PRODUCT AUTHENTICATION SYSTEM

US 20100019026A1
Filed: 04/05/2007
Published: 01/28/2010
Est. Priority Date: 04/07/2006
Status: Abandoned Application

First Claim

Patent Images

1. A system for authenticating articles comprising:

an authentication manager for managing authentication information associated with the articles;

a plurality of secure taggant reader instruments for reading machine readable taggants associated with the articles, the taggants including the authentication or related information, and an instrument configuration manager for secure on-line configuration of the instruments, wherein the taggant reader instruments are operable to securely process and send authentication information derived from a taggant to the authentication manager and the authentication manager is operable to use the received authentication information to identify suspicious events.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A system for authenticating articles comprising: an authentication manager for managing authentication information associated with the articles; a plurality of secure taggant reader instruments for reading machine readable taggants associated with the articles, the taggants including the authentication or related information, and an instrument configuration manager for secure on-line configuration of the instruments. Each taggant reader instrument is operable to securely process and send authentication information derived from a taggant to the authentication manager. The authentication manager uses the received authentication information to identify suspicious events. When suspicious events are detected, the instrument configuration manager is able to reconfigure at least some of the taggant reader instruments. Reconfiguration may also happen in the event of a product recall and/or taggant security compromise.

34 Citations

View as Search Results

57 Claims

1. A system for authenticating articles comprising:
- an authentication manager for managing authentication information associated with the articles;
  
  a plurality of secure taggant reader instruments for reading machine readable taggants associated with the articles, the taggants including the authentication or related information, and an instrument configuration manager for secure on-line configuration of the instruments, wherein the taggant reader instruments are operable to securely process and send authentication information derived from a taggant to the authentication manager and the authentication manager is operable to use the received authentication information to identify suspicious events.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36)
- - 2. A system as claimed in claim 1 wherein the instrument configuration manager is operable to reconfigure at least some of the taggant reader instruments in response to one or more of the following:
    - identification of suspicious events;
      
      a product recall;
      
      comprise of any aspect of security;
      
      compromise of taggant security;
      
      taggant up-date;
      
      change in any on-board taggant reader process;
      
      change in any instrument based cryptographic key.
  - 3. A system as claimed in claim 1 wherein the instrument configuration manager is operable to configure one or more of the following taggant reader functions:
    - type of taggant to scan;
      
      the order in which features are to be scanned;
      
      the type of processing to use to determine authentication information;
      
      where more than two taggants are on the article, which combination of taggants is to be used;
      
      the status and/or identity of the person authorised to use the reader;
      
      one or more cryptographic keys for use in the taggant reader instruments in accordance with a key management scheme.
  - 4. A system as claimed in claim 1 wherein a record of a taggant reader'"'"'s configuration is stored as a function of time, so that a complete record of the reader'"'"'s status and functionality is retained.
  - 5. A system as claimed in claim 1 wherein at least one of the taggant readers is operable to determine the authenticity of an article using information read from the machine readable taggant and the authentication information sent to the authentication manager is indicative of the determined authenticity.
  - 6. A system as claimed in claim 1 wherein the authentication information sent to the authentication manager allows the authentication manager to determine authenticity of the article.
  - 7. A system as claimed in claim 1 where the authentication information includes an indication of the time of capture of the taggant information and/or the person responsible for the reader at the time of capture.
  - 8. A system as claimed in claim 1 wherein at least one taggant reader, preferably all the taggants readers, includes at least one tamper resistant secure application module for controlling the processing of sensitive information and/or communication of sensitive information to and from the taggant reader and/or authenticating users.
  - 9. A system as claimed in claim 1 wherein the instrument configuration manager is operable to configure or reconfigure instruments individually and/or in designated groups and/or all simultaneously and/or after a designated period of time.
  - 10. A system as claimed in claim 1, wherein the or each instrument is configured to communicate with the authentication manager via the internet.
  - 11. A system as claimed in claim 1, wherein at least one of the taggant readers include means for generating taggants to be applied to articles to be authenticated.
  - 12. A system as claimed in claim 11 wherein the instrument configuration manager is operable to determine the taggants that are to be applied and send control signals to the taggant reader instruments to ensure that the determined taggant is applied.
  - 13. A system as claimed in claim 1, wherein at least one of taggant readers comprises a plurality of instrument heads, each head being formed and arranged for scanning and/or detecting a different type of taggant.
  - 14. A system as claimed in claim 13, wherein one or more of said instrument heads is replaceable.
  - 15. A system as claimed in claim 13, wherein a common interface is provided to allow communication of data in a common format between the taggant readers and the authentication manager, so that the system is independent of the taggant technology used.
  - 16. A system as claimed in claim 15 wherein the common interface is provided in each taggant reader.
  - 17. A system as claimed in claim 15 wherein the common interface is provided remotely of the taggant reader.
  - 18. A system as claimed in claim 1, wherein the taggant readers are configured to read inherent features of the articles to be authenticated, which features are used as machine readable taggants.
  - 19. A system as claimed in claim 1, the taggant readers are located at different physical locations.
  - 20. A system as claimed in claim 1 comprising a trust management system for ensuring security in all communications between the instruments, the instrument configuration manager and the authentication manager.
  - 21. A system as claimed in claim 20, wherein the trust management system is distributed and each taggant reader includes an agent of the trust management system for securing all communications between the taggant readers, the authentication manager and the instrument configuration manager.
  - 22. A system as claimed in claim 20, wherein the trust management agent is configured to encrypt or sign communications between the taggant reader and the authentication manager.
  - 23. A system as claimed in claim 1, wherein each taggant reader is capable of operating in an online state and/or an offline state.
  - 24. A system as claimed in claim 1 comprising means for tracking interactions with the system of personnel responsible for handling said articles.
  - 25. A system as claimed in claim 24, wherein said means for tracking interactions comprises user input means for obtaining user identification information physically associated with a user of the system.
  - 26. A system as claimed in claim 25, wherein said user input means comprises barcode scanning means.
  - 27. A system as claimed in claim 25, wherein said user input means comprises one or more of the following:
    - SMART card/chip reader means;
      
