[go: up one dir, main page]
More Web Proxy on the site http://driver.im/

WO2001018677A2 - System and method for verifying authenticity of products using networks - Google Patents

System and method for verifying authenticity of products using networks Download PDF

Info

Publication number
WO2001018677A2
WO2001018677A2 PCT/US2000/024415 US0024415W WO0118677A2 WO 2001018677 A2 WO2001018677 A2 WO 2001018677A2 US 0024415 W US0024415 W US 0024415W WO 0118677 A2 WO0118677 A2 WO 0118677A2
Authority
WO
WIPO (PCT)
Prior art keywords
identification indicia
product
product identification
indicia
network
Prior art date
Application number
PCT/US2000/024415
Other languages
French (fr)
Other versions
WO2001018677A8 (en
Inventor
Frank A. Doljack
Mark C. Nicely
Rodney Derbyshire
Original Assignee
Assure Systems, Inc.
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Assure Systems, Inc. filed Critical Assure Systems, Inc.
Priority to EP00968335A priority Critical patent/EP1222595A2/en
Priority to CA002382874A priority patent/CA2382874A1/en
Priority to AU78270/00A priority patent/AU7827000A/en
Publication of WO2001018677A2 publication Critical patent/WO2001018677A2/en
Publication of WO2001018677A8 publication Critical patent/WO2001018677A8/en

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q30/00Commerce
    • G06Q30/06Buying, selling or leasing transactions

