CA2888087A1 - Methods and systems relating to real world document verification - Google Patents

Abstract

Many real world fraudulent transactions require that data relating to the compromised card must be transferred to another physical card so that it can be used, for example, within an automatic teller machine (ATM), point-of-sale (POS) terminal, etc. In some instances, the card may be replicated several times and used in various geographically locations whilst in other scenarios the compromised card may not be employed for immediate financial theft but identity theft or to provide the user with access to a service, facility, enterprise, good that they otherwise would not be allowed. Accordingly, it would be beneficial to provide a means for authenticating a card independent of the information relating to the card to which it purports to be such that, for example, tampering can be established, the original owner of a tampered card established, and the source of stolen base cards established.

Description

METHODS AND SYSTEMS RELATING TO REAL WORLD DOCUMENT
VERIFICATION
CROSS-REFEENCE TO RELATED APPLICATIONS
[001] This patent application claims the benefit of United States Provisional Patent Application 61/980,785 filed April 17, 2014 entitled "Methods and Systems Relating to Real World Document Verification", the entire contents of which are incorporated herein by reference.
FIELD OF THE INVENTION

[002] This invention relates to real world documents and more particularly to methods and systems for authenticating and verifying real world documents based upon unique characteristics of each real world document established in their manufacturing.
BACKGROUND OF THE INVENTION

[003] Each individual, object, or docLment has a variety of physical and / or virtual data and /
or elements associated with it which are supposed to uniquely identify and /
or describe the individual, object, or document and contains information about the individual, object, or document. However, in many instances the fundamental question of whether the physical and /
or virtual data being presented is valid is a critical problem in either knowing the true identity with whom one is interacting either within the real world or within the virtual world. In order to address the issue virtual world identities the inventors have established concepts and methodologies relating to the provisioning of strong authentication wherein a digital credential is generated and associated with an individual uniquely based upon the verification of the user's identity, see U.S. Patent Application 61/972,495 "Methods and Systems Relating to Real World and Virtual World Identities" filed March 31, 2014. Unlike the concepts of reliance authentication which make use of pre-existing accounts to piggy back further services upon those accounts, there is no assumption that an original source of the pre-existing accounts is reliable and accordingly an individual is physically verified by a government or government authorized photographic identity document issuer such that characteristics of the photographic identity document are bound to the individual and may then be subsequently employed to bind security credentials to the user within the virtual world.

[004] Within the methods and systems described by the inventors within U.S.
Patent Application 61/972,495 "Methods and Systems Relating to Real World and Virtual World Identities" subsequent instances of the presentation of the government issued photographic identity document may result in the government issued photographic identity document being verified through card readers and remote verification and authentication systems. As such this presents an advance on the prior art wherein the presentation of the government issued photographic identity document is usually taken as sufficient evidence.
Accordingly, the methods and systems described by the inventors within U.S. Patent Application 61/972,495 "Methods and Systems Relating to Real World and Virtual World Identities"
compare the information on the government issued photographic identity document at the location it is offered against the information stored when the government issued photographic identity document was issued. However, it would be evident that today each individual typically also employs one or more documents such as debit cards, credit cards, security identities etc. in addition to the government issued photographic identity document such as driver's license, passport etc. In fact, today such documents are generally employed with a higher frequency than government issued photographic identity documents.

[005] With these other documents therefore opportunities for theft and fraud still exist.
Consider, for example, credit card fraud which is a wide-ranging term for theft and fraud committed using a credit card or any similar payment mechanism as a fraudulent source of funds in a transaction. Typically card fraud begins either with the theft of the physical card or with the compromise of data associated with the account, including the card account number or other information such as at would that which must be routinely and necessarily available to a merchant during a legitimate transactio,t. Such compromises can occur by many common routes and can usually be conducted without tipping off the card holder, the merchant or the issuer, at least until the account is ultimately used for fraud or until the fraud is detected. Generally, a lost or stolen card is typically reported quickly by a cardholder but fraudulent activity arising from a compromised account or replicated card may occur after a period of time, making it difficult to identify the source of the compromise. Further, the cardholder may not discover fraudulent use until receiving a billing statement, which may be delivered infrequently, or may not even register the fraudulent use initially.

[006] In order to perform many real world fraudulent transactions the data relating to the compromised card must be transferred to another physical card so that it can be used, for example, within an automatic teller machine (ATM), point-of-sale (POS) terminal, etc. In some instances, the card may be replicated several times and used in various geographically locations in order to limit the tracing of the originators of the counterfeit cards. In other instances, the compromised card may not be employed for immediate financial theft but identity theft or to provide the user with access to a service, facility, enterprise, good that they otherwise would not be allowed. For example, a replicated driver's license would allow the user to purchase alcohol or tobacco underage, a replicated membership access to a club, or a replicated security card access to restricted areas. Accordingly, it would be beneficial to provide a means for authenticating a card independent of the information relating to the card to which it purports to be such that, for example, tampering can be established, the original owner of a tampered card established, and the source of stolen base cards established.

[007] Other aspects and features of the present invention will become apparent to those ordinarily skilled in the art upon review of the following description of specific embodiments of the invention in conjunction with the accompanying figures.
SUMMARY OF THE INVENTION

[008] It is an object of the present invention to mitigate limitations in the prior art relating to real world documents and more particularly to methods and systems for authenticating and verifying real world documents based upon unique characteristics of each real world document established in their manufacturing.

[009] In accordance with an embodiment of the invention there is provided a method of providing a plurality of different base cards comprising:

selecting a first predetermined number of first features and forming said first predetermined number of first features as at least one of within and upon the surface of a base card of the plurality of base cards;
selecting a second predetermined number of second features and forming said second predetermined number of second features upon the surface of a base card of the plurality of base cards using a material having ultraviolet properties;
selecting a third predetermined number of third features and forming said third predetermined number of third features upon the surface of a base card of the plurality of base cards using a material having infrared 'properties; and selecting a fourth predetermined number of fourth features and forming said fourth predetermined number of fourth features upon the surface of a base card of the plurality of base cards using a material having visible properties.

[0010] In accordance with an embodiment of the invention there is provided a device comprising:
a base card formed from at least a predetermined material;
a first predetermined number of first features and forming said first predetermined number of first features as at least one of within and upon the surface of the base card;
a second predetermined number of second features and forming said second predetermined number of second features upon the surface of the base card using a material having ultraviolet properties such that each second feature is visible under ultraviolet illumination;
a third predetermined number of third features and forming said third predetermined number of third features upon the surface of the base card using a material having infrared properties such that each second feature is visible under infrared illumination; and a fourth predetermined number of fourth features and forming said fourth predetermined number of fourth features upon the surface of the base card using a material having visible properties.

[0011] In accordance with an embodiment of the invention there is provided a method of validating a card credential comprising;

scanning the card credential to extract first extracted data relating to a plurality of features identified upon the card credential and second extracted data relating to the locations of the plurality of features identified;
comparing the extracted plurality of features with a database of card credential records, each card credential record comprising first data relating to the features added to the card credential during its manufacturing and second data relating to the locations of the features upon the card credential; and determining a result based upon at least the first extracted data, the second extracted data, the first data and the second data.

[0012] Other aspects and features of the present invention will become apparent to those ordinarily skilled in the art upon review of the following description of specific embodiments of the invention in conjunction with the accompanying figures.
BRIEF DESCRIPTION OF THE DRAWINGS

[0013] Embodiments of the present invention will now be described, by way of example only, with reference to the attached Figures, wherein:

[0014] Figure 1 depicts credit cards and security features according to the prior art;

[0015] Figures 2 and 3 depict a first portion of a real world and virtual world identity ecosystem according to an embodiment of the invention;

[0016] Figure 4 depicts an identity document matching architecture at a store front relying party according to an embodiment of the invention;

[0017] Figure 5 depicts an architecture for a card stock provider and card manufacturing process according to an embodiment of the invention to provide unique base cards through mechanical and non-visible features;

[0018] Figures 6A and 6B depict the sequential application of mechanical and non-visible features to generate unique base card stock prior to the application of conventional prior art identity and security features;

[0019] Figure 7 depicts an exemplary process flow for establishing mechanical, non-visible, and visible features of a card according to an embodiment of the invention;

[0020] Figure 8 depicts an exemplary process flow for establishing mechanical and non-visible features of a card according to an embodiment of the invention;

[0021] Figures 9 to 11 depict an exemplary process flow for establishing visible features and information from a card according to an embodiment of the invention;

[0022] Figure 12 depicts a network environment within which embodiments of the invention may be employed;

[0023] Figure 13 depicts a wireless portable electronic device supporting communications to a network such as depicted in Figure 12 and as supporting embodiments of the invention.
DETAILED DESCRIPTION

[0024] The present invention is directed to real world and virtual world identities and more particularly to authenticating users within the virtual world based upon credentials issued in response to validated and authenticated real world identities.

[0025] The ensuing description provides exemplary embodiment(s) only, and is not intended to limit the scope, applicability or configuration of the disclosure. Rather, the ensuing description of the exemplary embodiment(s) will provide those skilled in the art with an enabling description for implementing an exemplary embodiment. It being understood that various changes may be made in the function and arrangement of elements without departing from the spirit and scope as set forth in the appended claims.

[0026] A "portable electronic device" (PED) as used herein and throughout this disclosure, refers to a wireless device used for communications and other applications that requires a battery or other independent form of energy for power. This includes devices, but is not limited to, such as a cellular telephone, smartphone, personal digital assistant (PDA), portable computer, pager, portable multimedia player, portable gaming console, laptop computer, tablet computer, and an electronic reader.

[0027] A "fixed electronic device" (FED) as used herein and throughout this disclosure, refers to a wireless and /or wired device used for communications and other applications that requires connection to a fixed interface to obtain power. This includes, but is not limited to, a laptop computer, a personal computer, a computer server, a kiosk, a gaming console, a digital set-top box, an analog set-top box, an Internet enabled appliance, an Internet enabled television, and a multimedia player.

