(19)
(11)EP 0 927 957 B1

(12)EUROPEAN PATENT SPECIFICATION

(45)Mention of the grant of the patent:
28.04.2010 Bulletin 2010/17

(21)Application number: 98124246.4

(22)Date of filing:  18.12.1998
(51)Int. Cl.: 
G07B 17/02  (2006.01)

(54)

Postage metering system and method for a stand-alone meter having virtual meter functionality

Frankiersystem und Verfahren für eine eigenständige Frankiermaschine mit virtueller Frankiermaschinenfunktionalität

Système d'affranchissement et procédé pour une machine a affranchir autonome avec fonctionnalité de machine virtuelle


(84)Designated Contracting States:
DE ES FR GB IT SE

(30)Priority: 18.12.1997 US 993355

(43)Date of publication of application:
07.07.1999 Bulletin 1999/27

(73)Proprietor: PITNEY BOWES INC.
Stamford, CT 06926-0700 (US)

(72)Inventors:
  • Malandra, Charles R. Jr.
    Monroe, Connect. 06468 (US)
  • Pierce, Perry A.
    Darien, Connect. 06820 (US)

(74)Representative: HOFFMANN EITLE 
Patent- und Rechtsanwälte Arabellastrasse 4
81925 München
81925 München (DE)


(56)References cited: : 
EP-A- 0 775 988
EP-A- 0 780 809
  
  • "Information Based Indicia Program Postal Security Device Specification" 13 June 1996 (1996-06-13) , UNITED STATES POSTAL SERVICE XP002137734 Chapter 3.1.1: "PSD DIgital Signature Functions" Chapter 3.1.2: PSD Register Management Functions Chapter 3.2.2: IBIP Finance Funcions
  • "Information Based Indicia Program Host System Specification" 9 October 1996 (1996-10-09) , UNITED STATES POSTAL SERVICE XP002142880 Chapter 3.1.2: Multiple PSD Operation Chapter 3.2.1: Configuration Management
  
Note: Within nine months from the publication of the mention of the grant of the European patent, any person may give notice to the European Patent Office of opposition to the European patent granted. Notice of opposition shall be filed in a written reasoned statement. It shall not be deemed to have been filed until the opposition fee has been paid. (Art. 99(1) European Patent Convention).


Description


[0001] The present invention relates generally to a postage metering system and method for printing postage indicia using a personal computer and, more particularly, to a postage metering system and method for printing postage indicia including information from a remote data center.

[0002] The present application is related to the following European Patent Applications Serial Nos. EP-A-0 927 960, EP-A-0 927 959, EP-A-0 927 961, EP-A-0 927 966, EP-A-0 927 962 and EP-A-0 927 958, all filed concurrently herewith and assigned to the assignee of the present invention.

[0003] A postage evidencing system is described in EP-A-0 775 988.

[0004] The Information-Based Indicia Program ("IBIP") is a distributed trusted system proposed by the United States Postal Service ("USPS") to retrofit and augment existing postage meters using new technology known as information-based indicia. The program relies on digital signature techniques to produce for each envelope an indicium whose origin cannot be repudiated and content cannot be modified. IBIP is expected to support new methods of applying postage in addition to the current approach, which typically relies on a postage meter to mechanically print indicia on mailpieces. IBIP requires printing a large, high density, two-dimensional ("2-D") bar code on a mailpiece. The 2-D bar code encodes information and is signed with a digital signature.

[0005] The USPS has published draft specifications for IBIP. The INFORMATION BASED INDICIA PROGRAM (IBIP) INDICIUM SPECIFICATION, dated June 13, 1996, and revised July 23, 1997, ("IBIP Indicium Specification") defines the proposed requirements for a new indicium that will be applied to mail being processed using IBIP. The INFORMATION BASED INDICIA PROGRAM POSTAL SECURITY DEVICE SPECIFICATION, dated June 13, 1996, and revised July 23, 1997, ("IBIP PSD Specification") defines the proposed requirements for a Postal Security Device ("PSD") that will provide security services to support the creation of a new "information based" postage postmark or indicium that will be applied to mail being processed using IBIP. The INFORMATION BASED INDICIA PROGRAM HOST SYSTEM SPECIFICATION, dated October 9, 1996, defines the proposed requirements for a host system element of IBIP ("IBIP Host Specification"). The specifications are collectively referred to herein as the "IBIP Specifications". IBIP includes interfacing user (user), postal and vendor infrastructures which are the system elements of the program. The INFORMATION BASED INDICIA PROGRAM KEY MANAGEMENT PLAN SPECIFICATION, dated April 25, 1997, defines the generation, distribution, use and replacement of the cryptographic keys used by the USPS product/service provider and PSDs ("IBIP KMS Specification").

[0006] The user infrastructure, which resides at the user's site, comprises a PSD coupled to a host system ("Host") with printer. The PSD is a secure processor-based accounting device that dispenses and accounts for postal value stored therein.

[0007] The IBIP Indicium Specification provides requirements for the indicium that consists of both human-readable data and PDF417 bar code data. The human-readable information includes an originating address, including the 5-digit ZIP Code of the licensing post office, PSD ID/Type number, date of mailing and amount of the applied postage. The bar code region of the indicium elements includes postage amount, PSD ID, user ID, date of mailing, originating address, destination delivery point identification, ascending and descending registers and a digital signature.

[0008] An integrated mailing system is subject to open system requirements if it includes a computer interfaced to the meter and it prepares mailpiece fronts or labels that include both the destination address and the indicium. The integrated system is an open system even if different printers apply the address and the indicium. If the mailing system satisfies such criteria, the USPS considers the "meter" to be an open system peripheral device that performs the dual functions of printing the indicia and interfacing the PSD to the Host. The integrated mailing system must be approved by the USPS according to open system criteria.

