• 专利附录
  • 专利说明
  • 权利要求
  • 类似技术
  • 同族专利
  • 引用文献
  • 法律状态
  • 优先权
    • 专利摘要:
    this document provides systems and methods for verifying user identities. an example method includes generating a unique identifier (id) for a user, generating a public / private key pair associated with the user's unique id and receiving at least two images. the images include a first image associated with a physical document indicating a user's identity and a second image comprising an image of at least part of the user. the exemplary method also includes validating the integrity of the first image, converting at least the first image into unidirectional hashed data, when the integrity of the first image is valid and transmitting the hashed data signed with the private key, unique id and public key for an identification provider, so a digital identity record for the user is stored in an accounting data structure.
    公开号:BR112019019704A2
    申请号:R112019019704
    申请日:2018-02-27
    公开日:2020-04-14
    发明作者:Kamal Ashfaq
    申请人:Mastercard International Inc;
    IPC主号:
    专利说明:

    SYSTEMS AND METHODS THAT PROVIDE DIGITAL IDENTITY RECORDS TO VERIFY USER IDENTITIES
    CROSS REFERENCE TO THE CORRELATE APPLICATION [001] This application claims the benefit and priority of US Patent Application 15 / 476,526, filed on March 31, 2017. The full description of the above application is incorporated into this document as a reference.
    FIELD [002] The present disclosure refers, in general, to systems and methods for use in providing digital identity records to verify user identities and, in particular, to systems and methods for use in compiling digital identity records , based on documents indicating the identities of associated users and providing verification of users' identities, based on digital identity records, in response to requests for such verification.
    BACKGROUND [003] This section provides background information related to the present disclosure that is not necessarily the prior art.
    [004] People are known to open accounts and buy products, actions for which identity verification is often necessary. For example, when a person opens a bank account at a bank, the bank usually requires that person to present identification, usually in the form of a driver's license or other government-issued document, before allowing the person to open the account. Such an identification process can inhibit a person from opening a fraudulent account, when the person requesting it is not really the person he claims to be and / or using an unauthorized account to purchase products. More broadly, the identification process helps the banking institution to comply with the rules and regulations applicable to the accounts it issues.
    Petition 870190094494, of 9/20/2019, p. 10/48
    2/26 (for example, related to and against money laundering, corruption, etc.). This identification process is often called knowing your customer or KYC process.
    DRAWINGS [005] The drawings described in this document are intended only for illustrative purposes of the selected modalities and not all possible implementations and are not intended to limit the scope of the present disclosure.
    [006] Figure 1 is a block diagram of an exemplary system of the present disclosure, suitable for use in providing verification of a user's digital identity.
    [007] Figure 2 is a block diagram of a computing device that can be used in the example system in Figure 1;
    [008] Figures 3A-3C include a flowchart of an exemplary method, which can be implemented in connection with the system in figure 1, to compile a digital identity record for a user, based on documents indicating the user's identity, and store the digital identity record in an accounting data structure; and [009] Figure 4 is a flowchart of an example method, which can be implemented in connection with the system in Figure 1, to provide a user's digital identity verification based, at least in part, on an identity record. digital.
    [010] Corresponding reference numbers indicate corresponding parts throughout the various views of the drawings.
    DETAILED DESCRIPTION [011] Exemplary modalities will now be described more fully, with reference to the attached drawings. The description and specific examples included in this document are for the purpose of illustration
    Petition 870190094494, of 9/20/2019, p. 11/48
    3/26 only and are not intended to limit the scope of this disclosure.
    [012] Many people request accounts, such as bank accounts, inventory accounts, credit accounts, etc., in which people need to provide proof of identity in relation to these applications. When the institutions with which people seek accounts are local to people and / or are convenient to reach, the presentation of documents that provide proof of identity is generally not an issue. However, when institutions are located away from people, or people are limited in their ability to travel, or where electronic communications are more convenient, presenting documents in person can be different, problematic and / or impractical. Exclusively, the systems and methods provided in this document provide digital identity verification for users, where such verification generally includes confirmation of physical documents associated with users to distinguish users from other users. In particular, a user's communication device includes a software development kit (SDK), which operates to assign the user a unique identifier (ID) and also to assign a unique public-private key pair to the unique ID. The SDK, through the communication device, causes an image of a physical document and an image of the user to be captured, which are then validated. Once validated, the SDK converts the images into hashed data (that is, hash of the images) and then, after user authentication on the communication device, provides the hashed data, public key and unique user identification to a identification provider (IDP). The IDP stores them in an accounting data structure, such as a digital identity record and further certifies the record using a private key. And, the IDP provides indicator (s) for the data record structure, for registration and certification (which is encrypted by the user's public key).
    Petition 870190094494, of 9/20/2019, p. 12/48
    4/26 [013] So, in the systems and methods of this document, when the user wants to open an account at an institution (widely, with a requester), the user provides the institution with the indicators for the data record structure, through of the communication devices, which are then used by the institution, to request verification from the user through the PDI. The IDP responds with a verification, as appropriate, thus allowing the institution, in turn, to verify the user's identity without having to view the physical documents associated with the user. In this way, the user is able to more efficiently provide proof of identity to the institution, while the institution and it is more efficient to verify the user when the user is not physically present at the institution.
    [014] Figure 1 illustrates an exemplary system 100, in which one or more aspects of the present disclosure can be implemented. Although system 100 is presented in one arrangement, other arrangements may include parts of system 100 (or other parts) arranged in another way depending, for example, on a particular type of user validation requester, privacy requirements, a number of participants in validation processes, reliable data for validation, etc.
    [015] System 100 generally includes an identification provider (IDP) 102. a communication device 104 including a request 106 and an SDK 108, a data aggregator 110 and a requester 112, each coupled to (and in communication with ) one or more networks. Networks, usually indicated by lines with arrows in figure 1, can include one or more of, without limitation, a local area network (LAN), a wide area network (WAN) (for example, the Internet, etc.) , a mobile network, a virtual network and / or another suitable public and / or private network capable of supporting communication between two or more of the parts illustrated in figure 1, or any combination thereof.
    Petition 870190094494, of 9/20/2019, p. 13/48
    5/26 [016] IDP 102 is configured to interact with SDK 108 included in communication device 104. IDP 102 can be a service and / or independent entity. In addition, or alternately, IDP 102 may be incorporated, in whole or in part, with another entity, such as a payment network or a banking institution, etc. As shown, IDP 102 includes a computing device 200, which is shown in detail in Figure 2 (and described in more detail below), and several application programming interfaces or APIs 114. Although not required, the modality shown in figure 1 depends on APIs 114 to allow data communication, for example, through and / or between parts of system 100 (with each of the data aggregators 110 and requester 112 also illustrated as including APIs 114 to facilitate such communication) . In another embodiment, however, IDP 102 and other parts of system 100 can communicate in another way. In the illustrated system 100, each of the APIs included in IDP 102 is included or associated with computing device 200.
