DESC:FIELD
The present disclosure relates to the field of detecting counterfeited seals.

DEFINITIONS
As used in the present disclosure, the following terms are generally intended to have the meaning as set forth below, except to the extent that the context in which they are used indicate otherwise.

The expression ‘QR (quick response) codes’ used hereinafter in the specification refers to a two-dimensional barcode. QR codes can be scanned using a QR scanner or a camera of a smartphone.

As used herein, a "geo fence" is a virtual perimeter surrounding a real-world geographic area that is dynamically generated or constrained by a predefined set of boundaries. Examples of a geo fence can include a virtual perimeter surrounding a location, and object, or a zone.

These definitions are in addition to those expressed in the art.

BACKGROUND

The background information herein below relates to the present disclosure but is not necessarily prior art.

One way of providing physical security to an object is by securing a metal/plastic wire around the object to be sealed. However, the seal can be counterfeited by duplication of the seal and hence fails to provide a tamper-proof protection for the sealed object. Moreover, a duplicated/counterfeited seal is fabricated such that the counterfeited seal includes unique identification number of an original seal, thereby failing to verify the genuineness of the seal.

There is, therefore, a felt need for a system and method to identify and authenticate a genuine seal that alleviates the aforementioned drawbacks of the conventional seal.

OBJECTS
Some of the objects of the present disclosure, which at least one embodiment herein satisfies, are as follows:

An object of the present disclosure is to provide a technique to identify a genuine seal.

Another object of the present disclosure is to provide a system for authenticating a seal.

Yet another object of the present disclosure is to provide a system for authenticating a seal using machine readable codes.

Other objects and advantages of the present disclosure will be more apparent from the following description, which is not intended to limit the scope of the present disclosure.

SUMMARY
In one embodiment, an authentication unit, installed on a user device and configured for authenticating a seal is disclosed. The authentication unit comprises a scanning unit configured for scanning an image data imprinted on a seal secured around an object, the image data comprising an encrypted image representing a unique identification number associated with the seal, and a seal authentication unit coupled to the scanning unit, the seal authentication unit configured for authenticating the seal. The seal authentication unit comprises a decryption unit configured for decrypting the image data, using a set of characteristic decryption keys, to determine a decrypted image associated with the seal, a comparator unit coupled to the decryption unit, the comparator unit configured for matching the decrypted image with a primary image stored in a storage unit, and for generating a matching score based on the comparison and an alert generation unit coupled to the comparator unit, the alert generation unit configured for generating an alert signal based on the matching score.

In another embodiment, a system for authenticating a seal is disclosed. The system comprises an authentication unit installed on a user device and a central server communicatively coupled to the user device. The authentication unit comprises a scanning unit configured for scanning an image data imprinted on a seal secured around an object, the image data comprising an encrypted image representing a unique identification number associated with the seal and a transceiver unit for transmitting the image data. The central server comprises a communication unit for receiving the image data from the authentication unit, and a seal authentication unit coupled to the communication unit, the seal authentication unit configured for authenticating the seal. The seal authentication unit comprises a decryption unit coupled to the communication unit, the decryption unit configured for decrypting the image data, using a set of characteristic decryption keys, to determine a decrypted image associated with the seal, a comparator unit coupled to the decryption unit, the comparator unit configured for matching the decrypted image with a primary image stored in a database, and for generating a matching score based on the comparison and an alert generation unit coupled to the comparator unit, the alert generation unit configured for generating an alert signal based on the matching score.

In yet another embodiment, a method for authenticating a seal is described. The method comprises steps of scanning an image data imprinted on a seal secured around an object, by a scanning unit, the image data comprising an encrypted image representing a unique identification number associated with the seal, transmitting the image data, using a transceiver unit, to a central server, receiving the image data from the transceiver unit, at a communication unit of the central server, decrypting the image data to determine a decrypted image, by a decryption unit, matching the decrypted image with a primary image stored in a database and generating a matching score, by a comparator unit and generating an alert signal based on the matching score.

In yet another embodiment, a computer program product comprising computer readable media storing instructions which when collectively executed by a first processor on a user device and a second processor on a central server communicatively coupled to the user device, the user device and the central server being configured to operate in an interactive manner, cause the first processor and the second processor to collectively perform a method is disclosed. The method comprising the steps of scanning an image data imprinted on a seal secured around an object, the image data comprising an encrypted image representing a unique identification number associated with the seal, transmitting the image data, using a transceiver unit, to a central server, receiving the image data from the transceiver unit, at a communication unit of the central server, decrypting the image data to determine a decrypted image, by a decryption unit, matching the decrypted image with a primary image stored in a database and generating a matching score, by a comparator unit and generating an alert signal based on the matching score.

