FR2996660A1 - Identification support for e.g. document for biometric applications, has matrix code, identification zone, and authenticating element, where code is arranged with key of authenticating element output after reading authenticating element - Google Patents

Abstract

An identification medium (10), intended to be fixed on an object, comprises at least one code (15) of an identification zone (11), incorporating a digital representation of an identifying element, and at least one authenticating element (16). The at least one code also incorporates a key of the authenticating element (16) resulting from a reading of said authenticating element. According to a method for producing the device (10), a step of reading an authenticating element is performed, a step of determining, from this reading, a key that is characteristic of a signature of the authenticating element, and a step of incorporating the key in the code of the identification zone (11). To verify an identification medium (10) the key is extracted from the authenticating element and compared to the code of the identification zone to check whether there is a signature corresponding to the key.

Description

The present invention belongs to the field of the identification of objects or documents and their authentication. More particularly, the invention relates to an identification medium with an improved level of confidence, a method for producing this identification medium and a method of controlling this identification medium. It is known to mark the products or documents representing a particular value or importance by markings affixed directly to the product or document or to the labels reported in a technically secure manner on the product or document, which include elements identifier and authenticating elements. An identifying element contains information that gives an identity to an object, a document or a person holding the object or document. In the case of an object, an identity of an object for example consists of a number or a code which is different for each object of a family which makes it possible to identify a particular object in the family. It is known for example to give an object a serial number, associated if necessary with a type number that characterizes the family. An object may also consist of a document associated with a person such as an identity card or a rights management card, an identity consists, for example, of administrative data specific to the document holder: name, first names, date of the document. birth .... An identifying element may also include a registration number that identifies a person in an organization. An identifying element is normally accessible simply to unambiguously identify an object or a person who is the holder thereof and is easily readable or searchable. For example, identifier elements printed on labels or documents in the form of sequences of numbers and letters or in the form of barcodes are known. The identification information may also be stored in an electronic memory attached to the product or incorporated in the document, for example in a contactless reading chip according to RFID technology. In a coded form, it is also known to use two-dimensional matrix codes generally incorporating more information than a simple bar code. A matrix code contains, for example, in a form readable by optical reading means, one or more identifiers of the product and an electronic address (URL) which allows the reading means having the ability to connect to a remote application , most often on a website, to obtain additional information on the product marked, the document or the person who owns it. Such codes are today often referred to as QRCode. An authenticating element contains information that allows, with a desired probability, to determine that the object or document, at least one tag, bearing the authenticating element is authentic and has not been tampered with or reproduced. Indeed the identifying elements, which are most often in printed form and or are contained in an electronic memory, are easily reproducible and can be imitated or duplicated to be affixed to counterfeit products or fake administrative documents. An authenticating element generally implements for its production components whose reproduction is technically impossible, ideally, or at least very difficult. When the authentication element is unique, it is then necessary to bring the authentication information together with the identification information by external means to check its official existence and coherence. This reconciliation requires the consultation of a database of the 30 authentication elements, a database that can be remote, in particular when the consultation must be carried out from numerous locations and by many different operators, or which may be local, by example built into a player. The database, which is only accessible in consultation with users seeking to establish authenticity, contains the information that makes it possible to reconcile identifier and authenticator to conclude the authenticity of a product or a document or to the legitimacy of a person who holds it. Depending on the level of security sought and the cost that can be allocated to the authenticating element, an authenticating element may contain a bubble code, comprising a constellation of bubbles formed in the thickness of a polymer film, the reproduction of which is technically impossible to date, for example a bubble code diffused under the trademark Prooftag IO, or a more or less complex 2D code, or any other element that is technically impossible or complex to reproduce in all its measurable characteristics. However the need to consult a database to achieve a reconciliation of the authentication information and credentials is binding because on the one hand it is not always possible 15 depending on the place and time to connect to the database. database, and on the other hand the consultation of the database is a demanding operation, both for the operator of the consultation because of the access time to the database and for the management device of the database which should handle the requests. In both cases the time and means requirements increase with the number of consultations and can become penalizing. In order to reduce these constraints, the invention relates to an identification medium, intended to be fixed on an object, such as a product or a document. The identification medium comprises at least one code of an identification zone, this identification zone may comprise several codes and comprises at least one authenticating element. In addition, the identifier element incorporates at least one key of the at least one authenticating element, which key is derived from a reading of the authenticating element. This key, which is a signature of the authenticating element, forms a direct link between the authenticating element and the identification information contained in the code of the identification zone so that cross-checks become possible without it being possible. necessary to use information outside the identification medium itself.

