Technical Field

[0001 ] The present invention relates generally to the commercial sale and purchase of goods, and in particular, to the prevention of fraudulent return of goods.

Background

[0002] Fraudulent activity in the sale of consumer products is a sizable and growing worldwide problem.

[0003] One example of such activity occurs when a first customer purchases a genuinely branded handbag from a retailer and then fraudulently returns a fake reproduction of the handbag, in order to claim a "refund" of the full price of the original, claiming that it is the handbag that had originally been purchased. If the refund is granted, the retailer has been defrauded and has lost the value of the transaction. Furthermore, if the retailer does not discover that the returned handbag is a fake, the retailer will likely re-sell the fake bag to a second customer in the belief that it is the 'real' branded bag. In this event the second customer, who is expecting a 'real' brand, is defrauded and this could significantly impact the retailer's goodwill and lead to legal action against the retailer for selling fake products.

[0004] One current solution to this problem is for staff at each return point to undertake a physical inspection of the item being returned. The shortcoming of this solution is that there are often many receiving points for returned goods, and detecting fraudulently returned goods requires skills that are often not available.

[0005] Fraudulent practices result in significant losses for stakeholders (which include Brand Owners, through counterfeiting of their products), E-Commerce stores and bricks and mortar stores (through customer fraud), and consumers (through either buyer or seller fraud).

Summary

[0006] It is an object of the present invention to substantially overcome, or at least ameliorate, one or more disadvantages of existing arrangements. [0007] Disclosed are arrangements, referred to as Tamper-evident Item Specific Tagging (TEIST) which affix to an item being sold a tag containing an item-specific "unique" identifier in a tamper-evident manner, where the identifier is stored on a database, so that if the item is returned, the seller can check if the identifier is present on the database and use this information as a basis for authenticating the returned goods, and thus for deciding whether to accept the returned item. Optionally, additional information referred to as optional transaction data items can also be incorporated into the tag and stored in the database. The term "tag" refers to any object which can be affixed to the item being sold in order to serve as an identifier. Accordingly, a tag can be implemented as a sticker affixed to the item being sold using an adhesive, a rectangular cardboard label, affixed to the item being sold by a cord made of string, wire or the like, an RFID (typically a microchip attached to a radio antenna mounted on a substrate) affixed either using adhesive or a cord, and so on.

[0008] According to a first aspect of the present disclosure, there is provided a computer implemented method of reducing the likelihood of fraudulent return of an item, the method comprising a transaction method and a return method, wherein: (a) the transaction method comprises the steps of: (ai) affixing, in a tamper-evident manner, a tag containing a unique tag identifier to an item being sold; and (aii) storing the identifier in a database; and wherein: (b) the return method comprises the steps of: (bi) determining if a tag affixed to an item being returned has been tampered with or if information on the tag affixed to the item being returned has been tampered with; (bii) if the tag affixed to the item being returned or if the information on the tag affixed to the item being returned have been tampered with, denying the return of the item; (biii) if the tag affixed to the item being returned and if the information on the tag affixed to the item being returned have not been tampered with: (biiiA) determining, from the tag affixed to the item being returned, a tag identifier; (biiiB) searching the database for the tag identifier determined from the item being returned; and (biiiC) accepting a return of the item if the tag identifier determined from the tag is present in the database.

[0009] According to another aspect of the present disclosure, there is provided a computer implemented transaction method for reducing the likelihood of fraudulent return of an item, the method comprising the steps of: affixing, in a tamper-evident manner, a tag containing a unique tag identifier to an item being sold; and storing the identifier in a database. This provides a basis for authenticating the goods which are offered for sale.

[0010] According to another aspect of the present disclosure, there is provided a computer implemented return method for reducing the likelihood of fraudulent return of an item, the method comprising the steps of: determining if a tag affixed to an item being returned has been tampered with or if information on the tag affixed to the item being returned has been tampered with; if the tag affixed to the item being returned or if the information on the tag affixed to the item being returned have been tampered with, denying the return of the item; if the tag affixed to the item being returned and if the information on the tag affixed to the item being returned have not been tampered with: determining, from the tag affixed to the item being returned, a tag identifier; searching a database for the tag identifier determined from the tag affixed to the item being returned; and accepting a return of the item if the tag identifier determined from the tag is present in the database.

[001 1 ] According to another aspect of the present disclosure, there is provided an apparatus for implementing any one of the aforementioned methods.

[0012] According to another aspect of the present disclosure, there is provided a computer program product including a computer readable medium having recorded thereon a computer program for implementing any one of the methods described above.

[0013] Other aspects of the invention are also disclosed.

Brief Description of the Drawings

[0014] At least one embodiment of the present invention will now be described with reference to the drawings in which:

[0015] Fig. 1 is a functional block diagram of a system upon which the disclosed TEIST arrangement can be implemented;

[0016] Fig. 2 is a functional block diagram showing one example of the TEIST arrangement in operation;

[0017] Fig. 3 is a flow chart of a typical process for implementing one example of a TEIST arrangement;

[0018] Fig. 4 is a flow chart of a typical process for implementing a processing step in the process of Fig. 3; [0019] Figs. 5A and 5B form a schematic block diagram of a general purpose computer system upon which TEIST arrangements described can be practiced;

[0020] Figs. 6A and 6B depicts examples of data records used in the TEIST arrangements on a tag, and in a tag database respectively; and

[0021 ] Fig. 7 is a flow chart of another typical process for implementing an example of a TEIST arrangement.

