AU2019203286A1 - Method and system for generating and verifying digital credentials - Google Patents

Method and system for generating and verifying digital credentials Download PDF

Info

Publication number
AU2019203286A1
AU2019203286A1 AU2019203286A AU2019203286A AU2019203286A1 AU 2019203286 A1 AU2019203286 A1 AU 2019203286A1 AU 2019203286 A AU2019203286 A AU 2019203286A AU 2019203286 A AU2019203286 A AU 2019203286A AU 2019203286 A1 AU2019203286 A1 AU 2019203286A1
Authority
AU
Australia
Prior art keywords
credential
verification
user
information
authenticator
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Abandoned
Application number
AU2019203286A
Inventor
Winston Weng Loke Lee
Blair Leslie Reid
Daniel Sean Reynolds
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Australian Postal Corp
Original Assignee
Australian Postal Corp
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Priority claimed from AU2018901597A external-priority patent/AU2018901597A0/en
Application filed by Australian Postal Corp filed Critical Australian Postal Corp
Publication of AU2019203286A1 publication Critical patent/AU2019203286A1/en
Abandoned legal-status Critical Current

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F16/00Information retrieval; Database structures therefor; File system structures therefor
    • G06F16/20Information retrieval; Database structures therefor; File system structures therefor of structured data, e.g. relational data
    • G06F16/24Querying
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06KGRAPHICAL DATA READING; PRESENTATION OF DATA; RECORD CARRIERS; HANDLING RECORD CARRIERS
    • G06K19/00Record carriers for use with machines and with at least a part designed to carry digital markings
    • G06K19/06Record carriers for use with machines and with at least a part designed to carry digital markings characterised by the kind of the digital marking, e.g. shape, nature, code
    • G06K19/06009Record carriers for use with machines and with at least a part designed to carry digital markings characterised by the kind of the digital marking, e.g. shape, nature, code with optically detectable marking
    • G06K19/06018Record carriers for use with machines and with at least a part designed to carry digital markings characterised by the kind of the digital marking, e.g. shape, nature, code with optically detectable marking one-dimensional coding
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06KGRAPHICAL DATA READING; PRESENTATION OF DATA; RECORD CARRIERS; HANDLING RECORD CARRIERS
    • G06K19/00Record carriers for use with machines and with at least a part designed to carry digital markings
    • G06K19/06Record carriers for use with machines and with at least a part designed to carry digital markings characterised by the kind of the digital marking, e.g. shape, nature, code
    • G06K19/06009Record carriers for use with machines and with at least a part designed to carry digital markings characterised by the kind of the digital marking, e.g. shape, nature, code with optically detectable marking
    • G06K19/06037Record carriers for use with machines and with at least a part designed to carry digital markings characterised by the kind of the digital marking, e.g. shape, nature, code with optically detectable marking multi-dimensional coding
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06KGRAPHICAL DATA READING; PRESENTATION OF DATA; RECORD CARRIERS; HANDLING RECORD CARRIERS
    • G06K19/00Record carriers for use with machines and with at least a part designed to carry digital markings
    • G06K19/06Record carriers for use with machines and with at least a part designed to carry digital markings characterised by the kind of the digital marking, e.g. shape, nature, code
    • G06K19/067Record carriers with conductive marks, printed circuits or semiconductor circuit elements, e.g. credit or identity cards also with resonating or responding marks without active components
    • G06K19/07Record carriers with conductive marks, printed circuits or semiconductor circuit elements, e.g. credit or identity cards also with resonating or responding marks without active components with integrated circuit chips

Abstract

A method and system for generating and verifying digital credentials, the method including the steps of: receiving, from a terminal computing device, user identification data and authenticator identification data; determining, based on the authenticator identification data, an authenticator system; obtaining identity information of a user based on the user identification data; communicating at least some of the user's identity information to the authenticator system; receiving from the authenticator system credential information associated with the user; and causing the credential information to be stored in association with the user's identity information. r- --- - - - - - - - - - 4-J~ U - UQo fo U)L- M C f U) Y Q) a) I )o 4-LI D - )/ LrLrjC >d rW 4-J 4-J u wU 44-J a)) i . c fL. foQ .4J

