Attorney Docket No. 21431-160501-PC Customer No. 42798 NETWORK-INDEPENDENT DYNAMIC ENCRYPTION CROSS-REFERENCE TO RELATED APPLICATIONS [0001] This application is a PCT Application and claims priority from US provisional application 63/579,112 filed August 28, 2023; and US provisional application 63/687,034 filed August 26, 2024, which are hereby incorporated herein by reference in their entirety for all purposes. FIELD [0002] Presented herein are dynamic encryption methods for authentication/verification in the field of digital assets and data such as printed imaging of barcodes, and particularly the present embodiments relate to barcodes and barcode scanners, encryption, identification and validation methods for digital signals, assets, data carriers, glyphs, images, videos, IDs, tickets, certificates and any other digital medium, utilizable for the purpose of, but not limited to, storing, transmitting, identifying and authenticating static and variable data using data carriers/ glyphs, watermarks, latent images, pantographs, steganography, hidden signatures/ frequencies, digital noise, barcodes and the like using natively or remotely accessible data via local hardware/ sensors, satellite, radio, radio-frequency identification (RFID), near field communication (NFC) or any other for of digital data transmission which allows for network-independent dynamic encryption, such as multichannel encryption codes that can be securely verified without an Internet connection. BACKGROUND [0003] Digital technology is changing the way we do things, everything from ticketing, to driver’s licenses, identification cards (IDs), passports, visas, green cards, vaccination records, prescriptions, boarding/ travel passes, birth certificates, professional certifications, visitor passes
Attorney Docket No. 21431-160501-PC Customer No. 42798 and events (e.g., planned public, private or social occasions such as concerts, sports, theater, parties, shows, travel, trade shows, conferences, seminars, meetings, charity, community, religious, and the like) are no exception. The days of physical documents, paper tickets and long queues for events are quickly becoming a thing of the past, as companies and governments or event organizers turn to digital solutions with digital documents/ assets being conveniently stored (such as digital ticketing solutions with event tickets), for example, in attendees’ smart devices such as, for example, their mobile phones, tablets watches and the like. [0004] Digital documents/assets are becoming increasingly popular because they offer a host of benefits that traditional paper-based items simply cannot match. From convenience to security, digital documents/ assets are transforming the way we present our ID, check-in at locations and attend events. [0005] Digital documents/ assets have notable benefits for both the issuer and recipient. While it may be an adjustment from what was traditionally used before, the pros appear to outweigh the cons. For example: [0006] 1. Convenience – Imagine not having to bring a printed boarding pass, ID, ticket, etc. and not having to worry about misplacing it. With a digital documents/assets, you can easily store them in your mobile phone or other smart device and carry with you everywhere. [0007] 2. Instant delivery – Once you purchase your digital ticket, for example, attendees can immediately have it available for use on their smart device or emails. No need to wait in line; travel to pick it up; or wait for it in the mail. Airlines have been implementing this technology too. A passenger can easily check-in for their flight online and have their boarding pass readily available in an instant. [0008] 3. Eco-friendly – With a digital ticket, for example, paper waste is eliminated because there is no need to print hundreds or even thousands of physical tickets. Efficiency is also
Attorney Docket No. 21431-160501-PC Customer No. 42798 maximized with a digital ticket because aside from eliminating printing, the need for packaging or customizing the physical ticket is also eliminated. [0009] 4. Less Expensive – For both the attendee and the event organizer there is less cost in ticket production and delivery, making it a more affordable option for everyone. Using online event registration and ticketing companies and, event organizers can enjoy an all-in feature where they can generate and scan dynamically encrypted QR Code tickets to validate tickets and/or track attendance. [0010] 5. Security – Digital tickets can be considered more secure as they can generate a unique QR or bar code that can’t easily be tampered with compared to a traditional physical ticket. It can also be scanned electronically to validate ticket authenticity and avoid fraud. However, due the ease of screen capturing on digital devices, unauthorized duplication and transfer are some of the major vulnerabilities that dynamic encryption can help prevent or identify. [0011] 6. Quick tracking – For an event organizer, generating tickets digitally is more convenient because registration can be tracked automatically. Event organizers can enjoy the ease of collecting event registration details automatically once an attendee registers online. There is also a faster event check-in through digital ticketing as well as more efficient event attendance tracking. [0012] Digital tickets are only one such application that may benefit from the use of Network- independent dynamic encryption for QR codes (i.e., quick response codes) or any other data carrier/ glyph. A QR code is merely one type of data carrier/ glyph that may be used. Advanced secure QR codes are a type of two-dimensional matrix barcode. A barcode is a machine- readable optical image that contains information specific to the labelled item. In practice, QR codes may contain data for a locator, an identifier, and a website visitor tracking. To efficiently store data, QR codes use four standardized modes of encoding (i) numeric, (ii) alphanumeric,
Attorney Docket No. 21431-160501-PC Customer No. 42798 (iii) byte or binary, and (iv) kanji. A QR code typically has black squares arranged in a square grid on a white background, including some fiducial markers, which can be read by an imaging device such as a camera or scanner, and processed using Reed–Solomon error correction until the image can be appropriately interpreted. The required data is then extracted from patterns that are present in both horizontal and vertical components of the image. (See generally: https://en.wikipedia.org/wiki/QR_code) [0013] While digital tickets are generally safe to use for events, it is always best to consider the need to take precautions to avoid ticket fraud. Digital tickets fraud exploits data manipu- lation and copying and some examples are man-in-the-middle (MITM) type of attack, screenshots, saved videos of dynamically changed codes, and the like. [0014] Despite these advances in the art, communication errors, mobile computing challenges, cryptographic protocols errors, and the like, are other problems that can occur in digital tickets authentication. Thus, there is a desire and a need to address these deficiencies in the art. [0015] It is to be understood that if any prior art information is referred to herein, such reference does not constitute an admission that the information forms part of the common general knowledge in the art. SUMMARY [0016] Accordingly, to advance at least the aforementioned deficiencies in the art, described herein are new and unknown solutions to resolve fraud attempts and communication/computational challenges in the field of digital document/asset authentication (such as a ticket, for example). [0017] One approach provides a method of utilizing a combination of natively and remotely available data sources on a digital device such as a mobile phone, tablet, computer, electronic
