NL1039749C2 - Secure id-barcode. - Google Patents

Secure id-barcode. Download PDF

Info

Publication number
NL1039749C2
NL1039749C2 NL1039749A NL1039749A NL1039749C2 NL 1039749 C2 NL1039749 C2 NL 1039749C2 NL 1039749 A NL1039749 A NL 1039749A NL 1039749 A NL1039749 A NL 1039749A NL 1039749 C2 NL1039749 C2 NL 1039749C2
Authority
NL
Netherlands
Prior art keywords
secure
data
barcode
biometric
barcodes
Prior art date
Application number
NL1039749A
Other languages
Dutch (nl)
Inventor
Franciscus Elisabeth Wilhelm Bolk
Original Assignee
Franciscus Elisabeth Wilhelm Bolk
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Franciscus Elisabeth Wilhelm Bolk filed Critical Franciscus Elisabeth Wilhelm Bolk
Priority to NL1039749A priority Critical patent/NL1039749C2/en
Application granted granted Critical
Publication of NL1039749C2 publication Critical patent/NL1039749C2/en

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3226Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using a predetermined code, e.g. password, passphrase or PIN
    • H04L9/3231Biological data, e.g. fingerprint, voice or retina
    • GPHYSICS
    • G09EDUCATION; CRYPTOGRAPHY; DISPLAY; ADVERTISING; SEALS
    • G09CCIPHERING OR DECIPHERING APPARATUS FOR CRYPTOGRAPHIC OR OTHER PURPOSES INVOLVING THE NEED FOR SECRECY
    • G09C5/00Ciphering apparatus or methods not provided for in the preceding groups, e.g. involving the concealment or deformation of graphic data such as designs, written or printed messages
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0861Network architectures or network communication protocols for network security for authentication of entities using biometrical features, e.g. fingerprint, retina-scan
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/02Protecting privacy or anonymity, e.g. protecting personally identifiable information [PII]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/04Key management, e.g. using generic bootstrapping architecture [GBA]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/06Authentication
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/60Context-dependent security
    • H04W12/69Identity-dependent
    • H04W12/77Graphical identity

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Health & Medical Sciences (AREA)
  • Biomedical Technology (AREA)
  • General Health & Medical Sciences (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Life Sciences & Earth Sciences (AREA)
  • Biodiversity & Conservation Biology (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Theoretical Computer Science (AREA)
  • Cash Registers Or Receiving Machines (AREA)
  • Credit Cards Or The Like (AREA)
  • Collating Specific Patterns (AREA)

