EN 14615:2005

SLOVENSKI STANDARD
01-maj-2005
3RãWQHVWRULWYH±'LJLWDOQHSRãWQHR]QDþEH±8SRUDEDYDUQRVWLQREOLNRYDQMH
Postal services - Digital postage marks - Applications, security and design
Postalische Deinstleistungen - Digitale Freimachungsvermerke - Inhalte, Sicherheit und
Gestaltung
Services postaux - Marques d'affranchissement digitales - Applications, sécurité et
conception
Ta slovenski standard je istoveten z: EN 14615:2005
ICS:
03.240 Poštne storitve Postal services
2003-01.Slovenski inštitut za standardizacijo. Razmnoževanje celote ali delov tega standarda ni dovoljeno.

EUROPEAN STANDARD
EN 14615
NORME EUROPÉENNE
EUROPÄISCHE NORM
January 2005
ICS 03.240
English version
Postal services - Digital postage marks - Applications, security
and design
Services postaux - Marques d'affranchissement digitales - Postalische Deinstleistungen - Digitale
Applications, sécurité et design Freimachungsvermerke - Inhalte, Sicherheit und
Gestaltung
This European Standard was approved by CEN on 26 August 2004.
CEN members are bound to comply with the CEN/CENELEC Internal Regulations which stipulate the conditions for giving this European
Standard the status of a national standard without any alteration. Up-to-date lists and bibliographical references concerning such national
standards may be obtained on application to the Central Secretariat or to any CEN member.
This European Standard exists in three official versions (English, French, German). A version in any other language made by translation
under the responsibility of a CEN member into its own language and notified to the Central Secretariat has the same status as the official
versions.
CEN members are the national standards bodies of Austria, Belgium, Cyprus, Czech Republic, Denmark, Estonia, Finland, France,
Germany, Greece, Hungary, Iceland, Ireland, Italy, Latvia, Lithuania, Luxembourg, Malta, Netherlands, Norway, Poland, Portugal, Slovakia,
Slovenia, Spain, Sweden, Switzerland and United Kingdom.
EUROPEAN COMMITTEE FOR STANDARDIZATION
COMITÉ EUROPÉEN DE NORMALISATION
EUROPÄISCHES KOMITEE FÜR NORMUNG
Management Centre: rue de Stassart, 36  B-1050 Brussels
© 2005 CEN All rights of exploitation in any form and by any means reserved Ref. No. EN 14615:2005: E
worldwide for CEN national Members.

Contents
page
Foreword.6
1 Scope .8
2 Normative references .8
3 Terms and definitions .9
4 Symbols and abbreviations.11
5 DPM applications and design process.12
5.1 Introduction.12
5.2 DPM business planning .13
5.3 DPM systems analysis .14
5.4 DPM security analysis.14
5.5 DPM design .15
Annex A (normative)  Specification checklists.16
A.1 DPM applications specifications.16
A.2 System specification .16
A.3 Security specification.16
A.4 DPM specification.16
Annex B (informative)  Business planning considerations .17
B.1 Possible applications .17
B.2 Market segmentation.18
B.2.1 Approach .18
B.2.2 Mailer segmentation .18
B.2.3 Postal access and induction .19
B.2.4 Payment.19
B.3 Applications selection.20
B.3.1 Approach .20
B.3.2 Infrastructure requirements and constraints.20
B.3.3 Other factors .21
Annex C (informative)  Security analysis considerations .22
C.1 Context.22
C.2 Security objectives, policy and economics .23
C.3 Threats and vulnerabilities .24
C.3.1 Introduction.24
C.3.2 Environmental context.24
C.3.3 General threats to DPM systems .25
C.4 Applications and message level security .27
C.5 Security services and message level countermeasures.29
C.6 Applications level countermeasures .31
C.6.1 Introduction.31
C.6.2 Access and usage controls .31
C.6.3 Duplicate detection.34
C.6.4 Induction control .36
C.6.5 Inspection & forensic analysis.37
C.6.6 Investigation.37
C.6.7 Postal item verification .38
C.6.8 Obliteration countermeasures .40
C.6.9 Security service management.40
C.6.10 Volume and revenue controls .40
