Patent Application
20090171848
The invention disclosed herein relates generally to mailing systems, and more particularly to mailing systems that utilize configurable postal security devices to support multiple customers and carriers.
Mailing systems, such as, for example, a mailing machine, often include different modules that automate the processes of producing articles, such as, for example, mail pieces. Mail pieces can include, for example, envelopes, post cards, flats, and the like. The typical mailing machine includes a variety of different modules or sub-systems each of which performs a different task on the mail piece. The mail piece is conveyed downstream utilizing a transport mechanism, such as rollers or a belt, to each of the modules. Such modules could include, for example, a separating module, i.e., separating a stack of mail pieces such that the mail pieces are conveyed one at a time along the transport path, a moistening/sealing module, i.e., wetting and closing the glued flap of an envelope, a weighing module, and a metering/printing module, i.e., applying evidence of postage to the mail piece. The exact configuration of the mailing machine is, of course, particular to the needs of the user.
Typically, a control device, such as, for example, a microprocessor, performs user interface and controller functions for the mail processing system. Specifically, the control device provides all user interfaces, executes control of the mail processing system and print operations, calculates postage for debit based upon rate tables, provides the conduit for the Postal Security Device (PSD) to transfer postage indicia to the printer, operates with peripherals for accounting, printing and weighing, and conducts communications with a data center for postage funds refill, software download, rates download, and market-oriented data capture. The control device, in conjunction with an embedded PSD, constitutes the system meter that satisfies U.S. information-based indicia postage meter requirements and other international postal regulations regarding closed system meters.
In conventional mail processing systems, the PSD is configured for a specific application at time of initialization. This typically happens at a stage late in the manufacturing process. Once configured, the PSD is locked into that specific configuration throughout its life. Being locked into a specific configuration limits the potential uses of the mail processing system. In situations where it may be desired to support multiple carriers and customers, such as for example, in a mailhouse environment or a shared mail processing system environment, it would be necessary to utilize multiple mail processing systems.
It would be desirable, therefore, for a single mail processing system to be able to securely support multiple customers and carriers.
The present invention alleviates the problems associated with the prior art and provides a system and method for allowing a single mail processing system to support multiple customers and carriers.
In accordance with the present invention, a mail processing system is provided with a PSD that can be dynamically configured. Meter records are maintained at a data center. Each meter record includes information necessary to configure the PSD for a particular customer and/or a specified carrier. When it is desired to process mail for a specific customer and carrier, the PSD communicates with the data center to request the appropriate meter record. The data center provides the requested meter record to the PSD, which then is configured according to the meter record. Once loaded with a complete meter record, the PSD will function as a traditional PSD and mail processing can be performed by the mail processing system using the configured PSD. All accounting takes place locally in the PSD, and all records maintained in the meter record are updated locally in the PSD. Upon completion of the mail run, the updated meter record can then be uploaded to the data center until the next mail run that requires the meter record. In this manner, a generic PSD is provided in which the number of customers and carriers that can be supported is flexible and updatable.
Therefore, it should now be apparent that the invention substantially achieves all the above aspects and advantages. Additional aspects and advantages of the invention will be set forth in the description that follows, and in part will be obvious from the description, or may be learned by practice of the invention. Moreover, the aspects and advantages of the invention may be realized and obtained by means of the instrumentalities and combinations particularly pointed out in the appended claims.
The accompanying drawings illustrate presently preferred embodiments of the invention, and together with the general description given above and the detailed description given below, serve to explain the principles of the invention. As shown throughout the drawings, like reference numerals designate like or corresponding parts.
In describing the present invention, reference is made to the drawings, wherein there is seen in
System 10 further includes a data center 30 having a control unit 32 and database 34. Control unit 32 can be, for example, a processing unit or the like that is adapted to control operation of the data center 30. Device 12 is adapted to communicate with the data center 30 via a network 40, such as, for example the Internet or the like.
Unlike a conventional postal security device, PSD 14 is not locked into a single configuration, and can not be used to generate any type of indicia without having a required meter record (described below) installed. The NVM 18 is used to store certain information associated with the PSD 14, including, for example, an identification number (serial number or the like) of the PSD 14, and one or more cryptographic keys that are utilized to secure communications with the data center 30 as described further below. NVM 18 is also utilized to maintain current information associated with each meter record previously downloaded to the PSD 14, which can include, for example, an upload count for each meter record, and one or more register values (from the last time the meter record was downloaded to PSD 14) for each meter record to prevent a replay of meter records (as described further below).
Database 34 of data center 30 is used to store meter records that are utilized to configure the PSD 14 when downloaded to the PSD 14. Each meter record is associated with a specific customer and includes information that enables the PSD 14 to generate indicia for the specific customer and/or carrier. Thus, a separate meter record will exist for each possible customer, and for each customer/carrier combination, for which indicia is authorized to be generated using the mail processing device 12. The meter record can include, for example, the following information: an identification number, a current upload count, one or more cryptographic keys required to generate indicia or ensure print security, a plurality of register values associated with accounting, serial number count for generated indicia, a postal code for the meter record, and any additional parameters required for the generation and accounting of indicia that may be required, including carrier specific requirements. The meter record identification number is associated with a particular customer, and provides a suitable identification of the meter record to allow the appropriate meter record to be downloaded upon request. The register values can include, for example, an ascending register value (value of all postage ever expended), a descending register value (value of postage remaining in meter record), a piece count, and any other register values associated with the meter record that are desired to be maintained.