Detailed Description including Best Mode

[0022] Where reference is made in any one or more of the accompanying drawings to steps and/or features, which have the same reference numerals, those steps and/or features have for the purposes of this description the same function(s) or operation(s), unless the contrary intention appears.

[0023] It is to be noted that the discussions contained in the "Background" section and that above relating to prior art arrangements relate to discussions of arrangements which may form public knowledge through their use. Such discussions should not be interpreted as a representation by the present inventor(s) or the patent applicant that such arrangements in any way form part of the common general knowledge in the art.

[0024] The following description describes only some embodiments of the present invention, and modifications and/or changes can be made thereto without departing from the scope and spirit of the invention, the embodiments being illustrative and not restrictive.

[0025] Fig. 1 is a functional block diagram of a system upon which the disclosed TEIST arrangements can be implemented. User devices (1 12) such as a mobile smartphone 101 and a desktop PC 103 can communicate, as depicted by respective arrows 102, 104 and 106 with a tag server 107, over a communications network 105. The tag server 107 can communicate with a tag database 1 10, a policy database 1 16, and a fraud /history database 1 1 1 as depicted by respective arrows 108, 1 17 and 109. The tag server 107, the mobile device 101 and the PC 103 run respective server and client software programs 1 15, 1 13 and 1 14 which, in concert, implement the disclosed TEIST arrangements.

[0026] In one example, described hereinafter in more detail with reference to Fig. 2, a vendor 221 uses a PC such as 103 in the course of selling a product 21 1 (which for example may be a branded handbag) for $1000 to a customer (not shown) who has ordered the product over the telephone or over the internet, in accordance with the disclosed TEIST arrangement. This is referred to as the "transaction phase" of the TEIST arrangement. The client software 1 14 running on the vendor PC 103 interacts with the server software 1 15 running on the server 107, to effect the TEIST arrangement.

[0027] The vendor asks the customer for certain information, possibly including the name of the customer and the delivery address and the mode of delivery. These information items are referred to as optional transaction data items, as they may not be gathered if, for example, a customer walks in off the street to purchase the item and pays cash. The TEIST arrangement then generates a unique tag identifier 226 and, in one example, prints the unique tag identifier and the optional transaction data items in a tamper-evident manner onto a tag 218. Accordingly, in one TEIST arrangement the tag is pre-coded with a unique identifier, and at the time of sale, this unique identifier and all or some of the details describing the sale are stored in the database 1 10. The aforementioned details can include, for example, the date of the transaction, a description of the item being sold, an identifier for the sale transaction, the price at which the item is sold, the date, the name of the customer, the method of payment (eg cash, credit card and so on), and so on.

[0028] Alternately, the TEIST arrangement can (a) allocate to the transaction a pre-prepared tag which has already incorporates a pre-defined unique tag identifier in a tamper-evident manner, and (b) print the optional transaction data items onto the pre-prepared tag if these data items have been acquired.

[0029] In an alternate TEIST arrangement, no information is printed on the tag apart from the unique identifier. In this event, it is purely the physical appearance of the tag which is used to detect actual or attempted fraud.

[0030] The TEIST arrangements may incorporate information into the tag in various manners including printing the information onto the tag, storing the information electronically in a memory in the tag, or using other methods.

[0031 ] A tamper-evident tag may be implemented in a number of ways. One example of a tamper-evident tag uses a One use' locking mechanism. Once the lock is closed (thereby securing the tag on the item being tagged) the lock can only be opened by destroying the integrity of the lock, making it visibly obvious that the lock has been broken and the integrity of the tag has been breached. It is virtually impossible to reassemble such a lock in a manner whereby it looks the same as it did prior to the breach occurring. Another example uses a custom printed multi-layer (typically two layers) Hologram affixed to the item being sold using adhesive. Such labels can be encoded with either a unique code (that hides the code number from being seen prior to peeling the label) or with one or more word/s printed on the under layer which, if made visible, indicate that the integrity of the tag has been breached. The hologram itself can be branded to the end users design if required. Holography is the process by which three-dimensional visual information is recorded, stored and made visible. The multidimensional images appear when held under certain light. A unique security feature of a hologram is the ability to see colours from many angles and depth, which is caused by the diffraction of the light hitting them.

[0032] Another example uses a custom-printed multi-layered label, as described above but without the hologram feature. Such a label may just have one or more words (eg 'void') or unique numbers printed on it. These numbers can also be referenced back to the original number issued in the database. In one example the store or seller knows the number but the number is not visible to the buyer. This is useful in the situation in which a consumer brings back an item and the retailer wants to carry out a further check, and thus peels back the label to see the unique code. The retailer then checks their system to see that the code matches a database entry, thereby proving that the label has not been tampered with or swapped. The retailer then needs to attach a new label to the item in order to secure it for re-sale. Such a label delaminates upon removal leaving a totally dry message (such as a unique code, or word eg 'void' or 'opened') on the surface of the item. The label may also have a visible (or non-visible) expiry date or batch number or other unique identifier embedded in it or on it (eg a unique code or bar code).