Definitions

  • the present invention relates generally to a system and method for verifying the authenticity of goods purchased or offered for sale over a network such as the Internet.
  • Another prior art solution includes establishing an escrow account in which the product ownership is not transferred until the escrow terms are satisfied. Such a scheme, however, requires a third party escrow agent which complicates and raises the cost of the transaction. In addition, such a solution does not appreciate that the product may be out of the manufacturer's close control and thus may not provide the manufacturer with sufficient protection.
  • Fraud in e-commerce adversely affects all parties in the commerce chain.
  • e-commerce fraud negatively impacts the consumer or end purchaser because the consumer pays a brand name price for a fraudulent good or product that fails to meet the anticipated quality and/or style standard associated with the brand name product.
  • Fraud also hurts the manufacturers of luxury or brand name goods because such fraud (particularly via counterfeit knock-offs) tarnish the goodwill and reputation associated with the brand name.
  • fraud directly impacts the sales of the manufacturer (even if the end consumer is unconcerned about the bogus nature of the goods), since each improper transaction reflects a lost sale of the authentic product.
  • Manufacturers are also vulnerable to "gray market goods.” For example, in some cases the brand name owner hires contract manufacturers to manufacture the goods according to particular specifications.
  • gray market goods may not negatively impact the end consumer, but such goods are unauthorized and are typically sold through different distribution channels (whether via e-commerce or more traditional channels). Such unauthorized sales negatively impact the exclusivity of the product which is desirable in certain high-end products and do not accrue to the brand name owner.
  • the manufacturer may be further damaged by the diversion of products from predetermined distribution channels. Due to various marketing and promotional arrangements, certain goods may be distributed through exclusive distribution channels.
  • the present invention relates to a system and method of authenticating goods sold over a network such as the Internet.
  • the present invention provides authentication of goods by associating a product identification indicia with the goods to be sold via the network. Either at the time of purchase or upon receipt of the purchased product, the goods are authenticated by communicating the associated product identification indicia to an authentication device.
  • the authentication device includes an authentication database which determines whether the product is authentic using the product identification indicia and communicates the determination to the purchaser.
  • the concept of a "sale” means a sale in the traditional sense as well as in the sense of the definition of the Uniform Commercial Code (UCC).
  • a sale may be an actual sale, a lease, or some other event, for example, in which one party receives something of value from another.
  • the authentication is performed via the same network in which the product was purchased.
  • the authentication device is an authentication server.
  • the purchaser communicates the product identification indicia to the authentication server, wherein the server checks the indicia against a secure database to determine whether the indicia is valid.
  • the server preferably performs another authentication step by determining whether the valid indicia has been previously used (e.g., a duplicate). Upon completion of the verification, the authentication server transmits the authenticity determination to the purchaser over the network, thereby providing authentication in near real-time.
  • the product identification indicia comprises a two-part encrypted combination code having a non-random portion and a random portion.
  • the non- random portion Upon being decrypted, the non- random portion provides an easily verifiable indication of validity, for example, comprising a distinct word (e.g., a brand name, alphanumeric character string, etc.) that easily identifies the source of the goods (e.g., LEVIS). Therefore, if upon decryption, the expected non-random portion is not reproduced, the product identification indicia is invalid, thus indicating, for example, that the product is either a counterfeit or a gray market good.
  • the random portion of the combination code preferably is unique, that is, one of a kind.
  • the authentication server compares the random portion to a list of previously used codes or a master list. If a match is found or it is determined that the code has been used previously, the combination code is a duplicate, thus indicating an improper activity.
  • the product identification indicia comprises a unique image, for example, a two-dimensional bar code.
  • the unique image associated with the purchased product is downloaded by the purchaser and stored.
  • the image associated with the product is compared to the stored image, either visually or using image processing techniques. Using the comparison, the authenticity of the purchased product is determined.
  • a further authentication step may be taken by capturing the image associated with the received product, for example, using a scanner or a digital camera, and transmitting the image to the authentication server.
  • the server compares the transmitted image to a database of used images.
  • product identification indicia are associated with goods to be sold via the network and all such product identification indicia are displayed over the same network to manufacturers of the goods which are offered for sale to purchasers by the seller. Whereas in other aspects of this invention a purchaser downloads or views the indicia of a single product that he purchases, the manufacturers are provided all of the indicia to view which are associated with the particular goods presently for sale by the seller.
  • the manufacturer inspects the goods by communicating the product identification indicia to an authentication server, which may be connected to the same network with which the manufacturer inspects the product identification indicia, or may be separate therefrom.
  • the authentication server determines whether the indicia are valid and sends a response back to the manufacturer.
  • the determination of validity includes the authentication server analyzing if the indicia for goods which are presented for sale by the seller were originally authorized by the manufacturer.
  • a method of authenticating goods for sale over a network includes associating identification indicia with one or more goods to be sold over the network, purchasing over the network a good having identification indicia associated therewith, analyzing the identification indicia with the purchased good upon receipt of the purchased good.
  • a method of authenticating goods for sale over a network includes associating identification indicia with one or more goods to be sold over a network, initiating a transaction to purchase over the network a good having an associated identification indicia, and communicating the associated identification indicia to an authentication device for authentication.
  • a method of checking/monitoring sales transactions made over a network of products having identification indicia includes obtaining product identification indicia of products sold, and determining from the product identification indicia at least one of authenticity, authorization of the seller to sell the product, and vendor identity.
  • a method of diversion tracking of goods includes from a compilation of product identification indicia representing both product identification information and vendor information.
  • a method of authenticating goods for sale over a network includes the steps of: associating product identification indicia with one or more products to be sold over the network; purchasing a product over the network, wherein the product has a product identification indicia associated therewith; communicating the product identification indicia to an authentication device; determining whether the communicated product identification indicia is a valid indicia using the authentication device, wherein a determination of validity indicates that the goods are authentic; and communicating the validity determination to the purchaser.
  • a method of authenticating goods for sale over a network includes the steps of: associating product identification indicia with one or more products to be sold over the network; purchasing a product over the network, wherein the product has a product identification indicia associated therewith; analyzing the product identification indicia associated with the purchased product upon receipt of the purchased product.
  • a system for authenticating sales transactions includes a data storage device for storing data representing unique identification of a product, a communication device to receive inquiries as to the authenticity of received product identification data and to transmit a signal representing authentication or not based on a comparison with the stored data.
  • a method of authenticating goods purchased over a network includes providing over the network identification indicia associated with a good, and upon receipt of a good checking the identification indicia for identity with that provided over the network.
  • a method of authenticating a product includes providing a unique image on the product or packaging, obtaining a digital image of the image, checking the digital image for authenticity.
  • a database structure for use in authenticating identification indicia associated with one or more products includes a plurality of records, the records including, a first field of data containing valid identification indicia and a second field containing a flag or other representation to identify whether a particular identification indicia in the first field was previously used.
  • a machine includes a memory and data structure stored in the memory representing identification indicia for authenticating whether or not a transaction is authentic.
  • a method for authenticating identification indicia associated with a product intended for purchase over a network includes browsing a site to select a product for purchase, initiating a comparison of identification indica associated with that product wit a database of identification indicia to determine authenticity.
  • a method for authenticating identification indicia associated with a product sold over a network includes receiving from a network data representing identification indicia, comparing the received data with stored data representing valid identification indicia and/or used identification indicia, and transmitting a signal representative of the results of the comparison.
  • a computer data transmission system for signals embodied in a network transmission includes a network transmission medium, data representation of an identification indicia associated with a product, including both a random portion and a non-random portion, and a signal representation of authenticity of the identification indicia.
  • Figure 1 is a system level diagram illustrating a client-server relationship on a network such as the Internet
  • Figure 2 is a system level diagram illustrating the network arrangement of Figure 1 and use of such a network arrangement to authenticate goods purchased over the network according to the present invention
  • Figure 3 is a flow chart diagram illustrating a method of authenticating goods purchased over a network according to an exemplary embodiment of the present invention
  • Figure 4a illustrates an encrypted two-part combination code comprising the product identification indicia according to an exemplary embodiment of the present invention
  • Figure 4b illustrates the two-part combination code of Figure 4a after being decrypted, wherein the decrypted combination code has a non-random portion and a random portion, respectively;
  • Figure 5a is a screen level diagram illustrating an exemplary vendor website page which exhibits products for sale over the Internet according to the present invention
  • Figure 5b is a screen level diagram illustrating another exemplary vendor website page which exhibits products for sale over the Internet according to the present invention
  • Figure 6 is a block diagram illustrating an exemplary database configuration for an authentication database containing valid codes and a field indicating whether the valid codes have been used previously according to an exemplary embodiment of the present invention
  • Figure 7 is a flow chart diagram illustrating a method of purchasing a product having a product identification indicia associated therewith over a network and using the indicia to determine the authenticity of the product according to an exemplary embodiment of the present invention
  • Figure 8 is a flow chart diagram illustrating a method of authenticating a product prior to purchasing such product over a network using the indicia according to an exemplary embodiment of the present invention
  • Figure 9 is a flow chart diagram illustrating a method for a manufacturer to analyze the entire list of products over a network using the indicia according to an exemplary embodiment of the present invention.
  • the present invention relates to a system and method of authenticating goods which are purchased over a computer network such as the Internet.
  • a computer network such as the Internet.
  • the present invention will be discussed in the context of retail consumer goods such as clothing, etc., it should be understood that
  • the present invention relates to a system and method of authenticating goods purchased over a computer network such as the Internet.
  • a product identification indicia is associated with each of the goods for sale.
  • the buyer Upon completing a purchase and receiving the goods, the buyer communicates the indicia to an authentication device which determines the validity and uniqueness thereof and communicates the authenticity determination back to the buyer.
  • Such authentication may be effectuated over the computer network using an authentication server or alternatively may include a separate, standalone type authentication system.
  • the present invention is further applicable to authentication determinations made prior to making a product purchase.
  • the Internet is one of many computer networks that individuals use to conduct business. Through use of such networks, individual computers communicate with one another to transfer data, transmit e-mail, etc.
  • An exemplary representation of the Internet is illustrated in Figure 1 and designated at reference numeral 10.
  • the Internet 10 consists of a collection (e.g., thousands) of interconnected, high-performance communication nodes or computers known as servers 12.
  • the servers are interconnected through a "web" of interconnections such that although all nodes are not necessarily directly interconnected (e.g., node A and node D), data can be transferred between such nodes by routing through the various interconnected nodes (e.g., connecting nodes A and D through either nodes B or C). Such routing through various nodes is typically performed according to predetermined system of interconnection communication protocols.
  • ISP Internet Service Provider
  • clients 14 may connect to the "web" with Internet connections 16.
  • Such Internet connections 16 may be provided by dedicated data lines, Personal Communication Systems (PCS), microwave links, or satellite networks, for example.
  • PCS Personal Communication Systems
  • a user who "browses" the Internet 10 at a client computer typically makes use of standard Internet protocols such as TCP/IP and HTTP.
  • TCP/IP is a common transport layer protocol used by a worldwide network of computers.
  • HTTP is a known application protocol that provides users access to files (which can be different formats such as text, graphics, images, sound, video, etc.) using a standard page description language known as Hypertext Markup Language (HTML).
  • HTML web browsers such as Netscape or Microsoft Internet Explorer allow for a graphical user interface (GUI) based access to HTML documents accessible on the servers 12 communicatively linked to the various clients 14. These documents are commonly referred to as “web pages” and a collection of such pages is commonly referred to as a "website.”
  • Figure 2 represents an exemplary portion 50 of the Internet 10 which illustrates a manufacturer 52 (or trusted party who warrants the authenticity of goods of one or more manufacturers) interfacing with a distributor 54.
  • the distributor 54 offers the manufacturer's goods for sale over the Internet 10 via a vendor website 56 which acts as a client to interface with the Internet 10 via a particular server
  • a purchaser 58 who wishes to purchase goods offered for sale over the Internet accesses the Internet 10 via a client computer 60 (e.g., a PC) and a server 12b.
  • the system further includes an authentication server 62 which is accessible via other servers 12 or may be accessed directly, as may be desired.
  • the manufacturer 52 may also access the Internet 10 via its own client computer 64, as may be desired (which will be discussed infra in accordance with an alternative embodiment of the present invention).
  • product identification indicia are generated at step 102.
  • such indicia are generated by the manufacturer or under the direction of the manufacturer and each such indicia is a unique string of alphanumeric characters that provide an indication of the source of the respective goods.
  • Such indicia may comprise a wide variety of different codes and may be written or otherwise generated in various forms, for example, as one-dimensional bar codes, etc.
  • such indicia comprise an encrypted, two- part combination code such as that disclosed in U.S. Application Serial No. 08/897,857 entitled, "Verification of Authenticity of Goods by Use of Random Numbers," which is hereby incorporated by reference in its entirety.
  • such an indicia 1 upon being encrypted (e.g., with a private key of a public/private key pair) provides a code that appears entirely random.
  • the code Upon decryption (e.g., with the corresponding public key of the public/private key pair), however, the code has two parts as illustrated in Figure 4b, a non-random portion 1 1 1 and a random portion 1 12.
  • the non-random portion 1 1 1 preferably constitutes an easily recognized code or string of characters that indicates the validity of the code. For example, if the manufacturer is Gucci, Inc., perhaps the non-random portion 111 will include the word "GUCCI".
  • the non- random portion 1 1 1 1 need not be an easily recognized code, but may be any non-random string of characters, symbols, etc.
  • the random portion 1 12 of the product identification indicia 1 10 provides a different authentication function than the non-random portion 1 1 1. While the non-random portion 1 1 1 indicates whether the indicia 1 10 is valid, the random portion 1 12 enables an inspector to establish whether the indicia 1 10 is unique (i.e. , no duplicates).
  • Each random portion 1 12 of the indicia 1 10 is decrypted and analyzed; if valid, the random portion 1 12 of the indicia is compared to a list of previously analyzed indicia or alternatively to a secure master database containing all the valid codes to determine whether such an indicia 1 10 has been previously used. If not, the code 1 10 is unique.
  • the indicia 1 10 are alphanumeric characters or a one-dimensional bar code.
  • the indicia 1 10 may comprise any form of identification indicia, for example, a two- dimensional bar code or other form of unique image. Any such product identification indicia may be utilized and is contemplated as falling within the scope of the present invention.
  • the indicia 1 10 preferably are encrypted (e.g., as described supra) and are associated with the goods which will be offered for sale over the Internet 10 at step 1 14.
  • "associating" the indicia 1 10 with the goods contemplates physically attaching or coupling the indicia to the goods via, for example, a tag or label or packing slip or invoice included in the box in which the goods are shipped.
  • the indicia 1 10 may be printed directly onto the goods using an ink type printer, a laser or other type of writing or indicia application device.
  • association includes, but is not limited to, an encoded magnetic signature, a sound signature, a light signature, etc. Any manner in which an indicia 1 10 may correspond to a particular product is contemplated by the term “associated” and is contemplated as falling within the scope of the present invention.
  • the indicia 1 10 are associated with the goods prior to being shipped to the distributor or retailer for sale over the Internet 10.
  • the indicia 1 10 may be associated with the product at the site of the distributor or retailer.
  • precautions are preferably taken to ensure such that such indicia are not stolen or copied, etc.
  • One exemplary method for securing the indicia under such circumstances is disclosed in U.S. Application Serial No. 09/342,489 entitled "Secure System for Printing Authenticating Digital Signatures,” which is hereby incorporated by reference in its entirety.
  • Association with the product at the site of the distributor or retailer may be accomplished after the product is sold. In this instance the manufacturer or trusted third party 52 will provide the indicia 1 10 and goods to the distributor 54 separately.
