Verifying authenticity of machine-readable identifiers

US 10,230,705 B1
Filed: 03/16/2015
Issued: 03/12/2019
Est. Priority Date: 03/16/2015
Status: Active Grant

First Claim

Patent Images

1. A non-transitory computer-readable medium embodying a program executable in at least one computing device, wherein when executed the program causes the at least one computing device to at least:

in response to receiving an image, determine a first machine-readable identifier present in a first portion of the image;

determine a second machine-readable identifier that is present in a second portion of the image and is separate from the first machine-readable identifier;

determine whether the first machine-readable identifier is authentic based at least in part on the second machine-readable identifier;

determine a uniform resource identifier (URI) encoded in the first machine-readable identifier;

request a resource corresponding to the URI in response to determining that the first machine-readable identifier is authentic; and

generate an alert in response to determining that the first machine-readable identifier is not authentic.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Disclosed are various embodiments for verifying the authenticity of machine-readable identifiers, such as quick response (QR) codes or other identifiers. After data is received corresponding to a machine-readable identifier, environmental data may be acquired with respect to an environment of the machine-readable identifier. The authenticity of the machine-readable identifier may be verified based at least in part on the environmental data. In some embodiments, a verification request may be sent to a trusted authority.

34 Citations

View as Search Results

23 Claims

1. A non-transitory computer-readable medium embodying a program executable in at least one computing device, wherein when executed the program causes the at least one computing device to at least:
- in response to receiving an image, determine a first machine-readable identifier present in a first portion of the image;
  
  determine a second machine-readable identifier that is present in a second portion of the image and is separate from the first machine-readable identifier;
  
  determine whether the first machine-readable identifier is authentic based at least in part on the second machine-readable identifier;
  
  determine a uniform resource identifier (URI) encoded in the first machine-readable identifier;
  
  request a resource corresponding to the URI in response to determining that the first machine-readable identifier is authentic; and
  
  generate an alert in response to determining that the first machine-readable identifier is not authentic.
- View Dependent Claims (2, 3, 4)
- - 2. The non-transitory computer-readable medium of claim 1, wherein when executed the program further causes the at least one computing device to at least:
    - send a verification request for the first machine-readable identifier to a trusted authority;
      
      receive a result of the verification request from the trusted authority; and
      
      determine whether the first machine-readable identifier is authentic based at least in part on the result of the verification request.
  - 3. The non-transitory computer-readable medium of claim 1, wherein when executed the program further causes the at least one computing device to at least:
    - determine a location of the first machine-readable identifier; and
      
      determine whether the first machine-readable identifier is authentic based at least in part on the location and a plurality of associations between the location and the first machine-readable identifier created by a plurality of users.
  - 4. The non-transitory computer-readable medium of claim 1, wherein the first machine-readable identifier comprises a quick response (QR) code.

5. A system, comprising:
- at least one computing device; and
  
  a verification application executable in the at least one computing device, wherein when executed the verification application causes the at least one computing device to at least;
  
  in response to receiving, from a client device, image data comprising a first machine-readable identifier, identify, in the image data, a second machine-readable identifier that is separate from the first machine-readable identifier;
  
  acquire environmental data with respect to an environment of the first machine-readable identifier; and
  
  verify an authenticity of the first machine-readable identifier based at least in part on the environmental data and the second machine-readable identifier.
- View Dependent Claims (6, 7, 8, 9, 10, 11, 12)
- - 6. The system of claim 5, wherein the first machine-readable identifier comprises a visual identifier.
  - 7. The system of claim 5, wherein the environmental data corresponds to ambient audio captured from the environment, and wherein when executed the verification application further causes the at least one computing device to at least compare the ambient audio with reference ambient audio associated with the first machine-readable identifier to verify the authenticity of the first machine-readable identifier.
  - 8. The system of claim 5, wherein the environmental data corresponds to a determined location, and wherein when executed the verification application further causes the at least one computing device to at least compare the determined location with a reference location associated with the first machine-readable identifier to verify the authenticity of the first machine-readable identifier.
  - 9. The system of claim 5, wherein the environmental data corresponds to an image of an area adjacent to the first machine-readable identifier, and wherein when executed the verification application further causes the at least one computing device to at least compare the image with reference image data associated with the first machine-readable identifier to verify the authenticity of the first machine-readable identifier.
  - 10. The system of claim 5, wherein the environmental data corresponds to an image of an area adjacent to the first machine-readable identifier, wherein when executed the verification application further causes the at least one computing device to at least recognize text contained within the image, and verify the authenticity of the first machine-readable identifier based at least in part on the text.
  - 11. The system of claim 10, wherein when executed the verification application further causes the at least one computing device to at least compare the text with reference text associated with the first machine-readable identifier to verify the authenticity of the first machine-readable identifier.
  - 12. The system of claim 10, wherein when executed the verification application further causes the at least one computing device to at least compare a characteristic of the text with an internal characteristic of the first machine-readable identifier to verify the authenticity of the first machine-readable identifier.

