SYSTEM AND METHOD FOR IDENTITY PROOFING AND KNOWLEDGE BASED AUTHENTICATION

US 20170286768A1
Filed: 06/21/2017
Published: 10/05/2017
Est. Priority Date: 03/09/2015
Status: Active Grant

First Claim

Patent Images

1. A method according to a set of instructions stored on the memory of a computing device, the method comprising:

receiving, by a processor of the computing device, a request to verify an identity from an applicant device, wherein the request comprises an applicant identification and an application identification for an application to which access is desired;

receiving, by the processor, a combination of any of credit-based, clinical-based, and claims-based information corresponding to an applicant identified in the received request;

sending, by the processor to the applicant device, one or more queries related to the received combination of any of credit-based, clinical-based, and/or claims-based information according to one or more identity proofing requirements;

receiving, by the processor from the applicant device, one or more responses to the one or more queries, wherein the one or more response comprise authentication information;

determining, by the processor, a match between the authentication information and the received combination of any of credit-based, clinical-based, and/or claims-based information; and

granting to the applicant device, by the processor, based on the determination of the match, access to the desired application.

View all claims

0 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Illustrative methods, processes, and software remotely prove the identity of individuals fully compliant with identity proofing policies. The embodiments receive a request to verify an identity from an applicant device. The request includes an identification for an application to which access is desired. Then, the embodiments receive any combination of credit-based, clinical-based, and/or claims-based information corresponding to an applicant identified in the received request; send to the applicant device one or more queries related to the received combination according to one or more identity proofing requirements; receive, from the applicant device, one or more responses to the one or more queries where the one or more response comprise authentication information; determine a match between the authentication information and the received combination of any of credit-based, clinical-based, and claims-based information; and, based on the determination of the match, granting access to the desired application to the applicant device.

22 Citations

20 Claims

1. A method according to a set of instructions stored on the memory of a computing device, the method comprising:
- receiving, by a processor of the computing device, a request to verify an identity from an applicant device, wherein the request comprises an applicant identification and an application identification for an application to which access is desired;
  
  receiving, by the processor, a combination of any of credit-based, clinical-based, and claims-based information corresponding to an applicant identified in the received request;
  
  sending, by the processor to the applicant device, one or more queries related to the received combination of any of credit-based, clinical-based, and/or claims-based information according to one or more identity proofing requirements;
  
  receiving, by the processor from the applicant device, one or more responses to the one or more queries, wherein the one or more response comprise authentication information;
  
  determining, by the processor, a match between the authentication information and the received combination of any of credit-based, clinical-based, and/or claims-based information; and
  
  granting to the applicant device, by the processor, based on the determination of the match, access to the desired application.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
- - 2. The method of claim 1, wherein the one or more queries comprise a request for knowledge based authentication information (KBA) to the applicant device;
    - and wherein the one or more responses to the one or more queries comprise information that satisfies the request for the KBA information.
  - 3. The method of claim 1, wherein granting to the applicant device access to the desired application further comprises:
    - sending, by the processor, in response to determining the match an access token to the applicant device.
  - 4. The method of claim 1, wherein determining the match further comprises sending a question to the applicant device regarding credit information associated with the applicant from the received combination of any of credit-based, clinical-based, and claims-based information.
  - 5. The method of claim 1, wherein determining the match further comprises sending a question to the applicant device regarding clinical information associated with the applicant from the received combination of any of credit-based, clinical-based, and claims-based information.
  - 6. The method of claim 1, wherein determining the match further comprises sending a question to the applicant device regarding claims information associated with the application from the received combination of any of credit-based, clinical-based, and claims-based information.
  - 7. The method of claim 1, further comprising, in response to determining no match, sending to the applicant device a request for additional authentication information.
  - 8. The method of claim 7, wherein the additional authentication information requested comprises a new combination of any of credit-based, clinical-based, and claims-based information.
  - 9. The method of claim 1, wherein determining the match comprises applying an answer logic to determine an accuracy level of the match between the authentication information and the received combination of any of credit-based, clinical-based, and claims-based information, and further wherein:
    - when the accuracy level of the match between the authentication information and the received combination of any of credit-based, clinical-based, and claims-based information is less than a first threshold, the desired access is not granted to the applicant device, andwhen the accuracy level of the match between the authentication information and the received combination of any of credit-based, clinical-based, and claims-based information is at least at the first threshold the desired access is granted to the applicant device.
  - 10. The method of claim 1, wherein when the match between the authentication information and the received combination of any of credit-based, clinical-based, and claims-based information does not meet at least a first threshold amount a referral to an in-person registration authority is provided.