Description

METHOD AND SYSTEM FOR GENERATING AND VERIFYING
DIGITAL CREDENTIALS
Technical Field [0001] The present invention generally relates to a method and system for the generation and verification of digital credentials.
Background [0002] Paper-based certificates are commonly relied upon in proving one’s educational background or professional experience. For example, an individual seeking employment may be required by a potential employer to provide the original (or certified copies) of their academic credentials or professional licenses to demonstrate competence or qualification.
[0003] However, one significant disadvantage of these paper-based credentials is the difficulty faced by a third-party, such as a potential employer, in verifying the authenticity of these documents. Although some educational institutions and government departments have started providing online verification services which verify certificates or licenses issued by these organisations, visiting these verification websites and performing the verification processes is generally inconvenient and time consuming.
[0004] On the other hand, the individual providing these paper documents is exposed to the risk that their personal information recorded on these documents, once provided to the third-party, is out of their control, and may be misused or leaked.
[0005] It is desired to address or ameliorate one or more disadvantages or limitations associated with the prior art, or to at least provide a useful alternative.
Summary [0006] According to one aspect of the present invention, provided herein is a computerimplemented method, including the steps of:
receiving, from a terminal computing device, user identification data and authenticator identification data;
determining, based on the authenticator identification data, an authenticator system;
-22019203286 10 May 2019 obtaining identity information of a user based on the user identification data; communicating at least some of the user’s identity information to the authenticator system;
receiving from the authenticator system credential information associated with the user; and causing the credential information to be stored in association with the user’s identity information.
[0007] According to another aspect of the present invention, provided herein is a system for generating and verifying digital credentials, the system including one or more electronic processing devices configured to:
receive, from a terminal computing device, user identification data and authenticator identification data;
determine, based on the authenticator identification data, an authenticator system; obtain identity information of a user based on the user identification data; communicate at least some of the user’s identity information to the authenticator system;
receive from the authenticator system credential information associated with the user; and cause the credential information to be stored in association with the user’s identity information.
Brief Description of the Drawings [0008] Some embodiments of the present invention are hereinafter described, by way of example only, with reference to the accompanying drawings, wherein:
[0009] Fig. 1 is a schematic diagram of an exemplary system for generating and verifying digital credentials;
[0010] Fig. 2 is an exemplary workflow for generating at least one digital credential according to some embodiments;
-32019203286 10 May 2019 [0011] Fig. 3 is an exemplary workflow for generating at least one digital credential according to some other embodiment;
[0012] Fig. 4 is an exemplary workflow for verifying at least one digital credential generated for a user according to some embodiments;
[0013] Fig. 5 is an exemplary workflow for verifying at least one digital credential generated for a user according to some other embodiments;
[0014] Fig. 6 is an exemplary workflow for verifying at least one digital credential generated for a user according to some further embodiments;
[0015] Fig. 7 is an exemplary method executed by the digital credential server 110 for generating at least one digital credential;
[0016] Fig. 8 is a schematic diagram of an example of the digital credential server 110 in Fig. 1;
[0017] Fig. 9 is a schematic diagram of an example of a terminal computing device 120 in Fig. 1;
[0018] Figs. 10 shows examples of data stored in the authenticator databases 154 of Fig. i;
[0019] Figs. 11 shows examples of data stored in the identity database 152 of Fig. 1; and [0020] Fig. 12 shows a schematic example of a digital identity profile of a user.
Detailed Description [0021] Described herein are methods and systems for the generation and verification of one or more digital credentials.
[0022] In at least some embodiments, the described method and system create a digital credential for an individual. The digital credential is authenticated during generation using the individual’s identity information, so that a third-party can trust both the authenticity of the credential and the relationship between the digital credential and the person presenting it.
-42019203286 10 May 2019 [0023] In at least some embodiments, the described method and system also prevent or mitigate the risk of the user’s identity information and credential information being misused or leaked.
[0024] The digital credential created for the user may represent any suitable type of credential issued to an individual, including, e.g.: educational certificates, professional qualifications and licences, documents for proving professional or personal experiences, documents for proving the user’s entitlements, licences, abilities, skills, proficiencies, achievements, accomplishments, or the like. The digital credential may be, in some contexts, be referred to as an “entitlement”.
[0025] The term “user” is intended to refer to the individual to whom the credentials represented by the digital credentials are issued, and for whom the digital credentials are generated.
[0026] The term “authenticator” is intended to refer to an entity that authenticates one or more credentials issued to the user. In some examples, the authenticator may be the issuing institution or organisation that has issued the one or more credentials.
[0027] The term “verification requester” is intended to refer to a person or entity that requests to examine or verify one or more digital credentials generated for the user. The verification requester may be, for example, a potential employer of the user.
General structure of the system [0028] An example of a system for generating and verifying digital credentials will now be described with reference to Fig. 1.
[0029] In this example, the system 100 includes a digital credential server 110 in data communication with at least one terminal computing device 120 via at least one communication network 125, the terminal computing device 120 being operated by a user 130.
[0030] The digital credential server 110 is further communicatively connected with, via at least one communication network 145, an authenticator system 140 including an
-52019203286 10 May 2019 authenticator server 142. The authenticator server 142 is in data communication with at least one local or remote data store 144.
[0031] Via at least one communication network 165, the digital credential server 110 is further communicatively connected with a verification requester system 160, which includes a verification requester server 162, and/or a verification requester terminal device 164 used by a verification requester operator 170.
[0032] Each of the communication networks 125, 145 and 165 may involve direct communication, and/or indirect communication through one or more intermediate electronic processing devices. For example, a terminal device gateway server (not shown) may be provided between the digital credential server 110 and the terminal computing device 120 for controlling the data communication therebetween. A verification requester gateway server may be provided between the digital credential server 110 and the verification requester terminal device 164 for controlling the data communication therebetween. The terminal device gateway server and the verification requester gateway server may take the form of one single server, or different servers.
[0033] The digital credential server 110 includes one or more processors by which a method for generating and/or verifying one or more digital credentials is executed. The digital credential server 110 is further in communication with at least one local or remote data store 150. The local or remote data store 150 may accommodate two databases: an identity database 152 for storing identity information of users such as user 130, and an authenticator database 154 for storing data related to one or more authenticators who authenticate credentials issued to users. Alternatively, the identity database 152 and the authenticator database 154 may be incorporated into a single database, or may be split into three or more databases. Alternatively, instead of using these multiple databases, a distributed ledger may be used to store information and data. A distributed ledger is a database that is consensually shared and synchronized across one or more networks and spread across multiple sites, institutions or geographies.
[0034] The terminal computing device 120 may be any suitable type of terminal electronic device, including, e.g., a mobile telephone handset, a portable computer, a tablet computer, a desktop personal computer, or the like. The terminal computing device 120 includes a capturing module for capturing machine readable information.
-62019203286 10 May 2019 [0035] The machine readable information able to be captured by the capturing module may be in any suitable form readable by an electronic device, e.g., a Quick Response (QR) code, a barcode, a Near Field Communication (NFC) message generated by an NFC tag, or a radio-frequency identification (RFID) message generated by an RFID tag. Alternatively, the machine readable information may be a message communicatable using any suitable wireless communication technologies including Bluetooth, Bluetooth LE, or Wi-Fi.
[0036] In some implementations, the machine readable information is a QR code (or two-dimensional barcode) 122, displayed on a screen of an electronic device or printed on a hard-copy of a document. Correspondingly, the capturing module may be a digital camera module for capturing a digital image of the QR code 122. Alternatively, the QR code may be embedded in a webpage or an electronic document displayed on the terminal computing device 120. Correspondingly, the capturing module may be a software application or software module for detecting and recognizing the QR code.
[0037] In an alternative example, the machine readable information may be a linear or one-dimensional barcode. Correspondingly, the capturing module may be a barcode scanner, or a digital camera module for capturing a digital image of the barcode.
[0038] In a further alternative example, the machine readable information may be a Near Field Communication (NFC) message generated by an NFC tag. Correspondingly, the capturing module may be a NFC reader module that can be used to read the NFC tag.
[0039] In some embodiments, the terminal computing device 120 also includes an outputting module for outputting machine readable information, e.g., a display for displaying machine readable information such as a QR code.
[0040] Preferably, the terminal computing device 120 is a smart phone on which at least one mobile application for generating, managing, and verifying digital credentials can be installed and executed. The mobile application may also be adapted to control the capture of the machine readable information, and to control the data communication with the digital credential server 110.
-72019203286 10 May 2019 [0041] Although only one terminal computing device 120 is shown in Fig. 1, the digital credential server 110 may be in communication with a plurality of terminal computing devices used by the same user 130 or a plurality of different users.
[0042] The verification requester terminal device 164 may also include a capturing module for capturing machine readable information, e.g., a digital camera module for capturing a QR code, or a barcode scanner for scanning a barcode. In some embodiments, the verification requester terminal device 164 also includes an output module for outputting machine readable information, e.g., a display for displaying machine readable information, such as a QR code.
[0043] Preferably, the verification requester terminal device 164 is a smart phone on which at least one mobile application for verifying digital credentials can be installed and executed. The mobile application may also be adapted to control the capture of machine readable information, and to control the data communication with the digital credential server 110.
Establishment of one or more credentials [0044] Fig. 2 illustrates an exemplary workflow 200 implemented by the system 100 for creating at least one digital credential for the user 130.
[0045] At step 202, the user 130 uses the terminal computing device 120 to capture machine readable information associated with a credential issued to the user 130, e.g., through a digital camera module of the terminal computing device 120.
[0046] In this embodiment, the machine readable information is a QR code 122.
[0047] The QR code 122 may be embedded in a webpage displayed on a screen of another electronic device used by the user 130. For example, the user may be visiting a website for online renewal of a driver’s licence issued to the user 130, and a QR code may be displayed on the licence renewal webpage.
[0048] Alternatively, the QR code 122 may be printed on or attached to a hard-copy of a document related to the credential issued to the user 130. For example, a paper copy of an academic certificate may be issued to the user 130 upon the user’s completion of a specific
-82019203286 10 May 2019 educational course, and the QR code 122 may be printed on or attached to that academic certificate.
[0049] The QR code 122 may be uniquely associated with an issuer that has issued the credential, or an authenticator that provides an authentication service for the credential. Accordingly, it is possible that an identical QR code may be associated with a plurality of credentials issued by that issuer or authenticatable by that authenticator, so that a plurality of users receiving different type of credentials issued by the same party or authenticatable by the same authenticator may have the same QR code associated with their credentials. In this case, the QR code may contain a unique identifier for identifying the issuer or the authenticator.
[0050] Alternatively, the QR code 122 may be uniquely associated to a specific type or version of credential issued by an issuer or authenticatable by an authenticator. For example, an educational institution may have issued different types of academic degree, each type being associated with a different QR code.
[0051] Alternatively, the QR code 122 may be uniquely associated to a specific credential issued to an individual. In this case, the QR code may contain an identifier for identifying the specific credential, e.g., a licence number of a driver’s licence, or a certificate number of an academic certificate.
[0052] The QR code 122 may have been generated by the digital credential server 110 when an issuer or authenticator registers with the digital credential service, and provided to that issuer or authenticator so as to allow the issuer or authenticator to subsequently provide it to users, e.g., the user 130. Alternatively, the QR code 122 may be generated by the issuer or authenticator, and subsequently communicated to the digital credential server 110. Alternatively, the QR code 122 may be generated by an issuer registration server (not shown in Fig. 1) or an authenticator registration server (not shown in Fig. 1) performing a registration process that allows the issuer or authenticator to register to the digital credential service, these servers being in data communication with the digital credential server 110 or the authenticator database 154.
[0053] At step 204, the terminal computing device 120 sends to the digital credential server 110 at least the following data:
-92019203286 10 May 2019 user identification data for identifying the user 130 or the terminal computing device 120;and authenticator identification data for identifying the authenticator that authenticates the credential.
[0054] These data items may be sent in a single message, e.g., a credential establishment request.
[0055] Alternatively, they may be sent separately to the digital credential server 110. For example, the credential establishment request may include only the data for identifying the authenticator that authenticates the credential, while the user identification data may be sent to the digital credential server 110 before or after the credential establishment request. In some embodiments, the user identification data may be sent to the digital credential server 110 before the terminal computing device 120 captures the QR code 122.