Attorney Docket No. 21431-160501-PC Customer No. 42798 chip, media receiver or any other digital interface device that displays, communicates or transmits as multi-factor keys for our network-independent dynamic encryption. Data such as date/ time stamp, device ID, username, hardware component ID, gyroscope, camera, biometrics, and any other data that can be retrieved from local or remote hardware sensors and components that do not require an internet connection to access such as satellite-based geolocation and atomic date/time stamp, RFID, NFC, radio, and the like, can all be used as multi-factor keys in the network-free dynamic encryption and decryption process. Multiple devices that are “synced” with these data sources as multi-factor keys are able to securely transmit data with a high level of confidence that it is genuine, untampered and from the original source. [0018] Any practical combination of the previously mentioned natively or remotely available data sources for multi-factor dynamic key generation may be used to achieve a system that is secure, efficient and robust. [0019] In one example, it is possible to utilize network-independent dynamic encryption for the purpose of validating login credentials via users scanning one or multiple dynamically encrypted data carriers/ glyphs displayed on a computing device such as a mobile phone, tablet, laptop, workstation/ terminal or the like with a mobile device that is synced with the same network-independent dynamic encryption methodology. [0020] In another example, it is possible to utilize network-independent dynamic encryption for the purpose of secure messaging. With the same methods presented in the present invention, it is possible to synchronize multiple remote users with the same encryption/ decryption parameters that allow for sending and receiving users to securely transmit data for each and every message. If any messages become intercepted, they are all individually, uniquely and unpredictably encrypted. This means that only one message would be compromised if at all. Initial keys can be established with a variety of popular and novel
Attorney Docket No. 21431-160501-PC Customer No. 42798 techniques that ensure only the authorized users are able to send and receive the dynamically encrypted data. [0021] In one approach, it is possible to utilize network-independent dynamic encryption for the purpose of establishing securely streamed digital data and media signals. There are several use cases for this such as anti-piracy and anti-infringement in the field of streaming media such as videos, movies, tv, news, video games, announcements, emergency broadcasts, political content, government messages and the like. With the same methods presented in the present invention, it is possible to synchronize both the sending and receiving signals with dynamically generated encryption/ decryption keys that allow for a completely scrambled/ encrypted transmission that can only be descrambled/ decrypted by authorized users with authorized devices. This can be done via software and hardware keys/ devices on the sending and receiving sides. For example, it is possible to ensure secure, direct, untampered digital content via dynamically encrypted devices with synced applications. Likewise, it is also possible to achieve this with hardware devices such as in-line encryption/ decryption adapters, cards, keys, fobs and the like for audio, video and signals that are transmitted through cables/ cards/ chips such as HDMI, Coaxial, USB/ USB-C, SD cards, hard drives and the like or other hardware devices including but not limited to WiFi, Bluetooth, radio, RFID, NFC, etc. By utilizing these methods, it is possible to prevent or identify altered videos, deep-fakes, ai-generative content, false advertising, altered/ fake news, certified photo/ video files for copyright or evidence purposes and any other digital threat we face due to bad actors intercepting, altering and passing off unofficial/ illicit content as genuine/ original. [0022] One approach provides printed and digital imaging of barcodes, data carrier and data glyphs with significant improvements over those known from the prior art field of digital imaging, data encoding, printing, displaying, and scanning both digital complex multi-functional multi-
Attorney Docket No. 21431-160501-PC Customer No. 42798 color composite 2D and QR codes (or other types of codes) for the purpose of securely interacting. [0023] The present embodiments relate to barcodes and barcode, encrypted data carrier/glyph generators and scanners utilizable for the purpose of, but not limited to, storing and transmitting static and variable data for sterilization, track and trace, identification, proof-of- vaccination, ticketing, access control/ credentials and any other use case for secure dynamic encrypted data including for example bar codes. In particular, the present embodiments relate to network-independent dynamic multi-channel or encrypted codes that can be securely verified without an Internet connection. [0024] A network-free solution can be advantageous for any application that involves using codes for entry or verification. Most solutions require a connection to validate codes on an external database and this limitation leads to errors displaying/ reading codes and bottlenecks at point of entry. [0025] A computer-implemented method to improve the safety of a digital ticket, for example, may include the steps of: generating a salt/public key by obtaining a longitude and latitude of an event attendee smart device GPS chip and obtaining a time stamp from the smart device operating system; creating a static and unique ticket ID; creating a new quick response code in intervals using data to be rehashed comprising the ticket ID and the salt/public key; sharing the salt/public key to be rehashed or re-encrypted with the event attendee smart device and an event organizer; scanning the event attendee digital ticket by the event organizer; validating of the ticket ID; and validating the salt/public key. [0026] In one approach creating a new quick response code can be in regular intervals or irregular intervals. [0027] Another approach may add the step of quick response code image data block inversioning until a predetermined geo-fenced latitude and longitude is reached.