In one embodiment, the code incorporates a digital representation of one or more identifying elements. In order to be accessible, the code can be incorporated into any type of support of the identification zone that can be read by reading means adapted to the identification medium. The code may have several separate components in the identification area or be incorporated into a single component. In a particular embodiment, the code is an optically readable matrix code comprising a coding of the key or a coding of the key and at least one identifying element. In another particular embodiment, the code or codes are contained in a read-only memory comprising an encoding of the at least one key or a coding of the at least one key and at least one identifying element. Such a memory may advantageously be a contactless reading memory according to RFID technology so that its access is possible by a contactless reading and without the need for a precise location of the chip comprising the memory. In one embodiment, the authenticating element is a single, non-duplicable physical element, for example a bubble code comprising bubbles trapped in a transparent polymer and forming a three-dimensional code, or at least very complex to reproduce, so that its uniqueness is guaranteed at a desired level and that the key that is extracted is also a signature that identifies this unique element among other unique elements of the same type. In the case of bubble codes, it has been statistically demonstrated that a bubble code such as those marketed by the company Prooftag® and having a constellation of 40 bubbles has a probability of 1/10 exp 160 of finding its identical identity. which in practice excludes the hypothesis of such an occurrence. In one embodiment of the identification medium the at least one identifying element, of which a digital representation and the at least one key of the authenticating element are incorporated in the at least one code, and where appropriate other identifying elements, is contained in the identification area, independently of the at least one code in a readable form, for example in the form of an alphanumeric character string, in an image or graphic representation form, in a form digital representation of this at least identifying element, for example in a bar code, a matrix code or a digital memory.

The identifying elements thus arranged in the identification zone, which are redundant for the elements of which a digital representation is also incorporated as an identifier in the at least one code, allow direct reading or by independent technical means to carry out independent visual checks.

