US20210243023A9 - System and method, which using blockchain and mobile devices, provides the validated and authenticated identity of an individual to a valid and authenticated requestor - Google Patents
System and method, which using blockchain and mobile devices, provides the validated and authenticated identity of an individual to a valid and authenticated requestor Download PDFInfo
- Publication number
- US20210243023A9 US20210243023A9 US16/218,385 US201816218385A US2021243023A9 US 20210243023 A9 US20210243023 A9 US 20210243023A9 US 201816218385 A US201816218385 A US 201816218385A US 2021243023 A9 US2021243023 A9 US 2021243023A9
- Authority
- US
- United States
- Prior art keywords
- identity
- individual
- data
- image
- document
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3236—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions
- H04L9/3239—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions involving non-keyed hash functions, e.g. modification detection codes [MDCs], MD5, SHA or RIPEMD
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/31—User authentication
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/45—Structures or tools for the administration of authentication
-
- G06K9/00442—
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06V—IMAGE OR VIDEO RECOGNITION OR UNDERSTANDING
- G06V10/00—Arrangements for image or video recognition or understanding
- G06V10/20—Image preprocessing
- G06V10/22—Image preprocessing by selection of a specific region containing or referencing a pattern; Locating or processing of specific regions to guide the detection or recognition
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06V—IMAGE OR VIDEO RECOGNITION OR UNDERSTANDING
- G06V30/00—Character recognition; Recognising digital ink; Document-oriented image-based pattern recognition
- G06V30/40—Document-oriented image-based pattern recognition
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06V—IMAGE OR VIDEO RECOGNITION OR UNDERSTANDING
- G06V40/00—Recognition of biometric, human-related or animal-related patterns in image or video data
- G06V40/10—Human or animal bodies, e.g. vehicle occupants or pedestrians; Body parts, e.g. hands
- G06V40/16—Human faces, e.g. facial parts, sketches or expressions
- G06V40/172—Classification, e.g. identification
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/06—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for block-wise or stream coding, e.g. DES systems or RC4; Hash functions; Pseudorandom sequence generators
- H04L9/0618—Block ciphers, i.e. encrypting groups of characters of a plain text message using fixed encryption transformation
- H04L9/0637—Modes of operation, e.g. cipher block chaining [CBC], electronic codebook [ECB] or Galois/counter mode [GCM]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0891—Revocation or update of secret information, e.g. encryption key update or rekeying
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/321—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving a third party or a trusted authority
- H04L9/3213—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving a third party or a trusted authority using tickets or tokens, e.g. Kerberos
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3234—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving additional secure or trusted devices, e.g. TPM, smartcard, USB or software token
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3297—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving time stamps, e.g. generation of time stamps
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/50—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols using hash chains, e.g. blockchains or hash trees
-
- H04L2209/38—
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L2209/00—Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
- H04L2209/56—Financial cryptography, e.g. electronic payment or e-cash
Definitions
- This invention relates to personal identity management and more particularly to methods and systems for mobile personal credentials that are verifiable and authenticable.
- Digital identity is the data that uniquely describes a person or a thing and contains information about the subject's relationships within the digital world, commonly referred to as cyberspace, World Wide Web (WWW) or Internet.
- a critical problem is knowing the true identity with whom one is interacting either within electronic messaging, Internet accessible content, or transaction.
- identity attributes associated to a person's digital identity
- these attributes or even identities can be changed, masked or dumped and new ones created.
- ID documents With the advent of widespread electronic devices, the landscape for the identity (ID) documents industry has been rapidly changing with increasingly sophisticated security measures, increased electronic processing, global wireless network connectivity, and continuously expanding machine readable capabilities globally. These have evolved in order to counter the increasingly sophisticated counterfeiting and piracy methodologies that exploit the very same advances in technology and infrastructure. At the same time user expectations from ubiquitous portable electronic devices, global networks, etc. is for simplified security processes and streamlined authentication of an ID document, the user, or a transaction by the user.
- Visual Security Features provide easy visual control of ID documents and make them more resistant to counterfeiting and tampering through attempts at both physical and data changes.
- Machine-readable Security Features traditionally include magnetic stripes, 1D and 2D barcodes, Optical Character Recognition (OCR)/Optically Machine Readable (OMR) content in printed areas or Machine Readable Zones (MRZs). More advanced ID documents may also include contact and contactless interfaces microchips including RFID and smart cards.
- OCR Optical Character Recognition
- OMRZs Machine Readable Zones
- More advanced ID documents may also include contact and contactless interfaces microchips including RFID and smart cards.
- Such Machine-readable Security Features have varying memory capacity and typically replicate digitally the document data with additional unique identifiers and, in the case of microchips with sufficient data storage capabilities, additional biometric identification data for holder authentication may be included.
- the inventors address these issues through the provisioning of electronic ID documents which when presented to a third party are associated with provisioning of data to the third party that allows them to verify the presented electronic ID document. Further, the inventors by linking the electronic ID document to its physical ID document counterpart or tying the electronic ID document to the physical individual provide authenticable electronic ID documents.
- a method to verifying the identity of a user performing a transaction by storing data relating to an originally issued identity document within a blockchain remotely stored upon a server remote to both a system performing the transaction and a system upon which data relating to the originally issued identity document is stored by the original issuing authority.
- the data is a hash value generated in dependence upon transaction data and a variable provided from an application in execution upon an electronic device associated with the user and the hash value is stored within a blockchain.
- method of verifying the identity of a user comprising extracting data from at least a pair of blockchains, the first blockchain established by an issuer of an original identity document relating to the user and the second blockchain established by a third party associated with at least a transaction performed by the user.
- a method to verifying the identity of a user performing a transaction by storing data relating to an identity verification score of the user within a blockchain storing transaction data relating to transactions performed by the user.
- a method comprising providing to a user a smart contract with respect to the storage of information relating to the user based upon the user presenting an item of photographic identification as proof of identity with respect to an activity.
- FIGS. 1 and 2 depict a first portion of a real world and virtual world identity ecosystem according to an embodiment of the invention
- FIG. 3 depicts a wireless portable electronic device supporting communications to a network such as depicted in FIG. 4 and as supporting embodiments of the invention
- FIG. 4 depicts a network environment within which embodiments of the invention may be employed
- FIGS. 5A and 5B depict an exemplary process flow for establishing verification of a credential provided by a user within an environment according to an embodiment of the invention
- FIG. 6 depicts an exemplary network environment for user authentication of an identity application according to an embodiment of the invention
- FIG. 7 depicts exemplary use cases for identity verification exploiting an identity application according to an embodiment of the invention.
- FIG. 8 depicts the integration of the identity verification/application within an electronic identity wallet according to an embodiment of the invention
- FIG. 9A depicts integration of blockchain verification/authentication to an identity verification/application within an electronic identity wallet according to an embodiment of the invention
- FIG. 9B depicts integration of blockchain verification/authentication to an identity verification/application within an electronic identity wallet according to an embodiment of the invention
- the present invention is directed to real world and virtual world identities and more particularly to authenticating users within the virtual world based upon credentials issued in response to validated and authenticated real world identities.
- a “portable electronic device” refers to a wireless device used for communications and other applications that requires a battery or other independent form of energy for power. This includes devices, but is not limited to, such as a cellular telephone, smartphone, personal digital assistant (PDA), portable computer, pager, portable multimedia player, portable gaming console, laptop computer, tablet computer, and an electronic reader.
- PDA personal digital assistant
- a “fixed electronic device” refers to a wireless and/or wired device used for communications and other applications that requires connection to a fixed interface to obtain power. This includes, but is not limited to, a laptop computer, a personal computer, a tablet, a smartphone, a computer server, a kiosk, a gaming console, a digital set-top box, an analog set-top box, an Internet enabled appliance, an Internet enabled television, and a multimedia player.
- An “application” (commonly referred to as an “app”) as used herein may refer to, but is not limited to, a “software application”, an element of a “software suite”, a computer program designed to allow an individual to perform an activity, a computer program designed to allow an electronic device to perform an activity, and a computer program designed to communicate with local and or remote electronic devices.
- An application thus differs from an operating system (which runs a computer), a utility (which performs maintenance or general-purpose chores), and a programming tools (with which computer programs are created).
- an application is generally presented in respect of software permanently and/or temporarily installed upon a PED and/or FED.
- a “social network” or “social networking service” as used herein may refer to, but is not limited to, a platform to build social networks or social relations among people who may, for example, share interests, activities, backgrounds, or real-life connections. This includes, but is not limited to, social networks such as U.S. based services such as Facebook, Google+, Tumblr and Twitter; as well as Nexopia, Badoo, Bebo, VKontakte, Delphi, Hi5, Hyves, iWiW, Nasza-Klasa, Soup, Glocals, Skyrock, The Sphere, StudiVZ, Tagged, Tuenti, XING, Orkut, Mxit, Cyworld, Mixi, renren, weibo and Wretch.
- U.S. based services such as Facebook, Google+, Tumblr and Twitter
- Nexopia Badoo, Bebo, VKontakte, Delphi, Hi5, Hyves, iWiW, Nasza-Klasa, Soup,
- Social media or “social media services” as used herein may refer to, but is not limited to, a means of interaction among people in which they create, share, and/or exchange information and ideas in virtual communities and networks. This includes, but is not limited to, social media services relating to magazines, Internet forums, weblogs, social blogs, microblogging, wikis, social networks, podcasts, photographs or pictures, video, rating and social bookmarking as well as those exploiting blogging, picture-sharing, video logs, wall-posting, music-sharing, crowdsourcing and voice over IP, to name a few.
- Social media services may be classified, for example, as collaborative projects (for example, Wikipedia); blogs and microblogs (for example, TwitterTM); content communities (for example, YouTube and DailyMotion); social networking sites (for example, FacebookTM); virtual game-worlds (e.g., World of WarcraftTM); and virtual social worlds (e.g. Second LifeTM).
- collaborative projects for example, Wikipedia
- blogs and microblogs for example, TwitterTM
- content communities for example, YouTube and DailyMotion
- social networking sites for example, FacebookTM
- virtual game-worlds e.g., World of WarcraftTM
- virtual social worlds e.g. Second LifeTM
- An “enterprise” as used herein may refer to, but is not limited to, a provider of a service and/or a product to a user, customer, client, or consumer. This includes, but is not limited to, a retail outlet, a store, a market, an online marketplace, a manufacturer, an online retailer, a charity, a utility, and a service provider. Such enterprises may be directly owned and controlled by a company or may be owned and operated by a franchisee under the direction and management of a franchiser.
- a “service provider” as used herein may refer to, but is not limited to, a third party provider of a service and/or a product to an enterprise and/or individual and/or group of individuals and/or a device comprising a microprocessor. This includes, but is not limited to, a retail outlet, a store, a market, an online marketplace, a manufacturer, an online retailer, a utility, an own brand provider, and a service provider wherein the service and/or product is at least one of marketed, sold, offered, and distributed by the enterprise solely or in addition to the service provider.
- a ‘third party’ or “third party provider” as used herein may refer to, but is not limited to, a so-called “arm's length” provider of a service and/or a product to an enterprise and/or individual and/or group of individuals and/or a device comprising a microprocessor wherein the consumer and/or customer engages the third party but the actual service and/or product that they are interested in and/or purchase and/or receive is provided through an enterprise and/or service provider.
- a “user” or “credential holder” as used herein refers to an individual who, either locally or remotely, by their engagement with a service provider, third party provider, enterprise, social network, social media etc. via a dashboard, web service, website, software plug-in, software application, or graphical user interface provides an electronic credential as part of their authentication with the service provider, third party provider, enterprise, social network, social media etc. This includes, but is not limited to, private individuals, employees of organizations and/or enterprises, members of community organizations, members of charity organizations, men, women, children, and teenagers. “User information” as used herein may refer to, but is not limited to, user identification information, user profile information, and user knowledge.
- a “security credential” (also referred to as a credential) as used herein may refer to, but is not limited to, a piece of evidence that a communicating party possesses that can be used to create or obtain a security token. This includes, but is not limited to, a machine-readable cryptographic key, a machine-readable password, a cryptographic credential issued by a trusted third party, or another item of electronic content having an unambiguous association with a specific, real individual.
- Such security credentials may include those that are permanent, designed to expire after a certain period, designed to expire after a predetermined condition is met, or designed to expire after a single use.
- a “government issued photographic identity document” as used herein may refer to, but is not limited to, any document, card, or electronic content item issued by a government body for the purposes of identifying the owner of the government issued photographic identity document. Such government bodies may, for example, be national, federal, state, national, and regional governments alone or in combination.
- Such government issued photographic identity documents also referred to within this specification as Photo-ID cards, government issued photographic cards, and government issued identity documents may include, but are not limited to, a driver's license, a passport, a health card, national identity card, and an immigration card although they have the common feature of a photographic image, multimedia image, or audiovisual image of the user to whom the government issued photographic identity document was issued.
- Such government issued photographic identity documents may include, but not be limited to, those comprising single sided plastic card, double sided plastic cards, single sided sheets, double side sheets, predetermined sheets within a book or booklet, and digital representations thereof in isolation or in combination with additional electronic/digital data that has been encoded/encrypted.
- a digital memory with fingerprint scanner in the form of what is known as a “memory stick” may be securely issued by a government body as the fingerprint data for the user is securely encoded and uploaded together with image and digital content data. Subsequently, the digital memory when connected to a terminal and activated by the user's fingerprint may transfer the required digital data to the terminal to allow for a verification that the user is the one and the same.
- Such memory devices can be provided which destroy or corrupt the data stored within upon detection of tampering.
- Electronic content (also referred to as “content” or “digital content”) as used herein may refer to, but is not limited to, any type of content that exists in the form of digital data as stored, transmitted, received and/or converted wherein one or more of these steps may be analog although generally these steps will be digital.
- Forms of digital content include, but are not limited to, information that is digitally broadcast, streamed or contained in discrete files. Viewed narrowly, types of digital content include popular media types such as those for example listed on Wikipedia (see http://en.wikipedia.org/wiki/List_of file_formats).
- digital content may include any type of digital information that is at least one of generated, selected, created, modified, and transmitted in response to a request, wherein said request may be a query, a search, a trigger, an alarm, and a message for example.
- Encryption may refer to, but are not limited to, the processes of encoding messages or information in such a way that only authorized parties can read it. This includes, but is not limited to, symmetric key encryption through algorithms such as Twofish, Serpent, AES (Rijndael), Blowfish, CAST5, RC4, 3DES, and IDEA for example, and public-key encryption through algorithms such as Diffie-Hellman, Digital Signature Standard, Digital Signature Algorithm, ElGamal, elliptic-curve techniques, password-authenticated key agreement techniques, Paillier cryptosystem, RSA encryption algorithm, Cramer-Shoup cryptosystem, and YAK authenticated key agreement protocol.
- symmetric key encryption through algorithms such as Twofish, Serpent, AES (Rijndael), Blowfish, CAST5, RC4, 3DES, and IDEA for example
- public-key encryption through algorithms such as Diffie-Hellman, Digital Signature Standard, Digital Signature Algorithm, ElGamal, elliptic-
- a block chain or blockchain as used herein may refer to, but are not limited to, a permissionless distributed database based on a protocol, such as the bitcoin protocol for example.
- a blockchain maintains and establishes a continuously growing list of transactional data records hardened against tampering and revision, even by operators of the data store's nodes themselves. As such a blockchain may for a public ledger of transactions as well as the basis for distributed ledgers. Each blockchain record may be enforced cryptographically and hosted on machines working as data store nodes in a distributed manner.
- ID documents The dual purposes of ID documents are to ascertain the virtual identity of the holder through providing a valid and authentic document, and also for a human authorized agent to identify the physical person as the rightful owner of the document, therefore binding in-person the physical identity to the virtual one. Whilst most security features are targeted at validating or increasing confidence in the authenticity of the ID document itself the second aspect of visual verification is subject to human limitations such as fatigue as well as variations in individual, environmental, and physical conditions. This is normally remedied by supplementing human validation with sophisticated equipment such as ID document scanners, or cameras that perform automated OCR/OMR and data cross-checking, providing some level of validation automation.
- the task of validating the physical identity of the ID document holder with the photo on the document, or the photo on another document of the same name such as a government issued ID is optimally suited to the human agent today.
- a biometric identifier the matching of a user photo to their face is easily and quickly performed in person whereas with the current status of electronic solutions this is something more difficult to achieve reliably with facial recognition and face matching technology.
- embodiments of the invention provide solutions supporting enhanced photographic and/or digital imagery to ensure enhanced usability for both visual authentication and easy readability without requiring high cost scanning or camera devices, allowing within the supported embodiments entirely digital mobile ID documents. Accordingly, embodiments of the invention may cross easily into the all-digital world whereas nearly all other prior art security features require a physical card making them self-limiting when considering migration to electronic ID documents and forcing adoption of secondary methodologies and credentials.
- FIGS. 1 and 2 there are depicted first and second portions of a real and virtual world identity ecosystem (RVWIE) according to an embodiment of the invention.