[0028] An "application" (commonly referred to as an "app") as used herein may refer to, but is not limited to, a "software application", an element of a "software suite", a computer program designed to allow an individual to perform an activity, a computer program designed to allow an electronic device to perform an activity, and a computer program designed to communicate with local and or remote electronic devices. An application thus differs from an operating system (which runs a computer), a utility (which performs maintenance or general-purpose chores), and a programming tools (with which computer programs are created). Generally, within the following description with respect to embodiments of the invention an application is generally presented in respect of software permanently and / or temporarily installed upon a PED and / or FED.

[0029] A "social network" or "social networking service" as used herein may refer to, but is not limited to, a platform to build social networks or social relations among people who may, for example, share interests, activities, backgrounds, or real-life connections.
This includes, but is not limited to, social networks such as 'U.S. based services such as Facebook, Google+, Tumblr and Twitter; as well as Nexopia, Badoo, Bebo, VKontakte, Delphi, Hi5, Hyves, iWiW, Nasza-Klasa, Soup, Glocals, Skyrock, The Sphere, StudiVZ, Tagged, Tuenti, XING, Orkut, Mxit, Cyworld, Mixi, renren, weibo and Wretch.

[0030] "Social media" or "social media services" as used herein may refer to, but is not limited to, a means of interaction among people in which they create, share, and/or exchange information and ideas in virtual communities and networks. This includes, but is not limited to, social media services relating to magazines, Internet forums, weblogs, social blogs, microblogging, wikis, social networks, podcasts, photographs or pictures, video, rating and social bookmarking as well as those exploiting blogging, picture-sharing, video logs, wall-posting, music-sharing, crowdsourcing and voice over IP, to name a few. Social media services may be classified, for example, as collaborative projects (for example, Wikipedia); blogs and microblogs (for example, TwitterTm); content communities (for example, YouTube and DailyMotion); social networking sites (for example, FacebookTm); virtual game-worlds (e.g., World of WarcraftTm); and virtual social worlds (e.g. Second LifeTm).

[0031] An "enterprise" as used herein may refer to, but is not limited to, a provider of a service and / or a product to a user, customer, client, or consumer. This includes, but is not limited to, a retail outlet, a store, a market, an online marketplace, a manufacturer, an online retailer, a charity, a utility, and a service provider. Such enterprises may be directly owned and controlled by a company or may be owned and operated by a franchisee under the direction and management of a franchiser.

[0032] A "service provider" as used herein may refer to, but is not limited to, a third party provider of a service and / or a product to an enterprise and / or individual and / or group of individuals and / or a device comprising a microprocessor. This includes, but is not limited to, a retail outlet, a store, a market, an online marketplace, a manufacturer, an online retailer, a utility, an own brand provider, and a service provider wherein the service and / or product is at least one of marketed, sold, offered, and distribtged by the enterprise solely or in addition to the service provider.

[0033] A 'third party' or "third party provider" as used herein may refer to, but is not limited to, a so-called "arm's length" provider of a service and / or a product to an enterprise and / or individual and / or group of individuals and / or a device comprising a microprocessor wherein the consumer and / or customer engages the third party but the actual service and / or product that they are interested in and / or purchase and / or receive is provided through an enterprise and / or service provider.

[0034] A "user" or "credential holder" as used herein refers to an individual who, either locally or remotely, by their engagement with a service provider, third party provider, enterprise, social network, social media etc. via a dashboard, web service, website, software plug-in, software application, or graphical user interface provides an electronic credential as part of their authentication with the service provider, third party provider, enterprise, social network, social media etc. This includes, but is not limited to, private individuals, employees of organizations and / or enterprises, members of community organizations, members of charity organizations, men, women, children, and teenagers. "User information" as used herein may refer to, but is not limited to, user identification information, user profile information, and user knowledge.

[0035] A "security credential" (also referred to as a credential) as used herein may refer to, but is not limited to, a piece of evidence that a communicating party possesses that can be used to create or obtain a security token. This includes, but is not limited to, a machine-readable cryptographic key, a machine-readable password, a cryptographic credential issued by a trusted third party, or another item of electronic content having an unambiguous association with a specific, real individual. Such security credentials may include those that are permanent, designed to expire after a certain period, designed to expire after a predetermined condition is met, or designed to expire after a single use.

[0036] A "government issued photographic identity document" as used herein may refer to, but is not limited to, any document, card, or electronic content item issued by a government body for the purposes of identifying the owner of the government issued photographic identity document.
Such government bodies may, for example, be provincial, federal, state, national, and regional governments alone or in combination. Such government issued photographic identity documents, also referred to within this specification as Card credentials, government issued photographic cards, and government issued identity documents may include, but are not limited to, a driver's license, a passport, a health card, national identity card, and an immigration card although they have the common feature of a photographic image, multimedia image, or audiovisual image of the user to whom the government issued photographic identity document was issued. Such government issued photographic identity documents may include, but not be limited to, those comprising single sided plastic card, double sided plastic cards, single sided sheets, double side sheets, predetermined sheets within a book or booklet, and digital representations thereof in isolation or in combination with additional electronic / digital data that has been encoded /
encrypted. For example, a digital memory with fingerprint scanner in the form of what is known as a "memory stick" may be securely issued by a government body as the fingerprint data for the user is securely encoded and uploaded together with image and digital content data.
Subsequently, the digital memory when connected to a terminal and activated by the user's fingerprint may transfer the required digital data to the terminal to allow for a verification that the user is the one and the same. Such memory devices can be provided which destroy or corrupt the data stored within upon detection of tampering.

[0037] A "card credential" as used herein may refer to, but is not limited to, any document, card, or other physical item or element issued and associated with a user, the card being generated /
issued for the purposes of identifying the user of the card credential, authorizing an action to be performed on behalf of the user of the card, or allowing the user to perform an action. Such card credentials may be issued by government bodies which may, for example, be provincial, federal, state, national, and regional governments alone or in combination. Such card credentials may be issued by financial institutions, banks, credit providers, employers, libraries, museums, security agencies, and healthcare providers for example. Such card credentials may include, but not be limited to, those comprising single sided plastic card, double sided plastic cards, single sided sheets, double side sheets, cards with integrated electronic circuits, cards with embedded display elements, cards with magnetic stripes, cards with wireless transponders, cards with radio frequency identification devices (RFID), and cards with integrated memory. For example, a card credential with integrated electronics, pressure activation, and digital display may generate a code for use as part of a transaction alone or in combination with other security credential(s) of the user.

[0038] "Encryption" as used herein may refer to, but are not limited to, the processes of encoding messages or information in such a way that only authorized parties can read it. This includes, but is not limited to, symmetric key encryption through algorithms such as Twofish, Serpent, AES (Rijndael), Blowfish, CASTS, RC4, 3DES, and IDEA for example, and public-key encryption through algorithms such as Diffie¨Hellman, Digital Signature Standard, Digital Signature Algorithm, EIGamal, elliptic-curve techniques, password-authenticated key agreement techniques, Paillier cryptosystem, RSA encryption algorithm, Cramer¨Shoup cryptosystem, and YAK authenticated key agreement protocol.

[0039] Referring to Figure 1 there are depicted prior art credit card 100 together with first to third credit cards 160 to 170 according to the prior art. As depicted with prior art credit card 100 a card comprises on its rear (back) surface a signature panel 105, a magnetic stripe 110, a card security value 115, a card security code 120, and a hologram 125. Apart from the user applying their signature to the signature panel 105 all of the other elements are generated by the provider of the credit card 100. On the front side of the credit card 100 there is visible an account number 130, typically embossed into the plastic of the credit card 100, a bank identification number (BIN) 135, the cardholder's name 140 (again typically embossed), expiration date 145 (typically embossed), brand mark 150. The magnetic stripe contains a first code which is referred to as the Card Verification Code (CVC) or Card Verification Value (CVV). This first code, CVC I or CVVi., is encoded on the second track of the magnetic stripe of the card and used for card present transactions. The card security code 120, most commonly referred to as CVV2 or CVC2, is typically sought by merchants for card not present transactions. This CVV2 or CVC2 is a four-digit code printed on the front side of the card above the number on American Express but for MasterCard, Visa, Diners Club, Discover, and JCB credit and debit cards is a three-digit card security code. Within ATM, POS, etc. transactions only the CVC1 or CVV1 is verified such that if the entire card has been duplicated and the magnetic stripe 110 copied, then the code is still valid. Within the magnetic stripe 110 up to three tracks of data may be stored although track 3 is virtually unused by the major worldwide networks, and is often not even physically present on the card by virtue of the use of narrower magnetic stripes within many cards.
POS card readers almost always read track 1, or track 2, and sometimes both in case one track is unreadable. The minimum cardholder account information needed to complete a transaction is present on both track and given that the standards for the magnetic stripe are widely known encoding a new card with data skimmed or otherwise acquired is a relatively simple task.

[0040] Cards containing an electronic circuit interface 155 are typically referred to as "smart cards" and in addition to debit, credit, or ATM cards may include fuel cards, mobile phone subscriber identity modules (SIMs), service authorization cards, household utility pre-payment cards, high-security identification and access-control cards, pre-paid credit cards, and public transport cards. Smart cards include an embedded integrated circuit chip (ICC) that can be either a secure microcontroller or equivalent intelligence with internal memory or a memory chip alone. The card connects to a reader with direct physical contact, e.g. via electronic circuit interface 155, or with a remote contactless radio frequency interface such as indicated by first credit card 160 with the logo 175. Most contactless cards, e.g. first credit card 160, also derive power for the internal chip from the card reader's electromagnetic signal(s) and operate over ranges up to three inches for non-battery-powered cards, which is generally sufficient for applications such as building entry and payment that require a very fast card interface. By virtue of an embedded microcontroller, smart cards have the unique ability to store large amounts of data, carry out their own on-card functions (e.g., encryption and mutual authentication) and interact intelligently with a smart card reader. One such embodiment being depicted with second and third credit cards 165 and170 respectively that represent smart cards designed to support real world and virtual world transactions. Each of second and third credit cards 165 and170 respectively supports conventional real world transactions such as through a POS or ATM, for example, via the electronic circuit interface 155. However, each of the second and third credit cards 165 andl 70 respectively also supports the generation of a one-time identification number (one-time password - OTP) for use within an online, virtual world, transaction. In second credit card 165 the user simply presses a button 185 wherein the OTP is presented via the display 180 whereas in third credit card 170 the user turns the device on and enters a personal identification code or codes thereby generating the OTP(s) upon the display 180.

