[go: up one dir, main page]

GB2501874A - Authenticating a barcode using non-barcode data - Google Patents

Authenticating a barcode using non-barcode data Download PDF

Info

Publication number
GB2501874A
GB2501874A GB1207935.6A GB201207935A GB2501874A GB 2501874 A GB2501874 A GB 2501874A GB 201207935 A GB201207935 A GB 201207935A GB 2501874 A GB2501874 A GB 2501874A
Authority
GB
United Kingdom
Prior art keywords
bar code
data
authenticating
code
dimensional
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Withdrawn
Application number
GB1207935.6A
Other versions
GB201207935D0 (en
Inventor
Harold Robert Holt
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Individual
Original Assignee
Individual
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Individual filed Critical Individual
Priority to GB1207935.6A priority Critical patent/GB2501874A/en
Publication of GB201207935D0 publication Critical patent/GB201207935D0/en
Publication of GB2501874A publication Critical patent/GB2501874A/en
Withdrawn legal-status Critical Current

Links

Classifications

    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06KGRAPHICAL DATA READING; PRESENTATION OF DATA; RECORD CARRIERS; HANDLING RECORD CARRIERS
    • G06K19/00Record carriers for use with machines and with at least a part designed to carry digital markings
    • G06K19/06Record carriers for use with machines and with at least a part designed to carry digital markings characterised by the kind of the digital marking, e.g. shape, nature, code
    • G06K19/06009Record carriers for use with machines and with at least a part designed to carry digital markings characterised by the kind of the digital marking, e.g. shape, nature, code with optically detectable marking
    • G06K19/06046Constructional details
    • G06K19/06056Constructional details the marking comprising a further embedded marking, e.g. a 1D bar code with the black bars containing a smaller sized coding
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06KGRAPHICAL DATA READING; PRESENTATION OF DATA; RECORD CARRIERS; HANDLING RECORD CARRIERS
    • G06K19/00Record carriers for use with machines and with at least a part designed to carry digital markings
    • G06K19/06Record carriers for use with machines and with at least a part designed to carry digital markings characterised by the kind of the digital marking, e.g. shape, nature, code
    • G06K19/06009Record carriers for use with machines and with at least a part designed to carry digital markings characterised by the kind of the digital marking, e.g. shape, nature, code with optically detectable marking
    • G06K19/06046Constructional details
    • G06K19/06075Constructional details the marking containing means for error correction

Landscapes

  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Information Retrieval, Db Structures And Fs Structures Therefor (AREA)
  • Storage Device Security (AREA)

Abstract

A method for authenticating a two-dimensional barcode data uses additional non-barcode data. The additional data could be hidden or embedded in or near the barcode, and may take the form of pictorial data. The barcode data may also be cross-referenced with an authenticated database to improve security. The aim is to provide a means of indentifying secure two-dimensional codes, and perhaps allowing the user to access only websites that are found to be secure.

