AU2022259858A1 - Information verification system and method therefor - Google Patents

Abstract

There is provided an information verification system for verifying authenticity of personal data. The information verification system may comprise: a user device; an authorising body system; and a verifiable data registry, wherein the user device receives the personal data, transmits the personal data to the authorising body system to certify the person data, and the authorising body system generates a data signature of the personal data with a public signature verification key, indicating that the personal data has been certified to be authentic, and registers the data signature on the verifiable data registry for verification. 1/18 1000 1100 WebsrverDatabase 210 1 nt0e applicasrte 12 tFigure 1

Description

1/18

1000

1100

WebsrverDatabase

1 nt0e 210

tFigure 1

applicasrte 12

INFORMATION VERIFICATION SYSTEM AND METHOD THEREFOR

Field of the Invention

[001] The present invention relates to an information verification system and methods therefor, and in particular to an information verification system and methods for use that utilise blockchain technology.

[002] The invention has been developed primarily for use in/with blockchain technology and will be described hereinafter with reference to this application. However, it will be appreciated that the invention is not limited to this particular field of use.

Cross-reference

[003] The present application claims priority from the Australian provisional patent application No. 2021903690, filed on 17 November 2021, the content of which is incorporated herein by reference in its entirety.

Background of the Invention

[004] Currently, notaries are used to certify documents and/or execution of documents with a view to preventing forgeries within some countries. Further, an international treaty called The Convention Abolishing the Requirement of Legalisation for Foreign Public Documents, the Apostille Convention, or the Apostille Treaty has been introduced as manner of supplementing local notarisation of documents internationally and removes the need for double certification, by the originating country and then by the receiving country. However, obtaining an Apostille for a particular document can be time consuming and expensive.

[005] Apostilles and/or legalization is usually required and/or obtained for four types of documents, these being: a. court documents; b. administrative documents (for example civil status documents); c. material acts; d. official certificates which are placed on documents signed by persons in their private capacity, such as official certificates recording the registration of a document or the fact that it was in existence on a certain date and official and notarial authentications of signatures

[006] Non-fungible tokens (NFTs) are also used to indicate ownership of a digital asset or a physical asset that are associated with the NFTs. Such tokens are unique in that they cannot be replaced. A NFT is a unit of data stored on a digital ledger, such as a blockchain, that certifies a digital asset to be unique and therefore not interchangeable. A NFT can also be associated with a license to use the asset for a specified purpose. NFTs are created when blockchain string records of cryptographic hash, a set of characters identifying a set of data, on to previous records, therefore creating a chain of identifiable data blocks..

[007] However, none of the above approaches is able to ensure that the document to be notarised or the digital/physical asset based on which NFTs are minted is the genuine document or digital/physical asset. If the document to be notarised or the digital/physical asset itself is not genuine or authentic (for example, the document itself is a fake document), then the notarised document and the NFTs minted are meaningless. Therefore, there is a need for a method and system to solve or alleviate the above problems.

[008]Any discussion of the background art throughout the specification should in no way be considered as an admission that such background art is prior art, nor that such background art is widely known or forms part of the common general knowledge in the field in Australia or any other country.

Summary of the Invention

[009] There is provided an information verification system for verifying authenticity of personal data. The information verification system may comprise: a user device; an authorising body system; and a verifiable data registry, wherein the user device receives the personal data, transmits the personal data to the authorising body system to certify the person data, and the authorising body system generates a data signature of the personal data with a public signature verification key, indicating that the personal data has been certified to be authentic, and registers the data signature on the verifiable data registry for verification.

[010] The verifiable data registry may be a blockchain network.

[011] The authorising body system may allocate a unique identifier to the personal data.

[012] The authorising body system may store the unique identifier with the personal data in a storage media.

[013]The authorising body system may further register the data signature on the blockchain network with the unique identifier.

[014] The authorising body system may further transmit the unique identifier and the public signature verification key to the user device.

[015] The information verification system may further comprise a third-party device, wherein the third-party device may receive the personal data, the unique identifier and the public signature verification key from the user device; transmit a request to the blockchain network for the data signature associated with the unique identifier; receive the data signature from the blockchain network; and verify the personal data received from the user device with the data signature retrieved from the blockchain network using the public signature verification key.

[016] The information verification system may further comprise a service provider system. The authorising body system may further transmit an authorising body identification identifying the authorising body system, the personal data, the data signature, the public signature verification key and unique identifier to the service provider system, and the service provider system transmits the data signature, the authorising body identification, and the unique identifier to the blockchain network.

[017] The information verification system may further comprise a third-party device, wherein the third-party device may receive the unique identifier and the authorising body identification from the user device; transmit a request to the service provider system for the personal data associated with the unique identifier and the authorising body identification; receive the personal data and the public signature verification key from the service provider system; transmit a second request to the blockchain network for the data signature associated with the unique identifier and the authorising body identification; receive from the blockchain network the data signature associated with the unique identifier and the authorising body identification; and verify the personal data received from the service provider system with the data signature retrieved from the blockchain network using the public signature verification key.

[018] The third-party device may further transmit a confirmation of verification to the user device in the event that the verification returns true.

[019] The third-party device may further transmit a denial of verification to the user device in the event that the verification returns false.

[020] There is provided a method for verifying authenticity of personal data. The method may comprise: receiving the personal data on a user device; and transmitting the personal data from the user device to an authorising body system for the authorising body system to certify the person data, wherein the authorising body system is configured to generate a data signature of the personal data with a public signature verification key, indicating that the personal data has been certified to be authentic; and register the data signature on a verifiable data registry.

[021] The verifiable data registry may be a blockchain network.

[022] The authorising body system may be further configured to allocate a unique identifier to the personal data.

[023]The authorising body system may be further configured to store the unique identifier with the personal data in a storage media.

[024] The authorising body system may be further configured to register the data signature on the blockchain network with the unique identifier.

[025] The authorising body system may be further configured to transmit the unique identifier and the public signature verification key to the user device.

[026] The method may further comprise: transmitting the personal data, the unique identifier and the public signature verification key from the user device to a third-party device, wherein the third-party device is configured to receive the personal data, the unique identifier and the public signature verification key from the user device; transmit a request to the blockchain network for the data signature associated with the unique identifier; receive the data signature from the blockchain network; and verify the personal data received from the user device with the data signature retrieved from the blockchain network using the public signature verification key.

[027] The authorising body system may be further configured to transmit an authorising body identification identifying the authorising body system, the personal data, the data signature, the public signature verification key and unique identifier to a service provider system, and the service provider system is configured to transmits the data signature, the authorising body identification, and the unique identifier to the blockchain network.

[028] The third-party device may be configured to: receive the unique identifier and the authorising body identification from the user device; transmit a request to the service provider system for the personal data associated with the unique identifier and the authorising body identification; receive the personal data and the public signature verification key from the service provider system; transmit a second request to the blockchain network for the data signature associated with the unique identifier and the authorising body identification; receive from the blockchain network the data signature associated with the unique identifier and the authorising body identification; and verify the personal data received from the service provider system with the data signature retrieved from the blockchain network using the public signature verification key.

[029] The third-party device may be further configured to transmit a confirmation of verification to the user device in the event that the verification returns true.

[030] The third-party device may be further configured to transmit a denial of verification to the user device in the event that the verification returns false.

[031] The invention seeks to provide an information verification system and methods therefor which will overcome or substantially ameliorate at least some of the deficiencies of the prior art, or to at least provide an alternative.

[032] For the purposes of this specification, a verifiable data registry is defined as being any system that supports recording digital identifications (DIDs) and returning data necessary to produce and/or verify DID documents, and examples of verifiable data registries shall be deemed to include distributed ledgers, blockchain networks, decentralised file systems, databases of any kind, peer to peer networks, and any other forms of trusted data storage.

