Identity management system
First Claim
1. A method of validating an identity of a user device comprising:
- registering a biometric signature with an authoritative identity source;
transmitting an encrypted user identity element from the authoritative identity source to a user device;
transmitting the encrypted user identity element from the user device to the third party entity;
sending an identity validation request from the third party entity to the authoritative identity source;
confirming the identity of the user to the third party entity from the authoritative identity source,wherein the third party entity stores its own secure element, an encrypted entity element, wherein the encrypted entity element is a token or a key, in a secure enclave on the user device,wherein, during the confirmation process, the biometric signature of the encrypted user identity element and a biometric signature of the encrypted entity element must match the biometric signature registered with the identity source, andwherein, in the event of a security compromise of the use identity or user device, the third party entity updates the encrypted entity element by rotating the tokens or keys as needed to secure third party access.
1 Assignment
0 Petitions
Accused Products
Abstract
A system and method of validating an identity of a user device is disclosed that includes registering a biometric signature with an authoritative identity source, transmitting an encrypted user identity element from the authoritative identity source to a user device, sending an identity request from a third party entity to the user device, transmitting the encrypted user identity element from the user device to the third party, sending an identity validation request from the third party to the authoritative identity source, transmitting a communication from the authoritative identity request to the third party entity, and informing the third party entity if the identity of the user is confirmed.
35 Citations
20 Claims
-
1. A method of validating an identity of a user device comprising:
-
registering a biometric signature with an authoritative identity source; transmitting an encrypted user identity element from the authoritative identity source to a user device; transmitting the encrypted user identity element from the user device to the third party entity; sending an identity validation request from the third party entity to the authoritative identity source; confirming the identity of the user to the third party entity from the authoritative identity source, wherein the third party entity stores its own secure element, an encrypted entity element, wherein the encrypted entity element is a token or a key, in a secure enclave on the user device, wherein, during the confirmation process, the biometric signature of the encrypted user identity element and a biometric signature of the encrypted entity element must match the biometric signature registered with the identity source, and wherein, in the event of a security compromise of the use identity or user device, the third party entity updates the encrypted entity element by rotating the tokens or keys as needed to secure third party access. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12)
-
-
13. An identity management system comprising:
-
a registration component that allows a user of an electronic device register at least one biometric signature with an authoritative identity source; a secure element component that generates an encrypted user identity element; an identity request component that allows third party entities to request proof of identity from the electronic device of the user of the electronic device; and a validation component that allows the third party entities to validate the identity of the user of the electronic device via the authoritative identity source, wherein the third party entity stores its own secure element, an encrypted entity element, wherein the encrypted entity element is a token or a key, in a secure enclave on the user device, wherein, during the validation process, the biometric signature of the encrypted user identity element and a biometric signature of the encrypted entity element must match the biometric signature registered with the identity source, and wherein, in the event of a security compromise of the use identity or user device, the third party entity updates the encrypted entity element by rotating the tokens or keys as needed to secure third party access. - View Dependent Claims (14, 15, 16, 17)
-
-
18. A computer-readable storage device storing executable instructions that, in response to execution, cause a system comprising a processor to perform operations comprising:
-
registering a biometric signature of a user with an authoritative identity source; transmitting an encrypted user identity element from the authoritative identity source to a user device; transmitting the encrypted user identity element from the user device to a third party entity; sending an identity validation request from the third party entity to the authoritative identity source; and confirming the identity of the user to the third party entity from the authoritative identity source, wherein the third party entity stores its own secure element, an encrypted entity element, wherein the encrypted entity element is a token or a key, in a secure enclave on the user device, wherein, during the confirmation process, the biometric signature of the encrypted user identity element and a biometric signature of the encrypted entity element must match the biometric signature registered with the identity source, and wherein, in the event of a security compromise of the use identity or user device, the third party entity updates the encrypted entity element by rotating the tokens or keys as needed to secure third party access. - View Dependent Claims (19, 20)
-
Specification