Attorney Docket No. 21431-160501-PC Customer No. 42798 [0028] According to one approach, the step of obtaining a longitude and latitude may further add rounding up the last one or two numbers. In another approach, the step of validating a digital document/ asset may be by verifying whether the document/ asset (such as a ticket) is present in a backend database. [0029] According to one approach, the step of validating a digital document/ asset (such as a ticket ID) may be performed by generating a unique ID using predetermined criteria and by de- hashing/decrypting the ID to compare and verify whether the ID is consistent with the predetermined criteria. The predetermined criteria may include dividing ID digits into predetermined classes of digits. The predetermined classes of digits may be selected from the groups of prime numbers, predetermined ranges of number, predetermined multiples of numbers, and combinations thereof. [0030] According to another approach, the data carrier/ glyph (such as quick response code) is an image which can be manipulated including image retiling (such as a quick response code), tile color inversion, data block rotations, latent image encoding, and combinations thereof. The quick response code manipulation can reshuffle the tiles based on GPS location data and date/time stamp in regular intervals or irregular intervals. An exemplary regular interval may be 10 seconds. [0031] Another approach may include the step of applying a layered latent image to the data carrier/ glyph (such as a quick response code) not detectable by a user; and machine-readable extracting of the layered latent image for authentication. The step of applying and extracting the layered latent image may be achieved by changing the angle and/or frequency of changes of the data carrier/ glyph (such as a quick response code). [0032] According to another approach, the step of creating a data carrier/ glyph (such as a quick response code) may include the step of creating a plurality of different data carrier/ glyphs (such as a quick response code) and placing each, respectively, into a different RGB (i.e., red,
Attorney Docket No. 21431-160501-PC Customer No. 42798 green, blue) color separation. The steps of scanning and validating a data carrier/ glyph (such as a quick response code) uses a color filtering image processing algorithm. [0033] Other aspects of the invention are also disclosed and will become more apparent to persons having ordinary skill in the art to which the assemblies pertain and from the following description and claims. BRIEF DESCRIPTION OF THE DRAWINGS [0034] The accompanying drawings, which are incorporated in and constitute a part of this disclosure, illustrate various disclosed embodiments. In the drawings: [0035] Fig.1 illustrates an exemplary - QR Code data shows (9) at 10:24 pm; [0036] Fig.2 illustrates an exemplary - QR Code data shows (2) at 12:40 pm; [0037] Fig.3 illustrates an exemplary - QR Code data shows (1) at point A and (5) at point B; [0038] Fig.4 illustrates an exemplary - QR code image data block inversion; [0039] Fig.5 illustrates an exemplary - QR code image data block rotations; [0040] Fig.6 illustrates an exemplary - RBG full color view of Multi-Channel/ Multi-Color Composite QR Code; [0041] Fig.7 illustrates an exemplary - RED Color Separation (QR1); [0042] Fig.8 illustrates an exemplary - GREEN Color Separation (QR2); [0043] Fig.9 illustrates an exemplary - BLUE Color Separation (QR2 again); [0044] Fig.10 illustrates an exemplary Dynamic Encryption for Workstation Login; [0045] Fig.11 illustrates an exemplary Dynamic Encryption for Messaging; [0046] Fig.12 illustrates an exemplary Dynamic Encryption for Digital Content/ Media Streaming; and
Attorney Docket No. 21431-160501-PC Customer No. 42798 [0047] Fig.13 illustrates an exemplary Dynamic Encryption for Downloaded Digital Content/ Media. [0048] While the features described herein may be susceptible to various modifications and alternative forms, specific embodiments thereof are shown by way of example in the drawings and are herein described in detail. It should be understood, however, that the drawings and detailed description thereto are not intended to be limiting to the particular form disclosed, but on the contrary, the intention is to cover all modifications, equivalents and alternatives falling within the spirit and scope of the subject matter as defined by at least the appended claims. DETAILED DESCRIPTION [0049] The following detailed description refers to the accompanying drawings. While several illustrative embodiments are described herein, modifications, adaptations and other implementations are possible. For example, substitutions, additions or modifications may be made to the components illustrated in the drawings, and the illustrative methods described herein may be modified by substituting, reordering, removing, or adding steps to the disclosed methods. Accordingly, the following detailed description is not limiting of the disclosed embodiments. [0050] Disclosed embodiments provide systems and methods for barcodes and barcode scanners utilizable for the purpose of, but not limited to, storing and transmitting static and variable data using barcodes using network-independent dynamic multi-channel codes that can be securely verified without an Internet connection. [0051] It is noted that one skilled in the arts of encryption, data processing or digital media would understand that a quick response (QR) code, or any other barcode/ data glyph for that matter, is provided herein as an exemplary data carrier form. It is also noted that many other types of data carrier forms as described herein fall within the scope of the present
Attorney Docket No. 21431-160501-PC Customer No. 42798 embodiments. Accordingly, provided herein are use cases of the core embodiments, which relate to a network-independent and data carrier-agnostic form of dynamic encryption. [0052] In the sector generally referred to as “barcodes” alone, there are dozens of encoding/ decoding variations and methodologies. All appear to perform the same to any given user, but the encoding and construction techniques vary, along with the individual strengths and weaknesses of each. Expanding beyond bold, large pixel codes which tend to be black and white, there are a wide range of other graphic data carriers that are essentially highly detailed, fine pixel barcodes. These are generally referred to as “digital watermarks”, which have some advantages over standard UPC/ QR type codes. These advantages include the ability to be invisible to the naked eye, allowing them to be applied over virtually any digital media without affecting appearance, the ability to scan multiple larger areas across a host or carrier media and the ability to be resistant to tampering/ removal to name a few. Because of these advantages, digital watermarks are another type of data carrier form that can use dynamic encryption. [0053] Applying the same techniques that are applied to any other code, instead of utilizing digital watermarks, a user can apply dynamic encryption to virtually any other type of digital media. Photos and videos can be securely streamed or hosted on a digital platform – while being dynamically decrypted and rendered or displayed on the fly. The signal itself can also be encrypted and decrypted dynamically. Digital streaming platforms for both live and pre- recorded events, news bulletins, entertainment, and the like and combinations thereof can apply these dynamic encryption techniques to certify that a signal is secure and untampered. Currently, with artificial intelligence, generative AI and deep fakes rapidly on the rise, and with massive amounts of falsified content on the internet that is indistinguishable from reality, the present embodiments provide dynamic encryption that is an incredibly powerful and necessary security technology to prevent or identify these threats.