- this RVWIE comprises a physical attribute provider (PHYSAP) 155 in communication with an Attribute Provider 135 .
- the PHYSAP 155 being depicted schematic as process flow detail in FIG. 2 .
- the PHYSAP 155 represents an identity document issuer wherein the identity document (ID) includes a photograph of the user 165 to whom it relates and may be a physical ID document and /or an electronic ID document.
- the PHYSAP 155 is, typically, a government issuing authority or an authority licensed by a government to issue identity documents.
- the government authority may be national, provincial, federal, or state for example.
- identity documents may include, but are not limited to, a driver's license, a passport, a health card, national identity card, and an immigration card.
- a credential holder (user 165 ) is identity-proofed in-person by a trusted agent of the government photographic identity issuing authority, e.g. first and second PHYSAPs 155 A and 155 B.
- This process step 210 results in the issuance of photographic identity (Photo-ID) document (PhysID) 160 A (step 220 ) and the credential holder's proofed identity being bound (step 230 ) to the government photographic identity document.
- the credential holder's identity-proofed attributes being stored in step 240 within a government Identity Attribute Database 250 managed by the document issuer.
- Attributes stored in respect of the credential holder within the Identity Attribute Database 250 may include, but not be limited to, the photograph of the user 165 , the signature of the user 165 , the user's name and address, type of document, and date of issue.
- the information within the Identity Attribute Database 250 is also accessible by a Document Validation and Identity Verification Engine (DVIVE) 260 which is in communication with an Attribute Provider 135 .
- DVIVE Document Validation and Identity Verification Engine
- second PHYSAP 155 B a similar process as depicted with respect to first PHYSAP 155 A may be employed, resulting in a second PhysID 160 D, electronic ID document (EleID) 160 B, and fractal 160 C.
- the fractal 160 C may, for example be a fractal image or be a fractal image with embedded encrypted data such as described by the inventors within U.S. Provisional Patent Application 62/086,745 entitled “Verifiable Credentials and Methods Thereof” filed Dec. 3, 2014 the entire contents of which are incorporated herein by reference.
- the user 165 uses their PhysID 160 A, or second PhysID 160 D at a storefront retailer/government office or kiosk/enterprise, depicted as first and second store front relying parties 170 A and 170 B respectively, to identify themselves in the presence of an agent of the store front relying party.
- the first and second store front relying parties 170 A and 170 B each exploit a Photo-ID checker, referred to within this specification as a Ping360 system/device. According to the identity of the first and second store front relying parties 170 A and 170 B respectively these are allocated different trust levels. For example:
- T1 Trust Level 1
- civic authority e.g. another government Photo-ID issuing authority or government/civic office where the credential holder's identity is proofed, having higher trust level than other relying parties.
- Trust Level 2 financial institutions, e.g. a bank, having a higher trust level than other relying parties, such as retailers, etc. but not at a level not as high as relying parties at a Trust Level 1.
- Trust Level 3 (TL3)—all other identity agents, not included in the above trust levels 1 and 2 respectively.
- Trust Level 4 An additional trust level, Trust Level 4 (TL4), is associated with online merchants as indicated in FIG. 1 with first and second online relying parties 180 A and 180 B respectively.
- This trust level, TL4 may also be associated with online activities with a government, government regulated body, online enterprise etc. Whilst embodiments of the invention are described as having four trust levels (TL1 to TL4 respectively) it would be evident that within alternate embodiments a higher or lesser number of trust levels may be employed. However, for each trust level the activities of a user are tracked and stored within the databases as described with respect to embodiments of the invention and employed as described below in generating an Identity Verification Score for the user with the government issued photographic identity document.
- a financial institution such as a financial institution then some may be in one trust level whereas others may be in another.
- an internationally recognized bank may be TL2 whereas a bank associated with a grocery retailer may be TL3 or Tl4.
- a main branch of Bank of America may be TL2 versus a small in-mall branch at TL3 or TL4. It would be evident that even within a trust level that a further hierarchy of trust may exist such that a US Post Office may have higher trust levels than a car rental company.
- the Ping360 system located at the store front relying party's place of business and not shown for clarity, interacts with the Attribute Provider 135 to validate the PhysID 160 A and verify the identity of the document bearer, user 165 . Accordingly, the Ping360 system acquires data from and about the PhysID 160 A and communicates this to a Document Validation Identity Verification database (DVIVDb) 150 which then communicates with the DVIVE 260 within the PHYSAP 155 .
- DVDb Document Validation Identity Verification database
- the DVIVE 260 thereby confirms or denies the validity of the PhysID 160 A presented by the user 165 at the one of the first and second store front relying parties 170 A and 170 B respectively.
- the DVIVE 260 extracts data from the Identity Attribute Database 250 as part of the validation activity.
- the Ping360 system validates the PhysID 160 A as being genuine or counterfeit.
- the Ping360 system extracts characteristic information from the PhysID 160 A which is transmitted to the DVIVDb 150 managed and controlled by Attribute Provider 135 .
- the extracted characteristics are then provided to DVIVE 260 wherein they are compared with data extracted from Identity Attribute Database 250 and a resulting validation/denouncement of the PhysID 160 A is communicated back to the DVIVDb 150 and therein back to the Ping360 for presentation to the agent of the store front relying party.
- Extracted characteristics may include, but are not limited to, the photograph on the PhysID 160 A, a signature, identity information of the PhysID 160 A, barcode data, QR code data, data within magnetic stripe(s), etc. as well as potentially characteristics of the card itself.
- the Attribute Provider 135 also generates one or more Identity Verification Scores (IdVS) which are subsequently stored within an Identity Verification Score database 140 .
- IdVS Identity Verification Scores
- An Identity Verification Score may be considered to be similar to a FICO score, which is used by financial institutions to help them make complex, high-volume decisions and grant credit to a user.
- a trust level for each storefront relying party (Identity Agent) is established as outlined supra in dependence upon the storefront retailing party class, e.g. financial institutions have higher trust level than a retailer but not as high as a government office or civic authority office.
- an IdVS computation may take into account the number of times the credential holder's photo-ID document is validated and the credential holder's identity verified.
- IdVS data is also available for use by online relying parties, such as first and second online relying parties 180 A and 180 B respectively who may also act as identity agents for Attribute Provider 135 . It is also available for use by online authentication services, such as for example, Authentication Service 190 depicted as Assure 360 Identity Assurance Service.
- the user 165 upon being verified through PHYSAP 155 , may establish an account with an Attribute Provider 135 by forwarding an electronic mail address through an Identity Agent, depicted within FIG. 1 by first and second store front relying parties 170 A and 170 B respectively, via a Ping360 display, e.g. a tablet electronic device.
- the user 165 may have the ability to choose an Attribute Provider 135 from multiple Attribute Providers 135 as part of the process performed through an Identity Agent where they provide their electronic mail address.
- the ability of a user 165 to communicate with and/or open an account with an Attribute Provider 135 may be restricted to a store front relying party at only one or more trust levels, e.g. those with trust level 1 (TL1) only for example.
- the user 165 may be prevented from accessing an Identity Agent to establish the account with an Attribute Provider 135 until at least one or a predetermined number of activities have been completed with the store front relying parties at the appropriate trust levels.
- the Identity Agent may only be accessed by the user 165 upon an authentication of their identity at the store front relying party by an action of an agent of the store front relying party.
- the user 165 may then select an Authentication Service 190 from those provided by the Attribute Provider 135 web site of the Attribute Provider 135 the user 165 has selected.
- the Attribute Provider 135 sends a one-time-credential retrieved from One-Time Credential database 145 to the selected Authentication Service 190 and a credential 175 to the credential holder (user 165 ).
- Attribute Provider 135 also sends the Authentication Service 190 information required by the Authentication Service 190 to open an online account in the credential holder's name.
- the user 165 may be presented with separate lists of Attribute Providers 135 and Authentication Services 190 during their establishment of the account or subsequently the user 165 may access any Authentication Service 190 rather than only a subset of them associated with the selected Attribute Provider 135 .
- the credential holder can use the one-time credential sent by Attribute Provider 135 to identify themselves to the selected Authentication Service 190 to confirm the online account which was opened automatically on the credential holder's behalf by the Authentication Service 190 when the Authentication Service 190 received the one-time-credential and the credential holder's information necessary to open an account.
- the credential holder can link their PED and/or FED to the Authentication Service 190 's server by downloading the Authentication Service 190 's client and related digital security certificates onto their PED and/or FED.
- a security certificate exchange takes place between the Authentication Service 190 and the Token Management Service 110 , which may for example be upon a server associated with the Authentication Service 190 or may be upon a server associated with a third party.
- the Token Management Service 110 comprises a Token Manager 115 that binds, denoted by Binding 120 , the digital security certificates 125 to the user's 160 PEDs/FEDs such as depicted by first to third devices 130 A to 130 C respectively.
- the credential holder's identity is bound to the credential holder's PEDs and/or FEDs and to the Authentication Service 190 /Token Management Service 110 thereby providing to one of the first and second online relying parties 180 A and 180 B respectively with strong authentication and Level 3, in-person, verified identity assurance.
- the Attribute Provider 135 can provide Authentication Service 190 , and other authentication services, with revocation status information on the credential holder. Accordingly, the Authentication Service 190 may revoke, cancel, or not authenticate the security credential 175 of the user 165 . It would be evident that in some embodiments of the invention the Authentication Service 190 does not retain or store the one-time credentials 175 .
- Electronic device 304 may, for example, be a PED and/or FED and may include additional elements above and beyond those described and depicted.
- the protocol architecture is depicted within the electronic device 304 that includes an electronic device 304 , such as a smartphone 450 in FIG. 4 , an access point (AP) 306 , such as first AP 410 in FIG. 4 , and one or more network devices 307 , such as communication servers, streaming media servers, and routers for example such as first and second servers 490 A and 490 B respectively.
- AP access point
- network devices 307 such as communication servers, streaming media servers, and routers for example such as first and second servers 490 A and 490 B respectively.
- Network devices 307 may be coupled to AP 306 via any combination of networks, wired, wireless and/or optical communication links such as discussed above in respect of FIG. 4 as well as directly as indicated.
- Network devices 307 are coupled to network 300 and therein Social Networks (SOCNETS) 365 , first and second Attribute Providers 370 A and 370 B respectively, e.g. EntrustTM and ACI WorldwideTM, first and second government photographic identity providers 375 A and 375 B respectively, e.g. California Department of Motor Vehicles and US Department of State, and first and second Authentication Services 375 C and 375 D respectively, e.g. VerisignTM and Assure 360TM.
- SOCNETS Social Networks
- first and second Attribute Providers 370 A and 370 B respectively, e.g. EntrustTM and ACI WorldwideTM
- first and second government photographic identity providers 375 A and 375 B respectively, e.g. California Department of Motor Vehicles and US Department of State
- the electronic device 304 includes one or more processors 310 and a memory 312 coupled to processor(s) 310 .
- AP 306 also includes one or more processors 311 and a memory 313 coupled to processor(s) 310 .
- processors 310 and 311 includes a central processing unit (CPU), a digital signal processor (DSP), a reduced instruction set computer (RISC), a complex instruction set computer (CISC) and the like.
- any of processors 310 and 311 may be part of application specific integrated circuits (ASICs) or may be a part of application specific standard products (ASSPs).
- ASICs application specific integrated circuits
- ASSPs application specific standard products
- memories 312 and 313 includes any combination of the following semiconductor devices such as registers, latches, ROM, EEPROM, flash memory devices, non-volatile random access memory devices (NVRAM), SDRAM, DRAM, double data rate (DDR) memory devices, SRAM, universal serial bus (USB) removable memory, and the like.
- semiconductor devices such as registers, latches, ROM, EEPROM, flash memory devices, non-volatile random access memory devices (NVRAM), SDRAM, DRAM, double data rate (DDR) memory devices, SRAM, universal serial bus (USB) removable memory, and the like.
- Electronic device 304 may include an audio input element 314 , for example a microphone, and an audio output element 316 , for example, a speaker, coupled to any of processors 310 .
- Electronic device 304 may include a video input element 318 , for example, a video camera or camera, and a video output element 320 , for example an LCD display, coupled to any of processors 310 .
- Electronic device 304 also includes a keyboard 315 and touchpad 317 which may for example be a physical keyboard and touchpad allowing the user to enter content or select functions within one of more applications 322 . Alternatively, the keyboard 315 and touchpad 317 may be predetermined regions of a touch sensitive element forming part of the display within the electronic device 304 .
- Electronic device 304 also includes accelerometer 360 providing three-dimensional motion input to the process 310 and GPS 362 which provides geographical location information to processor 310 .
- Protocol stack 324 includes an IEEE 802.11-compatible PHY module 326 that is coupled to one or more Front-End Tx/Rx & Antenna 328 , an IEEE 802.11-compatible MAC module 330 coupled to an IEEE 802.2-compatible LLC module 332 .
- Protocol stack 324 includes a network layer IP module 334 , a transport layer User Datagram Protocol (UDP) module 336 and a transport layer Transmission Control Protocol (TCP) module 338 .
- UDP User Datagram Protocol
- TCP Transmission Control Protocol
- Protocol stack 324 also includes a session layer Real Time Transport Protocol (RTP) module 340 , a Session Announcement Protocol (SAP) module 342 , a Session Initiation Protocol (SIP) module 344 and a Real Time Streaming Protocol (RTSP) module 346 .
- Protocol stack 324 includes a presentation layer media negotiation module 348 , a call control module 350 , one or more audio codecs 352 and one or more video codecs 354 .
- Applications 322 may be able to create maintain and/or terminate communication sessions with any of devices 307 by way of AP 306 . Typically, applications 322 may activate any of the SAP, SIP, RTSP, media negotiation and call control modules for that purpose.
- information may propagate from the SAP, SIP, RTSP, media negotiation and call control modules to PHY module 326 through TCP module 338 , IP module 334 , LLC module 332 and MAC module 330 .
- elements of the electronic device 304 may also be implemented within the AP 306 including but not limited to one or more elements of the protocol stack 324 , including for example an IEEE 802.11-compatible PHY module, an IEEE 802.11-compatible MAC module, and an IEEE 802.2-compatible LLC module 332 .
- the AP 306 may additionally include a network layer IP module, a transport layer User Datagram Protocol (UDP) module and a transport layer Transmission Control Protocol (TCP) module as well as a session layer Real Time Transport Protocol (RTP) module, a Session Announcement Protocol (SAP) module, a Session Initiation Protocol (SIP) module and a Real Time Streaming Protocol (RTSP) module, media negotiation module, and a call control module.
- a network layer IP module a transport layer User Datagram Protocol (UDP) module and a transport layer Transmission Control Protocol (TCP) module
- RTP Real Time Transport Protocol
- SAP Session Announcement Protocol
- SIP Session Initiation Protocol
- RTSP Real Time Streaming Protocol
- Portable and fixed electronic devices represented by electronic device 304 may include one or more additional wireless or wired interfaces in addition to the depicted IEEE 802.11 interface which may be selected from the group comprising IEEE 802.15, IEEE 802.16, IEEE 802.20, UMTS, GSM 850, GSM 900, GSM 1800, GSM 1900, GPRS, ITU-R 5.138, ITU-R 5.150, ITU-R 5.280, IMT-2000, DSL, Dial-Up, DOCSIS, Ethernet, G.hn, ISDN, MoCA, PON, and Power line communication (PLC).
- PLC Power line communication
- the user 165 may present their first or second PhysIDs 160 A and 160 D respectively at a storefront retailer/government office or kiosk/enterprise, depicted as first and second store front relying parties 170 A and 170 B respectively, to identify themselves in the presence of an agent of the store front relying party.
- first and second store front relying parties 170 A and 170 B each exploit a Photo-ID checker, referred to within this specification as a Ping360 system/device, to capture information from the first or second PhysID 160 A and 160 D respectively, which is then employed as described supra in respect of FIGS.
- the user 165 may present their EleID 160 B to first and second store front relying parties 170 A and 170 B respectively resulting in the process flow described and depicted in respect of FIGS. 6A and 6B respectively or the user 165 may present their EleID 160 B to first and second mobile relying parties 180 C and 180 D respectively resulting in the process flow described and depicted in respect of FIGS. 5A and 5B respectively.
- FIG. 4 there is depicted a network within which embodiments of the invention may be employed supporting real world and virtual world identity ecosystems (RVWIEs) according to embodiments of the invention.
- RVWIEs for example supporting activities such as the establishment of real world identity assurance, Level 3 assurance to physical store front relying enterprises, the binding of real world identity to electronic devices, and the provisioning of Level 3 identity verification to online retail relying enterprises.
- first and second user groups 400 A and 400 B respectively interface to a telecommunications network 300 .
- a remote central exchange 480 communicates with the remainder of a telecommunication service providers network via the network 300 which may include for example long-haul OC-48/OC-192 backbone elements, an OC-48 wide area network (WAN), a Passive Optical Network, and a Wireless Link.
- the central exchange 480 is connected via the network 300 to local, regional, and international exchanges (not shown for clarity) and therein through network 300 to first and second cellular APs 495 A and 495 B respectively which provide Wi-Fi cells for first and second user groups 400 A and 400 B respectively.