Description

METHOD FOR AUTHENTICATING A BAR CODE
Images displayed as two dimensional bar codes called QR Codes originally designed for the manufacturing sector are increasingly being used for marketing purposes and in particular for use with mobile smartphones the codes are scanned by a mobile device's camera and launch the device's browser to open the webpage that they are linked to. The code alone gives no indication of the end destination such as a webpage which may contain code that can hijack devices and steal data, the result of this increased use for marketing has meant that an opportunity for the mobile phones security measure to be easily breached by persons with malicious intent has arisen, therefore there is a need to combat this security vulnerability ideally at source thus maintaining the mobile devices integrity and therefore eliminating any such threat.
The present invention being a method for authenticating two dimensional code data using hidden data and or cross referencing two dimensional codes data with an authenticated remote database entry to improve the security of two dimensional codes and to overcome the negative issues already described above and has as its object to provide a two-dimensional code which may be made secure by an authentication method to provide a good distinction between a non-secure two dimensional code and a secured one.
In order to achieve the above objective, in one aspect, there is provided a two-dimensional code having hidden data embedded within the two dimensional code's border or within the codes matrix or alternatively the hidden data may be juxtaposed to the code's borders.
Said hidden data may be a readable image capable of being scanned by a bar code reader the data or image may be encrypted, for the sake of clarity the words hidden data' herein means not discernible by a human viewing a two dimensional code of any colour In another aspect a secure two dimensional code herein referred to as a 2D code' is generated via a code creation software programme so that a dedicated code reader being provided with a means to decode the hidden data, said data may authenticate the generated two dimensional code being clicked on, scanned or read. In this example a 2D code being created by the software code creation program this program may generate a 2D code security data matrix which may be automatically embedded into a 2D code base matrix to form one harmonious 2D code which may be scanned/read by a software reader program both reader and code creation programs having a security encryption algorithm inbuilt in the case of a code creation program and decryption means for the code reader and both programmes being suitable for use with computers and mobile devices.
In a further aspect the code creation program may have an algorithm to produce a character string said algorithm using random numbers to select the characters that form random passwords these being pronounceable and unpronounceable, such random passwords would be highly secure and extremely difficult to crack or guess due to an optional combination of lower and upper case letters, numbers and punctuation symbols.
In yet another aspect of the authentication method the user enters their data using an interface such as a computer or mobile device from this imputed data the code creation software produces a 2D code together with the embedded security hidden data, typically where the code is used for marketing the data may include a link to a destination such as a website, however as previously described the user has no way of knowing if the destination website is a safe place to visit unless they recognise the website address, even then there is no guarantee that the website address has not been forged, one example given herein will overcome this problem, the user who has generated the 2D code has been previously vetted, this vetting process confirms that the person or entity are legitimate, once this is established, any user scanning a code created in this way will have the satisfaction of security as the vetting actions will have been preformed prior to the user scanning or clicking the 2D code. In it's simplest form the 2D code may have appended to it or suitably placed on the code within the code perimeter so as to be readable and compared to an authentic image stored locally or remotely for example an image logo that is recognisable as meaning that the associated code is secured for example an open lock symbol is replaced with a locked symbol this authentication may take place under a secure environment providing an indication of the legitimacy of the codes author this operation may be undertaken on the fly. In a further example a digital checking of the 2D code starts when a person clicks the code they receive a visual message and an audible warning may also be appropriate, the visual message may take the form of characters or an image such as "Validated By QRSURE" in certain circumstances a link may also be provided to a website page where the QRSURE authentication process is explained, a further check of the links destination address is carried out by reference to a database entry this may be on a remote this sever may be secured by a digital certificate the database entry being input previously by the action of a person creating the code this parsing of the database for a data match may be carried out on the fly and the visual message and or audible message may be omitted so as to provide a seamless flow from the initial user accessing the code to the destination which in this example is a website address. The parsing of data to authenticate the codes validity also allows for further enchantments to provide a more secure environment for users of 2D codes. In this aspect a code is created by a user in the manner described herein, howeveG 2D codes are usually associated with one action, for example they may contain a link to a website, provide a telephone numbeç plain text, and other information, once a 2D code has been generated the information that the code contains cannot be changed, this means that there are times when a code will have data that is no longer relevant or the data is void i.e. (if the code contained a destination web page address that no longer existed) then this would mean any user accessing this code will receive an error or be given information held in the 2D code which is not relevant, this code redundancy may lead to a 2D code being hijacked and used for unsavoury purposes, therefore in these circumstances the ability to parse a database before delivering the information to the user means that there is a mechanism for updating a code with changed information so as to contain the most up to date and reliant data furthermore this means that only one 2D code needs to be created as the information provided to the user may be updated at any time via a suitable interface.

Claims (16)

  1. CLAIMS1. Method for authenticating a bar code in which there is a means to identify the status of a two dimensional bar code by referencing the bar code's data with non bar code data, specifically for the purpose of authentication of the said two dimensional bar code.
  2. 2. Method for authenticating a bar code according to claim 1 in which the means to identify the status of a two dimensional bar code is encrypted or not.
  3. 3. Method for authenticating a bar code according to claim 1 in which the bar code contains additional data that is specifically used to identify the specific bar code so as to provide a validity checking of said bar code, thereby providing the status of the said bar code.
  4. 4. Method for authenticating a bar code according to claim 1 in which the bar code has an embedded identifier that can be read by a bar code reader so as to validate the said embedded identifier data.
  5. 5. Method for authenticating a bar code according to any of the preceding claims in which the bar code data is cross-referenced with a database entry, said cross-referencing obtaining a data match between the database data and the bar code data confirms the codes validity.
  6. 6. Method for authenticating a bar code according to any of the preceding claims in which the bar code contains pictorial data which is used to validate the bar code's authenticity.
  7. 7. Method for authenticating a bar code according to any of the preceding claims in which the bar code has additional data juxtaposed to the code's border which is used to validate the bar code's data.
  8. 8. Method for authenticating a bar code according to any of the preceding claims in which the bar code has encrypted data which is specifically used to validate the bar code's data.
  9. 9. Method for authenticating a bar code according to any of the preceding claims in which the bar code has additional data embedded in the bar code's border.
  10. 10. Method for authenticating a bar code according to any of the preceding claims in which the bar code data is cross-referenced with a database entry either locally or remotely, said cross-referencing obtaining a data match allows for different data to be presented other than that of the original bar code's data.
  11. 11. Method for authenticating a bar code according to any of the preceding claims in which the authentication bar code data is matched with a database entry to validate a two dimensional code before processing the bar code's data.
  12. 12. Method for authenticating a bar code according to any of the preceding claims in which the validation of a two dimensional code is carried out by a code reader said code reader being local or remote to the said bar code.
  13. 13. Method for authenticating a bar code according to any of the preceding claims in which the status check of a two dimensional code is carried out by a bar code reader, said bar code reader having a decryption algorithm, said algorithm being specifically for validating the status of a generated two dimensional bar code said validation checking being carried out before any other action.
  14. 14. Method for authenticating a bar code according to any of the preceding claims in which the validation of a two dimensional code is carried out by a connection from a mobile device to a remote server on the fly.
  15. 15. Method for authenticating a bar code according to any of the preceding claims in which the validation to produce a status check of a two dimensional code is carried out by an encryption and decryption algorithm.
  16. 16. Method for authenticating a bar code according to any of the preceding claims in which a status check of a two dimensional code is carried out by a comparison algorithm.
GB1207935.6A 2012-05-06 2012-05-06 Authenticating a barcode using non-barcode data Withdrawn GB2501874A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
GB1207935.6A GB2501874A (en) 2012-05-06 2012-05-06 Authenticating a barcode using non-barcode data