C.7 Countermeasure selection.41
C.8 Application of countermeasures.42
C.9 Message security implementation options.43
C.9.1 Introduction.43
C.9.2 Digital signatures.43
C.9.3 Message authentication codes .44
C.9.4 Exchange validation codes .45
C.9.5 Selection of message security techniques.47
C.9.6 Application of verification techniques .47
Annex D (informative)  Systems analysis considerations .48
D.1 Requirements analysis.48
D.2 Functional description .49
D.2.1 Approach .49
D.2.2 Postal item production.49
D.2.3 Rating.49
D.2.4 Accounting .50
D.2.5 DPM generation .50
D.2.6 DPM printing .50
D.2.7 Payment.50
D.2.8 Induction.50
D.2.9 Mail processing: sorting, transportation and delivery .50
D.2.10 Component management.51
D.2.11 Security management .51
D.2.12 Audit.51
D.2.13 Application services.51
D.3 Function allocation and architecture design.51
D.4 Other detailed design aspects .52
D.4.1 Introduction.52
D.4.2 Data requirements and sourcing .52
D.4.3 DPM printing .53
D.4.4 DPM data capture .54
D.4.5 Applications processing.55
D.4.6 Security analysis .56
D.4.7 Exception handling.56
Annex E (informative)  DPM design considerations .57
E.1 Data content .57
E.2 Data entry .58
E.3 Data construct mapping.58
E.4 Symbology .59
E.5 Human readable information.60
E.6 Layout, facing & aesthetics .61
E.7 Performance and test criteria.62
Annex F (informative)  Statistical analysis of DPM verification.63
F.1 Introduction.63
F.2 Purpose and scope of postal item verification.63
F.3 Detection of DPMs with invalid validation code.64
F.3.1 Introduction.64
F.3.2 Parameters .64
F.3.3 Possible Outcomes .65
F.3.4 Analysis of Outcomes.65
F.3.5 Calculation of Fraud Incidence .66
F.4 Influence of CVC length on fraud detection.68
F.5 Detection of duplicate DPMs .69
Annex G (informative)  Message security algorithms .71
G.1 Introduction.71
G.2 Hash functions used in message security services .71
G.3 Asymmetric (public key) cryptographic algorithms .71
G.3.1 DSA .71
G.3.2 RSA .72
G.3.3 ECDSA .72
G.3.4 Hybrid digital signatures with partial message recovery.73
G.3.5 Other digital signature methods .74
G.4 Message authentication code (MAC) algorithms .74
G.4.1 CBC DES.74
G.4.2 Advanced Encryption Standard (AES) .75
G.4.3 HMAC .75
G.4.4 MAC truncation and CVC size .76
G.5 Exchange validation code generation .77
G.6 Selection of algorithms for CVC implementation.78
G.6.1 Introduction.78
G.6.2 Cryptographic strength of commonly used algorithms .78
G.6.3 Validation code size and size inflation .80
G.6.4 Generation and verification complexity .81
G.6.5 Key generation complexity.82
G.6.6 Key management infrastructure .82
G.6.7 Intellectual property rights .82
G.6.8 Legality of use; export and import approval.83
Annex H (informative)  CVC generation and verification data.84
H.1 Introduction.84
H.2 Sources of data for verification.84
H.2.1 Introduction.84
H.2.2 Data encoded on the item.85
H.2.3 Data accessed by database look up .85
H.3 Selection of data used in the verification process.85
H.3.1 Introduction.85
H.3.2 Acceptance control code.87
H.3.3 Batch identifier and item number; licence plate .87
H.3.4 CVC .88
H.3.5 Date / time.88
H.3.6 Delivery security code.88
H.3.7 Device identifier, customer identifier or licence number .89
H.3.8 Postage value.89
H.3.9 Public key certificate identifier.89
H.3.10 Rating parameter(s), including service indicator.89
Annex I (informative)  Architecture examples .91
I.1 Introduction.91
I.2 The REMPI architecture .91
I.2.1 Introduction.91
I.2.2 Mailer systems .91
I.2.3 Mail finishing system .91
I.2.4 Mail finishing print subsystem.91
I.2.5 Secure accounting system .92
I.2.6 Announcement system .93
I.2.7 Acceptance system .93
I.2.8 Postal item verification system.93
I.2.9 Reconciliation & support systems.94
I.2.10 Bank .94
I.2.11 Post systems.94