For example a photograph of a person allows on an identity document or access control to perform a first level of verification of the legitimacy of the holder of the document before carrying out further checks. In one embodiment, the identification zone comprises, in the at least one code and or outside said code, one or more biometric fingerprints such as photographs, fingerprints, retinal images, or even sound tracks and fingerprints. generally any set of data characteristic of the physiognomy or biology of a person, a living being in general, legitimate holder of an object bearing said identification medium. In order to make it more difficult to fraudulently reproduce an identification medium, the at least one key may be hidden and or encrypted in the code. Likewise, the digital representation of the at least one identifying element in the at least one code may be hidden and or encrypted. In one embodiment, the identification zone includes a database connection address in which the authentication and identification elements, in particular identifying elements whose digital representation is present in the code, are associated with the database. so that it is possible to check for consistency between the identifying and authenticating elements. The invention also relates to a method of producing such an identification medium intended to be applied to an object, for example a product or a document, on which identification medium is affixed at least one code in a zone of identification and at least one authenticating element. According to the production method, the latter comprises a step of reading the at least one authenticating element, a step of determining, from the reading performed, a key that is characteristic of a signature of the at least one authenticating element, and a step of incorporating at least one key into the code of the identification zone. In order for the key to be accessible without simply revealing its contents, advantageously, before the step of incorporating the key into the identification zone, the key is encrypted. In one embodiment, the at least one identifying element and the key and, if applicable, a database connection address, are combined in the same code, for example in the form of a printed matrix code or an electronic memory so that it can be read later by a single read operation. When the identification zone includes a connection address to a database, whether or not incorporated in a code of the identification zone, a representation of the at least one identifying element and a representation of the at least one element Authenticator are associated in said database so that the matching of the identification element, which is unique, and the authentication element, also unique, can be obtained by means external to the identification medium. The invention also relates to a method for verifying an identification medium which comprises at least one identifying element in an identification zone and at least one authentication element. The verification method of an identification medium according to the invention comprises a step of reading the at least one code of the identification zone, a step of reading the at least one authenticating element, a step of extracting an authenticating element from at least one key characterizing said at least one authenticating element and a step of comparing said at least one key with said at least one code. Such a comparison step makes it possible to check the coherence between the authentication element and the identifier element, coherence created by the combination of information coming from these two elements in the code from the only reading of the authentication medium. In one form of implementation, the verification method comprises a step of acquiring a biometric fingerprint of a carrier of the identification medium and comprises a step of comparing said acquired biometric fingerprint with an identifying element or with the code in which a numerical representation of the identifier element is incorporated. The identification medium is then declared invalid if during this comparison there is no correspondence between the biometric fingerprint and the identifying element. The identification medium is also declared invalid if, during the comparison step, no signature conforming to the at least one key extracted from the authentication element is identified in the at least one code, or that the The key is not readable in the code in the case where the key is not encrypted, or it is not possible to decrypt the code correctly by using the key resulting from the reading of the authenticating element. In the particular case where the authentication element is a bubble code, if the extracted key is a key obtained by a two-dimensional analysis, that is to say of an image, of said bubble code, it is examined whether the Bubble code have characteristics of a three-dimensional bubble arrangement characteristic of bubble formation in a thickness of the polymer film. In this case, if the authenticating element does not have expected characteristics showing that the code has three dimensions, the support is declared invalid, even if the extracted key is recognized and considered valid. It is thus avoided to continue validity checks in particular by calling upon external resources such as a database. When at least one key extracted from the authenticating element is identified in the at least one code, the comparison step is followed by a database interrogation step, in which base is associated with the less an identification element of the identification zone and a representation of the authentication element, said interrogation step not being carried out if during the comparison step no signature conforming to the at least one key extracted from the authenticating element is not identified in the at least one code or if, in the case where the authentication element is a bubble code, it is not recognized that the bubble code is a code with three dimensions. Such a database interrogation step, when performed, confirms or invalidates the validity of the identification medium with a very high level of confidence but at a stage of control for which most fraudulent identification media will have already been detected and removed from the ultimate verification process. On the other hand, if such a database interrogation step can not be performed, for technical reasons for example, internal coherence checks on the identification medium make it possible to establish a first level of confidence in the database. identification medium which benefits from a presumption of validity, more or less strong according to the authenticating and identifying elements implemented, and which may be considered sufficient in certain circumstances of the verification checks. The invention will be better understood on reading the following description and on examining the figures which accompany it. These are given as an indication and in no way limitative of the invention. The figures show schematically: FIG. 1: a view of an exemplary identification support according to the invention; FIG. 2: an enlarged view of the bubble code of the device of FIG. 1 on which is symbolized an example of a simplified process for the determination of a key; FIG. 3: a general representation of a method for producing the identification medium in the example of an identification medium using a bubble code and a printed matrix code; FIG. 4: a general representation of a method of using the identification medium in the example of an identification medium using a bubble code and a printed matrix code.

