7, 1985 and in a co-pending application by R. Sansone, entitled: POSTAGE AND MAILING INFORMATION APPLYING SYSTEM, filed Aug. 6, 1985, both assigned to the assignee of the present application.
In a system disclosed in application Ser. No. 515,073, to: John Clark, filed July 18, 1983, and assigned to the Assignee of the present invention, there is taught another method and apparatus for producing coded indicia. This application teaches encoding such that the indicia is printed in human readable form with the pixels forming the indicia modified, by voids or displacements or the like, to produce a coded message which can then be decoded to verify that the coded information is identical to the human readable information of the indicia.
Such systems generally are operative for their intended purpose, but suffer from limitations and disadvantages. First, in many cases the encryption scheme used to encode the information may be relatively simple and subject to attack by sophisticated computer analysis. Once a dishonest user is in possession of the encryption scheme used, he would be in a position to generate undetectable counterfeit indicia. When it is considered that high volume mailers, such as insurance companies, credit card companies, or oil companies may spend hundreds of thousands, if not millions, of dollars per year on postage, the incentive for such attacks can easily be seen. Another disadvantage of the above schemes is that, while it is highly desirable to use a distinct encryption key for each postage meter so that a breach of security for a single meter will not jeopardize the entire meter population, using conventional encryption, this approach would require that the postal service maintain a data base of keys for each of the hundreds of thousands of postal meters in service.
As is described in the commonly assigned U.S. Pat. application Ser. No.: 140,051; to: Jose Pastor; for: SYSTEM FOR CONVEYING INFORMATION FOR THE RELIABLE AUTHENTICATION OF A PLURALITY OF DOCUMENTS; filed Dec. 31, 1987 (C335) these problems are solved by the use of "public key" encryption systems, such as the generally known RSA encryption system. These systems provide two keys, one of which may be used to encrypt, but not decrypt, a message, and a second key which is used to decrypt the message. By use of such a public key system in the manner described in the above referenced patent application, the disclosure of which is hereby incorporated by reference, distinct encryption systems may be provided for each meter, yet the postal service need only maintain a single public key system to validate indicia. However, the use of the system taught in the above referenced patent application and the security of public key encryption schemes, both require that large amounts of information, on the order of from 100 to 200 decimal digits be printed on mail piece. Clearly, printing of such information in a conventional form as a string of decimal digits would be unacceptable.
Accordingly, it is an object of the present invention to provide a method for the validation of the status of an item, and particularly to validate the payment of postage on a mail piece.
More particularly, it is an object of the present invention to validate a status of an item by applying an indicia representative of large amounts of encrypted data in an acceptable manner.