CA2577245A1 - Method and device for franking postal deliveries - Google Patents
Method and device for franking postal deliveries Download PDFInfo
- Publication number
- CA2577245A1 CA2577245A1 CA002577245A CA2577245A CA2577245A1 CA 2577245 A1 CA2577245 A1 CA 2577245A1 CA 002577245 A CA002577245 A CA 002577245A CA 2577245 A CA2577245 A CA 2577245A CA 2577245 A1 CA2577245 A1 CA 2577245A1
- Authority
- CA
- Canada
- Prior art keywords
- unit
- franking
- authorization
- transaction
- cndot
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Abandoned
Links
- 238000000034 method Methods 0.000 title claims abstract description 64
- 238000012384 transportation and delivery Methods 0.000 title abstract description 3
- 238000013475 authorization Methods 0.000 claims abstract description 82
- 241000180579 Arca Species 0.000 claims 1
- 230000005540 biological transmission Effects 0.000 description 4
- 238000010586 diagram Methods 0.000 description 3
- 230000003993 interaction Effects 0.000 description 3
- 238000000926 separation method Methods 0.000 description 3
- 238000012795 verification Methods 0.000 description 2
- RWSOTUBLDIXVET-UHFFFAOYSA-N Dihydrogen sulfide Chemical compound S RWSOTUBLDIXVET-UHFFFAOYSA-N 0.000 description 1
- 206010022528 Interactions Diseases 0.000 description 1
- 230000006378 damage Effects 0.000 description 1
- 238000012217 deletion Methods 0.000 description 1
- 230000037430 deletion Effects 0.000 description 1
- 230000001419 dependent effect Effects 0.000 description 1
- 238000005516 engineering process Methods 0.000 description 1
- 208000016339 iris pattern Diseases 0.000 description 1
- 238000012545 processing Methods 0.000 description 1
Classifications
-
- G—PHYSICS
- G07—CHECKING-DEVICES
- G07B—TICKET-ISSUING APPARATUS; FARE-REGISTERING APPARATUS; FRANKING APPARATUS
- G07B17/00—Franking apparatus
- G07B17/00016—Relations between apparatus, e.g. franking machine at customer or apparatus at post office, in a franking system
- G07B17/00024—Physical or organizational aspects of franking systems
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/30—Payment architectures, schemes or protocols characterised by the use of specific devices or networks
- G06Q20/36—Payment architectures, schemes or protocols characterised by the use of specific devices or networks using electronic wallets or electronic money safes
- G06Q20/367—Payment architectures, schemes or protocols characterised by the use of specific devices or networks using electronic wallets or electronic money safes involving electronic purses or money safes
- G06Q20/3674—Payment architectures, schemes or protocols characterised by the use of specific devices or networks using electronic wallets or electronic money safes involving electronic purses or money safes involving authentication
-
- G—PHYSICS
- G07—CHECKING-DEVICES
- G07B—TICKET-ISSUING APPARATUS; FARE-REGISTERING APPARATUS; FRANKING APPARATUS
- G07B17/00—Franking apparatus
- G07B17/00016—Relations between apparatus, e.g. franking machine at customer or apparatus at post office, in a franking system
- G07B17/00024—Physical or organizational aspects of franking systems
- G07B2017/00048—Software architecture
- G07B2017/00056—Client-server
-
- G—PHYSICS
- G07—CHECKING-DEVICES
- G07B—TICKET-ISSUING APPARATUS; FARE-REGISTERING APPARATUS; FRANKING APPARATUS
- G07B17/00—Franking apparatus
- G07B17/00016—Relations between apparatus, e.g. franking machine at customer or apparatus at post office, in a franking system
- G07B17/00024—Physical or organizational aspects of franking systems
- G07B2017/00048—Software architecture
- G07B2017/00056—Client-server
- G07B2017/00064—Virtual meter, online stamp; PSD functions or indicia creation not at user's location
-
- G—PHYSICS
- G07—CHECKING-DEVICES
- G07B—TICKET-ISSUING APPARATUS; FARE-REGISTERING APPARATUS; FRANKING APPARATUS
- G07B17/00—Franking apparatus
- G07B17/00016—Relations between apparatus, e.g. franking machine at customer or apparatus at post office, in a franking system
- G07B17/0008—Communication details outside or between apparatus
- G07B2017/00153—Communication details outside or between apparatus for sending information
- G07B2017/00169—Communication details outside or between apparatus for sending information from a franking apparatus, e.g. for verifying accounting
-
- G—PHYSICS
- G07—CHECKING-DEVICES
- G07B—TICKET-ISSUING APPARATUS; FARE-REGISTERING APPARATUS; FRANKING APPARATUS
- G07B17/00—Franking apparatus
- G07B17/00185—Details internally of apparatus in a franking system, e.g. franking machine at customer or apparatus at post office
- G07B17/00435—Details specific to central, non-customer apparatus, e.g. servers at post office or vendor
- G07B2017/00443—Verification of mailpieces, e.g. by checking databases
Abstract
The invention relates to a method for franking postal deliveries, according to which an operating unit (BE) is operated separately from a franking unit (FE).
Said method is characterised in that the operating unit transmits a transaction request (B1) to an authorisation unit (BR), the latter (BR) determines an authorisation for a user of the operating unit (BE) by means of an authorisation profile and the transmitted transaction request is authenticated by the authorisation unit (BR) according to the determined authorisation. The authorisation unit (BR) converts the authenticated transaction request (B1) into a transaction job, which is transmitted (B3) to a franking unit (FE). The transaction job is processed (B4) in the franking unit (FE) and finally the result of the execution of the transaction job is dispatched (B5) by the franking unit. The invention also relates to a device that is particularly suitable for carrying out said method.
Said method is characterised in that the operating unit transmits a transaction request (B1) to an authorisation unit (BR), the latter (BR) determines an authorisation for a user of the operating unit (BE) by means of an authorisation profile and the transmitted transaction request is authenticated by the authorisation unit (BR) according to the determined authorisation. The authorisation unit (BR) converts the authenticated transaction request (B1) into a transaction job, which is transmitted (B3) to a franking unit (FE). The transaction job is processed (B4) in the franking unit (FE) and finally the result of the execution of the transaction job is dispatched (B5) by the franking unit. The invention also relates to a device that is particularly suitable for carrying out said method.
Description
Method and device for franking postal deliveries Description:
The invention relates to a method for franking mailpieces, especially letters, par-cels and packages, whereby an operating unit is operated separately from a frank-ing unit.
The invention also relates to a device for franking mailpieces comprising an operating unit and a franking unit.
