WO2016193765A1 - Improvements in or relating to the verification of personal identity - Google Patents

Improvements in or relating to the verification of personal identity Download PDF

Info

Publication number
WO2016193765A1
WO2016193765A1 PCT/GB2016/052363 GB2016052363W WO2016193765A1 WO 2016193765 A1 WO2016193765 A1 WO 2016193765A1 GB 2016052363 W GB2016052363 W GB 2016052363W WO 2016193765 A1 WO2016193765 A1 WO 2016193765A1
Authority
WO
WIPO (PCT)
Prior art keywords
data
device
user
text
remote station
Prior art date
Application number
PCT/GB2016/052363
Other languages
French (fr)
Inventor
Stuart AYRES
Original Assignee
Ayres Stuart
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Priority to GB1509478.2A priority Critical patent/GB2539184A/en
Priority to GB1509478.2 priority
Application filed by Ayres Stuart filed Critical Ayres Stuart
Publication of WO2016193765A1 publication Critical patent/WO2016193765A1/en

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • G06F21/32User authentication using biometric data, e.g. fingerprints, iris scans or voiceprints
    • GPHYSICS
    • G06COMPUTING; CALCULATING; COUNTING
    • G06QDATA PROCESSING SYSTEMS OR METHODS, SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL, SUPERVISORY OR FORECASTING PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL, SUPERVISORY OR FORECASTING PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/40Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
    • G06Q20/401Transaction verification
    • G06Q20/4014Identity check for transaction
    • G06Q20/40145Biometric identity checks
    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07DHANDLING OF COINS OR VALUABLE PAPERS, e.g. TESTING, SORTING BY DENOMINATIONS, COUNTING, DISPENSING, CHANGING OR DEPOSITING
    • G07D7/00Testing specially adapted to determine the identity or genuineness of valuable papers or for segregating those which are unacceptable, e.g. banknotes that are alien to a currency
    • G07D7/003Testing specially adapted to determine the identity or genuineness of valuable papers or for segregating those which are unacceptable, e.g. banknotes that are alien to a currency using security elements
    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07DHANDLING OF COINS OR VALUABLE PAPERS, e.g. TESTING, SORTING BY DENOMINATIONS, COUNTING, DISPENSING, CHANGING OR DEPOSITING
    • G07D7/00Testing specially adapted to determine the identity or genuineness of valuable papers or for segregating those which are unacceptable, e.g. banknotes that are alien to a currency
    • G07D7/20Testing patterns thereon

Abstract

A device comprises means for entering unique identifying text from a personal ID document and an NFC reader that reads encrypted biometric data from the document. A decryption application decrypts the biometric data, utilising the unique identifying text. A camera captures an image of the face of a user. A date and time application records the date and time when a user uses the device to capture data. A data assembly application assembles together the unique identifying text, decrypted biometric data, captured image, and recorded date and time data. The device communicates with a remote station via a communication system. For a verification task, a user enters the unique identifying text; places the device adjacent the ID document such that the NFC reader reads the biometric data; activates the camera to capture an image of the face of the user; and activates the communication system to transmit to a remote station all of the assembled data.

Description

IMPROVEMENTS IN OR RELATING TO THE VERIFICATION OF

PERSONAL IDENTITY

The present invention relates to methods of and devices for use in verifying personal identity. The current state of the art in the field of regulating financial services relies upon a number of factors. One such factor is jurisdiction. For example, companies registered in Guernsey are required to abide by the regulations and rules administered by the Guernsey Financial Services Commission. Other regulatory bodies may have different rules and regulations. However, in all of the rules and regulations of all regulatory bodies, there is a fundamental requirement to verify the identity of an individual.

This typically requires sight of original documentation (usually a list of acceptable documents is available, but these typically need to include a photograph). If original documentation as proof of ID is supplied, a copy is taken and filed as evidence that regulatory requirements were fulfilled. However, the moment a customer departs with an original document, there is no persisting evidence that the original document was ever witnessed - other than a claim made by an organisation that it saw the original document— and that

organisation may find itself being investigated for not adhering to the rules. A photocopy of a document does not demonstrate that an employee of a regulated company actually viewed an original document. In many cases, the customer in question is not available "locally" and current processes are likely to require them to photocopy their passport before having it certified by a third party who is a member of a professional body. This creates further problems as CDD (Customer Due Diligence) then needs to be carried out on the certifier who met the individual and certified that the photocopy was a true

representation of the original document that they confirm they had sight of. The CDD on this third party certifier often amounts to no more than contacting the professional body to which they claim to belong in order to verify that they are in fact a member. It does not however prove that the person who certified the document was who they said they were. Furthermore, further research may be required to ensure that the certifier was appropriate e.g. that they are not closely related to the individual.