[0033] Another example uses frangible labels having petal-shaped security cuts which, once peeled, are not be able to be replaced without leaving a visible indication that the integrity of the tag has been breached. Another example uses a pliable vinyl label which stretches if force is applied to it, making tampering of the label evident.

[0034] Labels can be affixed using a plastic coated steel 'tail' that can only be broken by cutting through the steel, making it virtually impossible to repair in a non-tamper-evident manner. The plastic coating can also have security features embedded therein, including a visual change in the appearance of the plastic coating when a cut is made and a series of markings allowing easy visual identification of tampering. For example, the tail might be produced with multiple diagonal lines through it that cannot be re-aligned if the tail is cut.

[0035] The TEIST arrangement then stores a tag data record 219, comprising the unique tag identifier and the optional transaction data items (if these have been acquired), onto the tag database 1 10.

[0036] The vendor affixes the tag 218 in a tamper-evident manner to the product 211 by, for example, sticking the tag onto either the outside of the item, where it can readily be seen in normal use or on the inside flap of the product where it cannot be seen in normal use. The decision of whether to affix the tag in view or out of view is dependent on the particular circumstances. Alternately, the tag may be affixed to the product using a loop-through cable tie or other mechanism which cannot be tampered with without the tampering being evident.

[0037] The tag is referred to as being tamper-evident in order to indicate that if someone attempts to remove the tag this will be evident, and/or if someone attempts to alter the information printed on the tag this will be evident.

[0038] The vendor then conveys the TEIST tagged product 21 1 to the customer by, in the present example, handing it to the courier, who delivers it to the customer.

[0039] Sometime later, a person comes into the vendor's shop (or sends the item back to the seller by post/courier) with a handbag, stating that he purchased the product in the vendor's shop (or over the internet or by mail order) for $1000 and wishes to return it, because the cooling off period of two weeks has not yet elapsed. The vendor scrutinises the bag and the associated tag and notes that in the present example they appear not to have been tampered with.

[0040] The vendor then reads the tag data record from the tag affixed to the bag, and using his PC 103 to effect the TEIST arrangement, checks the tag data record against the tag database 1 10.

[0041 ] In one example, the database check determines that (a) the data record from the bag being returned is in fact stored on the tag database 1 10, and that (b) the tag data record on the tag database 1 10 comprises only the unique tag identifier 226 (ie there are no optional transaction data items). In this case, provided that the tag shows no signs of tampering either in regard to the information on the tag or in the manner the tag is affixed to the item, the return is deemed to be authorised.

[0042] In another TEIST example, the database check determines that (a) the scanned data record is stored on the tag database 1 10, and that (b) the tag data record on the tag database 1 10 comprises the unique tag identifier and an optional transaction data item being the name of the purchaser. In this example, provided that the tag shows no signs of tampering either in regard to the information on the tag or in the manner the tag is affixed to the item, the return is deemed to be authorised only if the tag data record 219 on the tag matches the tag data record stored on the database. In addition, the vendor to whom the item is being returned may ask the person returning the item to produce an identity document such as a drivers licence, and compare the name on the licence to the name on the tag.

[0043] The TEIST arrangement can accommodate many other types of example, depending upon the commercial policies adopted by the users of the arrangement.

[0044] Figs. 5A and 5B depict a general-purpose computer system 100, upon which the various arrangements described can be practiced.

[0045] As seen in Fig. 5A, the computer system 100 includes: the computer server module 107; input devices such as a keyboard 502, a mouse pointer device 503, a

scanner 526, a camera 527, and a microphone 580; and output devices including a printer 515, a display device 514 and loudspeakers 517. An external Modulator-Demodulator (Modem) transceiver device 516 may be used by the computer module 107 for communicating to and from the mobile device 101 and the PC 103 over the communications network 105 via a connection 521. The communications network 105 may be a wide-area network (WAN), such as the Internet, a cellular telecommunications network, or a private WAN. Where the connection 521 is a telephone line, the modem 516 may be a traditional "dial-up" modem. Alternatively, where the connection 521 is a high capacity (e.g., cable) connection, the modem 516 may be a broadband modem. A wireless modem may also be used for wireless connection to the communications network 105.

[0046] The computer module 107 typically includes at least one processor unit 505, and a memory unit 506. For example, the memory unit 506 may have semiconductor random access memory (RAM) and semiconductor read only memory (ROM). The computer module 107 also includes an number of input/output (I/O) interfaces including: an audio-video interface 507 that couples to the video display 514, loudspeakers 517 and microphone 580; an I/O interface 513 that couples to the keyboard 502, mouse 503, scanner 526, camera 527 and optionally a joystick or other human interface device (not illustrated); and an interface 508 for the external modem 516 and printer 515. In some implementations, the modem 516 may be incorporated within the computer module 107, for example within the interface 508. The computer module 107 also has a local network interface 51 1 , which permits coupling of the computer system 100 via a connection 523 to a local-area communications network 522, known as a Local Area Network (LAN). As illustrated in Fig. 5A, the local communications network 522 may also couple to the wide network 105 via a connection 524, which would typically include a so- called "firewall" device or device of similar functionality. The local network interface 51 1 may comprise an Ethernet circuit card, a Bluetooth* wireless arrangement or an IEEE 802.1 1 wireless arrangement; however, numerous other types of interfaces may be practiced for the interface 51 1.