  • step 1 14 will be executed after step 124 and before step 126 for the particular product which is purchased. This alternative simplifies the product inventory handling.
  • the distributor or retailer "posts" or otherwise offers the goods for sale over the Internet 10 at the vendor website 56 at step 1 16.
  • Goods may be offered for sale in a multitude of different ways and each manner of providing for product purchase is contemplated as falling within the scope of the present invention.
  • One exemplary manner in which such an offer for sale takes place is illustrated in Figure 5a.
  • Figure 5a several handbags 120a and 120b are illustrated.
  • a user preferably can view the handbags 120a and 120b to determine whether the style and color meet with their product specifications.
  • the product identification indicia 1 10 associated with the goods 120a and 120b are also illustrated, although viewing the indicia prior to purchase is not necessary.
  • the indicia 1 10 associated with a particular bag may be illustrated as an icon 122 on the screen.
  • the distributor or retailer will also provide the terms of the offer for purchase, for example, the price, shipping costs, etc. If the terms of the offer meet with the buyer's approval, the buyer can indicate an acceptance of the offer by selecting (e.g., clicking with a mouse) a purchase icon which triggers a solicitation for credit information or other information to complete the transaction.
  • the distributor or retailer Upon executing the purchase (step 124 in Figure 3), the distributor or retailer preferably transmits a receipt to the user via, for example, e-mail which includes a copy of the product identification indicia, although such a receipt is not required.
  • the seller then ships the goods with the product identification indicia associated therewith to the buyer in accordance with the agreed upon mode of shipping.
  • the buyer analyzes or otherwise notes the product identification indicia at step 126.
  • Such analysis may be a function of the form of the indicia.
  • the analysis may include simply a visual inspection of the indicia and a visual comparison to the indicia as previously noted at purchase or as received in the transaction receipt if such a receipt is provided.
  • the analysis may include typing the indicia into the purchaser's computer for subsequent use or scanning or otherwise capturing an image if the indicia is a one-dimensional or two- dimensional bar code. Any manner of capturing or otherwise analyzing the received indicia for subsequent verification purposes may be used and are contemplated as falling within the scope of the present invention.
  • the method 100 continues at step 128 with the buyer communicating the analyzed product identification indicia to an authentication device such as a database and an accompanying processor or programmable controller.
  • the authentication device is the authentication server 62 of Figure 2, which thus allows the product purchase and the product authentication to occur over the Internet 10.
  • a preferred method of communication with the authentication server 62 uses a common public key infrastructure protocol. The use of this protocol will prevent a miscreant from rerouting the buyer's authentication request to the miscreant's own server.
  • This protocol can be implemented with a software plug-in for the buyer's browser which contains the public key of the authentication server.
  • This plug-in can be distributed to buyers by a certification authority which guarantees the validity of the public key of the authentication server.
  • One such certification authority is Verisign,
  • the software plug-in Prior to sending the indicia to the authentication server 62, the software plug-in encrypts the indicia with the public key of the authentication server 62. Since only the valid authentication server 62 possesses the counterpart private key, only it can inspect the indicia to determine its authenticity.
  • the authentication device may be a separate computer that can be accessed via a modem, for example.
  • the authentication device takes the product identification indicia transmitted thereto and preferably decrypts it with the public key portion of the public/private key pair.
  • the decrypted indicia is then analyzed by the authentication device to determine whether the purchased product is authentic at step 130.
  • the device analyzes the non-random portion 1 1 1 of the code to determine whether the indicia is valid by determining whether the non-random portion 1 11 matches an expected code.
  • the random portion 1 12 is compared to a database containing used codes or alternatively to a secure master database containing all the valid codes and containing a field providing indications of which codes have been previously used. If upon making the comparison it is noted that the code has been previously used, then although the code is valid, it is known that the code is a duplicate.
  • the database 140 represents a secure master database type configuration in which one set of fields 142 contain all the valid indicia or codes and a second set of fields 144 contain either data or a flag which indicates whether a particular indicia has been previously used.
  • Alternative database configurations may also be used.
  • the database may simply consist of all previously used indicia (i.e., goods associated with such indicia have already been purchased) that is updated with another indicia each time another product is purchased. As more products are bought, the database grows and each authentication analysis compares new indicia to the list of used indicia, thus continuously making it more difficult to utilize duplicate codes.
  • the determination is communicated back to the buyer, preferably in the same manner in which the indicia 1 10 was communicated to the authentication device.
  • the device either provides the determination via its own website or e-mails the determination back to the buyer, thus communicating via the Internet 10.
  • this communication preferably uses a common public key infrastructure protocol.
  • the authentication server 62 uses its private key and encrypts the response which is sent back to the buyer.
  • the software plug-in residing in the buyer's browser uses the authentication server's counterpart public key to decrypt the response.
  • the buyer is assured that a valid authentication server has responded.
  • the indicia 1 10 was communicated to the authentication device over the telephone or via the mail, the determination may be returned to the buyer in like manner. Any manner of communicating the authentication determination, however, may be made and is contemplated as falling within the scope of the present invention.
  • the present invention provides for the authentication of goods which are purchased over a computer network such as the Internet 10.
  • a computer network such as the Internet 10.
  • a more detailed flow chart illustrating one exemplary embodiment of the invention is illustrated in greater detail in Figure 7 at reference numeral 150 and highlights a case in which the authentication device is the authentication server 62.
  • a two-part combination code is generated. Exemplary codes are described above.
  • the combination code is encrypted with an appropriate key to obtain product identification indicia.
  • a list of encrypted codes is sent to an authentication device, for example, the authentication server 62.
  • the decryption key is sent to the authentication device so that device will be able to decrypt the encrypted code when it is received as is described below with respect to step 170, for example.
  • the encrypted combination codes (indicia), which are received as a result of the encrypting step 154, are associated with goods. It is noted here that in much of the description hereof reference is made to goods. Of course, it will be appreciated that goods can be singular or plural and may include various equivalent terms, for example, products, items, etc. or an equivalent thereof, and also may include a service or services or an equivalent thereof.
  • the purchaser browses the vendor's website for goods. The purchaser also may select a particular good for purchase. Thereafter, at step 164, the purchaser downloads or otherwise notes, e.g. writes down or has e-mailed to him/her the product identification indicia.
  • the purchaser initiates the product transaction, for example, to purchase the product, to have the product shipped or delivered by some other means, e.g., by downloading, etc., the selected product. The transaction may be to purchase the product, to lease the product, to use the product for a period of time, etc.
  • the purchaser receives the purchased product.
  • the product identification indicia is communicated to the authentication server, for example, the authentication server 62 shown in Figure 2.
  • the product identification indicia is decrypted using the decryption key that was received by the authentication server at step 158, as was described above.
  • the decrypted product identification indicia is analyzed for validity at step 174.
  • the analysis at step 174 would include checking the results of the decryption to confirm that the brand name, such as LEVIS, GUCCI or some other specified word, symbol, alphanumeric, bar code, etc. results from the decryption. If the expected word, etc. does not result, then the product identification indicia would not be valid.
  • the decrypted product identification indicia is analyzed for uniqueness. As was described above, for example, a portion of the two-part combination code that was generated at step 152 is expected to be unique and, thus, at step 176 a portion of the decrypted product identification indicia is expected also to be unique.
  • the authentication server may check for such uniqueness. If the uniqueness requirement is unsatisfied, then the purchaser may be so advised and can take appropriate steps, such as those described above with respect to step 174, e.g., to determine why the uniqueness requirement was not satisfied and even to return the good to the vendor, etc.
  • the purchaser browses the vendor's website 56 ( Figure 2) at step 202 looking for a style and/or color of product for purchase.
  • the purchaser downloads or otherwise notes the product identification indicia which is associated with the product at step 206.
  • the product identification indicia alternatively may be one which will be associated with the particular product subsequent to the purchase transaction and prior to product shipment.
  • Step 206 may be accomplished in a variety of ways and each is contemplated as falling within the scope of the present invention.
  • the indicia may be downloaded to the purchaser's client computer in the same manner as one downloads a file.
  • the purchaser may simply write the indicia down manually.
  • the vendor website 56 has a programmed authentication function in which the purchaser highlights the desired product and its associated indicia and indicates a desire to authenticate by activating or clicking on an authentication icon.
  • a preferable programmed authentication function is one which additionally provides information whether the vendor is authorized to use the product indicia which is being authenticated.
  • the product indicia are of a type which can reveal vendor information therein. Such indicia and methods are disclosed in U. S. application Serial No. 08/897,857.
  • the programming at the vendor website 56 encrypts the indicia with the vendor's private key.
  • the encrypted indicia along with vendor identification is sent to the authentication server 62.
  • the authentication server 62 obtains the vendor's counterpart public key and decrypts the message in order to extract the indicia.
  • the indicia is authenticated as described supra.
  • vendor information is obtained from the indicia. If the vendor information does not match with the owner of the public key, then this information is sent separately to the manufacturer or otherwise recorded by the authentication server 62 for future disposition.
  • the communication from the vendor website 56 to the authentication server 62 may additionally be conducted using the common public key infrastructure protocol as described supra in order to thwart man-in-the-middle spoofs.
  • the purchaser transmits the indicia 1 10 to the authentication device at step 208.
  • the transmission can occur over the Internet 10 via, for example, an e-mail or may occur via the telephone in order to receive a prompt authentication determination.
  • steps 206 and 208 are integrated together by the selection of the authentication function at the vendor's website 56.
  • the method 200 then continues by using the product identification indicia to determine the authenticity of the desired product at step 210.
  • the authenticity is determined in the manner described supra, in which the indicia is decrypted and then analyzed to determine whether the code is valid and if valid, whether the code is unique.
  • the determination is communicated (or otherwise transmitted) back to the prospective buyer at step 212, preferably through the Internet 10.
  • the purchaser will discontinue the transaction at step 216.
  • the vendor website 56 may be programmed to prevent any such transaction if a determination of non-authenticity is made. If, however, the determination at steps 212 and 214 is that the product is authentic (Y), the purchaser will typically continue and complete the product purchase at step 218 by, for example, providing the appropriate credit and shipping information and indicating a desire to purchase the product (e.g., selecting or clicking on a "BUY" icon).
  • the vendor website 56 transmits a communication to the authentication device that the product identification indicia associated with the purchased product has been used at step 220. Consequently, if an unscrupulous vendor copies the indicia 1 10 prior to shipping the product to the customer or swaps the product with a knock-off product and attempts to use the indicia again, the authentication device will catch the next use as a duplicate, thus removing an incentive for the vendor to attempt such actions. If the product identification indicia had not previously been associated with a particular product, then at this point the association is completed by the vendor prior to shipping the product.
  • a product may be authenticated effectively prior to making the purchase.
  • authentication can occur in near real-time, thus providing an authentication function without adversely impacting the time necessary to finalize a purchase.
  • the authentication of goods either after receipt or prior to purchase can be achieved using unique images as product identification indicia.
  • product identification indicia alphanumeric character strings and typographical-type symbols are often used to facilitate an easy reading and verification of the product identification indicia
  • more complex indicia such as one-dimensional or two-dimensional bar codes or other forms of image-based digital signatures may be utilized in accordance with the present invention.
  • two-dimensional bar codes may be utilized as unique images which are associated with the goods in the same manner as discussed supra.
  • the image-type product identification indicia is made visible to a prospective purchaser on the vendor website 56.
  • the indicia may be viewable at the product display screen or may comprise an image file associated with the product display that may be accessed on a computer screen by clicking on the indicia.
  • the indicia may be automatically downloaded as an image file or other type file in accordance with conventional network protocols upon request.
  • the image-type product identification indicia may be analyzed for authentication purposes either before the product purchase or after receipt of the goods.
  • a prospective buyer initiates authentication of the goods by communicating the indicia associated with the product to an authentication device.
  • such communication is integrated with the website 56 by simply clicking on an icon or image of the indicia and selecting an authentication function, wherein an image file (or other type of appropriate file) of the indicia is transmitted to the authentication server 62.
  • the indicia file may be transmitted to an authentication device which is not on the network.
  • the indicia may be compared to a secure master database of valid indicia using conventional image processing techniques to determine whether the transmitted indicia is a
  • Finding a "match” of two images may be achieved in a variety of ways. Because the indicia preferably is an image file with limited resolution, a "match” may consist of a correlation between the indicia and an image in the database that exceeds a predetermined threshold. Other image processing techniques, however, may be used and any manner of comparing the received indicia to a list of valid indicia is contemplated as falling within the scope of the present invention.
  • the authentication server 62 Upon making an authentication determination, the authentication server 62 communicates back to the prospective buyer (preferably in near real-time) the determination. The prospective buyer then chooses whether to purchase the product in response to the determination. Alternatively, the authentication server 62 may interface with the website 56 to prohibit the transaction if a determination is made that the product is not authentic. Upon receipt of the purchased product, the buyer may further authenticate the received goods by reading the indicia associated with the received goods with a scanner, digital camera or other type of image reading device.
  • a scanner digital camera or other type of image reading device.
  • One exemplary device which may be used is a VAIO C1 PictureBook Notebook Computer (PCG-C1X) manufactured by Sony, which integrates a reading device (a camera) with a computer which can operate as a client.
  • the received indicia can be compared to the previously viewed indicia at the time of purchase either locally (if the purchaser had previously downloaded the indicia from the website 56) or by transmitting the image to the authentication server 62.
  • such validation may be achieved by simply a visual comparison of the received indicia and the downloaded indicia.
  • the image- based product identification indicia may be used to authenticate goods sold over the Internet (or other network) after the receipt of the goods.
  • a copy of the indicia image may be downloaded at the time of purchase and then compared with the indicia associated with the received product as discussed above.
  • Such a comparison can be achieved either visually or using image processing by reading the received indicia into a computer using a reading device and applying conventional image processing techniques.
  • image processing techniques Although such a technique is sufficient to verify that the indicia matches the indicia shown on the network, such analysis does not necessarily ensure that the indicia is valid or unique (that is, without additional policing or verification performed by either the vendor or the manufacturer). Therefore it is preferred that the received indicia, upon being read by a reading device, be transmitted to an authentication device such as the authentication server 62 for verification as discussed supra.
  • the manufacturer of the goods presented for sale at a vendor's website may inspect the entire list of product identification indicia corresponding to goods presented for sale by the vendor and determine both the authenticity of the goods and whether they have been authorized for sale by the manufacturer.
  • the manufacturer may conduct this inspection on a regular basis and this will enable the manufacturer to take appropriate action if the goods are found to be counterfeit or if they are unauthorized, or diverted, goods.
  • the manufacturer 52 may browse vendor website 56 by using client 64.
  • the manufacturer is provided private access to view the entire list of product identification indicia corresponding to the goods that are presently for sale at the website. This access may be provided using a secret password that only the manufacturer possesses.
  • the manufacturer views the entire list of product identification indicia.
  • the manufacturer may wish to download or otherwise record this list and subsequently analyze it or compare it to information that is useful to the manufacturer.
  • the manufacturer sends the list to the authentication device exemplified by server 62 in Figure 2.
  • the authentication device analyzes the authenticity of the product identification indicia.
  • the authentication device further analyzes whether the product identification indicia correspond to goods which the manufacturer had authorized the vendor to sell at the vendor website.
  • the analysis performed in step 262 may be accomplished in various ways.
  • the authentication device has been previously sent a lists of product identification indicia corresponding to particular vendor websites.
  • each product identification indicia in the transmitted list is compared to the product identification indicia contained in the previously sent lists. In this manner the authentication device can accomplish the analysis.
  • the product identification indicia are decrypted to reveal vendor information contained therein. Such indicia and methods are disclosed in U. S. Application Serial No. 08/897,857, as described supra.
  • step 264 the results of the analyses in steps 260 and 262 are transmitted to the manufacturer who receives them with client 64. It will be appreciated that the invention may be used for the many different authentication functions disclosed herein.