Description

Secure ID-Barcode A barcode/symbol is an optical machine-readable representation of data relating to the object to which it is attached. Originally barcodes/symbols represented data by varying the widths and spacing of parallel lines and may be referred to as linear or one-dimensional 5 (ID). Later they evolved into rectangles, dots, hexagons and other geometric patterns in two dimensions (2D). Although 2D systems use a variety of symbols, they are generally referred to as barcodes as well. Barcodes/symbols were originally scanned by special optical scanners called barcode readers; later, scanners and interpretive software became available on devices including desktop printers and smartphones. Examples of 2D 10 or two-dimensional barcodes/symbols that can be used: • Quick Response (QR) codes(c), which were developed by Denso Wave and Tags(c) have found wide spread use in commercial advertising where mobile phone cameras may be used to scan the codes and thus read or discover the data required to direct the mobile device's software browser application to a specific internet 15 address (URL) and/or the code can be printed as machine readable identity marks, or product codes for any number of non-secure product identification tags. QR codes have been standardized in ISO/IEC 18004:2006 QR Code 2005 specification.
• PDF417 is a stacked linear barcode symbol format used in a variety of applications, primarily transport, identification cards, and inventory management. PDF stands for 20 Portable Data File. The 417 signifies that each pattern in the code consists of 4 bars and spaces, and that each pattern is 17 units long. The PDF417 symbology was invented by Dr. Ynjiun P. Wang at Symbol Technologies in 1991. (Wang 1993) It is represented by ISO standard 15438.
• MaxiCode is a public domain, machine-readable symbol system originally created 25 and used by United Parcel Service. Suitable for tracking and managing the shipment of packages, it resembles a barcode, but uses dots arranged in a hexagonal grid instead of bars. MaxiCode has been standardised under ISO/IEC 16023.
A MaxiCode symbol (internally called "Bird's Eye", "Target", or "ups code") appears as a 1 inch square, with a bulls eye in the middle, surrounded by a pattern of 30 hexagonal dots. It can store about 93 characters of information, and up to 8
MaxiCode symbols can be chained together to convey more data. The centered symmetrical bullseye is useful in automatic symbol location regardless of orientation, and it allows MaxiCode symbols to be scanned even on a package traveling rapidly. MaxiCode symbology was released by UPS in 1992.
1 039 7 49 2
Unfortunately 2D or two-dimensional barcodes/symbols are easily reproduced, allowing hundreds of copies to be reproduced from a single copy by machine methods such as photo copying. This has limited the practical use of two-dimensional codes in applications requiring high speed creation of machine readable secure identity tokens, for example in 5 sports venues, healthcare or other industries were the identity of a person needs to be checked, for which the invention is a proposed solution. The advent of powerful multi-core microprocessors has made it practical for using biometrics to be captured as encryption and decryption keys that can be directly incorporated into two-dimensional barcodes/symbols for secure authentication purposes. The invention is not limited to 2D barcodes/symbols 10 only but extends to 3D or other barcodes/symbols as well. All barcodes/symbols that can contain the encrypted data can be used.
PRIOR ART
Two dimensional barcodes/symbols have seen extensive use in a number of commercial applications from Starbuck’s Coffee company's use of QR codes as a replacement for pre-15 paid cards allowing customers to display a QR code on their mobile phone screen as an easily captured electronic form of their pre-paid purchase card to a number of airlines using QR codes to encode passenger boarding information onto boarding passes. These prior usages have represented a "static" use of two-dimensional codes to allow the quick and efficient capture of encoded data such as the customers' card account number or 20 passengers' name, seat number and airline flight number, and have thus failed to offer a highly secure method for authentication being reliant upon secondary physical tokens, the passenger's passport or the actual pre-paid card itself and biometrics, for security purposes. Two-dimensional barcodes/symbols have thus far been useful to represent sensitive and legal, account or personal data only in so much as they are more conveniently printed or 25 captured than other conventional machine readable technologies.
Efforts have been made to render post generated two-dimensional codes more secure and tamper resistant by using various apparatuses such as special proprietary scanners to read the displayed codes or by the use of additional features such as geometric marks on otherwise standard two dimensional codes.