[0047] The I/O interfaces 508 and 513 may afford either or both of serial and parallel connectivity, the former typically being implemented according to the Universal Serial Bus (USB) standards and having corresponding USB connectors (not illustrated). Storage devices 509 are provided and typically include a hard disk drive (HDD) 510. Other storage devices such as a floppy disk drive and a magnetic tape drive (not illustrated) may also be used. An optical disk drive 512 is typically provided to act as a non-volatile source of data. Portable memory devices, such optical disks (e.g., CD-ROM, DVD, Blu-ray Disc™), USB-RAM, portable, external hard drives, and floppy disks, for example, may be used as appropriate sources of data to the system 100.

[0048] The components 505 to 513 of the computer module 107 typically communicate via an interconnected bus 504 and in a manner that results in a conventional mode of operation of the computer system 100 known to those in the relevant art. For example, the processor 505 is coupled to the system bus 504 using a connection 518. Likewise, the memory 506 and optical disk drive 512 are coupled to the system bus 504 by connections 519. Examples of computers on which the described arrangements can be practised include IBM-PC's and compatibles, Sun Sparcstations, Apple Mac™ or a like computer systems.

[0049] The TEIST method may be implemented using the computer system 100 wherein the processes of Figs. 3 and 4, to be described, may be implemented as one or more software application programs 1 15 executable within the computer system 100. In particular, the steps of the TEIST method are effected by instructions 531 (see Fig. 5B) in the software 1 15 that are carried out within the computer system 100. The software instructions 531 may be formed as one or more code modules, each for performing one or more particular tasks. The software may also be divided into two separate parts, in which a first part and the corresponding code modules performs the TEIST methods and a second part and the corresponding code modules manage a user interface between the first part and the user.

[0050] The TEIST software may be stored in a computer readable medium, including the storage devices described below, for example. The software is loaded into the computer system 100 from the computer readable medium, and then executed by the computer system 100. A computer readable medium having such software or computer program recorded on the computer readable medium is a computer program product. The use of the computer program product in the computer system 100 preferably effects an advantageous TEIST apparatus.

[0051 ] The TEIST software 1 15 is typically stored in the HDD 510 or the memory 506. The software is loaded into the computer system 100 from a computer readable medium, and executed by the computer system 100. Thus, for example, the software 1 15 may be stored on an optically readable disk storage medium (e.g., CD-ROM) 525 that is read by the optical disk drive 512. A computer readable medium having such software or computer program recorded on it is a computer program product. The use of the computer program product in the computer system 100 preferably effects an TEIST apparatus.

[0052] In some instances, the TEIST application programs 1 15 may be supplied to the user encoded on one or more CD-ROMs 525 and read via the corresponding drive 512, or alternatively may be read by the user from the networks 105 or 522 via a web browser. Still further, the software can also be loaded into the computer system 100 from other computer readable media. Computer readable storage media refers to any non-transitory tangible storage medium that provides recorded instructions and/or data to the computer system 100 for execution and/or processing. Examples of such storage media include floppy disks, magnetic tape, CD-ROM, DVD, Blu-ray™ Disc, a hard disk drive, a ROM or integrated circuit, USB memory, a magneto-optical disk, or a computer readable card such as a PCMCIA card and the like, whether or not such devices are internal or external of the computer module 107.

Examples of transitory or non-tangible computer readable transmission media that may also participate in the provision of software, application programs, instructions and/or data to the computer module 107 include radio or infra-red transmission channels as well as a network connection to another computer or networked device, and the Internet or Intranets including e- mail transmissions and information recorded on Websites and the like.

[0053] The second part of the application programs 1 15 and the corresponding code modules mentioned above may be executed to implement one or more graphical user interfaces (GUIs) to be rendered or otherwise represented upon the display 514. Through manipulation of typically the keyboard 502 and the mouse 503, a user of the computer system 100 and the application may manipulate the interface in a functionally adaptable manner to provide controlling commands and/or input to the applications associated with the GUI(s). Other forms of functionally adaptable user interfaces may also be implemented, such as an audio interface utilizing speech prompts output via the loudspeakers 517 and user voice commands input via the microphone 580.

[0054] Fig. 5B is a detailed schematic block diagram of the processor 505 and a

"memory" 534. The memory 534 represents a logical aggregation of all the memory modules (including the HDD 509 and semiconductor memory 506) that can be accessed by the computer module 107 in Fig. 5A.

[0055] When the computer module 107 is initially powered up, a power-on self-test (POST) program 550 executes. The POST program 550 is typically stored in a ROM 549 of the semiconductor memory 506 of Fig. 5A. A hardware device such as the ROM 549 storing software is sometimes referred to as firmware. The POST program 550 examines hardware within the computer module 107 to ensure proper functioning and typically checks the processor 505, the memory 534 (509, 506), and a basic input-output systems software (BIOS) module 551 , also typically stored in the ROM 549, for correct operation. Once the POST program 550 has run successfully, the BIOS 551 activates the hard disk drive 510 of Fig. 5A. Activation of the hard disk drive 510 causes a bootstrap loader program 552 that is resident on the hard disk drive 510 to execute via the processor 505. This loads an operating system 553 into the RAM memory 506, upon which the operating system 553 commences operation. The operating system 553 is a system level application, executable by the processor 505, to fulfil various high level functions, including processor management, memory management, device management, storage management, software application interface, and generic user interface.