BRIEF DESCRIPTION OF THE ACCOMPANYING DRAWING
An authentication unit and a system and a method for authenticating a seal using machine readable codes of the present disclosure will now be described with the help of the accompanying drawing, in which:
FIGURE 1 illustrates a block diagram of an authentication unit for authenticating a seal using machine readable codes, in accordance with an embodiment of the present disclosure;

FIGURE 2 illustrates a block diagram of a system for authenticating a seal using machine readable codes, in accordance with another embodiment of the present disclosure; and

FIGURE 3 illustrates a flow diagram of a method for authenticating a seal using machine readable codes, in accordance with another embodiment of the present disclosure.

LIST OF REFERENCE NUMERALS
100- Authentication unit
102- Scanning unit
104- Seal authentication unit
106- Decryption unit
108- Comparator unit
110 - Alert generation unit
111- Storage unit
200 - System
204- Authentication unit
206- Scanning unit
208 –Transceiver unit
202- Server
210- Communication unit
212- Seal authentication unit
214 - Decryption unit
216- Comparator unit
218 -Alert generation unit
220- Code generation unit
222 -Image generation unit
224- Encryption unit
226 - Geo-fencing unit
228 -User authentication unit
230 - Registration unit
232 - Database
234- Seal authentication table
236- User authentication table
238 – Look-up table
240 – Log table
242- Location tracking unit
244 -Time stamping unit

DETAILED DESCRIPTION
The present disclosure relates to an authentication unit and a system and a method for authentication of a seal secured around an object, using machine readable codes, to enhance inspection and anti-counterfeiting functionalities.

In one embodiment, as shown in Figure. 1, an authentication unit 100 installed on a user device (not shown) and configured for authenticating a seal is disclosed. The authentication unit 100 comprises a scanning unit 102 for scanning an image data imprinted on a seal and a seal authentication unit 104 coupled to the scanning unit 102. The seal authentication unit 104 is configured for authenticating the seal. The image data imprinted on the seal comprises an encrypted image representing a unique identification number associated with the seal.
In one embodiment, the scanning unit 102 may include a LASER (Light Amplification by Simulated Emission of Radiation) to read the image data. Alternatively, the scanning unit 102 may include an optical camera and logic configured to capture an image and process the image to obtain the image data.

The seal authentication unit 104 comprises a decryption unit 106, a comparator unit 108 coupled to the decryption unit 106 and an alert generation unit 110 coupled to the comparator unit 108. The decryption unit 106 is configured for decrypting the image data, using a set of characteristic decryption keys, to determine a decrypted image associated with the seal. The comparator unit 108 is configured for matching the decrypted image with a primary image stored in a storage unit 111, and for generating a matching score based on the comparison. The alert generation unit 110 is configured for generating an alert signal based on the matching score.

In one embodiment of the present disclosure, the authentication unit 100 is capable of storing and processing the decrypted image within the storage unit 111, e.g. performing a linear search and statistical data analysis upon the stored primary image within the storage unit 111. The primary image comprises an encoded form of the unique identification number associated with the seal.

Alternatively, or additionally, the decrypted image obtained by the decryption unit 106 may be transmitted over a communication network to a central server for further processing and storage. Accordingly, the actions performed by the authentication unit 100 may be shared between the authentication unit 100 and the central server. This is further explained in conjunction with Figure. 2.

As used herein, the term "network" includes any electronic communications system 200 or method which incorporates hardware and/or software components. Communication among the parties may be accomplished through any suitable communication channels, such as, for example, a telephone network, an extranet, an intranet, Internet, point of interaction device (point of sale device, personal digital assistant (e.g., Palm Pilot. RTM., Blackberry. RTM.), cellular phone, etc.), online communications, satellite communications, off-line communications, wireless communications, transponder communications, local area network (LAN), wide area network (WAN), virtual private network (VPN), networked or linked devices.

In one embodiment, the authentication unit 100 may be incorporated as a web application or a mobile application that can be installed in a user device (not shown). The user device (not shown) may be a personal computing device, among other things for example, a desktop computer, a laptop computer, a notebook, a netbook, a tablet personal computer (PC), a control panel, a smart phone, a mobile phone, a personal digital assistant (PDA), and/or any other suitable device operable to send and receive data and display data.

Applications, as used herein, include any set of computing instructions. Applications instruct an electronic device to perform specified functions. Applications typically contain logic and methods for accessing, manipulating, and storing data. Examples of applications include word processors, web browsers, email clients, games (e.g., chess games, etc.), and media players. Applications may contain instructions on displaying and formatting data. For example, an application may instruct an electronic device to access certain data and display it in a specified format and/or at a specified time.