[033] It should be noted that the web server, client computing device and the computer readable storage medium provide the same or similar advantages as the advantages provided by the corresponding computer implemented method, some of which are described herein. Additionally the web server and/or client computing device provides the advantage of deployment across a computer network, such as the Internet, providing distribution, access and economy of scale advantages. Furthermore, the computer readable storage medium provides further advantages, such allowing the deployment of computer instructions for installation and execution by one or more computing devices.

[034] Other aspects of the invention are also disclosed.

Brief Description of the Drawings

[035] Notwithstanding any other forms which may fall within the scope of the present invention, preferred embodiments of the invention will now be described, by way of example only, with reference to the accompanying drawings in which:

[036] Figure 1 shows a network of computing devices on which the various embodiments described herein may be implemented in accordance with an embodiment of the present invention;

[037] Figure 2 shows a network of servers connected to each other in a blockchain;

[038] Figure 3 shows a computing device on which the various embodiments described herein may be implemented in accordance with an embodiment of the present invention;

[039]Figure 4 shows a schematic view of a first embodiment of an information verification system;

[040] Figures 5 - 7 show swim lane flowcharts illustrating methods carried out on the information verification system of figure 4;

[041] Figure 8 shows a schematic view of a second embodiment of an information verification system;

[042] Figures 9 - 11 show swim lane flowcharts illustrating methods carried out on the information verification system of figure 8;

[043] Figure 12 shows a schematic view of a third embodiment of an information verification system;

[044] Figures 13 - 15 show swim lane flowcharts illustrating methods carried out on the information verification system of figure 12;

[045] Figure 16 shows a schematic view of a fourth embodiment of an information verification system;

[046] Figure 17 shows a swim lane flowchart illustrating methods carried out on the information verification system of figure 16; and

[047] Figure 18 shows a schematic view of software modules of one embodiment of an information verification system.

Description of Embodiments

[048] It should be noted in the following description that like or the same reference numerals in different embodiments denote the same or similar features.

System of computing devices

[049]Figure 1 shows a system 1000 of computing devices adapted for use as an information verification system, and on which the methods described below may be carried out.

[050]The system 1000 includes a server 1100 for serving web pages to one or more client computing devices 1200 over the Internet 1300.

[051] In a preferred embodiment, the server 1100 is a web server having a web server application 1110 for receiving requests, such as Hypertext Transfer Protocol (HTTP) and File Transfer Protocol (FTP) requests, and serving hypertext web pages or files in response. The web server application 1110 may be, for example the Apache TM or the MicrosoftTM IIS HTTP server.

[052]The server 1100 is also provided with a hypertext preprocessor 1120 for processing one or more web page templates 1130 and data from one or more databases 1140 to generate hypertext web pages. The hypertext preprocessor may, for example, be the PHP: Hypertext Preprocessor (PHP) or Microsoft ASPTM hypertext preprocessor. The web server 1100 is also provided with web page templates 1130, such as one or more PHP or ASP files.

[053] Upon receiving a request from the web server application 1110, the hypertext preprocessor 1120 is operable to retrieve a web page template from the web page templates 1130, execute any dynamic content therein, including updating or loading information from the one or more databases 1140, to compose a hypertext web page. The composed hypertext web page may comprise client side code, such as Javascript, for Document Object Model (DOM) manipulating, asynchronous HTTP requests and the like.

[054] The database 1140 is adapted for storing user account data representing one or more user accounts for users. Such user account data is created by the server 1100 during a user registration process. In this manner, the server 1100 is adapted to update the user account data in relation to the appropriate user account.

[055]The server 1100 will be connected to a verifiable data registry such as a blockchain network 1500 including a plurality of nodes 1510 in which the signature of the personal data stored in server 1100 will be preferably replicated by each node in the blockchain. The server will preferably be connected to the blockchain network 1500 via a universal resolver node on the blockchain network 1500.

[056]Blockchain nodes can be located on any kind of devices (mostly computers, laptops or even bigger servers). All nodes on a blockchain are preferably connected to each other and they constantly exchange the latest blockchain data with each other so that all nodes stay up to date. Blockchains use various consensus mechanisms to achieve necessary agreement on data which are stored and spread on blockchain nodes. The nodes store, spread and preserve the blockchain data. A full node contains a full copy of the transaction history of the blockchain. The transaction history is immutable.

[057] A blockchain node is typically implemented as a service to provide an Application Programming Interface (API) for inter-node communication as well as client-node communication. The APIs are typically implemented as Remote Procedure Call (RPC) over HTTP or WebSocket, including JSON-RPC, gRPC with Protocol Buffers (Protobuf) and the like. The servers 1100 and/or the client computing devices 1200 described above may also be configured as a Remote Procedure Call Server (RPC Server), together with data storage capabilities. A remote procedural call (RPC) server is a network communication interface that provides remote connection and communication services to RPC clients. It enables remote users or RPC clients to execute commands and transfer data using RPC calls or over the RPC protocol.

[058] Blockchain nodes may include miner nodes, full nodes, hidden nodes, listening nodes and lightweight nodes.

[059] It is anticipated that a wide variety of alternative verifiable data registries as discussed above may be used instead of a blockchain. However, in the embodiments described a blockchain is used to exemplify the concept of a verifiable data registry. Using a blockchain as a verifiable data registry has the additional benefit of being immutable.

[060] Each node 1510 in the blockchain network may be a server 1100 or similar computing device as will be described below. Each node in the blockchain network will preferably be represented and/or managed by a separate provider.

[061]The client computing devices 1200 are preferably provided with a browser application 1210, such as the Google ChromeTM, Mozilla FirefoxTM or Microsoft Internet Explorer T M browser applications. The browser application 1210 requests hypertext web pages from the web server 1100 and renders the hypertext web pages on a display device for a user to view.

[062] Client side code is also downloadable as applications on the client computing device 1200 and/or server 1100, in order to facilitate the operation of and /or interaction with the information verification system. Such applications could, for example, be downloaded from the Apple App StoreTM, Google PlayTM, or the like.

[063] Client side code may also be provided as blockchain enabled code for suitable users of the system. Such blockchain enabled code may be configured for reading and writing directly to a node of the blockchain, or for communicating via a remote node such as a universal resolver node.

[064] The client computing devices 1200 may communicate over the Internet 1300 via fixed line or wireless communication, for example using known networks of cellular communication towers 1400.

[065] Further, as shown in figure 2, one example of a verifiable data registry in the form of blockchain network 1500 is shown as an interconnected network of servers 1100, preferably connected over the Internet 1300 of nodes, in which a ledger of transactions is identically replicated on each of the servers as a distributed ledger. It is to be understood that alternative computing devices could be used other than the servers 1100. The typical blockchain coding practice, the subject matter held by a majority of the ledgers becomes replicated on the minority. If any one of the ledgers is interfered with or altered, this may be seen by comparison to the rest of the ledgers. As mentioned previously, each of the servers may be connectable to the Internet and may be accessed by personal computing devices 1200, for example via wireless cellular communication towers 1400.

Computing device

[066]Figure 3 shows a computing device 500. In a preferred embodiment, the computing device 500 takes the form of a server 1100 as described above. In this manner, the computing device 500 is adapted to comprise functionality for communication with the Internet 1300, storage capability (such as the database 1140) for storing user account data, records of communications, and the like.

[067] However, it should be noted that the computing device 500 may be adapted for use as the client computing devices 1200 as is also shown in Figure 1. In this manner, the computing device 500 may comprise differing technical integers in order to achieve the functionality as set out below.

