Digital identity system

US 10,325,090 B2
Filed: 11/20/2017
Issued: 06/18/2019
Est. Priority Date: 02/13/2015
Status: Active Grant

First Claim

Patent Images

1. A digital identity system comprising:

a computer interface for receiving electronic messages; and

one or more hardware processors configured to execute;

an enrolment module configured to receive a data item captured from an identity document, and create in persistent electronic storage a digital identity comprising the data item;

a credential creation module configured to transmit from the digital identity system to a user device via the computer interface a credential for storing at the user device, the credential being bound to the digital identity; and

a validation service configured to receive an electronic message comprising the credential and identifying a target device, validate the credential, and if the credential is valid, use the credential to transmit from the digital identity system to the target device, an electronic message so as to render the data item of the digital identity available to the target device.

View all claims

0 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

The disclosure relates to a digital identity system including an enrolment module executing on a processor configured to receive a data item from an enrolling device and to create in persistent electronic storage a digital profile comprising the data item. The system also includes a credential creation module executing on a processor configured to generate a credential from a random sequence, to associate the credential with the digital profile in a database, and to transmit the credential to the enrolling device. The system further includes a publication module executing on a processor configured, in response to later presentation of the credential to the digital identity system, to publish the digital profile by storing a version of the digital profile in a memory location accessible to a device presenting the credential.

Citations

20 Claims

1. A digital identity system comprising:
- a computer interface for receiving electronic messages; and
  
  one or more hardware processors configured to execute;
  
  an enrolment module configured to receive a data item captured from an identity document, and create in persistent electronic storage a digital identity comprising the data item;
  
  a credential creation module configured to transmit from the digital identity system to a user device via the computer interface a credential for storing at the user device, the credential being bound to the digital identity; and
  
  a validation service configured to receive an electronic message comprising the credential and identifying a target device, validate the credential, and if the credential is valid, use the credential to transmit from the digital identity system to the target device, an electronic message so as to render the data item of the digital identity available to the target device.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14)
- - 2. A digital identity system according to claim 1, wherein the one or more processors are configured to execute a publication module configured to publish the data item of the digital identity, by storing a version of the data item in a memory location of the digital identity system accessible to the target device, wherein publishing the data item of the digital identify renders the data item of the digital identity available to the target device, and wherein the version of the data item published in the memory location of the digital identity system is unaffected by future modifications of the digital identity to provide a snapshot of the data item of the digital identity at a time of a transaction in which the electronic message is received.
  - 3. A digital identity system according to claim 1, wherein the one or more processors are configured to execute a verification service configured to compare data captured from the identity document with an identifier captured from a user at the user device;
    - andwherein the creation of the digital identity, the issuing of the credential, or the transmitting of the electronic message to the target device is conditional on the identifier matching the data captured from the identity document.
  - 4. A digital identify system according to claim 3, wherein the identifier is a biometric identifier and the data is biometric data.
  - 5. A digital identity system according to claim 4, wherein the biometric data is an identification photograph and the biometric identifier is a facial image.
  - 6. A digital identity system according to claim 1, wherein the digital identity system is configured to associate the digital identity with an asset.
  - 7. A digital identity system according to claim 6, wherein the asset is a digital wallet or a sum of money.
  - 8. A digital system according to claim 6, wherein the asset is associated with the digital identity such that the user can use the asset by presenting the credential to the target device for transmission in the electronic message to the validation service or by transmitting the credential to the validation service in the electronic message.
  - 9. A digital identity system according to claim 6, wherein the electronic message transmitted to the target device renders the asset or information relating to the asset available to the target device.
  - 10. A digital identity system according to claim 6, wherein the asset is a physical asset, wherein data identifying the physical asset is stored at the digital identity system in association with the digital identity.
  - 11. A digital identity system according to claim 6, wherein the asset is digital asset, wherein the digital asset or data about the digital asset is stored at the digital identity system in association with the digital identity.
  - 12. A digital identity system according to claim 1, wherein the target device is identified by a target entity credential comprised in the message.
  - 13. A digital identity system according to claim 1, wherein the electronic message is received from the user device.
  - 14. A digital identity system according to claim 1, wherein the electronic message is received from the target device, the credential having been captured at the target device.

