EP3447716A1 - Procédures et dispositifs automatisés d'authentification et de vérification de documents - Google Patents

Procédures et dispositifs automatisés d'authentification et de vérification de documents Download PDF

Info

Publication number
EP3447716A1
EP3447716A1 EP17187030.6A EP17187030A EP3447716A1 EP 3447716 A1 EP3447716 A1 EP 3447716A1 EP 17187030 A EP17187030 A EP 17187030A EP 3447716 A1 EP3447716 A1 EP 3447716A1
Authority
EP
European Patent Office
Prior art keywords
document
identifier
user
electronic document
document identifier
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Withdrawn
Application number
EP17187030.6A
Other languages
German (de)
English (en)
Inventor
Anna Katharina HILDEBRANDT
André RINAU
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Individual
Original Assignee
Individual
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Individual filed Critical Individual
Priority to EP17187030.6A priority Critical patent/EP3447716A1/fr
Publication of EP3447716A1 publication Critical patent/EP3447716A1/fr
Withdrawn legal-status Critical Current

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q50/00Information and communication technology [ICT] specially adapted for implementation of business processes of specific business sectors, e.g. utilities or tourism

Definitions

  • the invention relates to automated methods for authentication and verification of documents, in particular if they are brought into circulation, for example, in paper form.
  • Paper-based documents can be protected with physical authentication, digital documents with digital signature.
  • Protecting documents primarily uses optical security features such as watermarks, specialty paper, security stripes, transparencies, fluorescent colors, or holograms. These are human characteristics. However, machine recognizable features are also used. These include, for example, infrared color or magnetic elements. The use of machine-recognizable features is not an option for most document authors because it requires additional hardware, some of which is very expensive. Even third parties would need appropriate hardware to read the features and verify the document. If you do not own this hardware, you can do not verify the document. Physical authenticity procedures make it difficult to create a counterfeit, but can not reliably prevent a fake.
  • inadequately protected documents can be easily copied and faked using conventional reproduction equipment such as high resolution scanners, color copiers, or small printing presses. Secure protection against counterfeiting can not be achieved with physical solutions. In particular, when a digital or paper-based copy is made from the original document, the physical protection no longer exists.
  • Digital signature processes only protect digital documents. They ensure that the sender of the data is authentic and that the digitally transmitted data has not been changed and is therefore unadulterated.
  • Certifications are not a solution to the problem of forgery, but rather exacerbate the basic problem.
  • an attestation is only a certificate that a copy / copy matches a document submitted.
  • the documentary persons are usually not the authors of the document.
  • the question of whether the submitted document is an original will not be answered in the context of certification.
  • the determination of the authenticity of the submitted document is also not possible for the documentary persons for the reasons described in the rule. In fact, this aggravates the problem further, as authentication of counterfeits are basically possible without any problems. This results in certified copies of forgeries whose genuineness is no longer questioned.
  • the intention is to prevent forgery or manipulation by the owners of the documents or third parties (eg employment certificates, diplomas, certificates) as well as subsequent manipulation by the author (eg subsequent amendment of certificates or contracts).
  • the invention provides a computer-implemented method for authenticating a document comprising the steps of: generating an electronic document document; Providing the electronic document with a digital signature to obtain a signed document; Sending the signed document to a data store to enable retrieval by a third party; Combining the electronic document with a document identifier to obtain a verifiable document; and outputting the verifiable document.
  • two versions of the same document are thereby produced: an original provided with a document identifier which can be placed on the market in electronic or paper form, and a check copy stored for retrieval by a third party at a depository, if necessary for verification of an original by comparison the contents of the two documents can be used.
  • the authenticity of the verification copy is ensured by the digital signature of the creator; a signature of the original is no longer required, in its place is the application of the document identifier, which identifies the verification copy.
  • the signed document can additionally be encrypted.
  • the original may be provided with a key to decrypt the encrypted verification copy, as well as the document identifier.
  • the encryption and decryption can be done for simplicity with a symmetric key, without compromising any confidentiality of the document, which is ensured even when using a symmetric key, as long as only authorized entities from this knowledge.
  • the key is not required to retrieve the verification copy at the depository, but the depository may be - automated - operated so as to allow retrieval via the document identifier.
  • the combining of the electronic document with the document identifier can be done by applying the document identifier to the electronic document.
  • the document identifier may be applied in machine-readable form, for example, as graphical code representing the document identifier.
  • the invention provides a computer-implemented method for managing documents, comprising the steps of: generating a first document identifier (ID1); Receiving an electronic document from a user, the electronic document being digitally signed by the user; Save the electronic document in a non-volatile memory, under the first document identifier (ID1); Receiving a second document identifier (ID2); Providing the electronic document when the first document identifier (ID1) corresponds to the second document identifier (ID2).