[0009] The IBIP Host Specification sets forth the requirements for a Host in an open system. The Host produces the mailpiece front including the return address (optional), the delivery address (required), the Facing Identification Mark ("FIM"), and the indicium as an integral unit. The Host may print this unit on the actual mailpiece stock or label(s) for later attachment to the mailpiece. The Host provides the user with an option to omit the FIM (e.g., when the FIM is preprinted on envelopes). The Host produces standardized addresses, including standard POSTNET delivery point bar code, for use on the mailpiece. The Host verifies each address at the time of mailpiece creation. The Host then creates the indicium and transmits it to the printer.

[0010] The IBIP Specifications define a stand-alone open metering system, referred to herein as a PC Meter or Stand-alone PC Meter. The Stand-alone PC meter has one personal computer ("PC") which operates as the Host ("Host PC"). The Host PC runs the metering application software and associated libraries (collectively referred to herein as "Host Applications" and "PC Meter Toolkit") and communicates with one or more attached PSDs. The Stand-alone PC Meter can only access PSDs coupled to the Host PC. There is no remote PSD access for the Stand-alone PC Meter.

[0011] The Stand-alone PC Meter processes transactions for dispensing postage, registration, and refill on the Host PC. Processing is performed locally between the Host and the PSD coupled thereto. Connections to a Data Center, for example for registration and refill transactions, are made locally from the Host through a local or network modem/internet connection. Accounting for debits and credits to the PSD are also performed locally, logging the transactions on the Host PC, which is the PC where the transactions are processed on and to which the PSD is attached. Thus, the accounting of funds and transaction processing are centralized on a single PC. The Host PC may accommodate more than one PSD, for example supporting one PSD per serial port. Several applications programs running on the Host PC, such as a word processor or an envelope designer, may access the Host Applications.

[0012] The IBIP Specifications do not address an IBIP open metering system on a network environment. However, the specifications do not prohibit such a network-based system. Generally, in a network environment a network Server PC controls remote printing requested by a Client PC on the network. Of course, the Client PC controls any local printing.

[0013] One version of a network metering system, referred to herein as a "Virtual Meter", has many Host PCs without any PSDs coupled thereto. The Host PCs run client applications, but all PSD functions are performed on Server(s) located at a Data Center. The PSD functions at the Data Center may be performed in a secure device attached to a computer at the Data Center, or may be performed in the computer itself. The Host PCs must connect with the Data Center to process transactions such as postage dispensing, meter registration, or meter refills. Transactions are requested by the Host PC and sent to the Data Center for remote processing. The transactions are processed centrally at the Data Center and the results are returned to the Host PC. Accounting for funds and transaction processing are centralized at the Data Center. See, for example, U.S. Patent No. 5,454,038, which is assigned to the assignee of the present invention. The Virtual Meter does not conform to all the current requirements of the IBIP Specifications. In particular, the IBIP Specifications do not permit PSD functions to be performed at the Data Center.

[0014] According to a first aspect of the invention, there is provided a transaction evidencing system comprising: a host processor including printing means coupled thereto; a transaction evidencing device (TED) coupled to the host processor, the TED including first unique identification, first value storage means and first digital signature means; means in the host processor for requesting and obtaining first transaction evidencing from the TED, said first transaction evidencing to be printed by the printing means; and means in the host processor for requesting and obtaining second transaction evidencing from a remote data center, said second transaction evidencing to be printed by the printing means; wherein for each metering transaction to be printed by the printing means the host processor is operable to initiate the request for one of the first and second transaction evidencing.

[0015] According to a second aspect of the invention, there is provided a method for transaction evidencing wherein a transaction evidencing device has dual modes of operation as a stand-alone device and as a virtual device, the method comprising the steps of: coupling a transaction evidencing device (TED) to a host processor, the TED including first unique identification, first value storage means and first digital signature means; providing means for the host processor to communicate with a remote data center, the remote data center including second unique identification, second value storage means and second digital signature means; selectively requesting at the host processor one of a first transaction evidencing from the TED and a second transaction evidencing from the remote data center; and printing the selected one of the first and second transaction evidencing.

[0016] The above and other objects and advantages of the present invention will be apparent upon consideration of the following detailed description, taken in conjunction with accompanying drawings, in which like reference characters refer to like parts throughout, and in which:

Fig. 1 is a block diagram of a preferred embodiment of a Network PC Metering System with PSDs couple to Client PCs in accordance with the preferred embodiment of the present invention;

Fig. 2 (2A and 2B) are block diagrams of alternate embodiments of a Network PC Metering System with PSDs couple to Client PCs with a centralized transaction log;

Fig. 3 is a Client PC operating in stand-alone mode;

Fig. 4 is a block diagram of the preferred embodiment of a Network PC Metering System of Fig. 1 with a Client PC in Meter Server mode;

Fig. 5 is a flow chart of a Client PC accessing a remote PSD;

Fig. 6 is a flow chart of a Client PC operating as a Meter Server and a Stand-alone PC Meter; and

Fig. 7 is a block diagram of a closed system metering network in accordance with the present invention.



[0017] The following describes a postage metering system that includes a host processor having a printer coupled thereto. A postal security device (PSD) is coupled to the host processor. The PSD includes first unique identification, first postal value storage and first digital signature generator. The host processor can request and obtain from the PSD first evidence of postage payment to be printed by the printer. The host processor can also request and obtain from a remote data center second evidence of postage payment to be printed by the printer. For each metering transaction to be printed by the printer, the host processor initiates the request for one of the first and second evidences of postage payment. In one embodiment the host processor is a general purpose computer.

[0018] As described in the following, it has been found that an open metering system, which conforms to the IBIP Specifications, can be implemented on a conventional local or wide area network to form a "Network PC Metering System". The Network PC Metering System includes a plurality of Client PCs operatively coupled to a Network Server PC as part of a conventional network. The Network PC Metering System is configured with at least one PSD coupled to at least one of the Client PCs, whereby authorized ones of the other Client PCs on the network can obtain postage value from a PSD that is remote from the requesting Client PC. Any Client PC may have one or more PSDs attached thereto. Each Client PC has access, if authorized, to both its own local PSD(s), if any, and any other Client PC's PSD(s) ("remote PSDs") in the network.