Attorney Docket No. 21431-160501-PC Customer No. 42798 [0054] Another technology that shares many of the advantages of digital watermarks is steganography. Steganography is the practice of hiding data within media. Traditionally, this is done via physical printing, but the same steganographic technologies can also be applied to digital media. One advantage of steganography over watermarks is that it is in the spatial domain instead of the frequency domain. This allows for human-readable content to be hidden and revealed. Digital watermarks generally appear as fine pixels that are scattered throughout the media carrier and there is no way to understand them other than to scan and decipher with specifically designed software applications. Steganography, on the other hand, can display data such as words, images, logos, serial numbers, date/time stamps, ID numbers, any other static or variable data, and the like and combinations thereof. Therefore, in the same way a QR or any other barcode’s data can be dynamically changed at a certain interval, a user can dynamically change the hidden content of a digital steganographic encoding. This can be used as an additional factor in the process of dynamically encrypting, decrypting and validating data carried by any variety of means. [0055] The previous examples expand on the functionality of utilizing graphically visible and scannable representations of dynamic encryption. But the are many other use cases that open when applying dynamic encryption directly to core data. For example, when you see an image, video or any other visual digital media and when you hear a song, recording or any other digital audio, there is a lot of digital data behind those that a user cannot perceive with their senses. This is the core binary data that represents whatever media you experience. At its root, any digital media of any kind is based on representing transmitted binary data. A combination of software and hardware are used to display/ transmit the converted digital media so that a user can perceive it. This data is often encrypted to protect against fraud but is vulnerable to hacking and unauthorized misuse such as piracy or illicit multi-threat streaming. Applying the very same network-free dynamic encryption techniques to this data, a user can ensure that only authorized
Attorney Docket No. 21431-160501-PC Customer No. 42798 users and hardware are able to dynamically decrypt the transmitted data to perceive it. Any attempts to redirect, share without permission or falsify the transmission would result in different encryption keys due to different users, hardware and locations, which would prevent any of these illicit threats. For example, utilizing this approach, it is possible for news networks, live sporting/music/ entertainment events, government broadcasts or any other live streamed or certified content to ensure that the transmitted signal is dynamically encrypted and therefore factually accurate and untampered. This can be incredibly valuable for ensuring that a particular digital media signal is authentic. With deep fake technology now being so convincing, realistic and widely available, it is possible for even unsophisticated ‘bad actors’ to misuse these technologies to falsify virtually anything. Official statements from governments, corporations, politicians, educators, law enforcement, financial institutions, and any other important information can be easily tampered with and it may be almost impossible to determine what is real. This can become a major issue for our legal system. In short we are now living in a world with photo and video evidence that cannot be trusted. Any crimes that are caught on camera hold much less conviction, as the defendant can simply claim it is fake. It is becoming increasingly difficult to dispute such claims and prove authenticity. Only highly trained experts that apply multiple manual interrogation techniques can hope to certify any digital content – even then it may still be uncertain. With a dynamically encrypted and secured transmission signal directly recorded into a secure hard drive, the content can be more confidently authenticated. [0056] Another example of applying the same network-independent dynamic encryption to transmitted background data is the use case of secure digital messaging. Once again, utilizing the same technology and methodology that would apply to codes or digital media, a user may also apply to transmitted messaging, emails, alerts, notifications and any other methods of transmitting human communications such as readable or audible data and the like. In the art,
Attorney Docket No. 21431-160501-PC Customer No. 42798 the present methods of encrypting messaging have major disadvantages and weaknesses such as the need to transmit new encryption keys as overhead data along with messages that are sent. This not only incurs hidden costs and inefficiencies, but also makes a larger set of data vulnerable. In most cases, the key is transmitted in parts over the course of several messages, this adds data for each message and also groups dozens of messages with the same encryption key. By utilizing the dynamic encryption of the present embodiments, a user can encrypt every single message with a unique, unpredictable encryption key that is dynamically generated on both ends without the need for a connection other than to receive the message. If anyone intercepts the dynamically encrypted message, they would not be able to decrypt it as they would have a different username, device ID, geolocation and potentially different timestamp due to the delay. And even if someone was able to decrypt an intercepted message, it would only be one message with limited data, not dozens of messages with much more sensitive data being compromised. [0057] Additionally, these dynamic encryption techniques of the present embodiments can be used to personalize the data to each user or device. This allows for other functionality that is a byproduct of the core functionality of the present embodiments, which is that we can identify individual encryption settings. For example, if someone attempts to pirate, tamper, leak or transfer without permission, any digital media, there are hidden identifiers that are unique to that user and/or device. This can allow for private rules or public laws to be enforced against infringers and bad actors. [0058] By combining multiple data carriers with the same core present embodiments of network-independent dynamic encryption, a user may achieve a system that is highly robust, secure and adaptable for future use cases. Any combination of these techniques and technologies may be used to design a secure way of transmitting and validating data without the need for an internet connection.
Attorney Docket No. 21431-160501-PC Customer No. 42798 [0059] There are many embodiments, application methods and use cases that can derive from these techniques of the present embodiments. For example, when applying dynamic encryption to scannable codes, this can be used for a variety of applications including but not limited to any type of ticketing or secure access pass and digital IDs such as driver’s licenses, passports, employee/ visitor badges, VISAs, student IDs, hospital visitor passes, and the like. [0060] Other use cases for dynamically encrypted scannable codes may include secure logins to workstations, websites, platforms, social media accounts, banking/ investment accounts or any other digital accounts. These uses may also include access to other digital databases, CRMs, or other systems with highly sensitive data. In cases where hardware devices or kiosks are equipped with built-in cameras to scan, dynamically encrypted codes can be used to access to buildings, unlock doors, perform digital payments, check in at any facility and validate any date such as age, name, clearance, permissions, prescriptions, vaccinations, certifications, and the like or any other data that needs to be validated as accurate and untampered. [0061] In cryptography, the expression ‘SALT’ refers to adding random data to the input of a hash function to guarantee a unique output, the hash, even when the inputs are the same. Consequently, the unique hash produced by adding the salt can protect us against different attack vectors, such as hash table attacks, while slowing down dictionary and brute-force offline attacks. [0062] A cryptographic hash function (CHF) is a hash algorithm (a map of an arbitrary binary string to a binary string with a fixed size of n bits) that has special properties desirable for a cryptographic application. [0063] Dynamic Network-Independent Geolocation Timestamp QR Code
