Abstract: Compliance to a policy about how to treat data in a computer network environment is ensured by checking that conditions in the policy are satisfied by the entity before access to the data is provided.

Abstract: A method of authenticating and encrypting a client-server communication is provided. Two one-time passwords (OTP1 and OTP2) are generated from a cryptographic token. An encryption key (K_ENC) and a MAC key (K_MAC) are generated based on OTP2. The client data are prepared and protected using K_ENC and K_MAC. A request message is sent from the client to the server, and contains the protected client data, a cryptographic token identifier and OTP1. OTP1 is validated at the server, and OTP2 is generated at the server upon successful validation. K_ENC and K_MAC are derived from OTP2 at the server. The request message is processed and result data is generated. The result data is encrypted using K_ENC and a digest is created using K_MAC. The encrypted result data is sent to the client, and is decrypted using K_ENC and the authenticity of the result data is verified using K_MAC.

Abstract: A security device connected to a host device which includes a processor performing a scramble operation and a storage unit, the security device comprising: a storage unit in which the first authentication code is stored; a random number generation unit; an encryption unit; and a controller which performs a scramble operation, wherein the controller generates a first scramble key by performing the scramble operation on the random number and the first authentication code and transmits the first scramble key to the host device, and the controller receives, from the host device, scramble data generated by performing the scramble operation on encryption target data according to the random number, generates the encryption target data by performing the scramble operation on the scramble data and the random number, generates encryption data, and transmits the encrypted data to the host device.

Abstract: An online fraud prevention system enables a user who sponsors an online activity to select a particular level of fraud prevention from a plurality of levels of fraud prevention. The system associates the particular level of fraud prevention with the online activity. The system identifies, from among a plurality of methods of fraud prevention, a particular fraud prevention method associated with the particular level of fraud prevention. The fraud prevention system applies the particular fraud prevention method to the online activity.

Abstract: A picture delivering system is disclosed including: a picture generating device for outputting a flat picture corresponding to an encrypted picture and for providing a picture ID corresponding to the encrypted picture; and a picture presenting device for utilizing an optical imaging device to capture an image of the flat picture to generate a captured picture, for obtaining the picture ID, and for transmitting the picture ID to the picture generating device. When the picture presenting device passed an entity identification procedure, the picture presenting device obtains a decryption information, processes the captured picture according to the decryption information to obtain a decrypted picture, and then utilizes a display device to display the decrypted picture. The decryption information comprises at least one of a seed key, a mask picture, and a transposition table corresponding to the picture ID.

Abstract: An image forming apparatus includes a memory unit configured to store image data, a mode detecting unit configured to detect a transition from a first operating mode to a second operating mode, and an encryption unit configured to encrypt the image data in the memory unit based on the transition.

Abstract: Disclosed herein is a method of generating a document comprising verification data, the method comprising: obtaining data for inclusion on a document, wherein the obtained data includes verification data; encrypting the verification data; generating a machine readable code comprising the encrypted verification data; and generating a document comprising both the obtained data in a non-encrypted form and the machine readable code. Advantageously, an entity that is required to verify the document can decrypt the machine readable code to obtain the verification data. The encrypted nature of the data within the machine readable code ensures that the data is secure and the verification reliable.

Abstract: Computationally implemented methods and systems include acquiring a client-based encrypted image that is a captured image that has previously been encrypted through use of a particular client code, wherein said captured image was captured by an image capture device, obtaining an indication that the client-based encrypted image was approved for decryption, said decryption configured to be carried out through use of a client-based decryption key, and procuring the client-based decryption key that is at least partly based on the particular client code, wherein the particular client code is related to a client that is associated with the image capture device. In addition to the foregoing, other aspects are described in the claims, drawings, and text.

Abstract: Computationally implemented methods and systems include acquiring a device-based encrypted image that is an image that has previously been encrypted through use of a particular device code associated with an image capture device configured to capture the image, wherein the image includes a representation of a feature of an entity, decrypting the device-based encrypted image in response to an indication that the image has been approved for decryption, and creating a client-based encrypted image through encryption of the decrypted image through use of a particular client code that is associated with a client that is linked to the image capture device configured to capture the image. In addition to the foregoing, other aspects are described in the claims, drawings, and text.

