Workers in the art of handling checks and the like are well aware that fraud is a growing concern; check fraud due to counterfeiting in 1996 will approximate $4.3 B (Nilson Report, with losses 10% Banksxe2x80x9490% Merchants). Experts know that counterfeit identification is easily procured.
To prevent fraud it is critical to distinguish an authentic document from a counterfeit or altered document. Current technologies rely on difficult-to-print human detectable features which are added to a document to prevent illegal reproduction. Fraud detection is accomplished by human observation and is based upon the examiner""s knowledge, experience and time allotted for examination of a document.
Another approach to increasing security of a value document is to add a unique property to each document. Data about that property is encoded on the document itself and is secured using a public key based digital signature. In such a scheme, machine verification of authenticity is possible.
This invention uses a unique property of magnetic ink printing on a check: magnetic remanence variation, that provides for self-authentication when used with a recordable magnetic stripe on the check for storing a digital signature and other document data.
A xe2x80x9cvalue documentxe2x80x9d will be understood as representing negotiability (e.g. currency which is highly negotiable). A value document may have limited negotiability; for example, a birth certificate is not negotiable but has value. Regardless of the limits of negotiability, fraudulent value documents increasingly threaten the integrity of our conventional business practices. In many instances where paper value documents are used there is a move to convert those transactions to completely electronic transactions (e.g. electronic funds transfer, though it needs improved security and resistance to fraud, can reduce the cost of commercial transactions by eliminating the handling of paper, cash and checksxe2x80x94but electronic transactions may prove to be more prone to fraud than paper documents).
Traditionally, the authenticity of a document is determined by physical examination for color, background printing, paper texture, printing resolution, and ink characteristics. On an initial level, there may be numerous security features present in a value document but few if any, can be detected and evaluated by the untrained individual. Because security features are normally not standardized except in currency, training tellers and cashiers to do extensive security evaluation is not practical, even though these are often the only people who get the chance to closely examine the document in a payment system which is xe2x80x9cback-end automatedxe2x80x9d.
Here one may assume that xe2x80x9cvalue documentsxe2x80x9d comprise commercial and personal checks, although the concepts presented here can easily be applied to travelers cheques, credit cards, event tickets, passports, driver""s licenses, motor vehicle titles, and even currency.
According to the July 1995 Nilson Report, the volume of paper checks written in the United States in 1994 was $61 billion U.S. dollars: 57%, or $34.8 billion were personal checks, 40%, or $24.4 billion, were commercial checks and 3%, or $1.8 billion, were cheeks written by the government. In that same Nilson Report, fraud losses from all checks totaled $12.6 Billion, with losses to merchants of $11.26 Billion, while financial institutions lost another $1.34 Billion. Types of check fraud included:
Accounts closed and kitingxe2x80x9432%
Counterfeitingxe2x80x9427%
Forgeryxe2x80x9424%
Bankruptcyxe2x80x9412%
Refer to makerxe2x80x945%
In working on measurement of unique magnetic signal properties of Magnetic Ink Character Recognition (MICR) characters of checks, I noted that magnetic remanence variation quite often presented a large distortion in MICR waveforms. I noted that the magnetic remanence variation was reproducible when read by a read system with a given bandwidth proportional to document speed. A system concept came to mind that correlated the magnetic remanence variation of the left-most Routing Transit symbol to a value stored in a data base. The data base could be queried, using the MICR line itself as the index, and the previously noted remanence variation could be compared with the subsequent measured variation. This xe2x80x9cFIRST methodxe2x80x9d, although technically feasible when the MICR readers had the same physical spatial and electronic proportional bandwidth, was not preferred, as a potential product, because of the necessary large xe2x80x9call-itemsxe2x80x9d data base requirements. There were some limited applications such as credit cards where this can be feasible, but the credit card market is moving to xe2x80x9csmart cardsxe2x80x9d as a way to reduce fraud. And a market survey indicated that credit card issuers were reluctant to invest in new technology to further improve xe2x80x9cmagnetic stripe technologyxe2x80x9d.
