Electronic data vault providing biometrically protected electronic signatures
First Claim
1. A method of associating at least one cryptographic key with a specific user and storing an associated key in a datastore specific to the specific user, the method comprising:
- storing a set of personal identifiers, including at least one personal identifier, associated with the specific user in a datastore specific to the specific user;
linking the set of personal identifiers with at least one cryptographic key generated for the specific user;
signing, with a certificate authority, one of the at least one cryptographic keys;
communicating a success code from an e-signature application to an authentication engine after successfully completing said signing operation; and
registering the specific user for the e-signature application upon receiving the success code at the authentication engine, whereinthe set of personal identifiers includes at least one biometric identifier, andanother of the at least one cryptographic keys is subsequently accessed bycapturing the at least one biometric identifier from a user at a client system, the client system being configured to communicate with at least the authentication engine,comparing the captured at least one biometric identifier against a datastore of previously stored personal identifiers with the authentication engine, andon matching a personal identifier with the captured at least one biometric identifier, providing the other cryptographic key for use.
1 Assignment
0 Petitions
Accused Products
Abstract
An eVault system securely stores personal data and documents for citizens and allows controlled access by citizens and optionally by service providers. The eVault may be adapted to allow processes involving the documents to be carried out in a secure and paperless fashion. Documents are certified, and biometric matching is used for security. On effecting a match with a biometric identifier presented by a user, the user is allowed access to his personal eVault and to access a personal cryptographic key stored therein. One or more of these personal keys may be securely applied within the eVault to generate an electronic signature, amongst other functions.
-
Citations
9 Claims
-
1. A method of associating at least one cryptographic key with a specific user and storing an associated key in a datastore specific to the specific user, the method comprising:
-
storing a set of personal identifiers, including at least one personal identifier, associated with the specific user in a datastore specific to the specific user; linking the set of personal identifiers with at least one cryptographic key generated for the specific user; signing, with a certificate authority, one of the at least one cryptographic keys; communicating a success code from an e-signature application to an authentication engine after successfully completing said signing operation; and registering the specific user for the e-signature application upon receiving the success code at the authentication engine, wherein the set of personal identifiers includes at least one biometric identifier, and another of the at least one cryptographic keys is subsequently accessed by capturing the at least one biometric identifier from a user at a client system, the client system being configured to communicate with at least the authentication engine, comparing the captured at least one biometric identifier against a datastore of previously stored personal identifiers with the authentication engine, and on matching a personal identifier with the captured at least one biometric identifier, providing the other cryptographic key for use. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
-
Specification