A method of the generic type and a device of the generic type are known from German patent DE 100 20 566 C2. In this known method, a cryptographic module integrated into a customer system generates an encrypted random number and an identification number. A loading center decrypts the random number and the identification number. On this basis, the customer or the customcr system used by the customer is identified. Subsequcntly, the loading center enerypts the random number as well as a default identification number and transmits it to the customer system. Then the customer system gcnerates postage indicia containing the encrypted random number and the likewisc cncrypted default identiFication num-ber.
An example of such a franking system is the STAMPIT system of the Deutsche Post AG. STAMPIT consists of software named "STAMPIT Client" that is installed on the PC of every STAMPIT customer and of a central system operated in a cornputer center of the Deutsche Post named "STAMPIT Ser-ver". The STAMPIT Client serves as the operating unit and the STAMPIT Server as the franking unit. Both units are connected to each other via the Internet.
When a customer would like to produce a postage indicium, a request is sent via the net-work connection from the STAMPIT Client to the STA.MPiT Server. The latter generates the postage indicium as an electronic byte string in a highly secure cryptographic module. After the byte string has been transmitted back from the STAMPIT Server to the STAMPIT Client, the cryptographically secure byte string is converted there into a machine-readable barcode and this barcode is printed out together with other data to produce a valid PC postage indicium.
This known method makes it possible for users of personal computers to load postage amounts via the lnternet and to gencrate postage indicia using the loaded postage amounts.
Another method of the generic type is disclosed in intcrnational patent application WO 01145051 Al relating specifically to a system for generating digital postage indicia wherein a clicnt computer is connected to a postage server via the Internet.
The postage server comprises cryptographic modules in which cryptographic components of digital postage indicia are generated, and said postage server is, in turn, connected to a system of the United States Postal Service. The client computers are equipped with software for executing postage procedures and users are licensed by the USPS and registered in the postage server. Requests to print out digital postage indicia are sent from the client computers to the postage server where, in particular, it is checked whether the client computer or the user is authorized to print out postagc indicia. For this purpose, the client computer sends a password entered by the user to the postage server.
lnternational patent application WO 99/48053 discloses a system whcrein a user system is connected to a PSD (postal security device). This device, in turn, is connected to a producer system via which a postage credit can be loaded, whereby the producer system is connected to a system of a postal authority. In order to 10118-PT-wO PCT/EP2005/008067 license a user, a request for licensing is sent to a PSD which then transmits a signed request message to a producer system, This system verifies the signature and requests a license from the postal authority that is then sent to the PSD
and registered there.
Moreover, German Preliminary Published Application DE 40 34 292 A 1 describes a method for franking mailpicces in which postage indicia can be generated by a franking unit in a remote copier, whereby the franking unit is connected to a data processing center in order to request franking data and to transact postage charges, said franking unit exchanging encrypted messages wiLh said data processing cen-ter.
The invention is based on the object of creating a franking method with which franking-relevant processes can be carried out by multiple users of a computer network.
According to the invention, the object is also achieved by a method comprising the features of Claim I and by a device comprising the features of Claim 7.
Advantageous refinements of the invention are the subject matter of the dependent cllims.
In particular, it is provided, that the operating unit transmits a transaction request to an authorization unit, in that the authorization unit ascertains an authorization of an user of the operating unit on the basis of an authorization profile, and in that the transmitted transaction request is authcnticated by the authorization unit according to the ascertained authorization, and in that the authorization unit converts the authenticated transaction request into a transaction job, in that the transaction job is transmitted to a franking unit, in that the transaction job is processed in the franking unit and in that subsequently, the result of the execution of the transaction job is sent out by the franking unit.
The invention provides a method and a device for frdnking mailpieces with which franking procedures or other franking-relevant processes are carried out in such a way that they allow the administration of multiple users with different rights.
The invention can be used tor any kinds of transaction requests. The term ' trans-action request" is to be understood in its broadest sense. In particular, the transac-tion request can be a request to load a charge amount, a request to generate one or more postage indicia or a request for other mailing-relevant information, for ex-ample, a request for addresses from an address database.
In particular, the invention proposes for a franking procedure or a franking-rele-vant transaction to be requested via an operating unit, for this Franking request or transaction requcst to be authendcated in a separate authorization unit, for the actual franking or franking-relevant transaction to be controlled by the authoriza-tion unit, and for the result of the franking procedure or of the transaction to be transmitted back.
The invention has the additional advantage that, in the case of franking procedures and other franking-relevant processes, other authentication methods such as, for cxample, biometric methods, can be used.
Moreover, it is advantageous for the result of the transaction job to be transmitted to the authorization unit and for the authorization unit to transmit a message con-taining the result of the execution of the transaction job to the operating unit and/or to a printing unit.
The operating unit and the printing unit can be either separate dcvices or else a combined unit.
WO 2006/018097 pCT/EP2005/006067 An example of separate devices are a personal computer and a printer that is con-nected to the personal computer, for instance, either directly or via a computer network.
A configuration of the operating unit and of the printing unit as a combined unit can consist, for example, of a franking machine configured according to the invention.
Another likewise advantageous embodiment of the invention is characterized in that the franking unit sends the result of the execution of the transaction job to the authorization unit and in that the authorization unit transmits a messagc containing the result of the execution of the transaction job to the operating unit and/or to the printing unit.
The invention proposes an especially advantageous configuration in which the franking system is modular. In addition to the advantage of recognition of the system and components as wefl as the ability to develop and implement them independently of cach other, there is the special advantage of a great flexibility in the use of the franking system by multiple users.
An espccially preferred embodiment of the invention is characterized in that the transaction request is transmitted from the operating unit to the authorization unit, in that the transaction request is authenticated in the authorization unit and in that the authorization unit subsequently transmits an authenticated transaction job to the franking unit.
A special advantage vf the inventive separation of the components in franking systems lies in the fact that a so-called cryptographic moduic can be used in which processes are executed that render the generated postage indicia more forgery-proof. This cryptographic module preferably consists of separate hardware and software. The task of this hardware and software is to store secret or otherwise important data so that it is secure against access and manipulation as well as to cxecute cryptographic operations such as encryption or signatures in a secure environment. Cryptographic modules of the type specified, for example, in the public standard FIPS 140-2 of the American National Institute of Standards and Technology NIST (see www.nist.gov), are characterized in that any manipulation to the module is detected, results in an interruption of the operations and the deletion of the contents and optionally also causes the destruction of the module.
The only reason why electronic franking systems can generate forgery-proof postage indicia is that it is not possible for a user employing a modern franking system with fraudulent intentions to influence or replicate the franking processes that take place in the cryptographic module.