[0019] Each Client PC runs its own client metering application to dispense postage and to perform registration and refill operations. For each PSD in the Network PC Metering System, the Client PC to which the PSD is coupled controls processing transactions for dispensing postage and registration and refill of the PSD. When performing such operations, the Client PC functions as a server for the metering transaction, and is referred to herein as a "Meter Server PC". In a preferred embodiment of the Network PC Metering System the accounting for debits and credits to the PSD and the logging of transactions are performed on the Meter Server PC. Thus, the transaction processing is performed remotely when a Client PC is accessing a remote PSD. In alternate embodiments, the logging of transactions is performed on a network server to which the Client PCs are connected ("Network Server PC").

[0020] In the preferred embodiment, modems or internet connections for accessing the Data Center are located in the Meter Server PC. In alternate embodiments, the modem may be located in the PSD or the Client PC and the Internet connection may be in the Client PC.

[0021] There are several benefits that are realized from the present system. One such benefit relates to the postal regulations requiring that the postage printed on a metered mailpiece must be obtained from a meter licensed from the local post office at which the mailpiece is deposited for mailing, commonly referred to as "origin of deposit" or "domain". With a plurality of PSDs accessible over a computer network a user at a Client PC is not limited to a single PSD having a single origin of deposit or domain. For example, while most users of a network metering system located in Shelton, Connecticut may be willing to deposit their mailpieces in the Post Office in Shelton, Connecticut, other users may intend to deposit their mailpieces at different origins of deposit, such as Stamford, Connecticut. Furthermore, some of the users may be at a Client PC that is physically located in Stamford, Connecticut but is connected to a network server physically located in Shelton Connecticut. The present invention provides each user of a Client PC on the network with access to several PSDs having different origins of deposit.

[0022] Yet another benefit of the present system is the ability to also access a "virtual" PSD at a Data Center for postal funds for another domain. The best example of this is a user that is located in one country, such as the United States, wanting to prepare mailpieces that will be mailed in another country, such as Canada. It is well known that postal regulations do not permit a postage meter for the other country to be present in a foreign country. However, under the present invention, the user located in, for example, in Buffalo, New York, may prepare and meter mailpieces that will be deposited for mailing in Canada by accessing a PSD located in Canada and then shipping the mailpieces to Canada for deposit at a Canadian Post Office. This allows the user in Buffalo to pay domestic Canadian postage rates instead of U.S. international rates to Canada.

[0023] In describing the present invention, reference is made to the drawings, wherein there is seen in Figs. 1-2, alternate embodiments of a Network PC Metering System. Fig. 1 shows the preferred embodiment of the present invention. A Network PC Metering System, generally designated 10, includes a plurality (five are shown) of Client PCs 20 conventionally coupled to a Network Server 30. Fig. 1 also shows two PSDs (hereinafter sometimes referred to as "Transaction Evidencing Devices or TEDs). Each PSD 40 of Network PC Metering System 10 is coupled to one of Client PCs 20. Each Client PC includes a conventional personal computer system with display, keyboard, and an unsecured printer 22. (Optionally, each Client PC may access a network printer 23 connected directly to the network.) Preferably, a plurality of PSDs exists in Network PC Metering System 10, with at least one PSD 40 being coupled to several Client PCs 20. When a specific PSD 40 is accessed for a metering transaction, Client PC 20, to which the PSD 40 is attached, becomes a Meter Server PC 21 (shown within parentheses) for the remainder of the transaction. When the PSD 40 is being accessed by the Client PC 20 to which the PSD is coupled the Client PC 20 is functioning as a stand-alone PC meter. An example of a stand-alone PC metering system is described in European Patent Publication No. EP-A-0780809, filed December 19, 1996.

[0024] Client PCs 20 communicate with Data Center 5 to perform postage refilling to local PSDs 40 or to access virtual PSD funds as described below.

[0025] In the preferred embodiment, the postal funds accounting and the transaction processing occur in the Meter Server PC 21. It will be understood that this is a decentralized approach concerning funds accounting and transaction accounting because each Client PC 20 having a PSD 40 attached thereto maintains accounting information (departmental accounting registers 42) and transaction information (transaction logs 44) relating to transactions occurring only at its PSD 40.

[0026] Figs. 2A and 2B show alternate embodiments of the present invention. Network PC Metering System, generally designated 10', includes a plurality (five are shown) of Client PCs 20 conventionally coupled to a network server 30. Each PSD 40 (two are shown) of Network PC Metering System 10' is coupled to one of Client PCs 20. Each Client PC includes a conventional personal computer system with display, keyboard, and an unsecured printer 22(and/or optional network printer 23). As in the preferred embodiment, a plurality of PSDs exists in Network PC Metering System 10', with at least one PSD 40 being coupled to several Client PCs 20. When the specific PSD is accessed for a metering transaction, the Client PC 20, to which the PSD 40 is attached, becomes a Meter Server PC 21 for the remainder of the transaction (Fig. 4). In this embodiment the postal funds accounting occurs in Meter Server PC 21 when the transaction has been concluded. However, the transaction processing occurs at Network Server 30. It will be understood that this is a decentralized approach concerning funds accounting because each Client PC 20 that has a PSD 40 attached thereto maintains accounting information (accounting registers 42) relating to transactions occurring only at its PSD. However, this embodiment provides a centralized approach concerning transaction accounting because one of the Meter Servers 21 (Fig. 2A) or Network Server 30 (Fig. 2B) relating to transactions occurring at any PSD.

[0027] In the case of the virtual PSD located at Data Center 5, transaction information is stored, for example by user account, for all postage transactions occurring at the virtual PSD.

[0028] Referring again to Figs. 1 and 2, Network PC Metering Systems 10 and 10' are configured with one or more PSDs 40 coupled to one or more Client PCs 20. In such configurations, the Client PC 20 becomes a Stand-alone PC Meter when a metering transaction is processed locally on its coupled PSD 40. When operating as a Stand-alone PC Meter, such Client PC 20 performs the previously described metering transaction, acting as both the requesting Client PC and the Meter Server PC. As a Stand-alone PC Meter, Client PC 20 can only access the PSD 40 coupled to it. There is no remote vault access when a Client PC is processing a metering transaction on the local PSD.