[0056] The user identification data may include a device identification (device ID) of the terminal computing device 120. The device ID is a distinctive alphanumeric sequence or number uniquely associated with a mobile phone or similar terminal device, e.g., a hardware serial number, the unique device ID for an iOS device, or the Android device ID for an Android device.
[0057] Alternatively, the user identification data may include an encrypted device identifier generated based on the device ID.
[0058] Alternatively, the user identification data may include a user identifier (user ID), e.g., a distinctive alphanumeric sequence or number, uniquely associated with the user 130.
[0059] As indicated above, also sent to the digital credential server 110 by the terminal computing device 120 is the authenticator identification data for identifying the authenticator that authenticates the credential.
[0060] In some embodiments, the authenticator identification data may be a digital image including the QR code 122 captured by the terminal computing device 120.
[0061] Alternatively, the authenticator identification data may be an issuer identifier associated with the issuer who issued the credentials, or an authenticator identifier associated
-102019203286 10 May 2019 with an authenticator of the credential, extracted by the terminal computing device 120 from the QR code 122.
[0062] For example, the mobile application executed on the terminal computing device 120 may include a QR code recognition function that automatically detects and locates the QR code 122 in the image captured by the digital camera module, and extracts the authenticator identification data from the QR code 122.
[0063] Optionally, in addition to the user identification data and the authenticator identification data, the credential establishment request may further contain other suitable information, e.g., some identity information associated with the user 130 such as the user’s name, date of birth, and/or passport number, and/or other data extracted from the QR code.
[0064] At step 206, upon receiving the credential establishment request from the terminal computing device 120, the digital credential server 110 extracts from the credential establishment request the user identification data and the authenticator identification data.
[0065] At step 208, based on the authenticator identification data, the digital credential server 110 identifies an authenticator system 140 for authenticating the credential.
[0066] When the authenticator identification data includes the issuer identifier or authenticator identifier extracted by the terminal computing device 120 from the QR code 122, in order to identify the authenticator system 140, the digital credential server 110 may query the authenticator database 154, which stores relationship information which may be queried to determine, for a given user identifier or authenticator identifier, a corresponding authenticator system.
[0067] Alternatively, if the authenticator identification data includes the QR code 122, e.g., a digital image of the QR code 122, the digital credential server 110 may first execute an image processing step to extract the issuer identifier or authenticator identifier from the QR code, e.g., by executing a QR code recognition software module, and then query the authenticator databases 154 using the extracted issuer identifier or authenticator identifier.
[0068] The relationships between issuer identifiers or authenticator identifiers and their corresponding respective authenticator servers may be stored in the authenticator database 154 during an issuer or authenticator registration process, in which an issuer or authenticator
- 112019203286 10 May 2019 of credentials registers to the digital credential service. As mentioned hereinbefore, in some embodiments, the authenticator database 154 may be provided in the form of a distributed ledger or part of a distributed ledger.
[0069] During the issuer or authenticator registration process, the digital credential server 110 or a separate issuer registration server or authenticator registration server may assign to each issuer or authenticator registering to the digital credential service an issuer identifier, an authenticator identifier, or a QR code including the issuer identifier or the authenticator identifier, and store the corresponding relationship between the authenticator server specified by the issuer or the authenticator, and the corresponding issuer identifier or authenticator identifier, into the authenticator database 154, e.g., in the form of Table 1010 shown in Fig. 10.
[0070] In this example, based on the authenticator identification data the digital credential server 110 identifies that authenticator server 142 of authenticator system 140 can authenticate the credential.
[0071] Next, at step 210, the digital credential server 110 obtains identity information of the user 130 based on the user identification data, e.g., by retrieving identity information of the user 130 from identity database 152.
[0072] In identity database 152, the identity information of a user may be stored in association with the user identification data (e.g., a user ID), for example, in the form of a Table 1110 as shown in Fig. 11. As mentioned hereinbefore, in some embodiments, the identity database 152 may be provided in the form of a distributed ledger or part of a distributed ledger.
[0073] Table 1110 includes:
a data field 1112 including a plurality of user IDs; and a data field 1114 including identity information corresponding to each user ID.
[0074] The identity information in the data field 1114 includes one or more identity attributes associated with a person, each identity attribute representing a piece of information relating to the identity of that person. For example, the identity attribute(s) associated with a person may but does not necessarily include one or more of the following: a person’s name,
- 122019203286 10 May 2019 gender, date of birth (DoB), residential address, nationality, identification number, passport number, and driver's license number.
[0075] Table 1110 may be created by the digital credential server 110 in a user registration process prior to the authorisation process. The user identification data such as the user ID may be received by the digital credential server 110 from the terminal computing device 120, or generated by the digital credential server 110 itself.
[0076] In an exemplary user registration process, the digital credential server 110 receives from the terminal computing device 120 identity information of a user and the user identification data (e.g., a user ID or device ID), and stores identity information of the user in association with the user identification data (e.g., the device ID or user ID) in the identity database 152. The identity information of each user may be stored in a digital identity profile created for that user.
[0077] Alternatively, the user registration process may be performed by a user registration server (not shown in Fig. 1) different from the digital credential server 110, the user registration server creating Table 1110 and storing it in the identity database 152 to which the digital credential server 110 has access.
[0078] As shown by Table 1110 in Fig. 11, identity information for different users may include different numbers and/or types of identity attributes.
[0079] Alternatively, all users may be required to provide the same identity attribute(s), as shown by Table 1120 in Fig. 11.
[0080] The user’s identity information stored in the identity database 152 may be encrypted, e.g., using a symmetric key or an encryption key of a key pair generated for the user 130 so that the decryption key is stored only in the terminal computing device 120. This may ensure that the digital credential server 110 cannot access the actual data of the user’s identity information without the consent or authorisation from the user 130. Further, the decryption key stored in the user’s terminal computing device 120 may be stored in a secure data store, e.g., a data store protected by a Personal Identification Number (PIN), password, the user biometrics and the like.
- 132019203286 10 May 2019 [0081] In some other implementations, the identity information of the user 130 may be stored in the memory of the terminal computing device 120, e.g., in a secure data store of the terminal computing device 120, which may be protected by a PIN, password, user biometrics etc. In order to create the digital credential, the terminal computing device 120 sends the identity information as identity information data to the digital credential server 110, e.g., in or after the credential establishment request. The sever 110 then extracts the user’s identity information from the identity information data received from the terminal computing device 120.
[0082] Optionally, at step 212, the digital credential server 110 may send a confirmation request message to the terminal computing device 120, requesting the user’s confirmation of authorisation to release their identity information to the authenticator server 142 for the purpose of generating the digital credential.
[0083] At step 214, the user 130 may confirm their authorisation to release their identity information by operating the terminal computing device 120, e.g., by tapping or pressing a “confirm” button displayed on a touch screen of the terminal computing device 120. The user’s confirmation may trigger the terminal computing device 120 to send a confirmation message to the digital credential server 110.
[0084] At step 216, the digital credential server 110 communicates at least some of the user’s identity information to the authenticator server 142 identified in step 208, e.g., by sending the at least some of the user’s identity information to the authenticator server 142.
[0085] Alternatively, the digital credential server 110 may communicate or make available the identity information of the user to the authenticator server 142 in any other suitable manner. For example, the user’s identity information may be stored temporarily in a data store to which the authenticator server 142 has access, and a link or pointer referencing a location in the data store where the identity information is stored may be sent by the digital credential server 110 to the authenticator server 142, instead of sending the identity information directly.
[0086] At step 218, the authenticator server 142 retrieves the credential information based on the received identity information of the user. This may be carried out, for example, by querying the authenticator database 144 which stores credential information of one or
- 142019203286 10 May 2019 more credentials in association with identity information of the users to whom the one or more credentials are issued. For each credential, the related credential information may include one or more credential attributes, each credential attribute being a piece of information related to that credential.
[0087] For example, where the credential is a driver’s licence, the authenticator database 144 may be a database storing detailed information of a plurality of driver’s licences issued by an issuing institution, e.g., a state government. For each driver’s licence, the authenticator database 144 may store the following credential attributes:
(a) First name of the licence holder;
(b) Last name of the licence holder;
(c) Date of Birth of the licence holder;
(d) Gender of the licence holder;
(e) Address of the licence holder;
(f) Signature of the licence holder;
(g) Licence number;
(h) Licence expiry date;
(i) Licence issuer;
(j) Licence type; and (k) Licence conditions.
[0088] Where the user’s identity information received from the digital credential server 110 includes a user’s first name, last name, and date of birth (DoB), the authenticator server 142 can then retrieve from the authenticator database 144 some or all of the credential attributes (a) - (k) associated with that name and DoB.
[0089] As another example, where the credential is an academic certificate, the authenticator database 144 may be a database storing detailed information of a plurality of academic certificates issued by an educational organisation, e.g., a university. For each academic certificate, the authenticator database 144 may store the following credential attributes:
- 152019203286 10 May 2019 (l) Name of the student;
(m) Date of Birth of the student;
(n) Address of the student;
(o) Name of the course;
(p) Name of the degree;
(q) Graduation year;
(r) Student number; and (s) Name of the issuing organisation.
[0090] Where the user’s identity information received from the digital credential server 110 includes a user’s first name, last name, and date of birth (DoB), the authenticator server 142 can then retrieve from the authenticator database 144 some or all of the credential attributes (1) - (s) associated with that name and DoB.
[0091] At step 220, the authenticator server 142 sends at least some of the retrieved credential information to the digital credential server 110, e.g., in a credential confirmation message.
[0092] Alternatively, if the authenticator server 142 cannot identify any credential information that matches the user’s identity information received from the digital credential server 110, the authenticator server 142 may return a confirmation failure message to the digital credential server 110 (not shown), indicating that credential information cannot be successfully identified.
[0093] If the credential confirmation has been successfully retrieved, optionally, upon receiving the credential confirmation message from the authenticator server 142, the digital credential server 110 may send a notification to the terminal computing device 120, requesting the user’s confirmation that the credential information may be stored in association with their identity information, e.g., in the same digital identity profile that stores the identity information of the user. Some or all of the credential information received from the authenticator server 142 may be sent by the digital credential server 110 to the terminal computing device 120 for the user’s review.
- 162019203286 10 May 2019 [0094] At step 224, the user 130 may confirm their authorisation for the storage of the credential(s) as their digital credential(s), and the addition of them to their digital identity profile. This may be conducted by the user 130 operating the terminal computing device 120, e.g., by tapping or pressing a “confirm” button displayed on a touch screen of the terminal computing device 120. The user’s confirmation may trigger the terminal computing device 120 to send a confirmation message to the digital credential server 110.
[0095] In some cases, credential information of more than one credential associated with the user may be retrieved from the authenticator database 144 and sent from the authenticator server 142 to the digital credential server 110. Accordingly, the digital credential server 110 may send at least some credential information of each of these identified credentials to the terminal computing device 120, so that the user 130 may confirm whether the user wishes to add all of these credentials to their digital identity profile. The user 130 may be allowed to select one or more of these credentials to add to their digital identity profile, while the unselected credentials may be abandoned.
[0096] Upon receiving the user’s confirmation, the digital credential server 110 then stores at step 226 the credential information of the one or more confirmed or selected credentials in association with the user’s identity information, e.g., by storing them in the same digital identity profile that stores the user’s identity information. In order to increase the security of the credential information when being stored in the identity database 152, the credential information may be encrypted so that it can only be decrypted using a decryption key controlled by the user, e.g., a decryption key stored in a secure data store of the terminal computing device 120, protected by a PIN or password specified by the user, the user’s biometrics, and/or other authentication mechanism.
[0097] In some embodiment, the credential information may be encrypted using a oneto-many encryption key. That is, a common encryption key is used for encrypting the credential information of a plurality of credentials of the user 130, while each credential needs to be decrypted using a different decryption key. The corresponding plurality of decryption keys for the plurality of credentials are stored at the terminal computing device 120, e.g., in a secure data store of the terminal computing device 120, protected by a PIN or password specified by the user, the user’s biometrics, and/or another authentication mechanism.
- 172019203286 10 May 2019 [0098] Fig. 12 shows an example 1210 of a digital identity profile stored in the identity database 152. In the digital identity profile 1210, two digital credentials including a driver’s licence and an academic certificate have been established for the user.
[0099] Finally, at step 228, a message may optionally be sent to the terminal computing device 120 to notify the user 130 that the digital credential(s) have been successfully established.