- first and second Wi-Fi nodes 410 A and 410 B are also connected to the network 300 .
- Second Wi-Fi node 410 B is associated with Enterprise 460 , e.g. HSBCTM, within which other first and second user groups 400 A are and 400 B. Second user group 400 B may also be connected to the network 300 via wired interfaces including, but not limited to, DSL, Dial-Up, DOCSIS, Ethernet, G.hn, ISDN, MoCA, PON, and Power line communication (PLC) which may or may not be routed through a router such as router 405 .
- wired interfaces including, but not limited to, DSL, Dial-Up, DOCSIS, Ethernet, G.hn, ISDN, MoCA, PON, and Power line communication (PLC) which may or may not be routed through a router such as router 405 .
- PLC Power line communication
- first group of users 400 A may employ a variety of PEDs including for example, laptop computer 455 , portable gaming console 435 , tablet computer 440 , smartphone 450 , cellular telephone 445 as well as portable multimedia player 430 .
- second group of users 400 B which may employ a variety of FEDs including for example gaming console 425 , personal computer 415 and wireless/Internet enabled television 420 as well as cable modem 405 .
- First and second cellular APs 495 A and 495 B respectively provide, for example, cellular GSM (Global System for Mobile Communications) telephony services as well as 3G and 4G evolved services with enhanced data transport support.
- GSM Global System for Mobile Communications
- Second cellular AP 495 B provides coverage in the exemplary embodiment to first and second user groups 400 A and 400 B.
- first and second user groups 400 A and 400 B may be geographically disparate and access the network 300 through multiple APs, not shown for clarity, distributed geographically by the network operator or operators.
- First cellular AP 495 A as show provides coverage to first user group 400 A and environment 470 , which comprises second user group 400 B as well as first user group 400 A.
- the first and second user groups 400 A and 400 B may according to their particular communications interfaces communicate to the network 300 through one or more wireless communications standards such as, for example, IEEE 802.11, IEEE 802.15, IEEE 802.16, IEEE 802.20, UMTS, GSM 850, GSM 900, GSM 1800, GSM 1900, GPRS, ITU-R 5.138, ITU-R 5.150, ITU-R 5.280, and IMT-2000. It would be evident to one skilled in the art that many portable and fixed electronic devices may support multiple wireless protocols simultaneously, such that for example a user may employ GSM services such as telephony and SMS and Wi-Fi/WiMAX data transmission, VOIP and Internet access. Accordingly, portable electronic devices within first user group 400 A may form associations either through standards such as IEEE 802.15 and Bluetooth as well in an ad-hoc manner.
- wireless communications standards such as, for example, IEEE 802.11, IEEE 802.15, IEEE 802.16, IEEE 802.20, UMTS, GSM 850, GSM 900, GSM 1800, G
- SOCNETS Social Networks
- first and second Attribute Providers 370 A and 370 B respectively, e.g. EntrustTM and ACI WorldwideTM
- first and second government photographic identity providers 375 A and 375 B respectively e.g. California Department of Motor Vehicles and US Department of State
- first and second Authentication Services 375 C and 375 D respectively, e.g. VerisignTM and Assure 360TM
- first and second servers 490 A and 490 B which together with others, not shown for clarity.
- First and second servers 490 A and 490 B may host according to embodiments of the inventions multiple services associated with a provider of publishing systems and publishing applications/platforms (RVWIEs); a provider of a SOCNET or Social Media (SOME) exploiting RVWIE features; a provider of a SOCNET and/or SOME not exploiting RVWIE features; a provider of services to PEDS and/or FEDS; a provider of one or more aspects of wired and/or wireless communications; an Enterprise 460 exploiting RVWIE features; license databases; content databases; image databases; content libraries; customer databases; websites; and software applications for download to or access by FEDs and/or PEDs exploiting and/or hosting RVWIE features.
- First and second primary content servers 490 A and 490 B may also host for example other Internet services such as a search engine, financial services, third party applications and other Internet based services.
- a user may exploit a PED and/or FED within an Enterprise 460 , for example, and access one of the first or second servers 490 A and 490 B respectively to perform an operation such as accessing/downloading an application which provides RVWIE features according to embodiments of the invention; execute an application already installed providing RVWIE features; execute a web based application providing RVWIE features; or access content.
- a user may undertake such actions or others exploiting embodiments of the invention exploiting a PED or FED within first and second user groups 400 A and 400 B respectively via one of first and second cellular APs 495 A and 495 B respectively and first Wi-Fi nodes 410 A.
- first and second servers 490 A and 490 B together with others may host a variety of software systems and/or software applications supporting embodiments of the invention.
- embodiments of the invention may not only operate locally, regionally, or nationally but internationally and globally. Accordingly, some servers may manage and control operations in execution upon other servers.
- an Authentication Service such as Authentication Service 190 in FIG. 1 (e.g. Assure360) may operate a server or servers within one or more jurisdictions which authenticate, using one or more machine authentications techniques servers, within that jurisdiction as well as other jurisdictions.
- Each jurisdiction server may be operated by the same Authentication Service as manages the supervisory servers or it may be operated by one or more Identity Authority Servers authorised by the Authentication Service managing the supervisory servers.
- such providers of Authentication Services may be regulated by government regulatory bodies within their respective jurisdictions.
- PHYSAPs physical attribute provider
- data relating to true original government issued photographic identity documents is maintained secure and private whilst the only information transmitted from a store front relying party is the extracted data for the presented government issued photographic identity document and that transmitted from a PHYSAP is the result of the verification/validation process.
- data transmitted from an Attribute Provider is restricted, e.g. only the Identity Verification Score (IdVS) provided from the Attribute Provider server, e.g. Ping360 server, to the card reader at the store front relying party, e.g. Store Front Relying Party (TL1) 170 A.
- IdVS Identity Verification Score
- the processes relating to the store front relying parties may be similarly tracked and employed across multiple jurisdictions.
- the user may transact business within another jurisdiction based upon the validation and verification of their identity.
- a jurisdiction server e.g. a country server
- the two jurisdiction servers will first identify themselves before the user's digital identity will be assured by the jurisdiction server in the jurisdiction they live. Due to different provincial, state, territorial, differences such jurisdictions may include different states, regions, territories, etc., for example.
- authentication may be conducted by an online relying party in the country in which the user is conducting business or by the user's Identity Provider (if the user uses one), if the online relying party the user is transaction with is networked with the user's Identity Provider.
- some enterprises and/or organizations acting as online relying parties e.g. Google, American Express, HSBC and Facebook, may act as global identity providers whereas other online relying parties, e.g. Verizon and Chase Manhattan, may be only US identity providers.
- an activity is defined with respect to a Store Front Relying Party 170 A/ 170 B or Online Relying Party 180 A/ 180 B then similar information and/or processes may be implemented with respect a Mobile Relying Party 180 C/ 180 D in that they may be provided within verification information such as IdVS etc.
- presentation of their online electronic credential/electronic identity document may be, as described below in respect of FIGS. 6 and 7 , employed without transfer to the mobile relying party 180 C/ 180 D but in other embodiments of the invention the mobile relying party 180 C/ 180 D may capture an image of the electronic credential/electronic identity document.
- a license holder may perform the following sequence of actions:
- FIGS. 5A and 5B there is depicted an exemplary process flow for establishing verification of a credential provided by a user within an environment according to an embodiment of the invention.
- the user is presenting their EleID in an external, i.e. mobile environment, such as, for example, presenting their electronic driving license to a police officer during a traffic stop, for example.
- the user having been asked to provide their driving license has elected to present their EleID and activates the EleILDAp.
- the user may have only an EleID or in other instances they may be issued with an EleID and a PhysID when they verify themselves and obtain the credentials such as described above in respect of FIGS. 1 and 2 .
- the user triggers through their interaction with the EleIDAp a first message “1” to the Identity Authority (IA) 510 which houses at least an Identity Authority Server (IAS) 520 and Mobile Document Module (MDM) 525 .
- IA Identity Authority
- IAS Identity Authority Server
- MDM Mobile Document Module
- EleIDAp displays a fractal 515 upon its display as depicted with first EleIDAp display 510 A.
- This fractal 515 is then acquired by an official electronic device (OED) displayed in first OED configuration 520 A.
- OED official electronic device
- the fractal 515 may be acquired through the user's PED being held such that an image of the display may be captured by a camera within the OED.
- the OED and user's PED may pair through a local area network interface, e.g. Bluetooth or another interface such as Near Field Communications (NFC).
- NFC Near Field Communications
- the fractal 515 may be a fractal obtained from IA 510 in response to the first message “1.”
- the fractal 515 may include encrypted data.
- the fractal 515 as displayed is pulsating and data relating to the pulse sequence of the fractal images presented acquired by the OED.
- the OED may be executing a EleIDAp such as “Ping 360” in addition to specific software associated with the OED or the EleIDAp is an application embedded within the OED software. In either instance the OED generates a third message “3” which is transmitted to the IA 510 . This may be the fractal 515 together with information associated with the OED or information extracted, i.e.
- this information may include a one-time identification number embedded within the fractal 515 , or a hash value of the one-time identification number.
- This one-time identification number and/or the fractal 515 may have been communicated by the IA 510 to the user's PED in response to the first message “1.”
- the IA Server based upon the information extracted from the fractal 515 and/or information received with the message “3” establishes, through request “4” to Attribute Provider 135 and PhysAp 155 N, personal information.
- This personal information is provided back to the IA 510 by Attribute Provider 135 and PhysAp 155 N as first response “5”.
- This response “5” may include appropriate identity attribute information relating to the PhysID and/or EleID as well as a representation of the PhysID and/or EleID.
- the IA 510 generates second and third responses to the OED and PED respectively.
- the OED receives, based upon the appropriate privacy requirements of the user based upon identity information of the organization associated with the OED, appropriate information including a privacy compliant representation 550 of the PhysID and/or EIeID, and a first unique identifier 540 provided from the IA Server 520 within the IA 510 .
- the OED may display to the officer associated with the OED, as indicated by OED in second OED configuration 520 B, wherein the privacy compliant representation 550 and unique identifier 540 are displayed. The officer associated with the OED can then compare these to the PhysID and/or EleID being offered by the user.
- the third response “7” to the user's PED may trigger the EleIDAp in execution upon their PED, e.g. Ping 360 application, to display as displayed in second EleIDAp configuration 510 B, the EIeID 530 together with a second unique identifier 535 provided to them within third response “7.”
- the EleIDAp in execution upon the user's PED provides information against which the officer with the information upon their OED can compare. As such the officer would be seeking to verify that the EleIDs match and the unique identifiers match.
- the IA 510 may have communicated a second fractal 545 to the OED within second response “6.”
- This second fractal 545 may for example be a fractal associated with the PhysID and/or EIeID and bound to it at issuance (optionally this is also part of the PhysID and/or EleID.
- the fractal, representation of PhysID and/or EleID, and unique identifier may be provided upon the OED.
- the EleID and/or a representation of the PhysID may be modified, i.e. redacted, in order to meet the appropriate privacy requirements which may be determined in dependence upon several factors including, but not limited to, the age of the user, the requesting third party, the jurisdiction of issuance of the EleID/PhysID, the jurisdiction of the third party requesting verification, and an activity associated with the verification process.
- FIG. 6 there is depicted an exemplary network environment for user authentication of a photographic identity (PhotoID) according to an embodiment of the invention wherein a user has a photographic identity application in execution upon a PED as depicted in first image 600 A which is in communication via network 300 with IA 510 , PHYSAP 155 N, and AP 135 . Subsequently, for example in respect of an encounter with law enforcement, they receive a request upon their PED in respect to verifying their PhotoID.
- a photographic identity depicted in first image 600 A which is in communication via network 300 with IA 510 , PHYSAP 155 N, and AP 135 .
- the officer's PED displays content derived from the user's driver license together with a fractal image which they can then use to verify the fractal image upon the user's PED etc. It would be evident that the user may login to their identity wallet (PhotoID wallet) using multi-factor authentication (MFA) such as user name, password and biometric signature.
- MFA multi-factor authentication
- a user may be asked for permission to exploit a blockchain or blockchains through a “Smart Contract.” For example, this may occur when a user is in a storefront location and as the card holder tries to verify their card for the first time or the first instance after some other verification, authentication, trust level, etc. has been exceeded.
- a simple smart contract is then presented that seeks the card holder's permission to confirm their identity attributes found on the card holder's PhotoID against the card holder's identity attributes stored in the PhotoID issuer's database.
- the card holder is also asked for an electronic address, e.g. email, and then must press an “Agree and Submit” button to grant permission.
- the user provides a second permission that gives the Company managing the processes the right to accumulate the card holder's identity verification scores.
- a third permission may be required, which will typically be at a later date, will seek the card holder's permission to link specific card holder's identity attributes (e.g., face, address, date of birth, email address etc.) to the card holder's financial instruments.
- Such a “smart contract” once completed may then be provided to the user's electronic address together with links to additional terms and conditions etc. if appropriate. The user would be also able through such links to rescind their permission within a period of time consistent with the local Government regulations applicable with respect to the PhotoID and/or user's residential address. It would be evident that other “Smart Contracts” may be provided at this point in time, or periodically for re-validation or re-verifying consent, or upon specific triggers and/or trigger events.
- the user in providing this “explicit informed consent” allows the systems according to embodiments of the invention to provide, via tokenization and/or encryption, linkage of a user's identity attributes, i.e. as confirmed by a Government issued photographic identity database, e.g. their driver's license, to the individual's financial instruments, e.g. payment cards, debit cards, credit cards, etc., and accordingly their financial accounts.
- a Government issued photographic identity database e.g. their driver's license
- the individual's financial instruments e.g. payment cards, debit cards, credit cards, etc.
- the PED and/or FED at a retail outlet employed as part of the presentation/acceptance of the “Smart Contract(s)” may also provide linkage between the individual's confirmed identity attributes and their financial cards and/or financial accounts.
- the systems according to embodiments of the invention may combine the attribute search permission(s) with the attribute(s) and therein financial card and account linkage permission(s) from the user.
- the record of the linkage between the confirmed identity attributes and the financial cards and accounts may then be kept on a blockchain.
- FIG. 7 depicts exemplary use cases for identity verification exploiting an identity application according to an embodiment of the invention such as depicted in first and second images 710 A and 710 B respectively wherein the user is verified within a retail environment, e.g. a convenience store, such that the retailer verification on second image 710 B is the user's image for recognition, fractal for comparison to user's PED fractal, and verified indicators for the user's driving license being valid and the user's age with respect to Government regulated ages, e.g. for alcohol, tobacco products, adult magazines, etc.
- a retail environment e.g. a convenience store
- the retailer verification on second image 710 B is the user's image for recognition, fractal for comparison to user's PED fractal, and verified indicators for the user's driving license being valid and the user's age with respect to Government regulated ages, e.g. for alcohol, tobacco products, adult magazines, etc.
- the PhotoID concepts can be extended into an identity wallet (ID Wallet) for a user as depicted in first image 810 wherein the ID Wallet application allows the user to access Photo-ID, Payments, Financial—Banking, Loyalty & Gift, Online Access, and Budgeting functions.
- selection of one of the categories triggers the presentation of a user screen such as depicted with user screens 820 A to 820 N wherein the functionality may be varied according to the different categories and as evident from discussions below prior art techniques such as chip-and-pin verification for financial instruments such as credit cards may be combined with Identity Attribute Assurance, Identity Verification Scores, photographic identity etc.
- PHYSAPs such that, for example, payment with a credit card to a financial processing, e.g. MasterCard, may link through to the financial institution, e.g. TD Bank, which provides a request to a Government photographic identity provider, e.g.
- the financial institution may acquire images of their account holders based upon a verification of the account holder through their Government issued photographic identity and this is provided back via the financial processing to the retailer.
- embodiments of the invention may be integrated to third party payment solutions using one or more authentications as known within the prior art.
- Such transactions and their associated verifications may be employed as established by the inventors in relation to the Identity Verification Score described supra.
- the blockchain may simply store a trust level of the storefront location, for example, without any information on where the transaction took place, the transaction value, the transaction details, etc. In other embodiments of the invention some information may be associated such as a location identifier for example.
- FIG. 9A there is depicted a network schematic/process flow 900 s integration of blockchain verification/authentication to an identity verification/application within an electronic identity wallet according to an embodiment of the invention.
- a plurality of PHYSAPs 910 A to 910 N relating to Government issued photographic identities, for example driver's license, health card, passport, etc.
- each PHYSAP 910 A to 910 N includes a database, depicted as plurality of databases 915 A to 915 N respectively.
- RTC-AVIVE RetroTrust Corporation
- RTC-IAS RTC Identity Authority Server
- IB-IVSE Identity Blockchain with Identity Verification Score engine
- the IB-IVSE 925 also links to the RTC-IAS 930 , the PED ID Wallet application (ID-WAP) 985 upon PED 980 , and an Authentication Service 960 (e.g. Authentication Service 190 supra in FIG. 1 ).
