US2021184856A1PendingUtilityA1

System and Method for Zero-Knowledge, Anonymous Verification and Management

52
Assignee: IMAGEWARE SYSTEMS INCPriority: Jul 17, 2018Filed: Feb 17, 2021Published: Jun 17, 2021
Est. expiryJul 17, 2038(~12 yrs left)· nominal 20-yr term from priority
H04L 9/50H04L 63/1466H04L 63/0807H04L 63/0861G06F 16/1865H04L 63/126H04L 9/3247H04L 9/0894H04L 9/3221H04L 9/3213H04L 9/3239H04L 9/3231H04L 9/3297
52
PatentIndex Score
0
Cited by
0
References
0
Claims

Abstract

A verification system using additional factors such as biometrics can provide a tenant system with the ability to verify the identity of an end user. The enrollment and verification can be performed without sharing identity knowledge between the tenant and the verification ensuring the privacy of the end user. The enrollment and verification can also be performed in an auditable way while maintaining anonymity.

Claims

exact text as granted — not AI-modified
1 . A method for validating user identity information at a tenant system, the method comprising:
 sending a tenant system identifier from the tenant system to a verification system;   sending a validation request from the tenant system to the verification system, the validation request comprising an encrypted token, the encrypted token having a unique user identifier associated with the user identity information, the encrypted token being further operable to being unencrypted by the verification system;   receiving, at the tenant system, a transaction identifier from the verification system; and   requesting, at the tenant system, a public transaction receipt from a public database, the public transaction receipt having a transaction outcome, the transaction outcome indicating whether the validation request resulted in successful validation of the user identity information.   
     
     
         2 . The method of  claim 1 , wherein the public transaction receipt further comprises a hash, the hash being created from the unique user identifier, the tenant system identifier, the transaction outcome, or combination thereof. 
     
     
         3 . The method of  claim 1 , wherein the public data store is a public database. 
     
     
         4 . The method of  claim 3 , wherein the public database is a blockchain. 
     
     
         5 . The method of  claim 1 , wherein the public transaction receipt is immutable. 
     
     
         6 . The method of  claim 1 , wherein the encrypted token further comprises an application identifier. 
     
     
         7 . The method of  claim 6 , wherein the application identifier is a name, a globally unique identifier, or combination thereof. 
     
     
         8 . The method of  claim 1 , wherein the tenant system identifier is a name, a globally unique identifier, or combination thereof. 
     
     
         9 . The method of  claim 1 , wherein any one or more of the tenant system identifier, the encrypted token, and the transaction identifier are digitally signed. 
     
     
         10 . The method of  claim 9 , wherein digitally signing is based on pretty good privacy, digital signature algorithm, or combination thereof. 
     
     
         11 . A server configured as a tenant system and further configured to validate user identity information, the server comprising:
 a memory;   a processor operable to:
 send a tenant system identifier from the tenant system to a verification system; 
 send a validation request from the tenant system to the verification system, the validation request comprising an encrypted token, the encrypted token having a unique user identifier associated with the user identity information, the encrypted token being further operable to being unencrypted by the verification system; 
 receive, at the tenant system, a transaction identifier from the verification system; and 
 request, at the tenant system, a public transaction receipt from a public database, the public transaction receipt having a transaction outcome, the transaction outcome indicating whether the validation request resulted in successful validation of the user identity information. 
   
     
     
         12 . The server of  claim 11 , wherein the public transaction receipt further comprises a hash, the hash being created from the unique user identifier, the tenant system identifier, the transaction outcome, or combination thereof. 
     
     
         13 . The server of  claim 11 , wherein the public data store is a public database. 
     
     
         14 . The server of  claim 13 , wherein the public database is a blockchain. 
     
     
         15 . The server of  claim 11 , wherein the public transaction receipt is immutable. 
     
     
         16 . The server of  claim 11 , wherein the encrypted token further comprises an application identifier. 
     
     
         17 . The server of  claim 16 , wherein the application identifier is a name, a globally unique identifier, or combination thereof. 
     
     
         18 . The server of  claim 11 , wherein the tenant system identifier is a name, a globally unique identifier, or combination thereof. 
     
     
         19 . The server of  claim 11 , wherein any one or more of the tenant system identifier, the encrypted token, and the transaction identifier are digitally signed. 
     
     
         20 . The server of  claim 19 , wherein digitally signing is based on pretty good privacy, digital signature algorithm, or combination thereof. 
     
     
         21 . A computer-readable medium storing instructions that, when executed by a computer, cause the computer to:
 send a tenant system identifier from a tenant system to a verification system;   send a validation request from the tenant system to the verification system, the validation request comprising an encrypted token, the encrypted token having a unique user identifier associated with user identity information, the encrypted token being further operable to being unencrypted by the verification system;   receive, at the tenant system, a transaction identifier from the verification system; and   request, at the tenant system, a public transaction receipt from a public database, the public transaction receipt having a transaction outcome, the transaction outcome indicating whether the validation request resulted in successful validation of the user identity information.

Cited by (0)

No later patents cite this yet.

References (0)

No backward citations on record.