System and apparatus for controlled production of a secure identification card
First Claim
1. Apparatus for producing an identification card, comprising:
- a) means for scanning an object or other entity to produce a first signal representative of an image of said object or other entity;
b) means for printing said image on a first portion of said identification card;
c) means for encrypting a second signal comprising a representation of at least a portion of said image, said second signal being derived at least in part from said first signal;
d) means for incorporating a coded representation of said encrypted second signal into a second portion of said identification card; and
e) means for controlling said apparatus, said controlling means further comprising;
e1) rechargeable means for limiting the number of identification cards which can be produced until said rechargeable means is recharged; and
e2) means for communicating with a remote data processing center to enable recharging of said rechargeable means;
whereinf) said second signal is encrypted using an encryption key, Ei, for a public key encryption system; and
wherein a decryption key, Di, is encrypted with a second encryption key, Es, for said public key encryption system to form an encrypted decryption key, Es [Di ]; and
wherein said encrypted decryption key, Es [Di ] is appended to said second signal prior to incorporation into said second portion;
g) said rechargeable means further comprises a descending register for storing said number of identification cards which may be produced by said apparatus before said rechargeable means is recharged, said descending register being decremented as said identification cards are produced;
h) said apparatus further comprises an ascending register which is incremented by an equal amount each time the descending register is decremented;
i) said rechargeable means is recharged by incrementing said descending register, whereby the sum of said ascending register and said descending register is a control sum representative of the total amount by which said rechargeable means has been charged since said apparatus was initialized;
j) said control means stores a communication key and said remote data processing center stores an identical communications key, and wherein said control means further comprises;
j1) means for encrypting a message;
said message including data derived from the current state of said control means and a serial number for said apparatus;
j2) means for controlling said communications means to send said message to said remote data processing center and to receive a reply message, said reply message including a recharge amount and being encrypted with said communications key; and
j3) means for decrypting said reply message and incrementing said descending register by said recharge amount; and
,k) said reply message further includes a new encrypted decryption key Es [Di '"'"'], said control means replacing said key Es [Di ] with said new key, Es [Di '"'"'], for identification cards produced subsequent to recharge of said rechargeable means.
1 Assignment
0 Petitions
Accused Products
Abstract
An identification card and system and apparatus for producing and authenticating such an identification card in a controlled manner. An object or other entity for which the identification card will evidence identity, status or characteristics is scanned to produce a digital signal a portion of which is compressed, encrypted, and coded and which is recorded on a magnetic strip on the identification card. The image is also printed or otherwise embodied onto another portion of the identification card. A text message may be appended to the signal before it is encrypted and also printed as plain text on the identification card. In one embodiment the signal representing the image is encrypted using a public key encryption system and the key is downloaded from a center. This key maybe changed from time to time to increase security. To facilitate authentication the corresponding decryption key is encrypted with another key and incorporated on the card. To validate the card the coded message is scanned, decoded, decrypted, expanded and displayed. The card may then be authenticated by comparison of the displayed representation stroboscopically superimposed on the image and the displayed text message with the image and text message printed on the card. A remote data processing center communicates with the apparatus to control and account for production of the cards. In one embodiment the key for encrypting the image is changed each time the data processing center communicates with the apparatus.
