Identity management system

US 10,721,227 B1
Filed: 11/05/2018
Issued: 07/21/2020
Est. Priority Date: 12/17/2015
Status: Active Grant

First Claim

Patent Images

1. A method of validating a user identity in an e-commerce transaction using an authoritative identity source, the method comprising:

scanning a biometric signature into a user device;

registering the biometric signature with an authoritative identity source;

generating, at the identity source, an encrypted user identity element;

transmitting the encrypted user identity element from the authoritative identity source to the user device;

storing, at the user device, the encrypted user identity element in a secure enclave;

transmitting an identity request from the third party to the user device;

unlocking the secure enclave of the user device;

transmitting the encrypted user identity element from the user device to a third party;

using the unlocked secure enclave, transmitting an identity validation request including the encrypted user identity element from the third party to the identity source;

determining, at the identity source, if the identity of the user device can be confirmed;

andtransmitting from the identity source to the third party whether during the determining the identity of the user device was confirmed or not confirmed.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A system and method of validating an identity of a user device is disclosed that includes registering a biometric signature with an authoritative identity source, transmitting an encrypted user identity element from the authoritative identity source to a user device, sending an identity request from a third party entity to the user device, transmitting the encrypted user identity element from the user device to the third party, sending an identity validation request from the third party to the authoritative identity source, transmitting a communication from the authoritative identity request to the third party entity, and informing the third party entity if the identity of the user is confirmed.

29 Citations

View as Search Results

20 Claims

1. A method of validating a user identity in an e-commerce transaction using an authoritative identity source, the method comprising:
- scanning a biometric signature into a user device;
  
  registering the biometric signature with an authoritative identity source;
  
  generating, at the identity source, an encrypted user identity element;
  
  transmitting the encrypted user identity element from the authoritative identity source to the user device;
  
  storing, at the user device, the encrypted user identity element in a secure enclave;
  
  transmitting an identity request from the third party to the user device;
  
  unlocking the secure enclave of the user device;
  
  transmitting the encrypted user identity element from the user device to a third party;
  
  using the unlocked secure enclave, transmitting an identity validation request including the encrypted user identity element from the third party to the identity source;
  
  determining, at the identity source, if the identity of the user device can be confirmed;
  
  andtransmitting from the identity source to the third party whether during the determining the identity of the user device was confirmed or not confirmed.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12)
- - 2. The method of claim 1, wherein the biometric signature may include biometrics not limited to fingerprint, palm print, palm veins, hand geometry, face recognition, voice, gait, and scent.
  - 3. The method of claim 1, wherein any of the steps recited therein is implemented using an artificial intelligence scheme.
  - 4. The method of claim 3, wherein the encrypted user identity element is a token or a key.
  - 5. The method of claim 4, wherein the token or key utilizes Public Key Infrastructure.
  - 6. The method of claim 5, wherein at least one support vector machine is employed to automatically learn and perform a number of functions.
  - 7. The method of claim 1, wherein sending an identity validation request from the third party to the authoritative identity source includes transmitting the encrypted user identity element from the third party entity to the authoritative identity source.
  - 8. The method of claim 1, wherein, in implementing the functionality recited therein relevant metadata is shared in real-time to aggregate, correlate, and ultimately prevent unauthorized access and continuously freshen customer data through a centralized hub of trusted sources.
  - 9. The method of claim 1, wherein determining if an identity of the user is confirmed includes decrypting the user identity element and comparing the biometric imprint on the user identity element with the biometric signature registered with the authoritative identity source.
  - 10. The method of claim 1, wherein sending an identity validation request from the third party to the authoritative identity source includes transmitting the encrypted user identity element and an entity identity element from the third party entity to the authoritative identity source.
  - 11. The method of claim 10, wherein prior to transmitting a communication from the authoritative identity source to the third party entity the identity of the user must be confirmed.
  - 12. The method of claim 11, wherein determining if an identity of the user is confirmed includes decrypting the user identity element and decrypting the entity identity key and comparing the biometric imprint on the user identity element and the biometric imprint on the entity identity element with the biometric signature registered with the identity source.