[0029] Referring now to Fig. 3, a Client PC 20 is shown in Stand-alone PC Meter mode, generally designated 100. Stand-alone PC Meter 100 includes Host PC 102, PSD 104 and printer 106. Stand-alone PC Meter 100 processes the functions for PSD registration, PSD refill, and postage dispensing as transactions for PSD 104. Processing is performed locally by metering software component 110 (referred to herein as "PC Meter Toolkit") running in Host PC 102. In the preferred embodiment, PC Meter Toolkit is a Component Object Model/Distributed Component object Model (COM/DCOM) object (typically implemented as a dynamic link library (DLL) or OLE control) with interfaces to perform metering operations. One such interface maintains a list of local and remote PSDs on the network. This interface maintains a current list of all known and attached PSDs at the time it is instantiated. There is also a refresh method that Host and Client applications may use to update the list. An example of a PC metering system using a DLL with interfaces to perform metering operations is described in previously noted European Patent Publication No. 0780809, filed December 19, 1996. For additional information on COM/DCOM see technical white papers for Microsoft Windows NT® Server, including: DCOM Architecture; DCOM Technical Overview; and DCOM The Distributed Component Object Model, A Business Overview.

[0030] PC Meter Toolkit 110 includes the following components: a transaction handler, a vault interface, and a transaction log handler. Connections to the Data Center 5 can be made locally from the Stand-alone PC Meter 100 via modem 130. Accounting for debits and credits to the PSD are also performed locally, logging the transactions on the hard drive of Stand-alone PC Meter 100. In this manner, the transaction processing and funds accounting are centralized on the Client PC operating as Stand-alone PC Meter 100.

[0031] Stand-alone PC Meter 100 may accommodate more than one PSD per PC, for example, supporting one vault per serial port. Several Host or client applications programs 140, such as a word processor or an envelope designer, may access the PC Meter Toolkit 110 concurrently.

[0032] The PC Meter Toolkit 110 provides standard metering functions, such as dispensing postage, PSD refills, and PSD registration. The PC Meter Toolkit 110 resides in all Meter Servers and remote Client PCs capable of printing postage. The user of Stand-alone PC Meter 100 can access local or remote PSDs using PC Meter Toolkit 110. The PC Meter Toolkit 110 provides a list of the available PSDs from which the user selects a desired PSD for a particular transaction.

[0033] The COM/DCOM network concept provides mechanisms for a remote Client PC to gain access rights to the PC Meter Toolkit component in a PC Meter Server. Optionally, every Client PC can be given access rights to the PC Meter Server, whereby the PC Meter Server's PSD PIN (password) can be used to authorize access to postage functions in the PC Meter Server and its PSD. By default, all PSDs are considered remotely accessible by all Client PCs unless configured differently by the user. Alternatively, the list of available PSDs can be customized based on user or system filters. For example, only sharing vaults whose origin zip matches the return address of the mailpiece. In the preferred embodiment, the PSD is not active during access for authorization because PIN validation is performed by the PC Meter Server. The PC Meter Server obtains the PSD PIN from the PSD to perform validation. In an alternate embodiment, the PIN validation could occur within the PSD. This is a secure process because the PIN is stored in the PSD.

[0034] During the creation of a mailpiece, the user performs the following functions whether the PC meter is operated in stand-alone mode or network mode. The user can select CD-ROM addressing or dialup addressing (at the Data Center 5) to obtain correct addressee information. The user can choose the class of mail service (rate category) for the mailpiece. The user can select from a list of rate categories that are authorized by the Post Office. The user can view an indicium on the monitor while designing the mailpiece and print preview the mailpiece with an indicium image. PC Meter Toolkit 110 provides a method to draw the indicium image and 2D bar code before printing. The indicium may be marked as visible or invisible for display purposes. See U.S. Patent Application Serial No. 08/922875, entitled METHOD FOR PREVENTING FRAUDULENT PRINTING OF A POSTAGE INDICIUM DISPLAYED ON A PERSONAL COMPUTER filed September 3, 1997 and assigned to the assignee of the present invention, which discloses a method for preventing fraudulent printing of a postage indicium displayed on a personal computer. The user can change the postage amount, class of service and date of mailing. These changes are reflected in the indicium image.

[0035] PC Meter Toolkit 110 provides postal funds security because the user can not print an indicium without accounting for a debit to the PSD. Furthermore, there is no direct access to the indicium image, except through the PC Meter Toolkit transactions. The PC Meter Toolkit uses atomic transactions to tie the debit to PSD with the enabling of printing of the indicium image. The atomic transaction ensures that the debit to the PSD is complete before printing the indicium.

[0036] The transaction log stores funds transactions for PSD dispensing and refills. For Network PC Metering System 10, each Client PC stores the daily transaction log file for its local PSD(s). The user may select the local drive and directory path for the log file. For Network PC Metering System 10', each Client PC forwards transaction information for its local PSD(s) to Network Server 30 which stores the daily transaction log file. Once the accounting for a mailpiece transaction is completed, the client application requesting the transaction spools the mail piece corresponding to the transaction to the PC print manager for printing the indicium.

[0037] Network PC Metering System (10 or 10') has many Client PC's with or without PSD(s) attached. Each Client PC has access to both its own local PSD(s) and remote PSDs in the network. Each Client PC can run its client application to dispense postage and initiate registration and refills.

[0038] As previously stated, Network PC Metering System (10 or 10') processes transactions for dispensing postage, PSD registration, and PSD refill on the Client PC 20 where the specific PSD 40 is located. This requires the transaction processing to be performed remotely if the user is accessing a remote PSD. Modems for accessing Data Center 5 are preferably located on each Client PC 20 having a PSD 40 coupled thereto. However, a single modem may be located on the Network Server 30 instead of several modems on each Client PC 20 having a PSD 40 coupled thereto. In this manner, PSD registrations, and PSD refills are processed through Network Server 30.

