Identity Management Service Using A Blockchain Providing Certifying Transactions Between Devices

US 20160330027A1
Filed: 05/04/2016
Published: 11/10/2016
Est. Priority Date: 05/05/2015
Status: Active Grant

First Claim

Patent Images

1. A method, comprising operations of:

receiving, on a first remote device, a first transaction number and personal data transmitted from a second remote device, wherein the first transaction number was received from a distributed public database in response to a transmission, from the second remote device, of a signed hash value and a first public key associated with a first private key on the second remote device, wherein the signed hash value was created by signing a hash value with the first private key, and wherein the hash value was generated by hashing the personal data with a hashing algorithm on the second remote device;

using the first transaction number to retrieve the signed hash value and the first public key from the distributed public database,hashing the personal data using the hashing algorithm to create a generated hash value;

verifying that the hash value in the retrieved signed hash value is the same as the generated hash value;

verifying that the retrieved signed hash value was signed with the first private key; and

creating a certification.

View all claims

8 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Logic on a first remote device receives a first transaction number and personal data transmitted from a second remote device. The first transaction number was received from a distributed public database in response to a transmission, from the second remote device, of a signed hash value and a first public key associated with a first private key on the second remote device. The signed hash value was created by signing a hash value with the first private key and the hash value was generated by hashing the personal data with a hashing algorithm on the second remote device. The logic uses the first transaction number to retrieve the signed hash value and the first public key from the distributed public database. The logic hashes the personal data using the hashing algorithm to create a generated hash value and verifies the signed hash value against the generated hash value.

420 Citations

20 Claims

1. A method, comprising operations of:
- receiving, on a first remote device, a first transaction number and personal data transmitted from a second remote device, wherein the first transaction number was received from a distributed public database in response to a transmission, from the second remote device, of a signed hash value and a first public key associated with a first private key on the second remote device, wherein the signed hash value was created by signing a hash value with the first private key, and wherein the hash value was generated by hashing the personal data with a hashing algorithm on the second remote device;
  
  using the first transaction number to retrieve the signed hash value and the first public key from the distributed public database,hashing the personal data using the hashing algorithm to create a generated hash value;
  
  verifying that the hash value in the retrieved signed hash value is the same as the generated hash value;
  
  verifying that the retrieved signed hash value was signed with the first private key; and
  
  creating a certification.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
- - 2. The method of claim 1, wherein the certification includes the first transaction number and the personal data or selected fields of the personal data.
  - 3. The method of claim 1, wherein the certification is signed with a second private key on the first remote device.
  - 4. The method of claim 1, wherein the signed certification record is transmitted, over a network, to the distributed public database for storage.
  - 5. The method of claim 1, wherein a second transaction number is received by the first remote device from the distributed public database.
  - 6. The method of claim 1, wherein the distributed public database is a block chain that receives data for storage from a plurality of entities, the data received for storage is configured to be processed to generate a transaction record that is dependent on previous data stored to the block chain, wherein transaction record being dependent on previous data stored to the block chain ensures that data stored to the block chain is not modifiable, as later data stored to the block chain continues to be dependent on previous data stored to the block chain.
  - 7. The method of claim 1, wherein the remote device is one of a smartphone, or a tablet, or an electronic device.
  - 8. The method of claim 1, wherein the identification card is one of a driver license, or a passport, or an employee badge, or a military identification, or a political identification.
  - 9. The method of claim 1, wherein the capturing operation is performed using a digital camera, or a scanner, or a smartphone, or a keyboard, or a touchscreen, or voice recognition, or handwriting recognition, or a combination of two or more thereof.
  - 10. The method of claim 1, wherein at least a part of the personal data is coded in a barcode or QR code.