[0056] The operating system 553 manages the memory 534 (509, 506) to ensure that each process or application running on the computer module 107 has sufficient memory in which to execute without colliding with memory allocated to another process. Furthermore, the different types of memory available in the system 100 of Fig. 5A must be used properly so that each process can run effectively. Accordingly, the aggregated memory 534 is not intended to illustrate how particular segments of memory are allocated (unless otherwise stated), but rather to provide a general view of the memory accessible by the computer system 100 and how such is used.

[0057] As shown in Fig. 5B, the processor 505 includes a number of functional modules including a control unit 539, an arithmetic logic unit (ALU) 540, and a local or internal memory 548, sometimes called a cache memory. The cache memory 548 typically include a number of storage registers 544 - 546 in a register section. One or more internal busses 541 functionally interconnect these functional modules. The processor 505 typically also has one or more interfaces 542 for communicating with external devices via the system bus 504, using a connection 518. The memory 534 is coupled to the bus 504 using a connection 519.

[0058] The application program 1 15 includes a sequence of instructions 531 that may include conditional branch and loop instructions. The program 1 15 may also include data 532 which is used in execution of the program 1 15. The instructions 531 and the data 532 are stored in memory locations 528, 529, 530 and 535, 536, 537, respectively. Depending upon the relative size of the instructions 531 and the memory locations 528-530, a particular instruction may be stored in a single memory location as depicted by the instruction shown in the memory location 530. Alternately, an instruction may be segmented into a number of parts each of which is stored in a separate memory location, as depicted by the instruction segments shown in the memory locations 528 and 529.

[0059] In general, the processor 505 is given a set of instructions which are executed therein. The processor 1 105 waits for a subsequent input, to which the processor 505 reacts to by executing another set of instructions. Each input may be provided from one or more of a number of sources, including data generated by one or more of the input devices 502, 503, data received from an external source across one of the networks 105, 502, data retrieved from one of the storage devices 506, 509 or data retrieved from a storage medium 525 inserted into the corresponding reader 512, all depicted in Fig. 5A. The execution of a set of the instructions may in some cases result in output of data. Execution may also involve storing data or variables to the memory 534.

[0060] The disclosed TEIST arrangements use input variables 554, which are stored in the memory 534 in corresponding memory locations 555, 556, 557. The TEIST arrangements produce output variables 561 , which are stored in the memory 534 in corresponding memory locations 562, 563, 564. Intermediate variables 558 may be stored in memory

locations 559, 560, 566 and 567.

[0061 ] Referring to the processor 505 of Fig. 5B, the registers 544, 545, 546, the arithmetic logic unit (ALU) 540, and the control unit 539 work together to perform sequences of micro- operations needed to perform "fetch, decode, and execute" cycles for every instruction in the instruction set making up the program 1 15. Each fetch, decode, and execute cycle comprises:

• a fetch operation, which fetches or reads an instruction 531 from a memory

location 528, 529, 530;

• a decode operation in which the control unit 539 determines which instruction has been fetched; and

• an execute operation in which the control unit 539 and/or the ALU 540 execute the

instruction.

[0062] Thereafter, a further fetch, decode, and execute cycle for the next instruction may be executed. Similarly, a store cycle may be performed by which the control unit 539 stores or writes a value to a memory location 532.

[0063] Each step or sub-process in the processes of Figs. 3 and 4 is associated with one or more segments of the program 1 15 and is performed by the register section 544, 545, 547, the ALU 540, and the control unit 539 in the processor 505 working together to perform the fetch, decode, and execute cycles for every instruction in the instruction set for the noted segments of the program 1 15.

[0064] Fig. 2 is a functional block diagram showing one example of the how TEIST arrangement operates. The vendor 221 conducts a transaction 201 according to the disclosed TEIST arrangement, in which the vendor sells the product 21 1 to a customer (not shown). According to the TEIST arrangement, a unique tag identifier 226 is created as well, optionally, as a set of transaction information 206. The set of transaction information 206 and the unique tag identifier 226 are combined to construct a tag data record 219. The tag data record 219 is recorded, as depicted by an arrow 215, on a tag 218. The tag data record is also

communicated, as depicted by an arrow 220 and as described hereinafter in more detail with reference to Figs. 6A and 6B, to the tag server 107 for storage on the tag database 1 10 as depicted in Fig. 1 .

[0065] In order to optionally generate the set of transaction information 206, the TEIST arrangement may collect information, described hereinafter in more detail, relating to the transaction 201. Associated with the product 21 1 , as depicted by an arrow 212, is product information 213 which describes the product in question. The product information 213 is preferably comprehensive enough to enable a third party to unambiguously identify the product 21 1 from the product information 213. For example, the product information 213 can include a written description of the product 21 1 , a photograph of the product 21 1 and/or other descriptive information. The product information may be provided to the TEIST arrangement from another product database (not shown) used by the vendor in operating the store in which the database contains stock item descriptions. Alternately the vendor 221 can manually enter the product information 213 manually via the keyboard 502.