[0039] The software components for the Network PC Metering System (10 or 10') include the software components for the Stand-alone PC Meter along with two additional components, listed below.

[0040] Referring now to Fig. 4, a Client PC 20 enters Meter Server PC 21 mode when another Client PC 20 on the network initiates remote access of PSD 41 through its PC Meter Toolkit 110. Meter Server PC 21 processes the functions for PSD registration, PSD refill, and postage dispensing as transactions for PSD 41. Processing is performed at Meter Server PC 21 by the previously described PC Meter Toolkit 110 residing in Meter Server 21 and at Client PC 20 by the PC Meter Toolkit 110 residing in Client PC 20.

[0041] Using a DCOM implementation, the PC Meter Toolkits 110 residing in the Client PC 20 and the Meter Server 21 operate in conjunction with each other such that the remote requesting Client PC 20 and Meter Server PC 21 operate collectively as a PC meter. The PC Meter Toolkit 110 residing in Meter Server 21 handles messages from and to the requesting Client PC 20, and handles standard metering functions, such as dispensing postage, PSD refills, and PSD registration, for PSD 41 in the same manner as when in stand-alone mode.

[0042] Referring now to Fig. 5, at step 200, Client PC 20 sends a request through its PC Meter Toolkit 110 to remote PSD 41 for postal value for a mailpiece. At step 205, Meter Server 21 determines whether the Client PC 20 is authorized to make the request. If not authorized, then at 210, Meter Server 21 responds to Client PC 20 that it is not authorized to access PSD 41. If authorized, then at step 215, Meter Server 21 processes the request through its PC Meter Toolkit 110 sends the request to PSD 41 with information received from remote Client PC 20. At step 220, PSD 41 dispenses the requested postal value including a digital signature based on the request. At step 225, PSD 41 sends the digital signature and transaction information to Meter Server 21. At step 230, Meter Server 21 through its PC Meter Toolkit 110 records the transaction information in a transaction log on its hard drive. At step 235, Meter Server 21 sends the digital signature and at least some of the transaction information to remote Client PC 20. At step 240, Client PC 20 receives the digital signature and transaction information and, at step 245, Client PC 20 generates an indicium bitmap and prints the indicium including digital signature on mailpiece.

[0043] Referring now to Fig. 6, the steps of the preferred embodiment of the present invention are shown. At step 300, a user at one of the Client PCs requests a list of available PSDs on the network. At step 305, the user selects a PSD from the list. If, at step 310, the selected PSD is a PSD local to the user's Client PC, then, at step 340, PC Meter Toolkit 110 in the user's Client PC requests a postal amount for a mailpiece from the local PSD, sending information to the PSD including addressee information and the process continues at step 350 below. If, at step 315 the user selected a virtual PSD, then, at step 320, PC Meter Toolkit 110 in the user's Client PC initiates a communication by the user's Client PC with the Data Center through modem 124. It will be understood that this communication may also be accomplished via another type of connection, such as direct internet connection. When a communication connection is established PC Meter Toolkit 110 in the user's Client PC requests access to the virtual PSD at the Data Center. If, at step 315, the user selected a remote PSD, then at step 345, PC Meter Toolkit 110 in the user's Client PC requests access to the selected remote PSD at one of the other Client PCs.

[0044] If, at step 330, access to the requested PSD (remote or virtual) is granted, then at step 340, the request for the postal amount is received by the requested PSD. If access is not granted then, at step 335, an error is reported.

[0045] At step 350, the accessed PSD (local, remote or virtual) deducts the requested postal amount from a total postal value stored in the PSD and generates a signature using information supplied with the request including the addressee information. At step 355, the PSD sends transaction information including the signature to the requesting Client PC. At step 360, the PC Meter Toolkit 110 of the requesting Client PC generates and prints an indicium including the signature.

[0046] It will be understood that the process of selecting a local, remote or virtual PSD may be done automatically by the PC Meter Toolkit 110 of the requesting Client PC. For example, the automatic PSD selection may be based on matching the origin zip code of the PSD to the zip code of the return address of the mailpiece.

Networked Operations



[0047] Microsoft's Windows 95™ and Windows NT™ operating systems provide facilities through DCOM and other mechanisms to implement network communications. Through the use of DCOM, objects can communicate via a mechanism referred to as connection points, which can be used to implement direct communication, multi-casting (more than one client receives messages), or broadcasting (all clients receive messages). This can be done between processes on the same computer or multiple computers on a network or on the internet. Mailslots is another Windows mechanism that permits the same communications facilities. The PC Meter Toolkit 110 uses these facilities to exchange information about the location and disposition of PSDs on the network.

[0048] In operation, the PC Meter Toolkit 110 also handles messages regarding the status of PC Meter Toolkits 110 on the network. Should new PC Meter Toolkits be started on other Client PCs 20, the local PC Meter Toolkit responds with information regarding any attached PSDs 40. Should messages be received indicating that a new PC Meter Client 20 has come on-line with its own PSD(s) 40, the PC Meter Toolkit updates its list of available PSDs. Similarly, if a Client PC 20 is shutting down, messages are sent to all Client PCs indicating that any local PSDs will no longer be available. It is noted that all messages between PC Meter Toolkits 110 can be encrypted for added security, particularly those between a PC Meter Toolkit 110 and Data Center 5 since it is likely to travel over a public network.

Centralized vs. Distributed Processing On the Network



[0049] A PC Metering system must account for funds for all mail pieces and refills. This requires saving transaction records in a sequential transaction log file. Both postage dispensing and refills should be kept in the same sequential file such that meter discrepancies, such as discrepancies due to meter movement between Client PCs on the network, can be reconciled. The following paragraphs summarize the impact of using centralized vs. decentralized accounting for the transaction log on a network metering system.

[0050] In a network metering configuration, if accounting for funds is summarized by a user, transactions could be logged where the user is located. This would require consolidating log files only if the user has more than one PC at which transactions can be initiated, i.e., the user moves between PCs). This method uses decentralized accounting, logging transactions on the user's PC.