- the user 990 makes a purchase from an online store 970 through the ID-WAP 985 data passes from the user and their ID-WAP 985 on their PED 980 to/from the Authentication Service 960 and therein to/from the IB-IVSE 925 and RTC-IAS 930 and therein RTC-AVIVE 920 and PHYSAPs 910 A to 910 N.
- the user's credential is verified such as described in respect of embodiments of the invention and their Identity Verification Score updated.
- the ID-WAP 985 communicates with the IB-IVSE 925 which establishes and maintains one or more blockchains associated with the user such that these maintain a continuously growing list of transactional data records of the transactions performed by the user which are hardened against tampering and revision. In this manner each blockchain associated with the user maintains a ledger of transactions which may be enforced cryptographically.
- the user may make a purchase at a retail location 950 employing an RTC retail device 945 and/or PED 980 as described supra in respect of FIGS. 1 and 2 .
- data is communicated to the RTC-IAS 930 and therein the IB-IVSE 925 and RTC-IAS 930 and therein RTC-AVIVE 920 and PHYSAPs 910 A to 910 N.
- the user's credential is verified such as described in respect of embodiments of the invention and their Identity Verification Score updated.
- the ID-WAP 985 communicates with the IB-IVSE 925 which establishes and maintains one or more blockchains associated with the user such that these maintain a continuously growing list of transactional data records of the transactions performed by the user which are hardened against tampering and revision. In this manner each blockchain associated with the user maintains a ledger of transactions which may be enforced cryptographically.
- the transaction(s) are timestamped allowing them to be employed as a trusted timestamp for arbitrary messages as well as transaction information.
- third party application services may access content stored directly in the blockchain, where the blockchain is accessible.
- partial content may be accessed externally but content may be encrypted securely.
- a blockchain may store transaction data together with timestamp information as well as the Identity Verification Score (IVS). It would be evident that the blockchain may contain one or more hash values within the blockchain discretely or in association with transactions. In other instances, the blockchain may embed additional information including smart contracts, for example.
- IVS Identity Verification Score
- the Identity Verification Score (IVS) will be kept on a Blockchain in the tablets ( 945 ) located at storefront retailers: convenience stores, financial institutions, auto-rentals, auto-dealers, department stores, etc., AND the IVS on the Blockchain could also be kept on a server ( 925 ), FIG. 9A .
- FIG. 9B there is depicted an alternate network schematic/process flow 9000 with respect to the integration of blockchain verification/authentication to an identity verification/application within an electronic identity wallet according to an embodiment of the invention.
- network schematic/process flow 9000 is essentially identical to network schematic/process flow 900 in FIG. 9A except the IB-IVSE 925 is now replaced by an RTC IB-IVSE 990 with an associated Blockchain & IVS database 995 . Accordingly, the RTC IB-IVSE 990 establishes communication with the ID-WAP 985 on the user's PED 980 .
- the RTC IB-IVSE 990 is distributed, such as for example, each online retailer server or retail store server such that the blockchains are distributed and accessible to these systems. Accordingly, these blockchain(s) may be extended based upon the transaction(s) performed by the user and may be used as “local” verification for the transaction through their storage of one or more hash values. Within embodiments of the invention the blockchain may also be stored on each PED or terminal 945 located at the storefront retailers.
- content stored within the blockchains may be encrypted wherein the content is decrypted with a key transmitted to the recipient's PED and/or FED in instances such as border services, law enforcement etc.
- a blockchain may provide data relating to a user's original identity document.
- local verification of the user may be performed based upon comparing one or more hash values stored within a blockchain with a value provided from the user's PED and é or FED wherein the hash value relates to, for example, transaction data, timestamp data and a pseudorandom value added by the user's PED such that the hash value cannot be derived from the transaction data nor the transaction data derived from the hash value.
- data within the hash value can only be extracted from the user's PED through their identity wallet such that a user may be locally verified to a system based upon the user's PED extracting data relating to one or more transactions for verification to the system based upon data provided to it.
- a user's transactional history can be employed to provide local verification wherein the local verified hash/blockchain are periodically re-verified at a higher level through another transaction relating to the user and a third party accessing data relating to an originally issued identity document.
- local verification may be performed on low value transactions to avoid repeated requests for data relating to the originally issued identity documents of the user being made.
- the user's PED may provide to another electronic device and/or system a unique identifier, e.g. text, image, fractal, encrypted content, etc., which triggers and/or permits the downloading of an electronic representation of the PhysID and/or EleID.
- the user's PED may download this electronic representation of the PhysID and/or EleID to the user's PED based upon a requester (hereinafter Requester), e.g. police officer, entering a code into the EleIDAp in execution upon or accessed as a web application.
- Requester e.g. police officer
- the entry of the Requester's code may be based upon entry of a code generated at that point in time such as employed in the prior art in generating security key information for online security applications etc. This code may be triggered by an action of the Requester with respect to their own PED, a wearable device, etc.
- a wearable device may be continually generating such codes and the association of the user's PED with the wearable device results in the capture of the code and its use.
- Such techniques would prevent theft of a code associated with a police officer, for example, by use by a third party.
- a user may request a download of their PhyID and/or EleID from the IA 510 wherein they are provided to their PED a unique image and a PIN number.
- the Requester is given the 6 -digit PIN number by the mobile device holder, i.e. the user.
- the Requester who is an accredited user of an application authorised to access the IA 510 , provides this PIN number, within a specified time frame, on a request page and the user's EleID and/or PhysID representation is downloaded onto the Requester's FED and/or PED along with the unique image.
- this data is retrieved from a blockchain.
- EleID and PhysID have been described with respect to verification/authentication back to a TL1 issuing authority, e.g. Government department such as associated with passports, driving licenses, etc.
- binding of identities to a user may be performed at a lower trust level but are not, generally, associated with the issuance of a EleID/PhysID relating to a TL1 type issuing authority although this may not be excluded.
- a user seeking to access medical services which are a common source of identity fraud.
- the user may present their medical card which identifies them as having a certain level of medical healthcare insurance, e.g. BlueCross, Medicare, Medicaid etc.
- this medical card may be scanned, e.g. using a Ping360, and data/imagery captured from it.
- the user may be required at the same time, in order to provide additional identity verification, be required to provide their driver's license and/or passport which would also be scanned, again for example, using the Ping360, and then have their photograph taken.
- these additional documents can be verified based upon embodiments of the invention such as described above to their issuing authority or an intermediate verification authority.
- a fraud is being attempted and can be stopped prior to provisioning of medical services, prescription, etc.
- the user's photograph is taken then even where all documents have been tampered with then their identity is captured.
- Implementation of the techniques, blocks, steps and means described above may be done in various ways. For example, these techniques, blocks, steps and means may be implemented in hardware, software, or a combination thereof.
- the processing units may be implemented within one or more application specific integrated circuits (ASICs), digital signal processors (DSPs), digital signal processing devices (DSPDs), programmable logic devices (PLDs), field programmable gate arrays (FPGAs), processors, controllers, micro-controllers, microprocessors, other electronic units designed to perform the functions described above and/or a combination thereof.
- ASICs application specific integrated circuits
- DSPs digital signal processors
- DSPDs digital signal processing devices
- PLDs programmable logic devices
- FPGAs field programmable gate arrays
- processors controllers, micro-controllers, microprocessors, other electronic units designed to perform the functions described above and/or a combination thereof.
- the embodiments may be described as a process which is depicted as a flowchart, a flow diagram, a data flow diagram, a structure diagram, or a block diagram. Although a flowchart may describe the operations as a sequential process, many of the operations can be performed in parallel or concurrently. In addition, the order of the operations may be rearranged.
- a process is terminated when its operations are completed, but could have additional steps not included in the figure.
- a process may correspond to a method, a function, a procedure, a subroutine, a subprogram, etc. When a process corresponds to a function, its termination corresponds to a return of the function to the calling function or the main function.
- embodiments may be implemented by hardware, software, scripting languages, firmware, middleware, microcode, hardware description languages and/or any combination thereof.
- the program code or code segments to perform the necessary tasks may be stored in a machine readable medium, such as a storage medium.
- a code segment or machine-executable instruction may represent a procedure, a function, a subprogram, a program, a routine, a subroutine, a module, a software package, a script, a class, or any combination of instructions, data structures and/or program statements.
- a code segment may be coupled to another code segment or a hardware circuit by passing and/or receiving information, data, arguments, parameters and/or memory contents. Information, arguments, parameters, data, etc. may be passed, forwarded, or transmitted via any suitable means including memory sharing, message passing, token passing, network transmission, etc.
- the methodologies may be implemented with modules (e.g., procedures, functions, and so on) that perform the functions described herein.
- Any machine-readable medium tangibly embodying instructions may be used in implementing the methodologies described herein.
- software codes may be stored in a memory.
- Memory may be implemented within the processor or external to the processor and may vary in implementation where the memory is employed in storing software codes for subsequent execution to that when the memory is employed in executing the software codes.
- the term “memory” refers to any type of long term, short term, volatile, nonvolatile, or other storage medium and is not to be limited to any particular type of memory or number of memories, or type of media upon which memory is stored.
- the term “storage medium” may represent one or more devices for storing data, including read only memory (ROM), random access memory (RAM), magnetic RAM, core memory, magnetic disk storage mediums, optical storage mediums, flash memory devices and/or other machine readable mediums for storing information.
- ROM read only memory
- RAM random access memory
- magnetic RAM magnetic RAM
- core memory magnetic disk storage mediums
- optical storage mediums flash memory devices and/or other machine readable mediums for storing information.
- machine-readable medium includes, but is not limited to portable or fixed storage devices, optical storage devices, wireless channels and/or various other mediums capable of storing, containing or carrying instruction(s) and/or data.
- the methodologies described herein are, in one or more embodiments, performable by a machine which includes one or more processors that accept code segments containing instructions. For any of the methods described herein, when the instructions are executed by the machine, the machine performs the method. Any machine capable of executing a set of instructions (sequential or otherwise) that specify actions to be taken by that machine are included.
- a typical machine may be exemplified by a typical processing system that includes one or more processors.
- Each processor may include one or more of a CPU, a graphics-processing unit, and a programmable DSP unit.
- the processing system further may include a memory subsystem including main RAM and/or a static RAM, and/or ROM.
- a bus subsystem may be included for communicating between the components.
- the processing system requires a display, such a display may be included, e.g., a liquid crystal display (LCD).
- a display e.g., a liquid crystal display (LCD).
- the processing system also includes an input device such as one or more of an alphanumeric input unit such as a keyboard, a pointing control device such as a mouse, and so forth.
- the memory includes machine-readable code segments (e.g. software or software code) including instructions for performing, when executed by the processing system, one of more of the methods described herein.
- the software may reside entirely in the memory, or may also reside, completely or at least partially, within the RAM and/or within the processor during execution thereof by the computer system.
- the memory and the processor also constitute a system comprising machine-readable code.
- the machine operates as a standalone device or may be connected, e.g., networked to other machines, in a networked deployment, the machine may operate in the capacity of a server or a client machine in server-client network environment, or as a peer machine in a peer-to-peer or distributed network environment.
- the machine may be, for example, a computer, a server, a cluster of servers, a cluster of computers, a web appliance, a distributed computing environment, a cloud computing environment, or any machine capable of executing a set of instructions (sequential or otherwise) that specify actions to be taken by that machine.
- the term “machine” may also be taken to include any collection of machines that individually or jointly execute a set (or multiple sets) of instructions to perform any one or more of the methodologies discussed herein.
- the specification may have presented the method and/or process of the present invention as a particular sequence of steps. However, to the extent that the method or process does not rely on the particular order of steps set forth herein, the method or process should not be limited to the particular sequence of steps described. As one of ordinary skill in the art would appreciate, other sequences of steps may be possible. Therefore, the particular order of the steps set forth in the specification should not be construed as limitations on the claims. In addition, the claims directed to the method and/or process of the present invention should not be limited to the performance of their steps in the order written, and one skilled in the art can readily appreciate that the sequences may be varied and still remain within the spirit and scope of the present invention.
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Theoretical Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Multimedia (AREA)
- Computer Vision & Pattern Recognition (AREA)
- General Engineering & Computer Science (AREA)
- Software Systems (AREA)
- Computer Hardware Design (AREA)
- Health & Medical Sciences (AREA)
- Artificial Intelligence (AREA)
- Human Computer Interaction (AREA)
- Oral & Maxillofacial Surgery (AREA)
- General Health & Medical Sciences (AREA)
- Management, Administration, Business Operations System, And Electronic Commerce (AREA)
Abstract
Description
- This invention relates to personal identity management and more particularly to methods and systems for mobile personal credentials that are verifiable and authenticable.
- Digital identity is the data that uniquely describes a person or a thing and contains information about the subject's relationships within the digital world, commonly referred to as cyberspace, World Wide Web (WWW) or Internet. A critical problem is knowing the true identity with whom one is interacting either within electronic messaging, Internet accessible content, or transaction. Currently there are no ways to precisely determine the identity of a person in digital space. Even though there are identity attributes associated to a person's digital identity, these attributes or even identities can be changed, masked or dumped and new ones created. Despite the fact that there are many authentication systems and digital identifiers that try to address these problems, there is still a need for a unified and verified identification system. Further, there are still the needs for respecting the privacy of individuals, maintaining security of the elements of a digital identity and associating.
- With the advent of widespread electronic devices, the landscape for the identity (ID) documents industry has been rapidly changing with increasingly sophisticated security measures, increased electronic processing, global wireless network connectivity, and continuously expanding machine readable capabilities globally. These have evolved in order to counter the increasingly sophisticated counterfeiting and piracy methodologies that exploit the very same advances in technology and infrastructure. At the same time user expectations from ubiquitous portable electronic devices, global networks, etc. is for simplified security processes and streamlined authentication of an ID document, the user, or a transaction by the user.
- Security features of ID documents currently in use globally include visual security features, machine-readable security features, and embedded passive or active electronic circuits. Visual Security Features provide easy visual control of ID documents and make them more resistant to counterfeiting and tampering through attempts at both physical and data changes. Machine-readable Security Features traditionally include magnetic stripes, 1D and 2D barcodes, Optical Character Recognition (OCR)/Optically Machine Readable (OMR) content in printed areas or Machine Readable Zones (MRZs). More advanced ID documents may also include contact and contactless interfaces microchips including RFID and smart cards. Such Machine-readable Security Features have varying memory capacity and typically replicate digitally the document data with additional unique identifiers and, in the case of microchips with sufficient data storage capabilities, additional biometric identification data for holder authentication may be included.
- However, many if not all of these security measures are bypassed, eliminated, or reduced in their efficacy when the ID document is also provided in an electronic format upon a user's portable electronic device. Such a transitioning of traditional physical ID documents to their electronic “virtual” counterparts is anticipated to follow the current transitioning of user's financial credentials into the virtual world allowing users to pay for services and/or goods within retail environments by direct wireless communications between their portable electronic device and the point of sale terminal. However, the tampering of ID documents which would be visible upon the physical ID document can be rendered invisible within the electronic ID document with relative ease and with a variety of online and/or downloadable graphics editing tools etc. Accordingly, the requirement exists to provide third parties with the ability to verify the electronic version of an ID document being presented to them as being valid and untampered.
- Accordingly, the inventors address these issues through the provisioning of electronic ID documents which when presented to a third party are associated with provisioning of data to the third party that allows them to verify the presented electronic ID document. Further, the inventors by linking the electronic ID document to its physical ID document counterpart or tying the electronic ID document to the physical individual provide authenticable electronic ID documents.
- Other aspects and features of the present invention will become apparent to those ordinarily skilled in the art upon review of the following description of specific embodiments of the invention in conjunction with the accompanying figures.
- It is an object of the present invention to mitigate limitations in the prior art relating to real world and virtual world identities and more particularly to authenticating users within the virtual world based upon credentials issued in response to validated and authenticated real world identities.
- According to an embodiment of the invention there is provided a method comprising:
- providing verification of an individual to a third party during a transaction by providing to the third party data representing a predetermined portion of an originally issued identity document in conjunction with a unique image; and
- storing data relating to the transaction within a blockchain, wherein
- the individual provides at least one of the predetermined portion of the originally issued identity document and the originally issued identity document during the verification process;
- the unique image is transmitted to the third party from a remote server in response to a request initiated by the third party.
- According to an embodiment of the invention there is provided method to verifying the identity of a user performing a transaction by storing data relating to an originally issued identity document within a blockchain remotely stored upon a server remote to both a system performing the transaction and a system upon which data relating to the originally issued identity document is stored by the original issuing authority.
- According to an embodiment of the invention there is provided method of providing data relating to a transaction performed by a user for use in a subsequent verification of the user in another transaction wherein the data is a hash value generated in dependence upon transaction data and a variable provided from an application in execution upon an electronic device associated with the user and the hash value is stored within a blockchain.
- According to an embodiment of the invention there is provided method of verifying the identity of a user comprising extracting data from at least a pair of blockchains, the first blockchain established by an issuer of an original identity document relating to the user and the second blockchain established by a third party associated with at least a transaction performed by the user.