Landscapes

  • Business, Economics & Management (AREA)
  • Accounting & Taxation (AREA)
  • Finance (AREA)
  • Development Economics (AREA)
  • Economics (AREA)
  • Marketing (AREA)
  • Strategic Management (AREA)
  • Physics & Mathematics (AREA)
  • General Business, Economics & Management (AREA)
  • General Physics & Mathematics (AREA)
  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Management, Administration, Business Operations System, And Electronic Commerce (AREA)

Abstract

The present invention includes a system and method of authenticating goods for sale over a network. The method includes associating a product identification indicia with a product to be sold over the network. The product is then purchased over the network and the product has the product identification indicia associated therewith. Upon receipt of the purchased product, the indicia associated with the product is analyzed and communicated to an authentication device. The authenticity of the indicia is then determined using the authentication device and the determination is communicated to the purchaser. The invention also includes the possibility of checking that the vendor is authorized to sell specific goods. Other authentication functions and methods also are disclosed.

Description

SYSTEM AND METHOD FOR VERIFYING AUTHENTICITY OF PRODUCTS USING NETWORKS
FIELD OF THE INVENTION The present invention relates generally to a system and method for verifying the authenticity of goods purchased or offered for sale over a network such as the Internet.
BACKGROUND OF THE INVENTION The amount of commerce conducted over computer networks such as the Internet has grown rapidly over the past decade. Such commerce has been tagged "e-commerce" and extends to many diverse forms of business enterprise such as wholesale purchase of business equipment to the retail purchase of many consumer items. The rapid growth in e-commerce, however, has led to many problems. One of the largest problems associated with e- commerce is the inability of a purchaser to determine whether a product is a counterfeit. According to many news sources, e-commerce is becoming the scourge of the luxury goods industry as high end designers are swindled by the sale of "cyberfakes", that is, counterfeit goods. One reason that e-commerce is amenable to cyberfakes is that purchasers can not inspect the product with the same level of scrutiny as in prior commercial exchanges. While the consumer or purchaser may see a picture of the product or read a description thereof on the computer screen when, for example, visiting a website, they have little assurance that the product is not counterfeit, off-grade, out of specification, or stolen. To address these concerns, several prior art security precaution methodologies and systems have been created. In one example, various forms of honesty checks or vendor qualification schemes have been created in which the vendor or seller is rated on his or her performance in fulfilling the contract terms. Such schemes, however, assume a sophisticated purchaser who can readily identify goods which fail to meet specifications, etc. and who understand that such verification schemes exist. As e-commerce grows into many consumer, retail areas, however, such a system is not adequate to provide effective consumer and manufacturer protection.
Another prior art solution includes establishing an escrow account in which the product ownership is not transferred until the escrow terms are satisfied. Such a scheme, however, requires a third party escrow agent which complicates and raises the cost of the transaction. In addition, such a solution does not appreciate that the product may be out of the manufacturer's close control and thus may not provide the manufacturer with sufficient protection.
Fraud in e-commerce adversely affects all parties in the commerce chain. Clearly, e-commerce fraud negatively impacts the consumer or end purchaser because the consumer pays a brand name price for a fraudulent good or product that fails to meet the anticipated quality and/or style standard associated with the brand name product. Fraud also hurts the manufacturers of luxury or brand name goods because such fraud (particularly via counterfeit knock-offs) tarnish the goodwill and reputation associated with the brand name. Further, such fraud directly impacts the sales of the manufacturer (even if the end consumer is unconcerned about the bogus nature of the goods), since each improper transaction reflects a lost sale of the authentic product. Manufacturers are also vulnerable to "gray market goods." For example, in some cases the brand name owner hires contract manufacturers to manufacture the goods according to particular specifications. Sometimes such contract manufacturers manufacture extra product according to the same manufacturing specifications as the legitimate product (and thus are indistinguishable in quality and appearance from the legitimate product). These gray market goods may not negatively impact the end consumer, but such goods are unauthorized and are typically sold through different distribution channels (whether via e-commerce or more traditional channels). Such unauthorized sales negatively impact the exclusivity of the product which is desirable in certain high-end products and do not accrue to the brand name owner. The manufacturer may be further damaged by the diversion of products from predetermined distribution channels. Due to various marketing and promotional arrangements, certain goods may be distributed through exclusive distribution channels. When authorized products are diverted from their intended distribution channels (e.g., to unauthorized retail outlets) or when unauthorized products (gray market or counterfeit goods) enter such distribution channels, the marketing/sales plan under which the products were produced is weakened. Such actions negatively impact the manufacturer and damage the business relationship between the manufacturer and any authorized distributors (and/or authorized retail outlets). Other methods of securing on-line or e-commerce transactions have focused upon authenticating the purchaser. For example, U.S. Patent 5,903,721 discloses securing an e-commerce transaction by authenticating the identity and/or credit worthiness of the purchaser prior to engaging in a transaction. Such a method and system, however, while providing some protection for the seller or vendor, fails to address the concerns of the end purchaser who is still vulnerable to counterfeit goods.
As can be seen from the above, e-commerce is exploding and previous attempts to prevent counterfeiting, diversion, etc. in e-commerce have been largely ineffective, particularly as e-commerce continues to expand beyond wholesale transactions between sophisticated parties to retail sales. Therefore there is a need in the art for improved methods and systems for protecting parties participating in e-commerce from unscrupulous individuals. SUMMARY OF THE INVENTION
The present invention relates to a system and method of authenticating goods sold over a network such as the Internet. The present invention provides authentication of goods by associating a product identification indicia with the goods to be sold via the network. Either at the time of purchase or upon receipt of the purchased product, the goods are authenticated by communicating the associated product identification indicia to an authentication device. The authentication device includes an authentication database which determines whether the product is authentic using the product identification indicia and communicates the determination to the purchaser.
As used herein, the concept of a "sale" means a sale in the traditional sense as well as in the sense of the definition of the Uniform Commercial Code (UCC). A sale may be an actual sale, a lease, or some other event, for example, in which one party receives something of value from another. According to one aspect of the present invention, the authentication is performed via the same network in which the product was purchased. In such an instance, the authentication device is an authentication server. The purchaser communicates the product identification indicia to the authentication server, wherein the server checks the indicia against a secure database to determine whether the indicia is valid. If the indicia is valid, the server preferably performs another authentication step by determining whether the valid indicia has been previously used (e.g., a duplicate). Upon completion of the verification, the authentication server transmits the authenticity determination to the purchaser over the network, thereby providing authentication in near real-time.
According to another aspect of the present invention, the product identification indicia comprises a two-part encrypted combination code having a non-random portion and a random portion. Upon being decrypted, the non- random portion provides an easily verifiable indication of validity, for example, comprising a distinct word (e.g., a brand name, alphanumeric character string, etc.) that easily identifies the source of the goods (e.g., LEVIS). Therefore, if upon decryption, the expected non-random portion is not reproduced, the product identification indicia is invalid, thus indicating, for example, that the product is either a counterfeit or a gray market good. The random portion of the combination code preferably is unique, that is, one of a kind. Upon decryption, the authentication server compares the random portion to a list of previously used codes or a master list. If a match is found or it is determined that the code has been used previously, the combination code is a duplicate, thus indicating an improper activity.
According to another aspect of the invention, the product identification indicia comprises a unique image, for example, a two-dimensional bar code. Upon purchasing the desired product over the network, the unique image associated with the purchased product is downloaded by the purchaser and stored. Subsequently, upon receipt of the purchased product, the image associated with the product is compared to the stored image, either visually or using image processing techniques. Using the comparison, the authenticity of the purchased product is determined. A further authentication step may be taken by capturing the image associated with the received product, for example, using a scanner or a digital camera, and transmitting the image to the authentication server. The server compares the transmitted image to a database of used images. If a match is found, the image is not unique (indicating that the product may be counterfeit), and a message is sent back to the purchaser providing notice of such a determination. According to another aspect of the present invention, product identification indicia are associated with goods to be sold via the network and all such product identification indicia are displayed over the same network to manufacturers of the goods which are offered for sale to purchasers by the seller. Whereas in other aspects of this invention a purchaser downloads or views the indicia of a single product that he purchases, the manufacturers are provided all of the indicia to view which are associated with the particular goods presently for sale by the seller. In this instance, the manufacturer inspects the goods by communicating the product identification indicia to an authentication server, which may be connected to the same network with which the manufacturer inspects the product identification indicia, or may be separate therefrom. The authentication server determines whether the indicia are valid and sends a response back to the manufacturer. In an alternative embodiment, the determination of validity includes the authentication server analyzing if the indicia for goods which are presented for sale by the seller were originally authorized by the manufacturer.
According to an aspect of the invention, a method of authenticating goods for sale over a network, includes associating identification indicia with one or more goods to be sold over the network, purchasing over the network a good having identification indicia associated therewith, analyzing the identification indicia with the purchased good upon receipt of the purchased good.
According to an aspect of the invention, a method of authenticating goods for sale over a network, includes associating identification indicia with one or more goods to be sold over a network, initiating a transaction to purchase over the network a good having an associated identification indicia, and communicating the associated identification indicia to an authentication device for authentication.
According to an aspect of the invention, a method of checking/monitoring sales transactions made over a network of products having identification indicia, includes obtaining product identification indicia of products sold, and determining from the product identification indicia at least one of authenticity, authorization of the seller to sell the product, and vendor identity. According to an aspect of the invention, a method of diversion tracking of goods, includes from a compilation of product identification indicia representing both product identification information and vendor information. According to an aspect of the invention, a method of authenticating goods for sale over a network, includes the steps of: associating product identification indicia with one or more products to be sold over the network; purchasing a product over the network, wherein the product has a product identification indicia associated therewith; communicating the product identification indicia to an authentication device; determining whether the communicated product identification indicia is a valid indicia using the authentication device, wherein a determination of validity indicates that the goods are authentic; and communicating the validity determination to the purchaser.
According to an aspect of the invention, a method of authenticating goods for sale over a network, includes the steps of: associating product identification indicia with one or more products to be sold over the network; purchasing a product over the network, wherein the product has a product identification indicia associated therewith; analyzing the product identification indicia associated with the purchased product upon receipt of the purchased product.
According to an aspect of the invention, a system for authenticating sales transactions, includes a data storage device for storing data representing unique identification of a product, a communication device to receive inquiries as to the authenticity of received product identification data and to transmit a signal representing authentication or not based on a comparison with the stored data.
According to an aspect of the invention, a method of authenticating goods purchased over a network, includes providing over the network identification indicia associated with a good, and upon receipt of a good checking the identification indicia for identity with that provided over the network.
According to an aspect of the invention, a method of authenticating a product, includes providing a unique image on the product or packaging, obtaining a digital image of the image, checking the digital image for authenticity.
According to an aspect of the invention, a database structure for use in authenticating identification indicia associated with one or more products, includes a plurality of records, the records including, a first field of data containing valid identification indicia and a second field containing a flag or other representation to identify whether a particular identification indicia in the first field was previously used.
According to an aspect of the invention, a machine includes a memory and data structure stored in the memory representing identification indicia for authenticating whether or not a transaction is authentic.
According to an aspect of the invention, a method for authenticating identification indicia associated with a product intended for purchase over a network, includes browsing a site to select a product for purchase, initiating a comparison of identification indica associated with that product wit a database of identification indicia to determine authenticity.
According to an aspect of the invention, a method for authenticating identification indicia associated with a product sold over a network, includes receiving from a network data representing identification indicia, comparing the received data with stored data representing valid identification indicia and/or used identification indicia, and transmitting a signal representative of the results of the comparison.
According to an aspect of the invention, a computer data transmission system for signals embodied in a network transmission, includes a network transmission medium, data representation of an identification indicia associated with a product, including both a random portion and a non-random portion, and a signal representation of authenticity of the identification indicia.
To the accomplishment of the foregoing and related ends, the invention comprises the features hereinafter fully described and particularly pointed out in the claims. The following description and drawings set forth in detail certain illustrative embodiments of the invention. These embodiments are indicative, however, of merely a few of the various ways in which the principles of the invention may be employed. Other objects and advantages of the invention will become apparent from the following detailed description of the invention when considered in conjunction with the drawings.
BRIEF DESCRIPTION OF THE DRAWINGS
Figure 1 is a system level diagram illustrating a client-server relationship on a network such as the Internet; Figure 2 is a system level diagram illustrating the network arrangement of Figure 1 and use of such a network arrangement to authenticate goods purchased over the network according to the present invention;
Figure 3 is a flow chart diagram illustrating a method of authenticating goods purchased over a network according to an exemplary embodiment of the present invention;
Figure 4a illustrates an encrypted two-part combination code comprising the product identification indicia according to an exemplary embodiment of the present invention;
Figure 4b illustrates the two-part combination code of Figure 4a after being decrypted, wherein the decrypted combination code has a non-random portion and a random portion, respectively;
Figure 5a is a screen level diagram illustrating an exemplary vendor website page which exhibits products for sale over the Internet according to the present invention; Figure 5b is a screen level diagram illustrating another exemplary vendor website page which exhibits products for sale over the Internet according to the present invention;
Figure 6 is a block diagram illustrating an exemplary database configuration for an authentication database containing valid codes and a field indicating whether the valid codes have been used previously according to an exemplary embodiment of the present invention;