[00100] In some alternative implementations, the generated digital credential(s) together with the identity information of the user may be stored in the terminal computing device 120 rather than in identity database 152. For example, the digital profile including the identity information and the digital credential(s) may be stored in a secure data store of the terminal computing device 120, which may be protected by a PIN, password, user biometrics etc. Accordingly, instead of storing the credential information in the identity database 152 at step 226, the digital credential server 110 may send the credential information to the terminal computing device 120 for storage.
[00101] As described above, according to at least some embodiments, the workflow 200 allows one or more digital credentials to be generated and authenticated in a convenient manner.
[00102] Fig. 3 illustrates an alternative exemplary workflow 300 implemented by the system 100 for creating at least one digital credential for the user 130.
[00103] In this embodiment, an authenticator may require one or more specified identity attributes to be provided by a user for authenticating a credential. For example, an authenticator that authenticates driver’s licences may specify that the user must provide their name and address. As another example, an authenticator for academic certificates may require the use to provide their name and date of birth.
[00104] The required identity attributes may be specified in the authenticator registration process, and stored in association with each authenticator identifier in the authenticator database 154, e.g., as shown in Table 1020 of Fig. 10.
[00105] Optionally, an authenticator may further require one or more specified credential attributes to be provided by a user for authentication of a credential. For example, an
- 182019203286 10 May 2019 authenticator that authenticates driver’s licences may specify that the user must provide their licence number in addition to the required identity information. As another example, an authenticator for academic certificates may require the use to provide their student number in addition to the required identity information. The required data items related to the credential may also be referred to as required credential attributes.
[00106] The required credential attributes may be specified in the authenticator registration process, and stored in association with each authenticator identifier in the authenticator database 154.
[00107] In some implementations, an authenticator may provide authentication for a plurality of types of credentials, and for each type of credential the authenticator may require different identity attributes and/or different credential attributes to be provided. The required identity attributes and/or credential attributes may be specified in the authenticator registration process, and stored in association with each authenticator identifier in the authenticator database 154. Such an example is shown by Table 1030 of Fig. 10.
[00108] Referring back to Fig. 3, the workflow 300 allows the system 100 to guide the user to provide the identity attribute(s) and credential attribute(s) required by the authenticator. Alternatively, some or all of the required identity attribute(s) and credential attribute(s) may be automatically retrieved from a data store of the terminal computing device 120.
[00109] Similar to step 202 in Fig. 2, at step 302, the user 130 uses the terminal computing device 120 to capture the machine readable information such as a QR code 122.
[00110] At step 304, the terminal computing device 120 sends to the digital credential server 110 the user identification data and the authenticator identification data, e.g., in a credential establishment request.
[00111] At step 306, the digital credential server 110 extracts from the credential establishment request the user identification data and the authenticator identification data.
[00112] At step 308, based on the authenticator identification data, the digital credential server 110 identifies an authenticator server 142 for authenticating the credential, e.g., by querying the authenticator databases 154.
- 192019203286 10 May 2019 [00113] Next, at step 310, the digital credential server 110 retrieves from the identity database 152 identity information of a user based on the user identification data.
[00114] As described hereinbefore, optionally, an authenticator may further specify one or more identity attributes to be provided by a user for authentication of a credential.
[00115] Some of the user’s identity attributes may have already been provided by the user through a user registration process. However, these identity attributes may include only part of the required identity attributes for authenticating the credential.
[00116] Accordingly, at step 312, the digital credential server 110 determines whether all of the identity attributes required for authenticating the credential have been obtained, e.g., whether they have been retrieved from the identity database 152.
[00117] If all of the identity attributes required for authenticating the credential have been obtained from the identity database 152, the digital credential server 110 may proceed to execute step 322.
[00118] If not, the digital credential server 110 identifies at step 314 additional identity attributes required for authenticating the credential, the additional identity attributes being the required identity attributes that are not available in the identity database 152.
[00119] Next, at step 316, the digital credential server 110 notifies the terminal computing device 120 of the additional identity attributes.
[00120] The terminal computing device 120 then guides the user 130 to input the required additional identity attributes at step 318, and sends these additional identity attributes to the digital credential server 110 at step 320.
[00121] In an alternative embodiment (not illustrated) the additional identity attributes are automatically retrieved from a secure data store of the terminal computing device. These attributes may have been previously entered into the data store by the user 130.
[00122] At step 322, the digital credential server 110 determines again whether all of the identity attributes required for authenticating the credential have been obtained. If not, the digital credential server 110 returns to step 314 to identify the additional identity attributes that have not yet been obtained.
-202019203286 10 May 2019 [00123] If it is determined that all of the identity attributes required for authenticating the credential have been obtained, the digital credential server 110 proceeds to perform step 324 or step 330, as described as follows.
[00124] As described hereinbefore, optionally, an authenticator may further specify one or more credential attributes to be provided by a user for authentication of a credential.
[00125] Accordingly, at step 324, the digital credential server 110 may determine whether there is any credential attribute required for authenticating the credential, e.g., by querying the authenticator database 154.
[00126] If digital credential server 110 determines that one or more credential attributes are required for authenticating the credential, the digital credential server 110 then sends a message at step 326 to notify the terminal computing device 120 of the credential attributes required.
[00127] The terminal computing device 120 then guides the user to input the required credential attributes at step 328, and sends these credential attributes to the digital credential server 110 at step 330.
[00128] As described above, alternatively the terminal computing device 120 may automatically retrieve credential attributes from a secure data store of the terminal computing device, and communicate the retrieved credential attributes to the digital credential server 110.
[00129] Alternatively, steps 324 - 330 of identifying the required credential attributes and receiving these credential attributes from the terminal computing device 120 may be performed prior to retrieving the identity information of the user.
[00130] At step 332, the digital credential server 110 communicates the required identity attributes of the user and the required credential attributes to the authenticator server 142 identified in step 308.
[00131] At step 334, the authenticator server 142 retrieves the credential information based on the identity attributes of the user, and the credential attributes, received from the digital credential server 110, e.g., by querying the authenticator database 144.
-21 2019203286 10 May 2019 [00132] At step 336, the authenticator server 142 sends at least some of the retrieved credential information to the digital credential server 110, e.g., in a credential confirmation message. Optionally, the credential confirmation message may only include the credential attributes that have not been obtained by the digital credential server 110. These credential attributes may be referred to as the “additional credential attributes”.
[00133] Alternatively, if the authenticator server 142 cannot identify any credential information that matches the user’s identity information and credential attributes received from the digital credential server 110, the authenticator server 142 may return a confirmation failure message to the digital credential server 110, indicating that credential information cannot be successfully identified (not shown).
[00134] At step 338, the digital credential server 110 stores the credential information received from the authenticator server 142 in association with the user’s identity information, e.g., by storing them in the same digital identity profile that stores the user’s identity information, as shown by 1210 in Fig. 12.
[00135] Alternatively, as described hereinbefore, the credential information and the identity information may be sent to the terminal computing device 120 for storage.
[00136] Finally, at step 340, a message may optionally be sent to the terminal computing device 120 to notify the user 130 that the credentials have been successfully established.
[00137] The workflow 300 allows the digital credential server 110 to automatically identify the missing identity attributes and/or credential attributes, and to guide the user to input all of the required attributes. This may prevent, or reduce the chances of the user missing one or more attributes required by the authenticator, and the consequent failure of authentication.
Verification of one or more credentials [00138] Fig. 4 illustrates an exemplary workflow 400 implemented by the system 100 for verification of one or more digital credentials.
[00139] In this embodiment, the user 130 who has generated one or more digital credentials may allow their digital credentials to be checked by a verification requester. The
-222019203286 10 May 2019 verification requester may be represented by the verification requester operator 170 using the verification requester terminal device 164. Alternatively, the verification requester may conduct the verification using the verification requester server 162.
[00140] The verification process may be performed when the user 130 and the verification requester operator 170 meet in person. The verification requester operator 170 uses a verification requester terminal device 164 to capture machine readable verification request information displayed on the terminal computing device 120, which is used by the user 130.
A credential verification request is then sent from the verification requester terminal device 164 to the digital credential server 110. The digital credential server 110 then communicates at least some of the credential information to the verification requester terminal device 164, so that the credential information can be confirmed or examined by the verification requester operator 170.
[00141] The verification process may be initiated by the user 130 operating the terminal computing device 120. For example, at step 402, the user 130 may be allowed to select one or more digital credentials that have been generated in their digital identity profile to be released to the verification requester system 160 such as the verification requester terminal device 164. The selected digital credential(s) may be represented by credential identification data, which can be used by the digital credential server 110 to subsequently retrieve the credential information of the selected digital credential(s).
[00142] Alternatively, the user 130 may operate the terminal computing device 120 to authorise release of all the digital credentials that have been generated for the user 130 to the verification requester terminal device 164.
[00143] In some implementations, the digital credentials to be released may be determined by the terminal computing device 120 based on a machine readable information captured by the terminal computing device 120, e.g., a QR code captured by the terminal computing device 120. For instance, the QR code may be displayed on the verification requester terminal device 164, or attached to or placed in the venue where the verification requester operator 170 is located.
[00144] As described hereinbefore, when being stored in the identity database 152, the credential information may be encrypted so that it can only be decrypted using a decryption
-232019203286 10 May 2019 key controlled by the user, e.g., a decryption key stored in a secure data store of the terminal computing device 120, protected by a PIN specified by the user or the user’s biometrics.
[00145] Accordingly, in order to allow the verification of the credential information, at step 404 the user may retrieve the decryption key for decrypting the credential information. For example, the user may input their PIN for protecting the secure data store in the terminal computing device 120 where the decryption key is stored, to allow the terminal computing device 120 to retrieve the decryption key. In some embodiments, each of the user’s digital credentials may be encrypted using a different encryption key, and thus may require a different decryption key for decryption. Accordingly, at step 404 multiple decryption keys corresponding to the digital credentials selected in step 402 may be retrieved.
[00146] At step 406, the user 130 may specify the verification requester by operating the terminal computing device 120. For example, the mobile application executed on the terminal computing device 120 may guide the user 130 to input a name or other suitable form of unique identifier of a verification requester, or to select a verification requester from a predefined verification requester list including a plurality of verification requesters.
[00147] Alternatively, the verification requester may be specified by the user inputting or selecting a name or other suitable form of unique identifier related to the verification requester operator 170 or the verification requester terminal device 164.
[00148] The verification requester specified by the user 130 may be represented by verification requester data.
[00149] At step 408, the user 130 may specify a time range for the verification. For example, the user may specify that their authorisation for sharing their credential information to the verification requester may expire 24 hours after the QR code is generated. The time range specified by the user 130 may be represented by verification time data.
[00150] Optionally, at step 410, the terminal computing device 120 may encrypt the credential decryption key retrieved at step 404 for transmission to the digital credential server 110.
[00151] The encryption may be asymmetric or symmetric. For example, if the encryption is asymmetric, a public key of a key pair generated for the user 130 may be used as the
-242019203286 10 May 2019 encryption key, wherein the private key of that key pair is associated with and managed by the digital credential server 110. Alternatively, if the encryption is symmetric, a key known to the user 130 and the digital credential server 110 may be used as the encryption key. In some embodiments, the encryption may be both symmetric and asymmetric, i.e., a symmetric credential key is used for the encryption of the credential information, the symmetric key is then asymmetrically encrypted using a public key of a key pair at step 410, which can be decrypted at the digital credential server 110 by using the corresponding private key of the key pair.
[00152] In some implementations, the terminal computing device 120 does not only encrypt the credential decryption key, but also other information specified or selected by the user 130, for example, one or more of the following:
• credential identification data, indicating the one or more credentials specified in step 402;
• verification requester data, indicating the verification requester specified in step 406; and • verification time data, indicating the verification time range specified in step 408.
[00153] Optionally, at step 412, the terminal computing device 120 may pack the credential decryption key encrypted in step 410, the credential identification data, the verification requester data, and the verification time data, into a verification authorisation message.
[00154] Optionally, the terminal computing device 120 may digitally sign the verification authorisation message using a digital signature. The digital signature may be generated using any suitable digital signature algorithm, e.g., RSA-based signature schemes, SHA, DSA, or Pairing-based schemes.