15. A computer-implemented method of creating a digital identity comprising:
- at a user device, capturing a data item from an identity document;
  
  creating on a processor of the user device an electronic message comprising the data item;
  
  transmitting the electronic message from the user device to a digital identity system;
  
  receiving at the user device from the digital identity system an electronic message comprising a credential, which is bound to a digital identity comprising the data item, the digital identity having been created at the digital identity system in response to the electronic message comprising the data item; and
  
  storing the credential in memory of the user device, wherein later presentation of the credential to the digital identity system causes the data item of the digital identity to be rendered available to a target device presenting the credential.
- View Dependent Claims (16, 17)
- - 16. A method according to claim 15, comprising capturing at the user device a facial image or other biometric identifier of a user of the user device, which is included in the electronic message transmitted to the digital identity system.
  - 17. A method according to claim 15, comprising transmitting, from the user device to the digital identity system, a digital asset or information about an asset for associating with the digital identity.

18. A user device comprising:
- a memory; and
  
  a hardware processor coupled to the memory and configured to execute computer readable instructions which, when executed on the hardware processor, cause the hardware processor to;
  
  capture a data item from an identity document,create an electronic message comprising the data item,transmit the electronic message from the user device to a digital identity system,receive from the digital identity system an electronic message comprising a credential, which is bound to a digital identity comprising the data item, the digital identity having been created at the digital identity system in response to the electronic message comprising the data item; and
  
  store the credential in the memory, wherein later presentation of the credential to the digital identity system causes the data item of the digital identity to be rendered available to a target device presenting the credential.

19. A non-transitory computer readable storage medium comprising code executable a user device to implement steps of:
- capturing a data item from an identity document;
  
  creating an electronic message comprising the data item;
  
  transmitting the electronic message from the user device to a digital identity system;
  
  receiving from the digital identity system an electronic message comprising a credential, which is bound to a digital identity comprising the data item, the digital identity having been created at the digital identity system in response to the electronic message comprising the data item; and
  
  storing the credential at the user device, wherein later presentation of the credential to the digital identity system causes the data item of the digital identity to be rendered available to a target device presenting the credential.

20. A digital identity system comprising:
- a computer interface for receiving electronic messages; and
  
  one or more hardware processors configured to execute;
  
  an enrolment module configured to create in persistent electronic storage a digital identity comprising a data item;
  
  a credential creation module configured to associate a credential with the digital profile, and transmit the credential from the digital identity system to a credential-receiving device;
  
  a computer interface configured to receive, in a transaction, an electronic message comprising the credential and identifying a target device, the message being received from the credential-receiving device or the target device having captured the credential from the credential-receiving device; and
  
  a publication module configured to, in response to the electronic message, publish the data item of the digital identity, by storing a version of the data item in a memory location of the digital identity system accessible to the target device, wherein the version of the data item published in the memory location of the digital identity system is unaffected by future modifications of the digital identity to provide a snapshot of the data item of the digital identity at a time of the transaction.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Yoti Holding Ltd
Original Assignee
Yoti Holding Ltd
Inventors
Loughlin-McHugh, Eleanor Simone Frederika, Szczesniak, Roman Edward
Primary Examiner(s)
Rahim, Monjur

Application Number

US15/818,538
Publication Number

US 20180089419A1
Time in Patent Office

575 Days
Field of Search

726 6
US Class Current
CPC Class Codes

G06F 21/45   Structures or tools for the...

G06F 2221/2117   User registration

H04L 2463/082   applying multi-factor authe...

H04L 63/0807   using tickets, e.g. Kerbero...

H04L 63/0853   using an additional device,...

H04W 12/77   Graphical identity

Digital identity system

First Claim

0 Assignments

0 Petitions

Accused Products

Abstract

Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

Digital identity system

First Claim

0 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links