    [017] In addition, IDP 102 is associated with an accounting data structure 116. which is configured to be in communication with IDP 102 (and / or a requestor 112, etc.), directly or over the network. The accounting data structure 116 is configured to store digital identity records and corresponding certification records (together or separately). In this exemplary embodiment, the accounting data structure 116 includes a block chain data structure, where the accounting data structure includes a growing list of ordered records (where each record includes a time stamp and a reference or link to a previous record). That said, it must be understood that other data structures, equivalent or not, can be used in other modalities.
    [018] Communication device 104 is associated with a user 118, who has an identity. In general, user identity 118 indicates and / or includes
    Petition 870190094494, of 9/20/2019, p. 14/48
    6/26 (without limitation) a user name 118, a user address 118, a social security number or other government identification number for user 118 etc. The identity of user 118 can be evidenced by various physical documents, such as, for example, a passport 120 as included in figure 1, a national identity card issued by a government, a driver's license issued by a state, regional or federal (or other government-issued ID) or other document that usually includes a user image 118 or other identification, etc. Still other physical documents may include a social security card for user 118, a health insurance card, bank statements / documents, a credit or debit card, an employee ID, a library card, a utility bill etc., all of which can be used alone or in combination, as described in this document. For example, passport 120 can be presented by user 118, alone or together with a public service account, to applicant 112, to confirm the identity of user 118, when desired by applicant 112.
    [019] Within communication device 104, in this example embodiment, request 106 can include any application downloaded, installed and / or active on communication device 104. In general, request 106 refers to financial accounts, in such a way that request 106 is associated with security and / or verification of the user's identity. For example, application 106 can be associated with a banking institution (where the banking institution is also the applicant 112), or another banking institution. Alternatively, request 106 may not be related to one or more financial accounts, that is, a general purpose request, in which request 106 may incorporate other functions not related to financial accounts or provide an independent identity request (which may be invoked by requester 112 (for example,
    Petition 870190094494, of 9/20/2019, p. 15/48
    7/26 banking institutions, insurance agencies, or others, etc.)). SDK 108 is then incorporated, in whole or in part, with request 106, in such a way that SDK 108 cooperates with request 106 to cause one or more interfaces to be displayed to user 118, on communication device 104. In connection with it, SDK 108 configures the communication device 104 to communicate with IDP 102, through one or more of the APIs 114 included in this document. With that said, when communication device 104 is described as configured to perform various operations in this document, it should be appreciated that it can be done generally through coordination between request 106 and / or SDK 108 (even if request 106 and / or SDK 108 are not specifically referred to in this document), ie independent of another.
    [020] In this exemplary embodiment, data aggregator 110 of system 100 configured to aggregate known statements and / or data related to users, including user 118. Data aggregator 110 is coupled to multiple reliable sources 122, which provide and / or are associated, for example, with social data (for example, through one or more social networks, etc.), financial data (for example, through one or more banks, etc.) and data from the network of telephone operators (MNO) (for example, through a telecommunications company, etc.), etc. In particular, however, data aggregator 110 generally relies on one or more machine learning algorithms to determine what data about user 118 (and available from trusted sources 122) to collect. The data provided by trusted sources 122, for user 118, can provide different people for user 118, including, for example, a social person, a financial person, an MNO person, etc. Based on the content received from trusted sources 122 and / or one or more algorithms / scoring rules and / or risk assessment that depend on such
    Petition 870190094494, of 9/20/2019, p. 16/48
    8/26 content, data aggregator 110 is configured to generate a confidence indicator for user identity 118, such as, for example, a score indicating whether the user's identity should be verified or not (for example, indicative if the user 118 is who he / she claims to be, etc.). Data aggregator 110 may further be configured to implement one or more privacy preservation data retrieval functions, specifically, in a privacy application 124 of the same (for example, a privacy API, etc.) for one or more reliable sources 122, as needed, required or desired. Specifically, for example, privacy application 124 can be configured to employ a set of standard data query mechanisms, whereby user-specific data 118 is anonymized and generally cannot be traced back to the real user 118. Although privacy request 124 is only included in data aggregator 110, it should be understood that this (or similar requests) can be included elsewhere in system 100, as needed, required or desired.
    [021] In addition, with regard to privacy, system 100 also includes a personal data channel 126, and a dedicated request / SDK 128 included in communication device 104. The dedicated request / SDK 128 can be integrated with the request 106 (that is, a dedicated SDK) or independent of request 106 (that is, a request). The request / SDK 128 configures the communication device 104 to communicate with the personal data conduit 126, which in turn includes an API 114 in order to pass, through permission and / or consent of the user 118, personally identifiable data from communication device 104 to data aggregator 110. Data aggregator 110, as described above, then collects data related to user 118, based on personally identifiable data (for example, from trusted sources 122 etc.) . Again, while API 114 in the pipeline of personal data
    Petition 870190094494, of 9/20/2019, p. 17/48
    9/26
    126 is invoked in this modality for communication between the personal data pipeline 126 and the request / SDK 128 and / or between the personal data pipeline 126 and the aggregator 110. the personal data pipeline 126 can communicate in another way in other modalities . In addition, the personal data pipeline 126, in this example, as shown in Figure 1, is separate and distinct from IDP 102 and aggregator 110. That said, it should be appreciated that, in one or more other modalities, the data pipeline personnel 126 can be included in IDP 102 or data aggregator 110, and request / SDK 128 can be included in request 106 and / or SDK 108, as appropriate or desired [022] AND, requester 112 of system 100 can include, for example, an entity offering one or more services (for example, digital services, etc.), such as, for example, bank accounts, insurance services, mortgage services, etc. Applicant 112, in general, needs, or is at least encouraged, to verify the identity of user 118 when user 118 attempts to subscribe to one or more of the digital services offered by applicant 112. Applicant 112, as shown in figure 1 , includes API 114, in which a request for such verification from user 118 can be provided via API 114 to IDP 102. Again, while API 114 is included in this modality for such communication between requester 112 and IDP 102, applicant 112 can communicate with IDP 102, otherwise, in other modalities.