When I contemplated, methods for authenticating value documents, I realized that the methods should not have the limitation of requiring an xe2x80x9call-items data basexe2x80x9d to perform authentication. I began to realize that one could use a recordable data file for storing an xe2x80x9cencryptedxe2x80x9d message, or a xe2x80x9cdigital signaturexe2x80x9d, using xe2x80x9cpublic key technology.xe2x80x9d
Encryption
One may assume that an xe2x80x9cencrypted digital signaturexe2x80x9d is a kind of xe2x80x9celectronic fingerprintxe2x80x9d that only a legitimate sender can add to electronic mail (e.g. e-mail).
Workers are aware of encryption xe2x80x9ckeysxe2x80x9d, or mathematical functions by which unencrypted characters are transformed into code, e.g. a message sender and receiver may agree on a secret code (key) to encrypt and decrypt a messagexe2x80x94a system as simple as substituting the letter B for the letter A, C for B, D for C an so on. The recipient reverses the procedure to decrypt and read the soxe2x80x94encoded message.
This gives rise to xe2x80x9cpublic key cryptographyxe2x80x9d where each user has two xe2x80x9ckeysxe2x80x9d: the public key which is disseminated widely and used by others to encrypt their messages to you, but which is decoded only with a matching xe2x80x9cprivate keyxe2x80x9d, kept secret (e.g. guarded by a password an a user""s computer) and used to decode the public key message into clear text. Using xe2x80x9cone-way functionsxe2x80x9d, this public/private key system is quite securexe2x80x94these functions being easy to perform in one direction but very, very difficult to perform in the opposite direction without the secret private-key information. Thus once you""ve successfully installed the software and created a pair of keys, turning an e-mail message into pages of nonsense is as easy as clicking on an icon depicting a padlock on an envelope. Clicking a second icon adds an encrypted digital signature, proving that you wrote the message. You can then safely send the message over the Internet.
Except for one problem. Your recipient must also have Pretty Good Privacy (PGP) compatible encryption softwarexe2x80x94and that person must have already supplied you with his or her public key. Without the recipient""s public key, there""s no way to encode the message to him or her. Likewise, the other party will need your public key before he or she can encrypt a reply. Swapping keys is a simple matter, but ensuring that your correspondent has the necessary software isn""t.
That""s why encrypted e-mail is expected to get a big boost from the latest generation of Web browsers, which have built public-key cryptography into their e-mail utilities.
But, in an improved method, the sender also sets up a xe2x80x9cdigital certificatexe2x80x9d. By handing someone his digital certificate, he""s giving them his public key. (e.g. this added integration in a Netscape browser means that when you receive an e-mail with someone else""s certificate attached, it automatically gets added to a database on your PC, ready for use when you want to send that person an encoded message).
The certificate concept is meant to emphasize proof-of-identity. Certificates can be endorsed by a third party, a so-called trusted entity that guarantees certain information. Netscape users in search of a certificate will find themselves directed to a Web site like that of VeriSign, where users can obtain digital ID cards with varying levels of assurance of the person""s true identityxe2x80x94and pay for the privilege.
Assume a check proceeding from a merchant (e.g., exchange for goods purchased) to a Bank of FD (first deposit) and to an On-us Bank, (the paying Bank) in the course of normal dealings is xe2x80x9cforward presentedxe2x80x9d, with a typical xe2x80x9creturn timexe2x80x9d, if the check is not paid, being 2-7 days. By contrast, with my xe2x80x9cself-authenticationxe2x80x9d as here described, this 2-7 days is cut to a few seconds or minutes, using my preferred xe2x80x9cself-authentication modulexe2x80x9d as described below (and see FIG. 8). For such xe2x80x9cvalue itemsxe2x80x9d (documents etc., that represent value) it is often desired to provide an easy and economical method to authenticate that the document is an original and genuine (i.e., not a counterfeitxe2x80x94e.g., that a check is xe2x80x9cgoodxe2x80x9d, or that a contract was really approved and signed as shown, or that a letter is really signed by its apparent author). Such documents, or other value-items, may take the form of a check, or drivers license, or motor vehicle title, birth certificate, passport, credit or debit card, merchandise or even currency. In addition, for merchandise (manufactured items) it is often desirable to trace the origin of manufacture where counterfeiting is suspected. The genuine article may have experienced special invisible processes which affect the suitability of use, but a counterfeit item may look identical under casual examination, yet may not work properly. An example of this is replacement parts for aircraft. Such parts or components must often be xe2x80x9ccertifiedxe2x80x9d to assure that they meet special requirements or have undergone a certain mode of manufacture; for example, that a part was treated to impart high strength under stress loading or high temperature, etc. A xe2x80x9ccounterfeit componentxe2x80x9d which is not properly so heat-treated may fail in use and cause an aircraft to crash. In such cases it is critical that verifiably genuine parts be installed during aircraft maintenance.