[0051] If accounting for funds is summarized by a meter, transactions should be logged where the meter, i.e. the PSD, is located. This would require consolidating log files only if the PSD could be attached to any PC (PSD moves between PCs). This method uses decentralized accounting, logging transactions on the PSD's PC.

[0052] If accounting for funds is summarized by department (i.e. departments have several users that can access several PSDs), transactions must be consolidated if the logging of transactions was performed where the user is located or where the PSD is located.

[0053] An alternative to such consolidation of log files from PCs is a centralized accounting and logging of all transactions on same PC or a centralized server. Transactions would have to be sent to the Network Server PC for every mail piece, producing heavy network traffic. If the centralized server is down, or otherwise not available, then no postage dispensing or refills can occur, disabling metering capabilities over the entire network. A centralized server for Network PC Metering System is not the preferred embodiment of the present invention.

[0054] Network PC Metering Systems 10 and 10' are representative of distributed processing of the metering transaction. Network PC Metering System 10 involves local transaction processing requested by a requesting Client PC 20, and remote accounting and logging at the Meter Server PC 21, i.e., where the PSD 40 and transaction log file 44 are located. Network PC Metering System 10' involves local transaction processing by the requesting Client PC 20, remote accounting at the Meter Server PC 21, i.e., where the PSD 40 is located, and remote logging at the Network Server 30, i.e. where transaction log file 44 is located. Thus, the transaction processing is split from the accounting functionality in distributed processing. The steps of the transaction are split between different PCs of the network.

[0055] There is an advantage to configuring network metering for distributed processing, such as In Network PC Metering Systems 10 and 10'. If Network Server 30 is down, metering transactions may still be performed when Client PCs having PSDs coupled thereto operate in stand-alone mode. Furthermore, network-metering transactions may be performed even when a Client PC 20 with a PSD attached thereto is not logged on the network. For example, the Client PC not logged on the network can operate in stand-alone mode, and the Client PCs logged on the network can access other Client PCs having PSDs coupled thereto.

[0056] When a Client PC is attempting to access remote PSDs on the network, an optional prioritized list of available PSDs can be displayed to the user for selection. The prioritized ordering of the available PSDs may use the following heuristics:
  1. 1. PSDs sharing the same ZIP as the originating address of the mailpiece
  2. 2. Local PSDs (same location as the Client PC)
  3. 3. Remote PSDs sharing the same origin ZIP as the local PSDs
  4. 4. PSDs having the same three digit ZIP as items 1-3
  5. 5. Remaining PSDs


[0057] The preferred embodiment of the present invention has been described based on a Windows operating system for the Client computers. It will be understood that the present invention is suitable for use with any computer operating system. It will further be understood that although the embodiments of the present invention are described as postage metering systems, the present invention is applicable to any value metering system that includes transaction evidencing, such as monetary transactions, item transactions and information transactions.

[0058] The preferred embodiment has been described for an open system metering network. It will be understood that the present invention applies also to a closed system metering network wherein digital postage meters are used in place of the Client PCs described in the preferred embodiment. Such a closed system metering network is shown in Fig. 7. A Network Metering System, generally designated 510, includes a plurality (five are shown) of Client modules 520 conventionally coupled to a Network Server 530, such as a personal computer. The Client modules are digital printers that are dedicated to printing postage indicium. Each Client module resembles a conventional digital metering system with optional display, keyboard, and printer 522, however, some of the Client modules do not have an accounting module or PSD attached thereto. Preferably, a plurality of PSDs 540 (two are shown) exists in Network Metering System 510, with at least one PSD 40 being coupled to several Client modules 20. The PSDs 540 are accounting modules similar to accounting units in conventional electronic postage meters. When a specific PSD 540 is accessed for a metering transaction, the Client module 520, to which the PSD 40 is attached, becomes a Meter Server 521 (shown within parenthesis) for the remainder of the transaction. When the PSD 540 is being accessed by the Client module 520 to which the PSD is coupled the Client module 520 is functioning as a conventional meter. Client modules 520 communicate with Data Center 5 to refill local PSDs 540 and to access virtual PSD funds. A more detailed description of a closed system metering network is provided in previously noted related EP. Patent Application Serial No. [E-648] (Attorney Ref.: 76 396).

[0059] The present invention has been described for credit locking meters, i.e. those with ascending and descending registers, commonly referred to as prepayment systems. It is noted, however, that the present invention is also suitable for use with current account register systems, i.e., those with only an ascending register, commonly referred to as post-payment systems.

[0060] While the present invention has been disclosed and described with reference to the embodiments thereof, it will be apparent, as noted above, that variations and modifications may be made therein. It is, thus, intended in the following claims to cover each variation and modification that falls within the scope of the present invention.

[0061] Windows 95 and Windows NT are trademarks of Microsoft Corporation.


Claims

1. A transaction evidencing system comprising:

a host processor (20) including printing means (22) coupled thereto;

a transaction evidencing device (40) (TED) coupled to the host processor (20), the TED including first unique identification, first value storage means and first digital signature means;

means in the host processor (20) for requesting and obtaining first transaction evidencing from the TED (40) , said first transaction evidencing to be printed by the printing means (22); and

means in the host processor (20) for requesting and obtaining second transaction evidencing from a remote data center (5), said second transaction evidencing to be printed by the printing means (22); wherein for each metering transaction to be printed by the printing means the host processor (20) is operable to initiate the request for one of the first and second transaction evidencing.


 
2. The transaction evidencing system of claim 1 wherein the host processor (20) comprises:

means for storing transactional information for each of the first and second transaction evidencing received from the TED (40) and data center (5) respectively.


 
3. The transaction evidencing system of claim 1 or 2 wherein the host processor further comprises a general purpose computer (20) and the printing means comprises an unsecure, non-dedicated printer (22).
 
4. The transaction evidencing system of claim 1 or 2 wherein the printing means comprises a printer dedicated to printing transaction evidencing.
 
5. The transaction evidencing system of any one of the preceding claims wherein the data center (5) is operable to determine whether the host processor (20) is authorized to request the second transaction evidencing.
 