Abstract: The invention is directed to a tamper-evident method of encrypting data relating to one or more print cartridges installed in an imaging device that includes triggering a gathering of data relating to the one or more print cartridges installed in the imaging device; recording a number of instances the triggering is performed; retrieving a previously encrypted data relating to the one or more print cartridges installed in the imaging device, the previously encrypted data gathered at a time prior to the triggering; and encrypting the gathered data using the previously encrypted data.

Abstract: A method, an apparatus, and a computer program product for configuring audiovisual equipment. An image captured by an imaging sensor of a camera may comprise an encoded pattern that includes information that can unlock a feature or function of a camera or other audiovisual equipment the information is extracted from the encoded pattern using an image processor of the camera, or communicatively coupled to the camera. The information may comprise encrypted information which may be decrypted using a unique identifier of the camera. The information may be transmitted to downstream audiovisual equipment and may be used to unlock features and functions of other devices. The other devices may include another camera.

Abstract: An electronic document encrypting system 200, for accomplishing an object of providing a system capable of distributing an electronic document containing important information with a browsing restriction being set and information with none of the browsing restriction being set without removing the important information, includes: an encryption area extracting unit 19 extracting an encryption target area from an electronic document; a digital image generating unit generating a digital image on the basis of the area extracted by the encryption area extracting unit in the electronic document; an encrypting unit 11 encrypting the digital image generated by the digital image generating unit 15 on the basis of an encryption key; and an encrypted electronic document generating unit 12 generating an encrypted electronic document in which when the electronic document is output, in place of the extracted information, an encrypted image encrypted by the encrypting unit 11 is output to an area to which the information ex

Abstract: An improved technique involves generating an encoded representation of encrypted forms of a message which includes an institution's digital signature derived from the message. The institution sends the encoded representation to the user's computer. The user transfers an image of the encoded representation from the user's computer to a separate hand-held device. The user then derives the encrypted forms of the message and the institution's digital signature by decoding the image on the hand-held device; the user then decrypts the encrypted forms of the message and the institution's digital signature on the hand-held device. The user then sees the message without interference from an intrusive agent in a MitB attack. Further, the user can verify the institution's identity as the sender of the message by being able to validate the institution's digital signature. In this way, a MitB attack is very likely to be made apparent to the user.

Abstract: The invention is aimed to work on XOR operation safely in cryptographic communications with third party identification, wherein a sender in FIG. 1B encrypts an 1D plaintext with a 2D authorized image to get two ciphertexts, such that, one is sent directly to a receiver and the other is forwarded via a third party to the receiver, wherein the receiver recovers the plaintext just by XORing two ciphertexts. For transmission security, according to FIG. 2, the third party sends privately two different authorized images for building each separate secure channel linked to a sender and to a receiver; furthermore, at one channel from the sender to the third party, the forwarded ciphertext is re-encrypted with a random code and then sent to the third party; at the other channel from the third party to the receiver, the forwarded ciphertext is re-encrypted with another random code and then sent to the receiver.

Abstract: A method and device for generating a software installation package is disclosed in the present invention. The method includes: in the process of generating the software installation package, a plurality of support library files required to develop the software are divided according to file types, and the support library files of the same type are compressed together, and the compressed support library files of the same type are located in the same one part of the software installation package. By adopting the present invention, the size of APP installation packages can be reduced greatly, the network propagation speeds up greatly when applied to the network transmission field, and flash space, as well as the cost, is greatly reduced when the software installation packages are written into flash directly.

Abstract: A method, non-transitory computer readable medium and apparatus for decrypting a document are disclosed. For example, the method captures a tag on an encrypted document, transmits the tag to an application server of a communication network to request a per-document decryption key, receives the per-document decryption key if the tag is authenticated, and decrypts a portion of the encrypted document using a temporary decryption key contained in the tag, the tag decrypted with the per-document decryption key.

Abstract: An electronic document processing system 900 includes a digital image generating unit 15 generating a digital image in a predetermined range of the electronic document; an image encrypting unit 11 generating an encrypted image by converting at least a partial area of the generated digital image; a data encrypting unit 21 generating encrypted data by extracting data contained in the predetermined range in pieces of data organizing the electronic document and encrypting the data; an encrypted data storing unit 22 storing the encrypted data; and an encrypted electronic document generating unit 23 generating an encrypted electronic document by replacing the data contained in the predetermined range in the electronic document with the encrypted image.

