Patent Grant
8037307
1. Field of the Invention
The present invention generally relates to methods of document verification. More particularly, the present invention relates to a system and method of providing authentication codes over a network to embed in or print on documents for verification and authentication purposes.
2. Description of the Related Art
There are several methods known to embed security measures into a document to help prove that the document is authentic. The most basic methods are to impose or emboss a visible seal on the document. It is also known to use a watermark or a ribbon in the substrate of the document, or use color shifting ink, all of which are readily visible to a person viewing the document. There are other methods to maintain document authenticity which are not readily visible to a viewer, such as microprinting, or the use of heat or light sensitive ink.
One particularly important area for document authentication concerns lottery tickets. In most instances, mere possession of a winning lottery ticket entitles the holder to the winnings. Thus, authentication of the presented lottery ticket is critically important. For example, lottery on-line tickets which are common in many countries and states are, by necessity, printed and presented to the purchaser in real-time with transactional data printed on the lottery ticket via a thermal or impact printer. To enhance security, lotteries typically use preprinted ticket stock with serial numbering on the back of the printing substrate as well as fluorescent and other inks on the ticket substrate to help prove authenticity and integrity. The preprinted serial numbering provides much of the security in determining the authenticity of a winning ticket because the distribution of the preprinted serial number ticket stock is maintained by an entity separate from the one controlling the printing of transactional data. When a winning ticket is presented for redemption, an audit trail can be established between the ticket stock serial number and the transactional data.
However, this added paper stock security has the disadvantage of high cost, as well as the logistics of tracking the ticket stock. Also, the labor intensive nature of correlating the ticket stock to an on-line lottery ticket printed at a given retailer at a given time typically prohibits the method's use for all but high-tier winning tickets. Finally, it may be possible for an insider with access to the system controlling the printing of transactional data to simply purchase a Lottery ticket from a retailer shortly after it was determined that that a high tier winner was sold at that location to thereby gain illicit knowledge of the appropriate ticket stock serial number range.
A second tier of defense can be added to on-line ticket security through either encrypting the ticket-provider transactional database or the printed ticket serial numbers. This encryption stops readily discernable correlation between the ticket provider database, which contains the listing of winning tickets, and the actual on-line ticket serial numbers printed in the field. Such action prevents an insider with access to the winning database from being able to counterfeit winning ticket serial numbers. Further, the encryption technique has the advantage of securing both high and low tier redemptions as opposed to logistical limitations limiting ticket stock serial number validation to high tier fraud. However, this method of on-line serial number encryption relies upon the encryption keys being unknown to insiders. Also, on-line serial number encryption creates a processing burden on all sales transactions at the ticket-provider and has the possibility of locking-out all legitimate redemptions if the secret encryption/decryption key(s) become lost.
Accordingly, it would be advantageous to provide a method to allow verification for remotely printed documents that does not rely upon preprinted substrate. Further, especially regarding on-line lottery tickets, such method should allow the verification and authentication of all printed documents with minimal cost in doing so. It is thus to a novel system and method for providing authentication codes across a network for use on documents that the present invention is primarily directed.
The present invention is a system and method for providing an authentication code across a network for use in authentication of documents, such as on-line printed lottery tickets. The use of an authentication code printed on the lottery tickets protects against both counterfeiting and insider attacks. In one embodiment, the invention is a system for providing an authentication code across a network for use in a game-entry document, comprising one or more terminals that each include a document printing device, with each terminal including a key and selectively receiving a bet for entry into a game and generating a game-entry document having document specific information, and each terminal further generating a document code comprised of a mathematical function utilizing at least the key and a bet for a specific game entry and selectively transmitting the document specific information and document code to another computer device on the network. The system includes at least one server in communication with the network that receives the document-specific information and document code transmitted from the one or more terminals, stores such document-specific information and code, and sends the one or more terminals at least an authentication code for printing on a game-entry document. Upon receipt of the authentication code from the at least one server, each terminal prints a game-entry document including the received authentication code. Verification of the document can then occur from comparison of the authentication code on the document and stored document codes at the server.
In another embodiment, the invention is a method of providing an authentication code across a network for use in the verification of a game-entry document, including the steps of receiving at a server document-specific information and a document code transmitted from a terminal across a network, wherein the terminal includes a key and selectively receives a bet for entry into a game and selectively generates a game-entry document having document-specific information, with the terminal further generating a document code comprised of a mathematical function utilizing at least the key and a bet for a specific game entry and transmitting the document-specific information and document code to another computer device on the network. Then the method includes the step of storing such document-specific information and document code at the server, and generating an authentication code based upon the received document-specific information and document code, and then sending to the one or more terminals, at least, the authentication code for generation of a game-entry document.