[00155] In some implementations, the 412 may be performed prior to the encryption step 410, in which case the terminal computing device 120 encrypts the whole digitally signed verification authorisation message, rather than only the credential decryption key. Alternatively, in some other implementations, it may be that only one of the step 410 and the step 412 is performed. Alternatively, in some further implementations, the encryption step 410 and the digital signature step 412 may both be skipped. However, performing at least one
-252019203286 10 May 2019 of the encryption step 410 and the digital signature step 412 may increase the security of the information in the verification authorisation message, especially the credential decryption key.
[00156] At step 414, machine readable information is generated by the terminal computing device 120 based on:
• the verification authorisation message digitally signed in step 412; and • user identification data uniquely associated with the terminal computing device 120 or the user 130.
[00157] The machine readable information may be in any suitable form readable by an electronic device, e.g., a Quick Response (QR) code, a barcode, or a Near Field Communication (NFC) message. Alternatively, the machine readable information may be a message able to be transmitted or communication using any wireless communication technology, including Bluetooth, Bluetooth FE, or Wi-Fi. In this exemplary implementation, the machine readable information is in the form of a QR code.
[00158] The user identification data may be the same as the user identification data used in the credential generation processes as described hereinbefore.
[00159] The QR code may be generated using any suitable QR code encoding algorithm.
[00160] At step 416, the QR code generated in step 414 is displayed on a displaying module such as a screen of the terminal computing device 120.
[00161] At step 422, the verification requester operator 170 uses the verification requester terminal device 164 to capture the QR code displayed by the terminal computing device 120, for example by taking a digital photo of the QR code via a digital camera module of the verification requester terminal device 164.
[00162] Alternatively, the machine readable information may be of any other suitable form, and may be captured by the verification requester terminal device 164 via a suitable capturing module.
[00163] For example, the machine readable information may be a linear or onedimensional barcode. Correspondingly, the capturing module of the verification requester
-262019203286 10 May 2019 terminal device 164 may be a barcode scanner, or a digital camera module for capturing a digital image of the barcode. In some embodiments, the machine readable information may be presented by the terminal computing device together with human readable information, for example a numeric, alphabet, or alphanumeric string. The human readable information uniquely corresponds with the machine readable information and can be input manually into another electronic device, for example the verification requester terminal device 164.
[00164] In an alternative example, the machine readable information may be a NFC message. Correspondingly, the capturing module of the verification requester terminal device 164 may be a NFC reader module that can be used to read the NFC message. In a further alternative example, the machine readable information may be a message communicated via another wireless communication mechanism, such as Bluetooth, Bluetooth LE or Wi-Fi. Correspondingly, the capturing module the verification requester terminal device 164 may be, for example, a Bluetooth or Wi-Fi communication module.
[00165] Upon capturing the machine readable information, at step 424, the verification requester terminal device 164 may decode the verification authorisation message and the user identification data from the captured QR code, and send them to the digital credential server 110 in a credential verification request. The credential verification request may further include verification requester identification data for identifying the verification requester terminal device 164 or the verification requester operator 170.
[00166] This may be controlled by a mobile application executed on the verification requester terminal device 164. For example, the mobile application may include a QR code recognition function that automatically detects the existence and position of the QR code in the digital image captured by the digital camera module, decodes the verification authorisation message and the user identification data from the QR code, and triggers the credential verification request to be generated and sent to the digital credential server 110.
[00167] Upon receiving the credential verification request, at step 426, the digital credential server 110 extracts the digitally signed verification authorisation message, the user identification data, and the verification requester identification data from the credential verification request.
-272019203286 10 May 2019 [00168] At step 428, based on the user identification data, the digital credential server 110 verifies the digital signature of the verification authorisation message. The digital credential server 110 may retrieve from a memory or data store, based on the user identification data, a public key generated for the user 130, and verifies the digital signature based on the public key.
[00169] At step 430, based on the user identification data, the digital credential server 110 retrieves a decryption key generated for the user, and uses the decryption key to decrypt the following information contained in the verification authorisation message.
• credential identification data, indicating the one or more credentials specified by the user 130;
• the credential decryption key;
• verification requester data, indicating the verification requester specified by the user 130; and • verification time data, indicating the verification time range specified by the user 130.
[00170] If the verification of the digital signature or the decryption fails, the digital credential server 110 may return a verification failure message (not shown in Fig. 4) to the verification requester terminal device 164. Otherwise, the digital credential server 110 proceeds to step 432, in which the digital credential server 110 determines whether the verification requester associated with the verification requester identification data matches the verification requester specified by the user 130, as indicated by the verification requester data.
[00171] Further, at step 434, the digital credential server 110 determines whether the time of receiving the credential verification request matches the verification time range specified by the user 130, as indicated by the verification time data.
[00172] If both the verification requester and the verification time match those specified by the user 130, the digital credential server 110 proceeds to step 436.
[00173] At step 436, based on the credential identification data, the digital credential server 110 retrieves credential information of the one or more credentials specified by the user 130 from the identity database 152.
-282019203286 10 May 2019 [00174] At step 438, the digital credential server 110 decrypts the retrieved credential information of the one or more credentials using the credential decryption key extracted from the verification authorisation message.
[00175] At step 440, the digital credential server 110 communicates the credential information to the verification requester terminal device 164, e.g., by sending the credential information to the verification requester terminal device 164.
[00176] Optionally, at step 442, the digital credential server 110 sends a notification to the terminal computing device 120 indicating that the credential information has been successfully communicated to the verification requester terminal device 164.
[00177] Optionally, at step 444, the digital credential server 110 may record information regarding the verification event (e.g. steps 422 - 442) in a verification log. This results in a traceable record of the release of the user’s credential information, to enable subsequent review or auditing.
[00178] At step 446, the credential information is presented by the verification requester terminal device 164 for the verification requester operator 170 to examine or confirm.
[00179] Although in this embodiment the credential information is sent to the verification requester terminal device 164, the credential information may be communicated or made available to the verification requester terminal device 164 or the verification requester server 162 in any other suitable manner.
[00180] For example, the credential information may be stored in a database to which the verification requester terminal device 164 has access, and a link or pointer referencing a location in the database where the credential information is stored may be sent by the digital credential server 110 to the verification requester terminal device 164, instead of sending the credential information directly. This may allow the verification requester operator 170 to confirm or examine the credential information at a later time. Alternatively, the credential information may be sent to or made available to the verification requester server 162 instead of the verification requester terminal device 164.
[00181] In the verification process described above, no direct data communication between the terminal computing device 120 and the digital credential server 110 is required
-292019203286 10 May 2019 for the purpose of releasing the credential information (steps 402- step 440). Therefore, the described process may be used even in the situation when the communication network 125 between the terminal computing device 120 and the digital credential server 110 is not available. This situation may also be referred to as the user 130 being “offline” while the verification requester operator 170 is “online”. The notification sent in the step 442 may be received by the user 130 when access to the communication network 125 is regained at a later time. However, this does not affect the release of the credential information to the verification requester terminal device 164.
[00182] Further, in the verification process described above, the user 130 is allowed to select the credentials to be released, the verification requester, and/or the verification time range. These may improve the security of the credential information of the user, as an unauthorised verification requester may be detected by the digital credential server 110 and subsequently rejected. However, these selections are intended to be optional. In some embodiments, the user may not make these selections, which may increase the speed of the verification process.
[00183] Fig. 5 illustrates another exemplary workflow 500 implemented by the system 100 for verification of one or more digital credentials generated for a user 130.
[00184] In this embodiment, the terminal computing device 120 has access to the communication network 125, and thus is able to communicate with the digital credential server 110 directly. This circumstance may be referred to as the “online verification mode”.
[00185] At step 502, the user 130 selects one or more digital credentials to be released to the verification requester operator 170.
[00186] At step 504, the terminal computing device 120 retrieves the decryption key for decrypting the credential information, e.g., from a secure data store in the terminal computing device 120. The user may be required to input their PIN or biometrics to allow the decryption key to be retrieved. As described hereinbefore, different digital credentials may require different decryption keys.
[00187] At step 506, the user 130 may specify the verification requester by operating the terminal computing device 120.
-302019203286 10 May 2019 [00188] At step 508, the user may specify a time range for the verification by operating the terminal computing device 120.
[00189] At step 510, the terminal computing device 120 generates a verification reference code. The verification reference code may take the form of, for example, a series of alphabet letters, a series of numbers, or an alphanumeric string. The verification reference code may be generated randomly, or following a predetermined rule.
[00190] At step 512, the terminal computing device 120 sends a verification authorisation message to the digital credential server 110. The verification authorisation message contains:
• credential identification data, for identifying the one or more selected credentials;
• the credential decryption key retrieved at step 504;
• verification requester data, indicating the verification requester specified by the user 130; and • verification time data, indicating the verification time range specified by the user 130.
• the verification reference code.
[00191] At step 514, upon receiving the verification authorisation message, the digital credential server 110 retrieves the credential information from the identity database 152 based on the credential identification data contained in the verification authorisation message.
[00192] At step 516, the digital credential server 110 stores in a data store, e.g., a temporary data store accessible to the digital credential server 110, the following information in association with the verification reference code:
• the encrypted credential information;
• the credential decryption key contained in the verification authorisation message;
• verification requester data, indicating the verification requester specified by the user 130;and • verification time data, indicating the verification time range specified by the user 130.
-31 2019203286 10 May 2019 [00193] At step 518, machine readable information such as a QR code is generated by the terminal computing device 120 based on the verification reference code generated in step 510. The QR code may be generated using any suitable QR code encoding algorithm.
[00194] At step 520, the generated QR code is displayed on a displaying module such as a screen of the terminal computing device 120.
[00195] At step 522, the verification requester operator 170 uses the verification requester terminal device 164 to capture the QR code displayed by the terminal computing device 120, for example by taking a digital photo of the QR code via a digital camera module of the verification requester terminal device 164.
[00196] Alternatively, the machine readable information may be of any other suitable form, e.g., a barcode, an NFC message, a Bluetooth message, a Bluetooth FE or a Wi-Fi message. The machine readable information may be captured by the verification requester terminal device 164 via a suitable capturing module.
[00197] Upon capturing the machine readable information, at step 524, the verification requester terminal device 164 may decode the verification reference code from the captured QR code, and send it to the digital credential server 110 in a credential verification request.
[00198] This may be controlled by a mobile application executed on the verification requester terminal device 164. For example, the mobile application may include a QR code recognition function that automatically detects the existence and position of the QR code in the digital image captured by the digital camera module, decodes the verification reference code from the QR code, and triggers the credential verification request to be generated and sent to the digital credential server 110.
[00199] In addition to the verification reference code, the credential verification request may further contain verification requester identification data for identifying the verification requester terminal device 164 or the verification requester operator 170.
[00200] Upon receiving the credential verification request, at step 526, the digital credential server 110 extracts the verification reference code from the credential verification request.
-322019203286 10 May 2019 [00201] At steps 528, based on the verification reference code, the digital credential server 110 extracts, from the temporary data store, the verification requester data that indicates the verification requester specified by the user 130, and determines whether the verification requester associated with the verification requester identification matches the verification requester specified by the user 130.
[00202] Further, at step 530, based on the verification reference code, the digital credential server 110 extracts, from the temporary data store, the verification time data indicating the verification time range specified by the user 130, and determines whether the time of receiving the credential verification request matches the verification time range specified by the user 130.
[00203] If both the verification requester and the verification time match those specified by the user 130, the digital credential server 110 proceeds to step 532, in which the digital credential server 110 retrieves the credential information from the temporary data store, and decrypts the retrieved credential information using the credential decryption key stored at step 516.
