AUTHENTICATION OF PACKAGED PRODUCTS

US 20190367239A1
Filed: 05/29/2018
Published: 12/05/2019
Est. Priority Date: 05/29/2018
Status: Active Grant

First Claim

Patent Images

1. A method for producing an authenticated packaged product, the method comprising:

providing on the product a security code encoding security data for the product;

packing the product in packaging;

providing a tag carrying encrypted product data on the packaging, the product data comprising the security data;

storing a decryption key for the encrypted product data at a network server;

providing on the packaging access data for accessing the decryption key at the network server;

reading, using a verifier computer having reader apparatus operatively associated therewith, the encrypted product data from the tag, wherein the product data includes a unique product identifier for the product;

receiving the security code from the product and decoding the security code to obtain the security data for the product;

receiving the access data and communicating with the network server to obtain the decryption key;

decrypting the encrypted product data using the decryption key to obtain decrypted security data;

calculating a hash of the decrypted product identifier and sending the hash to the network server for storage at the server of use data, comprising the hash with the decryption key;

receiving from the server with the decryption key any use data stored with that key;

checking whether the hash of the decrypted product identifier matches a hash in the use data; and

verifying that the decrypted security data matches the security data for the product.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Methods are provided for producing an authenticated packaged product. The method includes providing on the product a security code encoding security data for the product, packing the product in packaging, and providing a tag carrying encrypted product data on the packaging. The product data comprises the security data for the product. The method further comprises storing a decryption key for the encrypted product data at a network server, and providing on the packaging access data for accessing the decryption key at the network server. Corresponding methods and systems are provided for verifying authenticity of such an authenticated packaged product.

Citations

25 Claims

1. A method for producing an authenticated packaged product, the method comprising:
- providing on the product a security code encoding security data for the product;
  
  packing the product in packaging;
  
  providing a tag carrying encrypted product data on the packaging, the product data comprising the security data;
  
  storing a decryption key for the encrypted product data at a network server;
  
  providing on the packaging access data for accessing the decryption key at the network server;
  
  reading, using a verifier computer having reader apparatus operatively associated therewith, the encrypted product data from the tag, wherein the product data includes a unique product identifier for the product;
  
  receiving the security code from the product and decoding the security code to obtain the security data for the product;
  
  receiving the access data and communicating with the network server to obtain the decryption key;
  
  decrypting the encrypted product data using the decryption key to obtain decrypted security data;
  
  calculating a hash of the decrypted product identifier and sending the hash to the network server for storage at the server of use data, comprising the hash with the decryption key;
  
  receiving from the server with the decryption key any use data stored with that key;
  
  checking whether the hash of the decrypted product identifier matches a hash in the use data; and
  
  verifying that the decrypted security data matches the security data for the product.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 12, 15, 16, 17)
- - 2. A method as claimed in claim 1 including storing descriptive data, relating to the product, with said decryption key at the network server.
  - 3. A method as claimed in claim 1 wherein the security code is embedded in the product.
  - 4. A method as claimed in claim 3 wherein the security code comprises a pattern of spots.
  - 5. A method as claimed in claim 1 wherein the product data includes a unique product identifier for the product.
  - 6. A method as claimed in claim 1 wherein said packaging comprises product packaging and a container, the method further including:
    - packing the product in the product packaging and providing the tag on the product packaging; and
      
      packing the product in the container with a plurality of other products, each having a respective said security code thereon and each packed in respective product packaging having thereon a respective said tag carrying encrypted product data which is decryptable using said decryption key;
      
      wherein said access data comprises a container identifier for said container and said product data includes a passphrase which is common to the product data of all products in the container, and wherein the method further comprises storing a hash of the passphrase with said decryption key at the network server for said container identifier.
  - 7. A method as claimed in claim 1 wherein said access data comprises a URL.
  - 8. A method as claimed in claim 1 wherein said access data is carried by the tag.
  - 9. A method as claimed in claim 2 wherein the tag comprises a printed tag.
  - 10. A method as claimed in claim 4 wherein the product comprises a medical test device.
  - 12. A method as claimed in claim 1 wherein descriptive data, relating to the product, is stored with the decryption key at the network server, the method including receiving the descriptive data from the network server with the decryption key, and displaying the descriptive data to a user.
  - 15. The method of claim 6 further comprising using a verifier computer having reader apparatus operatively associated therewith to:
    - receive said access data and communicating with said network server to obtain said decryption key and said hash of the passphrase for said container identifier;
      