An identification medium 10 such as the identification medium illustrated in FIG. 1 comprises an identification zone 11 and an authentication zone 12. In this example, the identification medium 10 delimited by a broken line corresponds to a zone of an object. By object, it should be understood in the following description that the object carrying the identification medium 10 can be of any kind. In particular, the object may be a product, a packaging, a document ... The area of the object carrying the identification medium 10 will most often be a visible area easily accessible for carrying out control operations. However, the choice of such a zone 10 may have different characteristics depending on the technical means used both for the identification medium itself and for carrying out control operations, as will be understood from the following detailed description. Said identification medium corresponds where appropriate to a label 15 intended to be affixed to an object. The identification zone 11 comprises at least one identifying element. By identifying element, it must be understood any information or combination of information that is characteristic of the identity of the object, or of the person who holds it. The information of the identifier element can be presented in alphanumeric form, in graphic form, in the form of a digital representation, but normally accessible visually or by reading means adapted to the digital representation used. Such an identifier element comprises, for example, an identification code 13 which is present in the form of an alphanumeric string and or in the form of a barcode, not shown, and or in the form of a biometric imprint. of the holder such as an identity photograph, an image of the retina, cases not shown, or by a fingerprint 17 as illustrated. The same identifying element is optionally present in the identification zone 11 in several forms adapted to different reading means. For example, an identification code 13 is presented in the form of an alphanumeric string 13 that can be read without technical means and in a bar code form. A photograph or the image of a fingerprint can be presented in graphic form, as represented in the example of a fingerprint, and or in digital form for example according to the PDF417 standard. In practice any form allowing a reading, in a planned operating context, of the information contained in an identifier element can be implemented to introduce an identifying element into the identification zone. The identification zone 11 also comprises at least one code 15, in the example illustrated in FIG. 1, an optical reading matrix code often designated by the English terminology "data matrix" or by the expression QRCode. The code 15 is readable by devices incorporating an optical reader and incorporating means for processing the image of the matrix code obtained by the optical reader to extract information is contained in said matrix code. Among the information contained in the matrix code are identification information, the content of which is identical to or complementary to that of the identifying elements, identification code 13, biometric fingerprints ..., already present or not in the zone 20 d identification 11 in other forms, and additional information such as useful data, and if necessary sufficient, to establish a connection with an external database. In current widespread use the matrix code includes as additional information a computer address (URL) for establishing a connection with a website whose content is related to an object or a document, or a person supposed to hold it, carrier of the medium. Identification. In addition, the code 15 also comprises additional information relating to at least one authenticating element 16 of the authentication zone 30. The at least one authenticating element 16 is a single element, as is the case a priori of the elements. identifiers, but, contrary to the information contained in the identification zone 11, the authentication element 16 does not contain any identification code or representation of an identifying element, the coherence of the authentication element with elements identification to be sought elsewhere. An authenticating element 16 is, for example, as in the example shown in FIG. 1, a bubble code in which bubbles are trapped in a transparent polymer material so as to form a three-dimensional, observable pattern derived from a chaotic process which makes it unique and whose reproduction is impossible in practice. An authenticating element 16 may also be a code in two dimensions, a solution that is not shown, for example the arrangement of elements of shapes and / or textures and or of various colors, for example sub-millimetric flakes, observable at the time. area of a defined area of the authenticating element. Here again the process of distributing flakes according to their shapes, their textures and their colors, resulting from the dispersion of flakes on the defined zone, is the result of a chaotic process which makes the reproduction of such an identifier, which can to be relatively simple and inexpensive to manufacture, technically very difficult. Other types of authenticating elements 16 are possible, an essential characteristic of such an identifying element, besides its uniqueness, being the difficulties in reproducing an element identical to a given authenticating element. The term difficulties is here to be considered in the set of criteria that can be taken into account: technical, industrial, economic ..., specific to the case. In the identification medium 10, the identification zone 11 further comprises accessible information, designated "key", a function of the unique authenticating element 16. The key, which is incorporated in the code of the identification zone 11, can be encrypted or unencrypted and or hidden, ie unobservable without a specific reading device, or not hidden. It is advantageously incorporated in the code 15 so that it can be acquired in reading almost simultaneously with the other information contained in said code.

For example, the key is embedded in the matrix code or in another medium such as a contactless reader chip (RFID). Access to the key, particularly when the key is hidden in a printed matrix code, may also require the use of particular optical drives such as ultraviolet and infrared scanners. The key may also be in the form of micro-codes requiring optical magnification means adapted to be read. The key introduced in an identification zone 11 is created for each identification medium 10 as a function of the authentication element 16 and, since this authenticator is unique, the method implemented to generate a key from the Authentication element 16 is defined to avoid or at least make it unlikely that two authenticating elements generate the same key. However, even if chance can result in generating two identical keys, the association of the key with the necessarily unique identifier has the consequence of making the pair authenticator / identifier absolutely unique. The key is in practice a transcription of a reading of the authenticating element. This reading implements an algorithm chosen so that the application of the algorithm to the authenticating element makes it possible to find the key. The key is therefore a signature of the authenticating element. The interest of such an identification medium 10 will be better understood by reading the method of using said identification medium. The means for reading the different elements identifying and authenticating, visible or hidden, using optical or radio or other technologies, encrypted or unencrypted, being known on the one hand and on the other hand likely to evolve with the technological progress for perform the same functions or equivalent functions, no particular details will be given on these means of reading except as examples in that they would improve the clarity of the description.

Similarly, the generation of elements comprising combinations of information as in the case of matrix codes is also known and will therefore not be detailed.