Database 34 can also be used to store indicia records, which contain the information necessary to create an indicia as may be required by different carriers. Such information could include, for example, any necessary graphics, format information, etc. as specified by a carrier. Each meter record preferably includes an indicator that specifies the necessary indicia record that is to be utilized with the meter record.
In step 54, the control unit 32 of the data center 30 validates the request for the specified meter record based on the meter record stored in the database 34. This can include, for example, verifying the digital signature included with the request, ensuring that a corresponding meter record for the identification included in the request exists, and validating the register values included in the request with the register values included in the meter record from the database 34. The upload counter maintains a count of the number of times the meter record was previously uploaded by the PSD 14, and gets incremented each time the meter record is uploaded. Thus, if the upload counter included in the request does not match the upload counter included in the meter record stored in the database 34, this indicates that there is a discrepancy that needs to be resolved before the meter record can be utilized. For example, if the upload counter included in the request is less than the upload counter for the meter record as stored in the database 34, this can indicate that the request is an old request message that is improperly being resent. Additional security can be provided using the register value or values included in the request. The register value can be, for example, the ascending register value for the requested meter record, or a piece count for the meter record. As each meter record is utilized by the PSD 14 (as described below), the register values are updated and the final values for each session are preferably stored by the NVM 18. These values are included in the next request for the meter record, and can be used by the control unit 32 to ensure that the register values coincide with those as stored in the database 34. This provides security against tampering with the meter records, or attempting to fraudulently use the PSD 14 to generate indicia without properly accounting for the indicia in a meter record.
In step 56, it is determined if the request is a valid request as described above. If the request is not valid, then in step 58 an error message is returned which alerts the user that the request message was invalid. Optionally, processing can return to step 52 to allow the user to retry the request or make a new request. If it is determined in step 56 that the request is a valid request, then in step 60 the control unit 32 prepares a download to be sent to the PSD 14 and sends it to the PSD 14. Such a download includes the requested meter record retrieved from the database 34, and an updated upload count record for the meter record. The download can also optionally include an appropriate indicia record if required. Preferably, the download includes a digital signature that can be verified by the microprocessor 16 of the PSD 14 for added security.
In step 62, the microprocessor 16 of PSD 14 validates the received download. Such validation can include verifying the digital signature provided with the download, and also verifying that the updated upload count included with the download corresponds to the expected value, i.e., is equivalent to the next count in the sequence of the upload count as stored in the NVM 18, for the meter record. Such validation of the upload count ensures that the meter record being downloaded is fresh and is not a replay of an old meter record. In step 64 it is determined if the download has successfully been validated. If not, then in step 66 an error message is returned to the data center 30 and optionally, processing can return to step 52 to allow the user to retry the request or make a new request. If in step 64 it is determined that the download has been verified, the in step 68 the microprocessor 16 temporarily stores the meter record in the NVM 18 of PSD 14, increments the upload counter in the NVM 18 for the meter record, and activates the PSD 14 for use to generate indicia. The communication link between the data center 30 and PSD 14 may or may not be terminated depending upon the design of the system 10.
In step 70 (
Preferably, once the message for the data center has been prepared by the microprocessor 16, the meter record stored in the NVM 18 is removed by the microprocessor 16, thereby preventing the meter record from being subsequently used again by the PSD 14 without repeating the download process. This renders the PSD 14 inactive and unable to generate any indicia, as there is no longer any meter record for the PSD 14 to use. Preferably, in step 74 it is determined if the message with the updated meter record was properly received by the data center 30, such as, for example, by receipt of a confirmation message from the data center 30. If not, then in step 76 the message is resent from the PSD 14 to the data center 30 until the message is properly received. This prevents the updated meter record from being lost or damaged during transmission, and the possible corruption of the entire meter record if the updated values are never properly received at the data center 30. Upon successful receipt of the message by the data center, then in step 78 the updated meter record received from the PSD 14 is stored in the database 34 at the data center 30 for subsequent use.
The PSD 14, having removed the meter record, is now ready to request a new meter record associated with a different customer or carrier. Thus, according to the present invention, a single mail processing system having the capability to support multiple customers and carriers is provided by dynamically configuring the PSD with a meter record for each customer. Since all indicia generating and accounting is performed locally by the PSD using the installed meter record, it is not necessary for the mail processing system to be continuously connected to a data center. While preferred embodiments of the invention have been described and illustrated above, it should be understood that they are exemplary of the invention and are not to be considered as limiting. Additions, deletions, substitutions, and other modifications can be made without departing from the spirit or scope of the present invention. Accordingly, the invention is not to be considered as limited by the foregoing description but is only limited by the scope of the appended claims.