I.2.12 Mail handling infrastructure .94
I.2.13 Customer information system.94
I.2.14 Enquiry & data system .94
I.3 USPS IBIP configurations.95
I.3.1 Introduction.95
I.3.2 System components.96
I.3.3 Configuration A.96
I.3.4 Configuration B.98
Annex J (informative)  Examples of digital postage marks (not to scale).99
J.1 Australia Post.99
J.2 Canada Post .99
J.3 Deutsche Post.100
J.4 Die Post, Switzerland .101
J.5 Royal Mail .102
J.6 United States Postal Service (USPS).102
Annex K (informative)  Relevant intellectual property rights (IPR) .104
K.1 Introduction.104
K.2 Massachusetts Institute of Technology .104
K.3 Neopost.104
K.4 Pitney Bowes Inc .104
K.5 Pitney Bowes Inc, together with Certicom Corp .105
K.6 United States Department of Commerce.105
K.7 United States Postal Service .105
Annex L (informative)  DPM design charts .106
L.1 Applicability of countermeasures against identified threats.106
Application Countermeasure.107
L.2 Data elements used by typical applications & countermeasures .108
L.3 Mapping data elements onto data source & DPM data constructs .112
Bibliography.114
Foreword
This document (EN 14615:2005) has been prepared by Technical Committee CEN/TC 331 “Postal Services”, the
secretariat of which is held by NEN, in collaboration with the UPU.
NOTE This document has been prepared by experts coming from CEN/TC 331 and UPU, under the frame of the
Memorandum of Understanding between UPU and CEN.
This European Standard shall be given the status of a national standard, either by publication of an identical text
or by endorsement, at the latest by July 2005, and conflicting national standards shall be withdrawn at the latest
by July 2005.
This document has been prepared under a mandate given to CEN by the European Commission and the
European Free Trade Association, and supports essential requirements of EU Directive(s).
1)
This document (EN 14615:2005) is the CEN equivalent of UPU standard S36-4. It may be amended only after
prior consultation, between CEN/TC 331 and the UPU Standards Board, in accordance with the Memorandum of
Understanding between CEN and the UPU.
2)
The UPU’s contribution to the standard was made, by the UPU Standards Board and its subgroups, in
accordance with the rules given in Part V of the "General information on UPU standards".
This document is the first version of EN 14615, but corresponds to the fourth version (S36-4) of UPU standard
S36, the revision history of which can be found in the Foreword of the UPU versions of the specification.
This document includes a Bibliography.
According to the CEN/CENELEC Internal Regulations, the national standards organisations of the following
countries are bound to implement this European Standard: Austria, Belgium, Cyprus, Czech Republic, Denmark,
Estonia, Finland, France, Germany, Greece, Hungary, Iceland, Ireland, Italy, Latvia, Lithuania, Luxembourg, Malta,
Netherlands, Norway, Poland, Portugal, Slovakia, Slovenia, Spain, Sweden, Switzerland and United Kingdom.

1) The Universal Postal Union (UPU) is the specialised institution of the United Nations that regulates the universal postal service. The
postal services of its 189 member countries form the largest physical distribution network in the world. Some 5 million postal employees
working in over 660 000 post offices all over the world handle an annual total of 425 billion letters-post items in the domestic service and
almost 6,7 billion in the international service. Some 4,5 billion parcels are sent by post annually. Keeping pace with the changing
communications market, posts are increasingly using new communication and information technologies to move beyond what is traditionally
regarded as their core postal business. They are meeting higher customer expectations with an expanded range of products and value-added
services.