By way of one example only, it is possible to view information supplied by the Guernsey Financial Services Commission that includes CDD and verification guidelines at the following URT:

http: //www.gfsc.gg/Documents/AML Handbook%20-%20November 08.pdf.

Should this URL not be available at the time of reading this

specification, suffice it to say that the document is entitled "Handbook for Financial Services Businesses on Countering Financial Crime and Terrorist Financing" and runs to 217 pages. Similar publications are doubtless available from similar regulatory bodies.

Preferred embodiments of the present invention aim to overcome many of the issues with current CDD and KYC (Know Your Customer) processes (in terms of speed and complexity of satisfying regulatory requirements, and also with regards the "quality of the proof with which those regulatory requirements are satisfied) by uniquely combining several elements of technology for a specific purpose. Much of the technology that exists in many mobile phone devices can be adapted to this purpose. Preferred embodiments of the invention aim to provide a more verifiable proof that the original identification documents were used in a CDD process and to allow a potential customer on whom CDD is being conducted, potentially in a remote geographic location, to complete a large portion of the due diligence process using their own device, and to the same satisfactory standard in terms of ID proofing as if they were "there in person".

According to one aspect of the present invention, there is provided a device for use in verifying personal identity from a personal ID document that contains unique identifying text and encrypted biometric data, the device comprising: a. text entry means for entering said unique identifying text; b. an NFC reader that reads said biometric data; c. a decryption application that decrypts said biometric data, utilising said unique identifying text; d. a camera to capture an image of the face of a user; e. a date and time application that records the date and time when a user uses the device to capture data; and f. a communication system by which the device communicates with a remote station: wherein, in use, for a given verification task, a user: enters said unique identifying text; places the device adjacent the ID document such that the NFC reader reads said biometric data; activates said camera to capture an image of the face of the user; and activates said communication system to transmit to a remote station data captured by the device relating to said unique identifying text, said decrypted biometric data, said captured image, and recorded date and time. Preferably, said text entry means comprises: a. a scanner for scanning said unique identifying text; b. an OCR application that receives output data from the scanner and recognises text characters from that data; c. a display that displays the text characters recognised by the OCR application; and d. a text editing application that allows a user to edit text displayed on said display, to provide final text data corresponding to said unique identifying text: and, in use, for a given verification task: a user scans said identifying text; and checks and edits if necessary the text displayed on said display to provide said final text data; and said decryption application decrypts said biometric data utilising said final text data. A device as above preferably comprises dual cameras that capture images at opposite sides of the device simultaneously to show the face of a user and the personal ID document held by the user: and, in use, captured image data of both of the simultaneous images is transmitted to the remote station by said communications system. A device as above preferably further comprises a GPS system that records the global position of a user when using the device to capture data and, in use, the recorded GPS data is transmitted to the remote station by said communications system.

Preferably, all of the recited functions are integrated within the device. A device as above may comprise a smartphone adapted to provide all of the recited functions.

A device as above preferably further comprises an authorisation application that requires a user to enter an authorisation code provided by an operator, whereupon the device transmits the authorisation code via the communication system to a remote station and, provided that the remote station receives the transmitted authorisation code within a predetermined time from the authorisation code being provided by the operator, the authorisation application receives from a remote station via the communication system an unlock instruction that allows a validation task to proceed on the device.

A device as above preferably further comprises an erasure application that erases all data collected by the device for a given validation task, once all of the data for the task has been transmitted to the remote station by said communication system. Said encrypted biometric data may comprise data relating to at least one of fingerprint recognition data and iris recognition data.

Preferably, in use, a user may select one or more steps of a given verification task to be carried out; and the user activates said communication system to transmit to the remote station the data captured by said one or more steps.

Preferably, the device further comprises a data assembly application that assembles together data for a given verification task; and in use, a user activates said communication system to transmit to the remote station the data assembled by the data assembly application. In another aspect, the invention provides a method of verifying personal identity from a personal ID document that contains unique identifying text and biometric data, the method comprising the steps of: a. entering said unique identifying text into a device; b. reading said biometric data by means of an NFC reader; c. by means of a decryption application and utilising said unique identifying text, decrypting said biometric data; d. capturing by means of a camera an image to show the face of a user; e. recording by a date and time application current date and time data; and f. by means of a communication system, transmitting to a remote station data captured by the device relating to said unique identifying text, said decrypted biometric data, said captured image, and recorded date and time.

A method as above preferably further includes the steps of: scanning said identifying text by a user; by means of an OCR application that receives output data from the scanner, recognising text characters from that data; displaying on a display the text characters recognised by the OCR application; initiating a text editing application that allows a user to edit text displayed on said display, to provide final text data; and utilising said final text data to decrypt said biometric data by means of said decryption application. A method as above preferably further includes the steps of capturing by means of dual cameras simultaneous images to show the face of a user and the personal ID document held by the user; and transmitting captured image data of both of the simultaneous images to the remote station by said communications system.

