Method and system to validate identity without putting privacy at risk

US 10,282,535 B2
Filed: 09/01/2015
Issued: 05/07/2019
Est. Priority Date: 09/02/2014
Status: Active Grant

First Claim

Patent Images

1. A method for verifying a user, the method comprising:

the user transferring a first user identifier from a first source to a device;

the user transferring a second user identifier from a second source to the device, the first source different from the second source and the first user identifier different from the second user identifier;

the first source comprising a first media and the second source comprising a second media;

the first and second user identifiers not stored in the device prior to the steps of transferring;

comparing the first and second user identifiers or corresponding portions of the first and second user identifiers at the device without sending the first and second user identifiers nor the corresponding portions of the first and second user identifiers external to the device;

at the device determining a correlation score responsive to the comparing step;

at the device determining a relationship between the correlation score and a predetermined correlation threshold;

at the device, verifying that the first and second user identifiers identify a same person if the correlation score is greater than or equal to the predetermined correlation threshold, and if a step of transferring the second user identifier was executed within a predetermined time interval from the step of transferring the first user identifier; and

issuing an indication according to a verifying step.

View all claims

10 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method and system to verify identity while protecting private data. To locally verify identity without requiring communication with an external database or passing personal/identity information over network connections. To create a database and/or statistical model for later use to verify identify, private information from a first media is input to a device. Private information subsequently presented via a second media is then verified locally by comparing to the private information previously captured from the first media. If the resultant correlation score is sufficiently high the private information from the first media and from the second media are determined to belong to the same individual, and the user is authenticated or a desired action is approved. In case of a low correlation score, a notification may be sent to one or more entities alerting authorities of a security breach or identity theft.

Citations

17 Claims

1. A method for verifying a user, the method comprising:
- the user transferring a first user identifier from a first source to a device;
  
  the user transferring a second user identifier from a second source to the device, the first source different from the second source and the first user identifier different from the second user identifier;
  
  the first source comprising a first media and the second source comprising a second media;
  
  the first and second user identifiers not stored in the device prior to the steps of transferring;
  
  comparing the first and second user identifiers or corresponding portions of the first and second user identifiers at the device without sending the first and second user identifiers nor the corresponding portions of the first and second user identifiers external to the device;
  
  at the device determining a correlation score responsive to the comparing step;
  
  at the device determining a relationship between the correlation score and a predetermined correlation threshold;
  
  at the device, verifying that the first and second user identifiers identify a same person if the correlation score is greater than or equal to the predetermined correlation threshold, and if a step of transferring the second user identifier was executed within a predetermined time interval from the step of transferring the first user identifier; and
  