2) The UPU's Standards Board develops and maintains a growing number of standards to improve the exchange of postal-related
information between posts, and promotes the compatibility of UPU and international postal initiatives. It works closely with posts, customers,
suppliers and other partners, including various international organisations. The Standards Board ensures that coherent standards are
developed in areas such as electronic data interchange (EDI), mail encoding, postal forms and meters. UPU standards are published in
accordance with the rules given in Part VII of the General information on UPU standards, which can be freely downloaded from the UPU
world-wide web site (www.upu.int).
Introduction
The transition from letterpress to digital printing provides the opportunity for a more effective way to communicate
information on postal items. Current Postmarks include information such as postage value, date of posting and
equipment identification, but this information is not readily machine readable. The emergence of digital printing
and image processing technologies offers the opportunity to encode critical data in the form of digital postage
marks (DPMs) which are more suitable for computer data capture. However, the adoption of these technologies
requires careful study, both to maximise the benefits from their introduction and because digital printing
technology might bring with it the need for different security measures than those commonly used in association
with letterpress printing.
The document identifies a variety of factors which need to be considered in the DPM design process. It has three
main purposes. It is intended to serve as:
a) a standard process: for the design of applications using digital postage marks;
b) a guide: to help in structuring local standards for digital postage marks;
c) a cross reference: to point to other standards and documents related to DPM applications.
It is stressed that the factors identified are intended to be representative and do not constitute an exhaustive list.
Similarly, the document provides many examples of possible architectures and design solutions to the issues
which are raised. These are non-normative. They are given for illustrative purposes only and there certainly exists
a wide range of other possibilities which are not described. It is not intended to suggest that any one architecture
or design or technical solution described is in any way required or in any way superior to any other, whether
described herein or not.
The implementation of certain of the techniques described in the informative sections of this specification might
involve the use of intellectual property that is the subject of patent rights. It is the responsibility of users of the
standard to conduct any necessary patent searches and to ensure that any pertinent patents are in the public
3)
domain; are licensed or are avoided. Neither CEN nor the UPU can accept any responsibility in case of
infringement, on the part of users of this document, of any third party intellectual property rights. Nevertheless,
document users and owners of such rights are encouraged to advise the Secretariat of the UPU Standards Board
and/or of CEN/TC 331 of any explicit claim that any technique or solution described herein is protected by patent
in any CEN or UPU member country. Any such claims will, without prejudice, be documented in the next update of
this standard, or otherwise at the discretion of the Standards Board, respectively CEN/TC 331. Annex K of this
document lists the intellectual property rights brought to the attention of CEN/TC 331 and the UPU Standards
Board prior to approval of the publication of this version of the standard.
NOTE The mention of intellectual property rights, in Annex K, is on a ‘without prejudice’ basis. That is, such mention indicates only that some
party has expressed the view that use of the standard might, in some circumstances, infringe the mentioned intellectual property rights. It
should not be taken as in any way confirming the validity of such view and users should conduct their own patent searches to determine
whether the mentioned IPR is in fact applicable to their specific case.

3) Mail service contractors are advised to ensure that reliance on patented approaches does not inadvertently lead to the
creation of an effective monopoly. This could occur, even if usage of the approaches concerned is licensed by the mail service
contractor, unless the terms of the licensing agreement commit the patent holder to making licences available, on appropriate
terms, to the mail service contractors customers and suppliers, including competitors of the patent holder.
1 Scope
This document specifies a recommended procedure for the development of specifications for applications of
digital postage marks (DPMs) – i.e. applications linked to the use of digital printing and image data capture
technologies in the postal industry, most particularly for the evidencing of postage accounting and/or payment. It
is not intended to prescribe or to recommend any particular architecture or design for such applications, only to
specify the process through which such an architecture or design should be developed.
NOTE 1 For this reason, the standard includes both normative and informative content. Clauses 1 to 5 and Annex A are normative,
whilst the remaining annexes are informative. Non-normative (informative) clauses are indicated as such in the heading.
The process described is based on a cyclic model, involving business planning; systems analysis; security
analysis and detailed DPM design.
The defined process is a recommended one only and DPM applications designers are not obligated to follow it.
However, its use is intended to ensure both that all relevant aspects are taken into account in the design process
and that the resulting specifications have a degree of commonality of structure which make them comparable with
similar specifications produced by other parties. It is hoped that this will make them more easily intelligible, and
less open to ambiguity, for implementers.