Realization of identification media In a first step, identification media 10 are produced, FIG. 3. In a first step 110 of producing an identification medium 10, at least one authenticating element 16 is associated with at least one identifying element 13, 17. The set of information characterizing the at least one authenticating element 16 and the at least one identifying element are stored in a database 20 in which database they are associated in a way. to form a pair "authenticating-identifier" in which the authenticator is unique and in which the identifier is unique in the database considered, ie in the database or part of the dedicated database to a particular application. As needed, the database 20 also includes, associated with the "authenticating-identifying" pair, information concerning the object, or the person holding it, to which the identification medium 10 is associated, the data in question being able to be introduced in one or more subsequent stages. In a second step 120 of producing the identification medium 10, a key characteristic of the authenticating element 16 is determined, for example by an optical reading 121 of said authenticating element and by a processing 122 of the result of this reading in order to determining at least one digital signature constituting the key. In a third step 130 of producing the identification medium 10, the encrypted key 123, if any, is incorporated with a digital representation, encrypted 124 if necessary, of the at least one identifying element in a content of an identification zone 11 of the identification medium 10. The key and the numerical representation of the at least one identifying element are for example introduced into a code carrying said digital representation of the at least one identifying element and said key. In one embodiment, said digital representation of the at least one identifying element and said key are introduced in the code 15 to be juxtaposed so as to be read individually. In another embodiment, said digital representation of the at least one identifying element and said key are introduced in the code 15 in a combined manner in step 130 so that access to the information relating to the at least one identifying element requires knowing the key that can be obtained by reading the authenticating element subject to having the algorithm implemented for the creation of keys. By way of illustration, it may be noticed that a fingerprint likely to constitute an identifying element can be represented on the one hand in graphic form, as illustrated in FIG. 1, and be introduced in digital form in the matrix code. . In practice a fingerprint according to the known image compression techniques represents less than three hundred bytes, which can be contained in a matrix code of twenty millimeters of printed side with a resolution of half a millimeter. In a preferred embodiment of the code 15, information, for example a logical URL address, for accessing the external database is also introduced so as to be accessible when reading said matrix code. In another embodiment, the information to access the database 20 is not incorporated in the code 15, that is, that said information is known to a reader to be used to read the identification medium 10, or that said information is available in the identification zone 11 other than in the code 15. In a fourth step 140 of producing the identification medium 30 10, the authentication element 16 is integrated in said identification medium, in the zone 12, and the code 15 is created, in the case of the illustrated example, for example printed, on said identification medium, in the identification zone 11.

Where appropriate, the at least one identifying element is also incorporated in another form in the identification zone, for example printed in the form of the alphanumeric string 13 or of the image 17, and or in the form of a digital representation in a form suitable for the intended use, for example the form of a barcode or a matrix code, and or in the form of a digital representation stored in an electronic memory. At the end of this step, the identification medium 10 comprises at least 10: an authenticating element 16; a digital representation of an identifying element contained in the code, printed in the example in the form of a matrix code; a key of the authenticating element contained in the code 15; Preferably a logical access address to an external database. In an accessory manner, the identification medium 10 also comprises identification elements 13, 17 identical to or different from those introduced in the code 15. The identification medium 10 is then able to be affixed to a object for which it was made. In practice, the identification medium 10 is: - either produced directly on the destination object, for example by printing and incorporating the physical elements corresponding to the authentication element in particular; - Is printed and assembled on a label, for example an adhesive label, intended to be applied to a product or a document, preferably in a non-removable manner, ie an attempt to remove the label leads to the destruction identification medium or at least permanent alteration of its contents. Use of Identification Media To verify the authenticity of an object or document carrying an identification medium a step is to verify the authenticity of the identification medium itself, FIG. a first verification step 220, the at least one authenticating element 16 is read 221 by a means adapted to the structure of said authenticating element and the result of this reading is processed to extract 222 the key of the authenticating element. In a second verification step 210, the code 15 printed on the identification medium 10 is read 211 by optical means. In another embodiment in which the key information is contained in an electronic memory, said information is read by a suitable reading system. In the embodiment in which the digital representation of the at least one identifying element and the key are in said matrix code juxtaposed so as to be read individually, the key which is present in said matrix code is extracted 212. In this embodiment, the key extracted from the code 15 during the second step 210 is compared with the key obtained from the reading of the authentication element 16, where appropriate with several keys obtained from the reading 20 of said authenticating element. In the embodiment in which the digital representation of the at least one identifying element and the key are introduced in the code 15 in a combined manner in step 130 so that access to the information relating to the at least one identifying element requires knowing the key, the key obtained from the reading of the authentication element 16 is used 213 to decrypt the information extracted from the code 15, if necessary with different keys obtained from the reading of the authenticating element 16. It should be noted at this stage of the method that the authenticating element 16 is able to render several different keys, including using a given algorithm, and that the choice of a particular key among the possible keys during the realization of the identification medium 10 is not known a priori when reading the authenticating element 16 made, hence the need in some cases to consider er several key possibilities at the time of reading of said authenticating element. By way of example, illustrated in FIG. 2, in the case of an application implementing an authentication element 16 in the form of a bubble code, a key is constructed by the choice of a given number n of bubbles, 161, 162, 163, 164, 165 ... among all the bubbles of the bubble code 16, for example n = 5 bubbles, considering the relative positions of these bubbles between them and morphological characteristics of each of them. it, for example the size and shape more or less elongated, even three-dimensional characteristics of each bubble taken in a reading order as arbitrarily materialized by the discontinuous line superimposed on the bubble code in Figure 2. In this simple example the key will be equivalent, for example, to information of the type "bubble 161-average diameter-ratio of elongation of the bubble"; 162-average diameter bubble-elongation ratio of bubble-distance from bubble 161; "Bubble 163-diameter average-ratio of elongation of the bubble - distance from the bubble 162 - value of the bubble angle 161_bulle 162_bulle 163" ... "bubble 165-average diameter-elongation ratio - distance by report to bubble 164 - bubble angle value 163_bulb 164_bulb 165 ". The dimensional information may be normalized by being referenced to a reference dimension which may be an arbitrary dimension of the bubble code considered or a dimension related to the selection of bubbles made, for example a distance between the first two bubbles selected so as to to overcome scale problems when reading the bubble code. It is understood in this example that a bubble code is able to produce several keys, more or less complex depending on the chosen algorithm. Advantageously, the algorithm chosen for the determination of keys identifies each key with a decreasing probability of detection so that the identification of the key sought at each reading can be performed quickly. In a practical case, the implementation of an algorithm such as a Delaunay triangulation makes it possible to affirm with a probability close to unity that the key sought must be among the first three determined keys.