Figure 7 is a flow chart diagram illustrating a method of purchasing a product having a product identification indicia associated therewith over a network and using the indicia to determine the authenticity of the product according to an exemplary embodiment of the present invention;
Figure 8 is a flow chart diagram illustrating a method of authenticating a product prior to purchasing such product over a network using the indicia according to an exemplary embodiment of the present invention; and Figure 9 is a flow chart diagram illustrating a method for a manufacturer to analyze the entire list of products over a network using the indicia according to an exemplary embodiment of the present invention.
DESCRIPTION The present invention will now be described with reference to the drawings, wherein like reference numerals are used to refer to like elements throughout. The present invention relates to a system and method of authenticating goods which are purchased over a computer network such as the Internet. Although the present invention will be discussed in the context of retail consumer goods such as clothing, etc., it should be understood that
"goods" or "products" according to the present invention is intended to encompass all items which may be sold over such networks such as financial instruments, computer software, etc. The present invention relates to a system and method of authenticating goods purchased over a computer network such as the Internet. A product identification indicia is associated with each of the goods for sale. Upon completing a purchase and receiving the goods, the buyer communicates the indicia to an authentication device which determines the validity and uniqueness thereof and communicates the authenticity determination back to the buyer. Such authentication may be effectuated over the computer network using an authentication server or alternatively may include a separate, standalone type authentication system. The present invention is further applicable to authentication determinations made prior to making a product purchase. In such a case, the product identification indicia is available to the prospective buyer over the network and the authentication proceeds prior to the purchase or during the purchase, for example, as a condition precedent to the providing of credit information. The Internet is one of many computer networks that individuals use to conduct business. Through use of such networks, individual computers communicate with one another to transfer data, transmit e-mail, etc. An exemplary representation of the Internet is illustrated in Figure 1 and designated at reference numeral 10. The Internet 10 consists of a collection (e.g., thousands) of interconnected, high-performance communication nodes or computers known as servers 12. The servers are interconnected through a "web" of interconnections such that although all nodes are not necessarily directly interconnected (e.g., node A and node D), data can be transferred between such nodes by routing through the various interconnected nodes (e.g., connecting nodes A and D through either nodes B or C). Such routing through various nodes is typically performed according to predetermined system of interconnection communication protocols.
Access to the Internet 10 is accomplished typically using an Internet Service Provider (ISP) which provides a server, although some large or otherwise sophisticated entities connect directly to the Internet 10 via their own server 12. Via an ISP, numerous individual computers commonly referred to as clients 14 (e.g., millions) may connect to the "web" with Internet connections 16. Such Internet connections 16 may be provided by dedicated data lines, Personal Communication Systems (PCS), microwave links, or satellite networks, for example.
A user who "browses" the Internet 10 at a client computer typically makes use of standard Internet protocols such as TCP/IP and HTTP. TCP/IP is a common transport layer protocol used by a worldwide network of computers. HTTP is a known application protocol that provides users access to files (which can be different formats such as text, graphics, images, sound, video, etc.) using a standard page description language known as Hypertext Markup Language (HTML). Known HTML web browsers such as Netscape or Microsoft Internet Explorer allow for a graphical user interface (GUI) based access to HTML documents accessible on the servers 12 communicatively linked to the various clients 14. These documents are commonly referred to as "web pages" and a collection of such pages is commonly referred to as a "website."
One exemplary method and system embodiment of the present invention will be discussed in conjunction with Figures 2-7. Figure 2 represents an exemplary portion 50 of the Internet 10 which illustrates a manufacturer 52 (or trusted party who warrants the authenticity of goods of one or more manufacturers) interfacing with a distributor 54. The distributor 54 offers the manufacturer's goods for sale over the Internet 10 via a vendor website 56 which acts as a client to interface with the Internet 10 via a particular server
12a. A purchaser 58 who wishes to purchase goods offered for sale over the Internet accesses the Internet 10 via a client computer 60 (e.g., a PC) and a server 12b. The system further includes an authentication server 62 which is accessible via other servers 12 or may be accessed directly, as may be desired. In addition, the manufacturer 52 may also access the Internet 10 via its own client computer 64, as may be desired (which will be discussed infra in accordance with an alternative embodiment of the present invention).
As shown in the flow chart 100 of Figure 3, product identification indicia are generated at step 102. Preferably, such indicia are generated by the manufacturer or under the direction of the manufacturer and each such indicia is a unique string of alphanumeric characters that provide an indication of the source of the respective goods. Such indicia may comprise a wide variety of different codes and may be written or otherwise generated in various forms, for example, as one-dimensional bar codes, etc. According to a preferred embodiment of the present invention, such indicia comprise an encrypted, two- part combination code such as that disclosed in U.S. Application Serial No. 08/897,857 entitled, "Verification of Authenticity of Goods by Use of Random Numbers," which is hereby incorporated by reference in its entirety. As illustrated in Figure 4a, for example, such an indicia 1 10, upon being encrypted (e.g., with a private key of a public/private key pair) provides a code that appears entirely random. Upon decryption (e.g., with the corresponding public key of the public/private key pair), however, the code has two parts as illustrated in Figure 4b, a non-random portion 1 1 1 and a random portion 1 12. The non-random portion 1 1 1 preferably constitutes an easily recognized code or string of characters that indicates the validity of the code. For example, if the manufacturer is Gucci, Inc., perhaps the non-random portion 111 will include the word "GUCCI". Consequently, upon decryption, if an inspector does not see the word "GUCCI" therein, the inspector immediately can determine that the code is an invalid code (i.e., a counterfeit). Because the inspector may not be a human being, but instead may be a computer, the non- random portion 1 1 1 need not be an easily recognized code, but may be any non-random string of characters, symbols, etc. The random portion 1 12 of the product identification indicia 1 10 provides a different authentication function than the non-random portion 1 1 1. While the non-random portion 1 1 1 indicates whether the indicia 1 10 is valid, the random portion 1 12 enables an inspector to establish whether the indicia 1 10 is unique (i.e. , no duplicates). Each random portion 1 12 of the indicia 1 10 is decrypted and analyzed; if valid, the random portion 1 12 of the indicia is compared to a list of previously analyzed indicia or alternatively to a secure master database containing all the valid codes to determine whether such an indicia 1 10 has been previously used. If not, the code 1 10 is unique. In a preferred embodiment of the present invention, the indicia 1 10 are alphanumeric characters or a one-dimensional bar code. Alternatively, the indicia 1 10 may comprise any form of identification indicia, for example, a two- dimensional bar code or other form of unique image. Any such product identification indicia may be utilized and is contemplated as falling within the scope of the present invention.
Returning to Figure 3, once the product identification indicia are generated, the indicia 1 10 preferably are encrypted (e.g., as described supra) and are associated with the goods which will be offered for sale over the Internet 10 at step 1 14. Preferably, "associating" the indicia 1 10 with the goods contemplates physically attaching or coupling the indicia to the goods via, for example, a tag or label or packing slip or invoice included in the box in which the goods are shipped. Alternatively, however, the indicia 1 10 may be printed directly onto the goods using an ink type printer, a laser or other type of writing or indicia application device. In addition, "associating" the indicia 1 10 with the goods also contemplates a non-physical association, wherein the indicia travel with or otherwise accompany the goods without being physically connected therewith. Such association includes, but is not limited to, an encoded magnetic signature, a sound signature, a light signature, etc. Any manner in which an indicia 1 10 may correspond to a particular product is contemplated by the term "associated" and is contemplated as falling within the scope of the present invention.
According to one embodiment of the present invention, the indicia 1 10 are associated with the goods prior to being shipped to the distributor or retailer for sale over the Internet 10. Alternatively, the indicia 1 10 may be associated with the product at the site of the distributor or retailer. In such circumstances, however, precautions are preferably taken to ensure such that such indicia are not stolen or copied, etc. One exemplary method for securing the indicia under such circumstances is disclosed in U.S. Application Serial No. 09/342,489 entitled "Secure System for Printing Authenticating Digital Signatures," which is hereby incorporated by reference in its entirety. Association with the product at the site of the distributor or retailer may be accomplished after the product is sold. In this instance the manufacturer or trusted third party 52 will provide the indicia 1 10 and goods to the distributor 54 separately. Then, step 1 14 will be executed after step 124 and before step 126 for the particular product which is purchased. This alternative simplifies the product inventory handling.
Once the indicia 1 10 are associated with the goods, the distributor or retailer "posts" or otherwise offers the goods for sale over the Internet 10 at the vendor website 56 at step 1 16. Goods may be offered for sale in a multitude of different ways and each manner of providing for product purchase is contemplated as falling within the scope of the present invention. One exemplary manner in which such an offer for sale takes place is illustrated in Figure 5a. In Figure 5a, several handbags 120a and 120b are illustrated. A user preferably can view the handbags 120a and 120b to determine whether the style and color meet with their product specifications. According to one embodiment of the present invention, the product identification indicia 1 10 associated with the goods 120a and 120b are also illustrated, although viewing the indicia prior to purchase is not necessary. Alternatively, the indicia 1 10 associated with a particular bag may be illustrated as an icon 122 on the screen.
In addition to the goods and indicia illustrated in Figures 5a and 5b, the distributor or retailer will also provide the terms of the offer for purchase, for example, the price, shipping costs, etc. If the terms of the offer meet with the buyer's approval, the buyer can indicate an acceptance of the offer by selecting (e.g., clicking with a mouse) a purchase icon which triggers a solicitation for credit information or other information to complete the transaction. Upon executing the purchase (step 124 in Figure 3), the distributor or retailer preferably transmits a receipt to the user via, for example, e-mail which includes a copy of the product identification indicia, although such a receipt is not required.
The seller then ships the goods with the product identification indicia associated therewith to the buyer in accordance with the agreed upon mode of shipping. Upon receipt of the purchased goods, the buyer analyzes or otherwise notes the product identification indicia at step 126. Such analysis may be a function of the form of the indicia. For example, the analysis may include simply a visual inspection of the indicia and a visual comparison to the indicia as previously noted at purchase or as received in the transaction receipt if such a receipt is provided. Alternatively, the analysis may include typing the indicia into the purchaser's computer for subsequent use or scanning or otherwise capturing an image if the indicia is a one-dimensional or two- dimensional bar code. Any manner of capturing or otherwise analyzing the received indicia for subsequent verification purposes may be used and are contemplated as falling within the scope of the present invention.
The method 100 continues at step 128 with the buyer communicating the analyzed product identification indicia to an authentication device such as a database and an accompanying processor or programmable controller. According to a preferred embodiment of the present invention, the authentication device is the authentication server 62 of Figure 2, which thus allows the product purchase and the product authentication to occur over the Internet 10. In this instance a preferred method of communication with the authentication server 62 uses a common public key infrastructure protocol. The use of this protocol will prevent a miscreant from rerouting the buyer's authentication request to the miscreant's own server. This protocol can be implemented with a software plug-in for the buyer's browser which contains the public key of the authentication server. This plug-in can be distributed to buyers by a certification authority which guarantees the validity of the public key of the authentication server. One such certification authority is Verisign,
Incorporated. Prior to sending the indicia to the authentication server 62, the software plug-in encrypts the indicia with the public key of the authentication server 62. Since only the valid authentication server 62 possesses the counterpart private key, only it can inspect the indicia to determine its authenticity.
Alternatively, the authentication device may be a separate computer that can be accessed via a modem, for example. The authentication device takes the product identification indicia transmitted thereto and preferably decrypts it with the public key portion of the public/private key pair. The decrypted indicia is then analyzed by the authentication device to determine whether the purchased product is authentic at step 130. For example, the device analyzes the non-random portion 1 1 1 of the code to determine whether the indicia is valid by determining whether the non-random portion 1 11 matches an expected code. Subsequently, or simultaneously, the random portion 1 12 is compared to a database containing used codes or alternatively to a secure master database containing all the valid codes and containing a field providing indications of which codes have been previously used. If upon making the comparison it is noted that the code has been previously used, then although the code is valid, it is known that the code is a duplicate.
An exemplary database configuration is illustrated in Figure 6 and designated at reference numeral 140. The database 140 represents a secure master database type configuration in which one set of fields 142 contain all the valid indicia or codes and a second set of fields 144 contain either data or a flag which indicates whether a particular indicia has been previously used. Alternative database configurations may also be used. For example, the database may simply consist of all previously used indicia (i.e., goods associated with such indicia have already been purchased) that is updated with another indicia each time another product is purchased. As more products are bought, the database grows and each authentication analysis compares new indicia to the list of used indicia, thus continuously making it more difficult to utilize duplicate codes.
Returning to Figure 3, upon making the authentication determination at step 130, the determination is communicated back to the buyer, preferably in the same manner in which the indicia 1 10 was communicated to the authentication device. For example, if the indicia 1 10 was communicated to the authentication device over the Internet 10, the device either provides the determination via its own website or e-mails the determination back to the buyer, thus communicating via the Internet 10. As discussed supra, this communication preferably uses a common public key infrastructure protocol. The authentication server 62 uses its private key and encrypts the response which is sent back to the buyer. The software plug-in residing in the buyer's browser uses the authentication server's counterpart public key to decrypt the response. If the decryption successfully results in a meaningful message, then the buyer is assured that a valid authentication server has responded. Alternatively, if the indicia 1 10 was communicated to the authentication device over the telephone or via the mail, the determination may be returned to the buyer in like manner. Any manner of communicating the authentication determination, however, may be made and is contemplated as falling within the scope of the present invention.
As discussed supra, the present invention provides for the authentication of goods which are purchased over a computer network such as the Internet 10. A more detailed flow chart illustrating one exemplary embodiment of the invention is illustrated in greater detail in Figure 7 at reference numeral 150 and highlights a case in which the authentication device is the authentication server 62.
In the flow chart 150 of Figure 7, at step 152 a two-part combination code is generated. Exemplary codes are described above. At step 154 the combination code is encrypted with an appropriate key to obtain product identification indicia. At step 156 a list of encrypted codes is sent to an authentication device, for example, the authentication server 62. At step 158 the decryption key is sent to the authentication device so that device will be able to decrypt the encrypted code when it is received as is described below with respect to step 170, for example. At step 160, the encrypted combination codes (indicia), which are received as a result of the encrypting step 154, are associated with goods. It is noted here that in much of the description hereof reference is made to goods. Of course, it will be appreciated that goods can be singular or plural and may include various equivalent terms, for example, products, items, etc. or an equivalent thereof, and also may include a service or services or an equivalent thereof.