In order to be able to use the functions of the cryptographic module especially effectively, it is advantageous for the interfaccs for user interaction that are needed for the operation of the franking system to be accommodated in a separate unit. In this manner, in modern franking systcros with which forgery-proof post-age indicia can be generated, the operating unit and the franking unit consisting of the cryptographic module are separate from each other.
Another advantage of the separation of the operating unit and the franking unit is that they can be spatially scparated from each other. The connection between the operating unit (customer PC) and the franking unit (among other things, the cryp-tographic module) is established via a data network.
The practical advantage of this physical separation of the operating unit and the franking unit lies in the fact that the forgery-proof postage indicia can be gener-ated on a PC without the use of a cryptographic module that is operated locally on the PC. Instead, the module is inexpensively operated centrally and used by all franking customers on an as-needed basis.
Another advantage of the invention is that it allows the use of various methods for user authentication. In order to ensure that postage indicia with a monetary value are only generated by authorized users, as a rule, franking systems are equipped with access safeguards. In the simplest case, such a safeguard is a secret eode that has to be entered when the system is activated. The method of the secret code is used, among other things, in order to safeguard electronic postage meters.
Moreover, it is advantageous to use a pairing between user identification and user authentication. This is carried out, for example, by entering a user name (which serves as the identification) and a password (which serves as the authentication).
Iiere, the security is based on the fact that only the authorized user knows the password.
In addition to knowledge-based security, other authentication methods are also suitable that either call for additional posscssion of an object or that involve bio-metric features of the user, An authentication through possession of an object is used, for example, in security systems based on rnicroprocessor chip cards, so-called SmarLCards. Along the lines of a cryptographic module, data is stored on a chip card or operations are carried out that cannot be read out or manipulated. Since such cards cannot be forged or replicated, they lcnd themselves especially well for secure identification.
In addition to such an identification of the chip card, passwords or PINs (personal identification numbers) are routinely used for the authentication of the legitimate owner.
Additional advantageous methods for authentication are based on reading out biometric features of the legitimate user. The objective is to scan unchangeable and unique biometric features - such as the fingerprint or iris pattern - to recognize whether that person is an authorized user. Since the components "knowledge" and "possession" can be dispensed with, biometric methods are WO 2006J018o97 eeT/EP2eo5/aoaab7 viewcd as an especially simple, secure and thus future-oriented authentication mcthod.
According to the invention, other information can also be used for identification and authentication purposes.
For example, it is advantageous for an account number of a postage account from which postage values can be loaded to be used as an identification feature.
The authentication of access to the postage account is carried out, for instancc, by entering a password.
The information for identification and authentication is used in the authorization unit in order to select the appropriate postage account in the secure cryptographic module on the basis of the account number and to activate the account with the password. Whereas the account number, as an identification feature, has to be visible on the "outside" of the cryptographic module, the password is verified inside the cryptographic module. The verification is carried out inside the module because the entered password (or an image of the password) is compared to a stored password (or to its corresponding image). In order to prevent third parties from reading out the stored password (or its image), it is stored inside the crypto-graphic module of the franking unit.
Advantageously, the authorization unit and/or the user is authenticated in the cryptographic module of the franking unit.
Additional advantages, special features and practical refinements of the invention ensue from the subordinate claims and from the presentation below of preferred embodiments making reference to the figures.
The figures show the following:
Fig. I a schematic diagram of a franking procedure with user authentication according to the state of the art and 5 Fig. 2 a schematic diagram of a franking system according to the invention.
Figure 1 illustrates the interaction between the operating unit (BE) of the user PC
and the franking unit (FE), which is based on the cryptogmphic module.
10 In Step A1, an operating unit (BE), which is connected to a printing unit (DE) in the example shown, sends a franking request to the franking unit (FE). In Step A2, after the postage account has been identified, the user is authenticated inside the cryptographic module. Then the franking request is processed in the cryptographic module, As the result, in Step A3, a cryptographically secure byte string is trans-mitted back to the operating and printing unit (BE/DE) so as to be printed out there as a postage indicium in the form of a machine-readable cade.
During the user authentication inside cryptographic modules, one special aspect has to be observed. Since the developmcnt work involved in creating crypto-graphic modules is extremely demanding due to high requirements in terms of the programming discipline and of a complete documentation, cryptographic modules are constructed to be as simple as possible. After all, in view of possible inter-actions with other program components, every additional functionality would cause the complexity to rise exponentially. Consequently, as a rule, the user authentication inside cryptographic modules is structured simply.
"Chus, for instance, the administration of multiple users with different rights and the use of new authentication methods comprising, for cxample, biometric meth-ods, are not possible with this prior-art franking system.
The problem with all prior-art methods of user authentication in franking systems consists of the fact that the possibilities of user authentication are limited when cryptographic modules are employed in franking systems.
In contrast, the franking system shown in Figure 2 makes it possible for franking procedures and franking-relevant proccsses to be carried out in such a way that the administration of multiple users with different rights as well as the use of new authentication methods comprising, for instance, biometric methods, are possible.
Advantageously, this takes place in the franking system according to the invention in that a franking procedure or another franking-rclevant transaction is requested via an operating unit (BE), this franking request or transaction request is authenti-cated in a separate authorization unit (BR), the actual franking or franking-rele-vant transaction is controlled by the authorization unit (BR), and the result of the franking procedure or of the transaction is transmitted back.
Advantageously, the method is carried out in such a way that the opcrating unit (BE) is connected to the authorization unit (BR) via a network or data connection.
In this context, it is advantageous for the authorization unit (f3R) to be configured in such a way that the authorizations of one or more users at one or more operat-ing units (BE) are stored in said authorization unit (BR).
it is also advantageous for the authorization unit (BR) to be configured in such a way that the authentication of users at operating units (BE) can be carried out by means of one or more authentication methods.
It is advantageous for the authentication method used in the operating unit (BE) to comprise authentication by means of a user name and a password.
WO 2006J018o97 PCT/EQ2OOS/00sa67 Moreover, it is advantageous for the authentication method used in the operating unit (BE) to comprise such methods that call for the possession of identification means.
Furthermore, it is advantageous for the a.uthcntication method uscd in the operat-ing unit (BE) to comprise biometric methods.
Advantageously, the method is carried out in such a way that, after the authenti-cation has been completed, the operating unit (BE) uses the stored authorization rules to check the franking request coming from the user or the request for the franking-relevant transaction.
Moreover, it is advantageous for the franicing request coming from the user or the request of the franking-relevant transaction to be converted in such a way that the ] 5 franking system is actuated.