      read, via said reader apparatus, said encrypted product data from the tag;
      
      decrypt the encrypted product data using the decryption key to obtain a decrypted passphrase and decrypted security data;
      
      calculate a hash of the decrypted passphrase, and verifying that the calculated hash matches the hash obtained from the server;
      
      receive said security code from the product and decoding the security code to obtain said security data for the product; and
      
      verify that the decrypted security data matches said security data for the product.
  - 16. A method as claimed in claim 15 including storing the decryption key and said hash of the passphrase obtained from the server for verifying authenticity of other said products in the container.
  - 17. A method as claimed in claim 15 wherein descriptive data, relating to the product, is stored with the decryption key at the network server, the method including receiving the descriptive data from the network server with the decryption key, and displaying the descriptive data to a user.

11. (canceled)

13. (canceled)

14. (canceled)

18. A system for verifying authenticity of a packaged product, the system comprising a server storing a decryption key, and a verifier computer, having reader apparatus operatively associated therewith, are operable for communication with the server via a network, wherein:
- the packaged product comprises;
  
  a security code on the product and encoding security data for the product;
  
  a packaging;
  
  a tag carrying encrypted product data on the packaging, the product data comprising the security data;
  
  a decryption key for the encrypted product data stored at a network server; and
  
  access data on the packaging for accessing the decryption key at the network server;
  
  the verifier computer is adapted to read, via the reader apparatus, the encrypted product data from the tag, wherein the product data includes a unique product identifier for the product, to receive the security code from the product and decode the security code to obtain the security data for the product, and to receive the access data and use the access data to send an access request for the decryption key to the server via the network;
  
  the server is adapted, in response to the access request, to send the decryption key to the verifier computer via the network; and
  
  the verifier computer is further adapted to decrypt the encrypted product data using the decryption key to obtain decrypted security data, to calculate a hash of the decrypted product identifier and to send the hash to the network server for storage at the server of use data, comprising the hash with the decryption key, to receive from the server with the decryption key any use data stored with that key, to check whether the hash of the decrypted product identifier matches a hash in the use data; and
  
  to verify that the decrypted security data matches the security data for the product.

19. A packaged product comprising:
- a security code on the product, the security code encoding security data for the product;
  
  a tag carrying encrypted product data on the packaging, the product data comprising said security data; and
  
  access data, for accessing a decryption key for the encrypted product data at a network server storing the decryption key, on the packaging.
- View Dependent Claims (20, 21, 22, 23, 24, 25)
- - 20. A packaged product as claimed in claim 19 wherein the security code is embedded in the product.
  - 21. A packaged product as claimed in claim 20 wherein the security code comprises a pattern of spots.
  - 22. A packaged product as claimed in claim 20 wherein the product comprises a medical test device, and wherein the security code comprises a pattern of spots embedded in the test device.
  - 23. A packaged product as claimed in claim 20 wherein the product data includes a unique product identifier for the product.
  - 24. A packaged product as claimed in claim 20 wherein said access data comprises a URL carried by the tag.
  - 25. A packaged product as claimed in claim 20 wherein said packaging comprises product packaging and a container, and wherein:
    - the product is packed in the product packaging and the tag is provided on the product packaging;
      
      the product is packed in the container with a plurality of other products, each having a respective said security code thereon and each packed in respective product packaging having thereon a respective said tag carrying encrypted product data which is decryptable using said decryption key; and
      
      said access data comprises a container identifier for said container and said product data includes a passphrase common to the product data of all products in the container, a hash of the passphrase being stored with said decryption key at said network server for said container identifier.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
International Business Machines Corporation
Original Assignee
International Business Machines Corporation
Inventors
Camenisch, Jan L., Delamarche, Emmanuel, Freire Stogbuchner, Eduarda, Gokce, Onur

Granted Patent

US 10,640,273 B2
Time in Patent Office

Days
Field of Search
US Class Current
CPC Class Codes

B65D 79/02   Arrangements or devices for...

G06K 19/06037   multi-dimensional coding

G06K 7/10861   sensing of data fields affi...

H04L 9/0894   Escrow, recovery or storing...

H04L 9/0897   involving additional device...

H04L 9/3226   using a predetermined code,...

H04L 9/3236   using cryptographic hash fu...

AUTHENTICATION OF PACKAGED PRODUCTS

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

25 Claims

Specification

Solutions

Use Cases

Quick Links

AUTHENTICATION OF PACKAGED PRODUCTS

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

25 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links