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
GB1207935.6A GB2501874A (en) 2012-05-06 2012-05-06 Authenticating a barcode using non-barcode data

Publications (2)

Publication Number Publication Date
GB201207935D0 GB201207935D0 (en) 2012-06-20
GB2501874A true GB2501874A (en) 2013-11-13

Family

ID=46396600

Family Applications (1)

Application Number Title Priority Date Filing Date
GB1207935.6A Withdrawn GB2501874A (en) 2012-05-06 2012-05-06 Authenticating a barcode using non-barcode data

Country Status (1)

Country Link
GB (1) GB2501874A (en)

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20040211844A1 (en) * 2003-04-24 2004-10-28 Marshall Richard A. Barcodes including embedded security features and space saving interleaved text
WO2008003964A2 (en) * 2006-07-05 2008-01-10 Iti Scotland Limited Bar code authentication
US20090083852A1 (en) * 2007-09-26 2009-03-26 Microsoft Corporation Whitelist and Blacklist Identification Data
US20110259962A1 (en) * 2008-09-23 2011-10-27 Advanced Track And Trace Method and device for authenticating geometrical codes

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20040211844A1 (en) * 2003-04-24 2004-10-28 Marshall Richard A. Barcodes including embedded security features and space saving interleaved text
WO2008003964A2 (en) * 2006-07-05 2008-01-10 Iti Scotland Limited Bar code authentication
US20090083852A1 (en) * 2007-09-26 2009-03-26 Microsoft Corporation Whitelist and Blacklist Identification Data
US20110259962A1 (en) * 2008-09-23 2011-10-27 Advanced Track And Trace Method and device for authenticating geometrical codes

Also Published As

Publication number Publication date
GB201207935D0 (en) 2012-06-20

Similar Documents

Publication Publication Date Title
US9426149B2 (en) Mobile secure login system and method
JP5023075B2 (en) Computer-implemented authentication interface system
JP5133248B2 (en) Offline authentication method in client / server authentication system
KR101589192B1 (en) Identity authentication and management device and method thereof
TWI526037B (en) Method and system for abstrcted and randomized one-time use passwords for transactional authentication
CA2970338C (en) System and method for replacing common identifying data
US20170237726A1 (en) Mobile Secure Login System and Method
TR201810238T4 (en) The appropriate authentication method and apparatus for the user using a mobile authentication application.
TWI529641B (en) System for verifying data displayed dynamically by mobile and method thereof
CN102073822A (en) Method and system for preventing user information from leaking
US10972465B1 (en) Secure authentication through visual codes containing unique metadata
JP6488613B2 (en) Trading system and program
US10701105B2 (en) Method for website authentication and for securing access to a website
KR101226319B1 (en) Identification Authentication method and System therefor
GB2501874A (en) Authenticating a barcode using non-barcode data
Van Rijswijk et al. Tiqr: A Novel Take on {Two-Factor} Authentication
JP2016035727A (en) Two factor authentication system
KR101427733B1 (en) Device and method for authenticating server
Zhang et al. Enhancing QR Code Security
JP6084258B2 (en) Authentication system and display program
d'Alessandro et al. SC@ CCO: a Graphic-Based Authentication System
Millican et al. SAVVIcode: Preventing Mafia Attacks on Visual Code Authentication Schemes (Short Paper)
CN105023156A (en) Verification method and verification system for electronic credential

Legal Events

Date Code Title Description
WAP Application withdrawn, taken to be withdrawn or refused ** after publication under section 16(1)