6. The transaction evidencing system of any one of the preceding claims wherein the host processor (20) is coupled to a network (10) comprising other host processors (20) coupled to other TEDs (40), the host processor further comprising:

means for requesting and obtaining third transaction evidencing from one of the other host processors, said third transaction evidencing to be printed at the printing means (22).


 
7. The transaction evidencing system of any one of the preceding claims wherein the TED (40) generates the first transaction evidencing including a first digital signature representing each transaction requested by the host system to the TED.
 
8. The transaction evidencing system of claim 7 wherein the data center (5) includes second unique identification, second value storage means and second digital signature means.
 
9. The transaction evidencing system of claim 8 wherein the data center (5) is operable to generate the second transaction evidencing including a second digital signature representing each transaction requested by the host system (20) to the data center (5).
 
10. The transaction evidencing system of any one of the preceding claims wherein the transaction evidencing device is a postage meter.
 
11. A method for transaction evidencing wherein a transaction evidencing device has dual modes of operation as a stand-alone device and as a virtual device, the method comprising the steps of:

coupling a transaction evidencing device (40) (TED) to a host processor (20), the TED (40) including first unique identification, first value storage means and first digital signature means;

providing means for the host processor (20) to communicate with a remote data center (5), the remote data center (5) including second unique identification, second value storage means and second digital signature means;

selectively requesting at the host processor (20) one of a first transaction evidencing from the TED (40) and a second transaction evidencing from the remote data center (5); and

printing the selected one of the first and second transaction evidencing.


 
12. The method of claim 11 further including the steps of:

connecting the host processor (20) to a network (10);

selectively requesting at the host processor (20) third transaction evidencing from a remote TED coupled to another host processor on the network; and

printing the selected third transaction evidencing.


 


Ansprüche

1. Transaktions-Nachweissystem, welches umfasst:

einen Hauptrechner (20), welcher ein Druckmittel (22) enthält, welches daran gekoppelt ist;

eine Transaktions-Nachweiseinrichtung (40) (TED), welche an den Hauptrechner (20) gekoppelt ist, wobei die TED eine erste eindeutige Identifikation, erste Wertspeichermittel und erste Digitalsignaturmittel enthält;

Mittel in dem Hauptrechner (20) zum Anfordern und Erhalten eines ersten Transaktionsnachweises von der TED (40), wobei der erste Transaktionsnachweis von dem Druckmittel (22) gedruckt werden soll; und

Mittel in dem Hauptrechner (20) zum Anfordern und Erhalten eines zweiten Transaktionsnachweises von einem entfernt liegenden Datenzentrum (5), wobei der zweite Transaktionsnachweis von dem Druckmittel (22) gedruckt werden soll; wobei für jede Maschinentransaktion, welche von dem Druckmittel gedruckt werden soll, der Hauptrechner (20) betriebsfähig ist, die Anforderung des ersten oder zweiten Transaktionsnachweises zu initiieren.


 
2. Transaktions-Nachweissystem nach Anspruch 1, wobei der Hauptrechner (20) umfasst:

Mittel zum Speichern von Transaktionsinformation für jeden des ersten und zweiten Transaktionsnachweises, welcher von der TED (40) bzw. dem Datenzentrum (5) empfangen wird.


 
3. Transaktions-Nachweissystem nach Anspruch 1 oder 2, wobei der Hauptrechner ferner einen Mehrzweckrechner (20) umfasst und das Druckmittel einen ungesicherten, nicht zweckbestimmten Drucker (22) umfasst.
 
4. Transaktions-Nachweissystem nach Anspruch 1 oder 2, wobei das Druckmittel einen Drucker umfasst, welcher zweckbestimmt ist, einen Transaktionsnachweis zu drucken.
 
5. Transaktions-Nachweissystem nach einem der vorangehenden Ansprüche, wobei das Datenzentrum (5) betriebsfähig ist, zu bestimmen, ob der Hauptrechner (20) autorisiert ist, den zweiten Transaktionsnachweis anzufordern.
 
6. Transaktions-Nachweissystem nach einem der vorangehenden Ansprüche, wobei der Hauptrechner (20) an ein Netzwerk (10) gekoppelt ist, welches andere Hauptrechner (20) umfasst, welche an andere TEDs (40) gekoppelt sind, wobei der Hauptrechner ferner umfasst:

Mittel zum Anfordern und Erhalten eines dritten Transaktionsnachweises von einem der anderen Hauptrechner, wobei der dritte Transaktionsnachweis bei dem Druckmittel (22) gedruckt werden soll.


 
7. Transaktions-Nachweissystem nach einem der vorangehenden Ansprüche, wobei die TED (40) den ersten Transaktionsnachweis generiert, welcher eine erste Digitalsignatur enthält, welche jede Transaktion, welche vom Hauptsystem von der TED angefordert wird, abbildet.
 
8. Transaktions-Nachweissystem nach Anspruch 7, wobei das Datenzentrum (5) eine zweite eindeutige Identifikation enthält, zweite Wertspeichermittel und zweite Digitalsignaturmittel.
 
9. Transaktions-Nachweissystem nach Anspruch 8, wobei das Datenzentrum (5) betriebsfähig ist, den zweiten Transaktionsnachweis zu generieren, welcher eine zweite Digitalsignatur enthält, welche jede Transaktion abbildet, welche vom Hauptsystem (20) von dem Datenzentrum (5) angefordert wird.
 
10. Transaktions-Nachweissystem nach einem der vorangehenden Ansprüche, wobei die Transaktionsnachweiseinrichtung eine Frankiermaschine ist.
 