  • a digital signature may be added to the electronic document.
  • the received electronic document may be encrypted. The encryption can be done with a symmetric key.
  • the document identifier used may initially have been requested by a user.
  • the request for the document identifier may have been digitally signed by the user or sent over an authenticated channel.
  • the signature of the request can be verified and, if necessary, rejected.
  • the generated document identifier can be sent to the user.
  • the document identifier of an incoming electronic document can be compared with the generated document identifier to ensure that a user uses a valid document identifier, for example, to ensure a clear assignment of documents and identifiers on the part of the depository.
  • the sent document identifier can also be digitally signed to allow the requesting user to verify the identity of the issuer of the document identifier.
  • the document identifier can be encrypted to prevent misuse by unauthorized third parties.
  • FIG. 1 shows a schematic overview of the individual methods and their interaction according to an embodiment of the invention.
  • Bob offers a cloud-based service for storing and verifying documents. At no time must document content or keys be made available to him, at least if encryption is used. Alice wants to encrypt documents in the cloud for verification, knowing the secrets of that particular document (i.e., document content and key). Trent operates a central certification authority All protocol participants trust Trent (used as a root certification authority). Carol wants to submit her documents to Dave for verification. Dave does not trust her to submit the correct original version of the documents. Dave wants to verify Carol's documents. Carol entrusts him with the contents and the key to exactly these documents.
  • Alice uses a computer 110 to create an original document D2 and sends it on the one hand with its digital signature to a depository 130 operated by Bob, which stores the document with an ID and keeps it under third party ID 120 under that document ID , Then, Alice generates a document ID of the original D1 on a printer 115 and puts it into circulation.
  • Dave can retrieve the deposited and digitally signed copy of the original at the depository 130 using the document identifier applied to the original printout and verify both the signature of Alice and the contents of the document to eliminate counterfeiting.
  • the verification protocol used ensures that the provider (referred to as "Bob” in the IT security protocol in the protocol) can not view document content at any time because the key used is not transmitted, Bob is not aware of it, nor in any database is stored.
  • the key is located (in the form of a QR code) only on the document. Key generation and encryption are done entirely on the client, not on the server. Only persons who have received the document (or a copy of the document) physically or digitally can verify (verify) the original document. The key does not get into the cloud. The decryption does not take place on the user's computer until the document has been downloaded in encrypted form.
  • FIG. 2 shows preparations for the use of the method according to an embodiment of the invention.
  • Bob creates a random public / private key pair. He concatenates his name with the public key and lets Trent sign the key / name pair with his private key.
  • Alice creates a random public / private key pair. She concatenates her name with the public key and lets Trent sign the key / name pair with his private key. Then she downloads Bob's public key / name pair, checks Trent's signature and extracts Bob's public key. With this she encrypts her public key / name pair and sends this information to Bob.
  • Bob decrypts the received public key / name pair with his private key and checks Trent's signature. Then he extracts Alice's public key / name pair, signs it with his private key, encrypts the public key / name pair with Alice's public key, and sends that information to her.
  • FIG. 3 shows a method of document production and transfer according to an embodiment of the invention.
  • the method according to the invention can be implemented as a web service.
  • two components are provided.
  • the document protection is done with a desktop application or a printer add-in, the verification is web-based.
  • the inventive methods solve the problem of forgery by allowing third parties to check the authenticity of a submitted document. During the verification, an automated comparison of documents can be provided.
  • the solution according to the invention protects all digital and paper-based copies of the documents against counterfeiting. In most cases, documents are handed over in paper form. Digital signatures do not help here. If documents are handed over in digital form, are protected with the inventive solution and later paper prints against counterfeiting. In addition, the solution according to the invention replaces authentication, with corresponding expense savings for document holders. Data protection is guaranteed: the document can only verify who it is in the original or as a copy; The depository or third parties have at no time access to the document due to the verification protocol according to the invention. An intervention in the verification process from the outside is prevented by the use of suitable certificate structures.
  • the inventive method allows a Web-based verification, which is possible on all popular devices and browsers. Furthermore, the protection of documents of all formats is possible. Optionally, an automated document comparison can take place as part of the verification. Existing processes at the document author are hardly changed. Uploading and retrieving the document takes less than a second with standard document sizes, as well as protecting and verifying the document.