      token reader means;
      
      biometric scanning equipment;
      
      a user input keypad.
  - 28. A system as claimed in claim 25, wherein said user input means comprises a plurality of user input means for location at different physical locations.
  - 29. A system as claimed in claim 25, wherein the or each said user input means is provided in the same instrument as the or each said taggant reader means.
  - 30. A system as claimed in claim 1 comprising means for comparing input user identification information with user authentication data stored in the authentication manager, whereby a user can be authenticated.
  - 31. A system as claimed in claim 1 comprising a trust management system (TMS) having a plurality of functional modules comprising a brand registration and administration module configured to allow operational data to be entered;
    - a brand owner key management sub-system configured to allow brand owner article identification information and/or verification key information to be entered and amended in the database means;
      
      a brand owner key management sub-system configured to enable brand owners to authorise and authenticate personnel who handle articles to be authenticated, and to verify event records generated and/or signed by said personnel;
      
      a system administration module configured to provide information on the status of the database means and/or content of the database means; and
      
      an authentication sub-system module configured to provide authentication functions and security functions.
  - 32. A system as claimed claim 1 comprising means for detecting one or more different alert states.
  - 33. A system as claimed in claim 32 wherein the means for detecting an alert are located at and/or remotely from the taggant reader.
  - 34. A system as claimed in claim 33 configured to perform a predetermined action upon detection of an alarm signal.
  - 35. A system as claimed in claim 33 wherein upon detection of an alarm signal, the instrument configuration manager reconfigures at least the taggant reader at which the alarm was detected.
  - 36. A system as claimed in claim 35, wherein the taggant reader is reconfigured to read a different type of taggant and/or a different taggant feature associated with the articles being authenticated.

37. A method of authenticating articles comprising the steps of:
- storing authentication information relating to the articles;
  
  reading machine readable taggants physically associated with said articles;
  
  extracting generic authentication information from taggant technology specific data read from said machine readable taggants; and
  
  comparing said extracted generic authentication information with said stored authentication information, so as to determine whether said articles are authentic or not, whereby a multiplicity of different taggant reader means utilising different taggant technologies may be used for reading respective different types of taggants.