13. An identity management system comprising:
- a biometric module, within a user device, that scans a biometric signature into the user device;
  
  a registration component that registers at least one biometric signature with an authoritative identity source;
  
  a secure element generation component that generates an encrypted user identity element;
  
  wherein the authoritative identity source transmits the encrypted user identity element to the user device;
  
  a secure enclave module, within the user device, operative to store the encrypted user identity element;
  
  a third party operative to transmit an identity request to the user device;
  
  wherein the biomedical module unlocks the secure enclave module;
  
  wherein the user device transmits the encrypted user identity element from the user device to a third party;
  
  using the unlocked secure enclave module, transmitting an identity validation request including the encrypted user identity element from the third party to the identity sourcean identity request component that allows third party entities to request proof of identity from the electronic device of the user of the electronic device; and
  
  a validation component that allows the third party entities to validate the identity of the user of the electronic device via the authoritative identity source.
- View Dependent Claims (14, 15, 16, 17)
- - 14. The system of claim 13 further comprising a transaction component that facilitates electronic transactions between the user device, the authoritative identity source, and third party entities.
  - 15. The system of claim 13, wherein a plurality of third party entities may send separate and independent identity requests to the user device requesting proof of the identity of the user.
  - 16. The system of claim 15, wherein the user device, in response to the plurality of independent identity requests, unlocks the secure enclave of the user device by inputting biometric signatures for the respective third party entities then separately and independently transmits unique encrypted user identity elements for each respective requesting device.
  - 17. The system of claim 16, wherein the validation component transmits a communication to the third party entities validating the identity of the user once the validation component confirms the identity of the user, wherein after receiving the encrypted user identity elements, the third party entities transmit validation requests to the authoritative identity source wherein each validation request comprises transmitting the encrypted user identity element to the authoritative identity source;
    - wherein the authoritative identity source compares the biometric signature on the encrypted user identity element with the biometric signature registered with the user device, wherein if, for a given request, the two biometric signatures match, the authoritative identity source transmits a validation to the respective third party entity confirming the identity of the user.

18. A computer-readable storage device storing executable instructions that, in responseto execution, cause a system comprising a processor to perform operations comprising:
- scanning a biometric signature into a user device;
  
  registering the biometric signature with an authoritative identity source;
  
  generating, at the authoritative identity source, an encrypted user identity elementtransmitting the encrypted user identity element from the authoritative identity source to the user device;
  
  storing, at the user device, the encrypted user identity element in a secure enclave;
  
  unlocking the secure enclave of the user device;
  
  transmitting the encrypted user identity element from the user device to the third party entity;
  
  using the unlocked secure enclave, sending an identity validation request including the encrypted user identity element from the third party entity to the authoritative identity source; and
  
  confirming the identity of the user to the third party entity from the authoritative identity source.
- View Dependent Claims (19, 20)
- - 19. The computer-readable storage device of claim 18, wherein prior to transmitting an encrypted user identity element from the authoritative identity source to a user device the operations further comprising sending an identity request from the third party entity to the user device.
  - 20. The computer-readable storage device of claim 18, wherein confirming the identity of the user to the third party entity includes decrypting the user identity element and comparing a biometric imprint on the user identity element with the biometric signature registered with the authoritative identity source.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Wells Fargo Bank NA (Wells Fargo & Company)
Original Assignee
Wells Fargo Bank NA (Wells Fargo & Company)
Inventors
Suen, Darrell L.
Primary Examiner(s)
Turchen, James R

Application Number

US16/180,761
Time in Patent Office

624 Days
Field of Search
US Class Current
CPC Class Codes

H04L 63/0807   using tickets, e.g. Kerbero...

H04L 63/0815   providing single-sign-on or...

H04L 63/0853   using an additional device,...

H04L 63/0861   using biometrical features,...

Identity management system

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

29 Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

Identity management system

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

29 Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links