The present invention relates generally to producing a postage indicium and other text or images on a mail piece and, more particularly, to a method and system for authenticating the postage indicium.
Postage metering systems have been developed which employ encrypted information that is printed on a mail piece as part of an indicium-evidencing postage payment. The encrypted information includes a postage value for the mail piece, combined with other postal data that relate to the mail piece and the postage meter printing the indicium. The encrypted information, typically referred to as a digital token or a digital signature, authenticates and protects the integrity of information, including the postage value, imprinted on the mail piece for later verification of postage payment. Since the digital token incorporates encrypted information relating to the evidencing of postage payment, altering the printed information in an indicium is detectable by standard verification procedures. Examples of systems that generate and print such indicium are described in U.S. Pat. Nos. 4,725,718; 4,757,537; 4,775,246 and 4,873,645, each assigned to the assignee of the present invention.
Presently, there are two postage metering device types: a closed system and an open system. In a closed system, the system functionality is solely dedicated to metering activity. Examples of closed-system metering devices, also referred to as postage-evidencing devices, include conventional digital and analog (mechanical and electronic) postage meters, wherein a dedicated printer is securely coupled to a metering or accounting function. In a closed system, typically, the printer is securely coupled and dedicated to the meter, and printing evidence of postage cannot take place without accounting for the evidence of postage. In an open system, the printer is not dedicated to the metering activity, freeing system functionality for multiple and diverse uses in addition to the metering activity. Examples of open system metering devices include personal-computer (PC) based devices with single/multi-tasking operating systems, multi-user applications and digital printers. An open-system metering device is a postage evidencing device with a non-dedicated printer that is not securely coupled to a secure accounting module. An open-system indicium printed by the non-dedicated printer is made secure by including addressee information in the encrypted evidence of postage printed on the mail piece for subsequent verification. See U.S. Pat. No. 4,725,718 and 4,831,555, each assigned to the assignee of the present invention.
The United States Postal Service (USPS) has proposed an Information-Based Indicia Program (IBIP), which is a distributed-trusted system to retrofit and augment existing postage meters, using new evidence of postage payment known as information-based indicia. The program relies on digital signature techniques to produce for each envelope an indicium whose origin can be authenticated and content cannot be modified. IBIP is expected to support new methods of applying postage in addition to the current approach, which typically relies on a postage meter to print indicia on mail pieces. IBIP requires printing a large, high density, two-dimensional (2-D) bar code on a mail piece. The 2-D bar code encodes information and is signed with a digital signature.
The USPS has published draft specifications for IBIP. The INFORMATION-BASED INDICIA PROGRAM (IBIP) INDICIUM SPECIFICATION, dated Jun. 13, 1996, and revised Jul. 23, 1997, (IBIP Indicium Specification) defines the proposed requirements for a new indicium that will be applied to mail being created using IBIP. The INFORMATION-BASED INDICIA PROGRAM POSTAL SECURITY DEVICE SPECIFICATION, dated Jun. 13, 1996, and revised Jul. 23, 1997, (IBIP PSD Specification) defines the proposed requirements for a Postal Security Device (PSD), which is a secure processor-based accounting device that dispenses and accounts for postal value stored therein to support the creation of a new information-based postage postmark or indicium that will be applied to mail being processed using IBIP. The INFORMATION-BASED INDICIA PROGRAM HOST SYSTEM SPECIFICATION, dated Oct. 9, 1996, defines the proposed requirements for a host-system element of IBIP (IBIP Host Specification). IBIP includes interfacing user, postal and vendor infrastructures, which are the system elements of the program. The INFORMATION-BASED INDICIA PROGRAM KEY MANAGEMENT PLAN SPECIFICATION, dated Apr. 25, 1997, defines the generation, distribution, use and replacement of the cryptographic keys used by the USPS product/service provider and PSDs (IBIP KMS Specification). These specifications have been consolidated into one specification entitled PERFORMANCE CRITERIA FOR INFORMATION BASED INDICIA AND SECURITY ARCHITECTURE FOR OPEN IBI POSTAGE EVIDENCING SYSTEMS (PCIBI-0), dated Feb. 23, 2000. The specifications are collectively referred to herein as the IBIP Specifications.
The IBIP Specifications define a stand-alone, open-metering system, referred to herein as a PC Meter, comprising a PSD coupled to a personal computer (PC) which operates as a host system with a printer coupled thereto (Host PC). The Host PC runs the metering application software and associated libraries (collectively referred to herein as Host Applications) and communicates with one or more attached PSD""s. The PC Meter can only access PSDs coupled to the Host PC. There is no remote PSD access for the PC Meter.