Applications may be transported via any method suitable for such purpose. For example, the applications may be downloaded to the user device (not shown) via a Web browser or may be transported to the user device (not shown) using a "push" type operation via a network protocol over a cable or wireless infrastructure. Possible means for pushing an application or application reference include, but are not limited to, email, embedding in a Web page, part of an RSS feed, a WAP.TM. push, or a Bluetooth.TM. transmission. The system for deploying applications to the user device (not shown) may optionally include a runtime environment for the application. A runtime environment is software that allows a user device (not shown) to execute application code.

The access to the application may be provided upon successful user registration at the central server. This is further explained in conjunction with Figure. 2.

Turning now to Figure. 2, a system 200 for authenticating a seal using machine readable codes is described. The system 200 comprises a central server 202 and an authentication unit 204, installed on a user device (not shown) communicatively coupled to the central server 202.

The central server 202 is configured for storing, processing and providing information to a user. For this purpose, the central server 202 may include memory, a processor and a communication unit 210. The processor may be a general purpose processor, a Field Programmable Gate Array (FPGA), an Application Specific Integrated Circuit (ASIC), a Digital Signal Processor (DSP), and/or the like. The processor may be configured to retrieve data from and/or write data to the memory. The memory may be, for example, a random access memory (RAM), a memory buffer, a hard drive, a database, an erasable programmable read only memory (EPROM), an electrically erasable programmable read only memory (EEPROM), a read only memory (ROM), a flash memory, a hard disk, a floppy disk, cloud storage, and/or so forth. In one embodiment, the central server 202 may include one or more hardware- based units (e.g., DSP, FPGA, ASIC) and/or software- based units (e.g., a unit of computer code stored at the memory and executed at the processor, a set of processor- readable instructions that may be stored at the memory and executed at the processor) associated with executing an application, such as, for example, receiving, processing and displaying data from the authentication units 204.

Further, the central server 202 may include a database 232 (e.g., in memory and/or through a wired and/or a wireless connection) for storing data received from the multiple authentication units 204 coupled to the central server 202 via the communication network. The database 232 is either located within the central server 202 or coupled to the central server 202 externally.

Any database discussed herein may include relational, hierarchical, graphical, or object-oriented structure and/or any other database configurations. Common database products that may be used to implement the databases include DB2 by IBM (White Plains, N.Y.), various database products available from Oracle Corporation (Redwood Shores, Calif.), Microsoft Access or Microsoft SQL Server by Microsoft Corporation (Redmond, Wash.), MySQL, or any other suitable database product. Moreover, the databases may be organized in any suitable manner, for example, as data tables or lookup tables. Each record may be a single file, a series of files, a linked series of data fields or any other data structure. Association of certain data may be accomplished through any desired data association technique such as those known or practiced in the art.

The central server 202 is further configured for hosting a web page for accessing data stored in the database 232. The web page may be accessed using one of a user interface (not shown) at the central server 202 and at the user device (not shown) or via a web portal.

The central server 202 comprises a registration unit 230 and a user authentication unit 228 each configured for registration and authentication of a user respectively.

The registration unit 230 is configured for registering at least one of a user and a device associated with the user, for providing access and installation of the authentication unit 204 at the user device (not shown). The registration of the user and/or a device associated with the user may be performed at the user interface of the central server 202 or through the web portal.

The registration of the user device (not shown) may be performed using device information for example, a MAC (Media Access Control) address or an IP (Internet Protocol) address of the user device (not shown). A device identification number may be generated post successful registration of a user device (not shown) associated with the user at the web portal. A mapping of MAC with the device identification number may thus be maintained in a user authentication table 236 of the database 232.

In one embodiment, the registration unit 230 is configured for registering a user through user credentials. The user credentials include a user identification and a password. The user identification may include a string of alpha numeric characters representing user name, telephone/cell phone number, government issued identification number or such user identification details. A user identification data may be generated by the registration unit 230 upon successful registration of the user credentials. In one embodiment, the user identification data may include a single sign-on (SSO) identification. The user identification and a password chosen by the user is mapped to the user identification data and stored in the database 232 coupled to the central server 202.

Similarly, registration of a user using biometric data of a user may be performed. A biometric profile of the user may be created using multiple biometric data associated with the user and verification of the biometric profile may be performed for providing authorized user access to the authentication unit 204.

The user authentication table 236 of the database 232 thus includes at least one of a mapping of biometric profile of a user with user identification data, user credentials with user identification data and device profile with device identification data. Upon each successful registration of a user and/or a device associated with the user, the user authentication table 236 is updated with the acquired information.

Consequent to a successful registration, the user is provided with installation of the authentication unit 204 at the user device (not shown). In one embodiment, a onetime authentication may be performed during the registration process. Subsequent access to the authentication unit 204 may not be subject to authentication. Alternatively, subsequent access to the authentication unit 204 may be provided upon successful user authentication.