30 Brett US patent application U20110233284 for example discloses a method to use geometric colored marks to overlay a security element on a standard QR code.
Parikh (US application #20110137742 assigned to E-Bay Inc.), describes using captured two-dimensional product bar-codes on a mobile device to specify a consumer’s purchase choice and facilitate payment transactions. The application claims the inclusion of some customer 3 account information without providing any details. Parikh's application nevertheless fails to claim use of machine-readable physical identity token(s) incorporated into the QR code to enhance the security of the codes, nor does it satisfy another of the objectives of the present applicant’s invention, being to utilize highly secure tamper proof biometric data for 5 authentication purposes while at the same time protecting the personal privacy of the individual by incorporating it into a secure two-dimensional code (or in simple terms using a person's facial image captured on a digital camera for authentication purposes for internet commerce while never actually exposing said facial image).
Kasper et ai, US application #2009183247 claims the use of multi factor encryption plus 10 biometrics to control access to a network but makes no reference to transforming such identity information into a two-dimensional bar code.
Doyle Brian Joseph [CA], US application #2012138679 claims a secure method for creating one-time-use high secure 2D barcodes, or secure two-dimensional barcodes, by utilizing machine readable physical tokens without the use of biometrics.
15 Terrell Alexander [GB] application #2460240 claims a secure means of issuing a barcode to a mobile phone or to a mobile computer which can be used as a valid ticket that gives permission to enter an event or travel in a moving vehicle; or as a voucher that can be redeemed for goods or other services that have been purchased. The ticket or voucher is displayed on a mobile phone screen and consists of three elements including a barcode (1), 20 text describing the essential elements of the ticket, and a moving image or a changing piece of text to prevent simple copying of the ticket. In the preferred embodiment of the invention, the barcode is a 2-d barcode containing the ticket information and a means of authentication using either symmetric or asymmetric security keys. For a ticket for travel, the preferred moving image consists of a timer which displays hours, minutes and seconds, 25 showing either the time since the ticket was purchased, or remaining time that the ticket is valid. The barcode itself is not secured and no biometrics are used to secure the barcode. Noore A; Tungala N; Houck Μ M application XP004665115 claim to have an approach for embedding uncompressed images in a standard PDF417 2D barcode using a blind digital watermarking technique. The text is encoded in the standard PDF417 format with error 30 correction, while the face and fingerprint images are watermarked in the encoded 2D barcode. With this method the biometrics itself are stored within the barcode.
Berini Dario [CA]; Fevens Bryon; Arnon llan; Bell Robert application #2009004719 describe a system and method for passenger identity verification. The system has at least one check in system with a barcode reader and a biometric data collection device. When a passenger 4 checks in, a barcode is placed on the passenger's boarding documents, the barcode is read, and biometric data is collected from the passenger. The system stores the data in a database of a server in such a way that the barcode data is associated with the biometric data. With this approach an external system is used to store and retrieve the biometrics 5 with the barcode as reference.
DETAILED DESCRIPTION
Preferred but not limited to embodiment of the invention is a two-dimensional barcode such as a security enhanced QR code or security enhanced pdf417 code, generated by the capture of, or use of biometric identity key(s) that are applied in biometric encryption 10 algorithm before said codes are displayed on a high resolution display such as is found on a mobile telephone or other hand held electronic device or in printed format. Each two-dimensional bar code so generated even when using the same biometric(s) may be unique by the inclusion of a time stamp and/or random specific transaction information such as the retail location or amount of transaction or used many times depending on the incorporated 15 data.
References are made herein to Identification Document Bar Codes {ID) which is nomenclature for the form of secure 2D code proposed by the applicant; however the invention is equally applicable to, and could be used to create secure two dimensional barcodes from, or based on, any known two-dimensional bar code schema such as for 20 example DataMatrix or Maxi Code or QR Code or pdf417 codes or even 3D barcodes.