The PC Meter processes transactions for dispensing postage, registration and refills on the Host PC. Processing is performed locally between the Host PC and the PSD coupled thereto. Connections to a data center, for example, for registrations and refill transactions, are made locally from the Host PC through a local or network modem/internet connection. Accounting for debits and credits to the PSD is also performed locally, logging the transactions on the Host PC. The Host PC may accommodate more than one PSD, for example, supporting one PSD per serial port. Several application programs running on the Host PC, such as a word processor or an envelope designer, may access the Host Applications.
The IBIP Specifications do not address an IBIP open-metering system on a network environment. However, the specifications do not prohibit such a network-based system. Generally, in a network environment, a network server controls remote printing requested by a client PC on the network. Of course, the client PC controls any local printing.
One version of a network metering system, referred to herein as a virtual postage metering system, has many Host PCs without any PSD""s coupled thereto. The Host PC""s run Host Applications, but all PSD functions are performed on server(s) located at a data center. The PSD functions at the data center may be performed in a secure device attached to a computer at the data center, or may be performed in the Data center computer itself. The Host PCs must connect with the data center to process transactions such as postage dispensing, meter registration, or meter refills. Transactions are requested by the Host PC and sent to the data center for remote processing. The transactions are processed centrally at the data center, and the results are returned to the Host PC. Accounting for funds and transaction processing are centralized at the data center. See, for example, U.S. Pat. Nos. 4,873,645 and 5,454,038, which are assigned to the assignee of the present invention.
In U.S. Pat. Nos. 4,873,645 and 5,454,038, a virtual postage metering system and method are disclosed, wherein the postal accounting and token generation occur at a data center remote from the postage evidencing printer. Although the data center may be a secure facility, there remain certain inherent security issues since the accounting and token generation functions do not occur in a secure device local to the postage printer. The virtual postage metering system includes a computer coupled to an unsecured printer and to a remote data metering system. The postal accounting and the token generation occur at the data center.
The data center is a centralized facility under the control of a meter vendor, such as Pitney Bowes, or the Postal Service. As such, it is regarded as secure compared to the environment where mailers handle meters directly. However, data stored at the data center is accessible to data center personnel and, therefore, at a minimum, subject to at least inadvertent modification by such personnel. Any unauthorized changes to the user and meter data stored at the data center compromises the integrity of the virtual postage metering system.
Furthermore, in the mail piece security system based on digital indicia, if the postage indicium is duplicated and produced on more than one mail piece, it is very difficult for the Postal Service to tell which, among the mail pieces having identical indicium, has the original indicium. Thus, it is advantageous and desirable to provide a method and a system for authenticating the indicium.
It is a primary object of the present invention to provide on a mail piece a postage indicium and encryption information that can be produced by a closed postage metering device, such as postage meter, or an open postage metering system, such as a personal-computer based device connected to a digital printer, wherein the encryption information is provided within the postage indicium or other areas on the mail piece so that the indicium can be authenticated based on the encryption information. Accordingly, the first aspect of the present invention is a method for authenticating a postage indicium on a mail piece. The method comprises the steps of: providing a first pattern containing hidden information in a printed area on the mail piece; and engaging a masking mechanism with the printed area for observing the first pattern, wherein the masking mechanism has a second pattern for forming with the first image a third pattern indicative of the hidden information.
It is possible that the first pattern comprises a first line pattern, the second pattern comprises a second line pattern and the third pattern comprises a Moire pattern.
It is possible that the first pattern comprises a first color pattern, the second pattern comprises a second color pattern for color-filtering the first pattern, and the third pattern comprises a color-filtered pattern indicative of the hidden information.
It is possible that the first pattern comprises a pattern of dots, the second pattern comprises a plurality of windows for observing the dots, and the third pattern comprises a further pattern of dots indicative of the hidden information.
It is possible that the first pattern is electronically filtered for providing a first electronic pattern and second pattern is electronically produced, wherein the second pattern and the first electronic pattern are electronically compared for producing the third pattern.
Preferably, the first pattern is provided within the postage indicium, but it is possible to produce the first pattern on the mail piece outside the postage indicium.
The second aspect of the present invention is a system for authenticating a postage indicium on a mail piece. The system comprises: a mechanism for providing on a printed area a first pattern containing hidden information; and a masking mechanism, for engaging with the printed area for observing the first pattern, wherein the masking mechanism comprises a second pattern for forming with the first image a third pattern indicative of the hidden information.
The present invention will become apparent upon reading the description taken in conjunction with FIGS. 1 to 8.