A method as above preferably further includes the steps of recording a video of a user performing a predetermined action, details of which have been sent to the device, and uploading the video data to the remote station.

A method as above preferably further includes the steps of recording by a GPS system the current global position of a user; and transmitting the recorded GPS data to the remote station by said communications system.

A method as above preferably further includes the step of capturing by means of said camera or one of said cameras an image to show a utility bill or other document to show the address of the user within a predetermined recent date range.

A method as above preferably further includes the further steps, after transmitting the data to the remote station, of manually transcribing the address shown on the document to generate a physical letter containing a code that specifically relates to the device and the user; posting the letter physically to the user through a mail delivery system; after delivery of the letter, scanning the code in the letter; and transmitting data of the scanned code from the device to the remote station or other location for verification. A method as above preferably further includes the step of transmitting to the device a validation report to validate or otherwise the personal identity the subject of the data captured by the device and transmitted to the remote station.

Preferably, said validation report comprises the data captured by the device and transmitted to the remote station, together with further data that has been assembled subsequent to such transmission to the remote station.

Preferably, a method as above is carried out for regulatory purposes.

A method as above preferably further includes the step of transmitting, to an issuing authority of the personal ID document for verification, data derived from the personal ID document that has been transmitted to the remote station.

A method as above preferably further includes the steps of selecting one or more steps of a given verification task to be carried out; and activating said communication system to transmit to the remote station the data captured by said one or more steps.

A method as above preferably further includes the step of assembling together data captured for a given verification task; and transmitting the assembled data by said communication system to the remote station.

For a better understanding of the invention, and to show how embodiments of the same may be carried into effect, reference will now be made, by way of example, to the accompanying diagrammatic drawings, in which: Figure 1 is a block schematic diagram of a device for use in verifying personal identity from a personal ID document;

Figure 2 illustrates a page of a passport containing identifying text in a Machine Readable Zone (MRZ); Figure 3 illustrates MRZ data scanned from the page of Figure 2 and displayed in editable text format;

Figure 4 illustrates biometric information that has been read from an RFID chip on the passport, decrypted and displayed;

Figure 5 illustrates a user taking simultaneous dual photographs; Figure 6 illustrates a display whilst data is uploaded from the device;

Figures 7A to 7C show the content of a personal identity verification report sent to a user; and

Figure 8 illustrates a display that gives options to a user to carry out various verification steps. In the figures, like references denote like or corresponding parts.

It is to be understood that the various features that are described in the following and/ or illustrated in the drawings are preferred but not essential. Combinations of features described and/ or illustrated are not considered to be the only possible combinations. Unless stated to the contrary, individual features may be omitted, varied or combined in different combinations, where practical. Figure 1 shows a mobile device 1 that communicates with a remote station 2 over a wireless network 3. The device 1 may be a telephone or smartphone. First and second cameras 11 and 12 face in opposite directions— e.g. away from and towards a user. A scanner 13 is connected to receive images from the first camera 11.

An NFC (Near Field Communication) reader 14 is arranged to receive RF (radio frequency) data from a nearby source. A GPS (Global Positioning System) system detects the global position of the device 1. A communication system 16 allows the device 1 to communicate with the remote station 2 and other devices on the wireless network 3.

A processor 17 performs various data processing functions and includes an OCR (Optical Character Recognition) application 171 that receives image data received from the scanner 13. A decryption application 172 decrypts data received from the NFC reader 14. A date and time application 173 records current date and time. A data assembly application 174 assembles data received by the processor 17. A data erasure application 175 erases specified data collected by the device 1. A text editing application 176 allows a user to edit text displayed on a display 18, by means of a keyboard 19. Although shown separately, the keyboard 19 may be incorporated in the display 18, especially if the display 18 comprises a touch screen.

If the device 1 comprises an adapted mobile phone or smartphone, it will typically have various other features that are known to the users of such phones and need not be described in any detail here. However, it is to be appreciated that it is not essential to adapt such phones to provide embodiments of the invention. The device 1 may be a custom-made device for the purpose of embodying an example of the invention. Although it is convenient for all local functions of an embodiment of the invention to be integrated within the device 1, various discrete devices may be interconnected to provide a device similar to the device 1.

The device 1 may be used as follows, to circumvent much of the laborious processes currently followed in order to achieve KYC/ CDD which in many respects do not adequately satisfy the regulatory requirements.