It is assumed that users of the standard are familiar with normal processes involved in the design of computer-
based applications and the standard therefore limits itself to aspects which are specific to DPM applications
design. In particular, the document covers only requirements and considerations relating to applications that use
digital postage marks, on individual postal items, as a means of communicating data (messages). The clause on
design covers only the design of the digital postage marks themselves. It does not cover other aspects of design,
including the possible use of other messages, transported by other means (e.g. statements of mailing), to provide
for the communication of additional data, even though these might be just as important.
The standard assumes, but does not require, that it is desired to implement digital postage marks which conform
to UPU standards S27, S28 and S25 (see Bibliography) and provides a guide to the use of these standards.
However, many of the guidelines, recommendations and checklists would apply equally to the design of DPM
applications using digital postage marks based on symbologies other than those supported by S28, or requiring
data which cannot be accommodated within S25-defined data constructs.
NOTE 2 Though S28 [7] applies only to representation using two-dimensional symbologies and restricts its scope to two of these: Data
Matrix and PDF417, its extension to other symbologies, including linear barcodes and OCR representation of data, is open to consideration.
Users who find that their requirements cannot be met within the defined constraints are therefore encouraged to contact the Secretariat of the
UPU Standards Board, with a view to exploring possible extension of the standard.
NOTE 3 Though S25 [5] defines an initial set of data constructs, it is intended to extend this set on an as-needed basis. Users who find
that their requirements cannot be met by existing data definitions are therefore encouraged to contact the Secretariat of the UPU Standards
Board, with a view to extension of the standard.
2 Normative references
The following referenced documents are indispensable for the application of this document. For dated references, or
references to a version number, only the edition cited applies. For undated references and where there is no reference to a
version number, the latest edition of the referenced document (including any amendments) applies.
4)
UPU Standards glossary
NOTE Though this standard was developed on the assumption that users would wish to base their digital postage mark implementations on
UPU standards S28 [7] and S25 [5], this is not actually a requirement. These two standards, along with many other standards which are
relevant and should desirably be taken into account in the digital postage mark definition process, are therefore listed in the (informative)
Bibliography at the end of the standard.

4) UPU Standards are obtainable from the UPU International Bureau, whose contact details are given in the Bibliography; the
UPU Standards glossary is freely accessible on URL http://www.upu.int
3 Terms and definitions
For the purposes of this document, the terms and definitions given in the UPU Standards glossary and the
following apply.
3.1
alteration
deliberate changing of information present in a DPM
3.2
authentication
process of verifying that the information encoded on a postal item, including in its DPM, is internally consistent
and originates from the source identified on the item
3.3
collusion
cooperation between two or more parties with fraudulent intent
3.4
copying
duplication of an original DPM to produce identical copies and unauthorised use of these copies on postal items
deposited into the postal system
3.5
counterfeiting
unauthorised creation of a symbol that is similar to, or apparently identical with, a legitimate DPM in an attempt to
perpetrate fraud
3.6
countermeasure
action, law, procedure, mechanism or combination thereof that can be taken to detect, deter, frustrate and/or
prevent adversarial attacks on, or inadvertent errors in, a DPM applications system and/or to control or limit the
damage resulting from the occurrence of such attacks or errors
3.7
cryptanalysis
use of mathematical techniques in an attempt to defeat the use of cryptographic methods, particularly in the
context of information security services
3.8
cryptographic validation code
CVC
value, cryptographically derived from selected postal item data, which can be used in verifying the integrity of
such data and authenticating its origin
NOTE A truncated MAC (based on a symmetric cryptographic algorithm) or a digital signature (based on an asymmetric algorithm)
can be used as a CVC. See also exchange validation code (EVC) and C.9.2 and C.9.3.
3.9
data capture
data read
capture and decoding of the machine representation of information contained in a DPM
3.10
data read
see under data capture
3.11
digital postage mark validation
DPM validation
process providing cryptographic or other authentication of the origin and integrity of digital postage mark data
SIST EN 14615:
...