Landscapes

  • Business, Economics & Management (AREA)
  • Health & Medical Sciences (AREA)
  • Economics (AREA)
  • General Health & Medical Sciences (AREA)
  • Human Resources & Organizations (AREA)
  • Marketing (AREA)
  • Primary Health Care (AREA)
  • Strategic Management (AREA)
  • Tourism & Hospitality (AREA)
  • Physics & Mathematics (AREA)
  • General Business, Economics & Management (AREA)
  • General Physics & Mathematics (AREA)
  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Storage Device Security (AREA)
EP17187030.6A 2017-08-21 2017-08-21 Procédures et dispositifs automatisés d'authentification et de vérification de documents Withdrawn EP3447716A1 (fr)

Priority Applications (1)

Application Number Priority Date Filing Date Title
EP17187030.6A EP3447716A1 (fr) 2017-08-21 2017-08-21 Procédures et dispositifs automatisés d'authentification et de vérification de documents

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
EP17187030.6A EP3447716A1 (fr) 2017-08-21 2017-08-21 Procédures et dispositifs automatisés d'authentification et de vérification de documents

Publications (1)

Publication Number Publication Date
EP3447716A1 true EP3447716A1 (fr) 2019-02-27

Family

ID=59713810

Family Applications (1)

Application Number Title Priority Date Filing Date
EP17187030.6A Withdrawn EP3447716A1 (fr) 2017-08-21 2017-08-21 Procédures et dispositifs automatisés d'authentification et de vérification de documents

Country Status (1)

Country Link
EP (1) EP3447716A1 (fr)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN114329634A (zh) * 2022-01-12 2022-04-12 初蓝物联科技(上海)有限公司 一种电子签章文档的防伪方法
CN120030575A (zh) * 2025-04-21 2025-05-23 江西亿兆未来实业发展有限公司 一种多级文件审批管理方法及系统

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP0850523A1 (fr) * 1995-09-15 1998-07-01 Document Authentication Systems, Inc. Procede et systeme d'authentification de document
US20050138382A1 (en) * 2003-12-22 2005-06-23 Ingeo Systems, Llc Method and process for creating an electronically signed document
US20150358163A1 (en) * 2014-06-10 2015-12-10 Unisys Corporation Systems and methods for qr code validation
US20160182495A1 (en) * 2014-12-23 2016-06-23 Airwatch Llc Authenticator device facilitating file security

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP0850523A1 (fr) * 1995-09-15 1998-07-01 Document Authentication Systems, Inc. Procede et systeme d'authentification de document
US20050138382A1 (en) * 2003-12-22 2005-06-23 Ingeo Systems, Llc Method and process for creating an electronically signed document
US20150358163A1 (en) * 2014-06-10 2015-12-10 Unisys Corporation Systems and methods for qr code validation
US20160182495A1 (en) * 2014-12-23 2016-06-23 Airwatch Llc Authenticator device facilitating file security

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN114329634A (zh) * 2022-01-12 2022-04-12 初蓝物联科技(上海)有限公司 一种电子签章文档的防伪方法
CN120030575A (zh) * 2025-04-21 2025-05-23 江西亿兆未来实业发展有限公司 一种多级文件审批管理方法及系统