Abstract: An apparatus for generating trusted image data includes an image data generator, a processor and an output unit. The image data generator generates image data of an image to be taken of a three-dimensional scene and trust data of the three-dimensional scene. The trust data indicates a depth information of at least one pixel of the image to be taken or comprises data capable of being used to calculate a depth information of at least one pixel of the image to be taken. The processor generates encrypted image data by encrypting at least the trust data or characteristic data derivable from at least the trust data, so that an authentication of the image data is enabled based on the encrypted image data. The output unit provides trusted image data including the encrypted image data.

Abstract: A method and system are disclosed for field level encryption of a document that provides a hardcopy having redacted sensitive information fields with multiple levels of access and an augmented reality view of the hardcopy displaying the unredacted sensitive information fields. Identification of the sensitive information fields may be accomplished via highlight color, user designation, or linguistic analysis. The identified fields are encrypted and may be stored separately, embedded in place, or embedded in a two-dimensional glyph. This information may be stored in association with a device identification of an authenticated mobile device and a document identification. A redacted hardcopy of the original document is output. A mobile device captures an image of the redacted hardcopy, decrypts the encrypted sensitive information fields, and generates an augmented reality view of the hardcopy with the previously redacted sensitive information fields visible on the display of the mobile device.

Abstract: A communication apparatus transmits data to a plurality of destinations. The apparatus includes a first input unit that inputs an individual setting as to whether the data is encrypted for each of the plurality of destinations for an encryption transmission. The apparatus also includes a second input unit that inputs an individual setting as to whether the data is encrypted for each transmission job. Further, the apparatus includes a transmission control unit that, when the transmission job includes at least two sets of the destinations, if the transmission job is set to be encrypted, performs the encryption transmission for each of the destinations, and, if the transmission job is set to be not encrypted, performs the encryption transmission for each of the destinations to be encrypted and performs a transmission without an encryption for each of the destinations not to be encrypted.

Abstract: Apparatus and method for synchronizing encryption keys among a cluster of security appliances and stand alone lifetime key management, LKM, appliances. The cluster includes security appliances where new encryption keys are generated and assigned to an SNS ID with an SNS CTR (counter). The security appliances inside a cluster have local sequence counters and share their keys. One security appliance is a coordinator with which the LKMs will synchronize. Each LKM also has a SNS ID and local sequence counter from which increasing sequence numbers are generated. In each security appliance in a cluster, the up-to-date stored sets of keys are organized with respect to SNS IDs and SNS CTRs associated with the other cluster members. The object keys are stored in the SNS space and a peer map associates a given peer with a given SNS ID, and version numbers are assigned and incremented when a key is modified.

Abstract: The authentication system includes a to-be-authenticated device for generating a first authentication data; an authentication code convertor for converting the first authentication data generated by the to-be-authenticated device into a second authentication data; and an authentication device for performing authentication of the to-be-authenticated device based on the second authentication data. The first authentication data includes an authentication code obtained by encrypting challenge data output from the authentication device and input to the to-be-authenticated device through the authentication code convertor and predetermined data included in the to-be-authenticated device in accordance with an encryption method using a first encryption key; and the predetermined data included in the to-be-authenticated device.

Abstract: A secure document printing system is provided. A policy server is used to define access rules for a document, and select individual users and/or groups that will have access to the document. The policy server stores the access rules along with a document decryption key. The policy server's name and address are packed in the document, and then encrypted and sent to a print server which stores it for later access. A recipient is notified that the document resides on a particular print server. The print server retrieves the specified document, contacts the policy server named in the document, and requests the document decryption key and access rules for the user, print server, and document from the policy server which replies with the related decryption key and access rules. The print server decrypts the document and prints the document based on the access rules.

Abstract: A picture delivering system is disclosed including: a picture generating device for outputting a flat picture corresponding to an encrypted picture and for providing a picture ID corresponding to the encrypted picture; and a picture presenting device for utilizing an optical imaging device to capture an image of the flat picture to generate a captured picture, for obtaining the picture ID, and for transmitting the picture ID to the picture generating device. When the picture presenting device passed an entity identification procedure, the picture presenting device obtains a decryption information, processes the captured picture according to the decryption information to obtain a decrypted picture, and then utilizes a display device to display the decrypted picture. The decryption information comprises at least one of a seed key, a mask picture, and a transposition table corresponding to the picture ID.