A company ("Company") may register as a client with an operator, for the purposes of using the device 1 for personal identity verification. Employees of the Company may be nominated to have individual logins which are additionally IP (Internet Protocol) address restricted for added security. If a potential new Customer wishes to open an account with the Company, there is a requirement for due diligence. In discussion with the Customer, an employee of the Company logs in to his or her account and enters the Customer's email address along with any additional instructions (and potentially specifying a project code that is internal to Company), and simply clicks a button that generates a 16-digit activation code and emails it to the Customer with a standard list of instructions (or sends it to the Customer in any other practical way— e.g. an SMS text message). Any other suitable number of digits could be used in the activation code. The Customer downloads onto the device 1 an app (application) from any source, which may be an open source such as (at the present time) GooglePlay— or it may be made available at a unique, temporary URT. The app will not work until the 16-digit code is entered, and this must be done within a set amount of time from the code having been generated. Once the 16-digit code has been correctly entered into the device 1, the device is registered against the Company's account with the operator. Thus, the app effectively unlocks the device 1 for use in verifying personal ID from regulated and acceptable ID documents. In the present example, the ID document is an ePassport 5, as shown diagrammatically in Figure 2, i.e. a passport that contains biometric information on an RFID chip 52 as well as textual information in a Machine Readable Zone (MRZ) 51.

Firstly, having unlocked the device 1 as above, a user scans the text of the passport 5 in the MRZ 51, using the first camera 11, which feeds image data to the scanner 13. The scanned image data is passed to the OCR application 171, which recognises the text characters in the MRZ 51 and displays the corresponding data on the display 18, as shown in Figure 3.

The text data interpreted from the OCR and displayed on display 18 can be manually edited if inaccurate, using the keyboard 19, to ensure that it corresponds to the original text as printed in the MRZ 51. This final text is then used to decrypt the biometric data held in the digital chip 52 in the ID

document, which is read by enabling the NFC reader 14 and placing the device 1 sufficiently close to the RFID chip 52. The data read by the NFC reader 14 is passed to the decryption application 172 that decrypts the biometric data, utilising the final text derived from the MRZ text. The method of decrypting such biometric data from a passport, using data from MRZ text, is known per se, and therefore does not need further explanation here.

Figure 4 shows the display 18 on which data derived from both the MRZ 51 text and the RFID chip 52 are displayed to the user. This includes an image 181 of the user, corresponding to the user image 58 as printed on the passport 5 or secured to it.

If the data from the RFID chip 52 cannot be read or decrypted, an error message such as 182 may be displayed, to alert the user to a possible cause and allow the user to repeat the operation. In this example, the error message "Wrong BAC data" refers to Basic Access Control (BAC) encryption, which is used to encrypt the data on the RFID chip 52. The error message is suggesting that the OCR scanned details are incorrect because the process of decryption using the MRZ text data provided do not appear to be working. Once the biometric information has been read from the RFID chip 52, the user holds the ID document 5 with one hand and the device 1 with the other hand, roughly equidistant between the ID document and the user, as illustrated in Figure 5. Both first and second cameras 11 and 12 are then actuated simultaneously, to take both front and back facing photographs as evidence that the ID document was in the possession of the user at that time, and to provide a "live" image for comparison to the digital image read from the chip 52 on the ID document.

The user then photographs one or more proofs of residence (such as utility bills) within a recent date range— either using just a single one of the cameras 11, 12 or both simultaneously, as in Figure 5.

For all of the data captured or generated in the foregoing actions, the date and time application 173 provides associated date and time data. Some of the captured or generated data may be required to be recorded at the same date and time— as in the simultaneous photos described above— or at least within a predetermined time range on the same date. All of the captured or generated data may be required to be recorded within a predetermined time range on the same date. Likewise, all of the captured or generated data may be required to be recorded at the same global location as determined by the GPS system 15, or within a predetermined location range. All of the captured or generated data is assembled by the data assembly application 174. That is, for a given verification task, the unique identifying text from the MRZ 51, the decrypted biometric data from the chip 52, the captured simultaneous images from the photographs taken by the two cameras 11 and 12, further captured images of proof of residence as taken by the camera 11 and/ or 12, recorded GPS and date and time data as to the time of data capture and/ or generation.

When all of the data is complete at the device 1, it is uploaded from the data assembly application 174 to the remote station 2, via the communication system of the device 1 and the wireless network 3. This is illustrated in Figure 6. Upon the device 1 receiving confirmation of a successful upload, the erasure application 175 is activated to erase from the device 1 all data collected by the device for the given validation task.

Processing of the data is effected away from the device 1— at the remote station 2 and/ or another location. The erasure application 175 ensures that no sensitive information is retained by the device 1, for security reasons. Processing involves, but is not limited to, two main areas: processing and comparison of uploaded data and its compilation into a report; and scanning other sources of data using the personal details read from the RF ID chip 52. A valuable feature of this is that, when scanning the "other sources of data", the system removes entirely the need for manual data entry to identify the individual concerned and therefore removes the possibility of human error.

