Systems and methods which prevent or limit access to protected content (e.g., value bearing indicia (VBI)) by a general purpose user interface application (e.g., web browser) are shown. Embodiments implement techniques to avoid displaying protected content by a general purpose user interface application, or displaying protected content during a time in which a user does not have access to particular functions of the general purpose user interface application, to protect the content from various operations, such as repeated printing, electronic copying, etc. Data presentation formatting control in the form of style sheets may be utilized to control access to content. Additionally or alternatively, executable code or an executable object may be implemented within a page or other content to control access to content. Similarly, separate areas, such as windows or pages, may be utilized to control access to content.

The present invention is directed to systems and methods which identify fraudulent situations during the transaction phase. In one embodiment, such detection is accomplished by monitoring for situations either outside the range of normal for the general population or outside the range of normal for this particular user. The normal range could be rule driven and, for example, could include size of a given purchase, frequency of purchases, identity the equipment being utilized for the current transaction, etc. The rule could be relaxed or tightened, at least in part, based on the length of time that the user has been a customer and the user's past payment history. In one embodiment, device ids are used to detect fraudulent users. These device (or software) ids could, for example, be a fingerprint of the user's equipment, or a cookie previously downloaded to the user that identifies the user to the fulfillment system. In situations where fraud is detected downloading the value to the user is interrupted.

In certain embodiments, cryptographic-chain-based verification of postage transaction records may be facilitated. In some embodiments, a customer computer system may obtain a customer private key associated with a customer from a secure local storage at the customer computer system. The customer computer system may obtain (i) a first vendor digital signature derived from a first postage transaction record and (ii) a second postage transaction record. The customer computer system may create a customer digital signature based on (i) the customer private key, (ii) the first vendor digital signature, and (iii) the second postage transaction record. The customer computer system may provide the customer digital signature to a vendor computer system associated with the postage vendor, and, in response, obtain a second vendor digital signature from the vendor computer system, wherein the second vendor digital signature is based on (i) a vendor private key associated with the postage vendor and (ii) the customer digital signature.

Systems and methods which are adapted to generate multiple indicia in a single secure environment session are described. Embodiments provide for generation of a plurality of postage indicia in a single postage security device (PSD) transaction, whereby the PSD loads and unloads corresponding virtual PSD information a single time for generating the plurality of postage indicia (i.e., in a single secure environment session). The indicia generated in a same secure environment session according to embodiments of the invention may comprise a plurality of indicia requested by a same, single user. Additionally or alternatively, the indicia generated in the same secure environment session may comprise a plurality of indicia requested by multiple different users.

Systems and methods which are adapted to generate multiple indicia in a single secure environment session are described. Embodiments provide for generation of a plurality of postage indicia in a single postage security device (PSD) transaction, whereby the PSD loads and unloads corresponding virtual PSD information a single time for generating the plurality of postage indicia (i.e., in a single secure environment session). The indicia generated in a same secure environment session according to embodiments of the invention may comprise a plurality of indicia requested by a same, single user. Additionally or alternatively, the indicia generated in the same secure environment session may comprise a plurality of indicia requested by multiple different users.

Systems and methods which prevent or limit access to protected content (e.g., value bearing indicia (VBI)) by a general purpose user interface application (e.g., web browser) are shown. Embodiments implement techniques to avoid displaying protected content by a general purpose user interface application, or displaying protected content during a time in which a user does not have access to particular functions of the general purpose user interface application, to protect the content from various operations, such as repeated printing, electronic copying, etc. Data presentation formatting control in the form of style sheets may be utilized to control access to content. Additionally or alternatively, executable code or an executable object may be implemented within a page or other content to control access to content. Similarly, separate areas, such as windows or pages, may be utilized to control access to content.

Methods and systems for electronic document authentication are disclosed. In one aspect, a method of generating an electronic postmark includes receiving, via a server, a request message from an electronic network, the request message comprising request data including payload data and meta data, generating a timestamp in response to receiving the message, hashing the payload data to generate a payload hash, digitally signing the metadata, the payload hash, and the timestamp to generate a digital signature, generating a response message, the response message generated to comprise the metadata, the payload hash, the timestamp, and the digital signature; and transmitting the response message onto the electronic network.

In certain embodiments, cryptographic-chain-based verification of postage transaction records may be facilitated. In some embodiments, a customer computer system may obtain a customer private key associated with a customer from a secure local storage at the customer computer system. The customer computer system may obtain (i) a first vendor digital signature derived from a first postage transaction record and (ii) a second postage transaction record. The customer computer system may create a customer digital signature based on (i) the customer private key, (ii) the first vendor digital signature, and (iii) the second postage transaction record. The customer computer system may provide the customer digital signature to a vendor computer system associated with the postage vendor, and, in response, obtain a second vendor digital signature from the vendor computer system, wherein the second vendor digital signature is based on (i) a vendor private key associated with the postage vendor and (ii) the customer digital signature.

Methods and systems for electronic document authentication are disclosed. In one aspect, a method of generating an electronic postmark includes receiving, via a server, a request message from an electronic network, the request message comprising request data including payload data and meta data, generating a timestamp in response to receiving the message, hashing the payload data to generate a payload hash, digitally signing the metadata, the payload hash, and the timestamp to generate a digital signature, generating a response message, the response message generated to comprise the metadata, the payload hash, the timestamp, and the digital signature; and transmitting the response message onto the electronic network.

In certain embodiments, cryptographic-chain-based verification of postage transaction records may be facilitated. In some embodiments, a customer computer system may obtain a customer private key associated with a customer from a secure local storage at the customer computer system. The customer computer system may obtain (i) a first vendor digital signature derived from a first postage transaction record and (ii) a second postage transaction record. The customer computer system may create a customer digital signature based on (i) the customer private key, (ii) the first vendor digital signature, and (iii) the second postage transaction record. The customer computer system may provide the customer digital signature to a vendor computer system associated with the postage vendor, and, in response, obtain a second vendor digital signature from the vendor computer system, wherein the second vendor digital signature is based on (i) a vendor private key associated with the postage vendor and (ii) the customer digital signature.