Attorney Docket No. 21431-160501-PC Customer No. 42798 [0064] Features and circumstances that can be used to improve safety/authentication that are common to an event organizer who is authenticating a digital ticket and the attendee who is the digital ticket holder at the time of the authentication is that both will be at the same place at the same time. In the digital world these features can be represented with GPS location (longitude and latitude) and date/time stamp. Both are presented as numbers. [0065] For example, below is an example of a present GPS location and date/time stamp: Lat: 45.7264179° , Lng: 10.7059793° 07/09/20233:56:04 Coordinated Universal Time - UTC [0066] The present embodiments can use these numbers to improve the safety/validity of the digital ticket. Digital tickets come with a QR code or some version of a barcode with a unique ID. Event organizers can scan the QR codes on the tickets with their smartphones/scanning devices to check whether the ticket is valid, invalid, or duplicate. This typically requires an Internet connection to validate the ID from the backend database. If this QR code is copied (e.g., from unauthorized screenshots and the like) it creates a problem for the event coordinator to determine which of the duplicated ID’s is original. If there is no Internet connection, they cannot make this determination if the ID is valid. [0067] The present embodiments prevent QR code copying by adding dynamic creation of a new QR code in regular or irregular intervals. Event organizers and the attendee’s smartphone device would share the same salt / private key for de-hashing / decryption of unique ticket ID that would be distributed ahead of the digital ticket authentication date and/or ticket purchase. Data to be rehashed or re-encrypted would comprise of ticket unique ID (static data) and combination of GPS location and date/time stamp (new salt/public key). Re-Hash Salt Data to be Re-Hashed New Re-Hash Result
Attorney Docket No. 21431-160501-PC Customer No. 42798 GPS location + date/time stamp unique ticket ID 457264179107059793 0709202335604 fTr39y6R43 rDho5663gh7EE4fe97d [0068] This rehashing/re-encryption process would be executed on attendee’s smartphone device in regular intervals (i.e., every10 seconds) or irregular intervals (i.e., sequence of 19, 23, 17, 11, 29, 14, … seconds). [0069] The figures provide an exemplary example of the changes in a QR code based on time and GPS coordinates. [0070] As for time: Fig.1 QR Code data 100 shows (9) at 10:24 pm 102. [0071] Fig.2 QR Code data 104 shows (2) at 12:40 pm 106. [0072] As for location (e.g., using GPS latitude and longitude coordinates), Fig.3 shows QR Code data (1) 108 at point A 110 and QR Code data (5) 112 at point B 114. [0073] Fig.4 which illustrates an exemplary QR code image data block inversion 116. This could also be used to obstruct or prevent viewing of the QR code until the user enters a predetermined geo-fenced location such as an event location. The code could update continuously as they approach the check-in gate. This would essentially prevent any screenshot/video recording copy attempt. To successfully copy and reuse this QR code, copy attempt would have to have happened at the venue location, in front of the person checking validity of the digital ticket within 10 seconds time frame 9 (or other predetermined time) before the QR code changes. [0074] There is no need for Internet connection because salt/public key for data to be rehashed is coming from GPS chip and date/time stamp from the smartphone OS. Because GPS location numbers can slightly vary from one reading to the next, we would round up last
Attorney Docket No. 21431-160501-PC Customer No. 42798 one or two numbers. Code execution on smartphone device for this process would be extremely fast, fraction of a second. [0075] Validation on event organizer’s device would have the same salt/public key (GPS location and date/time stamp) needed for de-hashing/decryption. De-Hashing Salt Data to be De-Hashed De-Hashed Result GPS location + date/time stamp unique ticket ID 457264179107059793 0709202335604 rDho5663gh7EE4fe97d fTr39y6R43 [0076] Again, there is no need for Internet connection for this part of the de- hashing/decryption process and it is equally fast, e.g., a fraction of a second. [0077] At this point, event organizer’s device has de-hashed/decrypted unique ticket ID. [0078] The last step is to validate this ticket ID as well. If there is an Internet connection on the event organizer’s device all that needs to be done is to check if this ID is present in the backend database. This would be done by the REST API and the call and the execution time would depend on Internet connection speed and backend database response time. With a good Internet connection and well-designed database and REST API calls, this process typically does not take more than a couple of seconds. An API (application programming interface) is a set of rules that define how applications or devices can connect to and communicate with each other. A REST API is an API that conforms to the design principles of the REST (representational state transfer architectural style). [0079] If there is no Internet connection on event organizer’s device things get a little more complicated. Validating the unique ticket ID without any access to the ticket ID’s database can be done with smart generation of unique ticket ID’s. [0080] The numbers for a unique ticket ID can, for example, be generated as follows:
Attorney Docket No. 21431-160501-PC Customer No. 42798 [0081] Assume that we want to generate 12-digit unique ticket ID’s. We can divide it in three 4-digit groups. [0082] First group could be prime numbers up to 9999. There are 1229 prime numbers under 9999. [0083] Second group could be numbers between two 4-digit numbers, for instance between 2345 and 6789. There are 4444 numbers in this range. [0084] Third group could be multiples of 7 under 9999. There are 1428 numbers that meet these criteria. [0085] This would result in 1229x4444x1428 = 7799273328 possible combinations, more than enough for any practical ticketing need. This ticket ID’s generation rule can be changed for every new customer/job. [0086] Now the de-hash/decrypt unique ID can be performed and checked if it meets the three criteria. [0087] For example, the unique ticket ID (fTr39y6R43) de-hashes/decrypts to 828756780623. 8287 is a prime number under 9999. 5678 is between 2345 and 6789. 0623 or 623 is a multiple of 7 under 9999. [0088] If the unique ticket ID meets all three criteria, ticket is valid. [0089] Chances that we would get this 12-digit randomly are minute. If needed, we could straighten these criteria significantly by reducing the number of possible combinations. [0090] Possible hashing/encryption algorithms to be used are: [0091] Level 1 Hashids - a small open-source library that generates short, unique, non-sequential ids from numbers. [0092] Level 2
Attorney Docket No. 21431-160501-PC Customer No. 42798 Cryptographic hash functions: x BLAKE x MD5 x SHA-1 x SHA-2 (SHA-224, SHA-256, SHA-384, SHA-512) x SHA-3 (SHA3-224, SHA3-256, SHA3-384, SHA3-512, SHAKE128, SHAKE256) x Tiger (TTH) x WHIRLPOOL [0093] Level 3 Symmetric (secret key) encryption: x Advanced Encryption Standard (AES), winner of NIST competition, also known as Rijndael x Blowfish x Twofish x Threefish x Data Encryption Standard (DES), sometimes DE Algorithm, winner of NBS selection competition, replaced by AES for most purposes. x IDEA x RC4 (cipher) x Tiny Encryption Algorithm (TEA) [0094] Most likely even the most basic level 1 hashing would be more than enough protection for this purpose. [0095] In some instance image manipulation solutions may be desired such as QR code image retiling, data block rotations, latent image encoding. A QR code is an image and can be manipulated any way so long as it does not affect final reading of the code. Following proposed solutions are image processing solutions. [0096] QR code image retiling [0097] QR code image is made of black or white blocks. Imagine them as tiles. Tiles that are used as markers to find the QR code, determine the size of it and transform it are squares in three corners. Tiles that are bearing data are between these markers. The tiles may be reshuffled based on GPS location data and date/time stamp in regular intervals (i.e., every10 seconds) or irregular intervals. This would effectively change this QR code in these predetermined/random intervals.