[0041] Referring to Figures 2 and 3 there are depicted first and second portions of a card credential verification and authentication service (CCVAS) according to an embodiment of the invention. As depicted in Figure 2 this CCVAS comprises a physical attribute provider (PHYSAP) 255 in communication with an attribute provider 235. The PHYSAP 255 being depicted schematic as process flow detail in Figure 3. The PHYSAP 255 represents a card credential issuer wherein the card credential may or may not include a photograph of the user 265 to whom it relates. Accordingly, the PHYSAP 255 is an issuing authority authorised to issue card credentials either for their own enterprise / activity or on behalf of others. Within the descriptions described below in respect of Figures 2 and 3 the system and information flows are described with respect to a credential holder being identity-proofed in person. However, it would be evident that within other embodiments of the invention a PHYSAP 255 may authenticate the user 265 by an identity proofing and subsequently issue the user 265 with the card credential 260 either as an initial provisioning or through a re-issue / updating. In other embodiments of the invention the card credential 260 may require authorization to be provided prior to the card credential 260 being valid, e.g. via a telephone made by the user 265 from a telephone number associated with the card credential 260 by the PHYSAP 255.0ther embodiments and variations would be evident to one skilled in the art.

[0042] Accordingly, a credential holder (user 265) may be identity-proofed in-person by a trusted agent of the PHYSAP 255. This process step 310 results in the issuance of card credential 260 (step 320) and the credential holder's proofed identity being bound (step 330) to the card credential. As a result of this sequence the credential holder's identity-proofed attributes being stored in step 340 within an Identity Attribute Database 350 managed by the document issuer.

Attributes stored in respect of the credential holder within the Identity Attribute Database 350 may include, but not be limited to, the photograph of the user 265, the signature of the user 265, the user's name and address, type of document, financial account information, date of expiry, bank identification number, CVV2, CVC2, CVV1, CVC1, issuer identity, and date of issue. The information within the Identity Attribute Database 350 is also accessible by a Document Validation and Identity Verification Engine (DVIVE) 360 which is in communication with an Attribute Provider 235 via network 300. The DVIVE 360 also is in communication with a Card Stock Validation and Verification Engine (CSVVE) 370 which is in communication with a Card Stock Provider 510 such that the DVIVE 360 may extract data relating the card credential as provided by the Card Stock Provider 510, via network 300, which relates to the base card rather than the attributes assigned by the PHYSAP 255.

[0043] Subsequently, the user 265 (credential holder) uses their card credential 260 at a storefront retailer / government office or kiosk / enterprise, depicted as first to third store front relying parties 270A to 270C respectively, to identify themselves in the presence of an agent of the store front relying party. The first to third store front relying parties 270A to 270C each exploit a card credential checker, referred to within this specification as a CARCREC system /
device. According to the identity of the first to third store front relying parties 270A to 270C
respectively these are allocated different trust levels. For example:

[0044] Trust Level .1 (TL1) - government office, civic authority, e.g. another government Photo-ID issuing authority or government / civic office where the credential holder's identity is proofed, having higher trust level than other relying parties.

[0045] Trust Level 2 (TL2) - financial institutions, e.g. a bank, having a higher trust level than other relying parties, such as retailers, etc. but not at a level not as high as relying parties at a Trust Level 1.

[0046] Trust Level 3 (TL3) - all other identity agents, not included in the above trust levels 1 and 2 respectively.

[0047] An additional trust level, Trust Level 4 (TL4), is associated with online merchants as indicated in Figure 2 with first to third online relying parties 280A to 280C
respectively. This trust level, TL4, may also be associated with online activities with a government, government regulated body, online enterprise etc. Whilst embodiments of the invention are described as having four trust levels (TL1 to TL4 respectively) it would be evident that within alternate embodiments a higher or lesser number of trust levels may be employed.
However, for each trust level the activities of a user are tracked and stored within the databases as described with respect to embodiments of the invention and employed as described below in generating an Identity Verification Score for the user with the government issued photographic card credential.

[0048] The CARCREC system, located at the store front relying party's place of business and not shown for clarity, interacts with the Attribute Provider 235 to validate the card credential 260 and verify the identity of the document bearer, user 265. Accordingly, the CARCREC system acquires data from and about the card credential 260 and communicates this to a Document Validation Identity Verification database (DVIVDb) 250 which then communicates with the DVIVE 360 within the PHYSAP 255. The DVIVE 360 thereby confirms or denies the validity of the card credential 260 presented by the user 265 at the one of the first to third store front relying parties 270A to 270C respectively. The DVIVE 360 extracts data from the Identity Attribute Database 350 and CSVVE 370, either directly or via Identity Attribute Database 350, as part of the validation activity. An exemplary validation process for a card credential 260 via CARCREC
system and DVIVE 360 is depicted and described below in respect of Figures 7 through 11 respectively.

[0049] Accordingly, the CARCREC system validates the card credential 260 as being genuine or counterfeit. As described supra the CARCREC system extracts characteristic information from the card credential 260 which is transmitted to the DVIVDb 250 managed and controlled by Attribute Provider 235. The extracted characteristics are then provided to DVIVE 360 wherein they are compared with data extracted from Identity Attribute Database 350 /
CSVVE 370 and a resulting validation / denouncement of the card credential 260 is communicated back to the DVIVDb 250 and therein back to the CARCREC for presentation to the agent of the store front relying party. Extracted characteristics may include, but are not limited to, the photograph on the card credential 260, a signature, identity information of the card credential 260, barcode data, QR
code data, data within magnetic stripe(s), etc. as well as potentially characteristics of the card itself, including but not limited, physical elements of the card credential 260 and invisible aspects of the card credential 260.

[0050] The data within the Identity Attribute Database 350 maintained and acquired / generated by the PHYSAP 255 relating to the card credential 260 when the user 265 applied for, or renewed, their card credential 260. Accordingly, the user 260 during the course of doing business at various retail service provider's locations, the credential holder's (user 265) card credential 260 is validated and their identity verified by Attribute Provider's 235 DVIVDb 250. Therefore, each time the user's 265 card credential 260 (or Photo-ID document) is validated and the bearer's identity is verified by the combination the CARCREC system, DVIVDb 250, and DVIVE 360 as being genuine and not fake, then the credential holder's in-person verified identity is also confirmed as being genuine. As depicted and described below in respect of Figure 8 the Attribute Provider 235 also generates one or more Identity Verification Scores (IdVS) which are subsequently stored within an Identity Verification Score database 240. As a result, CARCREC software is able to generate a quantified measure of the credential holder's identity and inform participating businesses, employers, and organizations of the strength of the credential holder's identity.

[0051] An Identity Verification Score (IdVS) may be considered to be similar to a FICO score, which is used by financial institutions to help them make complex, high-volume decisions and grant credit to a user. As described in more detail below, and as established supra, in order to create a representative IdVS for each credential holder (user 265), where their card credential 260 is verified by a CARCREC system, a trust level (TL) for each storefront relying party (Identity Agent) is established as outlined supra in dependence upon the storefront retailing party class, e.g. financial institutions have higher trust level than a retailer but not as high as a government office or civic authority office. In addition to trust level an IdVS computation according to embodiments of the invention may take into account the number of times the credential holder's photo-ID document is validated and the credential holder's identity verified.

[0052] As depicted in Figure 2 IdVS data is also available for use by online relying parties, such as first to third online relying parties 280A to 280C respectively who may also act as identity agents for Attribute Provider 235. It is also available for use by online authentication services, such as for example, Authentication Service 290 depicted as Assure 360 Identity Assurance Service. The user 265, upon being verified through PHYSAP 255, may establish an account with an Attribute Provider 235 by forwarding an electronic mail address through an Identity Agent, depicted within Figure 2 by first to third store front relying parties 270A to 270C respectively, via a CARCREC display, e.g. a tablet electronic device. The user 265 may have the ability to choose an Attribute Provider 235 from multiple Attribute Providers 235 as part of the process performed through an Identity Agent where they provide their electronic mail address.
Optionally, the ability of a user 265 to communicate with and / or open an account with an Attribute Provider 235 may be restricted to a store front relying party at only one or more trust levels, e.g. those with trust level 1 (TL1) only for example. Additionally, the user 265 may be prevented from accessing an Identity Agent to establish the account with an Attribute Provider 235 until at least one or a predetermined number of activities have been completed with the store front relying parties at the appropriate trust levels. Further, the Identity Agent may only be accessed by the user 265 upon an authentication of their identity at the store front relying party by an action of an agent of the store front relying party.
100531 The user 260 may then select an Authentication Service 290 from those provided by the Attribute Provider 235 web site of the Attribute Provider 235 the user 265 has selected. The Attribute Provider 235 sends a one-time-credential retrieved from One-Time Credential database 245 to the selected Authentication Service 290 and a credential 275 to the credential holder (user 260). Attribute Provider 235 also sends the Authentication Service 290 information required by the Authentication Service 290 to open an online account in the credential holder's name.
Optionally, the user 265 may be presented with separate lists of Attribute Providers 235 and Authentication Services 290 during their establishment of the account or subsequently the user 265 may access any Authentication Service 290 rather than only a subset of them associated with the selected Attribute Provider 235. The credential holder can use the one-time credential sent by Attribute Provider 235 to identify themselves to the selected Authentication Service 290 to confirm the online account which was opened automatically on the credential holder's behalf by the Authentication Service 290 when the Authentication Service 290 received the one-time-credential and the credential holder's information necessary to open an account. Once the account with the Authentication Service 290 is active the credential holder can link their PED
and / or FED to the Authentication Service 290's server by downloading the Authentication Service 290's client and related digital security certificates onto their PED
and / or FED. A
security certificate exchange takes place between the Authentication Service 290 and the Token Management Service 210, which may for example be upon a server associated with the Authentication Service 290 or may be upon a server associated with a third party. Accordingly, the Token Management Service 210 comprises a Token Manager 215 that binds, denoted by Binding 220, the digital security certificates 225 to the user's 260 PEDs /
FEDs such as depicted by first to third devices 230A to 230C respectively.
[0054] As a result the credential holder's identity is bound to the credential holder's PEDs and /
or FEDs and to the Authentication Service 290 / Token Management Service 210 thereby providing to one of the first to third online relying parties 280A to 280C
respectively with strong authentication and Level 3, in-person, verified identity assurance. Based on the credential holder's IdVS, which is obtained from Identity Verification Score database 240 the Attribute Provider 235 can provide Authentication Service 290, and other authentication services, with revocation status information on the credential holder. Accordingly, the Authentication Service 290 may revoke, cancel, or not authenticate the security credential 275 of the user 265. It would be evident that in some embodiments of the invention the Authentication Service 290 does not retain or store the one-time credentials 275.
[0055] Within other embodiments of the invention multiple biometric data elements may be combined for use within a data analytic module based upon a biometric engine which fuses information from a range of factors, biometric and non-biometric, into a single factor.
Additionally, such a single factor may be used to determine authorization by comparing this factor with a threshold determined using an appropriate risk assessment module.
[0056] Referring to Figure 4 there is depicted a card credential matching architecture at a store front relying party according to an embodiment of the invention as part of a CCVAS such as depicted in Figures2 and 3 respectively. Accordingly, part of the CCVAS is depicted by PHYSAPs 255A to 255N respectively in respect of a user 265 and their card credential 260.
Accordingly, the user 265 visits a store front relying party 270, such as described supra in respect of Figures 2 and 3 respectively. Depicted as part of store front relying party 270 is CARCREC
system 410 comprising in addition to the terminal 415 modules including, but not limited to, those providing image pre-processing 420, optical character recognition (OCR) 430, feature extraction 440, and magnetic / electronic extraction 450 for example.
Accordingly, the user presents their card credential 260 at the store front relying party 270 wherein an agent of the store front relying party 270 inserts the card credential 260 into the terminal 415 wherein the image pre-processing 420, optical character recognition (OCR) 430, feature extraction 440, and magnetic / electronic extraction 450 modules extract their information wherein this is communicated via network 300 to an appropriate one of the PHYSAPs 255A to 255N