In yet another embodiment, the invention includes a computer device for generating game-entry documents, having a document printing device, a communication interface with a network, and a controller that includes a key and selectively receives a bet for entry into a game and selectively generating a game-entry document having document-specific information, the controller further generating a document code comprised of a mathematical function utilizing at least the key and a bet for a specific game entry, and the controller selectively transmits the document specific information and document code to another computer device on the network, such as a central server, and the controller selectively receives an authentication code for printing on the ticket.
The present invention accordingly provides an advantage as it allows verification for remotely printed documents, such as lottery tickets, without the use of preprinted substrate. The process can be done electronically to minimize the cost such that any document can be economically authenticated. In fact, in particular regard to on-line lottery tickets, the present invention can mitigate the need for preprinted serial number paper stock and encryption of the ticket-provider generated on-line ticket serial numbers as the authentication codes and usage of key-based encryption is more secure than those methods.
Other objects, advantages and features of the present invention will become apparent after review of the hereinafter set forth Brief Description of the Drawings, Detailed Description of the Invention, and the Claims.
With reference to the drawings in which like numerals represent like elements throughout,
To provide document security to the printed tickets, the terminal 12 generates and appends an authentication code (e.g., the hash key) to the standard ticket date and serial number at the time of ticket printing The present invention is an alternative to the traditional methods of securing documents, such as on-line lottery tickets, as those shown in
The lottery authority will only be able to “verify” a signature for a particular lottery terminal 16. In other words, the verifier must have the data for the original document code sent from the terminal 16, which is reproducibly from the authentication code on the printed ticket 20 and use that information to verify the authentication on the ticket 20. In one embodiment, the terminal 16 would hash (mathematical summary) some specific data of the ticket 20, preferably the bet value which will vary per ticket, and can also include such further data as the date 32 and serial number 34, with a local resident key, typically a mathematical value such as a large prime number. Then the key is used to hash and the encrypted hash becomes a document code of the ticket 20. At the other end, the server 12 receives the document code and generates an authentication code to send to the terminal 16 for printing on the ticket 20, which can be solely the ticket serial number, or alternately, a further hashing or other mathematical function of the document code.
While the system 10 is shown as particularly securing a lottery ticket, other documents, such as currency, bonds, instruments, and other printed or remote media can use the present inventive system for security. Furthermore, the authentication code can also be stored in another data format, such as bar code 44, or other one and two dimensional data media. Once the document code is generated, the terminal 16 transmits the document code and other document-specific data, such as bet data, to the server 12. In one embodiment, the server 12 will then generate an authentication code for transmission back to the terminal 12 and printing on the ticket 20. In another embodiment, when the server 12 receives the bet data and hash, it generates an unique serial number, stores the serial number, hash, and bet data, and then transmits the serial number back to the terminal 16. The terminal 16 receives the serial number and prints it along with the bet data and, alternately, the Key to the hash.
The server 12 can then maintain a record of the document code and/or the authentication code for all terminals 16 to be used as a lookup table when a lottery ticket is validated. As is further described in the process of
In another embodiment, the server 12 uses the transmitted hash key to perform a cryptographic hash of the key and the bet data to verify that the ticket 20 is valid. Thus, if the newly generated hash is identical to the hash that was transmitted to the server 12 at the time of the ticket sale, the lottery ticket is authentic and was printed at the correct retailer at the correct time. Conversely, if the newly generated and stored hashes do not match, the lottery ticket is possibly a forgery and the player should be made to go through other methods to receive payment.
One advantage of utilizing the authentication code to secure the lottery ticket 20, is that the system 10 can be made secure against insider forgeries while still allowing the serial number 24 to remain as clear text at both the ticket provider and on the printed lottery ticket 20. This is opposed to a central server 12 based encryption or keyed-hash scheme which requires that the key be kept secret from all insiders for the system 10 to remain secure. If a pseudorandom key is generated for each ticket, in hashing the bet value, the document code will be fairly random such that a brute force attack decryption will not work.
While the system 10 does require an initial secret key, the security is derived from the authentication code being based upon a mathematical function of the document code. After the document code is made at the terminal 16, the key is changed and no record is kept such that the only way to learn of the document code is to correctly decrypt the authentication code.
Because the pseudorandom nature of the key generation at the terminal 16, the hash keys, or other authentication codes, stored at the server 12 can be audited to ensure that the randomness is maintained and thus, that the security of the encryptions of the authentication codes is high. Since in the system 10, the server 12 is required to maintain a database of all authentication codes, the database can be audited with the assurance that the terminal 16 is truly selecting pseudorandom keys. For audit purposes, the authentication code database can be assumed to be random and therefore secure if it passes two general tests: (1) It appears random; and (2) it is unpredictable. It must be computationally infeasible to predict what the next authentication code will be for a given document code.