[068] In other words, the technical integers of the computing device 500 as shown in Figure 3 are exemplary only and variations, adaptations and the like may be made thereto within the purposive scope of the embodiments described herein and having regard for the particular application of the computing device 500.

[069] In particular the steps of the methods of verifying information, as described in further detail below, can be implemented as computer program code instructions executable by the computing device 500.

[070]The computer program code instructions may be divided into one or more computer program code instruction libraries, such as dynamic link libraries (DLL), wherein each of the libraries performs a one or more steps of the method. Additionally, a subset of the one or more of the libraries may perform graphical user interface tasks relating to the steps of the method.

[071] The computing device 500 preferably comprises semiconductor memory 510 comprising volatile memory such as random access memory (RAM) or read only memory (ROM). The memory 510 may comprise either RAM or ROM or a combination of RAM and ROM.

[072] The computing device 500 comprises a computer program code storage medium reader 515 for reading the computer program code instructions from computer program code storage media 520. The storage media 520 may be optical media such as CD ROM disks, magnetic media such as floppy disks and tape cassettes or flash media such as USB memory sticks.

[073] The device further comprises 1/O interface 530 for communicating with one or more peripheral devices. The 1/O interface 530 may offer both serial and parallel interface connectivity. For example, the 1/O interface 530 may comprise a Small Computer System Interface (SCSI), Universal Serial Bus (USB) or similar 1/O interface for interfacing with the storage medium reader 515. The 1/O interface 530 may also communicate with one or more human input devices (HID) 540 such as keyboards, pointing devices, joysticks and the like.

[074] The 1/O interface 530 may also comprise a computer to computer interface, such as a Recommended Standard 232 (RS-232) interface, for interfacing the device 500 with one or more personal computer (PC) devices 550. The 1/O interface 530 may also comprise an audio interface 560 for communicate audio signals to one or more audio devices (not shown), such as a speaker or a buzzer.

[075] The device 500 also comprises a network interface 570 for communicating with one or more computer networks 580, such as the Internet 1300. The network 580 may be a wired network, such as a wired EthernetTM network or a wireless network, such as a BluetoothTMnetwork or IEEE 802.11 network. The network 580 may be a local area network (LAN), such as a home or office computer network, or a wide area network (WAN), such as the Internet or private WAN. The device 500 can also include an antenna 575 configured for wireless communication with network 580.

[076] The device 500 comprises an arithmetic logic unit or processor 590 for performing the computer program code instructions. The processor 590 may be a reduced instruction set computer (RISC) or complex instruction set computer (CISC) processor or the like. The computing device 500 further comprises a storage device 600, such as a magnetic disk hard drive or a solid state disk drive for storing data and/or software instructions.

[077] Computer program code instructions may be loaded into the storage device 600 from the storage media 520 using the storage medium reader 515 or from the network 580 using network interface 570. Alternatively, computer program code instructions may be loaded into the storage device 600 from an online resource via the network 580 and network interface 570.

[078] During the bootstrap phase, an operating system and one or more software applications are loaded from the storage device 600 into the memory 510. During the fetch-decode-execute cycle, the processor 590 fetches computer program code instructions from memory 510, decodes the instructions into machine code, executes the instructions and stores one or more intermediate results in memory 510.

[079] In this manner, the instructions stored in the memory 510, when retrieved and executed by the processor 590, configures the computing device 500 as a special purpose machine that may perform the functions described herein.

[080]The computing device 500 can also include an audio/video interface 610 for conveying video signals to a display device 620, such as a liquid crystal display (LCD), light emitting diode (LED) display, organic light emitting diode (OLED) display, cathode ray tube (CRT) or similar display device.

[081]The device 500 preferably includes a communication bus subsystem 630 for interconnecting the various devices described above. The bus subsystem 630 may offer parallel connectivity such as Industry Standard Architecture (ISA), conventional Peripheral Component Interconnect (PCI) and the like or serial connectivity such as PCI Express (PCle), Serial Advanced Technology Attachment (Serial ATA) and the like. The computing device 500 can also include a clock device 640 configured for providing accurate time stamps for use by the processor 590.

[082] Preferably the client computing device that is operable by a user of the information verification system will by a mobile device such as a mobile phone, laptop, tablet or similar device and will have a near filed communications (NFC) chip 650 installed, which may operate in conjunction with a suitable NFC antenna 660 in order to transmit and receive signals using the NFC protocol. Such an NFC chip 650 and antenna 660 can receive NFC or similar electromagnetic signals from similarly equipped devices. In alternative embodiments it is envisage that alternative protocols may be used where NFC is mentioned in describing the functionality below, such as BluetoothTMoranyof the IEEE802.11 protocols, however these are not preferred.

[083] It is further anticipated that the computing device can include a physical random number generator 670. However, in alternative embodiments it is envisaged that the random number generator may be provided as part of a software module.

[084] Lastly, it is anticipated that the computing device 500 can include a camera 680. The camera can be used to scan and/or input documents. The camera may be connected via the 1/O interface 530 or may be built into the computing device.

Software

[085] The software that is anticipated as being used to carry out the various methods to be described below as part of an information verification system is set out in figure 18.

[086] A user device 2100 will preferably include its own secure storage, preferably in the form of a vault 2110. The user device 2100 will also preferably include a key generator 2120 for generating a public/private key pair, and may include a unique ID generator 2130.

[087] Third-party device 2200 will preferably include secure storage in the form of a vault and/or database 2210. The third-party device will also preferably include a verification module 2220 configured for verifying a data signature retrieved from a blockchain using a signature verification key. The third-party device will preferably also include a blockchain retrieval module 2230 configured for retrieving a data signature from a blockchain using a unique identifier.

[088] A service provider system 2300 will preferably include secure storage in the form of a database or vault 2310. The service provider system 2300 may include a key generator 2320 for generating and/or retrieving a public/private key pair. The service provider system 2300 can include a blockchain storage module 2330 configured for storing a data signature on a blockchain in association with the unique identifier. This way, the data signature can be retrieved from the blockchain by using the unique identifier. The service provider system 2300 can also include a unique ID generator 2340 generating a unique identifier. Lastly, it is envisaged that the service provider system 2300 can include a blockchain retrieval module 2350 configured for retrieving a data signature from the blockchain network 1500 using a unique identifier.

[089] It is anticipated that an authorising body or trust provider system 2400 will have storage capacity, preferably in the form of databases 2410. The authorising body 2400 will also preferably be provided with a key generator 2420 for generating a public/private key pair. The authorising body system 2400 will also be provided with a certification module 2430 for certifying the personal information that is received from a user. Since the authorising body system 2400 ensures that a data signature of certified personal information is stored on the blockchain network 1500, the authorising body system 2400 will also include a blockchain storage module 2440 configured for storing the data signature on a verifiable data registry in the form of a blockchain. Lastly, the authorising body system 2400 can include a unique ID generator for generating the unique identifier associated with the user information and/or data signatures to be stored on the blockchain. This way, the user information and/or data signatures can be retrieved from the blockchain by using the unique identifier.

[090] Lastly, it is envisaged that a storage provider system 2500 can include a database 2510 on which use information may be stored in association with a unique identifier.

Information verification system

[091] Four different embodiments of an information verification system are shown in figures 4, 8, 12, and 16.

[092 In a first embodiment shown in figure 4, a user device 2100 is for use by a person making use of the information verification system, who wants to have their personal information verified. The user device 2100 has its own associated digital storage media 2110 and is preferably configured for encrypted storage of the storage media 2110. A third-party device 2200 is for use by a third party wanting to receive and verify the user's personal information. The third-party device 2200 preferably also has preferably secure storage media 2210 associated with it, on which information can be securely stored.