respectively via an Attribute Provider, not shown for clarity. For example, if the card credential 260 is a California driver's license then the PHYSAP may be part of the California Department of Motor Vehicles or alternatively if the card credential 260 is a US passport then the PHYSAP
may be associated with the US Department of State.
[0057] The information derived from the card credential 260 by the CARCREC
system 410 are communicated to a DV1VE 260 within PHYSAP 255 which extracts information from the Identity Attribute Database 250 in dependence upon elements of the extracted information to establish whether the user 265 is the legitimate owner of the card credential 260 or not. The resulting determination is then provided back to the CARCREC system 410 via the Attribute Provider, not shown for clarity, for display to the agent of the store front relying party 270.
[0058] Referring to Figure 5 there is depicted an architecture for a card stock provider 510 and card manufacturer 580 according to an embodiment of the invention to provide unique base cards through mechanical, non-visible, and visible features. Accordingly, card stock provider (CASP) 510 comprises a Card Generator (CARGEN) 570 in communication with an Identity Attribute Generator and Mapping (IDAGEM) module 550 and Identity Card Feature Database (ICFEB) 560 together with Card Manufacturing 580 and PHYSAP 255. Accordingly, upon a request from PHYSAP 255 for one or more card credentials 260 the CARGEN 570 extracts data relating to the card credential from the ICFEB 560 and generates a request to IDAGEM 550.
The extracted data may include, but not be limited to, location(s) of electronic circuit interface(s), e.g.
electronic circuit interface 155, location(s) of magnetic stripe(s), e.g.
magnetic stripe 110, location(s) of signing strip(s), e.g. signature panel 105, location(s) of embossed features, e.g.
account number 130 and the cardholder's name 140, and location(s) of logos or other elements.
Additionally, the extracted data may include data relating to the addition of mechanical, non-visible and visible features for the PHYSAP 255 such as, for example, the number of features, restrictions on specific categories of features, restrictions on dimensions, etc. In some embodiments of the invention the card credential 260 may be intended for use with card readers other than the terminal 415 or those associated with Store Front Relying Parties 270, e.g.
terminal 415, wherein the capabilities of the card reader may be higher or lower than those of the terminal 415.
[0059] Accordingly, the IDAGEM 550 establishes a mapping of features for the card credential 260 and through feature extractions from Document Identity Element and Security Feature Database (DOCIDES) 530 and Landmark Feature Database (LAFED) 540 generates the feature maps for the card credentials 260. Each card credential 260 is generated using a new feature set extracted from the DOCIDES) 530 and LAFED 540. Accordingly, the generated feature map(s) is provided from IDAGEM 550 to CARGEN 570 wherein it is combined with physically attached feature mapping based upon element identities stored within first database 590. Such physically attached features may include, but not be limited to, holographic stickers. The DOCIDES 530 is provided with features based upon elements extracted from a plurality of feature databases 520A to 520N respectively. Optionally, elements within one or more of feature databases 520A to 520N respectively may be designed specifically or these may be extracted from commercial / non-commercial sources including images / features extracted from the Internet. The resulting feature profile of each card credential 260 is then provided to the card manufacturing 580 and PHYSAP 255. The card manufacturing 580 may also receive additional information from PHYSAP 255 as well as providing information to the PHYSAP
255. For example, a feature map provided to the card manufacturing 580 by Card Stock Provider 510 via CARGEN 570 may be associated with user 265 data provided by PHYSAP 255 in order to generate the physical card credential 260 and then this binding of feature map and user data provided is provided back to PHYSAP 255. At this stage information within other elements of the card credential 260 such as within an embedded memory, magnetic stripe etc. may also be made such that the finished card credential 260 may be provided to the PHYSAP
255 completed or alternatively be provided directly to the user 265. Alternatively, card manufacturing 580 may provide a stock of card credentials 260 to the PHYSAP 255 wherein the binding of user to the card is then undertaken by PHYSAP 255 in conjunction with the addition of information within other elements of the card credential 260 such as within an embedded memory, magnetic stripe etc. in order to yield the finished card credential 260.

, [0060] Now referring to Figures 6A and 6B there are depicted images for a card credential 260 as manufactured according to an embodiment of the invention via the sequential application of mechanical, non-visible and visible features in order to generate unique base card stock prior to the application of conventional prior art identity and security features.
Referring to first front 600A and first rear 600B a card credential 260 is depicted after a blank card has been processed to add mechanical features. The blank card, not shown for clarity, may for example be a plastic card manufactured to a standard, e.g. ISO/IEC 7810 ID-1 or ISO/IEC 7816, with dimensions 85.60mm x 53.98mm x 0.76mm and rounded corners with a radius of 2.88-3.48 mm.
Accordingly, formed within the blank card are any electrical circuit connection 610, magnetic stripe 615, wireless antenna, electronic circuits, and electronic memory (as specified by ISO/IEC
7816 for example). Alternatively, blank card may be in other embodiments of the invention non-standard.
[0061] Accordingly as depicted in first front 600A and first rear 600B in Figure 6A a series of landmark features 620 are provided on each surface. The series of landmarks 620 provide orientation and alignment for subsequent feature extraction through a card reader such as described supra in respect of embodiments of the invention. As depicted the series of landmarks 620 are positioned relative to front and back virtual grids 605A and 605B that provide an array of feature locations, in this instance within a 12 column by 7 row matrix.
Within matrix cells are front mechanical features, such as first to third front mechanical features 625A to 625C
respectively, and rear mechanical features, such as first to third rear mechanical features 630A to 630C respectively. It would be evident that other [0062] Subsequently, as depicted in second front 600C and second rear 600D in Figure 6A the card credential is printed. Accordingly, during printing first to third invisible features 635A to 635C are formed upon the second front 600C and fourth to sixth invisible features 650A to 650C
are formed upon the second rear 600D. These first to third invisible features 635A to 635C and fourth to sixth invisible features 650A to 650C being similarly orientated with the front and back virtual grids 605A and 605B, not shown for clarity in second front 600C and second rear 600D.
Also depicted are first and second front logos 640A and 640B, PHYSAP name 645A, and first and second rear logos 655A and 655B respectively. First and second front logos 640A and 640B, PHYSAP name 645A, and first and second rear logos 655A and 655B respectively which provide visual information to the user 265 or those employing the card credential as part of a transaction etc. are typically printed only in inks, pigments, dyes, etc. that provide visual information within the visible wavelength range of the human eye.
[0063] In contrast, first to third invisible features 635A to 635C and fourth to sixth invisible features 650A to 650C which are intended to be used as part of the validation and verification process for the card credential and / or the card stock may be printed within a combination of inks, pigments, dyes, etc. that provide visibility of their associated features under non-visible inspection and / or illumination including for example that made under one or more of ultraviolet, visible, and infra-red wavelengths. Examples may include applying an ultraviolet absorbing ink such that a feature is a dark region on an image of the card credential, applying an infrared absorbing dye such that a feature is a dark region on an image of the card credential, applying a fluorescent material such that only under ultraviolet illumination a feature is visible in the visible region of the spectrum, applying a material such that only under visible illumination is a feature visible in the infrared, and applying a material such that only under infrared illumination is a feature visible in the visible region of the spectrum. In addition to fluorescent materials photoluminescent materials may be employed such that features are only visible once the card credential has been illuminated and the illuminating light removed.
Such photoluminescent materials may "glow" or emit, for example, in yellow-green, blue-green, blue, orange-red, purple, and white regions of the visible spectrum and be identified through one or more filters such that white features may be identified separately from orange-red or yellow-green. Alternatively, the blank card may include some features such as first and second front logos 640A and 640B, PHYSAP name 645A, and first and second rear logos 655A
and 655B
respectively according to manufacturing process considerations, manufacturing costs, etc.
[0064] Accordingly, in such instances data retrieved from ICFEB 560 may include identification of the card stock to be employed in the manufacturing process. Accordingly, the card credential is provided with a plurality of features that are mechanically imprinted and /
or optically imprinted according to the mapping established by the IDAGEM 550. This mapping may establish a random or pseudo-random number of features upon one or both sides of the card credential within random or pseudo-random locations within the matrix wherein each feature is randomly or pseudo-randomly selected from one or more databases comprising features.