- According to an embodiment of the invention there is provided a method to verifying the identity of a user performing a transaction by storing data relating to an identity verification score of the user within a blockchain storing transaction data relating to transactions performed by the user.
- According to an embodiment of the invention there is provided a method comprising providing to a user a smart contract with respect to the storage of information relating to the user based upon the user presenting an item of photographic identification as proof of identity with respect to an activity.
- According to an embodiment of the invention there is provided a method comprising:
- providing to a user a smart contract with respect to the storage of information relating to the user based upon the user presenting an item of Government issued photographic identification as proof of identity with respect to an activity;
- obtaining informed consent from the user by their acceptance of the smart contract; and
- providing via at least one of tokenization and encryption linkage of the user's identity attributes associated with the item of Government issued photographic identification to the at least one of a financial instrument and a financial account of the user, wherein
- the at least one of the financial instrument and a financial account of the user are employed in completing the activity.
- According to an embodiment of the invention there is provided a method comprising:
- providing to a user a smart contract with respect to the storage of information relating to the user based upon the user presenting an item of Government issued photographic identification as proof of identity with respect to an activity;
- obtaining informed consent from the user by their acceptance of the smart contract; and
- storing the linkage between the user's identity attributes associated with the item of Government issued photographic identification and the at least one of a financial instrument and a financial account of the user within a permissionless distributed database based upon a protocol, wherein
- the at least one of the financial instrument and a financial account of the user are employed in completing the activity.
- Other aspects and features of the present invention will become apparent to those ordinarily skilled in the art upon review of the following description of specific embodiments of the invention in conjunction with the accompanying figures.
- Embodiments of the present invention will now be described, by way of example only, with reference to the attached Figures, wherein:
-
FIGS. 1 and 2 depict a first portion of a real world and virtual world identity ecosystem according to an embodiment of the invention; -
FIG. 3 depicts a wireless portable electronic device supporting communications to a network such as depicted inFIG. 4 and as supporting embodiments of the invention; -
FIG. 4 depicts a network environment within which embodiments of the invention may be employed; -
FIGS. 5A and 5B depict an exemplary process flow for establishing verification of a credential provided by a user within an environment according to an embodiment of the invention; -
FIG. 6 depicts an exemplary network environment for user authentication of an identity application according to an embodiment of the invention; -
FIG. 7 depicts exemplary use cases for identity verification exploiting an identity application according to an embodiment of the invention; -
FIG. 8 depicts the integration of the identity verification/application within an electronic identity wallet according to an embodiment of the invention; -
FIG. 9A depicts integration of blockchain verification/authentication to an identity verification/application within an electronic identity wallet according to an embodiment of the invention; -
FIG. 9B depicts integration of blockchain verification/authentication to an identity verification/application within an electronic identity wallet according to an embodiment of the invention; - The present invention is directed to real world and virtual world identities and more particularly to authenticating users within the virtual world based upon credentials issued in response to validated and authenticated real world identities.
- The ensuing description provides exemplary embodiment(s) only, and is not intended to limit the scope, applicability or configuration of the disclosure. Rather, the ensuing description of the exemplary embodiment(s) will provide those skilled in the art with an enabling description for implementing an exemplary embodiment. It being understood that various changes may be made in the function and arrangement of elements without departing from the spirit and scope as set forth in the appended claims.
- A “portable electronic device” (PED) as used herein and throughout this disclosure, refers to a wireless device used for communications and other applications that requires a battery or other independent form of energy for power. This includes devices, but is not limited to, such as a cellular telephone, smartphone, personal digital assistant (PDA), portable computer, pager, portable multimedia player, portable gaming console, laptop computer, tablet computer, and an electronic reader.
- A “fixed electronic device” (FED) as used herein and throughout this disclosure, refers to a wireless and/or wired device used for communications and other applications that requires connection to a fixed interface to obtain power. This includes, but is not limited to, a laptop computer, a personal computer, a tablet, a smartphone, a computer server, a kiosk, a gaming console, a digital set-top box, an analog set-top box, an Internet enabled appliance, an Internet enabled television, and a multimedia player.
- An “application” (commonly referred to as an “app”) as used herein may refer to, but is not limited to, a “software application”, an element of a “software suite”, a computer program designed to allow an individual to perform an activity, a computer program designed to allow an electronic device to perform an activity, and a computer program designed to communicate with local and or remote electronic devices. An application thus differs from an operating system (which runs a computer), a utility (which performs maintenance or general-purpose chores), and a programming tools (with which computer programs are created). Generally, within the following description with respect to embodiments of the invention an application is generally presented in respect of software permanently and/or temporarily installed upon a PED and/or FED.
- A “social network” or “social networking service” as used herein may refer to, but is not limited to, a platform to build social networks or social relations among people who may, for example, share interests, activities, backgrounds, or real-life connections. This includes, but is not limited to, social networks such as U.S. based services such as Facebook, Google+, Tumblr and Twitter; as well as Nexopia, Badoo, Bebo, VKontakte, Delphi, Hi5, Hyves, iWiW, Nasza-Klasa, Soup, Glocals, Skyrock, The Sphere, StudiVZ, Tagged, Tuenti, XING, Orkut, Mxit, Cyworld, Mixi, renren, weibo and Wretch.
- “Social media” or “social media services” as used herein may refer to, but is not limited to, a means of interaction among people in which they create, share, and/or exchange information and ideas in virtual communities and networks. This includes, but is not limited to, social media services relating to magazines, Internet forums, weblogs, social blogs, microblogging, wikis, social networks, podcasts, photographs or pictures, video, rating and social bookmarking as well as those exploiting blogging, picture-sharing, video logs, wall-posting, music-sharing, crowdsourcing and voice over IP, to name a few. Social media services may be classified, for example, as collaborative projects (for example, Wikipedia); blogs and microblogs (for example, Twitter™); content communities (for example, YouTube and DailyMotion); social networking sites (for example, Facebook™); virtual game-worlds (e.g., World of Warcraft™); and virtual social worlds (e.g. Second Life™).
- An “enterprise” as used herein may refer to, but is not limited to, a provider of a service and/or a product to a user, customer, client, or consumer. This includes, but is not limited to, a retail outlet, a store, a market, an online marketplace, a manufacturer, an online retailer, a charity, a utility, and a service provider. Such enterprises may be directly owned and controlled by a company or may be owned and operated by a franchisee under the direction and management of a franchiser.
- A “service provider” as used herein may refer to, but is not limited to, a third party provider of a service and/or a product to an enterprise and/or individual and/or group of individuals and/or a device comprising a microprocessor. This includes, but is not limited to, a retail outlet, a store, a market, an online marketplace, a manufacturer, an online retailer, a utility, an own brand provider, and a service provider wherein the service and/or product is at least one of marketed, sold, offered, and distributed by the enterprise solely or in addition to the service provider.
- A ‘third party’ or “third party provider” as used herein may refer to, but is not limited to, a so-called “arm's length” provider of a service and/or a product to an enterprise and/or individual and/or group of individuals and/or a device comprising a microprocessor wherein the consumer and/or customer engages the third party but the actual service and/or product that they are interested in and/or purchase and/or receive is provided through an enterprise and/or service provider.
- A “user” or “credential holder” as used herein refers to an individual who, either locally or remotely, by their engagement with a service provider, third party provider, enterprise, social network, social media etc. via a dashboard, web service, website, software plug-in, software application, or graphical user interface provides an electronic credential as part of their authentication with the service provider, third party provider, enterprise, social network, social media etc. This includes, but is not limited to, private individuals, employees of organizations and/or enterprises, members of community organizations, members of charity organizations, men, women, children, and teenagers. “User information” as used herein may refer to, but is not limited to, user identification information, user profile information, and user knowledge.
- A “security credential” (also referred to as a credential) as used herein may refer to, but is not limited to, a piece of evidence that a communicating party possesses that can be used to create or obtain a security token. This includes, but is not limited to, a machine-readable cryptographic key, a machine-readable password, a cryptographic credential issued by a trusted third party, or another item of electronic content having an unambiguous association with a specific, real individual. Such security credentials may include those that are permanent, designed to expire after a certain period, designed to expire after a predetermined condition is met, or designed to expire after a single use.
- A “government issued photographic identity document” as used herein may refer to, but is not limited to, any document, card, or electronic content item issued by a government body for the purposes of identifying the owner of the government issued photographic identity document. Such government bodies may, for example, be provincial, federal, state, national, and regional governments alone or in combination. Such government issued photographic identity documents, also referred to within this specification as Photo-ID cards, government issued photographic cards, and government issued identity documents may include, but are not limited to, a driver's license, a passport, a health card, national identity card, and an immigration card although they have the common feature of a photographic image, multimedia image, or audiovisual image of the user to whom the government issued photographic identity document was issued. Such government issued photographic identity documents may include, but not be limited to, those comprising single sided plastic card, double sided plastic cards, single sided sheets, double side sheets, predetermined sheets within a book or booklet, and digital representations thereof in isolation or in combination with additional electronic/digital data that has been encoded/encrypted. For example, a digital memory with fingerprint scanner in the form of what is known as a “memory stick” may be securely issued by a government body as the fingerprint data for the user is securely encoded and uploaded together with image and digital content data. Subsequently, the digital memory when connected to a terminal and activated by the user's fingerprint may transfer the required digital data to the terminal to allow for a verification that the user is the one and the same. Such memory devices can be provided which destroy or corrupt the data stored within upon detection of tampering.
- “Electronic content” (also referred to as “content” or “digital content”) as used herein may refer to, but is not limited to, any type of content that exists in the form of digital data as stored, transmitted, received and/or converted wherein one or more of these steps may be analog although generally these steps will be digital. Forms of digital content include, but are not limited to, information that is digitally broadcast, streamed or contained in discrete files. Viewed narrowly, types of digital content include popular media types such as those for example listed on Wikipedia (see http://en.wikipedia.org/wiki/List_of file_formats). Within a broader approach digital content may include any type of digital information that is at least one of generated, selected, created, modified, and transmitted in response to a request, wherein said request may be a query, a search, a trigger, an alarm, and a message for example.
- “Encryption” as used herein may refer to, but are not limited to, the processes of encoding messages or information in such a way that only authorized parties can read it. This includes, but is not limited to, symmetric key encryption through algorithms such as Twofish, Serpent, AES (Rijndael), Blowfish, CAST5, RC4, 3DES, and IDEA for example, and public-key encryption through algorithms such as Diffie-Hellman, Digital Signature Standard, Digital Signature Algorithm, ElGamal, elliptic-curve techniques, password-authenticated key agreement techniques, Paillier cryptosystem, RSA encryption algorithm, Cramer-Shoup cryptosystem, and YAK authenticated key agreement protocol.
- A block chain or blockchain as used herein may refer to, but are not limited to, a permissionless distributed database based on a protocol, such as the bitcoin protocol for example. A blockchain maintains and establishes a continuously growing list of transactional data records hardened against tampering and revision, even by operators of the data store's nodes themselves. As such a blockchain may for a public ledger of transactions as well as the basis for distributed ledgers. Each blockchain record may be enforced cryptographically and hosted on machines working as data store nodes in a distributed manner.
- The dual purposes of ID documents are to ascertain the virtual identity of the holder through providing a valid and authentic document, and also for a human authorized agent to identify the physical person as the rightful owner of the document, therefore binding in-person the physical identity to the virtual one. Whilst most security features are targeted at validating or increasing confidence in the authenticity of the ID document itself the second aspect of visual verification is subject to human limitations such as fatigue as well as variations in individual, environmental, and physical conditions. This is normally remedied by supplementing human validation with sophisticated equipment such as ID document scanners, or cameras that perform automated OCR/OMR and data cross-checking, providing some level of validation automation. Further, given many security features involve micro-printing, NW or UV markings, RFID, and smartcard microchips, it is safe to say that only such equipment can reliably read these and validate certain aspect of these. Within U.S. Provisional Patent Applications 61/980,785 entitled “Methods and Systems relating to Real World Document Verification” filed Apr. 17, 2014 and 61/972,495 entitled “Methods and Systems relating to Real World and Virtual World Identities” filed Mar. 13, 2014, the entire contents of which are incorporated herein by reference, the inventors have presented a methodology and systems for uniquely verifying a physical ID card by establishing unique ID cards that are bound to a user's identity by an issuing authority. Accordingly, prior art identity replication and/or theft methodologies are halted as even a complete re-printing and re-programming of the ID card cannot remove the original binding of the ID card to an individual. However, it would be beneficial to expand the ID documents that could be protected by such unique bindings at issuance.
- Conversely, the task of validating the physical identity of the ID document holder with the photo on the document, or the photo on another document of the same name such as a government issued ID, is optimally suited to the human agent today. As a biometric identifier, the matching of a user photo to their face is easily and quickly performed in person whereas with the current status of electronic solutions this is something more difficult to achieve reliably with facial recognition and face matching technology.
- Accordingly, it would be beneficial for improved focus to be applied to photographic images within ID documents. As will become evident embodiments of the invention provide solutions supporting enhanced photographic and/or digital imagery to ensure enhanced usability for both visual authentication and easy readability without requiring high cost scanning or camera devices, allowing within the supported embodiments entirely digital mobile ID documents. Accordingly, embodiments of the invention may cross easily into the all-digital world whereas nearly all other prior art security features require a physical card making them self-limiting when considering migration to electronic ID documents and forcing adoption of secondary methodologies and credentials.
- Referring to
FIGS. 1 and 2 there are depicted first and second portions of a real and virtual world identity ecosystem (RVWIE) according to an embodiment of the invention. As depicted inFIG. 1 this RVWIE comprises a physical attribute provider (PHYSAP) 155 in communication with anAttribute Provider 135. The PHYSAP 155 being depicted schematic as process flow detail inFIG. 2 . The PHYSAP 155 represents an identity document issuer wherein the identity document (ID) includes a photograph of theuser 165 to whom it relates and may be a physical ID document and /or an electronic ID document. Accordingly, the PHYSAP 155 is, typically, a government issuing authority or an authority licensed by a government to issue identity documents. The government authority may be national, provincial, federal, or state for example. Such identity documents may include, but are not limited to, a driver's license, a passport, a health card, national identity card, and an immigration card. - Accordingly, a credential holder (user 165) is identity-proofed in-person by a trusted agent of the government photographic identity issuing authority, e.g. first and
second PHYSAPs process step 210, as depicted with respect tofirst PHYSAP 155A, results in the issuance of photographic identity (Photo-ID) document (PhysID) 160A (step 220) and the credential holder's proofed identity being bound (step 230) to the government photographic identity document. As a result of this sequence the credential holder's identity-proofed attributes being stored instep 240 within a governmentIdentity Attribute Database 250 managed by the document issuer. Attributes stored in respect of the credential holder within theIdentity Attribute Database 250 may include, but not be limited to, the photograph of theuser 165, the signature of theuser 165, the user's name and address, type of document, and date of issue. The information within theIdentity Attribute Database 250 is also accessible by a Document Validation and Identity Verification Engine (DVIVE) 260 which is in communication with anAttribute Provider 135. In contrast, withsecond PHYSAP 155B, a similar process as depicted with respect tofirst PHYSAP 155A may be employed, resulting in asecond PhysID 160D, electronic ID document (EleID) 160B, and fractal 160C. The fractal 160C may, for example be a fractal image or be a fractal image with embedded encrypted data such as described by the inventors within U.S. Provisional Patent Application 62/086,745 entitled “Verifiable Credentials and Methods Thereof” filed Dec. 3, 2014 the entire contents of which are incorporated herein by reference. - Subsequently, the user 165 (credential holder) uses their
PhysID 160A, orsecond PhysID 160D at a storefront retailer/government office or kiosk/enterprise, depicted as first and second storefront relying parties front relying parties front relying parties - Trust Level 1 (TL1)—government office, civic authority, e.g. another government Photo-ID issuing authority or government/civic office where the credential holder's identity is proofed, having higher trust level than other relying parties.
- Trust Level 2 (TL2)—financial institutions, e.g. a bank, having a higher trust level than other relying parties, such as retailers, etc. but not at a level not as high as relying parties at a
Trust Level 1. - Trust Level 3 (TL3)—all other identity agents, not included in the
above trust levels - An additional trust level, Trust Level 4 (TL4), is associated with online merchants as indicated in
FIG. 1 with first and second online relyingparties - In some instances, such as a financial institution then some may be in one trust level whereas others may be in another. For example, an internationally recognized bank may be TL2 whereas a bank associated with a grocery retailer may be TL3 or Tl4. Equally, a main branch of Bank of America may be TL2 versus a small in-mall branch at TL3 or TL4. It would be evident that even within a trust level that a further hierarchy of trust may exist such that a US Post Office may have higher trust levels than a car rental company.