Continuing to refer to Figure 7, at step 162 the purchaser browses the vendor's website for goods. The purchaser also may select a particular good for purchase. Thereafter, at step 164, the purchaser downloads or otherwise notes, e.g. writes down or has e-mailed to him/her the product identification indicia. At step 166 the purchaser initiates the product transaction, for example, to purchase the product, to have the product shipped or delivered by some other means, e.g., by downloading, etc., the selected product. The transaction may be to purchase the product, to lease the product, to use the product for a period of time, etc. At step 168 the purchaser receives the purchased product.
At step 170 the product identification indicia is communicated to the authentication server, for example, the authentication server 62 shown in Figure 2. At step 172 the product identification indicia is decrypted using the decryption key that was received by the authentication server at step 158, as was described above. The decrypted product identification indicia is analyzed for validity at step 174. For example, the analysis at step 174 would include checking the results of the decryption to confirm that the brand name, such as LEVIS, GUCCI or some other specified word, symbol, alphanumeric, bar code, etc. results from the decryption. If the expected word, etc. does not result, then the product identification indicia would not be valid. The purchaser than could investigate the reasons for the invalidity and may even elect to return the good to the vendor. At step 176 the decrypted product identification indicia is analyzed for uniqueness. As was described above, for example, a portion of the two-part combination code that was generated at step 152 is expected to be unique and, thus, at step 176 a portion of the decrypted product identification indicia is expected also to be unique. The authentication server may check for such uniqueness. If the uniqueness requirement is unsatisfied, then the purchaser may be so advised and can take appropriate steps, such as those described above with respect to step 174, e.g., to determine why the uniqueness requirement was not satisfied and even to return the good to the vendor, etc. The above example described with respect to the flow chart 150 of Figure 7 is one way in which features of the invention may be used. Various features of the invention also may be used in other ways, and the invention is intended to cover such uses. It also will appreciated that although the invention is described herein using flow charts to facilitate the describing and an understanding of the invention, the various steps expressed, illustrated and described in the specification and drawings may be carried out by writing the appropriate computer software code using one or more computer languages, such as C++, JAVA, and/or other languages. Such computer program or code may be written by a person who has ordinary skill in the art of computer programing using the principles as expressed herein and as disclosed in the other patent applications and materials referenced herein, for example.
In the above description of the present invention, an embodiment was described in which the authentication of the goods using the product identification indicia occurred after the product purchase and receipt of the goods was complete. According to an alternative embodiment of the present invention, a system and method of authenticating goods purchased over a network is disclosed in which the authentication occurs prior to the purchase transaction, thus avoiding a situation in which the product is determined to be counterfeit or unauthorized. An exemplary flow chart illustrating such an embodiment is shown in Figure 8 at reference numeral 200.
Referring to Figure 8, the purchaser browses the vendor's website 56 (Figure 2) at step 202 looking for a style and/or color of product for purchase. Upon finding an item which the purchaser wishes to buy at step 204, the purchaser downloads or otherwise notes the product identification indicia which is associated with the product at step 206. As discussed supra, the product identification indicia alternatively may be one which will be associated with the particular product subsequent to the purchase transaction and prior to product shipment. Step 206 may be accomplished in a variety of ways and each is contemplated as falling within the scope of the present invention. For example, the indicia may be downloaded to the purchaser's client computer in the same manner as one downloads a file. Alternatively, the purchaser may simply write the indicia down manually. Preferably, however, the vendor website 56 has a programmed authentication function in which the purchaser highlights the desired product and its associated indicia and indicates a desire to authenticate by activating or clicking on an authentication icon. In such an instance, a preferable programmed authentication function is one which additionally provides information whether the vendor is authorized to use the product indicia which is being authenticated. The programming at the vendor website
56 contains a private key unique to the vendor. The product indicia are of a type which can reveal vendor information therein. Such indicia and methods are disclosed in U. S. application Serial No. 08/897,857. The programming at the vendor website 56 encrypts the indicia with the vendor's private key. The encrypted indicia along with vendor identification is sent to the authentication server 62. The authentication server 62 obtains the vendor's counterpart public key and decrypts the message in order to extract the indicia. The indicia is authenticated as described supra. Additionally, vendor information is obtained from the indicia. If the vendor information does not match with the owner of the public key, then this information is sent separately to the manufacturer or otherwise recorded by the authentication server 62 for future disposition. Lastly, the communication from the vendor website 56 to the authentication server 62 may additionally be conducted using the common public key infrastructure protocol as described supra in order to thwart man-in-the-middle spoofs.
With reference to Figure 8, upon noting the product identification indicia 1 10 at step 206, the purchaser transmits the indicia 1 10 to the authentication device at step 208. The transmission can occur over the Internet 10 via, for example, an e-mail or may occur via the telephone in order to receive a prompt authentication determination. Preferably, steps 206 and 208 are integrated together by the selection of the authentication function at the vendor's website 56. This results in the transmission of the product identification indicia to the authentication device, which in a preferred embodiment is the authentication server 62. As described supra, this transmission is preferably conducted using the common public key infrastructure protocol.
The method 200 then continues by using the product identification indicia to determine the authenticity of the desired product at step 210. Preferably, the authenticity is determined in the manner described supra, in which the indicia is decrypted and then analyzed to determine whether the code is valid and if valid, whether the code is unique. After authenticity is determined, the determination is communicated (or otherwise transmitted) back to the prospective buyer at step 212, preferably through the Internet 10.
Once the authenticity determination is made and communicated back to the prospective purchaser, the purchaser makes a purchase decision at step
214 based on whether the product is confirmed as authentic. Typically, if the transmission back to the purchaser is that the product is not authentic (N), the purchaser will discontinue the transaction at step 216. Alternatively, the vendor website 56 may be programmed to prevent any such transaction if a determination of non-authenticity is made. If, however, the determination at steps 212 and 214 is that the product is authentic (Y), the purchaser will typically continue and complete the product purchase at step 218 by, for example, providing the appropriate credit and shipping information and indicating a desire to purchase the product (e.g., selecting or clicking on a "BUY" icon).
Once the transaction is complete, the vendor website 56 transmits a communication to the authentication device that the product identification indicia associated with the purchased product has been used at step 220. Consequently, if an unscrupulous vendor copies the indicia 1 10 prior to shipping the product to the customer or swaps the product with a knock-off product and attempts to use the indicia again, the authentication device will catch the next use as a duplicate, thus removing an incentive for the vendor to attempt such actions. If the product identification indicia had not previously been associated with a particular product, then at this point the association is completed by the vendor prior to shipping the product.
Lastly, once the purchaser receives the shipped product, he or she can compare the indicia received with the product at step 222 to confirm that the shipped product is indeed the product that was authenticated at steps 208-212. In the above manner, a product may be authenticated effectively prior to making the purchase. In addition, when such authentication is performed over the Internet 10 via the authentication server 62 (as is performed in the preferred embodiment), such authentication can occur in near real-time, thus providing an authentication function without adversely impacting the time necessary to finalize a purchase.
According to another embodiment of the present invention, the authentication of goods either after receipt or prior to purchase can be achieved using unique images as product identification indicia. Although alphanumeric character strings and typographical-type symbols are often used to facilitate an easy reading and verification of the product identification indicia, more complex indicia such as one-dimensional or two-dimensional bar codes or other forms of image-based digital signatures may be utilized in accordance with the present invention. For example, two-dimensional bar codes may be utilized as unique images which are associated with the goods in the same manner as discussed supra.
The image-type product identification indicia is made visible to a prospective purchaser on the vendor website 56. For example, the indicia may be viewable at the product display screen or may comprise an image file associated with the product display that may be accessed on a computer screen by clicking on the indicia. Alternatively, the indicia may be automatically downloaded as an image file or other type file in accordance with conventional network protocols upon request.
As discussed above, the image-type product identification indicia may be analyzed for authentication purposes either before the product purchase or after receipt of the goods. According to an exemplary embodiment of the present invention, prior to purchasing the desired product, a prospective buyer initiates authentication of the goods by communicating the indicia associated with the product to an authentication device. Preferably, such communication is integrated with the website 56 by simply clicking on an icon or image of the indicia and selecting an authentication function, wherein an image file (or other type of appropriate file) of the indicia is transmitted to the authentication server 62. Alternatively, however, the indicia file may be transmitted to an authentication device which is not on the network. Upon receipt of the transmitted indicia data, various forms of authentication may be used to authenticate the indicia and thus the product associated therewith and all such forms of authentication are contemplated as falling within the scope of the present invention. For example, the indicia may be compared to a secure master database of valid indicia using conventional image processing techniques to determine whether the transmitted indicia is a
"match" with an indicia in the database. If no match is found, the indicia is determined to be invalid; if a match is found, a second inquiry is made to determine whether the indicia had been used previously. If not, then the indicia is determined to be valid and unique (not a duplicate) and the product is authentic.
Finding a "match" of two images may be achieved in a variety of ways. Because the indicia preferably is an image file with limited resolution, a "match" may consist of a correlation between the indicia and an image in the database that exceeds a predetermined threshold. Other image processing techniques, however, may be used and any manner of comparing the received indicia to a list of valid indicia is contemplated as falling within the scope of the present invention.
Upon making an authentication determination, the authentication server 62 communicates back to the prospective buyer (preferably in near real-time) the determination. The prospective buyer then chooses whether to purchase the product in response to the determination. Alternatively, the authentication server 62 may interface with the website 56 to prohibit the transaction if a determination is made that the product is not authentic. Upon receipt of the purchased product, the buyer may further authenticate the received goods by reading the indicia associated with the received goods with a scanner, digital camera or other type of image reading device. One exemplary device which may be used is a VAIO C1 PictureBook Notebook Computer (PCG-C1X) manufactured by Sony, which integrates a reading device (a camera) with a computer which can operate as a client.
Once read, the received indicia can be compared to the previously viewed indicia at the time of purchase either locally (if the purchaser had previously downloaded the indicia from the website 56) or by transmitting the image to the authentication server 62. In yet another alternative embodiment, such validation may be achieved by simply a visual comparison of the received indicia and the downloaded indicia.
According to another embodiment of the present invention, the image- based product identification indicia may be used to authenticate goods sold over the Internet (or other network) after the receipt of the goods. In such a case, a copy of the indicia image may be downloaded at the time of purchase and then compared with the indicia associated with the received product as discussed above. Such a comparison can be achieved either visually or using image processing by reading the received indicia into a computer using a reading device and applying conventional image processing techniques. Although such a technique is sufficient to verify that the indicia matches the indicia shown on the network, such analysis does not necessarily ensure that the indicia is valid or unique (that is, without additional policing or verification performed by either the vendor or the manufacturer). Therefore it is preferred that the received indicia, upon being read by a reading device, be transmitted to an authentication device such as the authentication server 62 for verification as discussed supra.
According to another embodiment of the present invention, the manufacturer of the goods presented for sale at a vendor's website may inspect the entire list of product identification indicia corresponding to goods presented for sale by the vendor and determine both the authenticity of the goods and whether they have been authorized for sale by the manufacturer. The manufacturer may conduct this inspection on a regular basis and this will enable the manufacturer to take appropriate action if the goods are found to be counterfeit or if they are unauthorized, or diverted, goods.
As shown in the flow chart 250 of Figure 9, in step 252 the manufacturer 52 (Figure 2) may browse vendor website 56 by using client 64. The manufacturer is provided private access to view the entire list of product identification indicia corresponding to the goods that are presently for sale at the website. This access may be provided using a secret password that only the manufacturer possesses. By limiting access to lists of product identification indicia one maintains security of the overall system to mis-use by counterfeiters. At step 254 the manufacturer views the entire list of product identification indicia. Now at step 256 the manufacturer may wish to download or otherwise record this list and subsequently analyze it or compare it to information that is useful to the manufacturer. At step 258 the manufacturer sends the list to the authentication device exemplified by server 62 in Figure 2. In step 260 the authentication device analyzes the authenticity of the product identification indicia. In step 262 the authentication device further analyzes whether the product identification indicia correspond to goods which the manufacturer had authorized the vendor to sell at the vendor website.
The analysis performed in step 262 may be accomplished in various ways. In one embodiment the authentication device has been previously sent a lists of product identification indicia corresponding to particular vendor websites. In step 262 each product identification indicia in the transmitted list is compared to the product identification indicia contained in the previously sent lists. In this manner the authentication device can accomplish the analysis. In an alternative embodiment the product identification indicia are decrypted to reveal vendor information contained therein. Such indicia and methods are disclosed in U. S. Application Serial No. 08/897,857, as described supra.
Finally, in step 264 the results of the analyses in steps 260 and 262 are transmitted to the manufacturer who receives them with client 64. It will be appreciated that the invention may be used for the many different authentication functions disclosed herein.
Although the invention has been shown and described with respect to a certain preferred embodiment or embodiments, it is obvious that equivalent alterations and modifications will occur to others skilled in the art upon the reading and understanding of this specification and the annexed drawings. In particular regard to the various functions performed by the above described components (assemblies, devices, circuits, etc.), the terms (including a reference to a "means") used to describe such components are intended to correspond, unless otherwise indicated, to any component which performs the specified function of the described component (i.e., that is functionally equivalent), even though not structurally equivalent to the disclosed structure which performs the function in the herein illustrated exemplary embodiments of the invention. In addition, while a particular feature of the invention may have been disclosed with respect to only one of several embodiments, such feature may be combined with one or more other features of the other embodiments as may be desired and advantageous for any given or particular application.