Attorney Docket No. 21431-160501-PC Customer No. 42798 [0098] The color of tiles (e.g., white to black, black to white) can be inverted, based, for example, on GPS location data and date/time stamp in regular intervals (i.e., every10 seconds) or irregular intervals. This too would effectively change this QR code in these predetermined/random intervals. See Fig.4 for an exemplary illustration of QR code image data block inversion. This can also be by reversing or manipulating the markers. [0099] Tiles could be grouped in larger group tiles (2x2, 3x3, 4x4,…) and then rotated by 90, 180 or 270 degrees based on GPS location data and date/time stamp in regular intervals (i.e., every10 seconds) or irregular intervals. This too would effectively change this QR code in these predetermined/random intervals. See Fig.5 for an exemplary illustration of QR code image data block rotations 118. [00100] QR code latent image encoding [00101] One complimentary set of features that can be layered within this solution are latent images. Latent images are a traditional form of steganography that have been used in security printing for decades. Applying latent images to digital codes is not known in the art and further enhances security. For example, additional identifiers and/or encryption keys can be hidden from the naked eye. However, in order for this to be useful, it is important to be able to extract the hidden data in a machine-readable fashion. As a result, one of the embodiments of the current invention is a feature that can not only encode and decode hidden codes and alphanumerics, but it can also extract that data and use it to further verify the code. Changing the angle and/or frequency of latent image screen can be based on GPS location data and date/time stamp in regular intervals (i.e., every10 seconds) or irregular intervals. [00102] This would effectively change this QR code in these predetermined/random intervals. [00103] Multi-Channel/ Multi-Code Composite QR Code
Attorney Docket No. 21431-160501-PC Customer No. 42798 [00104] Most standard QR Codes are black and white or include a simple artistic effect. This makes them extremely easy to not only copy but recreate. Anyone can simply scan a QR code, identify the data and pattern within, then go to any online QR code generator to recreate the code with the same or altered data. These tools require almost no training, and anyone can perform them without having any special digital graphics knowledge or tools. [00105] Even airlines are using these simple codes which can be easily screenshot and altered. It is important to develop a newer sophisticated QR code such as the Geolocation Timestamp version previously described or via specialized color filtering and steganographic processes like what follows. We propose that each of these concepts are independent but also compatible and uniquely suited to solve and prevent many of the issues and attacks that are occurring due to the use of basic unsecured QR codes. [00106] Standard QR Code Construction [00107] The standard black and white QR codes that make up the majority of the market are usually constructed in RBG or CMYK color modes depending on graphic encoding as well as how its being displayed. QR codes that are printed are usually consisting of simply black ink on a white substrate/ background. In some cases this could be a combination of CMYK generating black. Of course, it is also possible to print in other colors, all of which can be achieved by some combination of CMYK or the use of Pantone colors. In these cases, the majority of the QR code tends to be duplicated the same for each color separation – in the case of artistic QR codes, this may vary. [00108] When QR codes are displayed on electric screens of smartphones, computers or monitors, they are primarily made up of RGB color separations. In this case, once again, to achieve black, each color separation will contain a solid duplicate of the code – all the same. In fact, this is a defining trait for standard black and white QR codes – that each color separation
Attorney Docket No. 21431-160501-PC Customer No. 42798 will simply contain 1 QR code that is duplicated for each separation as needed, depending on the color of the code. [00109] Multi-Channel/ Color Composite QR Code Construction [00110] If we open a QR code in a graphic editing program such as used under the name Adobe Photoshop, it is seen that each color separation is a separate file, therefore a developer has the ability to customize and change each separation individually. By generating 3 different QR codes and placing each code, respectively, into a different RGB color separation (4 codes can be used for CMYK color model of cyan, magenta, yellow, and key, or the markers can be used in the black separation), a multi-color QR code is achieved that effectively has 3 different codes within. [00111] In order to scan these different codes, we can implement a color filtering image processing algorithm. For example, in order to view and scan the QR code embedded in the Red separation, a RED color filtering technique can be used, same for GREEN and BLUE. Each of these color filtering techniques are first applied to make it possible to view each code, then each code is able to be read and scanned respectively. [00112] In terms of encoding, since for example 3 different codes are utilized in a way that is unique to present embodiments, multiple layers of data can be encoded that can each be separated and/ or connected, thus a programmer may implement multiple levels of access for different users and even prompt an app download when scanned by any normal QR scanner or smartphone. These layers can also be separately encrypted. This means that those embedded layers of data can only be properly generated and scanned by the application for the present embodiments or API which makes the present QR codes much more secure than standard QR codes.