Accordingly, the central server 202 further comprises a user authentication unit 228 configured for performing at least one of a device authentication, a user authentication and a credential authentication.

In one embodiment, the authentication involves server authentication wherein the authentication is performed by input of correct and valid username and password credentials by the user at the central server 202. The received user credentials are matched with the user identification details provisioned with the database 232 of the central server 202. The user authentication is successful when the credentials are matched.
In another embodiment, the authentication involves matching the received device identification with the device identification data stored in the database 232.

The biometric authentication of a user is performed using the biometric profile of the user stored in the database 232 of the central server 202. The central server 202 through a biometric input unit (not shown) is configured for receiving a sample biometric data of a user, compare the sample biometric data with one or more reference biometric data stored in the database 232, so as to generate a comparison score and indicate a successful authentication when the comparison score exceeds a predetermined threshold.

Alternatively, the biometric authentication of a user is performed using the biometric profile of the user stored on the user's device. The authentication unit 204 can utilize the biometric identification in-built in the user device (not shown) for providing access to the user. The user performs biometric authentication at the user device (not shown) and once the user is authenticated by the user device (not shown), the authentication information is sent to the central server 202. The permission to access the authentication unit 204 at the user device (not shown) is granted once the user is authenticated.

In one embodiment, the biometric authentication may be performed using biometric data such as fingerprint, palm print, finger pores, hand geometry, iris, retina, tragus, voice and face recognition. Further, the use of physical biometrics may be combined with behavioral biometrics such as gestures, swipe and pattern predictions in order to create a superior level of user identification.

In an alternative embodiment, multiple level of user authentication may be performed one at the central server 202 and other at the user device (not shown).
Subsequent to a successful authentication, the user is provided with access to the authentication unit 204 installed in the user device (not shown).

Still referring to Figure. 2, the central server 202 further comprises a code generation unit 220, an image generation unit 222 coupled to the code generation unit 220 and an encryption unit 224 coupled to the image generation unit 222. The code generation unit 220, the image generation unit 222 and the encryption unit 224 collectively generate an image data that is to be imprinted on a seal secured around an object.

Accordingly, the code generation unit 220 is configured for generating a plurality of unique identification numbers wherein each unique identification number is associated with a seal. The unique identification number associated with each seal is further stored in a look-up table 238 within the database 232. The look-up table 238 thus consists of a listing of a plurality of unique identification numbers, wherein each unique identification number is associated with a seal.

The image generation unit 222 is configured for encoding the unique identification number in a standard format so as to generate an image representing the unique identification number. The database 232 further comprises a seal authentication table 234 that includes a mapping of a unique identification number against a primary image associated with a seal, the primary image being the image generated subsequent to encoding and prior to encryption.

The encryption unit 224 coupled to the image generation unit 222 is configured for encrypting the image so as to generate an image data comprising the encrypted unique identification number. The image data thus generated is in the form of a machine readable code.

According to exemplary embodiment of the present disclosure, data is encrypted using a full-phase double-random-phase encryption with photon-counting, and then an iterative compression technique is applied based on Huffman coding to compress the image.

In one embodiment, the machine readable code is one of a Quick Response (QR) code, a bar code and a Radio Frequency Identification (RFID) code. A QR code is a two dimensional (2D) barcode created that can be scanned regardless of scanning direction or damage caused to the QR code. A bar code comprises a pattern of parallel lines of varying widths, printed on a commodity. RFID (Radio Frequency Identification) stores data in the form of radio waves in a tiny circuitry.

The image data thus generated is imprinted on a seal secured around an object. In one embodiment, the image data is imprinted on the seal using LASER (Light Amplification by Simulated Emission of Radiation). Such mechanisms are well known in the art and hence shall not be described in detail.

The authentication unit 204 comprises a scanning unit 206 configured for scanning an image data imprinted on the seal. For example, the scanning unit 206 may be configured to capture the image data comprising a QR code using a light beam such as a LASER. The transceiver unit 208 coupled to the scanning unit 206 is configured for transmitting the image data to the central server 202.

The central server 202 being communicatively coupled to the user device (not shown), comprises a communication unit 210 for receiving the image data from the authentication unit 204. In one embodiment, the communication unit 210 is configured to be operated using one of Wi-Fi, Bluetooth, ZigBee, Z-wave and cellular types of wireless protocols (including 3G, 4G, 5G and 6G (forward compatible)).

The central server 202 comprises a seal authentication unit 212 coupled to the communication unit 210. The seal authentication unit 212 is configured for authenticating a seal and comprises a decryption unit 214, a comparator unit 216 coupled to the decryption unit 214 and an alert generation unit 218 coupled to the decryption unit 214.

The decryption unit 214 decompresses and decrypts the image data to determine a decrypted image representing the unique identification number of the seal. The decrypting unit may use at least one characteristic decryption key, that is proprietary to the authentication unit 204-central server 202 combination, to decrypt the encrypted data.