[00204] At step 534, the digital credential server 110 sends the credential information to the verification requester terminal device 164. Alternatively, the credential information may be communicated or made available to the verification requester server 162 in any other suitable manner. For example, the credential information may be stored in a database to which the verification requester server 162 has access, and a link or pointer referencing a location in the database where the credential information is stored may be sent by the digital credential server 110 to the verification requester server 162, instead of sending the credential information directly.
[00205] Optionally, at step 536, the digital credential server 110 may send a notification to the terminal computing device 120 indicating that the credential information has been successfully communicated to the verification requester terminal device 164 or verification requester server 162.
[00206] Optionally, at step 538, the digital credential server 110 may record relevant information regarding the verification event (e.g. steps 522 - 534) in a verification log. In this
-332019203286 10 May 2019 way, a traceable record of the sharing of credential information is created, which may be reviewed or audited at a later date.
[00207] At step 540, the credential information is presented by the verification requester terminal device 164 for the verification requester operator 170 to examine or confirm.
[00208] Preferably, at step 542, the digital credential server 110 deletes from the temporary data store the decrypted credential information, the verification reference code and other information stored in association with the verification reference code, such as the verification requester and the verification time range specified by the user 130.
[00209] Alternatively, these data items may be kept in the temporary data store until the verification time range specified by the user 130 has lapsed.
[00210] Fig. 6 illustrates a further exemplary workflow 600 implemented by the system 100 for verification of one or more digital credentials generated for a user 130.
[00211] In this embodiment, the one or more digital credentials to be shared to the verification requester are predetermined by the verification requester rather than the user 130.
[00212] Machine readable information such as a QR code containing:
(i) credential indication data specifying the required credentials; and (ii) a verification requester identification data for identifying the verification requester is generated for the verification requester, and available to be captured by the terminal computing device 120.
[00213] The QR code may be provided in any suitable form that can be captured by the terminal computing device 120 used by the user 130. For example, the QR code may be displayed on a display of an electronic device, printed out on a piece of paper, or attached to any suitable surface that allows it to be captured by the terminal computing device 120.
[00214] At step 602, in order to authorise release of their credential information to the verification requester, the user 130 uses the terminal computing device 120 to capture a digital image of the QR code.
-342019203286 10 May 2019 [00215] At step 604, the terminal computing device 120 retrieves the verification requester identification data and the credential indication data from the QR code.
[00216] Optionally, at step 606, the terminal computing device 120 may display the following information for the user 130 to review and confirm:
• information regarding the verification requester, based on the verification requester identification data; and • the digital credentials required by the verification requester, based on the credential indication data.
[00217] The user 130 may confirm their authorisation to release the credential information of the required credentials to the verification requester by operating the terminal computing device 120, e.g., by touching or pressing a “confirm” button displayed on a touch screen.
[00218] At step 608, the terminal computing device 120 may retrieve the decryption key for decrypting the credential information, e.g., from a secure data store in the terminal computing device 120. The user may be required to input their PIN or biometrics to allow the decryption key to be retrieved.
[00219] At step 610, the terminal computing device 120 sends a verification authorisation message to the digital credential server 110. The verification authorisation message contains:
• the verification requester identification data;
• the credential indication data;
• the credential decryption key; and • user identification data for identifying the terminal computing device 120 or the user 130.
[00220] Upon receiving the verification authorisation message, at step 612, the digital credential server 110 extracts the verification requester identification data, and identifies the verification requester server 162 associated with the verification requester identification data. This may be conducted by querying a verification requester database (not shown in Fig. 1) storing a corresponding relationship between a plurality of verification requester servers and
-352019203286 10 May 2019 a plurality of verification requester identification data. This corresponding relationship may be created and stored during a verification requester register process, in which the verification requester registers to the digital credential service.
[00221] At step 614, the digital credential server 110 retrieves credential information of the required digital credentials from the identity database 152 based on the user identification data and the credential indication data.
[00222] At step 616, the digital credential server 110 decrypts the retrieved credential information using the credential decryption key contained in the verification authorisation message.
[00223] At step 618, the digital credential server 110 communicates the credential information to the verification requester server 162 identified in step 612.
[00224] Optionally, at step 620, the digital credential server 110 sends a notification to the terminal computing device 120 indicating that the credential information has been successfully communicated to the verification requester server 162.
[00225] Optionally, at step 622, the digital credential server 110 may record information regarding the verification event (e.g. steps 610-618) in a verification log. In this way, a traceable record of the sharing of credential information is created for subsequent review, analysis or auditing.
[00226] Further, although in this embodiment the credential information is sent to the verification requester server 162, the credential information may be communicated or made available to the verification requester server 162 in any other suitable manner. For example, the credential information may be stored in a database to which the verification requester server 162 has access, and a link or pointer referencing a location in the database where the credential information is stored may be sent by the digital credential server 110 to the verification requester server 162, instead of sending the credential information directly.
[00227] In this embodiment, as the user does not need to manually specify the verification requester and the credentials to be shared, the speed of the verification process is improved.
-362019203286 10 May 2019 [00228] Further, this embodiment allows the verification requester to specify one or more digital credentials to be released, and to embed the selection in machine readable information. A plurality of users may capture the same machine readable information and release the required credential information to the verification requester. This may significantly improve the efficiency of the verification process.
[00229] Although in the verification process 600, the verification requester server is selected by the digital credential server 110 based on the verification requester identification data contained in the machine readable information. In some other embodiments, the verification requester server may be automatically selected based on predetermined conditions.
[00230] For example, in some embodiments, the verification requester server may be selected based on the geographic location of the terminal computing device 120. In this case, the terminal computing device 120 includes a location detecting module for obtaining its location, and sends the detected location to the digital credential server 110 when authorising the verification.
Workflow of the server [00231] An exemplary method 700 executed by the digital credential server 110 for establishing a digital credential is illustrated in Fig. 7.
[00232] At step 710, the digital credential server 110 receives, from a terminal computing device, user identification data and authenticator identification data, the authenticator identification data being generated based on machine readable information associated with a credential.
[00233] At step 720, the digital credential server 110 determines, based on the authenticator identification data, an authenticator system.
[00234] At step 730, the digital credential server 110 obtains identity information of a user based on the user identification data.
[00235] At step 740, the digital credential server 110 communicates at least some of the user’s identity information to the authenticator system.
-372019203286 10 May 2019 [00236] At step 750, the digital credential server 110 receives from the authenticator system credential information associated with the user.
[00237] At step 760, the digital credential server 110 causes the credential information to be stored in association with the user’s identity information.
[00238] Referring back to Fig. 1, although in the embodiments described hereinbefore the method 700 is executed by the digital credential server 110, in some other implementations, more than one server may be used for implementing the method. For example, a digital identity server (not shown in Fig. 1) may be used in addition to the digital credential server 110 for handling the user’s identity information, e.g., for retrieving the identity information from the identity database 152 and transmitting it to the digital credential server 110.
[00239] In practice, the communications networks 125, 145 and 165 in Fig. 1 may take any appropriate form, such as the Internet and/or one or a number of local area networks (FANs). In practice, the various devices and data stores may communicate via any appropriate mechanism, such as via wired or wireless connections, including, but not limited to mobile networks, private networks, such as an 802.11 network, the Internet, FANs,
WANs, as well as via direct or point-to-point connections, such as Bluetooth. In some implementations, the communications networks 125, 145 and 165 may be the same communications network. In some other implementations, the communications networks 125, 145 and 165 may be the different communication networks.
[00240] An example of a suitable digital credential server 110 of Fig. 1 is shown in Fig. 8.
[00241] In this example, the digital credential server 110 includes at least one processor 810, a memory 820, an external input/output interface 830, and an input/output device 840 such as a keyboard and/or a display, interconnected via a bus 850 as shown. The external interface 830 may be utilised for connecting the digital credential server 110 to peripheral devices and/or networks, such as the communications networks 125, 145, 165, and the local or remote data store 150. Although a single external interface 830 is shown, this is for the purpose of example only, and in practice multiple interfaces using various methods (e.g. Ethernet, serial, USB, wireless or the like) may be provided.
-382019203286 10 May 2019 [00242] In use, the processor 810 may execute instructions in the form of applications software stored in the memory 820 to allow the required processes to be performed, including: communicating with the terminal computing device 120, the authenticator system 140, the verification requester system 160, the local or remote data storage 150, and other suitable databases or devices, and performing the digital credential generation and verification workflows as described hereinbefore. The applications software may be executed in a suitable execution environment, such as an operating system environment, or the like.
[00243] Accordingly, it will be appreciated that the digital credential server 110 may be formed from any suitable processing system, such as a suitably programmed computer system, PC, web server, network server, or the like. In one example, the digital credential server 110 is a standard processing system such as an Intel Architecture based processing system, which executes software applications stored on non-volatile (e.g., hard disk) storage, although this is not essential. However, it will also be understood that the processing system could be any electronic processing device such as a microprocessor, microchip processor, logic gate configuration, firmware optionally associated with implementing logic such as an FPGA (Field Programmable Gate Array), or any other electronic device, system or arrangement.
[00244] In at least some embodiments, the authenticator server 142 and the verification requester server 162 may have a similar structure to the digital credential server 110.
[00245] An example of a suitable terminal computing device 120 of Fig. 1 is shown in Fig. 9.
[00246] In this example, the terminal computing device 120 includes at least one microprocessor 910, a memory 920, an output device 930, an input device 940, and an external input/output interface 950, interconnected via a bus 960 as shown. The terminal computing device 120 may further include a component for capturing the machine readable identifier, e.g., a digital camera module 970 for taking digital photos of a QR code. The external interface 950 may be utilised for connecting the terminal computing device 120 to peripheral devices and/or networks, such as the digital credential server 110, the communications networks 125, any other suitable servers, data stores or the like. Although a single external interface 950 is shown, this is for the purpose of example only, and in practice
-392019203286 10 May 2019 multiple interfaces using various methods (e.g. Ethernet, serial, USB, wireless or the like) may be provided.
[00247] In use, the microprocessor 910 executes instructions in the form of applications software stored in the memory 920 to allow communication with the digital credential server 110 for generation and verification of one or more digital credentials. The applications software may include one or more software modules, and may be executed in a suitable execution environment, such as an operating system environment, or the like.
[00248] Accordingly, it will be appreciated that the terminal computing device 120 may be formed from any suitable processing system, such as a mobile phone (e.g., a smart phone), a portable computer, a tablet computer, or the like. In some implementations, the terminal computing device 120 is a smart phone, on which one or more mobile applications can be installed and executed.
[00249] In at least some embodiments, verification requester terminal device 164 may have a similar structure to the terminal computing device 120.
[00250] As described above, according to at least some embodiments, a method and a system for generation and verification of one or more credentials is provided, which allows a user to generate digital credentials based on credentials issued to the user in a convenient manner, and to allow a third-party to verify the digital credentials of the user in a reliable and secure way.
[00251] In at least some embodiments, the described method and system may automatically identify the “gaps” between the provided identity information of the user and the required identity attributes and/or credential attributes for the purpose of authenticating the credential, and may guide the user to provide further information to fill these gaps.
[00252] In at least some embodiments, the described method and system may allow prevention or reduction in identity fraud, or misuse of the user’s identity information and/or credential information.
[00253] In at least some embodiments, the described method and system allows a user to establish their digital credentials to a third-party even when the user does not have available communication network to connect to the digital credential server.
-402019203286 10 May 2019 [00254] The reference in this specification to any prior publication (or information derived from it), or to any matter which is known, is not, and should not be taken as an acknowledgment or admission or any form of suggestion that that prior publication (or information derived from it) or known matter forms part of the common general knowledge in the field of endeavour to which this specification relates.
[00255] Many modifications will be apparent to those skilled in the art without departing from the scope of the present invention as hereinbefore described with reference to the accompanying drawings.