Here, it is advantageous for the authorization unit (BR) to be connected to the franking system via a network or data connection.
It is advantageous for the franking system to carry out an authentication of the authorization unit (BR).
Moreover, it is advantageous for the franking system to generate the postage indicium or to execute the franking-relevant process and to transmit the result back directly or indirectly in such a way that a postage indicium can be printed out or the transaction information can be transmitted back.
Furthennore, it is advantageous for the stipulation of the authentication rules on the authorization unit (BR) to be carried out by special administrators, WO 20061018M PCT/EP2003/0(1>;ob7 The invention comprises a digital franking system which is characterized in that postage procedures, postage loading and other franking-relevant transactions can be executed by users with different levels of authorization. The system is to be marketed under the name STAMPIT professional.
In particular, the invention allows a comprehensive user administration with which different au#hori7ations can be issued for different users. Frspecially the access to postage accounts can be carried out for various users independently of each other. Advantageously, the user administration takes place in the authoriza-tion unit (BR).
For this purpose, it is especially advantageous that one authorization profile is stored in the authorization unit (BR) for each authorized user of the operating unit (BE).
lJser rights are primarily based on the fact that defined users arc granted the right to execute franking. The right to generate postage indicia is related to speciiic postage accounts and the maximum amount can be limited. The setting of a maximum franking limit can be additionally related to specific periods of time. In particular, this means that different amounts of the franking volume permissible within a certain period of time can be defined individually for different users.
The result is that, by introducing a user administration according to the invention, it is possible to appoint persons in large companies who can execute franking and postage loading procedures of a certain scope. In this manner, for example, interns working temporarily at the company can be given different firanking authoriza-tions than the authorized officer of the company and his secretarial personnel. By the same token, the authorization to acquire new postage values that can be used for franking can be limited to just a few people. Limitations are likcwise possible pertaining to loading volumes and periods of time.
WO 20obr01S07 PCT/EP200:t1oo8067 The specification of the persons and their authorizations is laid down by one or more administrators in the uscr administration or in the authorization unit.
Using the system described above and depicted in a schematic diagram in pigure 2, franking procedures can be carried out in different ways.
The process steps described below are especially practical for a particularly advantageous configuration of the franking system.
In Step 81, a transaction requcst, especially a franking request, is sent from an operating unit (BE) - which is connectcd to a printing unit (DE) in the example shown - to the authorization unit (BR). In an especially preferred embodiment of the invention, the transaction request or the franking request is a job to carry out one or more franking procedures. However, it is likewise advantagcous for the transaction request B i to servc to load postage amounts from a value transfer center.
In Step B2, an authentication of the user is carried out by means of one or more of the authentication methods shown.
On the basis of the authorizations (BR) of this user as stored in thc authorization unit (BR) or in a storage unit associat,ed with it, in Step 83, a franking request is sent to the franking unit (FE) if it has previously been ascertained that the franking request conforms with the authorization profile of the user.
In the franking unit (FE), a verification procedure is carried out to check whether the authorization unit (BR) is authorizcd to authorize users and/or transaction requests transmitted by the users.
In an especially preferred embodiment of the invention, the authorization unit (BR) checks not only the authorization of the user but aiso his authori=r.ation to manage a postage account associated with him.
5 Aftcr the postage account of the user has been identified in Step B4, the authenti-cation of the authorization unit (BR) is carried out inside the cryptographic mod-ule.
After the authentication of the authorization unit (BR), the transaction job is pref-10 erably likewise processed in the franking unit (FE).
The result of the execution of the transaction job is preferably transmitted back as a cryptographically secure byte string in Steps B5 and B6 indirectly (via the authorization unit (BR)) or directly to the operating and printing unit (BE/DE) in 15 order to be printed there as a postage indicium in the form of a machine-readable code.
The invention thus provides a method for franking mailpieces as well as a frank-ing system by means of which transaction requests from various users can be han-dled flexibly and by means of which a high level of protection against fraud is additionally achieved.
WO 20061018097 PC:T/EP2005/008067 List of reference numerals Al sending a franking request to the franking unit (FE) A2 authentication of the user A3 transmission of a cryptographically secure byte string to the operating and printing unit (BEIDE) B1 transmission of a franking request from the operating unit (BE) to the authorization unit (BR) B2 authentication of the user B3 sending a franking request to the franking unit (FE) B4 authentication of the authorization unit (BR) by the franking unit (FE) B5 transmission of thc result of the execution of a transaction job to the authorization unit (BR) B6 transmission of a message containing the result of the execution of the trans-action job to the operating unit (BE) andlor to the printing unit (DE) and/or another one of the depicted preferred authentication methods BE operating unit BR authorization unit DE printing unit FE franking unit
The invention relates to a method for franking mailpieces, especially letters, par-cels and packages, whereby an operating unit is operated separately from a frank-ing unit.
The invention also relates to a device for franking mailpieces comprising an operating unit and a franking unit.
A method of the generic type and a device of the generic type are known from German patent DE 100 20 566 C2. In this known method, a cryptographic module integrated into a customer system generates an encrypted random number and an identification number. A loading center decrypts the random number and the identification number. On this basis, the customer or the customcr system used by the customer is identified. Subsequcntly, the loading center enerypts the random number as well as a default identification number and transmits it to the customer system. Then the customer system gcnerates postage indicia containing the encrypted random number and the likewisc cncrypted default identiFication num-ber.
An example of such a franking system is the STAMPIT system of the Deutsche Post AG. STAMPIT consists of software named "STAMPIT Client" that is installed on the PC of every STAMPIT customer and of a central system operated in a cornputer center of the Deutsche Post named "STAMPIT Ser-ver". The STAMPIT Client serves as the operating unit and the STAMPIT Server as the franking unit. Both units are connected to each other via the Internet.
When a customer would like to produce a postage indicium, a request is sent via the net-work connection from the STAMPIT Client to the STA.MPiT Server. The latter generates the postage indicium as an electronic byte string in a highly secure cryptographic module. After the byte string has been transmitted back from the STAMPIT Server to the STAMPIT Client, the cryptographically secure byte string is converted there into a machine-readable barcode and this barcode is printed out together with other data to produce a valid PC postage indicium.
This known method makes it possible for users of personal computers to load postage amounts via the lnternet and to gencrate postage indicia using the loaded postage amounts.
Another method of the generic type is disclosed in intcrnational patent application WO 01145051 Al relating specifically to a system for generating digital postage indicia wherein a clicnt computer is connected to a postage server via the Internet.