The comparator unit 216 is configured for matching the decrypted image with the each of the plurality of primary images stored in the database 232 and for generating a matching score based on the comparison. In an embodiment, a nonlinear correlation filter image recognition algorithm may be employed to verify the decrypted image against the primary image for authentication.

The alert generation unit 218 is configured for generating an alert signal based on the matching score. Accordingly, the alert generation unit 218 may be configured to generate an alert signal when there is a mismatch. Alternatively, the alert generation unit 218 may be configured to generate an alert signal when there is a match.

In one embodiment, the alert signal thus generated is in graphical and/or, textual and/or visual and/or optical and/or audio and/or tactile mode. In an exemplary embodiment, the alert generation unit 218 may include one of a buzzer, an audio player issuing a voice command and light Emitting Diode (LED) indicator configured for indicating the alert signal.

Further, the communication unit 210 may be configured to receive the alert signal from the alert generation unit 218 and may further be configured to transmit the alert signal to the transceiver unit 208 of the user device (not shown). The user of the user device (not shown) may thus be alerted about the authentication of the seal under consideration.

In an alternative embodiment, explained in conjunction with Figure. 1, where the decryption is performed at the authentication unit 100 installed on the user device (not shown), the decrypted image from the authentication unit 100 may be decoded further to identify the unique identification number associated with the image, using standard decoding techniques. The communication unit 210 of the central server 202, may be configured to receive the decoded unique identification number. The unique identification numbers thus decoded may be compared with the unique identification numbers stored in the look-up table 238 of the database 232 for determining the authenticity of the seals.

In an embodiment, the database 232 may further comprise a log table 240 configured to store information such as the location where the each of the seal is installed and time stamp associated with each of the activity such as seal installation and scanning, along with the unique identification number associated with each of the seals. Such information facilitates tracking of the whereabouts of each seal with respect to a predetermined area.

In an embodiment, the system 200 may be configured to employ the geo-fencing technology, which employs GPS (Global Positioning System) and/or RFID technology to create a virtual geographic boundary, enabling the system 200 to trigger a response when the object secured with the seal enters or leaves a particular area. The alert generation unit 218 can be configured for alerting a user in an event the seal is scanned outside a geo-fencing location.

Accordingly, the central server 202 further comprises a geo-fencing unit 226, configured for recording an installation location, the installation location being the location of an object/seal when the image data is imprinted on the seal, for defining a virtual fence surrounding the seal and for tracking the location of the seal with respect to the virtual fence surrounding the seal.

The location and time tracking for each of the seals in order to monitor the whereabouts of a seal with respect to a geo-fencing may be performed using a location tracking unit 242 and a time stamping unit 244.

In one embodiment, the location tracking unit 242 can utilize or otherwise leverage a built-in satellite-signal receiver and/or another type of receiver on the user device (not shown) that scans the seal that is subject to geo fencing and for which a location estimate is to be determined. The user device (not shown) can utilize the built-in receiver to access global positioning system (GPS) signals and/or signals from other global navigation satellite systems (GNSSs). The satellite-signal receiver and/or associated circuitry in the user device (not shown) can generate location information using at least a portion of such signals. In one example, the location information can include an estimate of a current location of the user device (not shown). In addition, or in another embodiment, the disclosure can utilize or otherwise leverage a receiver configured to receive terrestrial radiofrequency signals in order to generate location information. Such location information can permit generation, at a network device, for example, of an estimate of a current location of the user device (not shown).

Similarly, the time stamping unit 244 may utilize or otherwise leverage a built-in clock in the user device (not shown) that scans the seal, for determining a time stamp representing the scanning time.

Accordingly, the geo-fencing unit 226 is configured to detect and report geo fencing information (e.g., a location of the seal and/or the object secured with the seal). when the object secured with the seal imprinted with the image data enters or exits a virtual boundary set up around a geographical location, known as a geo fence. The geo fencing unit 226 can provide a notification to the user device (not shown) and/or the central server 202 when the geo fence around a seal is broken.

In one embodiment, each of the authentication unit 204, seal authentication unit 212, decryption unit 214, comparator unit 216 and alert generation unit 218 may be configured to be implemented using one or more processors. The processor may be a general-purpose processor, a Field Programmable Gate Array (FPGA), an Application Specific Integrated Circuit (ASIC), a Digital Signal Processor (DSP), and/or the like. The processor may be configured to retrieve data from and/or write data to the memory. The memory may be, for example, a random-access memory (RAM), a memory buffer, a hard drive, a database 232, an erasable programmable read only memory (EPROM), an electrically erasable programmable read only memory (EEPROM), a read only memory (ROM), a flash memory, a hard disk, a floppy disk, cloud storage, and/or so forth.