In a third verification step 230: - if the key is extracted directly from the code 15, during the step 210 said key is compared to the key or keys obtained by reading the at least one authenticating element 16; s - if the information contained in the code 15 is encrypted using a key, during the step 210 a control information decrypted by means of the key obtained from the reading of the authenticating element 16, by example the key itself contained in the encrypted part of the matrix code or other information, is compared to the same control information read elsewhere. If the key or the control information extracted from the code 15 is not found 231 among the keys obtained by reading the authentication element 16 or by decrypting the content of the code 15 by means of said keys, it is concluded that the said authenticating element is not associated with the at least one identification element of the identification zone 11 and that the identification medium 10 has a defect which leads to the declaration 250 not authentic. If during this third step the key extracted from the code 15 or other encrypted information is found 232 among the keys obtained by reading the authentication element 16, it is concluded that said authenticating element is associated with the minus one identification element of the identification zone 11 and that the identification medium 10 is authentic. However, the authenticity of the identification medium 10 concluded following this step 232 is only partial and does not guarantee that said identification medium or the object or document carrying the identification medium is authentic. Indeed it is only confirmed in this verification step 232 that the code 15 which contains a representation of the at least one identification element 13, 17 also contains a valid key of the at least one authenticating element 16. 30 It can not therefore be totally excluded that illicit identification media conforming to the identification medium 10 of the invention and using any authenticating elements are made, even if these embodiments can be made very complex by encrypting the key and by technical means difficult to detect and / or reproduce.

If the identification medium is recognized provisionally authentic during the third step 230, then it is in a fourth step 240 process, in a known manner, the consultation 241 of the database 20 which independently guarantees that the least one authenticating element 16 and the at least one identification element 13, 17 are actually known and linked. During this consultation 241 of the database 20, if it is found 242 that: the authentication element 16 of the identification medium is not known in said database or is associated with any element identification, it is concluded 243 that the identification medium 10 is non-authentic 250; the authenticating element 16 of the identification medium is known in said database but is not associated therewith with any identifying element or that it is associated with an identifying element different from the identifying element whose representation is contained in code 15, it is concluded 243 that the identification medium 10 is non-authentic 250; the authentication element 16 of the identification medium is known in said database and that it is associated with an identifier element corresponding to the identifying element whose representation is contained in the code 15, it is concluded 244 that the identification medium 10 is authentic 260.