The postage server comprises cryptographic modules in which cryptographic components of digital postage indicia are generated, and said postage server is, in turn, connected to a system of the United States Postal Service. The client computers are equipped with software for executing postage procedures and users are licensed by the USPS and registered in the postage server. Requests to print out digital postage indicia are sent from the client computers to the postage server where, in particular, it is checked whether the client computer or the user is authorized to print out postagc indicia. For this purpose, the client computer sends a password entered by the user to the postage server.
lnternational patent application WO 99/48053 discloses a system whcrein a user system is connected to a PSD (postal security device). This device, in turn, is connected to a producer system via which a postage credit can be loaded, whereby the producer system is connected to a system of a postal authority. In order to 10118-PT-wO PCT/EP2005/008067 license a user, a request for licensing is sent to a PSD which then transmits a signed request message to a producer system, This system verifies the signature and requests a license from the postal authority that is then sent to the PSD
and registered there.
Moreover, German Preliminary Published Application DE 40 34 292 A 1 describes a method for franking mailpicces in which postage indicia can be generated by a franking unit in a remote copier, whereby the franking unit is connected to a data processing center in order to request franking data and to transact postage charges, said franking unit exchanging encrypted messages wiLh said data processing cen-ter.
The invention is based on the object of creating a franking method with which franking-relevant processes can be carried out by multiple users of a computer network.
According to the invention, the object is also achieved by a method comprising the features of Claim I and by a device comprising the features of Claim 7.
Advantageous refinements of the invention are the subject matter of the dependent cllims.
In particular, it is provided, that the operating unit transmits a transaction request to an authorization unit, in that the authorization unit ascertains an authorization of an user of the operating unit on the basis of an authorization profile, and in that the transmitted transaction request is authcnticated by the authorization unit according to the ascertained authorization, and in that the authorization unit converts the authenticated transaction request into a transaction job, in that the transaction job is transmitted to a franking unit, in that the transaction job is processed in the franking unit and in that subsequently, the result of the execution of the transaction job is sent out by the franking unit.
The invention provides a method and a device for frdnking mailpieces with which franking procedures or other franking-relevant processes are carried out in such a way that they allow the administration of multiple users with different rights.
The invention can be used tor any kinds of transaction requests. The term ' trans-action request" is to be understood in its broadest sense. In particular, the transac-tion request can be a request to load a charge amount, a request to generate one or more postage indicia or a request for other mailing-relevant information, for ex-ample, a request for addresses from an address database.
In particular, the invention proposes for a franking procedure or a franking-rele-vant transaction to be requested via an operating unit, for this Franking request or transaction requcst to be authendcated in a separate authorization unit, for the actual franking or franking-relevant transaction to be controlled by the authoriza-tion unit, and for the result of the franking procedure or of the transaction to be transmitted back.
The invention has the additional advantage that, in the case of franking procedures and other franking-relevant processes, other authentication methods such as, for cxample, biometric methods, can be used.
Moreover, it is advantageous for the result of the transaction job to be transmitted to the authorization unit and for the authorization unit to transmit a message con-taining the result of the execution of the transaction job to the operating unit and/or to a printing unit.
The operating unit and the printing unit can be either separate dcvices or else a combined unit.
WO 2006/018097 pCT/EP2005/006067 An example of separate devices are a personal computer and a printer that is con-nected to the personal computer, for instance, either directly or via a computer network.
A configuration of the operating unit and of the printing unit as a combined unit can consist, for example, of a franking machine configured according to the invention.
Another likewise advantageous embodiment of the invention is characterized in that the franking unit sends the result of the execution of the transaction job to the authorization unit and in that the authorization unit transmits a messagc containing the result of the execution of the transaction job to the operating unit and/or to the printing unit.
The invention proposes an especially advantageous configuration in which the franking system is modular. In addition to the advantage of recognition of the system and components as wefl as the ability to develop and implement them independently of cach other, there is the special advantage of a great flexibility in the use of the franking system by multiple users.
An espccially preferred embodiment of the invention is characterized in that the transaction request is transmitted from the operating unit to the authorization unit, in that the transaction request is authenticated in the authorization unit and in that the authorization unit subsequently transmits an authenticated transaction job to the franking unit.
A special advantage vf the inventive separation of the components in franking systems lies in the fact that a so-called cryptographic moduic can be used in which processes are executed that render the generated postage indicia more forgery-proof. This cryptographic module preferably consists of separate hardware and software. The task of this hardware and software is to store secret or otherwise important data so that it is secure against access and manipulation as well as to cxecute cryptographic operations such as encryption or signatures in a secure environment. Cryptographic modules of the type specified, for example, in the public standard FIPS 140-2 of the American National Institute of Standards and Technology NIST (see www.nist.gov), are characterized in that any manipulation to the module is detected, results in an interruption of the operations and the deletion of the contents and optionally also causes the destruction of the module.
The only reason why electronic franking systems can generate forgery-proof postage indicia is that it is not possible for a user employing a modern franking system with fraudulent intentions to influence or replicate the franking processes that take place in the cryptographic module.
In order to be able to use the functions of the cryptographic module especially effectively, it is advantageous for the interfaccs for user interaction that are needed for the operation of the franking system to be accommodated in a separate unit. In this manner, in modern franking systcros with which forgery-proof post-age indicia can be generated, the operating unit and the franking unit consisting of the cryptographic module are separate from each other.
Another advantage of the separation of the operating unit and the franking unit is that they can be spatially scparated from each other. The connection between the operating unit (customer PC) and the franking unit (among other things, the cryp-tographic module) is established via a data network.
The practical advantage of this physical separation of the operating unit and the franking unit lies in the fact that the forgery-proof postage indicia can be gener-ated on a PC without the use of a cryptographic module that is operated locally on the PC. Instead, the module is inexpensively operated centrally and used by all franking customers on an as-needed basis.
Another advantage of the invention is that it allows the use of various methods for user authentication. In order to ensure that postage indicia with a monetary value are only generated by authorized users, as a rule, franking systems are equipped with access safeguards. In the simplest case, such a safeguard is a secret eode that has to be entered when the system is activated. The method of the secret code is used, among other things, in order to safeguard electronic postage meters.
Moreover, it is advantageous to use a pairing between user identification and user authentication. This is carried out, for example, by entering a user name (which serves as the identification) and a password (which serves as the authentication).
Iiere, the security is based on the fact that only the authorized user knows the password.
In addition to knowledge-based security, other authentication methods are also suitable that either call for additional posscssion of an object or that involve bio-metric features of the user, An authentication through possession of an object is used, for example, in security systems based on rnicroprocessor chip cards, so-called SmarLCards. Along the lines of a cryptographic module, data is stored on a chip card or operations are carried out that cannot be read out or manipulated. Since such cards cannot be forged or replicated, they lcnd themselves especially well for secure identification.