Attorney Docket No. 21431-160501-PC Customer No. 42798 [00113] Default Universal Scan Compatibility [00114] One desirable effect might be to have the code be simultaneously universally scannable by any standard app or smartphone, while still containing exclusive data that can only be read with a proprietary application. In this case, the construction of the QR code can simply be altered. Since phone models and scanner algorithms vary, 1 of the 3 QR codes from the previous example may need to be sacrificed to achieve a more robust solution that still allows for universal scanning. [00115] In order to achieve this, one of the desired QR codes can be duplicated to become more prominent by placing that code into 2 different color separations. For example: QR1: RED, QR2: GREEN, QR2(again): BLUE. This combination of 1 code in one separation with the other code in the other 2 separations can be varied as needed to achieve different color combinations or reliability levels. [00116] One use case, for example, is that the methods may want default universal scans to simply send a user to a website URL or an app download link. The Multi-Channel Composite QR Code can be designed to work in such a way that when a user scans the code with ANY scanner app or smartphone, it will automatically take them to the website or app download link. Once the user downloads and sets up the app, they can scan the SAME code again, only this time the app will deploy color filtering and multi-scan techniques to extract additional data that can only be read with the app. This concept can be used for ensuring in-person presence, rewards, marketing, secure data encoding, track and trace and any other use case for QR codes and serial numbers/ unique identifiers. [00117] See Fig.6 for an exemplary illustration of a RBG full color view of Multi-Channel/ Multi-Color Composite QR Code 120 showing channels for RGB 122, red 124, green 126 and blue 128. [00118] See Fig.7 for an exemplary illustration of a RED Color Separation (QR1) 130.
Attorney Docket No. 21431-160501-PC Customer No. 42798 [00119] See Fig.8 for an exemplary illustration of a GREEN Color Separation (QR2) 132. [00120] See Fig.9 for an exemplary illustration of a BLUE Color Separation (QR2 again). [00121] Corresponding/ Alternative Physical Printed Code [00122] One desirable feature may be to have a corresponding or alternative code that is physical in nature, printed onto a product or document, for example. In this case, the printed code can also contain security features that can only be read with a corresponding app or reader. It can also be bound by geofencing and timestamp data – both of which would not require a network connection. For example, a product could contain an encrypted QR code that has expiration data encoded so that if a user scans after the expiration date, the code will not validate. This same function could be useful for ticketing and controlled access functions as well. In the case of geofencing, codes could be limited by scans that take place within a certain geographical area. Geofenced codes will not scan when out of range. [00123] API-Based Dynamic Code for Validation of Websites, Online Stores, Product Listings, Social Media, News Outlets and Other Digital Platforms [00124] By utilizing the same multi-layered, dynamic QR code as an API/ plugin, websites and digital platforms can protect images, videos, streamed content, official information, NFTs (non- fungible tokens) and other digital assets from screenshots, duplication and alteration. It is essential that any participating platforms utilize an active API to display this code dynamically. An API is an application programming interface and is a set of defined rules that enable different applications to communicate with each other. Third party users can validate this code with a separate corresponding smartphone app and/or a browser/ app-based API reader. The in- browser/ in-app API reader has the ability to automatically detect, scan and validate codes that appear on a single viewing device - whether it be a computer/ laptop, tablet or smartphone.
Attorney Docket No. 21431-160501-PC Customer No. 42798 Valuable important information from authorized and trusted sources such as major corporate or news platforms, universities, law enforcement and governments can be validated as authentic and official. Any screen-recorded, altered or edited content can be quickly and easily identified by users. This detection process can trigger special events such as unlocking rewards or prizes for live viewers, or it can bee used to automatically block from posting on social media sites, online stores and other platforms. [00125] There are many use cases such as the previously described. In the case of online marketplaces, fake product listings that are derived from screenshot or screen-recorded content can be automatically blocked or identified as not original. Pay-wall blocked content can also be blocked by social media platforms that participate and use the reader API to analyze content prior to posting. Politicians, government bodies and news stations can live broadcast and post official content that is tagged and protected with a dynamic code so that users and social media platforms can instantly detect whether content is authentic or altered/ duplicated. This can be particularly valuable for identifying deep fakes, and unofficial/ unverified content. Additionally, this code can contain other valuable data such as username of the viewer, publishing date, expiration date, copyright information, etc. [00126] It is important to note the dynamic code could be integrated in a number of different ways. For example, a visible code could be located in the corner of an image, video or listing as a seal of authenticity. It could be moving, static, integrated within the content or nearby it and any other variation that would be designed by someone skilled in the art of UI, UX. It is also possible for the code to be invisible. This can be done via watermarking, steganography, latent images, subsonic/ inaudible sonic frequencies, color filtering and any other method of concealing machine-readable data. [00127] Additional embodiments are also possible within the scope of the present embodiment.
Attorney Docket No. 21431-160501-PC Customer No. 42798 [00128] For example, Fig.10 illustrates an exemplary Dynamic Encryption for Workstation Login. In this exemplary embodiment, a computer workstation 136 is shown with an encryption icon 138 that represents a dynamic encryption data carrier/glyph, which is perpetually changing, reflected by the infinity symbol 140 within the encryption icon 138. There are two mobile devices 142 and 144 shown. Mobile device 142 shows the matching dynamic encryption icon 138, which represents a synchronized link between the mobile device and the workstation, allowing the user to login (represented by a successful check mark icon). Mobile device 144, does not have a synchronized link with the dynamically encrypted data carrier/glyph, and therefore is not able to validate the login attempt (represented by a failure “X” icon 146). [00129] Fig.11 illustrates another exemplary Dynamic Encryption for Messaging. In this exemplary embodiment, there is a depiction of two mobile devices 148 and 150 communicating remotely via a synchronized dynamic encryption key, represented by the dynamic encryption icon 138 and the successful transmission of the example message, “Hello” 152. Between the two mobile devices 148 and 150, the dynamically encrypted message is depicted as a scrambled dataset 154, which is locked until received by the other mobile, having the matching dynamic decryption keys which are synced with the sending device. A third mobile device 156 is depicted below the other two devices 148 and 150 and represents a third party which has attempted to intercept or hack the message. However, since the third mobile device 156 does not have the matching synchronized dynamic decryption keys, it is only able to receive the same scrambled dataset that is in transmission and therefore it cannot actually access the intended message. This process repeats for every single message, ensuring that even if the message is intercepted by bad actors, only small amounts of data, if any, could ever be compromised. [00130] Fig.12 illustrates an exemplary Dynamic Encryption for Digital Content/ Media Streaming. In this exemplary embodiment, a streaming server 162, for example, which can