    [023] With continued reference to figure 1, before an interaction between user 118 and requester 112 for one or more desired services, or as part of it, user 118 includes (for example, through transfer, etc.) and / or install request 106 on communication device 104. In response, communication device 104 is configured to perform certain operations, as provided by request 106 and / or SDK 108 associated with it. Specifically, request 106 and / or SDK 108 includes executable instructions
    Petition 870190094494, of 9/20/2019, p. 18/48
    10/26 per computer, which cause the communication device 104 to assign a unique ID to user 118 and generate a public key and private key pair for user 118, which is linked to the unique ID. The unique ID and the public / private key pair are stored in memory (for example, memory 204, etc., as described below), in communication device 104. Communication device 104, as configured by request 106 and / or SDK 108, then prompts user 118 to capture an image of a physical document indicative of user identification 118 (for example, passport 120, identity card, etc.) and also to capture an image of the user 118 (for example, a selfie, etc.) and potentially capture additional images of other physical documents, etc.
    [024] Once captured, the communication device 104, again as configured by request 106 and / or SDK 108, stores the images and validates and / or verifies the quality of the images. If the images cannot be validated (or sufficiently validated) on the communication device 104, the communication device 104 can be configured to communicate with the data aggregator 110, via data conduit 126, to validate and / or confirm the document physical (s) included in the image (s) and / or the identity of user 118. In particular, data conduit 126 is configured to interact with request / SD 128 to request consent from user 118 (for example, via of a message like Local Verification Not Completed. Do you agree with verification on a Data Aggregator 110 ; etc.). If user 118 consents, data conduit 126 is configured to interact with request / SDK 128 to retrieve person identification data from communication device 104 (for user 118) and to provide information to the data aggregator 110, through API 114, for use in generating a confidence indicator for user identity 118. The confidence indicator is
    Petition 870190094494, of 9/20/2019, p. 19/48
    11/26 returned to the communication device 104 and / or to the IDP 102 (through the communication device 104, or directly), after which the validation of the images and / or the verification of the identity of the user 118 can be confirmed or not.
    [025] Once the images and / or the quality checked have been validated, the communication device 104, as configured by request 106 and / or SDK 108, converts the images into data based on a unidirectional cryptographic hash function (for example, a cryptographic hash function SHA, etc.) (that is, image data is hashed). The communication device 104 is configured, by request 106 and / or SDK 108, to then authenticate the user 118 (for example, through a biometry, etc.), to then sign the hashed data with the private key stored in memory, and to transmit the unique user ID 118, the signed hashed data and the public key to IDP 102, via API 114.
    [026] In response, IDP 102 is configured to record a digital identity record in the accounting data structure 116, which includes the unique user ID 118, the signed hashed data and the public key of user 118. IDP 102 can still store the images of the physical documents and / or of the user 118, and also the name, address, citizenship, etc., for the user 118 (as received or derived from the images). In addition, IDP 102 is configured to certify the digital identity record under a separate record written by IDP 102 for accounting data structure 116 (ie, an IDP certification record). In doing so, each of the records is linked to the unique user ID 118 and is associated with an indicator or other identifier of the location of the records in the accounting data structure 116. Specifically, for example, the indicator is associated with a location in the structure 116, which contains a sealed record including the digital identity record (for example, the user's public key
    Petition 870190094494, of 9/20/2019, p. 20/48
    12/26
    118, the hashed version of the physical documents and / or image of the user 118, etc.), biometric data for the user 118 and an indicator for the certification record. It should be appreciated that the location, to which the indicator points, may include the user's public key, a hashed version of the public key, or otherwise.
    [027] IDP 102 is then configured to display the unique ID and / or indicator (s), and to transmit it (s) to the communication device 104. The communication device 104, in turn, is configured to store the ID and / or unique indicators in memory.
    [028] Subsequently, or as part of the above, requester 112 is configured to seek verification of the identity of user 118. Specifically, the requester is configured to request that user 118, through communication device 104, verify his identity. In response, communication device 104, as configured by request 106 and / or SDK 108, authenticates user 118 to communication device 104 and then, after authentication, responds with unique user ID 118 and the indicator (s) for the accounting data structure 11.6 for the digital identity record (and the IDP certification record) (and shows the unique ID and indicator before transmitting to the requester 112). Requester 112 is configured to decrypt and validate the digital identity record and IDP certification record included in accounting data structure 116, through IDP 102, before making the decision to accept the identity of user 118 and enroll user 118 in the desired services, or not.
    [029] Although only an IDP 102, a data aggregator 110, an accounting data structure 116, a user 118, three trusted sources 122 and a data pipeline 126 are illustrated in Figure 1, it should be appreciated that any number of these entities (and its associated components) may be included in system 100, or may be included as part of systems in other embodiments, consistent with the present disclosure. Likewise, it must be appreciated that the
    Petition 870190094494, of 9/20/2019, p. 21/48
    13/26 system 100 and other modalities of the system will generally include multiple users, multiple communication devices and multiple requestors, each generally consistent with the above description.
    [030] Figure 2 illustrates an exemplary computing device 200 that can be used in system 100 of figure 1. The computing device 200 can include, for example, one or more servers, workstations, personal computers, laptops, tablets , smartphones, PDAs, etc. In addition, computing device 200 may include a single computing device, or it may include multiple computing devices located close to or distributed within a geographic region, provided that computing devices are specifically configured to function as described herein. In the exemplary embodiment of figure 1, each of the IDP 102 and the data aggregator 110 are illustrated as including, or being implemented in, the computing device 200, coupled (and in communication with) one or more networks. In addition, communication device 104 associated with user 118 can also be considered a computing device consistent with computing device 200 for purposes of describing the present document. In addition, although not illustrated, requester 112 and trusted sources 122 are each generally implemented in a computing device, which may be consistent with computing device 200. However, system 100 should not be considered to be limited to computing device 200, as described below, as different computing devices and / or computing device arrangements can be used. In addition, different components and / or component arrangements can be used in other computing devices.
    [031] With reference to figure 2, the exemplary computing device 200 includes a processor 202 and a memory 204 coupled to (and in communication
    Petition 870190094494, of 9/20/2019, p. 22/48
    14/26 with) processor 202. Processor 202 may include one or more processing units (for example, in a multi-conductor configuration, etc.). For example, processor 202 may include, without limitation, a central processing unit (CPU), a microcontroller, a reduced instruction set computer processor (RISC), a specific request integrated circuit (ASIC), a logic device (PLD), a bridge, and / or any other circuit or processor capable of the functions described in this document.