Optionally, the mapping may itself be random or pseudo-randomly defined rather than being established with respect to a matrix. Optionally, multiple matrices may be established for the placement of features, these multiple matrices established in dependence upon other elements of the card credential such as electronic circuit interfaces, for example.
Optionally, features may also be mapped into the other visual elements of the card credential, e.g. an ultraviolet fluorescent material overlaying part of the card issuer logo, an infra-red absorber established within the card type logo, e.g. MasterCardTM.
[0065] Subsequent to the printing step described in respect of second front 600C and second rear 600D the card credential may be embossed such as depicted in third front 600E
and third rear 600F in Figure 6B with information such as the card number 655B, cardholder name 655A, and issue and expiry dates 655C for example. Then as depicted in fourth front 600G
and fourth rear 600H other elements may be attached to the card credential such as first and second holographic stickers 670 and 680 respectively and signing strip 660. At this point the card is ready for programming the electronic circuit and / or electronic memory and the magnetic stripe 615. It would be evident to one skilled in the art that the sequence of manufacturing steps described and depicted with respect to Figures 6A and 6B may be varied according to the manufacturing processes utilized. Accordingly, embossing of the card credential may be the last processing step or alternatively the first. Similarly, application of the mechanical features may be the last processing step, e.g. laser ablation, thermal embossing, etc. or it may be the first step. Optionally, one or more printing, inking, dying or other processes for applying ultraviolet, infrared, and / or visible may be made as the last processing step or a first processing step.
Some steps may be distributed across the manufacturing sequence.
[0066] Within Figures 6A and 6B the features described in respect of providing each base card stock element for a card credential as being unique have been depicted as relatively large elements. However, it would be evident that the features may be of different dimensions including, for example, features smaller or larger than the relative dimensions depicted relative to the card credential wherein the lower dimensional limit may be established based upon the characteristics of the card reader wherein these lower dimensional limits may be different for mechanical, ultraviolet, visible and infrared features. Optionally, all features may be at the same dimension whereas in other embodiments of the invention the features may be of variable dimensions within different regions of the card credential and / or based upon the type of feature.
Similarly, a matrix against which features may be placed may be a larger matrix than that described or a smaller matrix. Within other embodiments of the invention the matrix may be established based upon the feature dimensions, minimum feature dimensions, number of features, etc. The number of features may be a constant, a variable, a constant established in dependence upon the type of card, a constant established in dependence upon the card issuer, a pseudo-randomly generated number, or a variable within a predetermined range for example.
Selection of the features may be random from a database of features, pseudo-random from a database of features, sequentially extracted from a database of features, or extracted by one such methodology as well as others from a variety of online and non-online sources.
Storage of features employed upon a card credential may be by identifier of the feature, a number of the feature within a database, or the feature itself, for example. Features added mechanically may be formed within the surface of the card, e.g. engraving, etching, laser ablation, embossing, etc. or formed upon the surface of the card, e.g. removal of remainder of card surface, deposition, etc.
[0067] Now referring to Figure 7 there is depicted an exemplary process flow for establishing mechanical, non-visible, and visible features of a card according to an embodiment of the invention. Accordingly, a card credential, e.g. card credential 260, is provided to a card reader, e.g. CARCREC system 410, wherein a first process flow 800 as described below in respect of Figure 8 proceeds to extract mechanical, invisible and visible features that are unique to the physical card whereas a second process flow comprising first to third flows 900 to 1100 as described below in respect of Figures 9 to 11 respectively extract the properties of the card specific to the PHYSAP 255 and user 265. Considering initially process flow 800 as depicted in Figure 8 for an exemplary process flow for establishing mechanical and non-visible features of a card according to an embodiment of the invention. Accordingly, the process proceeds to step 800A wherein a mechanical process flow 860A is depicted wherein in step 810 a surface scan of the card credential is generated and then in step 815 a mask is applied to the surface scan and a first portion of the masked surface scan is compared in step 825 with a retrieved mechanical feature set in step 820. Accordingly, ;11. step 830 a determination is made wherein the process then proceeds to step 835 if a null region of the masked surface scan was detected, to step 840 if a mismatch between the masked surface scan and the plurality of features within the retrieved mechanical feature set is established, or to step 845 if a match is made between the masked surface scan and the plurality of features within the retrieved mechanical feature set is established. From either of steps 835 to 845 respectively the process proceeds to step 850 and therein in step 855 a determination is 'made as to whether all masks have been applied to the mechanical surface scan. If not the process loops back via step 860 to apply a new mask to the mechanical surface scan data and the process repeats via step 825. If the final mask has been applied then the process proceeds to step 870.
[0068] Also depicted are steps 800B and 800C respectively which relate to ultraviolet and infrared scans and link to ultraviolet process flow 860B and infrared process flow 860C
respectively. These are essentially structured in the same manner as mechanical process flow 860A except that instead of retrieving a mechanical feature set in each of the ultraviolet process flow 860B and infrared process flow 860C respectively ultraviolet and infrared feature sets are employed. Optionally, additional process flows may be applied including a visible feature set as well as photoluminescent and fluorescent process flows wherein exposure of the card credential to one band of wavelengths is followed by monitoring / scan in another band of wavelengths.
Within some embodiments of the invention the card may be scanned sequentially as it is inserted into the card reader whereas it others it may be scanned once inserted or imaged once inserted or a combination thereof.
100691 Now referring to Figure 9 there is depicted a process flow 900 forming part of a second process flow comprising first to third flows 900 to 1100 as described below in respect of Figures 9 to 11 respectively extract the properties of the card specific to the PHYSAP
255 and user 265.
As depicted the process comprises an initial process flow comprising steps 901 to 906 followed by a first process sub-flow comprising steps 911 to 918 and a second process sub-flow comprising steps 921 to 936. The initial process flow comprises:
= Step 901 ¨ the front of the card credential is scanned to create an image scan of the card;
= Step 902 ¨ a physical feature vector of the scanned card credential image is generated and analysed establish a feature vector to determine whether a corresponding feature vector exists for card credentials such that if a corresponding feature vector exists the process proceeds to step 903 otherwise it proceeds to step 907;

= Step 903 ¨ a mask corresponding to the identified card credential type based upon the determined physical feature vector is extracted, this mask corresponding to, for example, the credential type, such that for example the card dimensions are confirmed as complying to ISO/1EC 7810 ID-1 and that the card contains an electronic circuit interface, such as electronic circuit interface 155 for example;
= Step 904 ¨ optical character recognition (OCR) is performed to extract content of the card based upon, for example, a keyword set based upon the mask, e.g. an ISO/IEC
7810 ID-1 card with electronic circuit interface is typically a financial transaction card such that keywords such as Visa, MasterCard, Maestro, Expiry, etc. may be present;
= Step 905 - a template database of card credentials containing extracted OCR terms and matching physical layout of attributes is searched;
= Step 906 ¨ a determination is made as to whether a template within the template database exists or not wherein a positive determination results in the process proceeding to "B" and therein a first process sub-flow comprising steps 911 to 918 and a second process sub-flow comprising steps 921 to 936 or proceeds to step 907; and = Step 907 ¨ a determination has,been made that the document type does not exist within the database and the process terminates.
[0070] A positive determination at step 906 as discussed supra results in the process proceeding to "B" and therein a first process sub-flow comprising steps 911 to 918 and a second process sub-flow comprising steps 921 to 936. Considering first process sub-flow comprising steps 911 to 918 then these steps as depicted comprise:
= Step 911 an encrypted query is sent to an a card credential information database wherein document identities are stored, wherein the query comprises elements established from steps 903 to 905 for example and / or the card credential information database is established based upon elements established from steps 903 to 905 for example;

= CA 02888087 2015-04-17 = Step 912 wherein a response from the card credential information database is received and if negative the process proceeds to step 913 otherwise it proceeds to step 916, wherein in either instance the returned message is encrypted;
= Step 913 where a card credential was not found then where an agent of a store front relying party is performing the verification / authentication of the card then a response is generated and displayed to them or if this process is performed at a kiosk without an agent then a message is generated and displayed to the user at that point. A negative determination may arise even for valid card credentials if the user presenting the card credential is in a different jurisdiction to that within which the card credential was issued. For example, an individual with a HSBC credit card issued in Europe may present the credit card to a HSBC branch in the United Kingdom where the HSBC credit cards in Europe are manufactured with a different databases of features to those in North America and the records for European credit cards are not stored. Alternatively, the visual and / or physical layout of a European credit card may differ from that of the North American credit card such that the template cannot be identified. However, it is anticipated that typically a feature set for manufacturing cards according to standard card type and / or internationally agreed specification will be globally defined such that a card manufactured anywhere globally by an authorized manufacturer will employ these features such that they can be matched anywhere globally.
= Step 914 performed in parallel to step 911 wherein an attribute mask from a template database for the document type established in step 901 through 907 is applied to the card credential;
= Step 915 wherein each attribute established through the mask is subject to an OCR
process to generate a set of attributes for the card credential and these attributes are provided forward as output "C" which are used as input to second process sub-flow comprising steps 921 to 936;

= Steps 916 and 917 where a list of the attributes established in process step 915 are compared to those associated with the document type established in process steps 911 and 912;
= Step 918 wherein those attributes matching are stored and provided forward as output "F"
which is an input to the process flow 1100 in Figure 11.
[0071] Second process sub-flow comprising steps 921 to 936 comprises:
= Step 921 wherein the back of card credential is scanned to create an image scan of the card credential which is then provided to steps 922 and 923;
= Step 922 wherein the image scan of the card credential is processed to extract a two-dimensional (2D) bar code by masking the image of the back of the card credential and decoding the bar code, wherein this decoded bar code is provided forward as output "J" to process flow 1100 in Figure 11;
= Step 923 wherein the 2D bar code extracted in step 922 and the output "C"
are combined;
= Step 924 wherein 2D bar code extracted in step 922 and the output "C" are compared;
= Step 925 where the attributes extracted from the 2D bar code that match those extracted from the front of the card are identified as are those that not match;
= Step 926 presents a list of matching attributes, see step 913 for presentation methodology;
= Step 932 wherein the image scan of the card credential is processed to extract information within any Machine Readable Zone (MRZ) by masking the image of the back of the card credential and decoding the MRZ, wherein this decoded MRZ code is provided forward as output "K" to process flow 1100 in Figure 11;
= Step 933 wherein the MRZ code extracted in step 932 and the output "C"
are combined;
= Step 934 wherein MRZ code extracted in step 932 and the output "C" are compared;
= Step 935 where the attributes extracted from the MRZ code that match those extracted from the front of the card are identified as are those that not match; and = Step 936 presents a list of matching attributes, see step 913 for presentation methodology.
[0072] Now referring to Figure 10 there is depicted a process flow 1000 comprising steps 941 to 955 for extracting and matching any photographic element of the card credential. Accordingly, process flow 1000 comprises steps:

= Step 941 wherein masking is applied to the image scan of the card to obtain any photographic element wherein this is then provided to process flow 1100 as output "D" and coupled to step 943;
= Step 942 wherein any photographic data stored within a card credential information database is acquired through an encryption process and provided to step 943;
= Step 943 wherein the extracted photographic data from steps 941 and 942 are compared;
= Step 944 wherein a mismatch determined in step 943 is presented, see step 913 for presentation methodology;
= Step 945 wherein a match determined in step 943 is presented, see step 913 for presentation methodology, together with a confidence level and provided as output "G" to process flow 1100;
= Step 951 wherein masking is applied to the image scan of the card to obtain any signature element wherein this is then provided to process flow 1100 as output "E" and coupled to step 953;
= Step 952 wherein any signature data stored within a card credential information database is acquired through an encryption process and provided to step 953;
= Step 953 wherein the extracted photographic data from steps 951 and 952 are compared;
= Step 954 wherein a mismatch determined in step 953 is presented, see step 913 for presentation methodology; and = Step 955 wherein a match determined in step 953 is presented, see step 913 for presentation methodology, together with a confidence level and provided as output "H" to process flow 1100*.
[0073] Now referring to Figure 11 there is depicted process flow 1100 comprising steps 961 to 970 and steps 9100 to 9110 relating to matching the card credential presented for verification /
authentication with information stored within a card credential information database.
= Step 961 wherein the data output from process flow 1000 as outputs "D"
and "E" and process flow 900 as output "F" are combined;
= Step 962 wherein the card credential is reconstructed digitally from the data extracted from the card credential information database;

= Step 963 wherein the digitally reconstructed card credential from step 962 is compared to the scan of the card credential ID and the process proceeds to step 964 upon mismatch or step 965 upon a match;
= Step 964 wherein a mismatch determined in step 963 is presented, see step 913 for presentation methodology; and = Step 965 wherein a match determined in step 963 is determined and the data is combined in step 969 with the outputs from steps 966 to 968 respectively;
= Step 966 the matching attributes from output "F" of process flow 900 are fed forward to step 969;
= Step 967 the matching attributes from output "G" of process flow 1000 are fed forward to step 969;
= Step 968 the matching attributes from output "H" of process flow 1000 are fed forward to step 969;
= Step 969 wherein the matching elements of steps 965 to 968 are combined and coupled to step 970; and = Step 970 wherein a computational algorithm computes matching scores for the attributes from step 969 and generates an overall matching score of the scanned card credential versus the numerical representations of the digital representations of the card credential stored within the card credential information database and this is presented, see step 913 for presentation methodology.
100741 Also depicted in process flow 1100 are steps 9100 to 9110 which comprise:
= Step 9100 wherein supplementary card credential database representations of one or more of photographic identity, signature, 2D bar code, and MRZ code are retrieved and coupled forward to steps 9105 to 9108 respectively;
= Step 9101 wherein the photographic identity generated as output "G" from process flow 1000 is processed and coupled to step 9105;
= Step 9102 wherein the photographic identity generated as output "H" from process flow 1000 is processed and coupled to step 9106;