13. A method, comprising:
- sending, via at least one of the one or more computing devices, a verification request for a machine-readable identifier to a trusted authority, the verification request including image data comprising the machine-readable identifier and a verifying identifier, wherein the machine-readable identifier is a first type of optical code and the verifying identifier is a second type of optical code;
  
  receiving, via at least one of the one or more computing devices, a result of the verification request from the trusted authority; and
  
  performing, via at least one of the one or more computing devices, an action with respect to the machine-readable identifier based at least in part on the result of the verification request.
- View Dependent Claims (14, 15, 16, 17, 18, 19)
- - 14. The method of claim 13, further comprising:
    - determining, via at least one of the one or more computing devices, a cryptographic signature included in the machine-readable identifier; and
      
      generating, via at least one of the one or more computing devices, the verification request based at least in part on the cryptographic signature.
  - 15. The method of claim 13, further comprising:
    - determining, via at least one of the one or more computing devices, a current location; and
      
      generating, via at least one of the one or more computing devices, the verification request based at least in part on the current location.
  - 16. The method of claim 13, further comprising:
    - capturing, via at least one of the one or more computing devices, ambient audio; and
      
      encoding, via at least one of the one or more computing devices, at least one characteristic of the ambient audio in the verification request.
  - 17. The method of claim 13, wherein performing the action further comprises launching, via at least one of one or more computing devices, a uniform resource locator (URL) embodied in the machine-readable identifier in response to the machine-readable identifier being authentic.
  - 18. The method of claim 13, wherein performing the action further comprises refraining from launching, via at least one of the one or more computing devices, a uniform resource locator (URL) embodied in the machine-readable identifier in response to the machine-readable identifier being not authentic.
  - 19. The method of claim 13, wherein performing the action further comprises generating, via at least one of the one or more computing devices, an alert in response to the machine-readable identifier being not authentic.

20. A system, comprising:
- at least one computing device; and
  
  a trusted authority executed in the at least one computing device that causes the at least one computing device to at least;
  
  in response to receiving from a client a verification request for a machine-readable identifier, verify an authenticity of the machine-readable identifier based at least in part on a verifying identifier, wherein the machine-readable identifier is a first type of optical code and the verifying identifier is a second type of optical code; and
  
  report the authenticity of the machine-readable identifier to the client.
- View Dependent Claims (21, 22, 23)
- - 21. The system of claim 20, wherein when executed the trusted authority further causes the at least one computing device to at least verify a cryptographic signature included in the machine-readable identifier to verify the authenticity of the machine-readable identifier.
  - 22. The system of claim 20, wherein when executed the trusted authority further causes the at least one computing device to at least capture environmental data that comprises at least one of:
    - image data, ambient audio data, location data, or magnetic direction data to verify the authenticity of the machine-readable identifier.
  - 23. The system of claim 22, wherein when executed the trusted authority further causes the at least one computing device to at least:
    - determine a confidence score based at least in part on a measure of quality of the environmental data; and
      
      determine the authenticity of the machine-readable identifier by comparing the confidence score with an authenticity threshold.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Amazon Technologies, Inc. (Amazon.com, Inc.)
Original Assignee
Amazon Technologies, Inc. (Amazon.com, Inc.)
Inventors
Joshi, Preyas, Canavor, Darren Ernest, Hitchcock, Daniel Wade, Johansson, Jesper Mikael, McClintock, Jon Arron, Roth, Gregory Branchek
Primary Examiner(s)
Homayounmehr, Farid
Assistant Examiner(s)
Bucknor, Olanrewaju J.

Application Number

US14/658,276
Time in Patent Office

1,457 Days
Field of Search

None
US Class Current
CPC Class Codes

H04L 2463/082   applying multi-factor authe...

H04L 63/107   wherein the security polici...

H04L 63/123   received data contents, e.g...

Verifying authenticity of machine-readable identifiers

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

34 Citations

23 Claims

Specification

Solutions

Use Cases

Quick Links

Verifying authenticity of machine-readable identifiers

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

34 Citations

23 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links