    [032] Memory 204, as described in this document, constitutes one or more devices that allow data, instructions, etc., to be stored and retrieved from it. Memory 204 may include one or more computer-readable storage media, such as, without limitation, dynamic random access memory (DRAM), static random access memory (SRAM), read-only memory (ROM), programmable read memory erasable (EPROM), solid state devices, flash drives. CD-ROMs, flash drives, floppy disks, tapes, hard drives and / or any other type of physical or tangible media, which can be read by computer, volatile or non-volatile. Memory 204 can be configured to store, without limitation, images, private and / or public keys, public / private key pairs, identity records, certified and / or certification records, hashed data, signed data and / or other types data (and / or data structures) suitable for use as described in this document. In addition, in various embodiments, computer executable instructions may be stored in memory 204 for execution by processor 202 to cause processor 202 to perform one or more of the functions described in this document, such that memory 204 is physical, tangible, and non-transitory, computer-readable storage media. Such instructions often improve the efficiency and / or performance of the
    Petition 870190094494, of 9/20/2019, p. 23/48
    15/26 processor 202 and / or other computer system components configured to perform one or more of the various operations described in this document. It should be appreciated that memory 204 may include a variety of different memories, each implemented in one or more of the functions or processes described in this document.
    [033] In the exemplary embodiment, computing device 200 also includes a display unit 206 which is coupled (and in communication) with processor 202 (however, it should be appreciated that computing device 200 could include output devices other than display unit 206, etc.). The display unit 206 produces information (for example, verification of the user's identity, etc.), visually, for example, for a user associated with the requester 112, etc. And, multiple interfaces (for example, as defined by application 106 and / or SDK 108, as defined by websites, etc.) (for example, including instructions for capturing document images, capturing selfies, capturing biometric data, etc.) be displayed on the computing device 200, and in particular on the display unit 206, to display certain information. The display unit 206 may include, without limitation, a liquid crystal display (LCD), a light emitting diode (LED), an organic LED display (OLED), an electronic ink display, speakers, etc. In some embodiments, the display unit 206 includes several devices.
    [034] In addition, computing device 200 includes an input device 208 that receives input from a user (i.e., user input), such as, for example, document images, user images 118 (and / or data biometrics), etc., in response to requests from request 106 and / or SDK 108, as described below. Input device 208 may include a single input device or multiple input devices. Input device 208 is coupled with (and in communication with) processor 202 and may include, for example,
    Petition 870190094494, of 9/20/2019, p. 24/48
    16/26 example, one or more of a keyboard, a scoring device, a mouse, a stylus, a camera, fingerprint digitizer, a touch screen (for example, a touch pad or a touch screen, etc. .), another computing device and / or an audio input device. In several exemplary embodiments, a touch screen, such as that included in a tablet, smartphone, or similar device, behaves like a presentation unit and an input device.
    [035] In addition, the illustrated computing device 200 also includes a network interface 210 coupled to (and in communication with) processor 202 and memory 204. Network interface 210 may include, without limitation, a network adapter wired, a wireless network adapter (for example, a near field communication adapter (NFC), a Bluetooth adapter, etc.), a mobile network adapter, or other device capable of communicating with one or more networks other than networks mentioned in this document. In addition, in some exemplary embodiments, computing device 200 includes processor 202 and one or more built-in network interfaces or with processor 202. In various embodiments, computing device 200 includes a global positioning system (GPS) capability ) whereby computing device 200 can determine its current geographic location, run mapping applications, etc.
    [036] Figures 3A-3C illustrate an exemplary method 300 for use in compiling and storing a digital identity record. Example method 300 is described as implemented in IDP 102, SDK 108 and accounting data structure 116 of system 100, in conjunction with data aggregator 110. Reference is also made to computing device 200. However, methods described in this document should not be understood as limited to system 100 or computing device 200, as
    Petition 870190094494, of 9/20/2019, p. 25/48
    17/26 methods can be implemented in other computing systems and / or devices. Likewise, the computing systems and devices in this document should not be understood as limited to the exemplary method 300.
    [037] In example method 300, applicant 112 is described with reference to a banking institution, which offers new accounts to users through a website associated with the banking institution. That said, other applicants may offer other services and still be subject to method 300 and / or other methods consistent with the description provided in this document.
    [038] Before opening a new account with requester 112, user 118 searches for a digital identity, provided by IDP 102, in order to simplify and / or avoid certain identity verification interactions with requester 112. In doing so, the user 118 downloads request 106, at 302, and proceeds to install and record request 106, at 304, on communication device 104. In response, request 106 requests SDK 108 (through communication device 104) to assign an ID unique to user 118, in 306, after which, in 308, SDK 108 issues the unique ID to user 118.
    [039] After that, SDK 108 generates, in 310, a public / private key pair, which is linked to the unique ID. The public / private key pair can be generated based on any technique, including, for example, the RSA technique, the DSA technique or the ECDSA technique, where the specific technique and the length of the key pair can be selected by the versed. in technique, based on the desired or required entropy, secrecy and / or exclusivity. In at least one embodiment, SDK 108 generates the public / private key pair before assigning the unique ID, and assigns the public key to be the unique ID for user 118 and / or derives from each other.
    [040] Regarding the public / private key pair, the private key
    Petition 870190094494, of 9/20/2019, p. 26/48
    18/26 is then stored, by SDK 108, in 312, in memory (for example, memory 204, etc.) in communication device 104.
    [041] Separately, in this modality, request 106 induces, in 314, user 118 to capture an image of his passport 120 or other physical document indicating the identity of user 118 (for example, a national identity card, etc.) . In response, user 118 directs camera input device 208 (or other input device 208) from communication device 104 to the physical document and captures the image. In addition, request 106 induces, in 316, user 118 to capture an image of his face (for example, a selfie, etc.). In response, again, user 118 directs camera input device 208 (or other input device 208) from communication device 104 to his face and captures the image. Request 106 (or SDK 108) then encrypts the two images and stores, at 318, the encrypted images locally on communication device 104, in memory 204, for example. Request 106 also passes, in 320, the two images, that is, one of the physical documents and the other of the user 118, to SDK 108.
    [042] In turn, in method 300, SDK 108 validates the integrity of the two images, in 322. In particular, SDK 108 determines the integrity of the images based, for example, on the standard ICAO 9303 or one or more other suitable standards. SDK 108 also performs quality checks on the images to ensure that the integrity and / or validation of the images can be performed based on one or more suitable standards known to those skilled in the art. In addition, SDK 108 performs the validation between the images (for example, the first image against the second image, or vice versa, etc.). Specifically, SDK 108 creates a model based on the image of user 118 included in the document image and then compares, based on techniques known to those skilled in the art, the selfie image captured by the communication device 104 with the
    Petition 870190094494, of 9/20/2019, p. 27/48
    19/26 model. In addition, for example, SDK 108 can employ optical character recognition, or OCR, in images to find characters (for example, words, names, addresses, phone numbers, heights, weights, eye color, identification numbers, etc.) on one or both images for use in validating the images (for example, based on the information contained therein, etc.). Based on the determined integrity, quality and / or biometric validation, SDK 108 is capable or not of validating the integrity of the images.