Claims

WHAT IS CLAIMED IS:
1. A method of authenticating goods for sale over a network, comprising the steps of: associating product identification indicia with one or more products to be sold over the network; purchasing a product over the network, wherein the product has a product identification indicia associated therewith; analyzing the product identification indicia associated with the purchased product upon receipt of the purchased product; communicating the analyzed product identification indicia to an authentication device; determining whether the communicated product identification indicia is a valid indicia using the authentication device, wherein a determination of validity indicates that the goods are authentic; and communicating the validity determination to the purchaser.
2. The method of claim 1 , wherein the product identification indicia comprises a plurality of product identification indicia, each of which are unique, and wherein upon being associated with the one or more products, each of the products has a unique product identification indicia associated therewith.
3. The method of claim 1 , wherein associating the product identification indicia to the one or more products comprises applying the product identification indicia to the one or more products.
4. The method of claim 3, wherein applying the product identification indicia to the one or more products comprises: applying the product identification indicia to one or more labels; and attaching the labels to the one or more products.
5. The method of claim 1 , wherein associating the product identification indicia with one or more products comprises illustrating the product identification indicia such that a purchaser can view both the product and the product identification indicia over the network.
6. The method of claim 5, wherein illustrating the product identification indicia comprises illustrating one of the products with the product identification indicia attached thereto.
7. The method of claim 5, wherein illustrating the product identification indicia comprises providing a viewable icon containing the product identification indicia over the network.
8. The method of claim 1 , wherein the product identification indicia comprises a digital signature.
9. The method of claim 8, wherein the digital signature comprises an encrypted code.
10. The method of claim 9, wherein the encrypted code prior to encryption comprises a combination code having a random portion and a non- random portion associated therewith.
11. The method of claim 1 , wherein the product identification indicia comprises a two-dimensional bar code.
12. The method of claim 1 , wherein purchasing the product over the network comprises: transmitting a purchase request for the product over the network, wherein the purchase request indicates an acceptance of an offer to purchase the product as a predetermined price; and transmitting billing account information.
13. The method of claim 12, further comprising transmitting a product purchase confirmation to the purchaser over the network.
14. The method of claim 13, wherein the product purchase confirmation includes a copy of the product identification indicia.
15. The method of claim 1 , wherein analyzing the product identification indicia comprises visually viewing the product identification indicia.
16. The method of claim 1 , wherein analyzing the product identification indicia comprises: scanning the product identification indicia; and storing the scanned indicia on a storage medium.
17. The method of claim 1 , wherein analyzing the product identification indicia comprises: digitizing the product identification indicia; and storing the product identification indicia on a storage medium.
18. The method of claim 17, wherein digitizing the product identification indicia comprises taking a picture of the product identification indicia with a digital camera.
19. The method of claim 17, further comprising the step of performing image processing on the digitized product identification indicia to thereby filter the digitized indicia.
20. The method of claim 1 , wherein communicating the analyzed product identification indicia to an authentication device comprises transmitting voice data representing the product identification indicia over a data link to the authentication database.
21. The method of claim 1 , wherein communicating the analyzed product identification indicia to an authentication device comprises transmitting digital data representing the product identification indicia over a data link to the authentication database.
22. The method of claim 1 , wherein determining whether the product identification indicia is valid comprises: comparing the communicated product identification indicia to a list of known valid product identification indicia; and determining validity based on whether the communicated product identification indicia matches one of the known valid product identification indicia.
23. The method of claim 22, further comprising the step of determining whether the communicated product identification indicia has been previously used if the communicated product identification indicia is determined to be valid.
24. The method of claim 23, wherein determining whether the communicated product identification indicia has been previously used comprises marking a one of the known valid product identification indicia as used when a communicated product identification indicia matches the one.
25. The method of claim 1 , wherein the product identification indicia comprises an encrypted code and wherein determining whether the product identification indicia is valid comprises: decrypting the product identification indicia; and evaluating the decrypted product identification indicia to determine whether the decrypted product identification indicia is valid.
26. The method of claim 25, wherein evaluating the decrypted product identification indicia comprises: comparing at least a portion of the decrypted product identification indicia to a list of known valid decrypted product identification indicia; and determining validity based on whether the portion of the decrypted product identification indicia matches one of the known valid decrypted product identification indicia.
27. The method of claim 1 , wherein the product identification indicia comprises an encrypted combination code having a random portion and a non- random portion, and wherein determining whether the product identification indicia is valid comprises: decrypting the product identification indicia; and evaluating the non-random portion of the decrypted product identification indicia to determine whether the product identification indicia is valid.
28. The method of claim 27, further comprising evaluating the random portion of the decrypted product identification indicia to determine whether the product identification indicia is a duplicate if the product identification indicia is determined to be valid.
29. The method of claim 28, wherein evaluating the random portion further comprises: comparing the random portion to a list of previously used product identification indicia; and determining that the product identification indicia is authentic if the random portion does not match any previously used product identification indicia in the list.
30. A method of authenticating goods for sale over a network, comprising associating identification indicia with one or more goods to be sold over the network, purchasing over the network a good having identification indicia associated therewith, analyzing the identification indicia with the purchased good upon receipt of the purchased good.
31. The method of claim 30, wherein the identification indicia is viewable and said analyzing comprises viewing the indication indicia.
32. The method of claim 30, wherein the identification indicia is computer discernible, and said analyzing comprises using a computer to analyze the identification indicia.
33. The method of claim 30, further comprising delivering a representation of the identification indicia over a network.
34. The method of claim 30, said analyzing compπses providing the identification indicia to a purchaser of the good, and subsequent to receiving the identification indicia supplying the identification indicia to an authentication device for checking authenticity of the good.
35. A method of authenticating goods for sale over a network, comprising associating identification indicia with one or more goods to be sold over a network, initiating a transaction to purchase over the network a good having an associated identification indicia, and communicating the associated identification indicia to an authentication device for authentication.
36. The method of claim 35, further comprising, if authenticated, complete the transaction.
37. The method of claim 35, further comprising, if not authentic, communicate the information to the seller.
38. The method of claim 37, if not authentic, stop the transaction.
39. A method of checking/monitoring sales transactions made over a network of products having identification indicia, comprising obtaining product identification indicia of products sold, and determining from the product identification indicia at least one of authenticity, authorization of the seller to sell the product, and vendor identity.
40. A method of diversion tracking of goods, comprising from a compilation of product identification indicia representing both product identification information and vendor information.
41. The method of claim 40, further comprising obtaining the compilation from a vendor's website.
42. A method of authenticating goods for sale over a network, comprising the steps of: associating product identification indicia with one or more products to be sold over the network; purchasing a product over the network, wherein the product has a product identification indicia associated therewith; communicating the product identification indicia to an authentication device; determining whether the communicated product identification indicia is a valid indicia using the authentication device, wherein a determination of validity indicates that the goods are authentic; and communicating the validity determination to the purchaser.
43. A method of authenticating goods for sale over a network, comprising the steps of: associating product identification indicia with one or more products to be sold over the network; purchasing a product over the network, wherein the product has a product identification indicia associated therewith; analyzing the product identification indicia associated with the purchased product upon receipt of the purchased product.
44. A system for authenticating sales transactions, comprising a data storage device for storing data representing unique identification of a product, a communication device to receive inquiries as to the authenticity of received product identification data and to transmit a signal representing authentication or not based on a comparison with the stored data.
45. A method of authenticating goods purchased over a network, comprising providing over the network identification indicia associated with a good, and upon receipt of a good checking the identification indicia for identity with that provided over the network.
46. The method of claim 45, further comprising checking the authenticity of the identification indicia at an authentication server.
47. A method of authenticating a product, comprising providing a unique image on the product or packaging, obtaining a digital image of the image, checking the digital image for authenticity.
48. The method of claim 47, said checking comprising checking with a digital image by computer.
49. The method of claim I, said checking comprising sending the digital image to an authentication server for comparison with other images.
50. A database structure for use in authenticating identification indicia associated with one or more products, comprising a plurality of records, the records including, a first field of data containing valid identification indicia and a second field containing a flag or other representation to identify whether a particular identification indicia in the first field was previously used.
51. The database structure of claim 50, wherein an assemblage of first fields of the records contain all valid identification indicia.
52. A memory containing a data structure as set forth in claim 50.
53. A machine comprising a memory and data structure stored in the memory representing identification indicia for authenticating whether or not a transaction is authentic.
54. The machine of claim 53, wherein the data structure comprises database structure for use in authenticating identification indicia associated with one or more products, comprising a plurality of records, the records including, a first field of data containing valid identification indicia and a second field containing a flag or other representation to identify whether a particular identification indicia in the first field was previously used.
55. A method for authenticating identification indicia associated with a product intended for purchase over a network, comprising browsing a site to select a product for purchase, initiating a comparison of identification indica associated with that product wit a database of identification indicia to determine authenticity.
56. The method of claim 55, said initiating comprising initiating the comparison prior to completing a purchase.
57. The method of claim 56, said initiating comprising also initiating the comparison after receiving the product.
58. The method of claim 55, said initiating comprising initiating the comparison after receiving the product.
59. A method for authenticating identification indicia associated with a product sold over a network, comprising receiving from a network data representing identification indicia, comparing the received data with stored data representing valid identification indicia and/or used identification indicia, and transmitting a signal representative of the results of the comparison.
60. A computer data transmission system for signals embodied in a network transmission, comprising a network transmission medium, data representation of an identification indicia associated with a product, including both a random portion and a non-random portion, and a signal representation of authenticity of the identification indicia.
61. The system of claim 60, wherein the data representation of an identification indicia is encrypted.
PCT/US2000/024415 1999-09-07 2000-09-06 System and method for verifying authenticity of products using networks WO2001018677A2 (en)