As a solution to this problem, I here propose a security algorithm that is based on some physical parameter of an item (e.g., printing on a check). I then encrypt a digital representation of it, and then print the encrypted data on the item so as to be machine read. In many cases, I prefer to use a xe2x80x9cpublic keyxe2x80x9d (e.g., at the Point of Sale (POS) to decrypt the encrypted value and compare, to assure that the proper code is present.
One preferred solution involves a technique for applying a xe2x80x9cdigital signaturexe2x80x9d to a xe2x80x9cvalue documentxe2x80x9d for self-authentication, using particular encryption algorithms, e.g., for checks at the xe2x80x9cpoint-of-salexe2x80x9d POS, and at the xe2x80x9cBank of first depositxe2x80x9d so as to detect counterfeits early.
I here teach a technique for document self-authentication, using a correlation between a document characteristic and a related xe2x80x9cdigital signaturexe2x80x9d used therewith (e.g., as a method for tagging checks, etc.),xe2x80x94this done in a fashion that facilitates machine-reading and authentication, without need for a skilled document examiner: my technique preferably also permits remote capture of a document image with confidence in the authenticity of the scanned, imaged document. I prefer to do this with a xe2x80x9ctwo keyxe2x80x9d (public, private key) digital signature methodxe2x80x94especially using a representation of a magnetic characteristic of the document (e.g., remanant magnetic variation pattern placed on a target-site on the document). This is to be machine read and encoded and encrypted with the two-key algorithm. The result is a machine-readable, encrypted version that may be sent to a document-recipient (e.g. bank)xe2x80x94which may decrypt/decode the data and compare it with known standards. A match assures authenticity.
Less Preferred Techniques
One method for enhancing document security involves the use of special paper and the printing of xe2x80x9csecurity featuresxe2x80x9d on that paper, so that when a trained person performs a visual examination he may be able to reliably decide whether the document in question is authentic or fraudulent. Often the acceptor of a xe2x80x9cvalue documentxe2x80x9d is not adequately trained or skilledxe2x80x94and so may inadvertently accept a counterfeit item.
In other cases personal identification is used to authenticate a person for receiving a benefit or to control liability; for instance, when a bartender verifies that a person is of legal age before being served alcohol. With advanced printing technology now so readily available, examination of printing alone is inadequate to authenticate documents. A traditional method is to physically mark a document or like medium with a seal or signature. But these methods do not permit xe2x80x9cremotexe2x80x9d authentication (i.e., at a distance physically from the document) or by persons unfamiliar with the maker""s seal or the signer""s signature.
My solution is to devise a special machine-readable code (M-code), based on an item characteristic (e.g., magnetic feature of check printing), apply it to a subject check or other item (e.g., during item preparation) along with a second machine-readable authentication code (A-code), generated by modifying (encrypting) the M-code with a xe2x80x9cprivate key encryption codexe2x80x9d (devised from a two-key set: a xe2x80x9cprivate keyxe2x80x9d used in the writing, and a xe2x80x9cpublic keyxe2x80x9d used by the recipient to authenticate). Alternatively, the use of a xe2x80x9cdigital signaturexe2x80x9d replaces the straight encryption and provides a greater resistance to tampering than encryption/decryption.
Thus, an object hereof is to address (at least some of) the mentioned problems and to provide (at least some of) the mentioned features.
The methods and means discussed herein will be generally understood as constructed and operating as presently known in the art, except where otherwise specified; and with all materials, methods, devices and apparatus herein understood as being implemented by known expedients according to present good practice.