11. Verfahren zum Transaktionsnachweisen, wobei eine Transaktionsnachweiseinrichtung duale Betriebsmodi hat, als eine eigenständige Einrichtung und als eine virtuelle Einrichtung, wobei das Verfahren die Schritte umfasst:

Koppeln einer Transaktionsnachweiseinrichtung (40) (TED) an einen Hauptrechner (20), wobei die TED (40) eine erste eindeutige Identifikation, erste Wertspeichermittel und erste Digitalsignaturmittel enthält;

Bereitstellen von Mitteln für den Hauptrechner (20) zum Kommunizieren mit einem entfernt liegenden Datenzentrum (5), wobei das entfernt liegende Datenzentrum (5) eine zweite eindeutige Identifikation, zweite Wertspeichermittel und zweite Digitalsignaturmittel enthält;

wahlweise Anfordern bei dem Hauptrechner (20) eines ersten Transaktionsnachweises von der TED (40) oder eines zweiten Transaktionsnachweises von dem entfernt liegenden Datenzentrum (5); und

Drucken des ausgewählten ersten oder zweiten Transaktionsnachweises.


 
12. Verfahren nach Anspruch 11, welches ferner die Schritte umfasst:

Verbinden des Hauptrechners (20) mit einem Netzwerk (10);

wahlweise Anfordern bei dem Hauptrechner (20) eines drittem Transaktionsnachweises von einer entfernt liegenden TED, welche an einen anderen Hauptrechner auf dem Netzwerk gekoppelt ist; und

Drucken des ausgewählten dritten Transaktionsnachweises.


 


Revendications

1. Système destiné à prouver une opération, comprenant :

un processeur hôte (20) comprenant un moyen d'impression (22) qui lui est couplé ;

un dispositif de preuve d'opération (40) (TED pour « transaction evidencing device ») couplé au processeur hôte (20), le TED comprenant une première identification unique, un premier moyen de stockage de valeurs et un premier moyen de signature numérique ;

dans le processeur hôte (20), un moyen destiné à demander et obtenir une première preuve d'opération auprès du TED (40), ladite première preuve d'opération devant être imprimée par ledit moyen d'impression (22) ;

dans le processeur hôte (20), un moyen destiné à demander et obtenir une deuxième preuve d'opération auprès d'un centre de données distant (5), ladite deuxième preuve d'opération devant être imprimée par le moyen d'impression (22) ;

dans lequel, pour chaque opération d'affranchissement à imprimer par le moyen d'impression, le processeur hôte (20) est en mesure de lancer la demande d'une preuve parmi les première et deuxième preuves d'opération.


 
2. Système destiné à prouver une opération selon la revendication 1, dans lequel le processeur hôte (20) comprend :

un moyen destiné à stocker des informations d'opération pour chacune des première et deuxième preuves d'opération reçues du TED (40) et du centre de données (5), respectivement.


 
3. Système destiné à prouver une opération selon la revendication 1 ou 2, dans lequel le processeur hôte comprend en outre un ordinateur d'usage général (20) et le moyen d'impression comprend une imprimante non spécialisée et non sécurisée (22).
 
4. Système destiné à prouver une opération selon la revendication 1 ou 2, dans lequel le moyen d'impression comprend une imprimante spécialisée dans l'impression de preuves d'opérations.
 
5. Système destiné à prouver une opération selon l'une quelconque des revendications précédentes, dans lequel le centre de données (5) est en mesure de déterminer si le processeur hôte (20) est autorisé à demander la deuxième preuve d'opération.
 
6. Système destiné à prouver une opération selon l'une quelconque des revendications précédentes, dans lequel le processeur hôte (20) est couplé à un réseau (10) comprenant d'autres processeurs hôtes (20) couplés à d'autres TED (40), le processeur hôte comprenant en outre :

un moyen destiné à demander et obtenir une troisième preuve d'opération auprès de l'un des autres processeurs hôtes, ladite troisième preuve d'opération devant être imprimée sur le moyen d'impression (22).


 
7. Système destiné à prouver une opération selon l'une quelconque des revendications précédentes, dans lequel le TED (40) produit la première preuve d'opération, qui comprend une première signature numérique représentant chaque opération demandée par le processeur hôte au TED.
 
8. Système destiné à prouver une opération selon la revendication 7, dans lequel le centre de données (5) comprend une deuxième identification unique, un deuxième moyen de stockage de valeurs et un deuxième moyen de signature numérique.
 
9. Système destiné à prouver une opération selon la revendication 8, dans lequel le centre de données (5) est en mesure de produire la deuxième preuve d'opération, qui comprend une deuxième signature numérique représentant chaque opération demandée par le processeur hôte (20) au centre de données (5).
 
10. Système destiné à prouver une opération selon l'une quelconque des revendications précédentes, dans lequel le dispositif de preuve d'opération est une machine à affranchir.
 
11. Procédé destiné à prouver une opération, dans lequel un dispositif de preuve d'opération possède deux mode de fonctionnement, à savoir comme dispositif autonome et comme dispositif virtuel, le procédé comprenant les étapes consistant à :

coupler un dispositif de preuve d'opération (40) (TED) à un processeur hôte (20), le TED (40) comprenant une première identification unique, un premier moyen de stockage de valeurs et un premier moyen de signature numérique ;

fournir pour le processeur hôte (20) un moyen destiné à communiquer avec un centre de données (5) distant, ledit centre de données (5) comprenant une deuxième identification unique, un deuxième moyen de stockage de valeurs et un deuxième moyen de signature numérique ;

demander sélectivement par le processeur hôte (20) soit une première preuve d'opération du TED (40), soit une deuxième preuve d'opération du centre de données (5) distant ; et

imprimer la preuve sélectionnée parmi les première et deuxième preuves d'opération.


 
12. Procédé selon la revendication 11, comprenant en outre les étapes consistant à :

connecter le processeur hôte (20) à un réseau (10) ;

demander sélectivement par le processeur hôte (20) une troisième preuve d'opération d'un TED distant couplé à un autre processeur hôte sur le réseau ; et

imprimer la troisième preuve d'opération sélectionnée.


 




Drawing



























REFERENCES CITED IN THE DESCRIPTION



This list of references cited by the applicant is for the reader's convenience only. It does not form part of the European patent document. Even though great care has been taken in compiling the references, errors or omissions cannot be excluded and the EPO disclaims all liability in this regard.

Patent documents cited in the description