In addition to such an identification of the chip card, passwords or PINs (personal identification numbers) are routinely used for the authentication of the legitimate owner.
Additional advantageous methods for authentication are based on reading out biometric features of the legitimate user. The objective is to scan unchangeable and unique biometric features - such as the fingerprint or iris pattern - to recognize whether that person is an authorized user. Since the components "knowledge" and "possession" can be dispensed with, biometric methods are WO 2006J018o97 eeT/EP2eo5/aoaab7 viewcd as an especially simple, secure and thus future-oriented authentication mcthod.
According to the invention, other information can also be used for identification and authentication purposes.
For example, it is advantageous for an account number of a postage account from which postage values can be loaded to be used as an identification feature.
The authentication of access to the postage account is carried out, for instancc, by entering a password.
The information for identification and authentication is used in the authorization unit in order to select the appropriate postage account in the secure cryptographic module on the basis of the account number and to activate the account with the password. Whereas the account number, as an identification feature, has to be visible on the "outside" of the cryptographic module, the password is verified inside the cryptographic module. The verification is carried out inside the module because the entered password (or an image of the password) is compared to a stored password (or to its corresponding image). In order to prevent third parties from reading out the stored password (or its image), it is stored inside the crypto-graphic module of the franking unit.
Advantageously, the authorization unit and/or the user is authenticated in the cryptographic module of the franking unit.
Additional advantages, special features and practical refinements of the invention ensue from the subordinate claims and from the presentation below of preferred embodiments making reference to the figures.
The figures show the following:
Fig. I a schematic diagram of a franking procedure with user authentication according to the state of the art and 5 Fig. 2 a schematic diagram of a franking system according to the invention.
Figure 1 illustrates the interaction between the operating unit (BE) of the user PC
and the franking unit (FE), which is based on the cryptogmphic module.
10 In Step A1, an operating unit (BE), which is connected to a printing unit (DE) in the example shown, sends a franking request to the franking unit (FE). In Step A2, after the postage account has been identified, the user is authenticated inside the cryptographic module. Then the franking request is processed in the cryptographic module, As the result, in Step A3, a cryptographically secure byte string is trans-mitted back to the operating and printing unit (BE/DE) so as to be printed out there as a postage indicium in the form of a machine-readable cade.
During the user authentication inside cryptographic modules, one special aspect has to be observed. Since the developmcnt work involved in creating crypto-graphic modules is extremely demanding due to high requirements in terms of the programming discipline and of a complete documentation, cryptographic modules are constructed to be as simple as possible. After all, in view of possible inter-actions with other program components, every additional functionality would cause the complexity to rise exponentially. Consequently, as a rule, the user authentication inside cryptographic modules is structured simply.
"Chus, for instance, the administration of multiple users with different rights and the use of new authentication methods comprising, for cxample, biometric meth-ods, are not possible with this prior-art franking system.
The problem with all prior-art methods of user authentication in franking systems consists of the fact that the possibilities of user authentication are limited when cryptographic modules are employed in franking systems.
In contrast, the franking system shown in Figure 2 makes it possible for franking procedures and franking-relevant proccsses to be carried out in such a way that the administration of multiple users with different rights as well as the use of new authentication methods comprising, for instance, biometric methods, are possible.
Advantageously, this takes place in the franking system according to the invention in that a franking procedure or another franking-rclevant transaction is requested via an operating unit (BE), this franking request or transaction request is authenti-cated in a separate authorization unit (BR), the actual franking or franking-rele-vant transaction is controlled by the authorization unit (BR), and the result of the franking procedure or of the transaction is transmitted back.
Advantageously, the method is carried out in such a way that the opcrating unit (BE) is connected to the authorization unit (BR) via a network or data connection.
In this context, it is advantageous for the authorization unit (f3R) to be configured in such a way that the authorizations of one or more users at one or more operat-ing units (BE) are stored in said authorization unit (BR).
it is also advantageous for the authorization unit (BR) to be configured in such a way that the authentication of users at operating units (BE) can be carried out by means of one or more authentication methods.
It is advantageous for the authentication method used in the operating unit (BE) to comprise authentication by means of a user name and a password.
WO 2006J018o97 PCT/EQ2OOS/00sa67 Moreover, it is advantageous for the authentication method used in the operating unit (BE) to comprise such methods that call for the possession of identification means.
Furthermore, it is advantageous for the a.uthcntication method uscd in the operat-ing unit (BE) to comprise biometric methods.
Advantageously, the method is carried out in such a way that, after the authenti-cation has been completed, the operating unit (BE) uses the stored authorization rules to check the franking request coming from the user or the request for the franking-relevant transaction.
Moreover, it is advantageous for the franicing request coming from the user or the request of the franking-relevant transaction to be converted in such a way that the ] 5 franking system is actuated.
Here, it is advantageous for the authorization unit (BR) to be connected to the franking system via a network or data connection.
It is advantageous for the franking system to carry out an authentication of the authorization unit (BR).
Moreover, it is advantageous for the franking system to generate the postage indicium or to execute the franking-relevant process and to transmit the result back directly or indirectly in such a way that a postage indicium can be printed out or the transaction information can be transmitted back.
Furthennore, it is advantageous for the stipulation of the authentication rules on the authorization unit (BR) to be carried out by special administrators, WO 20061018M PCT/EP2003/0(1>;ob7 The invention comprises a digital franking system which is characterized in that postage procedures, postage loading and other franking-relevant transactions can be executed by users with different levels of authorization. The system is to be marketed under the name STAMPIT professional.
In particular, the invention allows a comprehensive user administration with which different au#hori7ations can be issued for different users. Frspecially the access to postage accounts can be carried out for various users independently of each other. Advantageously, the user administration takes place in the authoriza-tion unit (BR).
For this purpose, it is especially advantageous that one authorization profile is stored in the authorization unit (BR) for each authorized user of the operating unit (BE).
lJser rights are primarily based on the fact that defined users arc granted the right to execute franking. The right to generate postage indicia is related to speciiic postage accounts and the maximum amount can be limited. The setting of a maximum franking limit can be additionally related to specific periods of time. In particular, this means that different amounts of the franking volume permissible within a certain period of time can be defined individually for different users.
The result is that, by introducing a user administration according to the invention, it is possible to appoint persons in large companies who can execute franking and postage loading procedures of a certain scope. In this manner, for example, interns working temporarily at the company can be given different firanking authoriza-tions than the authorized officer of the company and his secretarial personnel. By the same token, the authorization to acquire new postage values that can be used for franking can be limited to just a few people. Limitations are likcwise possible pertaining to loading volumes and periods of time.