In another embodiment, as shown in Figure. 3, a method 300 for authenticating a seal using machine readable codes is described. The method 300 comprises steps of scanning an image data imprinted on a seal secured around an object, by the scanning unit 206 (at step 302), the image data comprising an encrypted image representing a unique identification number associated with the seal, transmitting the image data, using the transceiver unit 208, to the central server 202 (at step 304), receiving the image data from the transceiver unit 208, at the communication unit 210 of the central server 202 (at step 306), decrypting the image data to determine a decrypted image, by the decryption unit 214 (at step 308), matching the decrypted image with a primary image stored in the database 232 and for generating a matching score (at step 310), by the comparator unit 216 and generating an alert signal based on the matching score (at step 312), by the alert generation unit 218.

Priot to imprinting the image data on a seal, the method 300 further comprises the step of generating an image data that includes generating a plurality of unique identification numbers, by the code generation unit 220, generating a plurality of images wherein each image is a binary image representing a unique identification number, by the image generation unit 222 and encrypting each image for generating an image data, by the encryption unit 224.

In some embodiments, the disclosed method 300 includes a variety of photon-counting imaging techniques, e.g., techniques that follow the Poisson distribution. A variety of encryption techniques can be used, including full-phase double-random-phase encryption. In some embodiments, the disclosed method 300 may include one or more compression techniques and such technique(s) may be used to iteratively compress the image data, including Huffman coding. In some embodiments, the disclosed method 300 may further include a variety of optical encoding techniques for attaching or embedding optical masks containing from micron size to Nano size details.

By combining the full-phase double-random-phase encryption with photon-counting imaging method and applying an iterative Huffman coding technique, the present disclosure advantageously encrypts and compresses a binary image containing primary information about the unique identification number associated with the seal. This image data can then be stored inside an optically phase-encoded QR code for robust read out, decryption, and authentication.

Typically, commercial machine code readers such as (QR scanners, bar code scanners and RFID scanners), e.g., scanners built into Smartphones such as an iPhone TM or Android device TM, can be used to scan the image data (for example QR code) and capture the encrypted data. The encrypted data can then be decrypted and decompressed using the correct keys and dedicated algorithms to deal with the photon-counting nature of the data. Image recognition algorithms, such as nonlinear correlation filters, can be used to verify the decrypted image against the primary image for authentication.

However, the decryption keys employed herein by the decryption unit 214 are characteristic in nature and proprietary to the authentication unit 204 -central server 202 combinations. The in-built scanners described in the art are unable to decrypt the image using standard decryption keys available with the in-built scanners. This ensures that only authorized users of the authentication unit 204 can verify the genuineness of the seal.

The functions described herein may be implemented in hardware, software executed by a processor, firmware, or any combination thereof. If implemented in software executed by a processor, the functions may be stored on or transmitted over as one or more instructions or code on a computer- readable medium. Other examples and implementations are within the scope and spirit of the disclosure and appended claims. For example, due to the nature of software, functions described above can be implemented using software executed by a processor, hardware, firmware, hardwiring, or combinations of any of these. Features implementing functions may also be physically located at various positions, including being distributed such that portions of functions are implemented at different physical locations.

In addition, any disclosure of components contained within other components or separate from other components should be considered exemplary because multiple other architectures may potentially be implemented to achieve the same functionality, including incorporating all, most, and/or some elements as part of one or more unitary structures and/or separate structures.

In yet another embodiment, a computer program product comprising computer readable media storing instructions which when collectively executed by a first processor on the user device and a second processor on the central server communicatively coupled to the user device, the user device and the central server being configured to operate in an interactive manner, cause the first processor and the second processor to collectively perform the method 300 is disclosed.

Computer-readable media includes both computer storage media and communication media including any medium that facilitates transfer of a computer program from one place to another. A storage medium may be any available medium that can be accessed by a general purpose or special purpose computer. By way of example, and not limitation, computer- readable media can comprise RAM, ROM, EEPROM, flash memory, CD-ROM, DVD, or other optical disk storage, magnetic disk storage or other magnetic storage devices, or any other medium that can be used to carry or store desired program code means in the form of instructions or data structures and that can be accessed by a general -purpose or special -purpose computer, or a general -purpose or special -purpose processor.

Also, any connection is properly termed a computer- readable medium. For example, if the software is transmitted from a website, central server, or other remote source using a coaxial cable, fiber optic cable, twisted pair, digital subscriber line (DSL), or wireless technologies such as infrared, radio, and microwave, then the coaxial cable, fiber optic cable, twisted pair, DSL, or wireless technologies such as infrared, radio, and microwave are included in the definition of medium. Disk and disc, as used herein, include compact disc (CD), laser disc, pen drive, optical disc, digital versatile disc (DVD), floppy disk and Blu-ray disc where disks usually reproduce data magnetically, while discs reproduce data optically with lasers. Combinations of the above are also included within the scope of computer- readable media.