    [043] In this exemplary modality, if the validation in 322 fails, SDK 108 informs the request / SDK 128 of the failed validation, after which the personal data conduit 126 optionally interacts with the data aggregator 110, through the request / SDK 128, in 324, to further validate the identity of user 118. In particular, the request / SDK 128 is invoked by the failed validation, after which the validation / SDK 128 prompts user 1 8, on the communication 104 that provides permission and / or consent to seek validation through aggregator 110 (for example, providing personally identifiable data, etc.). Upon consent, the request / SDK 128 gathers the personally identifiable data (as needed or desired) from the communication device 104 and provides it, via the personal data channel 126, to the data aggregator 110. In turn, the data aggregator 110 interacts with trusted sources 112, based on personally identifiable data and / or one or more machine learning algorithms, to collect data related to user identity 118. Subsequently, based on one or more rules , data aggregator 110 determines and resumes a confidence indicator (eg a score, etc.) for user 118 back to communication device 104 and / or IDP 102, whereby the process can be continued when the confidence indicator meets one or more limits (and / or manual reviews).
    [044] Then, once the integrity of the images is validated (or the
    Petition 870190094494, of 9/20/2019, p. 28/48
    20/26 user identity 118 is otherwise validated), SDK 108 converts images into hashed data in 326. SDK 108 can use, for example, a SHA hash function (for example, SHA 256, etc.) to convert the images into unidirectional hashed data. SDK 108 then asks, at 328, user 118, through request 106, to authenticate, for example, using a biometric and / or personal identification number (PIN), etc. Request 106 depends on a biometrics or PIN registered on communication device 104 and / or request 106 when installing and / or registering (for example, a biometric unlock for communication device 104, etc.). In response, user 118 provides the requested biometric or PIN, which, when combining the registered biometric or PIN, provides user 118 authentication. Once user 118 is authenticated, request 106 signs, in 330, the hashed data with the private key, stored in memory (for example, memory 204, etc.) in communication device 104, and provides, in 332, the signed hashed data for SDK 108.
    [045] Next, SDK 108 provides, in 334, the signed hashed data, the unique unique ID for user 118 and the public key for user 118 for IDP 102. Upon receipt, IDP 102 stores the data signed hashed (as part of a digital identity record for user 118) in the accounting data structure 116, in 336. In this way, the image data, as encrypted, is also stored in the accounting data structure. Since data structure 116, in this embodiment, includes a block chain data structure, the signed hashed data is stored in data structure 116 in association with an indicator, identifying the location of the digital identity record. The indicator can be, for example, the user's public key 118, or it can be, in other examples, dependent on the user's public key (for example, determined or derived from it, etc.), or not. Other data structures may include an indicator (for example, derived from the public key or ID
    Petition 870190094494, of 9/20/2019, p. 29/48
    21/26 exclusive, or not; etc.) or other identification of the location of the signed hashed data. In addition, IDP 102 also certifies, in 338, the registration of digital identity under a different entry in the accounting data structure 116, using the private key, which is also associated with the indicator, in this modality. It should be appreciated that in one or more other modalities, another entity may be involved in certification of the record in the accounting data structure 116, where that entity may be associated with a public / private key pair for use in certification of the record.
    [046] IDP 102 then associates, in 340, both records, in the accounting data structure 116, with user 118 and, specifically, with the unique ID assigned to user 118. The unique ID and indicator (s) are then provided, by IDP 102, in 342, back to request 106. In several modalities, the indicator associated with IDP 102 certification can be included in the digital identity record, in such a way that only the indicator associated with the digital identity record needs to be provided back to request 106. The unique ID and / or indicator (s) can be encrypted, using the user's public key, or not, when transmitted. The indicators are then stored in the memory 204 of the communication device 104, for use in verifying the identity of the user 118 in connection with the requester 112.
    [047] Figure 4 illustrates an exemplary method 400 for use in providing digital identity verification, in connection with a user requiring a digital service from an applicant (for example, a new account, etc.). Exemplary method 400 is described as implemented in IDP 102, SDK 108 and accounting data structure 116 of system 100, together with requester 112. Reference is also made to computing device 200. However, the methods described in present document should not be understood as limited to system 100 or computing device 200, as the methods
    Petition 870190094494, of 9/20/2019, p. 30/48
    22/26 can be implemented in other computing systems and / or devices. Likewise, the computing systems and devices in this document are not to be understood as limited to the exemplary method 400.
    [048] In connection with user 118 requesting a digital service from requester 112, or before that, IDP 102 assigns a unique requester ID to requester 112, at 402. And, requester 112 provides a request to user 118 to verify your identity, at 404. When requester 112 is associated with request 106, the request can be provided through request 106. Alternatively, when requester is not associated with request 106, requester 112 can provide the request to IDP 102, which , in turn, provides the request to user 118 in request 106.
    [049] In response, user 118 is requested (not shown), by the communication device (and in particular, request 106 and / or SDK 108) to authenticate. The authentication can be similar to the biometric authentication or PIN referenced in 328 in method 300 of figure 3. Once authenticated, the user 118, then, through the communication device 104 and, in particular, the request 106, provides, in 406, a response to requester 112. The response includes the user's unique ID and the indicator (s) received from IDP 102, in method 300. The response may also include a name, address, etc. associated with user 118, or not. The answer, in this example, is still encrypted (using the user's public key on communication device 104). In 408, requester 112 decrypts the response and retrieves the digital identity record from the accounting data structure 116, based on the indicator and the unique ID. Then, applicant 112 validates, in 410, the registration data received in connection with user 118 requesting the digital service based on the content of the digital identity record. Applicant 112 retrieves the certification record, based on a second indicator (of the response or included in the digital identity record) and verifies, in
    Petition 870190094494, of 9/20/2019, p. 31/48
    23/26
    412, the signature on the certification record based on the public key of IDP 102 or otherwise, another entity that certified the record in the accounting data structure.
    [050] Based on the above, in 414, applicant 112 may decide to accept the digital identity of user 118 and proceed with the registration of user 118 in the digital service or other suitable service. Or, alternatively, in 414, requester 112 may seek additional ways and / or other ways to identify the user 118.
    [051] In view of the above, the systems and methods in this document provide digital identity verification. As part of it, a user can participate in the creation of a digital identity record, which is based on one or more physical documents associated with the user. The digital identity record is maintained in a manner that provides privacy and / or security (for example, protection against fraudulent use, etc.), etc.