Claims (24)

  1. THE CLAIMS DEFINING THE INVENTION ARE AS FOLLOWS:
    1. A computer-implemented method, including the steps of:
    receiving, from a terminal computing device, user identification data and authenticator identification data;
    determining, based on the authenticator identification data, an authenticator system; obtaining identity information of a user based on the user identification data; communicating at least some of the user’s identity information to the authenticator system;
    receiving from the authenticator system credential information associated with the user; and causing the credential information to be stored in association with the user’s identity information.
  2. 2. The method of claim 1, wherein the authenticator identification data is generated based on machine readable information associated with a credential.
  3. 3. The method of claim 2, wherein the machine readable information includes:
    a Quick Response (QR) code, a barcode,, or a message communicated using any one of the following wireless communication technologies : Near Field Communication (NFC), Bluetooth, Bluetooth LE, or Wi-Fi.
  4. 4. The method of any one of the preceding claims, wherein the identity information of the user is obtained by:
    retrieving the identity information of the user from an identity database.
  5. 5. The method of any one of claims 1-3, wherein the identity information of the user is obtained by:
    receiving identity information from the terminal computing device.
  6. 6. The method of any one of the preceding claims, further including:
    sending the credential information to the terminal computing device, wherein the credential information is stored by the terminal computing device.
    -422019203286 10 May 2019
  7. 7. The method of any one of the preceding claims, further including: determining one or more identity attributes required by the authenticator; determining additional identity attributes, the additional identity attributes being one or more required identity attributes that have not been obtained; and receiving from the terminal computing device the additional identity attributes; wherein communicating at least some of the user’s identity information to the authenticator system includes communicating to the authenticator system at least the additional identity attributes.
  8. 8. The method of any one of the preceding claims, further including: determining one or more credential attributes required by the authenticator; receiving from the terminal computing device the one or more credential attributes required; and communicating to the authenticator system the credential attributes required by the authenticator.
  9. 9. A computer implemented method, including the steps of:
    receiving a credential verification request from a verification requester system; obtaining at least some of the user’s credential information based on the credential verification request the user’s credential information having been stored using the method of any one of the preceding claims; and communicating to the verification requester system the obtained credential information.
  10. 10. The method of claim 9, wherein the credential verification request is generated based on machine readable verification request information.
  11. 11. The method of claim 10, wherein the machine readable verification request information includes:
    a Quick Response (QR) code, a barcode,; or a message communicated using any one of the following wireless communication technologies : Near Field Communication (NFC), Bluetooth, Bluetooth FE, or Wi-Fi.
    -432019203286 10 May 2019
  12. 12. The method of any one of claims 9 to 11:
    wherein the obtained credential information communicated to the verification requester system is credential information of one or more digital credentials of the user specified by credential identification data extracted from the credential verification request.
  13. 13. The method of any one of claims 9 to 12, further including:
    extracting, from the credential verification request, a credential decryption key; and decrypting the credential information using the credential decryption key.
  14. 14. The method of any one of claims 9 tol3, further including:
    extracting, from the credential verification request, verification requester data specifying a verification requester; and communicating to the verification requester system the obtained credential information only if the verification requester system is associated with the verification requester specified by the verification requester data.
  15. 15. The method of any one of claims 9 to 14, further including:
    extracting, from the credential verification request, verification time data specifying a verification time range; and communicating to the verification requester system the obtained credential information only if a time of receiving the credential verification request is within the verification time range specified by the verification time data.
  16. 16. The method of any one of claims 9 to 15, further including:
    receiving a verification authorisation message from the terminal computing device; extracting, from the verification authorisation message, a first verification reference code;
    extracting, from the credential verification request, a second verification reference code; and communicating to the verification requester system the obtained credential information only if the first verification reference code matches the second verification reference code.
    -442019203286 10 May 2019
  17. 17. The method of claim 16, further including:
    wherein the obtained credential information communicated to the verification requester system is credential information of one or more digital credentials of the user specified by credential identification data extracted from the verification authorisation message or from the credential verification request.
  18. 18. The method of claim 16 or 17, further including:
    extracting, from the verification authorisation message, a credential decryption key; and decrypting the credential information using the credential decryption key.
  19. 19. The method of any one of claims 16 to 18, further including:
    extracting, from the verification authorisation message, verification requester data specifying a verification requester; and communicating to the verification requester system the obtained credential information only if the verification requester system is associated with the verification requester specified by the verification requester data.
  20. 20. The method of claim 16, further including:
    extracting, from the verification authorisation message, verification time data specifying a verification time range; and communicating to the verification requester system the obtained credential information only if a time of receiving the credential verification request is within the verification time range specified by the verification time data.
  21. 21. A computer implemented method, including the steps of:
    receiving a verification authorisation message from a terminal computing device; determining a verification requester system based on the verification authorisation message;
    obtaining at least some of a user’s credential information the credential information having been stored according to any one of claims 1 to 8;
    -452019203286 10 May 2019 communicating to the verification requester system the obtained credential information.
  22. 22. The method of claim 9 to 20, wherein obtaining at least some of the user’s credential information includes:
    retrieving the at least some of the user’s credential information from a database.
  23. 23. The method of claim 9 to 20, wherein obtaining at least some of the user’s credential information includes:
    receiving the at least some of the user’s credential information from the terminal computing device.
  24. 24. A system for generating and verifying digital credentials, the system including one or more electronic processing devices configured to:
    receive, from a terminal computing device, user identification data and authenticator identification data;
    determine, based on the authenticator identification data, an authenticator system; obtain identity information of a user based on the user identification data; communicate at least some of the user’s identity information to the authenticator system;
    receive from the authenticator system credential information associated with the user; and cause the credential information to be stored in association with the user’s identity information.
AU2019203286A 2018-05-10 2019-05-10 Method and system for generating and verifying digital credentials Abandoned AU2019203286A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
AU2018901597A AU2018901597A0 (en) 2018-05-10 Method and system for generating and verifying digital credentials
AU2018901597 2018-05-10