Priority Applications (3)

Application Number Priority Date Filing Date Title
EP00968335A EP1222595A2 (en) 1999-09-07 2000-09-06 System and method for verifying authenticity of products using networks
CA002382874A CA2382874A1 (en) 1999-09-07 2000-09-06 System and method for verifying authenticity of products using networks
AU78270/00A AU7827000A (en) 1999-09-07 2000-09-06 System and method for verifying authenticity of products using networks

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
US39111499A 1999-09-07 1999-09-07
US09/391,114 1999-09-07

Publications (2)

Publication Number Publication Date
WO2001018677A2 true WO2001018677A2 (en) 2001-03-15
WO2001018677A8 WO2001018677A8 (en) 2001-11-22

Family

ID=23545304

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/US2000/024415 WO2001018677A2 (en) 1999-09-07 2000-09-06 System and method for verifying authenticity of products using networks

Country Status (4)

Country Link
EP (1) EP1222595A2 (en)
AU (1) AU7827000A (en)
CA (1) CA2382874A1 (en)
WO (1) WO2001018677A2 (en)

Cited By (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2006100581A2 (en) * 2005-03-24 2006-09-28 Arti Grafiche Julia S.P.A. System and method for the analysis of security strings to be associated to goods such as products or services
US9123067B2 (en) 2012-11-19 2015-09-01 Lollipuff Llc Method and system for verifying the authenticity of goods over an internet
EP3238948A1 (en) * 2016-04-28 2017-11-01 Valsigna GmbH Authentication system and associated object marking method
US20220318809A1 (en) * 2014-09-29 2022-10-06 Mastercard International Incorporated Product authentication over a payment network

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
No Search *

Cited By (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2006100581A2 (en) * 2005-03-24 2006-09-28 Arti Grafiche Julia S.P.A. System and method for the analysis of security strings to be associated to goods such as products or services
WO2006100581A3 (en) * 2005-03-24 2006-12-28 Arti Grafiche Julia S P A System and method for the analysis of security strings to be associated to goods such as products or services
US9123067B2 (en) 2012-11-19 2015-09-01 Lollipuff Llc Method and system for verifying the authenticity of goods over an internet
US20220318809A1 (en) * 2014-09-29 2022-10-06 Mastercard International Incorporated Product authentication over a payment network
EP3238948A1 (en) * 2016-04-28 2017-11-01 Valsigna GmbH Authentication system and associated object marking method

Also Published As

Publication number Publication date
CA2382874A1 (en) 2001-03-15
EP1222595A2 (en) 2002-07-17
WO2001018677A8 (en) 2001-11-22
AU7827000A (en) 2001-04-10

Similar Documents

Publication Publication Date Title
US7003500B1 (en) Retail point of sale (RPOS) apparatus for internet merchandising
JP5591431B2 (en) Security transaction protocol
US7536360B2 (en) Electronic purchase of goods over a communications network including physical delivery while securing private and personal information of the purchasing party
US20060178994A1 (en) Method and system for private shipping to anonymous users of a computer network
US8818874B2 (en) System and method to authenticate products
US20050027618A1 (en) Third party privacy system
US20020073049A1 (en) Method and system in electronic commerce for inspection-service-based release of escrowed payments
US20010047340A1 (en) Authenticity verification method and apparatus
US20140032378A1 (en) Product authentication process and system for preventing counterfeiting and piracy in market distribution channels
JP2003501712A (en) Digital ticket delivery and inspection system and method
JP2004511028A (en) Method and system for securely collecting, storing and transmitting information
WO2000019348A1 (en) Method of and system for distributing and redeeming electronic coupons
US8474052B2 (en) User-administered license state verification
CA2335689A1 (en) Third party privacy system
CN112288442A (en) Associated customized image code anti-counterfeiting tracing system and application component
US20040078331A1 (en) Payment system using electronic stamps
US20080005557A1 (en) Method of authentication and ownership verification of collectibles
EP1164529A1 (en) System and method for issuing electronic coupons
WO2001018677A2 (en) System and method for verifying authenticity of products using networks
US20020077916A1 (en) Business to business internet web site
Hauswirth et al. A phase model for e-commerce business models and its application to security assessment
JP2002215935A (en) Electronic commerce system
Rajaraman Building blocks of e-commerce
CN115147121A (en) Block chain payment method and device based on image recognition, electronic equipment and storage medium
JP2002063399A (en) Mail order method using communication network

Legal Events

Date Code Title Description
AK Designated states

Kind code of ref document: A2

Designated state(s): AE AG AL AM AT AU AZ BA BB BG BR BY BZ CA CH CN CR CU CZ DE DK DM DZ EE ES FI GB GD GE GH GM HR HU ID IL IN IS JP KE KG KP KR KZ LC LK LR LS LT LU LV MA MD MG MK MN MW MX MZ NO NZ PL PT RO RU SD SE SG SI SK SL TJ TM TR TT TZ UA UG US UZ VN YU ZA ZW

AL Designated countries for regional patents

Kind code of ref document: A2

Designated state(s): GH GM KE LS MW MZ SD SL SZ TZ UG ZW AM AZ BY KG KZ MD RU TJ TM AT BE CH CY DE DK ES FI FR GB GR IE IT LU MC NL PT SE BF BJ CF CG CI CM GA GN GW ML MR NE SN TD TG

121 Ep: the epo has been informed by wipo that ep was designated in this application
DFPE Request for preliminary examination filed prior to expiration of 19th month from priority date (pct application filed before 20040101)
AK Designated states

Kind code of ref document: C1

Designated state(s): AE AG AL AM AT AU AZ BA BB BG BR BY BZ CA CH CN CR CU CZ DE DK DM DZ EE ES FI GB GD GE GH GM HR HU ID IL IN IS JP KE KG KP KR KZ LC LK LR LS LT LU LV MA MD MG MK MN MW MX MZ NO NZ PL PT RO RU SD SE SG SI SK SL TJ TM TR TT TZ UA UG US UZ VN YU ZA ZW

AL Designated countries for regional patents

Kind code of ref document: C1

Designated state(s): GH GM KE LS MW MZ SD SL SZ TZ UG ZW AM AZ BY KG KZ MD RU TJ TM AT BE CH CY DE DK ES FI FR GB GR IE IT LU MC NL PT SE BF BJ CF CG CI CM GA GN GW ML MR NE SN TD TG

D17 Declaration under article 17(2)a
WWE Wipo information: entry into national phase

Ref document number: 2382874

Country of ref document: CA

WWE Wipo information: entry into national phase

Ref document number: 2000968335

Country of ref document: EP

WWP Wipo information: published in national office

Ref document number: 2000968335

Country of ref document: EP

REG Reference to national code

Ref country code: DE

Ref legal event code: 8642

NENP Non-entry into the national phase in:

Ref country code: JP

WWW Wipo information: withdrawn in national office

Ref document number: 2000968335

Country of ref document: EP