[093]A service provider system 2300 is also provided, and which also has its own secure data storage 2310. The service provider system 2300 is configured for secure communication with the user device 2100. Preferably the secure communication employs Transport Layer Security (TLS), such as that used in the security layer in HTTPS or WebSocket Secure. The service provider system 2300 is also configured for preferably secure communication with one or more nodes of a blockchain network 1500. Secure communication could employ Transport Layer Security (TLS). TLS could be used as the security layer in Hypertext Transfer Protocol Secure(HTTPS) or WebSocket Secure.

[094] The user device 2100 is also preferably configured for secure communication with the third-party device 2200.

[095] Another embodiment of an information verification system is shown in figure 8. In this embodiment, a trust provider system or authorising body system 2400 takes the place of the service provider system 2300 of the first embodiment. The authorising body system 2400 preferably also includes its own secure storage 2410, preferably in the form of an encrypted database. The authorising body system 2400 is configured for secure communication with the user device 2100, and preferably secure communication with the blockchain network 1500. In addition, a storage provider system 2500 with its own secure (preferably cloud based) database 2510 is used for secure storage of the personal details of the user, in order to provide longevity and reliability of storage of user details.

[096] A third embodiment of an information verification system is shown in figure 12. In this embodiment, an authorising body or trust provider system 2400 is configured for secure communication with user device 2100, and for secure communication with the service provider system 2300. The third-party device 2200 is also configured or configurable for secure communication with the service provider system 2300. The third-party device 2200 is also configured for communicating with the blockchain network 1500. The service provider system 2300 serves as an interface between the trust provider system 2400 and the third party device 2200, carrying out services in storing signed personal information on the blockchain network 1500 and transmitting personal details to third parties on request. In this embodiment, the service provider system 2300 acts as a service to retrieve stored personal information associated with the unique identifier, and transmitted to the third-party device. The service provider system 2300 also serves to ensure that the signature of personal data (in the form of a data signature) is stored on the blockchain network 1500 in association with the unique identifier.

[097] A fourth embodiment of an information verification system is shown in figure 16. In this embodiment, the authorising body or trust provider system 2400 ensures that the data signature is stored on the blockchain network 1500, while a service provider 2300 is responsible for storing the encrypted personal information of a user, and for delivering the personal information on request from a third party, and preferably on receiving authorisation to release the personal information from the user device 2100. The third party device 2200 is able to retrieve the data signature directly from the blockchain network 1500.

Functionality

[098]The functionality of the various embodiments described above will now be explained with reference to the flowcharts shown in figures 5-7, 9-11, 13-15 and 17.. In a discussion of the functionality below, communications between parties are over a secure communication network.

[099] The first methodology for the verification of information is shown in figures 5-7 which shows the steps carried out between the various devices shown in figure 4. Now referring to figure 5, the user device 2100 will initially receive 2 and preferably store personal data input from a user. The personal data may be in the form of a document, image, video clip, or text. The user device 2100 will then assign 4 a unique identifier to the personal data, and sign 6 the personal data using a private key of the user to generate a data signature. The step of signing the personal data may include the step of generating a public-private key pair. Preferably, the public key is the public signature verification key that can be used to verify the data signature.

[0100]The user device will then encrypt 8 the personal data. The encrypted personal data, data signature and unique identifier will then be stored 10 on storage media 2110. The user device will then transmit 12 the data signature and unique identifier to the service provider system 2300. On receiving 14 the data signature and unique identifier, the service provider system 2300 will store 16 these on storage media 2310. The service provider system 2300 will then transmit 18 the data signature and unique identifier to blockchain 1500. On receiving 20 the data signature and unique identifier, the blockchain 1500 will store 22 these on the blockchain 1500.

[0101]Now referencing figure 6, when a third party needs verification of the user's personal data, the user device will retrieve 24 the encrypted personal data, data signature and unique identifier from the storage media 2110. The personal data will then be decrypted 26 and the user device will then transmit 28 the personal data, unique identifier and signature verification key that is to be used to verify the data signature to the third-party device 2200. On receiving 30 these, the third-party device 2300 will store 32 the personal data. The third-party device 2300 will then transmit 36 a request for the data signature associated with the unique identifier to the blockchain 1500. The transmitting of a request for verification and reply by the blockchain 1500 may be a lookup of data on the blockchain network 1500. On receiving 38 the request for the data signature associated with the unique identifier, the blockchain network 1500 will retrieve the data signature. The retrieved data signature will then be transmitted 42 to the third-party device 2300.

[0102] Now following on from reference letter A in figure 7, the third-party device 2200 will receive 44 the retrieved data signature from the blockchain network 1500, and will verify 46 the data signature received from the blockchain network 1500 against the personal data that was received from the user device. The verification 46 will return either a "true" or a "false". It is anticipated that the verification will also be able to verify that the data signature was in fact signed by the user's private key or the personal data has not been altered.

[0103] If the verification 46 returns a false, then the third-party device 2200 will transmit 48 a denial of verification to the blockchain network 1500, as well as to the user device. On receiving 50 the denial of verification, the user device will store this as a record on storage media 2110. On receiving 52 denial of verification, the blockchain network will store 54 the denial of verification on the blockchain network.

[0104] If the verification 46 returns a true, then the third-party device will transmit 56 a confirmation of verification to the blockchain network 1500, as well as to the user device. On receipt 58 by the user device, this record will be stored on storage media 2110. On receiving 60 the confirmation of verification by the blockchain network, the blockchain network will store 62 the confirmation of verification on the distributed ledgers.

[0105] Now shown in figures 9-11 another methodology for verifying information is described, showing the steps carried out between the parties in figure 8. It is envisaged that initially, the user device 2100 will receive 62 and store the personal data that is input from a user. The user device 2100 will then transmit 64 the personal data to an authorising body system 2400. On receiving 66 the personal data from the user device, the authorising body system 2400 will certify 68 the personal data if the personal data is genuine or authentic. In an embodiment. The authorising body system 2400 can be a computer system operated by a government agent storing the authentic personal data of the user. For example, the authorising body system 2400 is a computer system operated by the Department of Transport Victoria. The authorising body system 2400 communicates with the database(s) 2410 storing the drivers license data of the drivers in the State of Victoria Australia, for example, photos of the drivers registered in the State of Victoria, full names of the drivers, and addresses of the drivers. The authorising body system 2400 can extract, from the photo of the driver license, the photo, the name and the address of the driver shown in the photo of the driver license. The authorising body system 2400 checks if the photo, the name and the address of the driver match the driver license data stored in the databas(s) 2410. If the personal data provided from the user device 2100 matches the personal data stored in the database 2410, that means the personal data provided from the user device 2100 is genuine or authentic personal data. Then the authorising body system 2400 certifies the personal data. For example, the authorising body system 2400 signs 70 the personal data, preferably using a private key of a public-private key pair for the authorising body system 2400, to generate a data signature indicating that the personal data has been certified to be genuine or authentic personal data. Preferably the public key of the public-private key pair will be used as a public signature verification key. The step of signing the personal data to generate the data signature may include the generation of the private-public key pair that are used.

[0106] The authorising body system 2400 will then encrypt 72 the certified personal data and store the encrypted certified personal data together with the data signature. The authorising body system 2400 will then assign 73 a unique identifier to the certified personal data and store this in association with the certified personal data in the storage media 2410. This way, the personal data can be retrieved from the storage media 2410 by using the unique identifier. The authorising body system 2400 will then transmit 74 the unique identifier, the data signature and the public signature verification key to the user device 2100. The authorising body system 2400 will also transmit 75 the data signature and unique identifier to the blockchain network 1500. On receiving 76 the data signature and the unique identifier, the blockchain network 1500 will store 78 the data signature and the unique identifier in association with each other. This way, the data signature can be retrieved from the blockchain network 1500 by using the unique identifier.

