|
(11) | EP 1 688 891 A1 |
(12) | EUROPEAN PATENT APPLICATION |
|
|
|
|
||||||||||||||||||||
(54) | Electronic certification and authentication system |
(57) The invention relates to a certification and authentication system, comprising a
Main Module which grants access to the an Admin Module and which provides crypto-data
for use with the system, wherein the Admin Module is provided to enter and store certification
office information, grant access to the a Registration Module and provide certification
office registrars with user IDs and passwords; wherein the Registration Module is
provided to enter a companies' information register a companies members' information
and enroll member's signatures, activate or deactivate signatories or companies' members;
and provide companies' members with their IDs and passwords; and further a Certification
Module which is provided to at least enroll the member's signature and compare the
enrolled signature with the stored member's signatures and, if the signature is correct,
enter and save a document information that needs to be certified and print the certified
letter in form of a 2D barcode; and further an Authorization Module which is provided
to print the certified letter, and further an Offline Verification Module which is
provided to scan the certified document and read the scanned information in the 2D
barcode.
|
Background of the Invention
Detailed Description of Invention
a) Enter certification office information and stamp to be stored in the system;
b) Enter certification office registrars' information and enroll their signatures;
c) Activate or deactivate certification office registrars;
d) Provide certification office registrars with user IDs and passwords;
e) Print admin reports.
The access to this module is typically granted by entering an administrator ID, password and signature into the module but can also be done in other ways, like by fingerprint sensors, ID cards etc.a) Enter companies' information required for certification like letter header, letter footer and stamp;
b) Register companies members' information and enroll their signatures on, e.g., a digital pad and an electronic pen connected to a PC;
c) Activate or deactivate signatories or companies' members;
d) Provide companies' members with their IDs and passwords;
e) Print member transaction reports.
The access to this module is typically granted by entering a registrar ID number, password and signature but can also be done in other ways, like by fingerprint sensors, ID cards etc.a) Enter and save the document information that needs to be certified;
b) Enroll his signature by the way of, for example, a digital pad and an electronic pen. The system then compares the enrolled signature pattern(s) with the member's signatures pattern(s) stored in the database(s). If the signature is correct, the system displays, e.g. on an intemet browser, at least one of: the member signature, his company stamp, certification office stamp, Certification number, Certification date, Certification time and a 2D barcode;
c) Print the certified letter displayed himself, i.e. a printer connected to his data station / PC;
d) Authorize the printing by another person.
The access to this module is typically granted by entering a member ID number, password and signature but can also be done in other ways, like by fingerprint sensors, ID cards etc. Preferably, a transaction amount is directly deducted from the member account. The certified document information is preferably saved in the database.a) Retrieving a document to be verified by, e.g., entering the document certification number.
b) Comparing and/or printing the information displayed to verify its correctness and safety from fraud.
The above described modules are preferably run on the application server / server system and are preferably connected to an data network like the intemet and activated by, for example, an intemet browser that runs on a PC. Thus, users from different levels can access their modules from anywhere. Preferably, the modules check the corresponding user's ID number, password and / or signature before granting access to the respective module.a) Scanning the certified document with the scanner;
b) Reading the information in the 2D barcode after either:
decrypting the random key with the system decryption key, and
decrypting the compressed document information with the random key
or: decrypting the hash code with the system decryption key and
comparing it with compressed document information Hash code);
c) Decompressing the document information and displaying it;
d) Comparing and/or printing the information displayed to verify its correctness and safety from fraud.
FIG.1 schematically shows a handwritten signature captured by a digital pad and an electronic pen;
FIG.2 schematically shows a company stamp,
FIG.3 schematically shows a certification office stamp,
FIG.4 schematically shows a 2D barcode.
■ encrypting the compressed document information with a system generated random key, encrypting the random key with a system encryption key and generating the 2D barcode from the encrypted random key and the encrypted compressed document information.
or by:■ encrypting the compressed document information Hash code with the system encryption key, generating the 2D barcode from the encrypted Hash code and the compressed document information.
■ decrypting the random key by the system decryption key, decrypt the compressed document information using the random key
or by■ decrypting the hash code with the system decryption key and comparing it with the compressed document information hash code,
resp. After that, the compressed document information is decompressed and the module displays it so that the verifier can compare this document information with the printed document information to verify the correctness and safety of the document from fraud.- a Main Module which grants access to the an Admin Module and which provides crypto-data, especially a crypto key pair comprising a system encryption key and a system decryption key, for use with the system;
- wherein the Admin Module is provided to at least:
(i) enter and store certification office information;
(ii) grant access to a Registration Module by entering and storing at least a registrars' information and registrar's at least one electronic signature;
(iiii) activate or deactivate registrars;
(iv) provide registrars with user IDs and passwords;
- wherein the Registration Module is provided to at least:
(i) enter a companies' information;
(ii) register a companiy member's information and enroll member's signatures;
(iii) activate or deactivate signatories or companies' members; and
(iv) provide the company member with members ID and password;
- a Certification Module which is provided to at least:
(i) enroll the member's signature and compare the enrolled signature with the stored member's signatures and, if the signature is correct, enter and save a document information that needs to be certified;
(iii) print the certified letter in form of a 2D barcode;
- an Authorization Module which is provided to at least:
(i) print the certified letter;
- an Offline Verification Module which is provided to at least:
(i) scan the certified document; and
(ii) read the scanned information in the 2D barcode.
(i) compressing the document information;
(ii) encrypting the compressed document information with a system generated random key,
(iii) encrypting the random key with a system encryption key from the Main Module, and
(iv) generating the 2D barcode from the encrypted random key and the encrypted compressed document information.
(i) scan the certified document;
(ii) decrypt the random key with the system decryption key,
(iii) decrypt the compressed document information with the random key;
(iv) decompress the document information;
(v) compare the document information from the 2D barcode with another shown document information.
(i) compressing the document information;
(ii) encrypting the compressed document information Hash code with a system encryption key from the Main Module,
(iii) generating the 2D barcode from the encrypted Hash code and the compressed document information.
(i) scan the certified document;
(ii) decrypt the random key with the system decryption key,
(iii) decrypt the hash code with the system decryption key,
(iv) compare the hash code with the compressed document information hash code;
(iv) decompress the document information;
(v) compare the document information from the 2D barcode with another shown document information.