Abstract: A system is provided in which document imaging equipment is used to acquire a document image from a printed document. The document image may be processed using an optical character recognition application implemented on the document imaging equipment. A user may supply identifier information. The identifier information may be used in constructing an identity-based-encryption (IBE) public key. Identity-based-encryption public parameter information and the IBE public key may be used in encrypting the document image. The IBE-encrypted document image may be stored in storage or sent to a recipient in a message. A user receiving the IBE-encrypted document image may obtain an IBE private key from a key server that is used in decrypting the IBE-encrypted document.

Abstract: A facsimile communication system which is capable of selectively performing encrypted communication or non-encrypt communication according to the intention of a user. A transmitting-side digital multifunction machine inputs the port address of a receiving-side digital multifunction machine according to a user operation, and designates encrypted communication for transmitting IFP packets of image information, via an IP network, after encrypting the IFP packets, or non-encrypt communication for transmitting IFP packets of image information, via the IP network, without encrypting the IFP packets. The receiving-side digital multifunction machine determines whether the input port address is for an encrypted communication port or a non-encrypt communication port, and sends a response containing an associated port number to the transmitting-side digital multifunction machine.

Abstract: A system and method for detecting network intrusion by using a network processor are provided. The intrusion detection system includes: a first intrusion detector, configured to use a first network processor to perform intrusion detection on layer 3 and layer 4 of a protocol field among information included in a packet header of a packet transmitted to the intrusion detection system, and when no intrusion is detected, classify the packets according to stream and transmit the classified packets to a second intrusion detector; and a second intrusion detector, configured to use a second network processor to perform intrusion detection through deep packet inspection (DPI) for the packet payload of the packets transmitted from the first intrusion detector. Thereby, intrusion detection for high-speed packets can be performed in a network environment.

Abstract: A method for capturing a user's view of an electronic screen having an error message in a health management application without showing private information of the user includes receiving an error message from a web service responding to a request for a web page by the user. The method includes receiving an electronic file of the web page with the error message, redacting private information of the user from the electronic file to create a redacted electronic file, and storing the redacted electronic file in a support log module.

Abstract: An image forming apparatus includes a memory unit configured to store image data, a mode detecting unit configured to detect a transition from a first operating mode to a second operating mode, and an encryption unit configured to encrypt the image data in the memory unit based on the transition.

Abstract: The invention provides a method, system, and program product for encrypting portions of a document using selective annotation. One method according to the invention includes: defining an annotation border adjacent a portion of a document using a digital pen; applying to the portion of the document an annotation verb specifying that the portion of the document is to be encrypted; entering into the portion of the document information to be encrypted; and encrypting the portion of the document.

Abstract: A system for processing a job including one or a plurality of tasks, comprises: a management service server which manages a job generated by receiving the designation; and one or a plurality of task processing service servers which process one or a plurality of tasks forming the job, in order to execute processing based on the job, the management service server comprises: holding unit which holds, for each of the service servers, encryption information defining a method of encrypting and to decrypt a file corresponding to the job, and information which is used when generating a key for use in encryption and decryption; and specification unit which specifies, when receiving encryption information acquisition request, encryption information for a service server of a job corresponding to an encrypted file to be decrypted by the task processing service server.

Abstract: A data obfuscation method, apparatus and computer program product are disclosed in which at least selected text entities such as words or abbreviations in a document are obfuscated to prevent the disclosure of private information if the document is disclosed. A user establishes various configuration parameters for selected text entities desired to obfuscated. The document is processed and text entities matching the configuration parameters are tagged for obfuscation. The tagged entities are then substituted in the document with obfuscating text. The obfuscating text can be derived from a hash table. The hash table may be used to provide a reverse obfuscation method by which original data can be restored to an obfuscated document.

Abstract: A method and system for authenticating a user receiving device to communicate with a partner service device includes a primary service provider. A user receiving device generates a request for a first encrypted token. The user receiving device communicates the request for the first encrypted token to an authentication web service of the primary service provider. The authentication web service generates the first encrypted token. The primary service provider communicates the first encrypted token to the user receiving device. The user receiving device communicates the first encrypted token to the partner service provider. The partner service provider communicates data to the user receiving device after receiving the first encrypted token.

Abstract: A method of installing software on a computer associated with a user, the computer being coupled to a system including one or more document handling devices connected to the computer via a communications network. The method includes, in a document handling device, determining a user identity associated with the user, and in at least part of the system, identifying the computer using the determined user identity and causing a software package to be transferred to the computer via the communications network, thereby causing the software to be installed.