= Step 9103 wherein the photographic identity generated as output "J" from process flow 900 is processed and coupled to step 9107;
= Step 9104 wherein the photographic identity generated as output "K" from process flow 900 is processed and coupled to step 9108;
= Steps 9105 to 9108 wherein the data corresponding representations from steps 9101 to 9104 respectively are combined and compared with the data from step 9100 in order to establish a distance measurement by calculations using one or more algorithms known within the prior art;
= Step 9109 where the results from steps 9105 to 9108 respectively are combined to yield an overall measure of authenticity of the card credential;
= Step 9110 wherein the result from step 9109 is presented, see step 913 for presentation methodology.
[0075] The discussion and description in respect of Figures 7 to 11 supra in respect to process flows for the verification and authentication of a card credential comprising features relating to the base card credential itself and the information relating to the user of the card credential are described from the perspective of the process being performed at a card reader or locally to the card reader as information relating to the base card credential and user information are transmitted to the card reader or local processor for comparison to the features and information generated at the initial generation of the base card credential and its association to the user.
However, it would be evident that alternatively the extracted features and information from the card reader may alternatively be transmitted to a remote server for comparison to the features and information generated at the initial generation of the base card credential and its association to the user. Accordingly, as described in respect of Figures 2 and 3 this remote server may be controlled by a PHYSAP 255 for example.
[0076] Referring to Figure 12 there is depicted a network 300 within which embodiments of the invention may be employed supporting card credential verification and authentication services (CCVAS) according to embodiments of the invention. Such CCVASs, for example supporting activities such as the establishment of real world identity assurance, Level 3 assurance to physical store front relying enterprises, the binding of real world identity to electronic devices, and the provisioning of Level 3 identity verification to online retail relying enterprises. As shown first and second user groups 1200A and 1200B respectively interface to a telecommunications network 300. Within the representative telecommunication architecture a remote central exchange 1280 communicates with the remainder of a telecommunication service providers network via the network 300 which may include for example long-haul OC-48 / OC-backbone elements, an OC-48 wide ai.ea network (WAN), a Passive Optical Network, and a Wireless Link. The central exchange 1280 is connected via the network 300 to local, regional, and international exchanges (not shown for clarity) and therein through network 300 to first and second cellular APs 1295A and 1295B respectively which provide Wi-Fi cells for first and second user groups 1200A and 1200B respectively. Also connected to the network 300 are first and second Wi-Fi nodes 1210A and 1210B, the latter of which being coupled to network 300 via router 1205. Second Wi-Fi node 1210B is associated with Enterprise 1260, e.g.
HSBCTM, within which are additional first and second user groups 1200A and 1200B. Second user group 1200B
may also be connected to the network 300 via wired interfaces including, but not limited to, DSL, Dial-Up, DOCSIS, Ethernet, G.hn, ISDN, MoCA, PON, and Power line communication (PLC) which may or may not be routed through a router such as router 1205.
[0077] Within the cell associated with first AP 1210A the first group of users 1200A may employ a variety of PEDs including for example, laptop computer 1255, portable gaming console 1235, tablet computer 1240, smartphone 1250, cellular telephone 1245 as well as portable multimedia player 1230. Within the cell associated with second AP
1210B are the second group of users 1200B which may employ a variety of FEDs including for example gaming console 1225, personal computer 1215 and wireless / Internet enabled television 1220 as well as cable modem 1205. First and second cellular APs 1295A and 1295B
respectively provide, for example, cellular GSM (Global System for Mobile Communications) telephony services as well as 3G and 4G evolved services with enhanced data transport support. Second cellular AP 1295B provides coverage in the exemplary embodiment to first and second user groups 1200A and 1200B. Alternatively the first and second user groups 1200A
and 1200B may be geographically disparate and access the network 300 through multiple APs, not shown for clarity, distributed geographically by the network operator or operators.
First cellular AP 1295A
as show provides coverage to first user group 1200A and environment 1270, which comprises second user group 1200B as well as first user group 1200A. Accordingly, the first and second user groups 1200A and 1200B may according to their particular communications interfaces communicate to the network 300 through one or more wireless communications standards such as, for example, IEEE 802.11, IEEE 802.15, IEEE 802.16, IEEE 802.20, UMTS, GSM
850, GSM 900, GSM 1800, GSM 1900, GPRS, ITU-R 5.138, ITU-R 5.150, ITU-R 5.280, and IMT-2000. It would be evident to one skilled in the art that many portable and fixed electronic devices may support multiple wireless protocols simultaneously, such that for example a user may employ GSM services such as telephony and SMS and Wi-Fi / WiMAX data transmission, VOIP
and Internet access. Accordingly portable electronic devices within first user group 1200A may form associations either through standards such as IEEE 802.15 and Bluetooth as well in an ad-hoc manner.
[0078] Also connected to the network 300 are Social Networks (SOCNETS) 1265, first and second Attribute Providers 1270A and 1270B respectively, e.g. EntrustTM and ACI
WorldwideTM, first and second card credential providers 1275A and 1275B
respectively, e.g.
American ExpressTM and Western UnionTM, and first and second Authentication Services 1275C
and 1275D respectively, e.g. VerisignTM and Assure 360TM, as well as first and second servers 1290A and 1290B which together with others, not shown for clarity. First and second servers 1290A and 1290B may host according to embodiments of the inventions multiple services associated with a provider of publishing systems and publishing applications /
platforms (CCVASs); a provider of a SOCNET br Social Media (SOME) exploiting CCVAS
features; a provider of a SOCNET and / or SOME not exploiting CCVAS features; a provider of services to PEDS and / or FEDS; a provider of one or more aspects of wired and / or wireless communications; an Enterprise 1260 exploiting CCVAS features; license databases; content databases; image databases; content libraries; customer databases; websites;
and software applications for download to or access by FEDs and / or PEDs exploiting and /
or hosting CCVAS features. First and second primary content servers 1290A and 1290B may also host for example other Internet services such as a search engine, financial services, third party applications and other Internet based services.
[0079] Accordingly, a user may exploit a PED and / or FED within an Enterprise 1260, for example, and access one of the first or second servers 1290A and 1290B
respectively to perform an operation such as accessing / downloading an application which provides CCVAS features according to embodiments of the invention; execute an application already installed providing CCVAS features; execute a web based application providing CCVAS features; or access content.
Similarly, a user may undertake such actions or others exploiting embodiments of the invention exploiting a PED or FED within first and second user groups 1200A and 1200B
respectively via one of first and second cellular APs 1295A and 1295B respectively and first Wi-Fi nodes 1210A.
[0080] As noted supra first and second servers 1290A and 1290B together with others may host a variety of software systems and / or software applications supporting embodiments of the invention. However, embodiments of the invention may not only operate locally, regionally, or nationally but internationally and globally. Accordingly, some servers may manage and control operations in execution upon other servers. For example, an Authentication Service such as Authentication Service 290 in Figure 2 (e.g. Assure360) may operate a server or servers within one or more jurisdictions which authenticate, using one or more machine authentications techniques servers, within that jurisdiction as well as other jurisdictions.
Each jurisdiction server may be operated by the same Authentication Service as manages the supervisory servers or it may be operated by one or more Identity Authority Servers authorised by the Authentication Service managing the supervisory servers. Optionally, such providers of Authentication Services may be regulated by government regulatory bodies within their respective jurisdictions. As noted supra as the verification processes are performed on firewalled servers associated with the physical attribute provider (PHYSAPs) then data relating to true original government issued photographic card credentials is maintained secure and private whilst the only information transmitted from a store front relying party is the extracted data for the presented government issued photographic card credential and that transmitted from a PHYSAP is the result of the verification / validation process. Similarly, data transmitted from an Attribute Provider is restricted, e.g. only the Identity Verification Score (IdVS) provided from the Attribute Provider server, e.g. CARCREC server, to the card reader at the store front relying party, e.g. CARCREC
system 410.
[0081] Accordingly, where government issued photographic identity cards are standardized, e.g.
driver' licenses in all member states of the European Community, then the processes relating to the store front relying parties may be similarly tracked and employed across multiple jurisdictions. Alternatively, the user may transact business within another jurisdiction based upon the validation and verification of their identity. In such instances where a jurisdiction server (e.g.
a country server) is transacting on behalf of a user (e.g. doing business or presenting their government issued photographic identity card) in another jurisdiction (e.g.
country) then the two jurisdiction servers will first identify themselves before the user's digital identity will be assured by the jurisdiction server in the jurisdiction they live. Due to different provincial, state, territorial, differences such jurisdictions may include different states, regions, territories, etc., for example.
[0082] It would be evident that authentication may be conducted by an online relying party in the country in which the user is conducting business or by the user's Identity Provider (if the user uses one), if the online relying party the user is transaction with is networked with the user's Identity Provider. It would be evident that some enterprises and / or organizations acting as online relying parties, e.g. Google, American Express, HSBC and Facebook, may act as global identity providers whereas other online relying parties, e.g. Verizon and Chase Manhattan, may be only US identity providers.
[0083] Now referring to Figure 13 there is depicted an electronic device 1304 and network access point 1307 supporting CCVAS features according to embodiments of the invention.
Electronic device 1304 may, for example, be a PED and / or FED and may include additional elements above and beyond those described and depicted. Also depicted within the electronic device 1304 is the protocol architecture as part of a simplified functional diagram of a system 1300 that includes an electronic device 1304, such as a smartphone 1255, an access point (AP) 1306, such as first AP 1210, and one or more network devices 1307, such as communication servers, streaming media servers, and routers for example such as first and second servers 1290A
and 1290B respectively. Network devices 1307 may be coupled to AP 1306 via any combination of networks, wired, wireless and/or optical communication links such as discussed above in respect of Figure 12 as well as directly as indicated. Network devices 1307 are coupled to network 300 and therein Social Networks (SOCNETS) 1265, first and second Attribute Providers 1270A and 1270B respectively, e.g. EntrustTM and ACI WorldwideTM, first and second government photographic identity providers 1275A and 1275B respectively, e.g.
American ExpressTM and Western UniOnTM, and first and second Authentication Services 1275C and 1275D respectively, e.g. VerisignTM and Assure 360TM.
[0084] The electronic device 1304 includes one or more processors 1310 and a memory 1312 coupled to processor(s) 1310. AP 1306 also includes one or more processors 1311 and a memory 1313 coupled to processor(s) 1310. A non-exhaustive list of examples for any of processors 1310 and 1311 includes a central processing unit (CPU), a digital signal processor (DSP), a reduced instruction set computer (RISC), a complex instruction set computer (CISC) and the like.
Furthermore, any of processors 1310 and 1311 may be part of application specific integrated circuits (ASICs) or may be a part of application specific standard products (ASSPs). A non-exhaustive list of examples for memories 1312 and 1313 includes any combination of the following semiconductor devices such as registers, latches, ROM, EEPROM, flash memory devices, non-volatile random access memory devices (NVRAM), SDRAM, DRAM, double data rate (DDR) memory devices, SRAM, universal serial bus (USB) removable memory, and the like.
[0085] Electronic device 1304 may include an audio input element 1314, for example a microphone, and an audio output element 1316, for example, a speaker, coupled to any of processors 1310. Electronic device 1304 may include a video input element 1318, for example, a video camera or camera, and a video output element 1320, for example an LCD
display, coupled to any of processors 1310. Electronic device 1304 also includes a keyboard 1315 and touchpad 1317 which may for example be a physical keyboard and touchpad allowing the user to enter content or select functions within one of more applications 1322.
Alternatively the keyboard 1315 and touchpad 1317 may be predetermined regions of a touch sensitive element forming part of the display within the electronic device 1304. The one or more applications 1322 that are typically stored in memory 1312 and are executable by any combination of processors 1310.
Electronic device 1304 also includes accelerometer 1360 providing three-dimensional motion input to the process 1310 and GPS 1362 which provides geographical location information to processor 1310.
[0086] Electronic device 1304 includes a protocol stack 1324 and AP 1306 includes a communication stack 1325. Within system 1300 protocol stack 1324 is shown as IEEE 802.11 protocol stack but alternatively may exploit other protocol stacks such as an Internet Engineering Task Force (1ETF) multimedia protocol stack for example. Likewise AP stack 1325 exploits a protocol stack but is not expanded for clarity. Elements of protocol stack 1324 and AP stack 1325 may be implemented in any combination of software, firmware and/or hardware. Protocol stack 1324 includes an IEEE 802.11-compatible PHY module 1326 that is coupled to one or more Front-End Tx/Rx & Antenna 1328, an IEEE 802.11-compatible MAC module 1330 coupled to an IEEE 802.2-compatible LLC module 1332. Protocol stack 1324 includes a network layer IP module 1334, a transport layer User Datagram Protocol (UDP) module 1336 and a transport layer Transmission Control Protocol (TCP) module 1338.
[0087] Protocol stack 1324 also includes a session layer Real Time Transport Protocol (RTP) module 1340, a Session Announcement Protocol (SAP) module 1342, a Session Initiation Protocol (SIP) module 1344 and a Real Time Streaming Protocol (RTSP) module 1346. Protocol stack 1324 includes a presentation layer media negotiation module 1348, a call control module 1350, one or more audio codecs 1352 and one or more video codecs 1354.
Applications 1322 may be able to create maintain and/or terminate communication sessions with any of devices 1307 by way of AP 1306. Typically, applications 1322 may activate any of the SAP, SIP, RTSP, media negotiation and call control modules for that purpose. Typically, information may propagate from the SAP, SIP, RTSP, media negotiation and call control modules to PHY module 1326 through TCP module 1338, IP module 1334, LLC module 1332 and MAC module 1330.
[0088] It would be apparent to one skilled in the art that elements of the electronic device 1304 may also be implemented within the AP 1306 including but not limited to one or more elements of the protocol stack 1324, including for example an IEEE 802.11-compatible PHY module, an IEEE 802.11-compatible MAC module, and an IEEE 802.2-compatible LLC module 1332. The AP 1306 may additionally include a network layer IP module, a transport layer User Datagram Protocol (UDP) module and a transport layer Transmission Control Protocol (TCP) module as well as a session layer Real Time Transport Protocol (RTP) module, a Session Announcement Protocol (SAP) module, a Session Initiation Protocol (SIP) module and a Real Time Streaming Protocol (RTSP) module, media negotiation module, and a call control module.
Portable and fixed electronic devices represented by electronic device 1304 may include one or more additional wireless or wired interfaces in addition to the depicted IEEE
802.11 interface which may be selected from the group comprising IEEE 802.15, IEEE 802.16, IEEE
802.20, UMTS, GSM 850, GSM 900, GSM 1800, GSM 1900, GPRS, 1TU-R 5.138, ITU-R 5.150, ITU-R
5.280, IMT-2000, DSL, Dial-Up, DOCSIS, Ethernet, G.hn, ISDN, MoCA, PON, and Power line communication (PLC).
[0089] Specific details are given in the above description to provide a thorough understanding of the embodiments. However, it is understood that the embodiments may be practiced without these specific details. For example, circuits may be shown in block diagrams in order not to obscure the embodiments in unnecessary detail. In other instances, well-known circuits, processes, algorithms, structures, and techniques may be shown without unnecessary detail in order to avoid obscuring the embodiments.
[0090] Implementation of the techniques, blocks, steps and means described above may be done in various ways. For example, these techniques, blocks, steps and means may be implemented in hardware, software, or a combination thereof. For a hardware implementation, the processing units may be implemented within one or more application specific integrated circuits (ASICs), digital signal processors (DSPs), digital signal processing devices (DSPDs), programmable logic devices (PLDs), field programmable gate arrays (FPGAs), processors, controllers, micro-controllers, microprocessors, other electronic units designed to perform the functions described above and/or a combination thereof.
[0091] Also, it is noted that the embodiments may be described as a process which is depicted as a flowchart, a flow diagram, a data flow diagram, a structure diagram, or a block diagram.
Although a flowchart may describe the operations as a sequential process, many of the operations can be performed in parallel or concurrently. In addition, the order of the operations may be rearranged. A process is terminated when its operations are completed, but could have additional steps not included in the figure. A process may correspond to a method, a function, a procedure, a subroutine, a subprogram, etc. When a process corresponds to a function, its termination corresponds to a return of the function to the calling function or the main function.
[0092] Furthermore, embodiments may be implemented by hardware, software, scripting languages, firmware, middleware, microcode, hardware description languages and/or any combination thereof. When implemented in software, firmware, middleware, scripting language and/or microcode, the program code or code segments to perform the necessary tasks may be stored in a machine readable medium, such as a storage medium. A code segment or machine-executable instruction may represent a procedure, a function, a subprogram, a program, a routine, a subroutine, a module, a software package, a script, a class, or any combination of instructions, data structures and/or program statements. A code segment may be coupled to another code segment or a hardware circuit by passing and/or receiving information, data, arguments, parameters and/or memory contents. Information, arguments, parameters, data, etc. may be passed, forwarded, or transmitted via any suitable means including memory sharing, message passing, token passing, network transmission, etc.
[0093] For a firmware and/or software implementation, the methodologies may be implemented with modules (e.g., procedures, functions, and so on) that perform the functions described herein.
Any machine-readable medium tangibly embodying instructions may be used in implementing the methodologies described herein. For example, software codes may be stored in a memory.
Memory may be implemented within the processor or external to the processor and may vary in implementation where the memory is employed in storing software codes for subsequent execution to that when the memory is employed in executing the software codes.
As used herein the term "memory" refers to any type of long term, short term, volatile, nonvolatile, or other storage medium and is not to be limited to any particular type of memory or number of memories, or type of media upon which memory is stored.
[0094] Moreover, as disclosed herein, the term "storage medium" may represent one or more devices for storing data, including read only memory (ROM), random access memory (RAM), magnetic RAM, core memory, magnetic disk storage mediums, optical storage mediums, flash memory devices and/or other machine readable mediums for storing information.
The term "machine-readable medium" includes, but is not limited to portable or fixed storage devices, optical storage devices, wireless channels and/or various other mediums capable of storing, containing or carrying instruction(s) and/or data.
[0095] The methodologies described herein are, in one or more embodiments, performable by a machine which includes one or more processors that accept code segments containing instructions. For any of the methods described herein, when the instructions are executed by the machine, the machine performs the method. Any machine capable of executing a set of instructions (sequential or otherwise) that specify actions to be taken by that machine are included. Thus, a typical machine may be exemplified by a typical processing system that includes one or more processors. Each processor may include one or more of a CPU, a graphics-processing unit, and a programmable DSP unit. The processing system further may include a memory subsystem including main RAM and/or a static RAM, and/or ROM. A bus subsystem may be included for communicating between the components. If the processing system requires a display, such a display may be included, e.g., a liquid crystal display (LCD).
If manual data entry is required, the processing system also includes an input device such as one or more of an alphanumeric input unit such as a keyboard, a pointing control device such as a mouse, and so forth.
[0096] The memory includes machine-readable code segments (e.g. software or software code) including instructions for performing, when executed by the processing system, one of more of the methods described herein. The software may reside entirely in the memory, or may also reside, completely or at least partially, within the RAM and/or within the processor during execution thereof by the computer system. Thus, the memory and the processor also constitute a system comprising machine-readable code.
[0097] In alternative embodiments, the machine operates as a standalone device or may be connected, e.g., networked to other machines, in a networked deployment, the machine may operate in the capacity of a server or a client machine in server-client network environment, or as a peer machine in a peer-to-peer or distributed network environment. The machine may be, for example, a computer, a server, a cluster of servers, a cluster of computers, a web appliance, a distributed computing environment, a cloud computing environment, or any machine capable of executing a set of instructions (sequential or otherwise) that specify actions to be taken by that machine. The term "machine" may also be taken to include any collection of machines that individually or jointly execute a set (or multiple sets) of instructions to perform any one or more of the methodologies discussed herein.
[0098] The foregoing disclosure of the exemplary embodiments of the present invention has been presented for purposes of illustration and description. It is not intended to be exhaustive or to limit the invention to the precise forms disclosed. Many variations and modifications of the embodiments described herein will be apparent to one of ordinary skill in the art in light of the above disclosure. The scope of the invention is to be defined only by the claims appended hereto, and by their equivalents.