    [052] Again and as previously described, it should be appreciated that the functions described in this document, in some embodiments, can be described in computer executable instructions stored in a computer-readable medium, and executable by one or more processors. Computer-readable media is a non-transitory, computer-readable storage medium. As an example, and not as a limitation, such computer-readable media may include RAM, ROM, EEPROM, CD-ROM or other optical disk storage, magnetic disk storage or other magnetic storage devices, or any other medium that can be used to transport or store the desired program code in the form of instructions or data structures that can be accessed by a computer. Combinations of the above items should also be included in the scope of computer-readable media.
    Petition 870190094494, of 9/20/2019, p. 32/48
    24/26 [053] It should also be appreciated that one or more aspects of the present disclosure transform a general purpose computing device into a special purpose computing device, when configured to perform the functions, methods and / or processes described herein document.
    [054] As will be appreciated based on the previous specification, the above described modalities of the disclosure can be implemented using computer engineering or programming techniques including computer software, firmware, hardware or any combination or subset thereof, in which the technical effect it can be achieved by performing at least one of the following operations: (a) generating, by a computing device, a unique ID for a user; (b) generation, by the computing device, of a public / private key pair associated with the user's unique ID; (c) receiving, at the computing device, at least two images, a first image associated with a document indicating a user identification and the second image including a user image; (d) validating the integrity of the first image; (e) conversion, by the computing device, of at least the first image to unidirectional hashed data, when the integrity of the first image is validated; and (f) transmission of the hashed data signed with the private key, the unique ID and the public key to an identification provider, through which a user validation record can be stored in an accounting data structure.
    [055] Exemplary modalities are provided so that this disclosure is exhaustive and fully transmits the scope to those skilled in the art. Several specific details are presented, such as examples of specific components, devices and methods, to provide a complete understanding of the modalities of the present disclosure. It will be evident to those skilled in the art that specific details need not be employed, that
    Petition 870190094494, of 9/20/2019, p. 33/48
    25/26 examples of modalities can be incorporated in many different ways and none should be construed as limiting the scope of the disclosure. In some examples of embodiments, well-known processes, well-known device structures and well-known technologies are not described in detail.
    [056] The terminology used in this document is intended for the purpose of describing particular exemplary modalities and is not intended to be limiting. As used in this document, singular forms one, one and o, a may be intended to include plural forms as well, unless the context clearly indicates otherwise. The terms comprise, comprising, including and having are inclusive and therefore specify the presence of declared aspects, integers, steps, operations, elements and / or components, but do not exclude the presence or addition of one or more other aspects, integers, steps, operations, elements, components and / or groups thereof. The steps, processes and operations of the method described in this document should not be interpreted as necessarily requiring its performance in the particular order discussed or illustrated, unless they are specifically identified as a performance order. It should be understood that additional or alternative steps can be employed.
    [057] When an aspect is referred to as activated, engaged in, connected to, coupled with, associated with, included in or in communication with another aspect, it can be directly activated, engaged, connected, coupled, associated, included, or in communication or the other aspect, or intervening aspects may be present. As used herein, the term and / or includes any and all combinations of one or more of the associated listed items.
    [058] Although the terms first, second, third, etc. can be used
    Petition 870190094494, of 9/20/2019, p. 34/48
    26/26 in this document to describe various aspects, these aspects should not be limited by those terms. These terms can be used only to distinguish one aspect from the other. Terms such as first, second and other numeric terms, when used in this document, do not imply a sequence or order, unless clearly indicated by the context. Thus, a first feature discussed in this document can be called a second feature without departing from the teachings of the exemplary modalities. None of the elements cited in the claims is intended to be an element that means more function within the meaning of 35 USC § 112 (f), unless an element is expressly cited using the expression means, or in the case of a method claim using the phrases operation to or step to.
    [059] The previous description of exemplary modalities has been provided for purposes of illustration and description. It is not intended to be exhaustive or to limit disclosure. Individual elements or characteristics of a particular modality are generally not limited to that particular modality, but, when applicable, are interchangeable and can be used in a selected modality, even if they are not specifically shown or described. They can also be varied in several ways. Such variations should not be considered a departure from the disclosure, and all such changes should be included within the scope of the disclosure.
    权利要求:
    Claims (18)
    [1]
    1. Method implemented by computer for use in verifying a user's identity, the method CHARACTERIZED by the fact that it comprises:
    generation, by a computing device, of a unique identifier (ID) for a user;
    generation, by the computing device, of a public / phvada key pair associated with the unique ID;
    receiving, on the computing device, at least two images, a first image associated with a physical document indicating a user's identity and a second image including an image of the user;
    validating the integrity of the first image; conversion, by the computing device, of at least the first image into unidirectional hashed data when the integrity of the first image is validated; and transmission of the hashed data signed with the private key, the unique ID and the public key to an identification provider, in which a digital identity record for the user is stored in an accounting data structure.
    [2]
    2. Method implemented by computer according to claim 1, CHARACTERIZED by the fact that the physical document indicating the user's identification includes at least one of a passport issued by the government, a driver's license and a national identification card.
    [3]
    3. Method implemented by computer according to claim 2, CHARACTERIZED by the fact that it also comprises the request, in the computing device, to the user to capture, through an input device of the computing device, the first image of the physical document indicative of the user's identity and the user's second image.
    [4]
    4. Computer implemented method according to claim 1,
    Petition 870190094494, of 9/20/2019, p. 36/48
    2/6
    CHARACTERIZED by the fact that it also includes the validation of one of the first and second images against the other of the first and second images.
    [5]
    5. Method implemented by computer according to claim 1, CHARACTERIZED by the fact that it also includes the interaction with a data aggregator, by the computing device, when the integrity of the first image is not validated: and reception of a confidence indicator , of the data aggregator, based on a social person and / or a financial person of the user, thus allowing a decision to validate the user's identity based, additionally, on the confidence indicator.
    [6]
    6. Method implemented by computer according to claim 1, CHARACTERIZED by the fact that it also comprises:
    capture, by the computing device, of the first image and the second image; and signing, by the computing device, of the data hashed with the private key, after the user is authenticated, on the computing device.
    [7]
    7. Method implemented by computer according to claim 1, CHARACTERIZED by the fact that it also comprises:
    encryption of the first image;
    transmission, by the computing device, of the first encrypted image to the identification provider;
    writing, by the identification provider, of the signed hashed data for the accounting data structure; and correlation, by the identification provider, of the signed hashed data with the user's unique ID, whereby signed hashed data can be retrieved based on the unique ID.