[0066] The TEIST arrangement may optionally also derive, as depicted by an arrow 222, vendor information 223 relating to the vendor 221 who is selling the product 21 1. The vendor information 223 can include, for example, the name and address of the vendor as well as other identifying information. The vendor 221 can manually enter this information 223 manually via the keyboard 502 or it can be pre-coded into the PC 103.

[0067] The TEIST arrangement may optionally also generate, as depicted by an arrow 203, purchaser information 204 relating to the purchaser 202. The purchaser information 204 can include, for example, the name and address of the purchaser 202, as well as a telephone number, an email address and so on. The vendor 221 typically manually enters this information 204 manually via the keyboard 502.

[0068] The TEIST arrangements can also optionally include generation, as depicted by an arrow 209, of ancillary element information 209, relating to an ancillary element 207 such as a distribution channel to be used to convey the product 21 1 from the vendor 221 to the purchaser 202. The vendor 221 typically manually enters this information 204 manually via the keyboard 502.

[0069] If the particular TEIST arrangement optionally generates the set of transaction information 206, the vendor information 223, the purchaser information 204, the ancillary element information 209 and the product information 213 are combined, as depicted by respective arrows 224, 205, 210 and 214, to form a multi-dimensional dataset referred to as the set of transaction information 206, characterising the transaction 201 .

[0070] The unique tag identifier 226 can be generated using, for example, a random number generator with a number space that is sufficiently large to provide substantially unique identifiers within the TEIST arrangement. The TEIST arrangement can be implemented in a number of differing arrangements which place different requirements on the random number generator, if this is the method adopted for generating the unique tag identifier 226. Thus, for example, if the TEIST arrangement is a single global arrangement run by a single TEIST service provider, then the number space of the random number generator can be a single space which is large enough to provide substantially unique tag identifiers for the expected number of clients using the TEIST arrangement. If, on the other hand, the TEIST arrangement is practiced by multiple TEIST service providers, then in order to avoid ambiguity the random number generator associated with each TEIST arrangement should preferably use a different random number generation space.

[0071 ] Other methods can also be used to generate the unique tag identifiers.

[0072] Once the unique tag identifier 226 and optionally the set of transaction information 206 have been generated as described above, they are, as noted previously, combined to form the tag data record 219. The record 219 is recorded, as depicted by the arrow 215, on the tag 218. If the tag is an RFID or similar tag, the record 219 may be communicated to the tag using Bluetooth or Near Field Communication (NFC) technology, and recorded into a memory on the tag. The tag 218 is then affixed, as depicted by an item/tag connector 216, to the product 21 1.

[0073] The tag data record 219 is recorded on the tag 218 in a tamper-evident manner, making it difficult to alter the details of the tag data record 219 without this being evident to a person inspecting the tag 218. Similarly, the tag 218 is affixed to the product 21 1 in a tamper- evident manner that makes it difficult to remove the tag 219 from the product 21 1 without this being evident to a person inspecting the tag tagged item 217.

[0074] The tag data record 219 is also communicated, as depicted by the arrow 220 to the tag server 107 for storage on the tag database 1 10.

[0075] The TEIST arrangement described with reference to Fig. 2 describes an arrangement in which the tag identifier 226 and the transaction data items 223, 204, 209 and 213 are generated during the purchase / sale transaction 201 , and that the tagging of the product 21 1 with the tag 218 also occurs at this time. However the TEIST arrangement can be implemented using alternate but equivalent processes.

[0076] Thus for example a set of pre-prepared tags having corresponding pre-defined unique tag identifiers can be prepared and stored by a vendor. One of these pre-prepared tags can be used each time a transaction is performed. In such a case a block of unique identifiers can be reserved for a particular vendor, and a unique identifier stored on the tag database 1 10 when the corresponding tag is affixed to an item being sold.

[0077] Fig. 3 is a flow chart of a typical process 300 for implementing one example of a TEIST arrangement. The process 300 comprises two process fragments, one fragment 329 relating to a sale / purchase transaction 327 depicted by the dashed rectangle 201 in Fig. 2, and another process fragment 330 relating to return of goods 328 that have been purchased according to the TEIST arrangement.

[0078] Commencing with the purchase transaction 329 the process commences with a start step 301 , after which control follows an arrow 302 to a step 303 in which the transaction is completed. The step 303 involves generation of the unique tag identifier 226, and optionally, the various information sets 223, 204, 209 and 213 as depicted in Fig. 2, the tag data record 219, and the various other actions depicted and described in relation to Fig. 2. Returning to Fig. 3, following an arrow 304, in a step 305 the tag data record 219 is stored, as depicted by the arrow 220 in Fig. 2, on the tag database 1 10 via the tag server 107 as depicted in Fig. 1.