- Whilst embodiments of the invention are described as having four trust levels (TL1 to TL4 respectively) it would be evident that within alternate embodiments a higher or lesser number of trust levels may be employed. The Ping360 system, located at the store front relying party's place of business and not shown for clarity, interacts with the
Attribute Provider 135 to validate thePhysID 160A and verify the identity of the document bearer,user 165. Accordingly, the Ping360 system acquires data from and about thePhysID 160A and communicates this to a Document Validation Identity Verification database (DVIVDb) 150 which then communicates with theDVIVE 260 within the PHYSAP 155. TheDVIVE 260 thereby confirms or denies the validity of thePhysID 160A presented by theuser 165 at the one of the first and second storefront relying parties DVIVE 260 extracts data from theIdentity Attribute Database 250 as part of the validation activity. - Accordingly, the Ping360 system validates the
PhysID 160A as being genuine or counterfeit. As described supra the Ping360 system extracts characteristic information from thePhysID 160A which is transmitted to theDVIVDb 150 managed and controlled byAttribute Provider 135. The extracted characteristics are then provided to DVIVE 260 wherein they are compared with data extracted fromIdentity Attribute Database 250 and a resulting validation/denouncement of thePhysID 160A is communicated back to theDVIVDb 150 and therein back to the Ping360 for presentation to the agent of the store front relying party. Extracted characteristics may include, but are not limited to, the photograph on thePhysID 160A, a signature, identity information of thePhysID 160A, barcode data, QR code data, data within magnetic stripe(s), etc. as well as potentially characteristics of the card itself. - The data within the
Identity Attribute Database 250 maintained and acquired/generated by the PHYSAP 155 relating to thePhysID 160A when theuser 165 applied for, or renewed, theirPhysID 160A. Accordingly, theuser 165 during the course of doing business at various retail service provider's locations, the credential holder's (user 165)PhysID 160A is validated and their identity verified by Attribute Provider's 135DVIVDb 150. Therefore, each time the user's 165PhysID 160A (or Photo-ID document) is validated and the bearer's identity is verified by the combination the Ping360 system,DVIVDb 150, andDVIVE 260 as being genuine and not fake, then the credential holder's in-person verified identity is also confirmed as being genuine. TheAttribute Provider 135 also generates one or more Identity Verification Scores (IdVS) which are subsequently stored within an IdentityVerification Score database 140. As a result, Ping360 software is able to generate a quantified measure of the credential holder's identity and inform participating businesses, employers, and organizations of the strength of the credential holder's identity. - An Identity Verification Score (IdVS) may be considered to be similar to a FICO score, which is used by financial institutions to help them make complex, high-volume decisions and grant credit to a user. As described in more detail below, and as established supra, in order to create a representative IdVS for each credential holder (user 165), where their
PhysID 160A is verified by a Ping360 system, a trust level (TL) for each storefront relying party (Identity Agent) is established as outlined supra in dependence upon the storefront retailing party class, e.g. financial institutions have higher trust level than a retailer but not as high as a government office or civic authority office. In addition to trust level an IdVS computation according to embodiments of the invention may take into account the number of times the credential holder's photo-ID document is validated and the credential holder's identity verified. - As depicted in
FIG. 1 IdVS data is also available for use by online relying parties, such as first and second online relyingparties Attribute Provider 135. It is also available for use by online authentication services, such as for example,Authentication Service 190 depicted as Assure 360 Identity Assurance Service. Theuser 165, upon being verified through PHYSAP 155, may establish an account with anAttribute Provider 135 by forwarding an electronic mail address through an Identity Agent, depicted withinFIG. 1 by first and second storefront relying parties user 165 may have the ability to choose anAttribute Provider 135 frommultiple Attribute Providers 135 as part of the process performed through an Identity Agent where they provide their electronic mail address. Optionally, the ability of auser 165 to communicate with and/or open an account with anAttribute Provider 135 may be restricted to a store front relying party at only one or more trust levels, e.g. those with trust level 1 (TL1) only for example. Additionally, theuser 165 may be prevented from accessing an Identity Agent to establish the account with anAttribute Provider 135 until at least one or a predetermined number of activities have been completed with the store front relying parties at the appropriate trust levels. Further, the Identity Agent may only be accessed by theuser 165 upon an authentication of their identity at the store front relying party by an action of an agent of the store front relying party. - The
user 165 may then select anAuthentication Service 190 from those provided by theAttribute Provider 135 web site of theAttribute Provider 135 theuser 165 has selected. TheAttribute Provider 135 sends a one-time-credential retrieved from One-Time Credential database 145 to the selectedAuthentication Service 190 and acredential 175 to the credential holder (user 165).Attribute Provider 135 also sends theAuthentication Service 190 information required by theAuthentication Service 190 to open an online account in the credential holder's name. Optionally, theuser 165 may be presented with separate lists ofAttribute Providers 135 andAuthentication Services 190 during their establishment of the account or subsequently theuser 165 may access anyAuthentication Service 190 rather than only a subset of them associated with the selectedAttribute Provider 135. The credential holder can use the one-time credential sent byAttribute Provider 135 to identify themselves to the selectedAuthentication Service 190 to confirm the online account which was opened automatically on the credential holder's behalf by theAuthentication Service 190 when theAuthentication Service 190 received the one-time-credential and the credential holder's information necessary to open an account. Once the account with theAuthentication Service 190 is active the credential holder can link their PED and/or FED to theAuthentication Service 190's server by downloading theAuthentication Service 190's client and related digital security certificates onto their PED and/or FED. A security certificate exchange takes place between theAuthentication Service 190 and theToken Management Service 110, which may for example be upon a server associated with theAuthentication Service 190 or may be upon a server associated with a third party. Accordingly, theToken Management Service 110 comprises aToken Manager 115 that binds, denoted by Binding 120, thedigital security certificates 125 to the user's 160 PEDs/FEDs such as depicted by first tothird devices 130A to 130C respectively. - As a result, the credential holder's identity is bound to the credential holder's PEDs and/or FEDs and to the
Authentication Service 190/Token Management Service 110 thereby providing to one of the first and second online relyingparties Level 3, in-person, verified identity assurance. Based on the credential holder's IdVS, which is obtained from IdentityVerification Score database 140 theAttribute Provider 135 can provideAuthentication Service 190, and other authentication services, with revocation status information on the credential holder. Accordingly, theAuthentication Service 190 may revoke, cancel, or not authenticate thesecurity credential 175 of theuser 165. It would be evident that in some embodiments of the invention theAuthentication Service 190 does not retain or store the one-time credentials 175. - Now referring to
FIG. 3 there is depicted anelectronic device 304 andnetwork access point 307 supporting RVWIE features according to embodiments of the invention.Electronic device 304 may, for example, be a PED and/or FED and may include additional elements above and beyond those described and depicted. Also depicted within theelectronic device 304 is the protocol architecture as part of a simplified functional diagram of asystem 3000 that includes anelectronic device 304, such as asmartphone 450 inFIG. 4 , an access point (AP) 306, such as first AP 410 inFIG. 4 , and one ormore network devices 307, such as communication servers, streaming media servers, and routers for example such as first andsecond servers Network devices 307 may be coupled toAP 306 via any combination of networks, wired, wireless and/or optical communication links such as discussed above in respect ofFIG. 4 as well as directly as indicated.Network devices 307 are coupled tonetwork 300 and therein Social Networks (SOCNETS) 365, first andsecond Attribute Providers photographic identity providers second Authentication Services - The
electronic device 304 includes one ormore processors 310 and amemory 312 coupled to processor(s) 310.AP 306 also includes one ormore processors 311 and amemory 313 coupled to processor(s) 310. A non-exhaustive list of examples for any ofprocessors processors memories -
Electronic device 304 may include anaudio input element 314, for example a microphone, and anaudio output element 316, for example, a speaker, coupled to any ofprocessors 310.Electronic device 304 may include avideo input element 318, for example, a video camera or camera, and avideo output element 320, for example an LCD display, coupled to any ofprocessors 310.Electronic device 304 also includes akeyboard 315 andtouchpad 317 which may for example be a physical keyboard and touchpad allowing the user to enter content or select functions within one ofmore applications 322. Alternatively, thekeyboard 315 andtouchpad 317 may be predetermined regions of a touch sensitive element forming part of the display within theelectronic device 304. The one ormore applications 322 that are typically stored inmemory 312 and are executable by any combination ofprocessors 310.Electronic device 304 also includesaccelerometer 360 providing three-dimensional motion input to theprocess 310 andGPS 362 which provides geographical location information toprocessor 310. -
Electronic device 304 includes aprotocol stack 324 andAP 306 includes acommunication stack 325. Withinsystem 3000protocol stack 324 is shown as IEEE 802.11 protocol stack but alternatively may exploit other protocol stacks such as an Internet Engineering Task Force (IETF) multimedia protocol stack for example. Likewise,AP stack 325 exploits a protocol stack but is not expanded for clarity. Elements ofprotocol stack 324 andAP stack 325 may be implemented in any combination of software, firmware and/or hardware.Protocol stack 324 includes an IEEE 802.11-compatible PHY module 326 that is coupled to one or more Front-End Tx/Rx &Antenna 328, an IEEE 802.11-compatible MAC module 330 coupled to an IEEE 802.2-compatible LLC module 332.Protocol stack 324 includes a networklayer IP module 334, a transport layer User Datagram Protocol (UDP)module 336 and a transport layer Transmission Control Protocol (TCP)module 338. -
Protocol stack 324 also includes a session layer Real Time Transport Protocol (RTP)module 340, a Session Announcement Protocol (SAP)module 342, a Session Initiation Protocol (SIP)module 344 and a Real Time Streaming Protocol (RTSP)module 346.Protocol stack 324 includes a presentation layermedia negotiation module 348, acall control module 350, one or moreaudio codecs 352 and one ormore video codecs 354.Applications 322 may be able to create maintain and/or terminate communication sessions with any ofdevices 307 by way ofAP 306. Typically,applications 322 may activate any of the SAP, SIP, RTSP, media negotiation and call control modules for that purpose. Typically, information may propagate from the SAP, SIP, RTSP, media negotiation and call control modules toPHY module 326 throughTCP module 338,IP module 334,LLC module 332 andMAC module 330. - It would be apparent to one skilled in the art that elements of the
electronic device 304 may also be implemented within theAP 306 including but not limited to one or more elements of theprotocol stack 324, including for example an IEEE 802.11-compatible PHY module, an IEEE 802.11-compatible MAC module, and an IEEE 802.2-compatible LLC module 332. TheAP 306 may additionally include a network layer IP module, a transport layer User Datagram Protocol (UDP) module and a transport layer Transmission Control Protocol (TCP) module as well as a session layer Real Time Transport Protocol (RTP) module, a Session Announcement Protocol (SAP) module, a Session Initiation Protocol (SIP) module and a Real Time Streaming Protocol (RTSP) module, media negotiation module, and a call control module. Portable and fixed electronic devices represented byelectronic device 304 may include one or more additional wireless or wired interfaces in addition to the depicted IEEE 802.11 interface which may be selected from the group comprising IEEE 802.15, IEEE 802.16, IEEE 802.20, UMTS, GSM 850,GSM 900, GSM 1800, GSM 1900, GPRS, ITU-R 5.138, ITU-R 5.150, ITU-R 5.280, IMT-2000, DSL, Dial-Up, DOCSIS, Ethernet, G.hn, ISDN, MoCA, PON, and Power line communication (PLC). - As described supra the
user 165 may present their first orsecond PhysIDs front relying parties front relying parties second PhysID FIGS. 1 and 2 , to verify the identity of theuser 165 presenting the first orsecond PhysID second PhysID user 165 may present theirEleID 160B to first and second storefront relying parties FIGS. 6A and 6B respectively or theuser 165 may present theirEleID 160B to first and second mobile relyingparties FIGS. 5A and 5B respectively. - Now referring to
FIG. 4 there is depicted a network within which embodiments of the invention may be employed supporting real world and virtual world identity ecosystems (RVWIEs) according to embodiments of the invention. Such RVWIEs, for example supporting activities such as the establishment of real world identity assurance,Level 3 assurance to physical store front relying enterprises, the binding of real world identity to electronic devices, and the provisioning ofLevel 3 identity verification to online retail relying enterprises. As shown first andsecond user groups telecommunications network 300. Within the representative telecommunication architecture, a remotecentral exchange 480 communicates with the remainder of a telecommunication service providers network via thenetwork 300 which may include for example long-haul OC-48/OC-192 backbone elements, an OC-48 wide area network (WAN), a Passive Optical Network, and a Wireless Link. Thecentral exchange 480 is connected via thenetwork 300 to local, regional, and international exchanges (not shown for clarity) and therein throughnetwork 300 to first and secondcellular APs second user groups network 300 are first and second Wi-Fi nodes network 300 viarouter 405. Second Wi-Fi node 410B is associated withEnterprise 460, e.g. HSBC™, within which other first andsecond user groups 400A are and 400B.Second user group 400B may also be connected to thenetwork 300 via wired interfaces including, but not limited to, DSL, Dial-Up, DOCSIS, Ethernet, G.hn, ISDN, MoCA, PON, and Power line communication (PLC) which may or may not be routed through a router such asrouter 405. - Within the cell associated with
first AP 410A the first group ofusers 400A may employ a variety of PEDs including for example,laptop computer 455,portable gaming console 435,tablet computer 440,smartphone 450,cellular telephone 445 as well asportable multimedia player 430. Within the cell associated withsecond AP 410B are the second group ofusers 400B which may employ a variety of FEDs including forexample gaming console 425,personal computer 415 and wireless/Internet enabledtelevision 420 as well ascable modem 405. First and secondcellular APs cellular AP 495B provides coverage in the exemplary embodiment to first andsecond user groups second user groups network 300 through multiple APs, not shown for clarity, distributed geographically by the network operator or operators. Firstcellular AP 495A as show provides coverage tofirst user group 400A and environment 470, which comprisessecond user group 400B as well asfirst user group 400A. Accordingly, the first andsecond user groups network 300 through one or more wireless communications standards such as, for example, IEEE 802.11, IEEE 802.15, IEEE 802.16, IEEE 802.20, UMTS, GSM 850,GSM 900, GSM 1800, GSM 1900, GPRS, ITU-R 5.138, ITU-R 5.150, ITU-R 5.280, and IMT-2000. It would be evident to one skilled in the art that many portable and fixed electronic devices may support multiple wireless protocols simultaneously, such that for example a user may employ GSM services such as telephony and SMS and Wi-Fi/WiMAX data transmission, VOIP and Internet access. Accordingly, portable electronic devices withinfirst user group 400A may form associations either through standards such as IEEE 802.15 and Bluetooth as well in an ad-hoc manner. - Also connected to the
network 300 are Social Networks (SOCNETS) 365, first andsecond Attribute Providers photographic identity providers second Authentication Services second servers second servers Enterprise 460 exploiting RVWIE features; license databases; content databases; image databases; content libraries; customer databases; websites; and software applications for download to or access by FEDs and/or PEDs exploiting and/or hosting RVWIE features. First and secondprimary content servers - Accordingly, a user may exploit a PED and/or FED within an
Enterprise 460, for example, and access one of the first orsecond servers second user groups cellular APs Fi nodes 410A. - As noted supra first and
second servers Authentication Service 190 inFIG. 1 (e.g. Assure360) may operate a server or servers within one or more jurisdictions which authenticate, using one or more machine authentications techniques servers, within that jurisdiction as well as other jurisdictions. Each jurisdiction server may be operated by the same Authentication Service as manages the supervisory servers or it may be operated by one or more Identity Authority Servers authorised by the Authentication Service managing the supervisory servers. Optionally, such providers of Authentication Services may be regulated by government regulatory bodies within their respective jurisdictions. As noted supra as the verification processes are performed on firewalled servers associated with the physical attribute provider (PHYSAPs) then data relating to true original government issued photographic identity documents is maintained secure and private whilst the only information transmitted from a store front relying party is the extracted data for the presented government issued photographic identity document and that transmitted from a PHYSAP is the result of the verification/validation process. Similarly, data transmitted from an Attribute Provider is restricted, e.g. only the Identity Verification Score (IdVS) provided from the Attribute Provider server, e.g. Ping360 server, to the card reader at the store front relying party, e.g. Store Front Relying Party (TL1) 170A. - Accordingly, where government issued photographic identity cards are standardized, e.g. driver' licenses in all member states of the European Community, then the processes relating to the store front relying parties may be similarly tracked and employed across multiple jurisdictions. Alternatively, the user may transact business within another jurisdiction based upon the validation and verification of their identity. In such instances where a jurisdiction server (e.g. a country server) is transacting on behalf of a user (e.g. doing business or presenting their government issued photographic identity card) in another jurisdiction (e.g. country) then the two jurisdiction servers will first identify themselves before the user's digital identity will be assured by the jurisdiction server in the jurisdiction they live. Due to different provincial, state, territorial, differences such jurisdictions may include different states, regions, territories, etc., for example.
- It would be evident that authentication may be conducted by an online relying party in the country in which the user is conducting business or by the user's Identity Provider (if the user uses one), if the online relying party the user is transaction with is networked with the user's Identity Provider. It would be evident that some enterprises and/or organizations acting as online relying parties, e.g. Google, American Express, HSBC and Facebook, may act as global identity providers whereas other online relying parties, e.g. Verizon and Chase Manhattan, may be only US identity providers.