Publications (1)

Publication Number Publication Date
AU2019203286A1 true AU2019203286A1 (en) 2019-11-28

Family

ID=68618236

Family Applications (1)

Application Number Title Priority Date Filing Date
AU2019203286A Abandoned AU2019203286A1 (en) 2018-05-10 2019-05-10 Method and system for generating and verifying digital credentials

Country Status (1)

Country Link
AU (1) AU2019203286A1 (en)

Similar Documents

Publication Publication Date Title
US20220239499A1 (en) System and method for high trust cloud digital signing
US11790118B2 (en) Cloud-based system for protecting sensitive information in shared content
US9698992B2 (en) Method for signing electronic documents with an analog-digital signature with additional verification
US9369287B1 (en) System and method for applying a digital signature and authenticating physical documents
US11880828B2 (en) Data protection system and method
US20210026979A1 (en) Digital Identification Enrollment
WO2020051365A1 (en) Systems and methods for creating a digital id record and methods of using thereof
US20090271321A1 (en) Method and system for verification of personal information
TWI651656B (en) Multidimensional barcode action identity authentication method, digital certificate device
CN110462658A (en) For providing system and method for the digital identity record to verify the identity of user
EP2645338A1 (en) System and method for secure voting
US9294918B2 (en) Method and system for secure remote login of a mobile device
KR102131206B1 (en) Method, service server and authentication server for providing corporate-related services, supporting the same
JP2014067175A (en) Authentication system
JP6760631B1 (en) Authentication request system and authentication request method
Yahya et al. A new academic certificate authentication using leading edge technology
WO2018232443A1 (en) Method and system for identity proofing
KR102256922B1 (en) Method and System for authenticating documents using inquiry history notice
JP2009086890A (en) Application reception system and application reception method
AU2019203286A1 (en) Method and system for generating and verifying digital credentials
KR101047140B1 (en) Unmanned Medical Reception and Information Service System Using Fingerprint Recognition and Its Methods
JP6828311B2 (en) Information information system, information processing device and program
AU2019203287A1 (en) Method and system for proving of identity information
TWI677842B (en) System for assisting a financial card holder in setting password for the first time and method thereof
JP6994209B1 (en) Authentication system and authentication method

Legal Events

Date Code Title Description
MK1 Application lapsed section 142(2)(a) - no request for examination in relevant period