11. A non-transitory computer readable medium having instructions stored thereon that, upon execution by a computing device, cause the computing device to perform operations, wherein the instructions comprise:
- instructions to receive a request to verify an identity from an applicant device, wherein the request comprises an applicant identification and an application identification for an application to which access is desired;
  
  instructions to receive a combination of any of credit-based, clinical-based, and claims-based information corresponding to an applicant identified in the received request;
  
  instructions to send to the applicant device, one or more queries related to the received combination of any of credit-based, clinical-based, and claims-based information according to one or more identity proofing requirements;
  
  instructions to receive from the applicant device, one or more responses to the one or more queries, wherein the one or more response comprise authentication information;
  
  instructions to determine a match between the authentication information and the received combination of any of credit-based, clinical-based, and claims-based information; and
  
  instructions to grant access to the desired application to the applicant device based on the determination of the match.
- View Dependent Claims (12)
- - 12. The non-transitory computer readable medium of claim 11, wherein the determination of the match between the authentication information and the received combination of any of credit-based, clinical-based, and claims-based information comprises:
    - a match of knowledge based authentication information (KBA) to the received combination of any of credit-based, clinical-based, and claims-based information;
      
      ora match of a second query to the received combination of any of credit-based, clinical-based, and claims-based information.

13. An apparatus comprising:
- a memory;
  
  a processor coupled to the memory; and
  
  a first set of instructions stored on the memory and configured to be executed by the processor, wherein the processor is configured to;
  
  receive a request to verify an identity from an applicant device, wherein the request comprises an applicant identification and an application identification for an application to which access is desired;
  
  receive a combination of any of credit-based, clinical-based, and claims-based information corresponding to an applicant identified in the received request;
  
  send to the applicant device, one or more queries related to the received combination of any of credit-based, clinical-based, and claims-based information according to one or more identity proofing requirements;
  
  receive from the applicant device, one or more responses to the one or more queries, wherein the one or more response comprise authentication information;
  
  determine a match between the authentication information and the received combination of any of credit-based, clinical-based, and claims-based information; and
  
  grant to the applicant device based on the determination of the match, access to the desired application.
- View Dependent Claims (14, 15, 16, 17, 18, 19, 20)
- - 14. The apparatus of claim 13, wherein the processor is further configured to determine a common key identifier unique to an individual associated with the request to grant access.
  - 15. The apparatus of claim 14, wherein the determination of the common key identifier comprises a determination of a match of the received combination of any of credit-based, clinical-based, and claims-based information or the authentication information to identification information associated with the common key identifier as stored in a master index.
  - 16. The apparatus of claim 14, wherein the processor is further configured to, as part of the determination of the common key identifier:
    - generate the common key identifier in response to a failed match of the received combination of any of credit-based, clinical-based, and claims-based information or the authentication information to identification information as stored in a master index; and
      
      send a trusted identity service the generated common key identifier such that the common key identifier is permanently associated with the trusted identity in the master index.
  - 17. The apparatus of claim 14, wherein the processor is further configured to associate the grant of access with the common key identifier.
  - 18. The apparatus of claim 16, wherein the identification information associated with the common key identifier in the master index is used, at least in part to determine the match.
  - 19. The apparatus of claim 13, wherein the processor is further configured to determine one or more identity proofing requirements in response to the request for access to the application.
  - 20. The apparatus of claim 19, wherein the processor is further configured to determine the match between the authentication information and the received combination of any of credit-based, clinical-based, and claims-based information based on one or more identity proofing requirements.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Michigan Health Information Network Shared Services (State of Michigan)
Original Assignee
Michigan Health Information Network Shared Services (State of Michigan)
Inventors
Livesay, Jeff, Pletcher, Tim, Seggie, Brian, Ward, Tony

Granted Patent

US 10,467,468 B2
Time in Patent Office

Days
Field of Search
US Class Current
CPC Class Codes

G06V 30/418   Document matching, e.g. of ...

G06V 40/172   Classification, e.g. identi...

G06V 40/70   Multimodal biometrics, e.g....

H04L 63/08   for authentication of entit...

H04L 63/0807   using tickets, e.g. Kerbero...

H04L 63/0815   providing single-sign-on or...

H04L 63/0853   using an additional device,...

H04L 63/0861   using biometrical features,...

H04L 67/02   based on web technology, e....

H04W 12/02   Protecting privacy or anony...

SYSTEM AND METHOD FOR IDENTITY PROOFING AND KNOWLEDGE BASED AUTHENTICATION

First Claim

0 Assignments

0 Petitions

Accused Products

Abstract

22 Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

SYSTEM AND METHOD FOR IDENTITY PROOFING AND KNOWLEDGE BASED AUTHENTICATION

First Claim

0 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

22 Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links