- Within the embodiments of the invention where an activity is defined with respect to a Store
Front Relying Party 170A/170B orOnline Relying Party 180A/180B then similar information and/or processes may be implemented with respect aMobile Relying Party 180C/180D in that they may be provided within verification information such as IdVS etc. Similarly, presentation of their online electronic credential/electronic identity document may be, as described below in respect ofFIGS. 6 and 7 , employed without transfer to the mobile relyingparty 180C/180D but in other embodiments of the invention the mobile relyingparty 180C/180D may capture an image of the electronic credential/electronic identity document. - Accordingly, within an embodiment of the invention a license holder may perform the following sequence of actions:
-
- The license holder logs in to an Identity Authority Server using a PHYSAP (e.g. a RetroTrust™ software application) on their PED and multi-factor-authentication (MFA)
- The license holder requests a download of their driver's license, vehicle registration, and proof of insurance document onto the license holder's PED and also enters the police officer's badge number and department onto the PHYSAP so that the documents also download onto the PED of the police officer who is requesting to see the documents.
- The documents download simultaneously from the Identity Authority Server onto the PEDs of the license holder and the police officer.
- At the same time the EIdApp displays on both PEDs the same fractal, which was also downloaded along with the documents from the Identity Authority Server.
- The two fractals which are easy to compare ensures that the officer is confident that the downloaded documents on both devices are exactly the same.
- Now referring to
FIGS. 5A and 5B there is depicted an exemplary process flow for establishing verification of a credential provided by a user within an environment according to an embodiment of the invention. In this instance, rather than a retail environment, the user is presenting their EleID in an external, i.e. mobile environment, such as, for example, presenting their electronic driving license to a police officer during a traffic stop, for example. Accordingly, the user having been asked to provide their driving license has elected to present their EleID and activates the EleILDAp. The user may have only an EleID or in other instances they may be issued with an EleID and a PhysID when they verify themselves and obtain the credentials such as described above in respect ofFIGS. 1 and 2 . According, the user triggers through their interaction with the EleIDAp a first message “1” to the Identity Authority (IA) 510 which houses at least an Identity Authority Server (IAS) 520 and Mobile Document Module (MDM) 525. - At the same time the EleIDAp displays a fractal 515 upon its display as depicted with
first EleIDAp display 510A. This fractal 515 is then acquired by an official electronic device (OED) displayed infirst OED configuration 520A. As displayed the OED is associated with the Iowa City Police Department. The fractal 515 may be acquired through the user's PED being held such that an image of the display may be captured by a camera within the OED. Alternatively, the OED and user's PED may pair through a local area network interface, e.g. Bluetooth or another interface such as Near Field Communications (NFC). - Optionally, the fractal 515 may be a fractal obtained from
IA 510 in response to the first message “1.” Optionally, the fractal 515 may include encrypted data. Optionally, the fractal 515 as displayed is pulsating and data relating to the pulse sequence of the fractal images presented acquired by the OED. The OED may be executing a EleIDAp such as “Ping 360” in addition to specific software associated with the OED or the EleIDAp is an application embedded within the OED software. In either instance the OED generates a third message “3” which is transmitted to theIA 510. This may be the fractal 515 together with information associated with the OED or information extracted, i.e. decrypted, from the fractal 515 or acquired as part of the communications between OED and PED. Within an embodiment of the invention this information may include a one-time identification number embedded within the fractal 515, or a hash value of the one-time identification number. This one-time identification number and/or the fractal 515 may have been communicated by theIA 510 to the user's PED in response to the first message “1.” Optionally, there may be a time limit associated with the timing of receipt of messages “1” and “3” by theIA 510. - Accordingly, the IA Server based upon the information extracted from the fractal 515 and/or information received with the message “3” establishes, through request “4” to Attribute
Provider 135 andPhysAp 155N, personal information. This personal information is provided back to theIA 510 byAttribute Provider 135 andPhysAp 155N as first response “5”. This response “5” may include appropriate identity attribute information relating to the PhysID and/or EleID as well as a representation of the PhysID and/or EleID. - Accordingly, the
IA 510 generates second and third responses to the OED and PED respectively. In second response “6” the OED receives, based upon the appropriate privacy requirements of the user based upon identity information of the organization associated with the OED, appropriate information including a privacycompliant representation 550 of the PhysID and/or EIeID, and a firstunique identifier 540 provided from theIA Server 520 within theIA 510. As such the OED may display to the officer associated with the OED, as indicated by OED in secondOED configuration 520B, wherein the privacycompliant representation 550 andunique identifier 540 are displayed. The officer associated with the OED can then compare these to the PhysID and/or EleID being offered by the user. In the instance of an EleID the third response “7” to the user's PED may trigger the EleIDAp in execution upon their PED,e.g. Ping 360 application, to display as displayed insecond EleIDAp configuration 510B, theEIeID 530 together with a secondunique identifier 535 provided to them within third response “7.” As such the EleIDAp in execution upon the user's PED provides information against which the officer with the information upon their OED can compare. As such the officer would be seeking to verify that the EleIDs match and the unique identifiers match. Optionally, as indicated within thirdOED configuration 520C theIA 510 may have communicated a second fractal 545 to the OED within second response “6.” This second fractal 545 may for example be a fractal associated with the PhysID and/or EIeID and bound to it at issuance (optionally this is also part of the PhysID and/or EleID. Optionally, the fractal, representation of PhysID and/or EleID, and unique identifier may be provided upon the OED. - Optionally, the EleID and/or a representation of the PhysID may be modified, i.e. redacted, in order to meet the appropriate privacy requirements which may be determined in dependence upon several factors including, but not limited to, the age of the user, the requesting third party, the jurisdiction of issuance of the EleID/PhysID, the jurisdiction of the third party requesting verification, and an activity associated with the verification process.
- Referring to
FIG. 6 there is depicted an exemplary network environment for user authentication of a photographic identity (PhotoID) according to an embodiment of the invention wherein a user has a photographic identity application in execution upon a PED as depicted infirst image 600A which is in communication vianetwork 300 withIA 510,PHYSAP 155N, andAP 135. Subsequently, for example in respect of an encounter with law enforcement, they receive a request upon their PED in respect to verifying their PhotoID. The request having been issued by the law enforcement officer, in this example “OPP # 7352”, based upon a request issued from a PED as depicted inthird image 600C associated with the law enforcement officer which is routed toPHYSAP 155N and therein triggers provisioning of the request to the user's PED. The triggering request depicted insecond image 600B wherein the user enters their user identity and password in respect of the request which is then communicated to thePHYSAPP 155N wherein the user's and officer's PEDs receive data relating to the user's driving license as depicted in fourth andfifth images - Within embodiments of the invention a user may be asked for permission to exploit a blockchain or blockchains through a “Smart Contract.” For example, this may occur when a user is in a storefront location and as the card holder tries to verify their card for the first time or the first instance after some other verification, authentication, trust level, etc. has been exceeded. A simple smart contract is then presented that seeks the card holder's permission to confirm their identity attributes found on the card holder's PhotoID against the card holder's identity attributes stored in the PhotoID issuer's database. The card holder is also asked for an electronic address, e.g. email, and then must press an “Agree and Submit” button to grant permission. Subsequently, or in combination with this, the user provides a second permission that gives the Company managing the processes the right to accumulate the card holder's identity verification scores. Similarly, a third permission may be required, which will typically be at a later date, will seek the card holder's permission to link specific card holder's identity attributes (e.g., face, address, date of birth, email address etc.) to the card holder's financial instruments. Such a “smart contract” once completed may then be provided to the user's electronic address together with links to additional terms and conditions etc. if appropriate. The user would be also able through such links to rescind their permission within a period of time consistent with the local Government regulations applicable with respect to the PhotoID and/or user's residential address. It would be evident that other “Smart Contracts” may be provided at this point in time, or periodically for re-validation or re-verifying consent, or upon specific triggers and/or trigger events.
- Accordingly, the user in providing this “explicit informed consent” allows the systems according to embodiments of the invention to provide, via tokenization and/or encryption, linkage of a user's identity attributes, i.e. as confirmed by a Government issued photographic identity database, e.g. their driver's license, to the individual's financial instruments, e.g. payment cards, debit cards, credit cards, etc., and accordingly their financial accounts. Accordingly, the PED and/or FED at a retail outlet employed as part of the presentation/acceptance of the “Smart Contract(s)” may also provide linkage between the individual's confirmed identity attributes and their financial cards and/or financial accounts. This may happen as a subsequent event or immediately wherein with customer and retailer consents the systems according to embodiments of the invention may combine the attribute search permission(s) with the attribute(s) and therein financial card and account linkage permission(s) from the user. The record of the linkage between the confirmed identity attributes and the financial cards and accounts may then be kept on a blockchain.
- Accordingly, as depicted in
FIG. 7 depicts exemplary use cases for identity verification exploiting an identity application according to an embodiment of the invention such as depicted in first andsecond images second image 710B is the user's image for recognition, fractal for comparison to user's PED fractal, and verified indicators for the user's driving license being valid and the user's age with respect to Government regulated ages, e.g. for alcohol, tobacco products, adult magazines, etc. Third andfourth images sixth images FIG. 8 the PhotoID concepts can be extended into an identity wallet (ID Wallet) for a user as depicted infirst image 810 wherein the ID Wallet application allows the user to access Photo-ID, Payments, Financial—Banking, Loyalty & Gift, Online Access, and Budgeting functions. Accordingly, selection of one of the categories triggers the presentation of a user screen such as depicted withuser screens 820A to 820N wherein the functionality may be varied according to the different categories and as evident from discussions below prior art techniques such as chip-and-pin verification for financial instruments such as credit cards may be combined with Identity Attribute Assurance, Identity Verification Scores, photographic identity etc. This being facilitated, for example, by cross-access of PHYSAPs such that, for example, payment with a credit card to a financial processing, e.g. MasterCard, may link through to the financial institution, e.g. TD Bank, which provides a request to a Government photographic identity provider, e.g. driving license, resulting in the photograph of the user being communicated back to the terminal of the retailer such that they can verify the user of the card thereby reducing credit card fraud. Alternatively, the financial institution may acquire images of their account holders based upon a verification of the account holder through their Government issued photographic identity and this is provided back via the financial processing to the retailer. - Accordingly, embodiments of the invention may be integrated to third party payment solutions using one or more authentications as known within the prior art. Such transactions and their associated verifications may be employed as established by the inventors in relation to the Identity Verification Score described supra.
- Within embodiments of the invention the blockchain may simply store a trust level of the storefront location, for example, without any information on where the transaction took place, the transaction value, the transaction details, etc. In other embodiments of the invention some information may be associated such as a location identifier for example.
- Now referring to
FIG. 9A there is depicted a network schematic/process flow 900 s integration of blockchain verification/authentication to an identity verification/application within an electronic identity wallet according to an embodiment of the invention. As depicted a plurality ofPHYSAPs 910A to 910N relating to Government issued photographic identities, for example driver's license, health card, passport, etc. wherein eachPHYSAP 910A to 910N includes a database, depicted as plurality ofdatabases 915A to 915N respectively. These link, via a network (not shown for clarity) to a RetroTrust Corporation (RTC) Attribute Validation and Identity Verification Engine (RTC-AVIVE) 920 which provides interfaces to an RTC Identity Authority Server (RTC-IAS) 930 (e.g. Attribute Provider 135 supra inFIG. 1 ) and an Identity Blockchain with Identity Verification Score engine (IB-IVSE) 925. The IB-IVSE 925 also links to the RTC-IAS 930, the PED ID Wallet application (ID-WAP) 985 uponPED 980, and an Authentication Service 960 (e.g. Authentication Service 190 supra inFIG. 1 ). - Accordingly, if the
user 990 makes a purchase from anonline store 970 through the ID-WAP 985 data passes from the user and their ID-WAP 985 on theirPED 980 to/from theAuthentication Service 960 and therein to/from the IB-IVSE 925 and RTC-IAS 930 and therein RTC-AVIVE 920 andPHYSAPs 910A to 910N. In this manner the user's credential is verified such as described in respect of embodiments of the invention and their Identity Verification Score updated. The ID-WAP 985 communicates with the IB-IVSE 925 which establishes and maintains one or more blockchains associated with the user such that these maintain a continuously growing list of transactional data records of the transactions performed by the user which are hardened against tampering and revision. In this manner each blockchain associated with the user maintains a ledger of transactions which may be enforced cryptographically. - Similarly, the user may make a purchase at a
retail location 950 employing an RTCretail device 945 and/orPED 980 as described supra in respect ofFIGS. 1 and 2 . In this manner data is communicated to the RTC-IAS 930 and therein the IB-IVSE 925 and RTC-IAS 930 and therein RTC-AVIVE 920 andPHYSAPs 910A to 910N. In this manner the user's credential is verified such as described in respect of embodiments of the invention and their Identity Verification Score updated. The ID-WAP 985 communicates with the IB-IVSE 925 which establishes and maintains one or more blockchains associated with the user such that these maintain a continuously growing list of transactional data records of the transactions performed by the user which are hardened against tampering and revision. In this manner each blockchain associated with the user maintains a ledger of transactions which may be enforced cryptographically. - Within the blockchain(s) the transaction(s) are timestamped allowing them to be employed as a trusted timestamp for arbitrary messages as well as transaction information. In some embodiments of the invention third party application services may access content stored directly in the blockchain, where the blockchain is accessible. In other embodiments of the invention partial content may be accessed externally but content may be encrypted securely.
- It would be evident that a blockchain according to an embodiment of the invention may store transaction data together with timestamp information as well as the Identity Verification Score (IVS). It would be evident that the blockchain may contain one or more hash values within the blockchain discretely or in association with transactions. In other instances, the blockchain may embed additional information including smart contracts, for example.
- The Identity Verification Score (IVS) will be kept on a Blockchain in the tablets (945) located at storefront retailers: convenience stores, financial institutions, auto-rentals, auto-dealers, department stores, etc., AND the IVS on the Blockchain could also be kept on a server (925),
FIG. 9A . - Referring to
FIG. 9B there is depicted an alternate network schematic/process flow 9000 with respect to the integration of blockchain verification/authentication to an identity verification/application within an electronic identity wallet according to an embodiment of the invention. In structure network schematic/process flow 9000 is essentially identical to network schematic/process flow 900 inFIG. 9A except the IB-IVSE 925 is now replaced by an RTC IB-IVSE 990 with an associated Blockchain &IVS database 995. Accordingly, the RTC IB-IVSE 990 establishes communication with the ID-WAP 985 on the user'sPED 980. However, unlike IB-IVSE 925 the RTC IB-IVSE 990 is distributed, such as for example, each online retailer server or retail store server such that the blockchains are distributed and accessible to these systems. Accordingly, these blockchain(s) may be extended based upon the transaction(s) performed by the user and may be used as “local” verification for the transaction through their storage of one or more hash values. Within embodiments of the invention the blockchain may also be stored on each PED or terminal 945 located at the storefront retailers. - Within other embodiments of the invention content stored within the blockchains may be encrypted wherein the content is decrypted with a key transmitted to the recipient's PED and/or FED in instances such as border services, law enforcement etc. Optionally, a blockchain may provide data relating to a user's original identity document.
- Optionally, local verification of the user may be performed based upon comparing one or more hash values stored within a blockchain with a value provided from the user's PED and é or FED wherein the hash value relates to, for example, transaction data, timestamp data and a pseudorandom value added by the user's PED such that the hash value cannot be derived from the transaction data nor the transaction data derived from the hash value. In this manner data within the hash value can only be extracted from the user's PED through their identity wallet such that a user may be locally verified to a system based upon the user's PED extracting data relating to one or more transactions for verification to the system based upon data provided to it. Accordingly, a user's transactional history can be employed to provide local verification wherein the local verified hash/blockchain are periodically re-verified at a higher level through another transaction relating to the user and a third party accessing data relating to an originally issued identity document. Optionally, local verification may be performed on low value transactions to avoid repeated requests for data relating to the originally issued identity documents of the user being made.
- Within the embodiments of the invention described above an application and/or applications are described as being in operation upon the user's PED, retailer POS terminals, and mobile OEDs etc. Within other embodiments of the invention these may be replaced with the use of mobile web application(s) such that nothing is physically loaded upon the PED, retailer POS terminal, mobile OED, etc. except as necessary to execute the web based application and/or display the required information on the associated displays with these electronic devices and/or systems.
- Within a blockchain, or equivalent mechanism, other options include, for example, linking a user's health/medical card with their driver's license for future validations. Such linking being compliant to the appropriate privacy laws etc.
- Within embodiments of the invention the user's PED may provide to another electronic device and/or system a unique identifier, e.g. text, image, fractal, encrypted content, etc., which triggers and/or permits the downloading of an electronic representation of the PhysID and/or EleID. Optionally, the user's PED may download this electronic representation of the PhysID and/or EleID to the user's PED based upon a requester (hereinafter Requester), e.g. police officer, entering a code into the EleIDAp in execution upon or accessed as a web application. This electronic representation of the PhysID and/or EleID being concurrently downloaded to the Requester's electronic device, e.g. OED, allowing them to verify the identity of the user. Within embodiments of the invention the entry of the Requester's code may be based upon entry of a code generated at that point in time such as employed in the prior art in generating security key information for online security applications etc. This code may be triggered by an action of the Requester with respect to their own PED, a wearable device, etc. Optionally, a wearable device may be continually generating such codes and the association of the user's PED with the wearable device results in the capture of the code and its use. Such techniques, as well as others known in the art, would prevent theft of a code associated with a police officer, for example, by use by a third party.