WO 20obr01S07 PCT/EP200:t1oo8067 The specification of the persons and their authorizations is laid down by one or more administrators in the uscr administration or in the authorization unit.
Using the system described above and depicted in a schematic diagram in pigure 2, franking procedures can be carried out in different ways.
The process steps described below are especially practical for a particularly advantageous configuration of the franking system.
In Step 81, a transaction requcst, especially a franking request, is sent from an operating unit (BE) - which is connectcd to a printing unit (DE) in the example shown - to the authorization unit (BR). In an especially preferred embodiment of the invention, the transaction request or the franking request is a job to carry out one or more franking procedures. However, it is likewise advantagcous for the transaction request B i to servc to load postage amounts from a value transfer center.
In Step B2, an authentication of the user is carried out by means of one or more of the authentication methods shown.
On the basis of the authorizations (BR) of this user as stored in thc authorization unit (BR) or in a storage unit associat,ed with it, in Step 83, a franking request is sent to the franking unit (FE) if it has previously been ascertained that the franking request conforms with the authorization profile of the user.
In the franking unit (FE), a verification procedure is carried out to check whether the authorization unit (BR) is authorizcd to authorize users and/or transaction requests transmitted by the users.
In an especially preferred embodiment of the invention, the authorization unit (BR) checks not only the authorization of the user but aiso his authori=r.ation to manage a postage account associated with him.
5 Aftcr the postage account of the user has been identified in Step B4, the authenti-cation of the authorization unit (BR) is carried out inside the cryptographic mod-ule.
After the authentication of the authorization unit (BR), the transaction job is pref-10 erably likewise processed in the franking unit (FE).
The result of the execution of the transaction job is preferably transmitted back as a cryptographically secure byte string in Steps B5 and B6 indirectly (via the authorization unit (BR)) or directly to the operating and printing unit (BE/DE) in 15 order to be printed there as a postage indicium in the form of a machine-readable code.
The invention thus provides a method for franking mailpieces as well as a frank-ing system by means of which transaction requests from various users can be han-dled flexibly and by means of which a high level of protection against fraud is additionally achieved.
WO 20061018097 PC:T/EP2005/008067 List of reference numerals Al sending a franking request to the franking unit (FE) A2 authentication of the user A3 transmission of a cryptographically secure byte string to the operating and printing unit (BEIDE) B1 transmission of a franking request from the operating unit (BE) to the authorization unit (BR) B2 authentication of the user B3 sending a franking request to the franking unit (FE) B4 authentication of the authorization unit (BR) by the franking unit (FE) B5 transmission of thc result of the execution of a transaction job to the authorization unit (BR) B6 transmission of a message containing the result of the execution of the trans-action job to the operating unit (BE) andlor to the printing unit (DE) and/or another one of the depicted preferred authentication methods BE operating unit BR authorization unit DE printing unit FE franking unit
Claims (8)
1. A method for franking mailpieces, wherein an operating unit is operated separately from a franking unit (FE), characterized in that .cndot. the operating unit (BE) transmits a transaction request (B1) to an authorization unit (BR), .cndot. in that the authorization unit (BR) ascertains an authorization of an user of the operating unit (BE) on the basis of an authorization profile, .cndot. in that the transmitted transaction request is authenticated by the authorization unit (BR) according to the ascertained authorization, .cndot. in that the authorization unit (BR) converts the authenticated transaction request (B1) into a transaction job, .cndot. in that the transaction job is transmitted (B3) to a franking unit (FE), .cndot. in that the authorization unit (BR) is authenticated (84) in the arca of the franking unit (FE) .cndot. in that the transaction job is processed (B4) in the franking unit (FE) .cndot. in that subsequently, the result of the execution of the transaction job is sent out (85) by the franking unit.
2. The method according to Claim 1, characterized in that the authorization profile of the user of the operating unit (BE) is stored in the authorization unit (BR).
3. The method according to one or both of Claims 1 and 2, characterized in that the transaction request is transmitted from the operating unit (BE) to the authorization unit (BR), in that the transaction request is authenticated (B2) in the authorization unit (BR) and in that the authorization unit (BR) subse-quently transmits (B3) an authenticated transaction job to the franking unit (FE).
4. The method according to one or more of the preceding claims, characterized in that the result of the transaction job is transmitted to the authorization unit (BR) and the authorization unit (BR) transmits a message containing the result of the execution of the transaction job to the operating unit (BE) and/or to a printing unit (DE).
5. The method according to one or more of the preceding claims, characterized in that the franking unit sends the result of the execution of the transaction job directly to the operating unit (BE) and/or to the printing unit (DE).
6. The method according to one or more of the preceding claims, characterized in that the franking unit (FE) sends the result of the execution of the transaction job to the authorization unit (BR) and in that the authorization unit (BR) trans-mits a message containing the result of the execution of the transaction job to the operating unit (BE) and/or to the printing unit (DE).
7. A device for franking mailpieces using an operating unit (BE) and a frank-ing unit (FE), wherein the operating unit (BE) and the franking unit (FE) are spatially separated from each other, characterized in that .cndot. the operating unit (BE) and the franking unit (FE) are connected to each other via a data line and .cndot. in that this connection is configured in such a way that an authorization unit (BR) is located in the connection line, .cndot. in that the operating unit (BE) comprises means for sending transaction requests (B1) to the authorization unit (BR), .cndot. in that the authorization unit (BR) comprises a means for checking the authorization of a user of the operating unit (BE), .cndot. in that the authorization unit (BR) comprises an interface for transmitting the authenticated authentication jobs to the franking unit (FE), .cndot. in that the franking unit (FE) carries out the authentication of the authorization unit (BR), .cndot. in that the franking unit (FE) comprises a means for executing transaction jobs, and .cndot. in that the franking unit (FE) comprises an interfacc for transmitting the transaction jobs.
8. The device according to Claim 7, characterized in that the franking unit (FE) is connected to the authorization unit (BR) in such a way that the result of the execution of the transaction job can be transmitted to the authorization unit (BR).