[0079] At the end of the process fragment 329, the vendor 221 has sold the product 21 1 to the purchaser 202 as a TEIST tagged item 217, and has conveyed the product 21 1 to the purchaser 202 in a manner agreed upon by the two parties. The product 21 1 that is conveyed to the purchaser 202 has affixed thereto the tag 218 having recorded thereon the tag data record 219. The tag data record 219 is recorded on the tag 218 in a tamper-evident manner, and the tag 218 is affixed to the product 21 1 in a tamper-evident manner by means of the item/tag connector 216.

[0080] The tag data record 219 may, in a simple example, comprise only the unique tag identifier 226. In another example, the tag data record 219 may comprise the unique tag identifier 226 and the set of optional transaction information 206 which in turn comprises one or more of the vendor information 223, the purchaser information 204, the ancillary information 209 and the product information 213. [0081 ] The process fragment 330 commences with a step 307 in which the vendor 221 receives a request from a person to return a product purported to be the product 21 1 .

[0082] The process 330 follows an arrow 308 to a decision step 309 in which the vendor scrutinises the returned product in order to determine if a tag is still attached. If this is not the case, then the process 330 follows a NO arrow 322 to a step 323 in which the return of goods is denied, or the vendor follows other policy guidelines which have defined for such an event. The process 330 then follows an arrow 324 to an END step 321 .

[0083] Returning to the step 309, if a tag is still attached to the product being returned, then the process 330 follows a YES arrow 310 to a decision step 31 1. In the step 31 1 the vendor determines if the tag, while still attached to the product in question, has been tampered with. This involves a visual or other inspection of the tag and the product in order to determine whether tampering is evident. If tampering is evident, then the process 330 follows a YES arrow 325 to the deny-return step 323. If, on the other hand, there is no evidence of tampering with the tagged product, then the process 330 follows a NO arrow 312 to a step 313 which processes the returned tagged product in accordance with the TEIST arrangement. This is described hereinafter in more detail in regard to Fig. 4.

[0084] The process 330 then follows an arrow 314 to a step 315 in which the TEIST arrangement determines if the return is authorised or not. If the return is not authorised, then the process 330 follows an NO arrow 326 to the deny-return 323. If, on the other hand, the return is authorised, then the process 330 follows a YES arrow 316 to a step 317. In the step 317 the vendor removes the tag 218 from the returned product 21 1 and then, following an arrow 318, returns the product 21 1 to stock and returns the purchase price to the customer or provides the customer with a credit against future purchases in a step 319. The process 330 then follows an arrow 320 to the END step 321. The unique identifier is also erased from the tag database 1 10. In an alternate TEIST arrangement, the information associated with the tag is stored in the database 1 10 for future use, and the tag identifier is either flagged as "used" and not used again, or it is released for fresh use.

[0085] Fig. 4 is a flow chart of a typical process 313 for implementing the process return step 313 in the process of Fig. 3. The process 313 commences with a step 401 in which the tag record 219 is read from the tag 218 that is affixed to the returned product 21 1. If the return process is taking place at the server 107, the tag data record 219 may be read from the tag by a person and manually entered into the tag server 107 via the keyboard 502, or alternatively, the tag information may be read using the scanner 526 or another scanning device (not shown). Alternately, if the return process is taking place at another machine in the TEIST system 100, such as at the computer 103, the tag data record may be read from the tag by a person and manually entered into the computer 103 107 via a keyboard (not shown), or alternatively, the tag information may be read using a scanner (not shown) and downloaded to the server 107 over the network 105.

[0086] Thereafter, following an arrow 402, the TEIST arrangement searches in the tag database 1 10 for the unique tag identifier 226 extracted from the tag data record 219 on the tag 218 that is attached to the returned product 21 1 . The TEIST arrangement searches the tag database 1 10 for any optional transaction information 206 extracted from the tag record 219 on the tag.

[0087] Thereafter, following an arrow 404, the TEIST arrangement can optionally retrieve associated history information from the fraud / history database 1 1 1. Control then follows an arrow 406 to a step 407 in which the TEIST arrangement matches the tag data record 219 from the tag 218 of the returned product 21 1 to the unique tag identifier and the optional transaction information (if such is present) retrieved from the tag database 1 10 optionally in light of the appropriate history from the fraud history database 1 1 1 , and optionally in light of a relevant store policy which is recorded on the policy database 1 16. The TEIST arrangement also enables the vendor 21 1 to view the tag data record 219 on the display of his PC 103, and to ask questions of the person returning the goods to verify optional data transaction items such as their address and the delivery channel they used when purchasing the product, if the tag data record in question includes such optional data transaction items.

[0088] As previously noted, various TEIST arrangements store different information on the tag and on the tag database 1 10 depending upon business and commercial policies. Thus, in one example, the tag data record 219 may comprise only the unique tag identifier. In this example, provided that the tag shows no signs of tampering either in regard to the information on the tag or in the manner the tag is affixed to the item, and provided that the retrieved set 206 of transaction information from the tag database 1 10 comprises only the unique tag identifier, the return is deemed to be authorised. In another example, the tag data record 219 may comprise the unique tag identifier and the name of the purchaser. In this example, provided that the tag shows no signs of tampering either in regard to the information on the tag or in the manner the tag is affixed to the item, and provided that the information retrieved from the tag database 1 10 includes the unique tag identifier and the name of the purchaser, the return is deemed to be authorised.