Thus with an identification medium in accordance with the identification medium 10 described and by implementing the described method of using said identification medium, it is avoided to make a connection and a consultation of a database of data. authentication when it appears during a local control that an authentication element of the identification medium is not confirmed as corresponding to an identification element. According to the example described in detail as illustrated in FIG. 1, the identification zone 11 of the identification medium 10 may be printed on an object, a document or a support such as an adhesive label, which enables low-cost identification media to be produced, the cost of such media depending mainly on the authentication element (s) which, as already mentioned, may be of different technologies depending on security level and objectives cost. The invention is capable of variants which do not modify the principles described. For example, the authentication zone may comprise any number of authentication elements, not necessarily all of the same technology, and keys can be combined. Likewise, the identification zone may comprise any number of identifying elements, each identifying element being reproducible with different shapes to be adapted to different reading devices. As has already been pointed out, all or part of the identifying elements and the identification zone may be contained or duplicated in an electronic memory such as an RFID-type non-contact reading memory or an electrical contact reading chip. . Although shown in the figures in a relative proximity which facilitates a quick read, the various elements and identifying elements may be at more or less distant locations on a product, a package or a document. Furthermore, a first level of verification is obtained by reading an authenticating element even when the interrogation of the database 20 is not possible, the first level of verification which can be raised to a high degree of security by the implementation of encryption means and the use of a matrix code comprising hidden parts or micro-codes. The present invention finds particular application whenever it is necessary simultaneously to prove the authenticity of a pair of information. This need arises, for example, when it is necessary to verify the authenticity of the nature of a right and the holder of that right. In this case, it must be proved that the holder of a medium is, on the one hand, the lawful holder of that medium and, on the other hand, that the medium presented is the original and not a counterfeit and / or falsified copy. Identity cards, voter cards, personal access cards, business cards, driver's licenses, health cards, passports, visas are examples of applications where, at the same time, it is possible to prove during a control that we are in the presence of the original support and the true holder of this support and any rights they confer.

In this type of application, it is practiced at first a biometric enrollment operation, for example the taking of a fingerprint, for the simultaneous delivery or not of a support or title, for example a card , conferring a right. It is associated with the key extracted from the authenticator 16 present on the support, a coded representation of the captured fingerprint (or its template) of the holder of this right. The key and the coded representation are encrypted and then printed on the medium delivered in the matrix identifier 15. To perform the dual authenticity check of the wearer and the support 15 presented, the known principle of "match on card" consisting of to read on the one hand the identifier 15 and the authenticator 16 on the support presented and on the other hand to capture the fingerprint of the wearer. The set of results of the two readings are decoded and lead or not to the coherence of the whole which makes it possible to conclude whether one is in the presence of an authentic original card and its holder or a non-original card and its holder or an authentic original card and an illegitimate holder. When the authenticator 16 is a bubble code There is an almost absolute assurance of being not only in the presence of a real or a false card 25 but also the probability of being in the presence of the legitimate holder increases significant compared to other "match on card" processes with electronic chip and digital authentication. In fact, the highly discriminating, measurable authenticating characteristics of a bubble code remain invariable and long-lasting and are physically invulnerable, thereby permanently guaranteeing false acceptance of the medium. Moreover, the known solutions are confronted in the case of biometrics with the uncertainties resulting from false rejections and false acceptances. These uncertainties lead to secure the whole to eliminate the maximum false acceptances which inevitably leads to increase the rate of false rejections. In the case of the bubble code / biometric pair, the exclusion of false bubble code acceptance guarantees the false acceptance of biometrics. Under these conditions the biometric control criteria may be less severe. Thus, the invention significantly increases the level of security of all biometric applications in a sustainable manner and consequently considerably increases the level of confidence. In addition, the solution proposed by the invention has the advantages of lower costs than with a smart electronic technology often considered today.