Typically a mobile phone may be used to display the generated secure two-dimensional bar codes or it may be printed. The biometric of the person is being captured using a sensor and transformed in a key in such a way that the biometric can be completely discarded. The biometric encryption key is then used as a key for encryption of auxiliary data. The 25 encrypted auxiliary data is being used to generated a 2D barcode that can be displayed on a high resolution screen or printed.
FIG. 1 shows a diagram explaining the registration/enrollment process. A biometry (1), in the drawing a fingerprint (is applicable for every biometry) is enrolled by a biometric sensor (2) and prepared for further processing. The pre-processed image is then offered to 30 the next stage to generate an (encryption) key (3) from the image. Next the biometry is discarded (4). External data (5) is fed into the encryption (6) and encrypted with the generated key (3). The barcode (7) is generated from the results of the encryption. The barcode can then be printed using printing technology (9) or displayed on a Cellular, or mobile telephone (8) with a liquid crystal display (LCD) or organic light emitting diodes 5 display (OLED) or equivalent electronic display capable of displaying a high resolution machine readable two-dimensional bar code as shown (7).
The 2D code shown represents a secure QR-ID code generated by first capturing a biometric token of the person (1) extracting an encryption key from that token (1) using software and 5 hardware, encrypting the external data by using a mathematical encryption algorithm such as: • public key encryption (PKI) where the biometric key is the private key itself and a public key is derived from the biometric private key and stored and used in an (mobile ) application or 10 · a symmetrical encryption algorithm or equivalent
And then using a standard 2D encoding algorithm to create and display the secure ID code on the digital screen or print it.
FIG. 2 shows a diagram explaining the usage process. A biometry (1) is enrolled by a biometric sensor (2), in the diagram a fingerprint is used as an example, and prepared for 15 further processing. The pre-processed image is then offered to the next stage to generate a (decryption) key (3) from the image. The biometry (1) is then discarded. The generated (decryption) key (3) as a result is then used to decrypt (10) the barcode. The barcode is scanned by a barcode sensor (11) and then offered to decrypt (10). After decryption the external data (5) is offered for further processing. The barcode can be displayed using 20 printing technology (9) or displayed on a Cellular, or mobile (smart) telephone (8) with a liquid crystal display (LCD) or organic light emitting diodes display (OLED) or equivalent electronic display capable of displaying a high resolution machine readable two-dimensional bar code as shown (7).
FIG. 3 shows the ID method for utilizing a secure identification method using 2D barcodes. 25 As external data (5) an example text is used 'This is an Example" (11). The biometry (1) in this example a fingerprint is entered for encryption. The Registration process (12) generates the secure ID barcode for use in combination with printing technology (9) or displayed on a Cellular, or mobile (smart) telephone (8) with a liquid crystal display (LCD) or organic light emitting diodes display (OLED) or equivalent electronic display capable of displaying a high 30 resolution machine readable two-dimensional bar code as shown. When the mobile phone or digital device (8) or printed 2D barcode(9) is placed in proximity to a two dimensional barcode scanner (11) that scans the such encrypted visible barcode (7) the encrypted digital code is obtained, and thus can be decoded by using the same biometry (1) and a biometry sensor (2) and through key generation process step (3) the originally captured external data 6 can be reconstructed and therefore strong identity and/or authorization and/or authentication can be established. When the barcode generated with the enrollment process is offered to a barcode scanner (11) within a use process (13) in combination with the biometric, the external data (11) is being reconstructed through decryption. If the 5 external data from the use process (11) is identical to the external data from the registration process (11) the identity is OK (14) and is being confirmed. If this is not the case (15) then the identity/authenticity/authority is NOT OK and is not confirmed Replacements for, or alternate forms of ID bar code, in combination with biometric data of the person using the device and the microSD card or the SIM card could be NFC chip 10 identity codes and/or the international mobile equipment identity (IMEI) codes present on all mobile devices. Biometric identity tokens can be captured from additional sensors such as a finger print or finger vein capture device. Most CCD-digital cameras such as those in mobile handset and even inexpensive web cameras can in addition to capturing the biometric precursor token(s) also read, or capture, generated ID codes for subsequent 15 decoding.
10 39 749

