Methods and systems for proofing identities using a certificate authority

US 8,010,686 B2
Filed: 07/25/2008
Issued: 08/30/2011
Est. Priority Date: 03/17/2000
Status: Expired due to Term

First Claim

Patent Images

1. A method for issuing a digital certificate to a user having an electronic account on a network, comprising the steps of:

receiving, at a proofing server, a request for a digital certificate from the user with the electronic account;

sending, by the proofing server, an identification verification form to a physical address of the user;

generating, by the proofing server, the digital certificate for the user;

setting, by the proofing server, a status of the digital certificate to hold;

sending, by the proofing server, the request for the digital certificate to a proofing workstation;

after the identification verification form is sent, receiving at the proofing workstation the identification verification form from the user in person;

after the identification verification form is received, verifying, at the proofing workstation, the identity of the user via the identification verification form with information provided by the user in person at the proofing workstation;

when the identity of the user has been verified, sending by the proofing workstation an identification verification to the proofing server;

in response to the identification verification, setting, by the proofing server, the status of the digital certificate to active; and

storing at the proofing server, the digital certificate in the electronic account of the user.

View all claims

0 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A digital certificate is provided to a customer having an electronic account linked to the customer'"'"'s physical address. Using the digital certificate, the customer performs electronic transactions with a third party. A proofing workstation receives a request from a third party to validate the digital certificate. The proofing workstation communicates with a proofing server that maintains a list of valid certificates and a list of revoked certificates. The proofing server sends a response to the proofing workstation, where it is received by the third party.

Citations

28 Claims

1. A method for issuing a digital certificate to a user having an electronic account on a network, comprising the steps of:
- receiving, at a proofing server, a request for a digital certificate from the user with the electronic account;
  
  sending, by the proofing server, an identification verification form to a physical address of the user;
  
  generating, by the proofing server, the digital certificate for the user;
  
  setting, by the proofing server, a status of the digital certificate to hold;
  
  sending, by the proofing server, the request for the digital certificate to a proofing workstation;
  
  after the identification verification form is sent, receiving at the proofing workstation the identification verification form from the user in person;
  
  after the identification verification form is received, verifying, at the proofing workstation, the identity of the user via the identification verification form with information provided by the user in person at the proofing workstation;
  
  when the identity of the user has been verified, sending by the proofing workstation an identification verification to the proofing server;
  
  in response to the identification verification, setting, by the proofing server, the status of the digital certificate to active; and
  
  storing at the proofing server, the digital certificate in the electronic account of the user.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13)
- - 2. The method of claim 1, further comprising the step of:
    - linking the digital certificate to a transaction on the network by the user, wherein the digital certificate can be used to authenticate the transaction.
  - 3. The method of claim 1, further comprising the step of:
    - storing a reference to the digital certificate in a certificate directory at the proofing server.
  - 4. The method of claim 1, further comprising the step of:
    - setting the status of the digital certificate to revoked.
  - 5. The method of claim 4, further comprising the step of:
    - storing a reference to the digital certificate in a certificate revocation list at the proofing server.
  - 6. The method of claim 1, further comprising the step of:
    - sending a private key from the proofing workstation to the proofing server, when the identity of the user is verified in person.
  - 7. The method of claim 6, further comprising the step of:
    - verifying the private key, by the proofing server, before setting the status of the digital certificate to active.
  - 8. The method of claim 1, wherein the proofing workstation includes at least one of a bar code scanner, a camera, and a biometric reader.
  - 9. The method of claim 8, wherein the identification verification corresponds to a bar code read from the identification verification form.
  - 10. The method of claim 1, wherein the proofing workstation includes a credit card reader.
  - 11. The method of claim 1, wherein the proofing workstation includes at least one of a smart card interface, a camera, and a biometric reader.
  - 12. The method of claim 1, wherein the proofing server is a United States Postal Service proofing server.
  - 13. The method of claim 1, wherein the proofing workstation is a United States Postal Service proofing workstation.

14. A system for issuing a digital certificate to a user having an electronic account on a network, comprising:
- a processor;
  
  a memory coupled to the processor;
  
  a receiving component configured to receive a request for a digital certificate from the user with the electronic account;
  
  a sending component configured to send an identification verification form to a physical address of the user;
  
  a generating component configured to generate the digital certificate for the user;
  
  a hold setting component configured to set a status of the digital certificate to hold, by a proofing server;
  
  a request sending component configured to send the request for the digital certificate to a proofing workstation;
  
  a verifying component configured to receive information from the identification verification form from the user in person after the sending component sends the identification verification form and then verify, via the identification verification form, the identity of the user with information provided by the user in person at the proofing workstation;
  
  a verification sending component configured to send an identification verification from the proofing workstation to the proofing server, when the identity of the user is verified in person;
  
  an active setting component configured to set the status of the digital certificate to active in response to the identification verification; and
  