In processing the data assembled by the device 1, a comparison is made between the images collected from the device, the results of which are compiled into a report, as illustrated in Figures 7A to 7C, along with the results of electronically matching the name and date of birth details with a number of other databases including, but not restricted to, the UK/UN/EU and US Financial Sanctions and Investment Ban lists, PEP lists, disqualified directors, restricted individuals and various other Customer Due Diligence data sources. As indicated above, a valuable aspect of scanning against other data sources, using the above described system, is that the details being checked have been read digitally and are therefore a faithful copy of details determined and verified by a passport issuing authority, and they are being scanned against lists that are often produced by government departments. Thus, there is no possibility of human error in transcription. The possibility of failing to properly check, and the risk of failing compliance on this basis, is entirely removed from the Company.

The report is sent to the registered employee that arranged the activation code for the Customer— e.g. by email, SMS text or a secure communications link. The employee is required to accept or reject the report by logging back in to their account and indicating accordingly. If rejecting the report, reasons have to be given. For example, the Customer's simultaneous forward and back photograph may be blurred or may not adequately match the digital image. A reject will automatically email the Customer at the same address to which the 16-digit code was sent, informing them that the process needs to be repeated, and detailing why the previous attempt had failed. If the Employee indicates that the process has been successful the device 1 is immediately deactivated for further personal identity verification, such that it cannot be used to complete the same process without a further 16-digit activation code being generated and entered.

In the processing of data uploaded from the device, an operator (or other party processing the data) may be able to verify the captured ID details via a direct, secure link to the ID issuing authority. For example, in the case of a passport, an operator may transmit the captured ID details via a direct, secure link to the respective government passport office, where the details are confirmed or otherwise, preferably in real time.

It may be appreciated that the examples of the invention as illustrated and described above provide devices and methods to confirm or verify a person's identity by accurately relaying relevant information from original biometric identification documents and various other data (including images) and including but not restricted to GPS location, to a company that will scan various other databases and construct a report for a third party for the purposes of satisfying various regulatory requirements related to customer due diligence (CDD) and know your customer (KYC), and to seek to satisfy other regulations e.g. anti-money laundering (AML) and Financial Terrorism (FT).

CDD covers a wide range of circumstances within regulatory guidance and is often an extensive process that requires researching in order to identify the names of people who benefit from or are involved in some way with complex arrangements of businesses and trusts. However, at its most fundamental base, it revolves around correctly identifying, and verifying the identity of, people.

Whilst examples of the invention have been illustrated and described, other options are possible. Instead of the dual simultaneous photograph feature, illustrated in

Figure 5, a user may take two successive photographs, to show the user's face and the ID document, within a short, predetermined time frame. Thus, the device may utilise two cameras as illustrated, or only one. Instead of the scanner 13 and OCR application 171, a user may enter the MRZ text manually, using the display 18 and keyboard 19.

In another option, a camera of the device may alternatively or additionally be used to record a video of the user quoting a predetermined text or performing another predetermined action, details of which have been sent to the device to inform the user, and uploading the video data to the remote location for processing with the other data. This may provide enhanced security against the possibility of the device being used to capture an image of an image of a person, rather than a direct image of the user. In a further option, where image data of a document establishing proof of residence (such as utility bills) within a recent date range has been uploaded to an operator (or other party processing the data), the address shown on the document may be manually transcribed by the operator and used to generate a physical letter containing a QR (or other) code that specifically relates to a) the device, b) the user and c) the Company client of the operator: the letter is then posted physically to the user through an accredited mail delivery system. When the letter has been received at the address that has been transcribed, the user's device is then used to scan the QR code in order to 'physically' prove the address to which the QR code was sent, and to link that physical location to the user. The action of scanning the QR code may be similarly date-stamped, time- stamped and GPS located as in the examples described above. Only the device that was used to collate and upload the original data can be used to scan the QR code, and that device will only be able to scan the QR code relating to the current ID verification task. An alternative to using a QR code is to provide an explicit URL. A further option is for a user to provide a password when initially entering data. This password can then be required to enter the webpage specified by the QR code or URL, to provide an extra layer of security.

An alternative to manual transcription is to employ an address look-up service where the user selects their address from a pre-populated list (e.g. based on a postcode that the user enters). Thus, the operator does not need to manually enter the address. Another option for an operator is to perform OCR on an image of a utility bill (or other evidence) in order to recognise an address and then compare it to an address entered or selected by a user to indicate a percentage match. That is, the address entered or selected by a user is used to assist in identifying the address on the utility bill etc, as processed by OCR.

In the examples illustrated and described above, the data assembly application 174 assembles all of the data required for the ID verification task, for transmission via the communications application 16 to the remote station 2. This is generally an efficient way to effect the ID verification task. However, it may be desired to carry out only a single step of the overall ID verification task— for instance, in the example given above, where the QR code scan is uploaded as a subsequent step. Also, it may be that a given step has to be repeated— for example, if initially updated data is unsatisfactory, as may happen if a captured image is blurred or a data item does not pass a subsequent check. To this end, the user may be presented with options on the display 18, as illustrated in Figure 8, where the display is a touch-screen display.