182 Citations
6 Claims
-
1. Apparatus for producing an identification card, comprising:
-
a) means for scanning an object or other entity to produce a first signal representative of an image of said object or other entity; b) means for printing said image on a first portion of said identification card; c) means for encrypting a second signal comprising a representation of at least a portion of said image, said second signal being derived at least in part from said first signal; d) means for incorporating a coded representation of said encrypted second signal into a second portion of said identification card; and e) means for controlling said apparatus, said controlling means further comprising; e1) rechargeable means for limiting the number of identification cards which can be produced until said rechargeable means is recharged; and e2) means for communicating with a remote data processing center to enable recharging of said rechargeable means;
whereinf) said second signal is encrypted using an encryption key, Ei, for a public key encryption system; and
wherein a decryption key, Di, is encrypted with a second encryption key, Es, for said public key encryption system to form an encrypted decryption key, Es [Di ]; and
wherein said encrypted decryption key, Es [Di ] is appended to said second signal prior to incorporation into said second portion;g) said rechargeable means further comprises a descending register for storing said number of identification cards which may be produced by said apparatus before said rechargeable means is recharged, said descending register being decremented as said identification cards are produced; h) said apparatus further comprises an ascending register which is incremented by an equal amount each time the descending register is decremented; i) said rechargeable means is recharged by incrementing said descending register, whereby the sum of said ascending register and said descending register is a control sum representative of the total amount by which said rechargeable means has been charged since said apparatus was initialized; j) said control means stores a communication key and said remote data processing center stores an identical communications key, and wherein said control means further comprises; j1) means for encrypting a message;
said message including data derived from the current state of said control means and a serial number for said apparatus;j2) means for controlling said communications means to send said message to said remote data processing center and to receive a reply message, said reply message including a recharge amount and being encrypted with said communications key; and j3) means for decrypting said reply message and incrementing said descending register by said recharge amount; and
,k) said reply message further includes a new encrypted decryption key Es [Di '"'"'], said control means replacing said key Es [Di ] with said new key, Es [Di '"'"'], for identification cards produced subsequent to recharge of said rechargeable means. - View Dependent Claims (2, 3)
-
-
4. A system for producing an identification card comprising:
-
a) an authenticating apparatus, said authenticating apparatus further comprising; a1) means for scanning an object or other entity to produce a first signal representative of an image of said object or other entity; a2) means for printing said image on a first portion of said identification card; a3) means for encrypting a second signal comprising a representation of at least a portion of said image, said second signal being derived at least in part form said first signal; a4) means for incorporating a coded representation of said encrypted signal into a second portion of said identification card; and
,a5) means for controlling said apparatus, said controlling means further comprising rechargeable means for limiting the number of identification cards which can be produced until said rechargeable means is recharged; b) a remote data processing center; c) communications means for communicating information between said remote data processing center and said authenticating apparatus;
wherein,d) said remote data processing center is responsive to apparatus information representative of the state of said apparatus to send reply information to said apparatus; e) said apparatus is responsive to said reply information to recharge said rechargeable means; f) said second signal is encrypted using an encryption key, Ei, for a public key encryption system; and
wherein a decryption key, Di, is encrypted with a second encryption key, Es, for said public key encryption system to form an encrypted decryption key, Es [Di ]; and
wherein said encrypted decryption key, Es [Di ] is appended to said second signal prior to incorporation into said second portion;g) said rechargeable means further comprises a descending register for storing said number of identification cards which may be produced by said apparatus before said rechargeable means is recharged, said descending register being decremented as said identification cards are produced; h) said system further comprises an ascending register which is incremented by an equal amount each time the descending register is decremented; i) said rechargeable means is recharged by incrementing said descending register, whereby the sum of said ascending register and said descending register is a control sum representative of the total amount by which said rechargeable means has been charged since said apparatus was initialized; j) said control means stores a communication key and said remote data processing center stores an identical communications key, and wherein said control means further comprises; j1) means for encrypting a message;
said message including said state information, and a serial number for said apparatus;j2) means for controlling said communications means to send said message to said remote data processing center and to receive a reply message, said reply message including said reply information, said reply information including a recharge amount and being encrypted with said communications key; and j3) means for decrypting said reply message and incrementing said descending register by said recharge amount; and
,k) said reply message further includes a new encrypted decryption key Es [Di '"'"'], said control means replacing said key Es [Di ] with said new key, Es [Di '"'"'], for identification cards produced subsequent to recharge of said rechargeable means. - View Dependent Claims (5, 6)
-
Specification