    [8]
    8. Computer implemented method according to claim 7,
    Petition 870190094494, of 9/20/2019, p. 37/48
    3/6
    CHARACTERIZED by the fact that writing the signed hashed data in the accounting data structure includes writing signed hashed data to a location in the accounting data structure, the location associated with an indicator; and transmitting the indicator to the computing device.
    [9]
    9. Computer implemented method according to claim 1, CHARACTERIZED by the fact that it also includes:
    receiving at least one indicator for the accounting data structure, the at least one indicator associated with a digital identity record location; and transmission, by the computing device, of at least one indicator and the unique ID for a requester, in response to a request to verify the user's identity.
    [10]
    10. Method implemented by computer according to claim 9, CHARACTERIZED by the fact that the at least one indicator includes an indicator for the location of the digit identity record in the accounting data structure and an indicator for a location of a certification of the digital identity registration by an identification provider.
    [11]
    11. System to verify user identities, the system CHARACTERIZED by the fact that it comprises:
    an identification provider;
    an accounting data structure coupled with the identification provider; and at least one communication device in communication with the identification provider and configured, by request and / or a software development kit (SDK), to:
    generation of a unique identifier (ID) for the user;
    generation of a public / private key pair associated with the unique ID;
    validation of a first image of a document indicating a
    Petition 870190094494, of 9/20/2019, p. 38/48
    4/6 identity of a user associated with the communication device;
    conversion of the first image into hashed data when the first image is validated;
    signing of the hashed data with the private key of the public / phvada key pair; and transmitting at least the signed hashed data, the unique ID and the public key; and where the ID provider is configured to:
    write an identity record in the accounting data structure at a location identified by an indicator, the identity record including at least the user's unique ID, the signed hashed data and the public key of the public / private key pair; and provide the indicator for at least one communication device.
    [12]
    12. System according to claim 11, CHARACTERIZED by the fact that at least one communication device is configured, by request and / or the SDK to provide the indicator in response to a request from a requester associated with a digital service, to verify the identity of the user associated with the communication device.
    [13]
    13. System according to claim 12, CHARACTERIZED by the fact that at least one communication device is configured, by request and / or the SDK, to:
    user authentication, before signing the hashed data; and encryption of the indicator and the unique ID, before providing the unique indicator ID in response to the request.
    [14]
    14. System according to claim 11, CHARACTERIZED by the fact that the identification supplier is further configured to write a certification of the identity record in the accounting data structure and to return
    Petition 870190094494, of 9/20/2019, p. 39/48
    5/6 a second indicator to at least one communication device, the second indicator indicating a location of the certification of the identity record in the accounting data structure.
    [15]
    15. System according to claim 11, CHARACTERIZED by the fact that the document indicating the user's identification includes at least one of a passport issued by the government, a driver's license and a national identification card.
    [16]
    16. Computer readable non-transitory storage media, including executable instructions for use in verifying a user's identity, which, CHARACTERIZED by the fact that, when performed by a processor, causes the processor to:
    generate a unique ID for the user and a public / private key pair associated with the unique ID;
    validate the integrity of at least a first image, the first image including an image of a government issued document, indicative of the user's identity;
    perform the conversion of at least the first image, by a unidirectional hash function, into hashed data when the integrity of at least the first image is validated;
    sign the hashed data with the private key of the public / private key pair; and transmits the signed hashed data, the unique identifier and the public key of the public / private key pair, in which a user's digital identity record can be stored in an accounting data structure.
    [17]
    17. Computer readable non-transitory storage media according to claim 18, CHARACTERIZED by the fact that executable instructions, when executed by the processor, cause the processor to:
    Petition 870190094494, of 9/20/2019, p. 40/48
    6/6 receive and store a first indicator for the digital identity record, the first indicator indicating a location of the digital identity record in the accounting data structure; and provide the indicator to a requester in response to a request to verify the user's identity.
    [18]
    18. Computer readable non-transitory storage media according to claim 17, CHARACTERIZED by the fact that executable instructions, when executed by the processor, cause the processor to:
    receive and store a second indicator for the digital identity record, the second indicator indicating a location of a certification record, signed by a digital identity record identification provider in the accounting data structure; and provide the second indicator to the requester in response to the request to verify the user's identity.
    类似技术:
    公开号 | 公开日 | 专利标题
    BR112019019704A2|2020-04-14|systems and methods that provide digital identity records for verifying user identities
    US11206133B2|2021-12-21|Methods and systems for recovering data using dynamic passwords
    US10650632B2|2020-05-12|Systems and methods for provisioning digital identities to authenticate users
    US11122036B2|2021-09-14|Systems and methods for managing digital identities associated with mobile devices
    KR101829729B1|2018-03-29|Method for certifying a user by using mobile id through blockchain and merkle tree structure related thereto, and terminal and server using the same
    US11082221B2|2021-08-03|Methods and systems for creating and recovering accounts using dynamic passwords
    RU2019109206A|2020-10-01|BIOMETRIC IDENTIFICATION AND VERIFICATION AMONG IOT DEVICES AND APPLICATIONS
    CA3113543C|2021-08-24|Systems and computer-based methods of document certification and publication
    US20210383388A1|2021-12-09|Systems and methods for use in managing digital identities
    US20190261169A1|2019-08-22|Systems and methods for managing digital identities associated with users
    BR102018072458A2|2019-06-04|SYSTEMS AND METHODS FOR AUTHENTICATING A USER BASED ON BIOMETRIC DATA AND DEVICE
    US20200213311A1|2020-07-02|Providing verified claims of user identity