On touching button 191, the device is enabled to scan and capture data from an ID document— for example, a passport document, as described above. On touching button 192, the device is enabled to scan and capture data from a residence document— for example, a recent utility bill, as described above.

On touching button 193, the device is enabled to scan and capture data by way of proof of a user (or presenter of data)— for example, using one or more camera, as described above.

On touching button 194, the device is enabled to scan, for example, a QR code as received on a physical letter, as described above, by way of proof of residence. On touching button 195, the device is enabled to scan an iris of a user and capture the respective data. (Iris recognition is a known process.)

On touching button 196, the device is enabled to scan a fingerprint of a user and capture the respective data. (Fingerprint recognition is a known process.) On touching button 197, the device uploads to the remote station data from one or more of the steps carried out in response to buttons 191 to 196. The button 197 is inactive until at least one of the steps corresponding to buttons 191 to 196 has been performed.

Not all of the steps available in response to buttons 191 to 196 may be required for a given ID verification task.

Different ID documents contain different information. Even passports between countries, and within countries, can vary in the information they hold. For example epas sports contain "space" for fingerprint data but the UK does not currently populate this space in an epassport. If in the future they do it will be uploaded for processing. The same holds true for iris data, which is being increasingly used for identification. As the level of biometric data increases, examples of the invention may be adapted accordingly. Whilst not currently mainstream, many mobile devices are able to, for example, scan a fingerprint and/ or an iris. Thus a user's fingerprint and/ or iris can be scanned and compared with digital information held on an ID document, for verification before the process is permitted to continue.

Not all passports, and not all countries, adopt the type of biometric ePassport that is used in the above examples, which refer to "passport" for simplicity of explanation. However, examples of the invention can be equally applied to national identity cards that are ICAO9303 compliant (for example those in Netherlands, Bra2il and Albania) and may also be adapted to enable the use of selected national ID cards that contain biometric information even where that ID Card may not be ICAO9303 compliant but where it is still considered adequate for a relevant verification purpose. Examples of the invention may in the main utilise interfaces that are in accordance with ISO/IEC 14443, but the invention is not restricted to the use of such interfaces.

Where a personal ID document that contains unique identifying text contains text in a non-Latin language, a translation routine may be applied to translate the text into an English alphabet. This could possibly result in several English variations of the name, all of which may be checked against various sanctions lists.

Whilst the examples of the invention as illustrated and described above provide for circumstances where an individual is required to prove their identity to a particular level of satisfaction, examples of the invention can be extended to, for example, companies that at least want to ensure that personal details of remote applicants are transcribed accurately, or for example pre-flight remote check-in for airlines.

As regards reports generated in respect of individuals, report

information may be arranged for the respective employee of the Company, in their online account, such that they are easily able to group and review the results for all of the individuals associated with a particular project, with management information detailing progress of a project as a whole. Failure to verify the identity of all individuals can lead to compliance failure for the entire project and it is therefore possible for an employee to add individuals' details to their account even if they are not having their identity verified, in order to manage the progress of the entire project.

A method of verifying personal identity as disclosed herein may be a self-contained method or form part of a more extensive method or application. For example, it may be provided as part of an online gaming application.

In this specification, the verb "comprise" has its normal dictionary meaning, to denote non-exclusive inclusion. That is, use of the word "comprise" (or any of its derivatives) to include one feature or more, does not exclude the possibility of also including further features. The word "preferable" (or any of its derivates) indicates one feature or more that is preferred but not essential.

All or any of the features disclosed in this specification (including any accompanying claims, abstract and drawings), and/ or all or any of the steps of any method or process so disclosed, may be combined in any combination, except combinations where at least some of such features and/ or steps are mutually exclusive. Each feature disclosed in this specification (including any accompanying claims, abstract and drawings), may be replaced by alternative features serving the same, equivalent or similar purpose, unless expressly stated otherwise. Thus, unless expressly stated otherwise, each feature disclosed is one example only of a generic series of equivalent or similar features.

The invention is not restricted to the details of the foregoing

embodiment(s). The invention extends to any novel one, or any novel combination, of the features disclosed in this specification (including any accompanying claims, abstract and drawings), or to any novel one, or any novel combination, of the steps of any method or process so disclosed.