38. A system for authenticating articles that bear one or more machine readable taggants comprising:
- management means for managing authentication information relating to the articles; and
  
  means for receiving data from a plurality of different taggant readers operable to read different taggants or types of taggants and means for providing the data from the multiple reader devices to the management means in a generic or common format.
- View Dependent Claims (39, 40, 41, 42, 43, 44, 45, 46, 47, 48, 49, 50, 51)
- - 39. A system as claimed in claim 38 wherein the means for providing information in a common or generic format are provided in at least one of the taggant readers.
  - 40. A system as claimed in claim 39 wherein means for providing information in a common or generic format are provided at an interface with the management means, so that data received from the taggant readers is converted into the common format.
  - 41. A system as claimed in claim 38 wherein at least one reader is operable to authenticate a taggant and provide generic information that is indicative of whether the taggant is authentic.
  - 42. A system as claimed in claim 38, wherein at least one reader is operable to provide information that allows the management means to determine whether a read taggant is authentic.
  - 43. A system as claimed in claim 38, wherein each reader includes a secure application module (SAM) and all messages sent to the management means are secured using the SAM.
  - 44. A system as claimed in claim 38, wherein the management means includes a tamper resistant security module and all messages sent to the readers are secured using the tamper resistant security module.
  - 45. A system as claimed in claim 38, wherein the management means are operable to send configuration information to the readers, which configuration information is for use in controlling one or more of the following reader functions:
    - type of taggant to scan;
      
      the order in which features are to be scanned;
      
      the type of processing to use to determine the authentication information;
      
      where more than two taggants are on the article, which combination of taggants is to be used.
  - 46. A system as claimed in claim 45 wherein the management means is operable to reconfigure the reader as and when desired.
  - 47. A taggant reader for use in the system of claim 38 arranged to read taggant specific information from a machine readable taggant;
    - process the taggant specific information to provide authentication information in a generic or common form and transmit the generic or common form information to the management means.
  - 48. A taggant reader as claimed in claim 47 that is operable to provide generic information that is indicative of whether a read taggant is authentic.
  - 49. A taggant reader as claimed in claim 47 that is operable to provide generic information that allows the management means to determine whether a read taggant is authentic.
  - 50. A taggant reader as claimed in claim 47 including a secure application module (SAM).
  - 51. A taggant reader as claimed in claim 50 wherein communications with the management means are secured using the SAM.

52. A taggant reader for reading taggant specific information from one or more different machine readable taggants, the reader being operable to process the read information to provide authentication information, wherein the reader is reconfigurable to read one or more different taggants and/or to use one or more different processes for processing the read information.

53. An authentication system for authenticating articles that bear one or more machine readable taggants, the system comprising management means for managing the operational state or configuration of a plurality of machine readable taggant instruments, for example a taggant reader and/or taggant writer, wherein the management means is operable to send to one or more of the instruments configuration or control instructions for implementing an on-board process, for example a taggant authentication process.
- View Dependent Claims (54, 55, 56)
- - 54. An authentication system as claimed in claim 53 wherein the management means is configured to download different configuration data to different ones of said plurality of taggant instruments.
  - 55. An authentication system as claimed in claim 53 wherein configuration data depends on requirements detected by the system in the field, during use of the system.
  - 56. An authentication system as claimed in claim 53 wherein the article to be authenticated bears two or more taggants and the configuration or control instructions are operable to cause the reader to read a particular one of the taggants.

57. A system for authenticating articles using information received from a plurality of taggant reader instruments, the taggant reader instruments being operable to read machine readable taggants associated with the articles, the taggants including the authentication or related information, the system comprising:
- an authentication manager for managing authentication information associated with the articles, and an instrument configuration manager for secure on-line configuration of the instruments, wherein the authentication manager is operable to use the authentication information received from the taggant reader instruments to identify suspicious events and the instrument configuration manager is operable to reconfigure on-line at least some of the taggant reader instruments when such suspicious events are identified.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
ITI Scotland Limited (Scottish Government)
Original Assignee
ITI Scotland Limited (Scottish Government)
Inventors
Todd, Stephen, MacLauchlan, Ken, Tribe, Raglan, Connor, Paul, McSpadden, Stephen, Hochfield, Barry

Application Number

US12/296,278
Publication Number

US 20100019026A1
Time in Patent Office

Days
Field of Search
US Class Current

235/375
CPC Class Codes

G06F 21/35   communicating wirelessly

G06F 21/554   involving event detection a...

G06Q 10/08   Logistics, e.g. warehousing...

H04L 2209/805   Lightweight hardware, e.g. ...

H04L 9/32   including means for verifyi...

PRODUCT AUTHENTICATION SYSTEM

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

34 Citations

57 Claims

Specification

Solutions

Use Cases

Quick Links

PRODUCT AUTHENTICATION SYSTEM

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

34 Citations

57 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links