11. A method, comprising operations of:
- receiving, on a first smartphone, a first transaction number and personal data transmitted from a second smartphone, wherein the first transaction number was received from a block chain in response to a transmission, from the second smartphone, of a signed hash value and a first public key associated with a first private key on the second smartphone, wherein the signed hash value was created by signing a hash value with the first private key, and wherein the hash value was generated by hashing the personal data with a hashing algorithm on the second remote device;
  
  using the first transaction number to retrieve the signed hash value and the first public key from the block chain,hashing the personal data using the hashing algorithm to create a generated hash value;
  
  verifying that the hash value in the retrieved signed hash value is the same as the generated hash value;
  
  verifying that the retrieved signed hash value was signed with the first private key; and
  
  creating a certification.
- View Dependent Claims (12, 13, 14, 15, 16, 17)
- - 12. The method of claim 11, wherein the certification includes the first transaction number and the personal data or selected fields of the personal data.
  - 13. The method of claim 12, wherein the certification is signed with a second private key on the first smartphone.
  - 14. The method of claim 13, wherein the signed certification record is transmitted, over a network, to the block chain for storage.
  - 15. The method of claim 14, wherein a second transaction number is received by the first smartphone from the block chain.
  - 16. The method of claim 11, wherein the identification card is one of a driver license, or a passport, or an employee badge, or a military identification, or a political identification.
  - 17. The method of claim 11, wherein the capturing operation is performed using a digital camera, or a scanner, or a smartphone, or a keyboard, or a touchscreen, or voice recognition, or handwriting recognition, or a combination of two or more thereof.

18. A method, comprising operations of:
- receiving, on a first smartphone, a first transaction number and personal data transmitted from a second smartphone, wherein the receiving involves scanning a barcode or QR code, wherein the first transaction number was received from a block chain in response to a transmission, from the second smartphone, of a signed hash value and a first public key associated with a first private key on the second smartphone, wherein the signed hash value was created by signing a hash value with the first private key, and wherein the hash value was generated by hashing the personal data with a hashing algorithm on the second remote device;
  
  using the first transaction number to retrieve the signed hash value and the first public key from the block chain,hashing the personal data using the hashing algorithm to create a generated hash value;
  
  verifying that the hash value in the retrieved signed hash value is the same as the generated hash value;
  
  verifying that the retrieved signed hash value was signed with the first private key; and
  
  creating a certification.
- View Dependent Claims (19, 20)
- - 19. The method of claim 18, wherein the certification includes the first transaction number and the personal data or selected fields of the personal data.
  - 20. The method of claim 19, wherein the certification is signed with a second private key on the first smartphone.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Ping Identity Corporation
Original Assignee
Shocard, Inc.
Inventors
Ebrahimi, Armin

Granted Patent

US 9,722,790 B2
Time in Patent Office

Days
Field of Search
US Class Current

1/1
CPC Class Codes

G06F 21/31   User authentication

G06F 21/32   using biometric data, e.g. ...

G06F 21/33   using certificates

G06F 21/34   involving the use of extern...

G06F 21/64   Protecting data integrity, ...

G06F 21/645   using a third party

G06K 19/06028   using bar codes

G06K 19/06037   multi-dimensional coding

G06Q 20/02   involving a neutral party, ...

G06Q 20/065   using e-cash

G06Q 20/3276   using a pictured code, e.g....

G06Q 20/3825   Use of electronic signatures

G06Q 20/3827   Use of message hashing

G06Q 20/4014   Identity check for transact...

G06Q 2220/00   Business processing using c...

H04L 63/0861   using biometrical features,...

H04L 9/0637   Modes of operation, e.g. ci...

H04L 9/0643   Hash functions, e.g. MD5, S...

H04L 9/14   using a plurality of keys o...

H04L 9/30   Public key, i.e. encryption...

H04L 9/302 : involving the integer facto...

H04L 9/3066 : involving algebraic varieti...

H04L 9/3231 : Biological data, e.g. finge...

H04L 9/3236 : using cryptographic hash fu...

H04L 9/3239 : involving non-keyed hash fu...

H04L 9/3247 : involving digital signatures

H04L 9/3249 : using RSA or related signat...

H04L 9/3252 : using DSA or related signat...

H04L 9/3268 : using certificate validatio...

H04L 9/50 : using hash chains, e.g. blo...

H04W 12/04 : Key management, e.g. using ...

H04W 12/06 : Authentication

H04W 12/77 : Graphical identity

View All

Identity Management Service Using A Blockchain Providing Certifying Transactions Between Devices

First Claim

8 Assignments

0 Petitions

Accused Products

Abstract

420 Citations

20 Claims

Specification

Use Cases

Quick Links

Others

Identity Management Service Using A Blockchain Providing Certifying Transactions Between Devices

First Claim

8 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

420 Citations

20 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others