  issuing an indication according to a verifying step.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16)
- - 2. The method of claim 1 wherein the device comprises a non-network connected device such that the steps of transferring, comparing, determining, and verifying are executed without connections to a network, without using an over-the-air communications interface, and without using a database external to the device.
  - 3. The method of claim 1 further comprising authenticating the same user to conduct a transaction using the device, or permitting the same user to access an application on the device, or permitting the same user to access a storage cloud.
  - 4. The method of claim 1 wherein the first source comprises the first media or a first transaction card and the second source comprises the second media or a second transaction card.
  - 5. The method of claim 4 wherein the first transaction card comprises a first magnetic-stripe card and the second transaction card comprises a second magnetic-stripe card.
  - 6. The method of claim 1 wherein biometrics of the user as input to the device is also used in determining the correlation score.
  - 7. The method of claim 1 wherein the first or second user identifier comprises a security identifier or comprises private information, and the private information further comprises any one or more of a user'"'"'s last name, a user'"'"'s first name, a user'"'"'s middle name, a user'"'"'s initials, a user'"'"'s current or previous addresses, a user'"'"'s phone number, a user'"'"'s account number, a user'"'"'s license number, a user'"'"'s identity number, a user'"'"'s biometrics and a device number, a device serial number, a device MAC address, and a device IP address.
  - 8. The method of claim 1 wherein the first and second sources each comprises any one of a memory device, a data storage device, a magnetic stripe card, a memory operative with a radio-frequency identification component, a memory operative with a near-field communications component, a memory operative with a WiFi™
    - component, a memory operative with a universal serial bus component, a serial memory component, a compact disc/read only memory, or a digital video disc.
  - 9. The method of claim 1 wherein the device comprises any one of a personal computer, a laptop computer, a tablet computer, a dongle, a server, a mobile device, a smart phone, a wearable device or any device comprising a non-transitory memory element.
  - 10. The method of claim 1 wherein the second user identifier comprises more elements than the first user identifier, and wherein if the user is verified then the second user identifier is used in subsequent verification attempts of the user.
  - 11. The method of claim 1 wherein the step of transferring the first user identifier from the first media comprises using an optical character recognition component operative with the device, and the step of transferring the second private identifier from the second media comprises using an optical character recognition component operative with device.
  - 12. The method of claim 1 wherein prior to the step of transferring the first and second user identifiers the method further comprises one or more of a step of encrypting the first and second user identifiers, a step of disconnecting the device from a network, and a step of scanning the first and second user identifiers for malware.
  - 13. The method of claim 1 wherein the step of verifying further comprises verifying the user by the device interacting with a remote authentication service.
  - 14. The method of claim 1 further comprising generating a first token that represents the first user identifier and generating a second token that represents the second user identifier, wherein the steps of transferring the first user identifier and transferring the second user identifier comprise respectively transferring the first and second tokens to the device.
  - 15. The method of claim 1 wherein the first and second user identifiers each comprise private information of the user, the method further comprising a step of asking knowledge-based questions derived from the private information, wherein the step of verifying is executed if the correlation score is greater than or equal to the predetermined correlation threshold, if a step of transferring the second user identifier was executed within a predetermined time interval from the step of transferring the first user identifier, and the user has correctly answered the knowledge-based questions.
  - 16. The method of claim 1 wherein the correlation score comprises an initial correlation score, the method further comprising:
    - authenticating the same person to a first authentication level responsive to the initial correlation score;
      
      receiving a third user identifier from a third source;
      
      determining that the third user identifier identifies the same person without sending the third user identifier external to the device; and
      
      responsive to the step of determining, authenticating the same person to a second authentication level higher than the first authentication level.

17. A system for verifying a user, the system comprising:
- a first component for transferring a first user identifier from a first source;
  
  a second component for transferring a second user identifier from a second source, the first source different from the second source and the first user identifier different from the second user identifier;
  
  the first source comprising a first media and the second source comprising a second media;
  
  a predetermined time limit between the first component transferring and the second component transferring;
  
  the first and second user identifiers not stored in the system prior to the first and second components transferring the respective first and second user identifiers;
  
  a third component for comparing first user identifier portions extracted from the first user identifier and second user identifier portions extracted from the second user identifier and for determining a correlation score responsive thereto, such that comparing and determining are not executed external to the system; and
  
  a fourth component for verifying that the first and second user identifiers identify a same person if the correlation score is greater than or equal to a predetermined correlation threshold and if a time interval between the first component transferring and the second component transferring is less than the predetermined time limit.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
LogicMark LLC (Nxt-Id, Inc.)
Original Assignee
Nxt-Id, Inc.
Inventors
Tunnell, Andrew, Santillo, Christopher, Mitchell, Justin, Powers, Sean
Primary Examiner(s)
Simitoski, Michael

Application Number

US14/842,252
Publication Number

US 20160085954A1
Time in Patent Office

1,344 Days
Field of Search
US Class Current
CPC Class Codes

G06F 21/32   using biometric data, e.g. ...

G06F 21/34   involving the use of extern...

G06F 21/35   communicating wirelessly

G06F 21/6245   Protecting personal data, e...

G06Q 30/0248   Avoiding fraud

H04L 63/0853   using an additional device,...

H04L 63/18   using different networks or...

Method and system to validate identity without putting privacy at risk

First Claim

10 Assignments

0 Petitions

Accused Products

Abstract

Citations

17 Claims

Specification

Solutions

Use Cases

Quick Links

Method and system to validate identity without putting privacy at risk

First Claim

10 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

17 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links