- Optionally, a user may request a download of their PhyID and/or EleID from the
IA 510 wherein they are provided to their PED a unique image and a PIN number. The Requester is given the 6-digit PIN number by the mobile device holder, i.e. the user. The Requester, who is an accredited user of an application authorised to access theIA 510, provides this PIN number, within a specified time frame, on a request page and the user's EleID and/or PhysID representation is downloaded onto the Requester's FED and/or PED along with the unique image. Optionally, according to embodiments of the invention this data is retrieved from a blockchain. - Within the embodiments of the invention presented supra the EleID and PhysID have been described with respect to verification/authentication back to a TL1 issuing authority, e.g. Government department such as associated with passports, driving licenses, etc. However, in other embodiments of the invention binding of identities to a user may be performed at a lower trust level but are not, generally, associated with the issuance of a EleID/PhysID relating to a TL1 type issuing authority although this may not be excluded. Consider, for example a user seeking to access medical services, which are a common source of identity fraud. In this instance, the user may present their medical card which identifies them as having a certain level of medical healthcare insurance, e.g. BlueCross, Medicare, Medicaid etc. In doing so this medical card may be scanned, e.g. using a Ping360, and data/imagery captured from it. The user may be required at the same time, in order to provide additional identity verification, be required to provide their driver's license and/or passport which would also be scanned, again for example, using the Ping360, and then have their photograph taken. Accordingly, these additional documents can be verified based upon embodiments of the invention such as described above to their issuing authority or an intermediate verification authority. In the event that one or more of these credentials does not match the medical card then, in most instances, a fraud is being attempted and can be stopped prior to provisioning of medical services, prescription, etc. At the same time as the user's photograph is taken then even where all documents have been tampered with then their identity is captured.
- Specific details are given in the above description to provide a thorough understanding of the embodiments. However, it is understood that the embodiments may be practiced without these specific details. For example, circuits may be shown in block diagrams in order not to obscure the embodiments in unnecessary detail. In other instances, well-known circuits, processes, algorithms, structures, and techniques may be shown without unnecessary detail in order to avoid obscuring the embodiments.
- Implementation of the techniques, blocks, steps and means described above may be done in various ways. For example, these techniques, blocks, steps and means may be implemented in hardware, software, or a combination thereof. For a hardware implementation, the processing units may be implemented within one or more application specific integrated circuits (ASICs), digital signal processors (DSPs), digital signal processing devices (DSPDs), programmable logic devices (PLDs), field programmable gate arrays (FPGAs), processors, controllers, micro-controllers, microprocessors, other electronic units designed to perform the functions described above and/or a combination thereof.
- Also, it is noted that the embodiments may be described as a process which is depicted as a flowchart, a flow diagram, a data flow diagram, a structure diagram, or a block diagram. Although a flowchart may describe the operations as a sequential process, many of the operations can be performed in parallel or concurrently. In addition, the order of the operations may be rearranged. A process is terminated when its operations are completed, but could have additional steps not included in the figure. A process may correspond to a method, a function, a procedure, a subroutine, a subprogram, etc. When a process corresponds to a function, its termination corresponds to a return of the function to the calling function or the main function.
- Furthermore, embodiments may be implemented by hardware, software, scripting languages, firmware, middleware, microcode, hardware description languages and/or any combination thereof. When implemented in software, firmware, middleware, scripting language and/or microcode, the program code or code segments to perform the necessary tasks may be stored in a machine readable medium, such as a storage medium. A code segment or machine-executable instruction may represent a procedure, a function, a subprogram, a program, a routine, a subroutine, a module, a software package, a script, a class, or any combination of instructions, data structures and/or program statements. A code segment may be coupled to another code segment or a hardware circuit by passing and/or receiving information, data, arguments, parameters and/or memory contents. Information, arguments, parameters, data, etc. may be passed, forwarded, or transmitted via any suitable means including memory sharing, message passing, token passing, network transmission, etc.
- For a firmware and/or software implementation, the methodologies may be implemented with modules (e.g., procedures, functions, and so on) that perform the functions described herein. Any machine-readable medium tangibly embodying instructions may be used in implementing the methodologies described herein. For example, software codes may be stored in a memory. Memory may be implemented within the processor or external to the processor and may vary in implementation where the memory is employed in storing software codes for subsequent execution to that when the memory is employed in executing the software codes. As used herein the term “memory” refers to any type of long term, short term, volatile, nonvolatile, or other storage medium and is not to be limited to any particular type of memory or number of memories, or type of media upon which memory is stored.
- Moreover, as disclosed herein, the term “storage medium” may represent one or more devices for storing data, including read only memory (ROM), random access memory (RAM), magnetic RAM, core memory, magnetic disk storage mediums, optical storage mediums, flash memory devices and/or other machine readable mediums for storing information. The term “machine-readable medium” includes, but is not limited to portable or fixed storage devices, optical storage devices, wireless channels and/or various other mediums capable of storing, containing or carrying instruction(s) and/or data.
- The methodologies described herein are, in one or more embodiments, performable by a machine which includes one or more processors that accept code segments containing instructions. For any of the methods described herein, when the instructions are executed by the machine, the machine performs the method. Any machine capable of executing a set of instructions (sequential or otherwise) that specify actions to be taken by that machine are included. Thus, a typical machine may be exemplified by a typical processing system that includes one or more processors. Each processor may include one or more of a CPU, a graphics-processing unit, and a programmable DSP unit. The processing system further may include a memory subsystem including main RAM and/or a static RAM, and/or ROM. A bus subsystem may be included for communicating between the components. If the processing system requires a display, such a display may be included, e.g., a liquid crystal display (LCD). If manual data entry is required, the processing system also includes an input device such as one or more of an alphanumeric input unit such as a keyboard, a pointing control device such as a mouse, and so forth.
- The memory includes machine-readable code segments (e.g. software or software code) including instructions for performing, when executed by the processing system, one of more of the methods described herein. The software may reside entirely in the memory, or may also reside, completely or at least partially, within the RAM and/or within the processor during execution thereof by the computer system. Thus, the memory and the processor also constitute a system comprising machine-readable code.
- In alternative embodiments, the machine operates as a standalone device or may be connected, e.g., networked to other machines, in a networked deployment, the machine may operate in the capacity of a server or a client machine in server-client network environment, or as a peer machine in a peer-to-peer or distributed network environment. The machine may be, for example, a computer, a server, a cluster of servers, a cluster of computers, a web appliance, a distributed computing environment, a cloud computing environment, or any machine capable of executing a set of instructions (sequential or otherwise) that specify actions to be taken by that machine. The term “machine” may also be taken to include any collection of machines that individually or jointly execute a set (or multiple sets) of instructions to perform any one or more of the methodologies discussed herein.
- The foregoing disclosure of the exemplary embodiments of the present invention has been presented for purposes of illustration and description. It is not intended to be exhaustive or to limit the invention to the precise forms disclosed. Many variations and modifications of the embodiments described herein will be apparent to one of ordinary skill in the art in light of the above disclosure. The scope of the invention is to be defined only by the claims appended hereto, and by their equivalents.
- Further, in describing representative embodiments of the present invention, the specification may have presented the method and/or process of the present invention as a particular sequence of steps. However, to the extent that the method or process does not rely on the particular order of steps set forth herein, the method or process should not be limited to the particular sequence of steps described. As one of ordinary skill in the art would appreciate, other sequences of steps may be possible. Therefore, the particular order of the steps set forth in the specification should not be construed as limitations on the claims. In addition, the claims directed to the method and/or process of the present invention should not be limited to the performance of their steps in the order written, and one skilled in the art can readily appreciate that the sequences may be varied and still remain within the spirit and scope of the present invention.
Claims (20)
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
US16/218,385 US11139976B2 (en) | 2016-02-15 | 2018-12-12 | System and method, which using blockchain and mobile devices, provides the validated and authenticated identity of an individual to a valid and authenticated requestor |
Applications Claiming Priority (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
US15/044,055 US10171476B2 (en) | 2015-01-12 | 2016-02-15 | System and method for protecting the privacy of identity and financial information of the consumer conducting online business |
US16/218,385 US11139976B2 (en) | 2016-02-15 | 2018-12-12 | System and method, which using blockchain and mobile devices, provides the validated and authenticated identity of an individual to a valid and authenticated requestor |
Related Parent Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
US15/044,055 Continuation-In-Part US10171476B2 (en) | 2015-01-12 | 2016-02-15 | System and method for protecting the privacy of identity and financial information of the consumer conducting online business |
Publications (3)
Publication Number | Publication Date |
---|---|
US20200195436A1 US20200195436A1 (en) | 2020-06-18 |
US20210243023A9 true US20210243023A9 (en) | 2021-08-05 |
US11139976B2 US11139976B2 (en) | 2021-10-05 |
Family
ID=71071938
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
US16/218,385 Active 2036-07-24 US11139976B2 (en) | 2016-02-15 | 2018-12-12 | System and method, which using blockchain and mobile devices, provides the validated and authenticated identity of an individual to a valid and authenticated requestor |
Country Status (1)
Country | Link |
---|---|
US (1) | US11139976B2 (en) |
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20210365544A1 (en) * | 2019-03-21 | 2021-11-25 | BadgeCert Inc. | Systems and methods for leveraging internet identity for digital credentialing |
Families Citing this family (22)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US10896418B2 (en) | 2017-12-29 | 2021-01-19 | Ebay Inc. | Secure management of data files using a blockchain |
US11301452B2 (en) | 2018-10-09 | 2022-04-12 | Ebay, Inc. | Storing and verification of derivative work data on blockchain with original work data |
TWI725443B (en) * | 2019-06-03 | 2021-04-21 | 銓鴻資訊有限公司 | Method of registration and access control of identity for third-party certification |
US11425165B2 (en) * | 2019-06-04 | 2022-08-23 | Mcafee, Llc | Methods, systems, articles of manufacture and apparatus to reduce spoofing vulnerabilities |
US11687499B2 (en) * | 2019-07-25 | 2023-06-27 | Zobocoo Llc | Scalable cryptocosm platform |
US11405394B2 (en) * | 2019-10-30 | 2022-08-02 | Pulse Secure, Llc | Trust broker system for managing and sharing trust levels |
US11258779B2 (en) * | 2020-01-14 | 2022-02-22 | Cisco Technology, Inc. | Wireless LAN (WLAN) public identity federation trust architecture |
US11182786B2 (en) * | 2020-01-29 | 2021-11-23 | Capital One Services, Llc | System and method for processing secure transactions using account-transferable transaction cards |
US11177960B2 (en) * | 2020-04-21 | 2021-11-16 | Sharecare AI, Inc. | Systems and methods to verify identity of an authenticated user using a digital health passport |
DE102020119512A1 (en) | 2020-07-23 | 2022-01-27 | Renate Schrickel | Method for storing verified identity data of an end user, method for providing verified identity data to an acceptance point, computer program product |
CN111740846B (en) * | 2020-08-04 | 2020-11-24 | 飞天诚信科技股份有限公司 | Method and system for realizing smart card information reading of mobile terminal |
US11161409B1 (en) * | 2020-10-21 | 2021-11-02 | Ford Global Technologies, Llc | Systems and methods to securely limit drivability of a vehicle by impaired users |
CN112040012B (en) * | 2020-11-03 | 2021-01-29 | 南京牧海信息科技有限公司 | Oil tank truck oil theft prevention method and system based on block chain technology |
CN112395356A (en) * | 2020-11-13 | 2021-02-23 | 浙江数秦科技有限公司 | Distributed identity authentication and verification method, equipment and storage medium |
CN112839043B (en) * | 2021-01-12 | 2022-02-11 | 南京汇智互娱网络科技有限公司 | Block chain technology-based internet service place credit management system |
US20220271958A1 (en) * | 2021-02-09 | 2022-08-25 | Mylaminin | Network Platform for Secure Document Sharing and Verification |
US11973753B2 (en) * | 2021-06-16 | 2024-04-30 | Meta Platforms, Inc. | Systems and methods for client-side identity verification |
CN113704775B (en) * | 2021-07-14 | 2024-02-27 | 杭州溪塔科技有限公司 | Service processing method and related device based on distributed digital identity |
CN113761555B (en) * | 2021-07-20 | 2024-04-09 | 杭州师范大学 | Safe and reliable vehicle networking space crowdsourcing task matching method based on intelligent contracts |
US12032707B2 (en) | 2021-10-15 | 2024-07-09 | Bank Of America Corporation | Secure digital record with improved data update and sharing |
KR20230108953A (en) * | 2022-01-12 | 2023-07-19 | (주)가민정보시스템 | System and method for authentication service management based self-sovereign identity |
US20230259918A1 (en) * | 2022-02-15 | 2023-08-17 | Paypal, Inc. | Decentralized Identity on Blockchain for a Multi-sided Network |
Family Cites Families (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CA2981659A1 (en) * | 2015-04-03 | 2016-10-06 | United Services Automobile Association (Usaa) | Digital identification system |
-
2018
- 2018-12-12 US US16/218,385 patent/US11139976B2/en active Active
Cited By (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20210365544A1 (en) * | 2019-03-21 | 2021-11-25 | BadgeCert Inc. | Systems and methods for leveraging internet identity for digital credentialing |
US11604868B2 (en) * | 2019-03-21 | 2023-03-14 | BadgeCert Inc. | Systems and methods for leveraging internet identity for digital credentialing |
Also Published As
Publication number | Publication date |
---|---|
US20200195436A1 (en) | 2020-06-18 |
US11139976B2 (en) | 2021-10-05 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US11139976B2 (en) | System and method, which using blockchain and mobile devices, provides the validated and authenticated identity of an individual to a valid and authenticated requestor | |
US10171476B2 (en) | System and method for protecting the privacy of identity and financial information of the consumer conducting online business | |
US12126715B2 (en) | Methods and systems of providing verification of information using a centralized or distributed ledger | |
AU2022226929B2 (en) | Advanced non-fungible token blockchain architecture | |
US10887098B2 (en) | System for digital identity authentication and methods of use | |
US20150047003A1 (en) | Verification authority and method therefor | |
US11159333B2 (en) | Method, computer program product and apparatus for creating, registering, and verifying digitally sealed assets | |
US11443301B1 (en) | Sending secure proxy elements with mobile wallets | |
US10320807B2 (en) | Systems and methods relating to the authenticity and verification of photographic identity documents | |
CA2931469A1 (en) | Portable verifiable credentials and methods thereof | |
US20160210621A1 (en) | Verifiable credentials and methods thereof | |
WO2019099486A1 (en) | System for digital identity authentication and methods of use | |
US11171781B2 (en) | System and method which using blockchain protects the privacy of access code and the identity of an individual seeking online access | |
US11777744B2 (en) | Method, computer program product and apparatus for creating, registering, and verifying digitally sealed assets | |
US10867326B2 (en) | Reputation system and method | |
CA2886548A1 (en) | Methods and systems relating to real world and virtual world identities | |
CA2920718A1 (en) | Portable verifiable credentials and methods thereof | |
Querido | Blockchain Based Identity Management and Ticketing for MaaS | |
CA2888087A1 (en) | Methods and systems relating to real world document verification |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
FEPP | Fee payment procedure |
Free format text: ENTITY STATUS SET TO UNDISCOUNTED (ORIGINAL EVENT CODE: BIG.); ENTITY STATUS OF PATENT OWNER: SMALL ENTITY |
|
FEPP | Fee payment procedure |
Free format text: ENTITY STATUS SET TO SMALL (ORIGINAL EVENT CODE: SMAL); ENTITY STATUS OF PATENT OWNER: SMALL ENTITY |
|
STPP | Information on status: patent application and granting procedure in general |
Free format text: NON FINAL ACTION MAILED |
|
STPP | Information on status: patent application and granting procedure in general |
Free format text: NON FINAL ACTION MAILED |
|
STPP | Information on status: patent application and granting procedure in general |
Free format text: RESPONSE TO NON-FINAL OFFICE ACTION ENTERED AND FORWARDED TO EXAMINER |
|
FEPP | Fee payment procedure |
Free format text: PETITION RELATED TO MAINTENANCE FEES GRANTED (ORIGINAL EVENT CODE: PTGR); ENTITY STATUS OF PATENT OWNER: SMALL ENTITY |
|
STPP | Information on status: patent application and granting procedure in general |
Free format text: NOTICE OF ALLOWANCE MAILED -- APPLICATION RECEIVED IN OFFICE OF PUBLICATIONS |
|
STPP | Information on status: patent application and granting procedure in general |
Free format text: PUBLICATIONS -- ISSUE FEE PAYMENT VERIFIED |
|
STCF | Information on status: patent grant |
Free format text: PATENTED CASE |