Methods for secure enrollment and backup of personal identity credentials into electronic devices
First Claim
1. A method for initializing a Personal Identification Device (PID) before biometric enrollment, the method comprising:
- receiving a unique identifier at a PID;
receiving at the PID a manufacturer'"'"'s public key following manufacture of the PID and before a biometric data associated with enrollment is received;
generating an asymmetric key pair at the PID;
sending the generated PID'"'"'s public key and the unique identifier to the manufacturer;
receiving at the PID a digital certificate of the PID generated by the manufacturer; and
disabling all functionality within the PID such that the PID is in a state waiting for future biometric enrollment by an enrollment authority.
6 Assignments
0 Petitions
Accused Products
Abstract
A method and system for securely enrolling personal identity credentials into personal identification devices. The system of the invention comprises the manufacturer of the device and an enrollment authority. The manufacturer is responsible for recording serial numbers or another unique identifier for each device that it produces, along with a self-generated public key for each device. The enrollment authority is recognized by the manufacturer or another suitable institution as capable of validating an individual before enrolling him into the device. The enrollment authority maintains and operates the appropriate equipment for enrollment, and provides its approval of the enrollment. The methods described herein discuss post-manufacturing, enrollment, backup, and recovery processes for the device.
-
Citations
8 Claims
-
1. A method for initializing a Personal Identification Device (PID) before biometric enrollment, the method comprising:
-
receiving a unique identifier at a PID; receiving at the PID a manufacturer'"'"'s public key following manufacture of the PID and before a biometric data associated with enrollment is received; generating an asymmetric key pair at the PID; sending the generated PID'"'"'s public key and the unique identifier to the manufacturer; receiving at the PID a digital certificate of the PID generated by the manufacturer; and disabling all functionality within the PID such that the PID is in a state waiting for future biometric enrollment by an enrollment authority. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
Specification