Abstract: A secure document printing system is provided. A policy server is used to define access rules for a document, and select individual users and/or groups that will have access to the document. The policy server stores the access rules along with a document decryption key. The policy server's name and address are packed in the document, and then encrypted and sent to a print server which stores it for later access. A recipient is notified that the document resides on a particular print server. The print server retrieves the specified document, contacts the policy server named in the document, and requests the document decryption key and access rules for the user, print server, and document from the policy server which replies with the related decryption key and access rules. The print server decrypts the document and prints the document based on the access rules.

Abstract: A scanned image transmitting device has an instruction-creating section that creates an instruction describing a process instruction in relation to a scanned image; an electronic mail creating section that creates an electronic mail including the scanned image and the instruction; an encrypting section that encrypts at least a portion of the electronic mail using a public key of a transmission destination; and a transmitting section that transmits the encrypted electronic mail to the transmission destination.

Abstract: Input data is converted into an image, and in the input image, an encryption region that is a region in which the image is to be encrypted. Meanwhile, on the basis of an encryption key, encryption key-related information that is information related to the encryption key is generated, and the encryption key-related information is embedded into the image in the encryption region, to generate a first intermediate image. Next, the first intermediate image is converted on the basis of the encryption key, to generate a second intermediate image. Then, the pixel values of the second intermediate image are converted so that the position of the encryption region can be specified. As a result of the conversion, an encrypted image in which the part corresponding to the encryption region in the input image is generated.

Abstract: Embodiments relate to methods and systems for gathering, archiving, transmitting, and processing forensic and latent fingerprints. An integrated forensic fingerprint scanning system is provided that includes a number of features for use with forensic-quality fingerprinting. One set of features of embodiments of the portable forensic fingerprint scanning system provides real-time feedback for accurate fingerprinting and training, including visual and/or audio feedback. Another set of features provides cadence-based functionality for improving fingerprinting results. Another set of features provides cryptographic-based approaches to secure highly sensitive collected fingerprint information against loss, theft, or surreptitious modification or tampering. Yet another set of features provides latent fingerprint collections and processing. Still another set of features provides various databasing functions, including centralized storage, data sharing, secure networking, etc.

Abstract: An encrypting device generates an encrypted image by converting an image of a specified region in an input image with an encryption key, by embedding information obtained by encrypting the encryption key with a public key pairing with the private key of a destination, and by performing pixel value conversion. Then, the encrypted image is transmitted to the destination as a printed matter or via a network. A decrypting device converts the encrypted image in the form of print data or electronic data into an image, and inputs it. Next, the decrypting device extracts a decryption key (the encryption key) from the image of the encryption region by executing a process reverse to that of the encrypting device for the encryption region of the converted encrypted image. Then, the decrypting device decrypts the original image of the encrypted region by using the decryption key, and restores the entire encrypted image.

Abstract: A method and system are disclosed for field level encryption of a document that provides a hardcopy having redacted sensitive information fields with multiple levels of access and an augmented reality view of the hardcopy displaying the unredacted sensitive information fields. Identification of the sensitive information fields may be accomplished via highlight color, user designation, or linguistic analysis. The identified fields are encrypted and may be stored separately, embedded in place, or embedded in a two-dimensional glyph. This information may be stored in association with a device identification of an authenticated mobile device and a document identification. A redacted hardcopy of the original document is output. A mobile device captures an image of the redacted hardcopy, decrypts the encrypted sensitive information fields, and generates an augmented reality view of the hardcopy with the previously redacted sensitive information fields visible on the display of the mobile device.

Abstract: A method and system for authenticating a partner service provider and a primary service provider includes a network and, a partner service provider generating a request for a first encrypted token from a partner service provider and communicating the request to the network. An authentication web service receives the request for the first encrypted token from the network and generates the first encrypted token. The partner service provider generates a request for data with the first encrypted token and communicates the request for data to the network. A data web service receives the request for data and communicates the request for data from the data web service to the authentication web service. The authentication web service validates the request for data and communicates a validation result to the data web service. The data web service communicates data to the partner service provider from the data web service after validating.