TECHNICAL ADVANCEMENTS
The present disclosure described herein above has several technical advantages including, but not limited to, the realization of an authentication unit and a system and a method for authenticating a seal using machine readable codes, that:
• detects counterfeited seals;
• authenticates a seal; and
• identifies genuineness of seal.

The embodiments herein and the various features and advantageous details thereof are explained with reference to the non-limiting embodiments in the following description. Descriptions of well-known components and processing techniques are omitted so as to not unnecessarily obscure the embodiments herein. The examples used herein are intended merely to facilitate an understanding of ways in which the embodiments herein may be practiced and to further enable those of skill in the art to practice the embodiments herein. Accordingly, the examples should not be construed as limiting the scope of the embodiments herein.

Throughout this specification the word “comprise”, or variations such as “comprises” or “comprising”, will be understood to imply the inclusion of a stated element, integer or step, or group of elements, integers or steps, but not the exclusion of any other element, integer or step, or group of elements, integers or steps.

The use of the expression “at least” or “at least one” suggests the use of one or more elements or ingredients or quantities, as the use may be in the embodiment of the disclosure to achieve one or more of the desired objects or results.

The foregoing description of the specific embodiments will so fully reveal the general nature of the embodiments herein that others can, by applying current knowledge, readily modify and/or adapt for various applications such specific embodiments without departing from the generic concept, and, therefore, such adaptations and modifications should and are intended to be comprehended within the meaning and range of equivalents of the disclosed embodiments. It is to be understood that the phraseology or terminology employed herein is for the purpose of description and not of limitation. Therefore, while the embodiments herein have been described in terms of preferred embodiments, those skilled in the art will recognize that the embodiments herein can be practiced with modification within the spirit and scope of the embodiments as described herein.