[0099] Further, in describing representative embodiments of the present invention, the specification may have presented the method and/or process of the present invention as a particular sequence of steps. However, to the extent that the method or process does not rely on the particular order of steps set forth herein, the method or process should not be limited to the particular sequence of steps described. As one of ordinary skill in the art would appreciate, other sequences of steps may be possible. Therefore, the particular order of the steps set forth in the specification should not be construed as limitations on the claims. In addition, the claims directed to the method and/or process of the present invention should not be limited to the performance of their steps in the order written, and one skilled in the art can readily appreciate that the sequences may be varied and still remain within the spirit and scope of the present invention.

Claims (20)

What is claimed is:

1. A method of providing a plurality of different base cards comprising:
selecting a first predetermined number of first features and forming said first predetermined number of first features as at least one of within and upon the surface of a base card of the plurality of base cards;
selecting a second predetermined number of second features and forming said second predetermined number of second features upon the surface of a base card of the plurality of base cards using a material having ultraviolet properties;
selecting a third predetermined number of third features and forming said third predetermined number of third features upon the surface of a base card of the plurality of base cards using a material having infrared properties; and selecting a fourth predetermined number of fourth features and forming said fourth predetermined number of fourth features upon the surface of a base card of the plurality of base cards using a material having visible properties.

2. The method according to claim 1, wherein selecting at least one of the first predetermined number, the second predetermined number, the third predetermined number, and the fourth predetermined number is by at least one of a random and a pseudo-random number generation process.

3. The method according to claim 1, wherein at least one of the first features, the second features, the third features, and the fourth features comprise features are at least one of database and an online resource comprising a plurality of the at least one of as part of a large set of the at least one of.

4. The method according to claim 1, wherein at least one of the first features, the second features, the third features, and the fourth features comprise features have positions established upon the base card in dependence upon at least one of a matrix of locations, a plurality of matrices of locations, and a mask defining predetermined regions for the location of the at least one of.

5. The method according to claim 1, wherein a first predetermined portion of the at least one of the first features, the second features, the third features, and the fourth features have positions established upon a first side of the base card; and a second predetermined portion of the at least one of the first features, the second features, the third features, and the fourth features have positions established upon a first side of the base card.

6. The method according to claim 1, wherein at least one of the material having ultraviolet properties and the material having infrared properties is at least one of fluorescent and photoluminescent.

7. A device comprising:
a base card formed from at least a predetermined material;
a first predetermined number of first features and forming said first predetermined number of first features as at least one of within and upon the surface of the base card;
a second predetermined number of second features and forming said second predetermined number of second features upon the surface of the base card using a material having ultraviolet properties such that each second feature is visible under ultraviolet illumination;
a third predetermined number of third features and forming said third predetermined number of third features upon the surface of the base card using a material having infrared properties such that each second feature is visible under infrared illumination; and a fourth predetermined number of fourth features and forming said fourth predetermined number of fourth features upon the surface of the base card using a material having visible properties.

8. The device according to claim 7, wherein at least one of the first predetermined number, the second predetermined number, the third predetermined number, and the fourth predetermined number are selected from a much larger number of features at least one of a random and a pseudo-random number generation process.

9. The device according to claim 7, wherein at least one of the first features, the second features, the third features, and the fourth features comprise features are at least one of database and an online resource comprising a plurality of the at least one of as part of a large set of the at least one of.

10. The device according to claim 7, wherein at least one of the first features, the second features, the third features, and the fourth features comprise features have positions established upon the base card in dependence upon at least one of a matrix of locations, a plurality of matrices of locations, and a mask defining predetermined regions for the location of the at least one of.

11. The device according to claim 7, wherein a first predetermined portion of the at least one of the first features, the second features, the third features, and the fourth features have positions established upon a first side of the base card; and a second predetermined portion of the at least one of the first features, the second features, the third features, and the fourth features have positions established upon a first side of the base card.

12. The device according to claim 7, wherein at least one of the material having ultraviolet properties and the material having infrared properties is at least one of fluorescent and photoluminescent.

13. The device according to claim 8, wherein the device further comprises at least one of a magnetic stripe, a signature strip for signing by a user to be associated with the device, and an electronic circuit connector.

14. A method of validating a card credential comprising;
scanning the card credential to extract first extracted data relating to a plurality of features identified upon the card credential and second extracted data relating to the locations of the plurality of features identified;
comparing the extracted plurality of features with a database of card credential records, each card credential record comprising first data relating to the features added to the card credential during its manufacturing and second data relating to the locations of the features upon the card credential; and determining a result based upon at least the first extracted data, the second extracted data, the first data and the second data.

15. The method according to claim 14, wherein scanning the card credential comprises performing at least one of a mechanical scan, an ultraviolet scan, an infrared scan, a visible scan, an ultraviolet image, an infrared image, and a visible image.

16. The method according to claim 14, wherein a first predetermined portion of the first extracted data and the second extracted data relates to a plurality of first features formed at least one of within and upon the surface of the card credential;
a second predetermined portion of the first extracted data and the second extracted data relates to a plurality of second features upon the surface of the card credential comprising a material having ultraviolet properties;
a third predetermined portion of the first extracted data and the second extracted data relates to a plurality of third features upon the surface of the card credential comprising a material having infrared properties; and a fourth predetermined portion of the first extracted data and the second extracted data relates to a plurality of second features upon the surface of the card credential comprising a material having visible properties.

17. The method according to claim 14, wherein extracting the first extracted data and the second extracted data comprises applying at least one of a matrix of locations, a plurality of matrices of locations, and a mask defining predetermined regions to the acquired scan of the card credential.

18. The method according to claim 14, wherein determining the result further comprises determining whether second data extracted from the card credential identifying a user associated with the card credential matches third data relating to an owner associated with the card credential by the issuer of the card credential.

19. The method according to claim 14, wherein the scanning process is performed at least one of a retail store, a kiosk, a financial institution, a government credential issuing authority, a point-of-sale terminal, an automatic teller machine, and a terminal.

20. The method according to claim 14, wherein the determination is performed at a remote server from a card reader performing the scan and the first extracted data and second extracted data are communicated to the remote server via a network.