Applications Claiming Priority (3)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| DE102004039547A DE102004039547A1 (en) | 2004-08-13 | 2004-08-13 | Method and device for franking mailpieces |
| DE102004039547.0 | 2004-08-13 | ||
| PCT/EP2005/008067 WO2006018097A1 (en) | 2004-08-13 | 2005-07-25 | Method and device for franking postal deliveries |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CA2577245A1 true CA2577245A1 (en) | 2006-02-23 |
Family
ID=34978722
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CA002577245A Abandoned CA2577245A1 (en) | 2004-08-13 | 2005-07-25 | Method and device for franking postal deliveries |
Country Status (7)
| Country | Link |
|---|---|
| US (1) | US8073781B2 (en) |
| EP (1) | EP1779332A1 (en) |
| JP (1) | JP4691557B2 (en) |
| CA (1) | CA2577245A1 (en) |
| DE (1) | DE102004039547A1 (en) |
| NZ (1) | NZ553102A (en) |
| WO (1) | WO2006018097A1 (en) |
Families Citing this family (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20120232970A1 (en) * | 2010-11-30 | 2012-09-13 | Myistamp Inc. | Intelligent postage stamp printer |
| US9412131B2 (en) * | 2012-06-26 | 2016-08-09 | Francotyp-Postalia Gmbh | Method and arrangement for specifying services provided by a franking machine |
Family Cites Families (16)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| DE4034292A1 (en) * | 1990-10-25 | 1992-04-30 | Francotyp Postalia Gmbh | METHOD FOR MAILING POSTAGE AND ARRANGEMENT FOR CARRYING IT OUT |
| US5454038A (en) * | 1993-12-06 | 1995-09-26 | Pitney Bowes Inc. | Electronic data interchange postage evidencing system |
| US5742683A (en) * | 1995-12-19 | 1998-04-21 | Pitney Bowes Inc. | System and method for managing multiple users with different privileges in an open metering system |
| US6192473B1 (en) * | 1996-12-24 | 2001-02-20 | Pitney Bowes Inc. | System and method for mutual authentication and secure communications between a postage security device and a meter server |
| US5988897A (en) * | 1997-09-03 | 1999-11-23 | Pitney Bowes Inc. | Method for preventing fraudulent printing of a postage indicium displayed on a personal computer |
| CA2256115C (en) * | 1997-12-18 | 2004-03-09 | Pitney Bowes Inc. | Postage metering system and method on a network |
| US6098058A (en) * | 1997-12-18 | 2000-08-01 | Pitney Bowes Inc. | Postage metering system and method for automatic detection of remote postage security devices on a network |
| ATE335258T1 (en) * | 1998-03-18 | 2006-08-15 | Ascom Hasler Mailing Sys Inc | SYSTEM AND METHOD FOR MANAGING FANCER MACHINE LICENSES |
| WO2000019382A1 (en) * | 1998-09-29 | 2000-04-06 | Stamps.Com, Inc. | On-line postage system |
| FR2793332B1 (en) * | 1999-05-05 | 2001-08-10 | Secap | POSTAGE MACHINE AND ITS OPERATING METHOD |
| US7233929B1 (en) * | 1999-10-18 | 2007-06-19 | Stamps.Com | Postal system intranet and commerce processing for on-line value bearing system |
| EP1226554A1 (en) * | 1999-10-18 | 2002-07-31 | Stamps.Com | Postal system intranet and commerce processing for on-line value bearing system |
| CA2392037A1 (en) * | 1999-11-22 | 2001-05-31 | Ascom Hasler Mailing Systems, Inc. | Generation and management of customer pin's |
| DE10020566C2 (en) | 2000-04-27 | 2002-11-14 | Deutsche Post Ag | Method for providing postage with postage indicia |
| US6971007B1 (en) * | 2000-08-17 | 2005-11-29 | Hewlett-Packard Development Company, L.P. | Assured printing of documents of value |
| ATE291319T1 (en) * | 2001-04-30 | 2005-04-15 | Activcard Ireland Ltd | METHOD AND SYSTEM FOR AUTHENTICATING A PERSONAL SECURITY DEVICE AGAINST AT LEAST ONE REMOTE COMPUTER SYSTEM |
-
2004
- 2004-08-13 DE DE102004039547A patent/DE102004039547A1/en not_active Withdrawn
-
2005
- 2005-07-25 CA CA002577245A patent/CA2577245A1/en not_active Abandoned
- 2005-07-25 WO PCT/EP2005/008067 patent/WO2006018097A1/en active Application Filing
- 2005-07-25 JP JP2007525205A patent/JP4691557B2/en not_active Expired - Fee Related
- 2005-07-25 NZ NZ553102A patent/NZ553102A/en not_active IP Right Cessation
- 2005-07-25 EP EP05768585A patent/EP1779332A1/en not_active Withdrawn
- 2005-07-25 US US11/660,240 patent/US8073781B2/en not_active Expired - Fee Related
Also Published As
| Publication number | Publication date |
|---|---|
| US8073781B2 (en) | 2011-12-06 |
| DE102004039547A1 (en) | 2006-02-23 |
| WO2006018097A1 (en) | 2006-02-23 |
| JP4691557B2 (en) | 2011-06-01 |
| US20070276761A1 (en) | 2007-11-29 |
| EP1779332A1 (en) | 2007-05-02 |
| NZ553102A (en) | 2010-10-29 |
| JP2008509491A (en) | 2008-03-27 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CA2193024C (en) | System and method for managing multiple users with different privileges in an open metering system | |
| AU756905B2 (en) | Closed system virtual postage meter | |
| US6671813B2 (en) | Secure on-line PC postage metering system | |
| EP0780805B1 (en) | Open metering system with super password vault access | |
| JP4410858B2 (en) | Digital token issuing method in open system meter | |
| EP0762692B1 (en) | Secure user certification for electronic commerce employing value metering system | |
| EP0294397B2 (en) | Automated transaction system using microprocessor cards | |
| CA2193284C (en) | A method of inhibiting token generation in an open metering system | |
| US8052047B1 (en) | Automated banking machine that operates responsive to data bearing records | |
| DE69836375T2 (en) | SYSTEM AND METHOD FOR CONTROLLING DATA REQUIRED FOR PRINTING USE FRANKING | |
| US20030225711A1 (en) | Method and apparatus for postal user identification and billing | |
| EP1118064A1 (en) | On-line postage system | |
| JPH09311962A (en) | Method for reissuing digital token in an open metering system | |
| US6907399B1 (en) | Secure user certification for electronic commerce employing value metering system | |
| US8073781B2 (en) | Method and device for franking postal deliveries | |
| JP2004514360A (en) | How to manage mailings with printed postage bills | |
| US20080071691A1 (en) | Method and Device for Franking Postal Items | |
| US20050075991A1 (en) | System and method for accessing a remote postage meter account from a device that has a dedicated local meter and account | |
| CA2843253C (en) | Method and arrangement for generating franking imprint data for a mail item | |
| GB2386237A (en) | Postal user identification and billing |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| FZDE | Discontinued |