    WO2019200190A1|2019-10-17|Systems and methods for use in providing digital identities
    KR20170118382A|2017-10-25|System and method for electronically managing certificate of real name confirmation
    US20220067735A1|2022-03-03|Systems and methods for use with network authentication
    BR112019008140A2|2019-09-10|computer-implemented method, non-transient computer-readable storage medium, and system
    CN113129017A|2021-07-16|Information sharing method, device and equipment
    同族专利:
    公开号 | 公开日
    EP3602440A1|2020-02-05|
    US20180288033A1|2018-10-04|
    US10476862B2|2019-11-12|
    WO2018182902A1|2018-10-04|
    CN110462658A|2019-11-15|
    MX2019010865A|2019-10-17|
    US20200076795A1|2020-03-05|
    AU2018246993A1|2019-09-12|
    CA3058140A1|2018-10-04|
    引用文献:
    公开号 | 申请日 | 公开日 | 申请人 | 专利标题
    US7680819B1|1999-11-12|2010-03-16|Novell, Inc.|Managing digital identity information|
    US7797413B2|2004-10-29|2010-09-14|The Go Daddy Group, Inc.|Digital identity registration|
    US7778935B2|2006-03-09|2010-08-17|Colella Brian A|System for secure payment and authentication|
    US8607044B2|2006-04-25|2013-12-10|Verisign, Inc.|Privacy enhanced identity scheme using an un-linkable identifier|
    JP4659721B2|2006-11-09|2011-03-30|キヤノン株式会社|Content editing apparatus and content verification apparatus|
    US7870597B2|2007-04-10|2011-01-11|Symantec Corporation|Method and apparatus for managing digital identities through a single interface|
    US20110289318A1|2008-08-28|2011-11-24|Jingsong Zhang|System and Method for Online Digital Signature and Verification|
    PL2332313T3|2008-09-22|2016-08-31|Bundesdruckerei Gmbh|Method for storing data, computer program product, id token and computer system|
    US9039359B2|2011-01-05|2015-05-26|Lee Ervin|Kinetic energy atom-powered engine|
    WO2012123727A1|2011-03-11|2012-09-20|Callsign, Inc|Personal identity control|
    FR2987529B1|2012-02-27|2014-03-14|Morpho|METHOD FOR VERIFYING IDENTITY OF A USER OF A COMMUNICATING TERMINAL AND ASSOCIATED SYSTEM|
    US20150319170A1|2012-12-21|2015-11-05|Didier Grossemy|Computer implemented frameworks and methodologies for enabling identification verification in an online environment|
    US9536065B2|2013-08-23|2017-01-03|Morphotrust Usa, Llc|System and method for identity management|
    CA2886548A1|2014-03-31|2015-09-30|Sal Khan|Methods and systems relating to real world and virtual world identities|
    US9608982B2|2014-04-14|2017-03-28|Trulioo Information Services, Inc.|Identity validation system and associated methods|
    US20150356523A1|2014-06-07|2015-12-10|ChainID LLC|Decentralized identity verification systems and methods|
    US9785764B2|2015-02-13|2017-10-10|Yoti Ltd|Digital identity|
    US10853592B2|2015-02-13|2020-12-01|Yoti Holding Limited|Digital identity system|
    EP3767878A1|2015-03-27|2021-01-20|Black Gold Coin, Inc.|A system and a method for personal identification and verification|
    US20160300236A1|2015-04-09|2016-10-13|Mastercard International Incorporated|Systems and Methods for Confirming Identities of Verified Individuals, in Connection With Establishing New Accounts for the Individuals|
    US9876646B2|2015-05-05|2018-01-23|ShoCard, Inc.|User identification management system and method|
    CA2984888A1|2015-05-05|2016-11-10|ShoCard, Inc.|Identity management service using a block chain|
    US10817878B2|2015-06-09|2020-10-27|Mastercard International Incorporated|Systems and methods for verifying users, in connection with transactions using payment devices|
    US20160364703A1|2015-06-09|2016-12-15|Mastercard International Incorporated|Systems and Methods for Verifying Users, in Connection With Transactions Using Payment Devices|
    GB201511964D0|2015-07-08|2015-08-19|Barclays Bank Plc|Secure digital data operations|
    CN108701276A|2015-10-14|2018-10-23|剑桥区块链有限责任公司|System and method for managing digital identity|
    US10419401B2|2016-01-08|2019-09-17|Capital One Services, Llc|Methods and systems for securing data in the public cloud|
    WO2017152150A1|2016-03-04|2017-09-08|ShoCard, Inc.|Method and system for authenticated login using static or dynamic codes|
    US10218938B2|2016-04-14|2019-02-26|Popio Ip Holdings, Llc|Methods and systems for multi-pane video communications with photo-based signature verification|
    US10333705B2|2016-04-30|2019-06-25|Civic Technologies, Inc.|Methods and apparatus for providing attestation of information using a centralized or distributed ledger|
    WO2019055972A1|2017-09-18|2019-03-21|Mastercard International Incorporated|Systems and methods for provisioning biometric templates to biometric devices|
    PL3662634T3|2017-09-18|2021-12-06|Mastercard International Incorporated|Systems and methods for managing digital identities associated with mobile devices|US11088855B2|2016-07-29|2021-08-10|Workday, Inc.|System and method for verifying an identity of a user using a cryptographic challenge based on a cryptographic operation|
    US10637665B1|2016-07-29|2020-04-28|Workday, Inc.|Blockchain-based digital identity managementsystem|
    PL3662634T3|2017-09-18|2021-12-06|Mastercard International Incorporated|Systems and methods for managing digital identities associated with mobile devices|
    US10735194B2|2017-12-21|2020-08-04|Kikko Llc|Verified data sets|
    US11100503B2|2018-02-07|2021-08-24|Mastercard International Incorporated|Systems and methods for use in managing digital identities|
    US10819520B2|2018-10-01|2020-10-27|Capital One Services, Llc|Identity proofing offering for customers and non-customers|
    TR201817812A2|2018-11-23|2019-02-21|Turkcell Teknoloji Arastirma Ve Gelistirme Anonim Sirketi|A SYSTEM THAT ENABLES USER-SPECIFIC DIGITAL IDENTIFICATION AND STORAGE|
    EP3723017A1|2019-04-08|2020-10-14|Mastercard International Incorporated|Improvements relating to identity authentication and validation|
    US11115420B2|2019-04-26|2021-09-07|Visa International Service Association|Distributed ledger data verification network|
    CN110335036B|2019-06-03|2020-11-06|创新先进技术有限公司|Processing and generating method and device of off-line graphic code|
    CN111316303A|2019-07-02|2020-06-19|阿里巴巴集团控股有限公司|System and method for block chain based cross entity authentication|
    CN111213147A|2019-07-02|2020-05-29|阿里巴巴集团控股有限公司|System and method for block chain based cross entity authentication|
    CN111066020A|2019-07-02|2020-04-24|阿里巴巴集团控股有限公司|System and method for creating decentralized identity|
    CN111164594A|2019-07-02|2020-05-15|阿里巴巴集团控股有限公司|System and method for mapping decentralized identity to real entity|
    WO2019179535A2|2019-07-02|2019-09-26|Alibaba Group Holding Limited|System and method for verifying verifiable claims|
    CN111095865A|2019-07-02|2020-05-01|阿里巴巴集团控股有限公司|System and method for issuing verifiable claims|
    法律状态:
    2021-10-19| B350| Update of information on the portal [chapter 15.35 patent gazette]|
    优先权:
    申请号 | 申请日 | 专利标题
    US15/476,526|US10476862B2|2017-03-31|2017-03-31|Systems and methods for providing digital identity records to verify identities of users|
    PCT/US2018/019881|WO2018182902A1|2017-03-31|2018-02-27|Systems and methods for providing digital identity records to verify identities of users|
    [返回顶部]