[0107] On receiving 80 the unique identifier, the data signature and the public signature verification key from the authorising body system 2400, the user device 2100 will encrypt 82 the personal data using the user's key, and transmit 84 the encrypted personal data, the unique identifier, the data signature and the public signature verification key to the storage provider system 2500. On receiving 86 these, the storage provider system 2500 will store 88 these on the secure database 2510.

[0108]Now with reference to figure 10, and following on from reference letter B in figure 9, in order to transfer the personal data to a third-party device 2200 and have it verified, the user device 2100 will transmit 90 a request for the encrypted personal data and public signature verification key, preferably using the unique identifier. On receiving 92 this request, the storage provider system 2500 will retrieve 94 the encrypted personal data and public signature verification key using the unique identifier. The encrypted personal data and public signature verification key will then be transmitted 96 to the user device 2100.

[0109] On receiving 98 the encrypted personal data and the public signature verification key, the user device will decrypt 100 the encrypted personal data to obtain the personal data using the user's key and transmit 102 the unique identifier, the personal data and the public signature verification key to the third-party device 2200.

[0110] On receiving 104 the unique identifier, the personal data and the public signature verification key, the third-party device 2200 will transmit 106 a request to the blockchain network 1500 for the data signature associated with the unique identifier. The third-party device 2200 will store 108 the unique identifier, the personal data and the public signature verification key on the secure database 2210. On receiving 110 and the request for the data signature associated with the unique identifier, the blockchain network 1500 will retrieve 112 the data signature, and transmit 114 the data signature to the third-party device 2200. On receiving 116 the data signature, the third-party device will retrieve 118 the personal data from the storage media 2210.

[0111] Now with reference to figure 11, and following on from reference letter C in figure 10, the third-party device 2200 will then verify 124 the personal data that was received from the user device 2100 against the data signature received from the blockchain network using the public signature verification key to return a "true" or a "false".

[0112] It is anticipated that the public signature verification key in any of the examples may be a public key of a public-private key pair for the authorising body system 2400.

[0113 If the verification 124 returns a false, then the third-party device 2200 will transmit 126 a denial of verification to the blockchain network 1500. On receiving 130 the denial of verification, the blockchain network 1500 will store 132 the denial of verification on the distributed ledgers of the blockchain network 1500. The third-party device 2200 will simultaneously transmit 126 a denial of verification to the user device 2100, where it will be received 128.

[0114] If the verification 124 returns a true, the third-party device 2200 will transmit 134 a confirmation of verification to the user device 2100 where it will be received 136. The third-party device 2200 will simultaneously transmit 134 a confirmation of verification to the blockchain network 1500. On receiving 138 the confirmation of verification, the blockchain network 1500 will store 140 the confirmation of verification on the distributed ledgers of the blockchain network 1500.

[0115]A third methodology for verifying information is now shown in figures 13 - 15, describing the interactions of the various parties shown in figure 12. Now referring to figure 13, the user device 2100 will initially receive 142 the personal data input from a user. The personal data may be in the form of text and/or documents, or any other relevant media. The user device 2100 will then encrypt 146 the personal data using a user's encryption key and store 176 the personal data on the storage media 2110. The user device 2100 will then transmit 148 the personal data to a trusted provider system or authorising body system 2400. On receiving 150 the personal data, the authorising body system 2400 will certify 152 the personal data if the person data is genuine or authentic personal data, as described above with reference to Figs. 8 to 11. For example, the authorising body system 2400 signs 154 the personal data as describe above. The authorising body system 2400 assigns 156 a unique identifier to the certified personal data. The authorising body system 2400 will then encrypt the certified personal data and store 158 the encrypted personal data and the data signature on the database 2410 in association with the unique identifier. This way, the encrypted personal data and the data signature can be retrieved from the database 2410 by using the unique identifier.

[0116]The authorising body system 2400 will then transmit 160 an authorising body identification identifying the authorising body system 2400, together with the certified personal data, the data signature, the public signature verification key and unique identifier to the service provider system 2300. The authorising body identification may be an electronic identification credential issued by a trust provider. The authorising body system 2400 will also transmit 162 the assigned unique identifier and the authorising body identification to the user device 2100. On receiving 164 the authorising body's identification, the certified personal information, the data signature, the public signature verification key and the unique identifier, the service provider system 2300 will encrypt 166 the personal data using a service provider system's encryption key, and store the encrypted personal data, together with the associated unique identifier, the public signature verification key, the data signature and the authorising body identification on the storage media 2310, which may be a database. The service provider system 2300 will then transmit 168 the data signature, the authorising body identification, and the associated unique identifier to the blockchain network 1500. On receiving 170 this information, the blockchain network 1500 will store 172 this information on the blockchain network 1500.

[0117] Further, on receiving 174 the unique identifier and the authorising body identification from the authorising body system 2400, the user device 2100 will store 176 the unique identifier and the authorising body identification in association with the encrypted personal data. It is also envisaged that an additional field may be stored that provides an indication of what the personal data is about (for example field names such as "first name", "drivers licence number", "citizenship number", or any other similar fields) on storage media 2110.

[0118] Now with reference to figure 14, and following on from reference letter D in figure 13, if a third party wants to verify the personal data from a user, the third-party device 2200 may send a request for such personal data to the user device 2100. If the user wants to share the personal data with the third party, and have the personal data verified, the user device 2100 will retrieve 178 the stored unique identifier and the authorising body identification associated with the type of the personal data that the third party wants from the storage media 2110. The user device 2100 will then transmit 180 the unique identifier and the authorising body identification to the third-party device 2200.

[0119] On receiving 182 the unique identifier and the authorising body identification, the third-party device 2200 will store 184 the unique identifier and the authorising bodyidentification on the storage media 2210. The third-party device 2200 will then transmit 186 a first request for the certified personal data associated with the unique identifier and the authorising body identification to the service provider system 2300. On receiving 188 the first request, the service provider system 2300 will retrieve 190 and decrypt 191 the certified personal data associated with the unique identifier and the authorising body identification, together with the public signature verification key from the storage media 2310. The service provider system 2300 will then preferably transmit 192 the certified personal data and the public signature verification key to the third-party device 2200. It is envisaged that the public signature verification key need not necessarily be stored and retrieved and sent to the third-party device 2200 - this could be retrieved by the third-party device 2200 from the public databases of signature verification keys.

[0120] On receiving 194 the certified personal data and the public signature verification key, the third-party device 2200 will store 196 the certified personal data on the storage media 2210, together with the public signature verification key. The third-party device 2200 will then transmit 198 a second request for the data signature associated with the unique identifier and the authorising body identification to the blockchain network 1500.

[0121]On receiving 200 the second request for the signed personal data associated with the unique identifier and the authorising body identification, the blockchain network 1500 will retrieve 202 the data signature associated with the unique identifier and the authorising body identification. As mentioned previously, this process may be an interrogation of the distributed ledgers of the blockchain network 1500 by the third-party device 2200. The data signature associated with the unique identifier and the authorising body identification will then be transmitted 204 by the blockchain network 1500 to the third-party device 2200, where it will be received 206.

[0122] Now described with reference to figure 15, and following on from reference letter E on figure 14, the third-party device 2200 will retrieve 210 the certified personal data from the storage media 2210 where it was previously stored 196. As mentioned previously, the public signature verification key could be retrieved from publicly available online databases of signature verification keys for the particular authorising body system 2400. The public signature verification key will then be used to verify 214 the personal data against the data signature received from the blockchain network 1500 to return a "true" or a "false".

[0123] If the verification 214 is false, then the third-party device 2200 will transmit 216 a denial of verification to the user device 2100 where it will be received 218 and preferably stored, and to the blockchain network 1500. On receiving 220 the denial of verification, the blockchain network 1500 will store 222 the denial of verification on the blockchain network 1500.