,CLAIMS:WE CLAIM:
1. An authentication unit (100) configured for authenticating a seal, installed on a user device, the authentication unit (100) comprising:
a scanning unit (102) configured for scanning an image data imprinted on a seal secured around an object, the image data comprising an encrypted image representing a unique identification number associated with the seal;
a seal authentication unit (104) coupled to the scanning unit (102), the seal authentication unit (104) comprising:
a decryption unit (106) configured for decrypting the image data using a set of characteristic decryption keys, to determine a decrypted image associated with the seal;
a comparator unit (108) coupled to the decryption unit (106), the comparator unit (108) configured for matching the decrypted image with a primary image stored in a storage unit, and for generating a matching score based on the comparison; and
an alert generation unit (110) coupled to the comparator unit (108), the alert generation unit (110) configured for generating an alert signal based on the matching score;
wherein the characteristic decryption keys are generated at a central server communicatively coupled to the user device in a proprietary format and wherein each of the scanning unit (102), decryption unit (106), comparator unit (108) and alert generation unit (110) are configured to be implemented using at least one processor.
2. The authentication unit (100) as claimed in claim 1, wherein the storage unit is a part of the authentication unit (100).
3. The authentication unit (100) as claimed in claim 1, wherein the storage unit is a database coupled to the central server.
4. The authentication unit (100) as claimed in claim 1, wherein the storage unit is a database located within the central server.
5. The authentication unit (100) as claimed in claim 1, further comprising a location tracking unit configured for recording location of the object while scanning the image data imprinted on the seal secured around the object.
6. The authentication unit (100) as claimed in claim 1, further comprising a time stamping unit configured for recording time of scanning the image data imprinted on the seal secured around the object.
7. A system (200) for authenticating a seal, the system (200) comprising:
an authentication unit (204) installed on a user device, the authentication unit (204) comprising:
a scanning unit (206) configured for scanning an image data imprinted on a seal secured around an object, the image data comprising an encrypted image representing a unique identification number associated with the seal; and
a transceiver unit (208) for transmitting the image data;
and
a central server (202) communicatively coupled to the user device, the central server (202) comprising:
a communication unit (210) for receiving the image data from the authentication unit (204);
a seal authentication unit (212) coupled to the communication unit (210), the seal authentication unit (212) comprising:
a decryption unit (214) coupled to the communication unit (210), the decryption unit (214) configured for decrypting the image data, using a set of characteristic decryption keys, to determine a decrypted image associated with the seal;
a comparator unit (216) coupled to the decryption unit (214), the comparator unit (216) configured for matching the decrypted image with a primary image stored in a database (232), and for generating a matching score based on the comparison; and
an alert generation unit (218) coupled to the comparator unit (216), the alert generation unit (218) configured for generating an alert signal based on the matching score;
wherein the characteristic decryption keys are generated at the central server (202) in a proprietary format and wherein each of the scanning unit (206), decryption unit (214), comparator unit (216) and alert generation unit (218) are configured to be implemented using at least one processor.
8. The system (200) as claimed in claim 7, wherein the central server (202) further comprises:
a code generation unit (220) configured for generating a plurality of unique identification numbers;
an image generation unit (222) coupled to the cold generation unit, the image generation unit (222) configured for generating a plurality of images wherein each image is a binary image representing a unique identification number; and
an encryption unit (224) coupled to the image generation unit (222), the encryption unit (224) configured for encrypting each image for generating an image data.
9. The system (200) as claimed in claim 8, wherein the image data is a machine readable code selected from a group consisting of a Quick Response (QR) code, a bar code and a RFID code (Radio Frequency Identification Code).
10. The system (200) as claimed in claim 7, wherein the central server (202) further comprises:
a geo-fencing unit (226), configured for:
recording an installation location, the installation location being the location of a seal where the image data is imprinted on the seal secured around an object;
defining a virtual fence surrounding the seal; and
tracking the location of the seal with respect to the virtual fence surrounding the seal.
11. The system (200) as claimed in claim 7, wherein the central server (202) further comprises:
a registration unit (230) configured for registering at least one of a user and a device wishing to access and install the authentication unit (204).
12. The system (200) as claimed in claim 7, wherein the central server (202) further comprises:
a user authentication unit (228) configured for performing at least one of a device authentication, a user authentication and a credential authentication.
13. The system (200) as claimed in claim 7, further comprises a database (232) including a user authentication table (236) and a seal authentication table (234) and wherein the user authentication table (236) comprises at least one of a mapping of biometric profile of a user with user identification data, user credentials with user identification data and device profile with device identification data and wherein the seal authentication table (234) comprises a listing of multiple unique identification numbers, each unique identification number associated with a seal.
14. The system (200) as claimed in claim 13, wherein the database (232) is coupled to the central server (202).
15. The system (200) as claimed in claim 13, wherein the database (232) is located within the central server (202).
16. The system (200) as claimed in claim 7, wherein the authentication unit (204) further comprises a location tracking unit (242) configured for recording location of the object while scanning the image data imprinted on the seal secured around the object.
17. The system (200) as claimed in claim 7, wherein the authentication unit (204) further comprises a time stamping unit (244) configured for recording time of scanning the image data imprinted on the seal secured around the object.
18. A method for authenticating a seal, the method comprising steps of:
scanning an image data imprinted on a seal secured around an object, by a scanning unit (206), the image data comprising an encrypted image representing a unique identification number associated with the seal;
transmitting the image data, using a transceiver unit (208), to a central server (202);
receiving the image data from the transceiver unit (208), at a communication unit (210) of the central server (202);
decrypting the image data to determine a decrypted image, by a decryption unit (214);
matching the decrypted image with a primary image stored in a database (232) and for generating a matching score, by a comparator unit (216); and
generating an alert signal based on the matching score, by an alert generation unit (218).
19. The method as claimed in claim 18, further comprising:
generating a plurality of unique identification numbers, by a code generation unit (220);
generating a plurality of images wherein each image is a binary image representing a unique identification number, by an image generation unit (222); and
encrypting each image for generating an image data, by an encryption unit (224).
20. The method as claimed in claim 19, wherein the image data is a machine readable code selected from a group consisting of a Quick Response (QR) code, a bar code and a RFID code (Radio Frequency Identification Code).
21. The method as claimed in claim 18, further comprising:
recording an installation location, the installation location representing the location of a seal when the image data is imprinted on the seal secured around an object;
defining a virtual fence surrounding the seal; and
tracking the location of the seal with respect to the virtual fence surrounding the seal.
22. The method as claimed in claim 18, further comprising:
registering at least one of a user and a device wishing to access and install the authentication unit (204), by a registration unit (230).
23. The method as claimed in claim 18, further comprising:
performing one of a device authentication, a user authentication and a credential authentication, by a user authentication unit (228).
24. A computer program product comprising computer readable media storing instructions which when collectively executed by a first processor on a user device and a second processor on a central server (202) communicatively coupled to the user device, the user device and the central server (202) being configured to operate in an interactive manner, cause the first processor and the second processor to collectively perform a method comprising the steps of:
scanning an image data imprinted on a seal secured around an object, the image data comprising an encrypted image representing a unique identification number associated with the seal;
transmitting the image data, using a transceiver unit (208), to a central server (202);
receiving the image data from the transceiver unit (208), at a communication unit (210) of the central server (202);
decrypting the image data to determine a decrypted image, by a decryption unit (214);
matching the decrypted image with a primary image stored in a database (232) and for generating a matching score, by a comparator unit (216); and
generating an alert signal based on the matching score.