  a storing component configured to store at the proofing server the digital certificate in the electronic account of the user.
- View Dependent Claims (15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26)
- - 15. The system of claim 14, further comprising:
    - a linking component configured to link the digital certificate to a transaction on the network by the user, wherein the digital certificate can be used to authenticate the transaction.
  - 16. The system of claim 14, further comprising:
    - a reference storing component configured to store a reference to the digital certificate in a certificate directory at the proofing server.
  - 17. The system of claim 14, further comprising:
    - a revoked setting component configured to set the status of the digital certificate to revoked.
  - 18. The system of claim 17, further comprising:
    - a revoked storing component configured to store a reference to the digital certificate in a certificate revocation list at the proofing server.
  - 19. The system of claim 14, further comprising:
    - a key sending component configured to send a private key from the proofing workstation to the proofing server, when the identity of the user is verified in person.
  - 20. The system of claim 19, further comprising:
    - a key verifying component configured to verify the private key before setting the status of the digital certificate to active.
  - 21. The system of claim 14, wherein the proofing workstation includes at least one of a bar code scanner, a camera, and a biometric reader.
  - 22. The system of claim 21, wherein the identification verification corresponds to information from a bar code read from the identification verification form.
  - 23. The system of claim 14, wherein the proofing workstation includes a credit card reader.
  - 24. The system of claim 14, wherein the proofing workstation includes at least one of a smart card interface, a camera, and a biometric reader.
  - 25. The system of claim 14, wherein the proofing server is a United States Postal Service proofing server.
  - 26. The system of claim 14, wherein the proofing workstation is a United States Postal Service proofing workstation.

27. A non-transitory computer-readable medium having computer readable code embodied therein for issuing a digital certificate to a user having an electronic account on a network, the computer readable code comprising:
- a request receiving module configured to receive a request for a digital certificate from the user with the electronic account;
  
  a sending module configured to send an identification verification form to a physical address of the user;
  
  a generating module configured to generate the digital certificate for the user;
  
  a hold setting module configured to set a status of the digital certificate to hold, by a proofing server;
  
  a request sending module configured to send the request for the digital certificate to a proofing workstation;
  
  an identity verifying module configured to receive the identification verification form from the user in person after the sending module sends the identification verification and then verify, via the identification verification form, the identity of the user with information provided by the user in person at the proofing workstation;
  
  a verification sending module configured to send an identification verification from the proofing workstation to the proofing server, when the identity of the user is verified in person;
  
  an active setting module configured to set the status of the digital certificate to active in response to the identification verification; and
  
  a storing module configured to store at the proofing server the digital certificate in the electronic account of the user.

28. A system for issuing a digital certificate to a user having an electronic account on a network, comprising:
- means for receiving, at a proofing server, a request for a digital certificate from the user with the electronic account;
  
  means for sending an identification verification form to a physical address of the user;
  
  means for generating, by the proofing server, the digital certificate for the user;
  
  means for setting, by the proofing server, a status of the digital certificate to hold;
  
  means for sending, by the proofing server, the request for the digital certificate to a proofing workstation;
  
  means for receiving the identification verification form from the user in person at the proofing workstation after the identification verification form is sent;
  
  means for verifying, via the identification verification form at the proofing workstation, the identity of the user with information provided by the user in person at the proofing workstation after the identification verification form is received;
  
  means for sending an identification verification from the proofing workstation to the proofing server, when the identity of the user is verified;
  
  means for setting, by the proofing server, the status of the digital certificate to active in response to the identification verification; and
  
  means for storing at the proofing server the digital certificate in the electronic account of the user.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
United States Postal Service (Government of the United States of America)
Original Assignee
United States Postal Service (Government of the United States of America)
Inventors
Campbell, Leo J., Cook, Jon L.
Primary Examiner(s)
Etienne; Ario
Assistant Examiner(s)
Williams; Clayton R

Application Number

US12/219,657
Publication Number

US 20090031034A1
Time in Patent Office

1,131 Days
Field of Search

None
US Class Current

709/229
CPC Class Codes

G06Q 10/107   Computer-aided management o...

G06Q 20/04   Payment circuits

G06Q 20/10   specially adapted for elect...

G06Q 20/102   Bill distribution or payments

G06Q 20/14   specially adapted for billi...

G06Q 20/3674   involving authentication

G06Q 20/3821   Electronic credentials

G06Q 20/40   Authorisation, e.g. identif...

G06Q 20/401   Transaction verification

G06Q 20/4012   Verifying personal identifi...

G06Q 30/0601   Electronic shopping [e-shop...

H04L 2463/102   applying security measure f...

H04L 51/214   using selective forwarding

H04L 51/222   using geographical location...

H04L 51/48   Message addressing, e.g. ad...

H04L 63/08   for authentication of entit...

H04L 63/0823   using certificates cryptogr...

H04L 63/083   using passwords cryptograph...

H04L 63/102   Entity profiles

H04L 63/123   received data contents, e.g...

H04L 63/1408 : by monitoring network traff...

H04L 67/306 : User profiles

H04L 69/329 : in the application layer [O...

H04L 9/40 : Network security protocols

View All

Methods and systems for proofing identities using a certificate authority

First Claim

0 Assignments

0 Petitions

Accused Products

Abstract

Citations

28 Claims

Specification

Solutions

Use Cases

Quick Links

Methods and systems for proofing identities using a certificate authority

First Claim

0 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

28 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links