Attorney Docket No. 21431-160501-PC Customer No. 42798 stream anything including videos, photos, games, and the like, is protected with a dynamically encrypted streaming signal. This signal can only be dynamically decrypted by devices 158 that contain the matching synchronized keys. A group of viewing devices 158 is depicted with a video play icon 160, representing successful dynamic decryption, and therefore transmission of the digital content. The other group of devices 164, which do not have the matching synchronized decryption keys, are depicted with “X”s 146, representing a failure to illicitly intercept the dynamically encrypted streaming signal. [00131] Dynamic Encryption for Validating Downloaded Media Without an Internet Connection is also possible within the scope of the present embodiment. Utilizing the same network- independent dynamic encryption techniques, it is also possible to validate downloaded media without the need for an internet connection. When licensed/ copyright-protected media such as videos, images, music, software, games, documents, and the like or combinations thereof or any other form of digital products, media, assets or the like are downloaded onto a mobile or stationary device, there is often a need to validate the authenticity, ownership, permission and other necessary information. In some cases, this information requires an internet connection to validate the authenticity, which can be highly inconvenient for users. In some cases, a user may download a video or a game, for example, before traveling out of a network service area, only to find they cannot access the file due to the requirement of validating credentials before use. By implementing network-independent dynamic encryption, it is possible to dynamically encrypt the downloaded file in such a way that it requires the mobile or stationary viewing/ listening/ playing device to have synced dynamic decryption parameters which may include the username, hardware ID, and the like and combinations thereof and other data and which can be validated without a network connection in order to access the file. This can be used for everything from document/file control to virtually any form of digital entertainment and for purposes such as evidence and content originality/ tampering detection. Photos and videos that
Attorney Docket No. 21431-160501-PC Customer No. 42798 are taken by a camera powered by network-independent dynamic encryption can be certified as original and untampered. This can be incredibly valuable for professional photographers, media outlets, film/ production companies and the like. It can also be valuable to certify that recorded video and photo evidence is original and untampered. Today, with highly convincing deep fake videos and photos, criminal defenses can claim that any evidence is not authentic but would not be able to with a network-independent dynamic encryption powered seal of authenticity. The complimentary component of this system is a media viewer that has a synced network- independent dynamic decryption module that can decrypt and display/ render/ play/ interact with the file. [00132] Fig.13 illustrates an exemplary Dynamic Encryption for Downloaded Digital Content/ Media. In this exemplary embodiment, an exemplary system is depicted showing a digital content/ media server 162, protected by dynamic encryption, as well as two groups of viewing devices 158 and 164, one group of viewing devices 158 having the matching synchronized decryption keys 140, and one group of viewing devices 164 without matching synchronized decryption keys 168. In particular, these viewing devices are depicted as having downloaded the digital content/ media and having no internet connection, depicted by the “download” icons 166 and the “no signal” icons 170. The “no signal” icon 170 on the valid group of viewing devices 158 also highlights the ability for users to access downloaded media without needing an internet connection to first validate the rights of the user/device. The group of viewing devices 158 which are enabled with dynamic decryption, matching the dynamically encrypted digital content/ media, are able to view/ hear/ interact with the digital content/ media, represented by a video play icon 160, but it is noted that this is merely one example of digital content that can be transmitted/downloaded. The other group of devices 164, which are not enabled with dynamic encryption, are not able to access the digital content/ media, represented by “X”s 146 on each display. Between the two groups of viewing devices 158 and 164, there is an arrow icon 172,
Attorney Docket No. 21431-160501-PC Customer No. 42798 which represents an attempt by one valid user to send rightfully their downloaded digital content to another user who does not have rights to receive, which is also unsuccessful due to a lack of dynamic decryption on the receiving device(s). [00133] The present embodiment discloses a method that may include a processor and a memory storing computer-readable instructions which when executed by the processor, cause the processor to generate and QR codes. Another aspect of the present application discloses a non-volatile computer storage medium for decoding a QR code, storing computer-readable instructions which when executed by a processor, cause the processor to detect QR codes. [00134] A computer system that is adapted for implementing the method and the apparatus according to any embodiments. The computer system may include a central processing unit (CPU), which may perform a variety of appropriate actions and processes according to a program stored in a read only memory (ROM) or a program loaded to a random access memory (RAM) from a storage part. RAM also stores various programs and data required by operations of the system. CPU, ROM and RAM can be connected to each other via a bus. An input/output (I/O) interface is also connected to the bus. [00135] Components may be connected to the I/O interface: an input part; a storage part comprising a hard disk and the like; and a communication part comprising a network interface card, such as a LAN card, a modem and the like. The communication part performs communication process via a network, such as the Internet. A driver is also connected to the I/O interface as required. [00136] The present embodiments may be implemented as a computer software program. For example, the embodiment of the present disclosure includes a computer program product, which includes a computer program that tangibly included in a machine-readable medium. The computer program includes program codes for executing the methods presented herein. In
Attorney Docket No. 21431-160501-PC Customer No. 42798 such embodiments, the computer program may be downloaded from the network via the communication part and installed, and/or be installed from the removable medium. [00137] The units or modules involved in the embodiments of the present application may be implemented in hardware or software. The described units or modules may also be provided in a processor. The names of these units or modules do not limit the units or modules themselves. [00138] As another aspect, the present application further provides a computer readable storage medium, which may be a computer readable storage medium contained in the device described in the above embodiments; or a computer readable storage medium separately exists rather than being fitted into any terminal apparatus. One or more computer programs may be stored on the computer readable storage medium, and the programs are executed by one or more processors to perform the formula input method described in the present embodiment. [00139] The foregoing description, for purposes of explanation, used specific nomenclature to provide a thorough understanding of the invention. However, it will be apparent to one skilled in the art that specific details are not required to practice the invention. Thus, the foregoing descriptions of specific embodiments of the invention are presented for purposes of illustration and description. They are not intended to be exhaustive or to limit the invention to the precise forms disclosed as obviously many modifications and variations are possible in view of the above teachings. The embodiments were chosen and described to best explain the principles of the invention and its practical applications, thereby enabling others skilled in the art to best utilize the invention and various embodiments with various modifications as are suited to the particular use contemplated. [00140] The drawings and the foregoing descriptions are not intended to represent the only forms of the present embodiment. Substitution of equivalents are contemplated as circumstances may suggest or render expedient.