Similar Documents

Publication Publication Date Title
DE60211841T2 (de) Vorrichtung zur Aktualisierung und zum Entzug der Gültigkeit einer Marke in einer Infrastruktur mit öffentlichen Schlüsseln
DE102017204536B3 (de) Ausstellen virtueller Dokumente in einer Blockchain
DE10134682B4 (de) Verfahren und Vorrichtung zur Bestätigung der Echtheit eines Dokumentes und elektronischer Tresor zur Speicherung der Daten
DE60304744T2 (de) Verfahren,vorrichtung und computerprogramme zur erzeugung und/oder verwendungkonditionaler elektronischer signaturen zur meldung von statusänderungen
EP1946481B1 (fr) Dispositif de réalisation d une signature électronique améliorée d un document électronique
EP3318999B1 (fr) Procédé de délivrance d'une version virtuelle d'un document
EP3319006B1 (fr) Procédé de contrôle d'authenticité hors ligne d'un document virtuel
EP3913886B1 (fr) Émission des documents numériques à une chaine de blocs
EP4254234B1 (fr) Délivrance d'un credial numérique pour une entité
EP4092958B1 (fr) Émission d'une identification numérique vérifiable
WO2011006791A1 (fr) Procédé de lecture d’attributs d’un jeton d’identification
DE102008042262A1 (de) Verfahren zur Speicherung von Daten, Computerprogrammprodukt, ID-Token und Computersystem
DE10244727B4 (de) System und Verfahren zur sicheren Datenübertragung
EP1105998A1 (fr) Procede et dispositif permettant de composer une cle secrete de communication pour une paire de cles de chiffrement asymetrique prealablement determinee
DE60122349T2 (de) Verahren zur erzeugung von nachweisen über das senden und empfangen eines elektronischen schreibens und seines inhaltes über ein netzwerk
EP3447716A1 (fr) Procédures et dispositifs automatisés d'authentification et de vérification de documents
EP4174703B1 (fr) Récupération de clé cryptographique
EP2491513B1 (fr) Procédé et système de fourniture d'objets de données à protection erdm
DE112007000419B4 (de) Digitale-Rechte-Managementsystem mit diversifiziertem Inhaltsschutzprozess
EP4123960B1 (fr) Procédé et dispositif de fourniture d'un secret utilisateur numérique associé à un objet de données protégé
EP4174700A1 (fr) Fourniture d'un document numérique
DE102010021655A1 (de) Verfahren zum Bereitstellen von EDRM (Enterprise Digital Rights Management) geschützten Datenobjekten
WO1999057688A1 (fr) Procede pour l'authentification de documents
WO2012007349A1 (fr) Procédé de transmission d'un message électronique par l'intermédiaire d'un système de communication et système de communication associé
DE102004036008A1 (de) Computergestützte, zentral geschützte Generierung, Speicherung und Verwaltung von privaten asymmetrischen Benutzerschlüsseln (Software Token) in Public Key Infrastruktures des Mobilfunknetzes

Legal Events

Date Code Title Description
PUAI Public reference made under article 153(3) epc to a published international application that has entered the european phase

Free format text: ORIGINAL CODE: 0009012

STAA Information on the status of an ep patent application or granted ep patent

Free format text: STATUS: THE APPLICATION HAS BEEN PUBLISHED

AK Designated contracting states

Kind code of ref document: A1

Designated state(s): AL AT BE BG CH CY CZ DE DK EE ES FI FR GB GR HR HU IE IS IT LI LT LU LV MC MK MT NL NO PL PT RO RS SE SI SK SM TR

AX Request for extension of the european patent

Extension state: BA ME

STAA Information on the status of an ep patent application or granted ep patent

Free format text: STATUS: REQUEST FOR EXAMINATION WAS MADE

17P Request for examination filed

Effective date: 20190827

RBV Designated contracting states (corrected)

Designated state(s): AL AT BE BG CH CY CZ DE DK EE ES FI FR GB GR HR HU IE IS IT LI LT LU LV MC MK MT NL NO PL PT RO RS SE SI SK SM TR

STAA Information on the status of an ep patent application or granted ep patent

Free format text: STATUS: EXAMINATION IS IN PROGRESS

17Q First examination report despatched

Effective date: 20200514

STAA Information on the status of an ep patent application or granted ep patent

Free format text: STATUS: THE APPLICATION IS DEEMED TO BE WITHDRAWN

18D Application deemed to be withdrawn

Effective date: 20240301