To ensure randomness, there are automated tests that a third party (e.g., a Lottery authority) can perform to ensure that the second (hash or public) key database is random. One test is to determine if the distribution of “1s” and “0s” throughout the second (hash or public) key database is approximately even. Further, approximately half of the runs (sequences of the same bit) should be of length one, one quarter of length two, one eight of length three, and so on. Also, the distribution of run lengths for “1s” and “0s” should be about the same. Finally, when an off-the-shelf loss-less compression algorithm is applied to the database of second (hash and public) keys the compression level should not exceed 25%. All of the above properties can then be quantified with their output applied to a “chi-squared” test, which is a mathematical test known in the art to measure deviation of a sample from expectation, to ensure the randomness of the second key database.
To ensure unpredictability, an auditor can be reasonably assured that the sequence of public keys is unpredictable by simply scanning multiple databases for repeated keys or sequences of keys. While some small number of key repetitions can be possible, a chi-squared test would reveal if a level of repetition were excessive.
While there has been shown a preferred and alternate embodiments of the present invention, it is to be appreciated that certain changes may be made in the form and arrangement of the elements, and steps of the methods without departing from the underlying spirit and scope of the invention as is set forth in the Claims. Furthermore, although elements of the invention may be described or claimed in the singular, the plural is contemplated unless limitation to the singular is explicitly stated.
This application is a continuation-in-part of U.S. patent application Ser. No. 11/039,748, filed on Jan. 19, 2005, now U.S. Pat. No. 7,788,482 which claims the benefit of U.S. Provisional Patent Application Ser. No. 60/569,773, filed May 10, 2004, the entirety of which are hereby incorporated herein by this reference.
| Number | Name | Date | Kind |
|---|---|---|---|
| 4842278 | Markowicz | Jun 1989 | A |
| 4922522 | Scanlon | May 1990 | A |
| 5119295 | Kapur | Jun 1992 | A |
| 5420406 | Izawa et al. | May 1995 | A |
| 5667250 | Behm et al. | Sep 1997 | A |
| 5769458 | Carides et al. | Jun 1998 | A |
| 5791990 | Schroeder et al. | Aug 1998 | A |
| 5863075 | Rich et al. | Jan 1999 | A |
| 6107913 | Gatto et al. | Aug 2000 | A |
| 6170744 | Lee et al. | Jan 2001 | B1 |
| 6267670 | Walker et al. | Jul 2001 | B1 |
| 6322446 | Yacenda | Nov 2001 | B1 |
| 6327656 | Zabetian | Dec 2001 | B2 |
| 6402614 | Schneier et al. | Jun 2002 | B1 |
| 6552290 | Lawandy | Apr 2003 | B1 |
| 6557759 | Zolotarev et al. | May 2003 | B1 |
| 6602138 | Nulph | Aug 2003 | B2 |
| 6685562 | Rantanen | Feb 2004 | B1 |
| 6817515 | Winnett | Nov 2004 | B2 |
| 6875105 | Behm et al. | Apr 2005 | B1 |
| 6899621 | Behm | May 2005 | B2 |
| 6918038 | Smith et al. | Jul 2005 | B1 |
| 6944770 | Henderson et al. | Sep 2005 | B2 |
| 7069250 | Meadow et al. | Jun 2006 | B2 |
| 20020067827 | Kargman | Jun 2002 | A1 |
| 20020084327 | Ehrhart et al. | Jul 2002 | A1 |
| 20040053011 | Behm et al. | Mar 2004 | A1 |
| 20040054678 | Okamoto et al. | Mar 2004 | A1 |
| 20040056416 | Bennett, III | Mar 2004 | A1 |
| 20040076310 | Hersch et al. | Apr 2004 | A1 |
| 20040127279 | Gatto et al. | Jul 2004 | A1 |
| 20040128395 | Miyazaki | Jul 2004 | A1 |
| 20050003884 | Meyer et al. | Jan 2005 | A1 |
| 20050038756 | Nagel | Feb 2005 | A1 |
| 20050133584 | Finnerty et al. | Jun 2005 | A1 |
| 20050163549 | Shima et al. | Jul 2005 | A1 |
| 20070088953 | Hilton et al. | Apr 2007 | A1 |
| Number | Date | Country |
|---|---|---|
| 2005 071245 | Mar 2005 | JP |
| Number | Date | Country | |
|---|---|---|---|
| 20070113280 A1 | May 2007 | US |
| Number | Date | Country | |
|---|---|---|---|
| 60569773 | May 2004 | US |
| Number | Date | Country | |
|---|---|---|---|
| Parent | 11039748 | Jan 2005 | US |
| Child | 11482465 | US |