Abstract: A biometric authentication system is disclosed that provides authentication capability using biometric data in connection with a challenge for parties engaging in digital communications such as digital text-oriented, interactive digital communications. End-user systems may be coupled to devices that include biometric data capture devices such as retina scanners, fingerprint recorders, cameras, microphones, ear scanners, DNA profilers, etc., so that biometric data of a communicating party may be captured and used for authentication purposes.

Abstract: A method, an apparatus, and a computer program product for configuring audiovisual equipment. An image captured by an imaging sensor of a camera may comprise an encoded pattern that includes information that can unlock a feature or function of a camera or other audiovisual equipment the information is extracted from the encoded pattern using an image processor of the camera, or communicatively coupled to the camera. The information may comprise encrypted information which may be decrypted using a unique identifier of the camera. The information may be transmitted to downstream audiovisual equipment and may be used to unlock features and functions of other devices. The other devices may include another camera.

Abstract: An image processing device includes: an image obtaining unit that obtains original images one by one from an original document on which image processing is to be performed by the image processing device; an output unit that outputs each of the original images obtained by the image obtaining unit; an information acquiring unit that acquires control information for controlling operations to be performed by the image processing device, the control information being extracted from a control image represented by a specific image in the original image obtained by the image obtaining unit; and a control unit that determines whether the control information acquired by the information acquiring unit requires an authentication, determines whether an output of the original image having the control information is restricted on the basis of a result of the authentication when the control information requires an authentication, restricts the output of the original image when the output is determined to be restricted, and c

Abstract: A processing device is provided in which unauthorized processing is prevented from being preformed at the time of executing a program or others. The processing device includes a processing portion for executing processing, a program memory portion for memorizing a program that makes the processing portion execute processing, a judge portion for judging whether or not the program is permitted to start, and a control portion for controlling the processing portion so that processing is executed in accordance with the program when the judge portion determines that the program is permitted to start, and for controlling the processing portion so that processing based on the program is not executed when the judge portion determines that the program is not permitted to start.

Abstract: In the production of a document, image information is incorporated into a plurality of layers of the document such that the pieces of image information are combined into a total image. The image information in at least two of the layers includes digital watermark information. The entirety of the digital watermark information in the at least two layers forms a security feature for an authentication of the document. The invention further relates to a respective document, a method for authentication, and a device for authentication.

Abstract: A method is provided for authenticating an image printed at a predefined print resolution or in accordance with a predetermined print grid. The method includes the steps of scanning the image to produce digital data and segmenting the data into first and second groups corresponding, respectively, to first and second predefined sections of the image. Next, a determination is made concerning the anticipated spatial position of select columns of digital data from each of the first and second groups of data. By examining the data, differences may be identified between the anticipated and actual spatial position of the columns, to determine the authenticity of the image. The identified differences which may include (i) a rotary/linear displacement in the actual spatial position of the select columns. (ii) a change in beat frequency between sections of the image, and/or (iii) a phase shift in a beat frequency.

Abstract: Methods and systems are disclosed for generating and authenticating barcodes and in particular generating trusted barcodes. In one embodiment, a method, performed by a certificate authority for creating a trusted content, comprises receiving, via a receiver, a target content and verifying the target content to determine whether the target content is safe or appropriate. Further, the method comprises, based on a result of the verifying, generating and storing, in a storage medium, response data; generating, via a processor, and storing in the storage medium an identifier corresponding to the response data; generating, via the processor, resolution data, the resolution data including the identifier and an address of the certificate authority; and transmitting, via a transmitter, the resolution data as the trusted content.

Abstract: The present invention is directed to a system and method for secure document transmission. A sender selects a portion of an original document containing confidential information using a highlighter, bracketing, underlining, or other identifying marks. The original document is then scanned to generate an electronic version, which is subject to optical character recognition to locate the portions of the document containing confidential information based on the identifying marks. These portions containing confidential information are then encrypted and a hybrid document containing non-encrypted portions and encrypted portions is generated. The hybrid document is then sent to a recipient, along with a decryption key. The hybrid document is then marked by the recipient to designate those areas containing encrypted information. The marked document is then scanned to generate an electronic version, which is analyzed to identify which portions require decryption based on the identifying marks made by the recipient.

Abstract: A scanner, terminal and method are provided for reading an optical code where a portion of the information stored in the optical code is encrypted. In accordance with an aspect of the invention, a public cryptographic key associated with the optical code is used to decrypt the encrypted portion of the information and data from the decrypted portion is used to authenticate the remainder of the information.