Claims (5)

1. Een methode voor het maken van een veilige barcode/symbool (één-, twee-, drie dimensioneel) door gebruik te maken van biometrische gegevens of daarvan afgeleide gegevens als sleutel voor, en het toepassen van een coderingsalgoritme 5 zoals synchroon of asynchroon, het coderen van (unieke) identiteitstoken(s) en genereren van verder normale barcodes.1. A method for making a secure barcode / symbol (one, two, three dimensional) by using biometric data or data derived therefrom as a key to and applying an encryption algorithm such as synchronous or asynchronous, coding (unique) identity token (s) and generating further normal barcodes. 2. Een methode van conclusie 1, door het toevoegen van een tijdslimiet (timestamp) kan de barcode beperkt in tijd gebruikt worden.A method of claim 1, by adding a time limit (timestamp), the barcode can be used limited in time. 3. Een methode van conclusie 1, het anonimiseren van biometrische kenmerken, zoals 10 vingerafdruk of ader van de vinger of andere biometrische gegevens, ter bescherming van de persoonlijke levenssfeer van personen door het biometrische kenmerk te gebruiken als sleutel voor encryptie en andere data daarmee te crypten, wordt de biometrie zelf niet vastgelegd.3. A method of claim 1, anonymizing biometric features, such as fingerprint or finger vein or other biometric data, to protect the privacy of individuals by using the biometric feature as a key for encryption and using other data therewith. crypts, the biometrics themselves are not recorded. 4. Een methode van conclusie 1, om gebruikers te identificeren of autoriseren of 15 authentiseren door lezen of vastleggen van ( unieke ) identiteit token(s) gegevens, met normale barcodescanners en/of digitale camera's en/of andere sensoren, die gecodeerd zijn met behulp van biometrische gegevens en opgenomen en zichtbaar weergegeven als verder normale barcodes en de vastgelegde genoemde unieke identiteit token(s) gegevens in de barcode, decoderen en controleren met behulp 20 van de biometrische gegevens en het zo mogelijk maken de barcode te gebruiken voor identificatie, autorisatie en authenticatiedoeleinden.4. A method of claim 1, to identify or authorize or authenticate users by reading or recording (unique) identity token (s) data, using normal barcode scanners and / or digital cameras and / or other sensors encoded with using biometric data and recorded and visibly displayed as further normal bar codes and the recorded said unique identity token (s) data in the bar code, decoding and checking using the biometric data and making it possible to use the bar code for identification, authorization and authentication purposes. 5. De methode van conclusie 1, definieert ook een groep van barcodes, secure 2D-ID barcodes, zoals secure QR-ID of secure pdf417-ID of secure DataMatrix-ID of secure Maxi Code-ID. 1039749The method of claim 1, also defines a group of barcodes, secure 2D-ID barcodes, such as secure QR-ID or secure pdf417-ID or secure DataMatrix-ID or secure Maxi-Code-ID. 1039749
NL1039749A 2012-07-27 2012-07-27 Secure id-barcode. NL1039749C2 (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
NL1039749A NL1039749C2 (en) 2012-07-27 2012-07-27 Secure id-barcode.

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
NL1039749A NL1039749C2 (en) 2012-07-27 2012-07-27 Secure id-barcode.
NL1039749 2012-07-27

Publications (1)

Publication Number Publication Date
NL1039749C2 true NL1039749C2 (en) 2014-01-28

Family

ID=51582169

Family Applications (1)

Application Number Title Priority Date Filing Date
NL1039749A NL1039749C2 (en) 2012-07-27 2012-07-27 Secure id-barcode.

Country Status (1)

Country Link
NL (1) NL1039749C2 (en)

Similar Documents

Publication Publication Date Title
US11620658B2 (en) Authenticated barcode pattern
US20120138679A1 (en) Secure two dimensional bar codes for authentication
US9171347B2 (en) System and method for analysis and authentication of covert security information using a smart device
CN105706107B (en) The method of the certification of two-dimensional bar and this bar code
US7337971B2 (en) Method and apparatus for capturing and decoding an image of a remotely located bar code
CA2492004C (en) System and method for providing secure identification solutions
US20090187435A1 (en) Security methods employing drivers licenses and other documents
GB2539546A (en) Enhanced quick response codes
KR20080066871A (en) Method and system for generating and linking composite images
KR20080008417A (en) Authenticity verification by means of optical scattering
WO2008076652A2 (en) Object authentication using encoded images digitally stored on the object
US20080285847A1 (en) Dynamo color coding system to validate, authenticate goods and services
EP2907066A1 (en) System and method for analysis and authentication using a smart device
WO2017153971A1 (en) A system for product authentication and method thereof
KR101216430B1 (en) System and server for creating and certificating image of color pattern
JP2006313534A (en) Method and system for manufacturing uncorrectable self-identification article and checking its authenticity
JP2022115892A (en) Information processing system, information code generation system, information processing method, and information code generation method
US20150138608A1 (en) System and Method for Printing a Hidden and Secure Barcode
Albakir et al. A conceptual design of genuine Halal logo detector
CN105452007B (en) Method for verifying genuineness of document
NL1039749C2 (en) Secure id-barcode.
US8496185B2 (en) Secure ID
Mantoro et al. Real-time printed document authentication using watermarked qr code
US10192084B1 (en) System and method for authenticating objects with authorized access controls
KR20200060858A (en) RFID Tag Preventing Forgery and Falsification Comprising Photonic Crystal Materials and Method Using there of

Legal Events

Date Code Title Description
MM Lapsed because of non-payment of the annual fee

Effective date: 20150801