[0124] If the verification 214 is true then the third-party device 2200 will transmit 224 a confirmation of verification to the user device 2100, where it will be received 226 and preferably stored. The third-party device 2200 will also transmit 224 confirmation of verification to the blockchain network 1500. On receiving 228 the confirmation of verification, the blockchain network 1500 will store 230 the confirmation of verification on the blockchain.

[0125 In using the methodology described with reference to figures 13 - 15, it is envisaged that the user device 2100 need not carry sensitive personal information on the device, and such sensitive personal information can be easily shared and verified in a convenient manner by sharing the unique identifier.

[0126]A fourth methodology for verifying information is now shown in figure 17, describing the interactions of the various parties shown in figure 16. In this embodiment, the service provider system 2300 does not attend to the storage of information on the blockchain. Instead, the authorising body system or trust provider system 2400 ensures that the information is stored on the blockchain network 1500, in order to ensure that the information that is stored on the blockchain network 1500 is correct and can be trusted.

[0127] Now referring to figure 17, the user device 2100 will initially receive 232 the personal data input from a user. The personal data may be in the form of text and/or documents, or any other relevant media. The user device 2100 will then encrypt 234 and store the personal data using a user's encryption key on the storage media 2110. The user device 2100 will then transmit 236 the personal data to a trusted provider system or authorising body system 2400. On receiving 238 the personal data, the authorising body system 2400 will certify 240 the personal data if the person data is genuine or authentic personal data, as described above with reference to Figs. 8 to 11. For example, the authorising body system 2400 signs 242 the personal data, and assigns 244 a unique identifier to the certified personal data. The authorising body system 2400 will then encrypt the certified personal data and store 246 the encrypted personal data on the database 2410 in association with the unique identifier. This way, the encrypted personal data can be retrieved from the database 2410 by using the unique identifier.

[0128]The authorising body system 2400 will then transmit 248 an authorising body identification identifying the authorising body system 2400, together with the certified personal data, the data signature, the public signature verification key and the unique identifier to the service provider system 2300.

[0129]The authorising body system 2400 will also transmit 250 the authorising body identification, the data signature and the unique identifier to the blockchain network 1500. The authorising body system 2400 will also transmit 252 the assigned unique identifier and the authorising body identification to the user device 2100.

[0130] On receiving 254 the authorising body identification, the certified personal data, the public signature verification key, the data signature and the unique identifier, the service provider system 2300 will encrypt 256 the personal data using a service provider system's encryption key, and store the encrypted personal data together with the other information received from the authorising body system 2400 on the storage media 2310, which may be a database.

[0131] Further, on receiving 262 the unique identifier and the authorising body identification from the authorising body system 2400, the user device 2100 will store 264 the unique identifier and the authorising body identification in association with the encrypted personal data. It is also envisaged that an additional field may be stored that provides an indication of what the personal data is about (for example field names such as "first name", "drivers license number", "citizenship number", or any other similar fields) on storage media 2110.

[0132]A similar process may then be followed as shown in figures 15 and 16, following on from reference letter D in figure 17.

Interpretation

[0133] Unless otherwise defined, all terms (including technical and scientific terms) used herein have the same meaning as commonly understood by one of ordinary skill in the art to which this invention belongs. It will be further understood that terms used herein should be interpreted as having a meaning that is consistent with their meaning in the context of this specification and the relevant art and will not be interpreted in an idealised or overly formal sense unless expressly so defined herein. For the purposes of the present invention, additional terms are defined below. Furthermore, all definitions, as defined and used herein, should be understood to control over dictionary definitions, definitions in documents incorporated by reference, and/or ordinary meanings of the defined terms unless there is doubt as to the meaning of a particular term, in which case the common dictionary definition and/or common usage of the term will prevail.

[0134] The terminology used herein is for the purpose of describing particular embodiments only and is not intended to be limiting of the invention. As used herein, the singular articles "a", "an" and "the" are intended to include the plural forms as well, unless the context clearly indicates otherwise and thus are used herein to refer to one or to more than one (i.e. to "at least one") of the grammatical object of the article. By way of example, the phrase "an element" refers to one element or more than one element.

[0135] Throughout this specification, unless the context requires otherwise, the words "comprise", "comprises" and "comprising" will be understood to imply the inclusion of a stated step or element or group of steps or elements but not the exclusion of any other step or element or group of steps or elements.

[0136] The term "real-time" for example "displaying real-time data," refers to the display of the data without intentional delay, given the processing limitations of the system and the time required to accurately measure the data.

[0137] As used herein, the term "exemplary" is used in the sense of providing examples, as opposed to indicating quality. That is, an "exemplary embodiment" is an embodiment provided as an example, as opposed to necessarily being an embodiment of exemplary quality for example serving as a desirable model or representing the best of its kind.

[0138] The phrase "and/or," as used herein in the specification and in the claims, should be understood to mean "either or both" of the elements so conjoined, i.e., elements that are conjunctively present in some cases and disjunctively present in other cases. Multiple elements listed with "and/or" should be construed in the same fashion, i.e., "one or more" of the elements so conjoined. Other elements may optionally be present other than the elements specifically identified by the "and/or" clause, whether related or unrelated to those elements specifically identified. Thus, as a non-limiting example, a reference to "A and/or B", when used in conjunction with open-ended language such as "comprising" can refer, in one embodiment, to A only (optionally including elements other than B); in another embodiment, to B only (optionally including elements other than A); in yet another embodiment, to both A and B (optionally including other elements); etc.

[0139]As used herein in the specification and in the claims, the phrase "at least one," in reference to a list of one or more elements, should be understood to mean at least one element selected from any one or more of the elements in the list of elements, but not necessarily including at least one of each and every element specifically listed within the list of elements and not excluding any combinations of elements in the list of elements. This definition also allows that elements may optionally be present other than the elements specifically identified within the list of elements to which the phrase "at least one" refers, whether related or unrelated to those elements specifically identified. Thus, as a non-limiting example, "at least one of A and B" (or, equivalently, "at least one of A or B," or, equivalently "at least one of A and/or B") can refer, in one embodiment, to at least one, optionally including more than one, A, with no B present (and optionally including elements other than B); in another embodiment, to at least one, optionally including more than one, B, with no A present (and optionally including elements other than A); in yet another embodiment, to at least one, optionally including more than one, A, and at least one, optionally including more than one, B (and optionally including other elements); etc.

Bus

[0140] In the context of this document, the term "bus" and its derivatives, while being described in a preferred embodiment as being a communication bus subsystem for interconnecting various devices including by way of parallel connectivity such as Industry Standard Architecture (ISA), conventional Peripheral Component Interconnect (PCI) and the like or serial connectivity such as PCI Express (PCle), Serial Advanced Technology Attachment (Serial ATA) and the like, should be construed broadly herein as any system for communicating data.

In accordance with:

[0141] As described herein, 'in accordance with' may also mean 'as a function of' and is not necessarily limited to the integers specified in relation thereto.

Composite items

[0142] As described herein, 'a computer implemented method' should not necessarily be inferred as being performed by a single computing device such that the steps of the method may be performed by more than one cooperating computing devices.

[0143] Similarly objects as used herein such as 'web server', 'server', 'client computing device', 'computer readable medium' and the like should not necessarily be construed as being a single object, and may be implemented as a two or more objects in cooperation, such as, for example, a web server being construed as two or more web servers in a server farm cooperating to achieve a desired goal or a computer readable medium being distributed in a composite manner, such as program code being provided on a compact disk activatable by a license key downloadable from a computer network.