Claims

A device for use in verifying personal identity from a personal ID document that contains unique identifying text and encrypted biometric data, the device comprising:
a. text entry means for entering said unique identifying text; b. an NFC reader that reads said biometric data; c. a decryption application that decrypts said biometric data, utilising said unique identifying text; d. a camera to capture an image of the face of a user; e. a date and time application that records the date and time when a user uses the device to capture data; and f. a communication system by which the device communicates with a remote station: wherein, in use, for a given verification task, a user: enters said unique identifying text; places the device adjacent the ID document such that the NFC reader reads said biometric data; activates said camera to capture an image of the face of the user; and activates said communication system to transmit to a remote station data captured by the device relating to said unique identifying text, said decrypted biometric data, said captured image, and recorded date and time.
2. A device according to claim 1, wherein said text entry means comprises: a. a scanner for scanning said unique identifying text; b. an OCR application that receives output data from the scanner and recognises text characters from that data; c. a display that displays the text characters recognised by the OCR application; and d. a text editing application that allows a user to edit text displayed on said display, to provide final text data corresponding to said unique identifying text: and wherein, in use, for a given verification task: a user scans said identifying text; and checks and edits if necessary the text displayed on said display to provide said final text data; and said decryption application decrypts said biometric data utilising said final text data.
3. A device according to claim 1 or 2, comprising dual cameras that capture images at opposite sides of the device simultaneously to show the face of a user and the personal ID document held by the user: and wherein, in use, captured image data of both of the simultaneous images is transmitted to the remote station by said communications system.
4. A device according to claim 1, 2 or 3, further comprising a GPS system that records the global position of a user when using the device to capture data and, in use, the recorded GPS data is transmitted to the remote station by said communications system.
5. A device according to any of the preceding claims, wherein all of the recited functions are integrated within the device.
6. A device according to claim 5, being a smartphone adapted to provide all of the recited functions.
7. A device according to any of the preceding claims, further comprising an authorisation application that requires a user to enter an authorisation code provided by an operator, whereupon the device transmits the authorisation code via the communication system to a remote station and, provided that the remote station receives the transmitted authorisation code within a predetermined time from the authorisation code being provided by the operator, the authorisation application receives from a remote station via the communication system an unlock instruction that allows a validation task to proceed on the device.
8. A device according to any of the preceding claims, further comprising an erasure application that erases all data collected by the device for a given validation task, once all of the data for the task has been transmitted to the remote station by said communication system.
9. A device according to any of the preceding claims, wherein said encrypted biometric data comprises data relating to at least one of fingerprint recognition data and iris recognition data.
10. A device according to any of the preceding claims wherein, in use, a user may select one or more steps of a given verification task to be carried out; and the user activates said communication system to transmit to the remote station the data captured by said one or more steps.
11. A device according to any of the preceding claims, wherein the device further comprises a data assembly application that assembles together data for a given verification task; and in use, a user activates said communication system to transmit to the remote station the data assembled by the data assembly application.
12. A method of verifying personal identity from a personal ID document that contains unique identifying text and biometric data, the method comprising the steps of: a. entering said unique identifying text into a device; b. reading said biometric data by means of an NFC reader; c. by means of a decryption application and utilising said unique identifying text, decrypting said biometric data; d. capturing by means of a camera an image to show the face of a user; e. recording by a date and time application current date and time data; and f. by means of a communication system, transmitting to a remote station data captured by the device relating to said unique identifying text, said decrypted biometric data, said captured image, and recorded date and time.
13. A method according to claim 12, including the steps of: scanning said identifying text by a user; by means of an OCR application that receives output data from the scanner, recognising text characters from that data; displaying on a display the text characters recognised by the OCR application; initiating a text editing application that allows a user to edit text displayed on said display, to provide final text data; and utilising said final text data to decrypt said biometric data by means of said decryption application.
14. A method according to claim 12 or 13, including the steps of capturing by means of dual cameras simultaneous images to show the face of a user and the personal ID document held by the user; and transmitting captured image data of both of the simultaneous images to the remote station by said communications system.
15. A method according to claim 12, 13 or 14, including the steps of recording a video of a user performing a predetermined action, details of which have been sent to the device, and uploading the video data to the remote station.
16. A method according to any of claims 12 to 15, including the steps of recording by a GPS system the current global position of a user; and transmitting the recorded GPS data to the remote station by said communications system.
17. A method according to any of claims 12 to 16, including the further step of capturing by means of said camera or one of said cameras an image to show a utility bill or other document to show the address of the user within a
predetermined recent date range.
18. A method according to claim 17, including the further steps, after transmitting the data to the remote station, of manually transcribing the address shown on the document to generate a physical letter containing a code that specifically relates to the device and the user; posting the letter physically to the user through a mail delivery system; after delivery of the letter, scanning the code in the letter; and transmitting data of the scanned code from the device to the remote station or other location for verification.
19. A method according to any of claims 12 to 18, including the further step of transmitting to the device a validation report to validate or otherwise the personal identity the subject of the data captured by the device and transmitted to the remote station.
20. A method according to claim 19, wherein said validation report comprises the data captured by the device and transmitted to the remote station, together with further data that has been assembled subsequent to such transmission to the remote station.
21. A method according to any of claims 12 to 20, carried out for regulatory purposes.
22. A method according to any of claims 12 to 21, including the step of transmitting, to an issuing authority of the personal ID document for verification, data derived from the personal ID document that has been transmitted to the remote station.
23. A method according to any of claims 12 to 22, comprising the steps of selecting one or more steps of a given verification task to be carried out; and activating said communication system to transmit to the remote station the data captured by said one or more steps.
24. A method according to any of claims 12 to 23, comprising the step of assembling together data captured for a given verification task; and transmitting the assembled data by said communication system to the remote station.
25. A device for use in verifying personal identity from a personal ID document, the device being substantially as hereinbefore described with reference to the accompanying drawings.
26. A method of verifying personal identity from a personal ID document, the method being substantially as hereinbefore described with reference to the accompanying drawings.
PCT/GB2016/052363 2015-06-02 2016-07-29 Improvements in or relating to the verification of personal identity WO2016193765A1 (en)