[0089] Furthermore, the vendor may apply additional policies. For example, the vendor may just be interested in determining that the item being returned was originally purchased from them. The vendor may in addition apply 'return rules' such as 'items must be returned within 30 days' or 'item must be in as new condition'.

[0090] Thereafter, following an arrow 408 in a decision step 409 the TEIST arrangement determines if the matching process performed in the step 407 justifies an authorisation of the returned product. If this is the case, then the process 313 follows a YES arrow 410 to a step 41 1 in which the return is authorised. The process 313 then follows an arrow 412 to the step 315 in Fig. 3 via an arrow 314. If, on the other hand, the step 409 determines that the match does not justify authorisation of the returned product, then the process 313 follows a NO arrow 413 to a step 414 in which the return is not authorised, and the process 313 then follows an arrow 415 and the arrow 314 to the step 315 in Fig. 3.

[0091 ] The test performed in the step 409 to determine if the match justified authorising the return provides a significant amount of flexibility to the vendor, enabling them to tailor their returns policy to a wide variety of parameters.

[0092] Furthermore, the steps 41 1 and 414 can be performed according to the vendor's return policies. For example, even if the return is authorised based upon the matching of the tag data record 219 against the record stored in the tag database 1 10, the vendor may in addition require that the return be effected within 30 days. If the return is not authorised based upon the matching of the tag data record 219 against the record stored in the tag database 1 10, return of the item may be refused or may be referred to the vendors management for a decision. Any decision to accept the return at this stage could be based on the vendor policy on goodwill and possibly wanting to keep a good customer happy. The return might thus be authorised knowing that the item had been 'swapped' or interfered with.

[0093] Returning to the matching step 407, we firstly consider the simple case of matching without reference to the fraud / history database 1 1 1 or the policy database 1 16. In this simple example, a match requires that each data item 618 - 622 on the tag 218 of the returned tagged item 217 matches a corresponding data item 607 - 61 1 in the data record retrieved from the tag database 1 10. As noted previously, the tag data record 219 in question may consist only of the unique tag identifier 226, or may optionally contain additional information 206.

[0094] Figs. 6A and 6B depicts examples of data records used in the TEIST arrangements on a tag and in a tag database respectively. Fig. 6A shows one example 600 of the tag data record 219. The tag data record in this example 612 contains five data items 613-617 having associated information 618-622. Thus, for example, the unique tag ID 613 has a value 618 of 15627Ad678. This, in one TEIST example, is a random number generated in order to construct the unique tag identifier 226 referred to in regard to Fig. 2. The particular example in Fig. 6A shows that transaction data item number one corresponds to the product information 213 in Fig. 2 and in the present example the product is a glass bowl having a product code 567d the bowl being a 7cm diameter bowl. The transaction data number 2 (ie 615) relates to the vendors address, while the transaction data item number 3 (ie 616) relates to the address of the purchaser 202. The transaction data item number 4 (ie 617) relates to the optional ancillary element 207, in this case being details of the distribution channel used to convey the goods to the customer, a courier being used in the present example.

[0095] Fig. 6B depicts the tag data record 600 as it is stored in the tag database 1 10 in one TEIST arrangement. It is evident that the data structures depicted in Figs. 6A and 6B for both the tag data record 219 on the tag 218, and the corresponding data record in the tag database 1 10 are merely examples of how such data items can be represented and stored.

[0096] Fig. 7 is a flow chart of another typical process 700 for implementing an example of a TEIST arrangement. The method 700 comprises a transaction method 722 and a return method 723. The transaction method 722 commences with a start step 701 and after following an arrow 702 a following step 703 affixes, in a tamper-evident manner, a tag (218) containing a unique tag identifier (226) to an item being sold. Control then follows an arrow 704 and a following step 705 stores the identifier in a database 1 10. This concludes the transaction method segment 722.

[0097] When an item is returned, control follows an arrow 706 to a test step 707 that determines if a tag affixed to an item being returned has been tampered with or if information on the tag affixed to the item being returned has been tampered with. If tampering has occurred, control follows a YES arrow 708 to a step 709 that denies the return of the item. If however no tampering has occurred, control follows a NO arrow 712 to a step 713 that determines, from the tag affixed to the item being returned, a tag identifier, and possibly optional information. Control then follows an arrow 714 to a step 715 that searches the database for the tag identifier, and the optional information if that was present on the tag, determined from the item being returned. Control then follows an arrow 716 and a following test step 717 determines if a match is found. If this is not the case, control follows a NO arrow 704 to the step 709. If however there is a match, control then follows a YES arrow 719 and a following step 720 authorises a return of the item.

Industrial Applicability

[0098] The arrangements described are applicable to the computer and data processing industries and particularly as they apply to the retail shopping industry.

[0099] The foregoing describes only some embodiments of the present invention, and modifications and/or changes can be made thereto without departing from the scope and spirit of the invention, the embodiments being illustrative and not restrictive. Thus for example the TEIST arrangements may be used in the following alternate manners. Where an e-commerce vendor is deemed to be trustworthy, they may purchase tags to affix to their inventory, at which stage the product name/description will be stored on the tag data record. When an order is picked and packed, the tag data record will be completed with purchaser information and the data stored on the tag database 1 10.