Database:

[0144] In the context of this document, the term "database" and its derivatives may be used to describe a single database, a set of databases, a system of databases or the like. The system of databases may comprise a set of databases wherein the set of databases may be stored on a single implementation or span across multiple implementations. The term "database" is also not limited to refer to a certain database format rather may refer to any database format. For example, database formats may include MySQL, JSON database or the like.

Wireless:

[0145] The invention may be embodied using devices conforming to other network standards and for other applications, including, for example other WLAN standards and other wireless standards. Applications that can be accommodated include IEEE 802.11 wireless LANs and links, and wireless Ethernet.

[0146] In the context of this document, the term "wireless" and its derivatives may be used to describe circuits, devices, systems, methods, techniques, communications channels, etc., that may communicate data through the use of modulated electromagnetic radiation through a non-solid medium. The term does not imply that the associated devices do not contain any wires, although in some embodiments they might not. In the context of this document, the term "wired" and its derivatives may be used to describe circuits, devices, systems, methods, techniques, communications channels, etc., that may communicate data through the use of modulated electromagnetic radiation through a solid medium. The term does not imply that the associated devices are coupled by electrically conductive wires.

Processes:

[0147] Unless specifically stated otherwise, as apparent from the following discussions, it is appreciated that throughout the specification discussions utilising terms such as "processing", "computing", "calculating", "determining", "analysing" or the like, refer to the action and/or processes of a computer or computing system, or similar electronic computing device, that manipulate and/or transform data represented as physical, such as electronic, quantities into other data similarly represented as physical quantities.

Processor:

[0148] In a similar manner, the term "processor" may refer to any device or portion of a device that processes electronic data, e.g., from registers and/or memory to transform that electronic data into other electronic data that, e.g., may be stored in registers and/or memory. A "computer" or a "computing device" or a "computing machine" or a "computing platform" may include one or more processors.

[0149] The methodologies described herein are, in one embodiment, performable by one or more processors that accept computer-readable (also called machine-readable) code containing a set of instructions that when executed by one or more of the processors carry out at least one of the methods described herein. Any processor capable of executing a set of instructions (sequential or otherwise) that specify actions to be taken are included. Thus, one example is a typical processing system that includes one or more processors. The processing system further may include a memory subsystem including main RAM and/or a static RAM, and/or ROM.

Computer-Readable Medium:

[0150] Furthermore, a computer-readable carrier medium may form, or be included in a computer program product. A computer program product can be stored on a computer usable carrier medium, the computer program product comprising a computer readable program means for causing a processor to perform a method as described herein.

Networked or Multiple Processors:

[0151] In alternative embodiments, the one or more processors operate as a standalone device or may be connected, e.g., networked to other processor(s), in a networked deployment, the one or more processors may operate in the capacity of a server or a client machine in server-client network environment, or as a peer machine in a peer-to peer or distributed network environment. The one or more processors may form a web appliance, a network router, switch or bridge, or any machine capable of executing a set of instructions (sequential or otherwise) that specify actions to be taken by that machine.

[0152] Note that while some diagram(s) only show(s) a single processor and a single memory that carries the computer-readable code, those in the art will understand that many of the components described above are included, but not explicitly shown or described in order not to obscure the inventive aspect. For example, while only a single machine is illustrated, the term "machine" shall also be taken to include any collection of machines that individually or jointly execute a set (or multiple sets) of instructions to perform any one or more of the methodologies discussed herein.

Additional Embodiments:

[0153]Thus, one embodiment of each of the methods described herein is in the form of a computer-readable carrier medium carrying a set of instructions, e.g., a computer program that are for execution on one or more processors. Thus, as will be appreciated by those skilled in the art, embodiments of the present invention may be embodied as a method, an apparatus such as a special purpose apparatus, an apparatus such as a data processing system, or a computer-readable carrier medium. The computer readable carrier medium carries computer readable code including a set of instructions that when executed on one or more processors cause a processor or processors to implement a method. Accordingly, aspects of the present invention may take the form of a method, an entirely hardware embodiment, an entirely software embodiment or an embodiment combining software and hardware aspects. Furthermore, the present invention may take the form of carrier medium (e.g., a computer program product on a computer-readable storage medium) carrying computer-readable program code embodied in the medium.

Carrier Medium:

[0154]The software may further be transmitted or received over a network via a network interface device. While the carrier medium is shown in an example embodiment to be a single medium, the term "carrier medium" should be taken to include a single medium or multiple media (e.g., a centralised or distributed database, and/or associated caches and servers) that store the one or more sets of instructions. The term "carrier medium" shall also be taken to include any medium that is capable of storing, encoding or carrying a set of instructions for execution by one or more of the processors and that cause the one or more processors to perform any one or more of the methodologies of the present invention. A carrier medium may take many forms, including but not limited to, non-volatile media, volatile media, and transmission media.

Implementation:

[0155] It will be understood that the steps of methods discussed are performed in one embodiment by an appropriate processor (or processors) of a processing (i.e., computer) system executing instructions (computer-readable code) stored in storage. It will also be understood that the invention is not limited to any particular implementation or programming technique and that the invention may be implemented using any appropriate techniques for implementing the functionality described herein. The invention is not limited to any particular programming language or operating system.

Means For Carrying out a Method or Function

[0156] Furthermore, some of the embodiments are described herein as a method or combination of elements of a method that can be implemented by a processor of a processor device, computer system, or by other means of carrying out the function. Thus, a processor with the necessary instructions for carrying out such a method or element of a method forms a means for carrying out the method or element of a method. Furthermore, an element described herein of an apparatus embodiment is an example of a means for carrying out the function performed by the element for the purpose of carrying out the invention.

Connected

[0157]Similarly, it is to be noticed that the term connected, when used in the claims, should not be interpreted as being limitative to direct connections only. Thus, the scope of the expression a device A connected to a device B should not be limited to devices or systems wherein an output of device A is directly connected to an input of device B. It means that there exists a path between an output of A and an input of B which may be a path including other devices or means. "Connected" may mean that two or more elements are either in direct physical or electrical contact, or that two or more elements are not in direct contact with each other but yet still co-operate or interact with each other.

Embodiments:

[0158] Reference throughout this specification to "one embodiment" or "an embodiment" means that a particular feature, structure or characteristic described in connection with the embodiment is included in at least one embodiment of the present invention. Thus, appearances of the phrases "in one embodiment" or "in an embodiment" in various places throughout this specification are not necessarily all referring to the same embodiment, but may. Furthermore, the particular features, structures or characteristics may be combined in any suitable manner, as would be apparent to one of ordinary skill in the art from this disclosure, in one or more embodiments.

[0159]Similarly it should be appreciated that in the above description of example embodiments of the invention, various features of the invention are sometimes grouped together in a single embodiment, figure, or description thereof for the purpose of streamlining the disclosure and aiding in the understanding of one or more of the various inventive aspects. This method of disclosure, however, is not to be interpreted as reflecting an intention that the claimed invention requires more features than are expressly recited in each claim. Rather, as the following claims reflect, inventive aspects lie in less than all features of a single foregoing disclosed embodiment. Thus, the claims following the Detailed Description of Specific Embodiments are hereby expressly incorporated into this Detailed Description of Specific Embodiments, with each claim standing on its own as a separate embodiment of this invention.

[0160] Furthermore, while some embodiments described herein include some but not other features included in other embodiments, combinations of features of different embodiments are meant to be within the scope of the invention, and form different embodiments, as would be understood by those in the art. For example, in the following claims, any of the claimed embodiments can be used in any combination.

Specific Details

[0161 In the description provided herein, numerous specific details are set forth. However, it is understood that embodiments of the invention may be practiced without these specific details. In other instances, well-known methods, structures and techniques have not been shown in detail in order not to obscure an understanding of this description.