Priority Applications (2)

Application Number Priority Date Filing Date Title
GB1509478.2A GB2539184A (en) 2015-06-02 2015-06-02 Improvements in or relating to the verification of personal identity
GB1509478.2 2015-06-02

Publications (1)

Publication Number Publication Date
WO2016193765A1 true WO2016193765A1 (en) 2016-12-08

Family

ID=53677597

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/GB2016/052363 WO2016193765A1 (en) 2015-06-02 2016-07-29 Improvements in or relating to the verification of personal identity

Country Status (2)

Country Link
GB (1) GB2539184A (en)
WO (1) WO2016193765A1 (en)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2018129594A1 (en) * 2017-01-13 2018-07-19 Max ID Pty Ltd Verification system
TWI642011B (en) * 2017-07-21 2018-11-21 英屬開曼群島商若堤股份有限公司 User identity and age verification method

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20130305059A1 (en) * 2012-04-10 2013-11-14 Sita Information Networking Computing Ireland Limited Airport Security Check System and Method Therefor
EP2704077A1 (en) * 2012-08-31 2014-03-05 Nxp B.V. Authentication system and authentication method

Family Cites Families (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
GB2497553B (en) * 2011-12-13 2018-05-16 Irisguard Inc Improvements relating to iris cameras
HK1160574A2 (en) * 2012-04-13 2012-07-13 King Hei Francis Kwong Secure electronic payment system and process

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20130305059A1 (en) * 2012-04-10 2013-11-14 Sita Information Networking Computing Ireland Limited Airport Security Check System and Method Therefor
EP2704077A1 (en) * 2012-08-31 2014-03-05 Nxp B.V. Authentication system and authentication method

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2018129594A1 (en) * 2017-01-13 2018-07-19 Max ID Pty Ltd Verification system
TWI642011B (en) * 2017-07-21 2018-11-21 英屬開曼群島商若堤股份有限公司 User identity and age verification method

Also Published As

Publication number Publication date
GB2539184A (en) 2016-12-14
GB201509478D0 (en) 2015-07-15

Similar Documents

Publication Publication Date Title
US10333705B2 (en) Methods and apparatus for providing attestation of information using a centralized or distributed ledger
TWI246663B (en) Method and system for detecting and eliminating fraud
US9307028B2 (en) Device for archiving handwritten information
US20060016107A1 (en) Photo ID cards and methods of production
US9269010B2 (en) Mobile phone payment system using integrated camera credit card reader
KR100971451B1 (en) Image recognition
US20100219234A1 (en) Mobile ticket authentication
US9785793B2 (en) Systems and methods for sharing verified identity documents
US20170140174A1 (en) Systems and Methods for Obtaining Authorization to Release Personal Information Associated with a User
US20130339256A1 (en) System and method for providing virtual arbitration
JP2013504101A (en) Geographic location verification method for mobile voting
US9525656B2 (en) Offender message delivery system
AU2016269559B2 (en) Airport security check system and method therefor
US20140279516A1 (en) Authenticating a physical device
WO2007018233A1 (en) Account opening method
US9424569B1 (en) System and method for mobile check deposit
US10484386B2 (en) System, method, computer program and data signal for the provision of a profile of identification
JP2004005551A (en) Method and apparatus for correcting digital data of paper base
WO2014133571A1 (en) Presentation of image of source of tax data through tax preparation application
EP1847974A1 (en) Information processing device, read terminal, non-public information read system, non-public information read method, information processing program, and non-public information read program
US8479007B2 (en) Document creation and authentication system
CA2947177A1 (en) System and method for secure voting
US8595075B2 (en) Biotransaction systems and methods
US20110276486A1 (en) System and method for securing payment
US8253972B2 (en) Image processing system, image processing apparatus, authorized person information management apparatus, image processing method, and computer readable medium

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 16757712

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase in:

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 16757712

Country of ref document: EP

Kind code of ref document: A1