Claims (19)

CLAIMS1 - Identification medium (10), intended to be affixed to an object, comprising at least one code (15) of an identification zone (11), and at least one authenticating element (16) characterized in that the at least one code (15) incorporates at least one key of the at least one authenticating element (16) resulting from a reading of said at least one authenticating element. 2 - identification medium according to claim 1 wherein the code (15) further incorporates a digital representation of at least one identifying element (13, 17). 3 - identification medium according to claim 1 or 2 wherein the at least one code (15) is an optical readout code code comprising a coding of the at least one key or coding of the at least one key 15 and the at least one identifying element (13, 17). 4 - Identification medium according to claim 1 or 2 wherein the at least one code (15) is contained in an electronic memory comprising a coding of the at least one key or a coding of the at least one key and the at least one identifying element (13, 17). 5 - Identification medium according to one of the preceding claims wherein the at least one authenticating element (16) is unique and not duplicable. 25 6 - An identification medium according to claim 5 wherein the at least one authenticating element (16) comprises a three-dimensional physical component in which component bubbles are trapped in a transparent polymeric material. 30 7 - identification medium according to one of the preceding claims wherein at least one identifying element (13, 17), a digital representation and the at least one key of the authenticating element (16) are incorporated in the at least one code (15) is contained in the identification area (11) independently of said at least one code in a readable form, for example in the form of an alphanumeric character string and or in an image form or graphical representation and or in a form of digital representation of said at least identifying element. 10 8 - Identification medium according to one of the preceding claims wherein at least one biometric imprint, for example a photograph, a fingerprint, a retinal image, of a legitimate holder of an object bearing said identification medium is Embedded as an identifier element (17) in the at least one code (15). 9 - identification medium according to one of the preceding claims wherein the at least one key is hidden and or encrypted in the at least one code (15). 20 10 - identification medium according to one of the preceding claims wherein the digital representation of the at least one identifying element is hidden and or encrypted in the at least one code (15). 25 11 - identification medium according to one of the preceding claims wherein the identification area (11) comprises a connection address to a database (20). 12 - Method for producing an identification medium (10) for marking an object 30, which identification medium comprises at least one code (15) of an identification zone (11) and at least one authenticating element (16), characterized in that said method of realization comprises a step of reading (121) the at least one authenticating element, a step of determining (122), from said lecturerealized, at least one characteristic key said at least one authenticating element, and a step of incorporating (130) the at least one key in the at least one code (15) of the identification zone (11). 13 - Production method according to claim 12 wherein the step of incorporating (130) the at least one key in the at least one code (15) is preceded by a step of encrypting said at least one key. 14 - A production method according to claim 12 or claim 13 wherein a digital representation of at least one identifier element (13, 17) and the at least one key are combined (130) in the at least one code (15), for example in the form of a printed matrix code or an electronic memory. 15 - Production method according to one of claims 12 to 14 wherein a database connection address (20) is incorporated in the at least one code (15). 16 - A method of verifying an identification medium (10) according to one of claims 1 to 11, comprising a step of reading (211) the at least one code (15) of the identification zone (11) characterized in that it comprises a step of reading (221) at least one authenticating element (16) of the identification medium (10), a step of extracting (222) said at least one authenticating element at least one key characterizing said at least one authenticating element and a step of comparing (230) said at least one key with said at least one code. 17 - A verification method according to claim 15 comprising a step of acquiring a biometric fingerprint of a carrier of the identification medium (10) and comprising a step of comparing said acquired biometric fingerprint with an identifying element (17) or at least one code (15) in which is incorporated a numerical representation of the identifier element (17), and in which the identification medium (10) is declared invalid if, during this comparison, there is no There is no correspondence between said biometric fingerprint and said identifier element. 18 - verification method according to claim 16 wherein the identification medium (10) is declared invalid if in the comparison step (230) no signature in accordance with the at least one key extracted from the at least an authenticating element (16) of the identification medium (10) is not identified (231) in the at least one code (15). 19 - verification method according to claim 16 wherein the at least one authenticating element (16) is assumed to comprise a three-dimensional physical component comprising bubbles trapped in a transparent polymer material, and wherein the identification medium is declared invalid if during the comparison step (230) the three-dimensional characteristic of said at least one authenticating element is not recognized. The verification method of claim 16 wherein when at least one key extracted from the at least one authenticating element (16) is identified in the at least one code (15), the comparing step (230) is followed by an interrogation step (241) of a database (20), in which base are associated at least one identification element (13, 17) of the identification zone (11) and a representation of the at least one authenticating element (16), said interrogation step not being carried out if, during the comparison step (230), no signature conforming to the at least one key extracted from the minus one authenticating element (16) is identified in the at least one code (15).