[0162] It will be appreciated that the methods/apparatus/devices/systems described/illustrated above at least substantially provide a system and methods for the verification of information. The invention described herein, and/or shown in the drawings, are presented by way of example only and are not limiting as to the scope of the invention. Unless otherwise specifically stated, individual aspects and components of the invention may be modified, or may have been substituted therefore known equivalents, or as yet unknown substitutes such as may be developed in the future or such as may be found to be acceptable substitutes in the future. The invention may also be modified for a variety of applications while remaining within the scope and spirit of the claimed invention, since the range of potential applications is great, and since it is intended that the present invention be adaptable to many such variations.

Different Instances of Objects

[0163]As used herein, unless otherwise specified the use of the ordinal adjectives "first", "second", "third", etc., to describe a common object, merely indicate that different instances of like objects are being referred to, and are not intended to imply that the objects so described must be in a given sequence, either temporally, spatially, in ranking, or in any other manner.

Comprising and Including

[0164 In the claims which follow and in the preceding description of the invention, except where the context requires otherwise due to express language or necessary implication, the word "comprise" or variations such as "comprises" or "comprising" are used in an inclusive sense, i.e. to specify the presence of the stated features but not to preclude the presence or addition of further features in various embodiments of the invention.

[0165] Any one of the terms: including or which includes or that includes as used herein is also an open term that also means including at least the elements/features that follow the term, but not excluding others. Thus, including is synonymous with and means comprising.

Scope ofInvention

[0166]Thus, while there has been described what are believed to be the preferred embodiments of the invention, those skilled in the art will recognize that other and further modifications may be made thereto without departing from the spirit of the invention, and it is intended to claim all such changes and modifications as fall within the scope of the invention. For example, any formulas given above are merely representative of procedures that may be used. Functionality may be added or deleted from the block diagrams and operations may be interchanged among functional blocks. Steps may be added or deleted to methods described within the scope of the present invention.

[0167] Although the invention has been described with reference to specific examples, it will be appreciated by those skilled in the art that the invention may be embodied in many other forms.

Chronological order

[0168]For the purpose of this specification, where method steps are described in sequence, the sequence does not necessarily mean that the steps are to be carried out in chronological order in that sequence, unless there is no other logical manner of interpreting the sequence.

Blockchain

[0169] A blockchain is a collection of information that is stored electronically in blocks on one or more computer systems, the blocks storing sets of information and being chained onto a previously filled block cryptographically, forming a chain of immutable data known as the blockchain. New information that follows a freshly added block is compiled into a newly formed block that will also be added to the chain and preferably time stamped once the block is filled. Blockchains are typically implemented as a decentralised, distributed network, in which a plurality of nodes of the network are synchronised to store the same blockchain information.

IndustrialApplicability

[0170] It is apparent from the above, that the arrangements described are applicable to the information technology security industries.

Claims (22)

Claims

1. An information verification system for verifying authenticity of personal data, the information verification system comprising: a user device; an authorising body system; and a verifiable data registry, wherein the user device receives the personal data, transmits the personal data to the authorising body system to certify the person data, and the authorising body system generates a data signature of the personal data with a public signature verification key, indicating that the personal data has been certified to be authentic, and registers the data signature on the verifiable data registry for verification.

2. The information verification system as claimed in claim 1, wherein the verifiable data registry is a blockchain network.

3. The information verification system as claimed in claim 2, wherein the authorising body system allocates a unique identifier to the personal data.

4. The information verification system as claimed in claim 3, wherein the authorising body system stores the unique identifier with the personal data in a storage media.

5. The information verification system as claimed in claim 4, wherein the authorising body system further registers the data signature on the blockchain network with the unique identifier.

6. The information verification system as claimed in claim 5, wherein the authorising body system further transmits the unique identifier and the public signature verification key to the user device.

7. The information verification system as claimed in claim 6, further comprising a third-party device, wherein the third-party device receives the personal data, the unique identifier and the public signature verification key from the user device; transmits a request to the blockchain network for the data signature associated with the unique identifier; receives the data signature from the blockchain network; and verifies the personal data received from the user device with the data signature retrieved from the blockchain network using the public signature verification key.

8. The information verification system as claimed in claim 6, further comprising a service provider system, wherein the authorising body system further transmits an authorising body identification identifying the authorising body system, the personal data, the data signature, the public signature verification key and the unique identifier to the service provider system, and the service provider system transmits the data signature, the authorising body identification, and the unique identifier to the blockchain network.

9. The information verification system as claimed in claim 8, further comprising a third-party device, wherein the third-party device receives the unique identifier and the authorising body identification from the user device; transmits a request to the service provider system for the personal data associated with the unique identifier and the authorising body identification; receives the personal data and the public signature verification key from the service provider system; transmits a second request to the blockchain network for the data signature associated with the unique identifier and the authorising body identification; receives from the blockchain network the data signature associated with the unique identifier and the authorising body identification; and verifies the personal data received from the service provider system with the data signature retrieved from the blockchain network using the public signature verification key.

10. The information verification system as claimed in claim 8 or 9, wherein the third party device further transmits a confirmation of verification to the user device in the event that the verification returns true.

11. The information verification system as claimed in claim 8 or 9, wherein the third party device further transmits a denial of verification to the user device in the event that the verification returns false.

12. A method for verifying authenticity of personal data, the method comprising: receiving the personal data on a user device; and transmitting the personal data from the user device to an authorising body system for the authorising body system to certify the person data, wherein the authorising body system is configured to generate a data signature of the personal data with a public signature verification key, indicating that the personal data has been certified to be authentic; and register the data signature on a verifiable data registry.

13. The method as claimed in claim 12, wherein the verifiable data registry is a blockchain network.

14. The method as claimed in claim 13, wherein the authorising body system is further configured to allocate a unique identifier to the personal data.

15. The method as claimed in claim 14, wherein the authorising body system is further configured to store the unique identifier with the personal data in a storage media.

16. The method as claimed in claim 15, wherein the authorising body system is further configured to register the data signature on the blockchain network with the unique identifier.

17. The method as claimed in claim 16, wherein the authorising body system is further configured to transmit the unique identifier and the public signature verification key to the user device.

18. The method as claimed in claim 17, further comprising: transmitting the personal data, the unique identifier and the public signature verification key from the user device to a third-party device, wherein the third-party device is configured to receive the personal data, the unique identifier and the public signature verification key from the user device; transmit a request to the blockchain network for the data signature associated with the unique identifier; receive the data signature from the blockchain network; and verify the personal data received from the user device with the data signature retrieved from the blockchain network using the public signature verification key.

19. The method as claimed in claim 17, wherein the authorising body system is further configured to transmit an authorising body identification identifying the authorising body system, the personal data, the data signature, the public signature verification key and the unique identifier to a service provider system, and the service provider system is configured to transmits the data signature, the authorising body identification, and the unique identifier to the blockchain network.

20. The method as claimed in claim 19, wherein the third-party device is configured to: receive the unique identifier and the authorising body identification from the user device; transmit a request to the service provider system for the personal data associated with the unique identifier and the authorising body identification; receive the personal data and the public signature verification key from the service provider system; transmit a second request to the blockchain network for the data signature associated with the unique identifier and the authorising body identification; receive from the blockchain network the data signature associated with the unique identifier and the authorising body identification; and verify the personal data received from the service provider system with the data signature retrieved from the blockchain network using the public signature verification key.

21. The method as claimed in claim 19 or 20, wherein the third-party device is further configured to transmit a confirmation of verification to the user device in the event that the verification returns true.

22. The method as claimed in claim 19 or 20, wherein the third-party device is further configured to transmit a denial of verification to the user device in the event that the verification returns false.