METHOD FOR VERIFYING THE IDENTITY OF A USER OF A COMMUNICATING TERMINAL AND ASSOCIATED SYSTEM

US 20150038118A1
Filed: 01/31/2013
Published: 02/05/2015
Est. Priority Date: 02/27/2012
Status: Active Grant

First Claim

Patent Images

1-13. -13. (canceled)

View all claims

9 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method for verifying identity of a user of a communicating terminal, including: a preliminary operation including: communicating a first piece of identity data of a user to at least one server, generating a second piece of identity data of the user from the server, the second piece of data defining a derived identity of the user, and storing the second piece of identity data in a secure memory of the terminal; an operation for identity verification, including: transmitting a token for encryption from the server to the terminal, using the second piece of data at the terminal at least to generate an encryption of the token, the encrypted token being transmitted to the server and verified by the server, and in a case of positive verification of the encrypted token by the server, the server validates the identity verification of the user of the terminal.

39 Citations

View as Search Results

26 Claims

1-13. -13. (canceled)

14. A method for verifying identity of a user of a communicating terminal, the method comprising:
- a preliminary operation comprising;
  
  communicating a first piece of identity data of the user to at least one server,generating at the server a second piece of identity data of the user, the second piece of data defining a derived identity of the user, andstoring the second piece of identity data in a secure memory of the terminal;
  
  a current operation for identity verification comprising;
  
  transmitting a token for encryption, from the server to the terminal,using the second piece of data at the terminal at least to generate an encryption of the token, the encrypted token being transmitted to the server and verified by the server, andin a case of positive verification of the encrypted token by the server, the server validates the identity verification of the user of the terminal.
- View Dependent Claims (15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26)
- - 15. The method of claim 14, wherein the encryption uses a public key infrastructure, the derived identity data at least being used for generating an encryption key.
  - 16. The method of claim 14, wherein the derived identity data is a digital certificate certifying the encryption by the terminal.
  - 17. The method of claim 14, wherein, in the case of positive verification, the encrypted token is associated with a digital identification certificate for the user.
  - 18. The method of claim 14, wherein the communication of the first piece of identity data of the user to the server is authorized after verification of biometric data of the user of the terminal.
  - 19. The method of claim 14, wherein the current operation further comprises verification of user-specific data before initiating, on the terminal, the use of the second piece of data for encryption of the token.
  - 20. The method of claim 14, wherein a plurality of preliminary operations are executed, with a plurality of communications of the first piece of identity data of the user to a plurality of servers, each server generating the respective second pieces of identity data of the user, each second piece of data defining a derived identity of the user, each derived identity being specific to a service for which access is dependent on encrypted token verification on a server dedicated to the service.
  - 21. The method of claim 14, wherein the communication of the first piece of identity data to the server is carried out via a reader comprising a module for short-range or wired communication, andthe terminal comprising a corresponding module for short-ranges or wired communication, the second piece of data is transmitted from the server to the reader, then from the reader to the terminal by short-range or wired communication.
  - 22. The method of claim 14, wherein the transmitting the token for encryption and/or the encrypted token, between the server and the terminal, is performed via a device requesting access to a service associated with the server, access to the service being dependent on verification of the identity of the user from the user terminal in the current operation.
  - 23. The method of claim 22, wherein the transmitting the token for encryption and/or the encrypted token, between the terminal and the device, is performed by a short-range or wired communication, the terminal comprising a module for short-range or wired communication and the device comprising a corresponding module for short-range or wired communication.
  - 24. The method of claim 14, wherein the transmitting the token for encryption, from the server to the terminal, is performed using a mobile network, and the transmission of the encrypted token from the terminal to the server is performed via a device requesting access to a service associated with the server, access to the service being dependent on verification of the identity of the user from the user terminal in the current operation.
  - 25. The method of claim 14, wherein the transmitting the token for encryption, from the server to the terminal, is performed via a device requesting access to a service associated with the server, and the transmission of the encrypted token from the terminal to the server is performed using a mobile network, access to the service being dependent on verification of the identity of the user from the user terminal in the current operation.
  - 26. A system for verifying the identity of a user, comprising at least a terminal and a server for implementing the method according to claim 14.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
IDEMIA Identity and Security France SAS (Advent International Corporation)
Original Assignee
Morpho (Advent International Corporation)
Inventors
Berteau, Guillaume, Benteo, Bruno

Granted Patent

US 10,050,791 B2
Time in Patent Office

Days
Field of Search
US Class Current

455/411
CPC Class Codes

G06F 21/32   using biometric data, e.g. ...

G06F 21/34   involving the use of extern...

G06F 21/35   communicating wirelessly

H04L 2463/082   applying multi-factor authe...

H04L 63/0823   using certificates cryptogr...

H04L 63/0861   using biometrical features,...

H04L 9/3231   Biological data, e.g. finge...

H04L 9/3234   involving additional secure...

H04L 9/3271   using challenge-response

H04W 12/069   using certificates or pre-s...

H04W 4/80   Services using short range ...

METHOD FOR VERIFYING THE IDENTITY OF A USER OF A COMMUNICATING TERMINAL AND ASSOCIATED SYSTEM

First Claim

9 Assignments

0 Petitions

Accused Products

Abstract

39 Citations

26 Claims

Specification

Solutions

Use Cases

Quick Links

METHOD FOR VERIFYING THE IDENTITY OF A USER OF A COMMUNICATING TERMINAL AND ASSOCIATED SYSTEM

First Claim

9 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

39 Citations

26 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links