Compliant authentication based on dynamically-updated credentials
First Claim
1. A dynamic method for identifying, and authenticating a user of a computing device based on user credentials, the method comprising:
- a. requesting the user to enrol by downloading an application and signing a personal consent release document presented to user by the computing device;
b. capturing, by the computing device having a downloaded application, one or more biometric data of the user;
c. obtaining, by the computing device, one or more of the user'"'"'s biographical information from the user;
d. capturing, by a camera of the computing device, one or more aliveness data by recording a live video sequences of the user;
e. requesting, by the computing device, one or more of the user'"'"'s current biographical data from authoritative government, commercial and private databases;
f. determining, by the computing device, geographical location and identifier of the computing device;
g. establishing, by the computing device, aliveness data of the user by analyzing movements of the captured live video sequences of the user;
h. verifying, by the computing device, differences of the biographical information with the biographical data;
i. prompting, by the computing device, to seek correction of the biographical information from the user for the verified differences;
j. generating and storing, by the computing device, a secure entity authentication label (SEAL) by combining the biographical information, biometric data and the aliveness data;
k. requesting, by the computing device, a subset of randomly selected biographical information, biometric data and aliveness data from the user upon a user'"'"'s request for a service;
l. generating, by the computing device, a new SEAL using the subset of randomly selected biographical information, biometric data and aliveness data from the user;
m. comparing, by the computing device, the new SEAL with the stored SEAL;
n. authenticating, by the computing device, service access to the requested service based on the compared result;
o. updating, by the computing device, the stored SEAL by using the new SEAL.
1 Assignment
0 Petitions
Accused Products
Abstract
A system, method and a computer-readable medium for authenticating a user in a live manner in non-face-to-face transactions, including a user downloading an authentication application from a server to a pervasive computing device, and after downloading the application, having an icon residing on the display of the device. When the authentication application is activated by the user, biographical and multi-biometric information of the user is requested by the application, and subsequently submitted to an authentication engine residing in a secure network cloud. The authentication process further includes, verifying by the authentication engine all of the requested information, compliance with government regulations such as CFT/AML, and the 4th Data Protection Principle. Users have the ability to check their biographical data through a system called, RITE, forming part of this application. Memorised IDs and passwords are not required. The aliveness of the user is verified at each transaction request.
-
Citations
14 Claims
-
1. A dynamic method for identifying, and authenticating a user of a computing device based on user credentials, the method comprising:
-
a. requesting the user to enrol by downloading an application and signing a personal consent release document presented to user by the computing device; b. capturing, by the computing device having a downloaded application, one or more biometric data of the user; c. obtaining, by the computing device, one or more of the user'"'"'s biographical information from the user; d. capturing, by a camera of the computing device, one or more aliveness data by recording a live video sequences of the user; e. requesting, by the computing device, one or more of the user'"'"'s current biographical data from authoritative government, commercial and private databases; f. determining, by the computing device, geographical location and identifier of the computing device; g. establishing, by the computing device, aliveness data of the user by analyzing movements of the captured live video sequences of the user; h. verifying, by the computing device, differences of the biographical information with the biographical data; i. prompting, by the computing device, to seek correction of the biographical information from the user for the verified differences; j. generating and storing, by the computing device, a secure entity authentication label (SEAL) by combining the biographical information, biometric data and the aliveness data; k. requesting, by the computing device, a subset of randomly selected biographical information, biometric data and aliveness data from the user upon a user'"'"'s request for a service; l. generating, by the computing device, a new SEAL using the subset of randomly selected biographical information, biometric data and aliveness data from the user; m. comparing, by the computing device, the new SEAL with the stored SEAL; n. authenticating, by the computing device, service access to the requested service based on the compared result; o. updating, by the computing device, the stored SEAL by using the new SEAL. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. An apparatus for identifying, and authenticating a user based on user credentials, the apparatus comprising:
-
A processor; A memory; A camera; A downloaded application, comprising computer program, wherein when processed by the processor, carries out the steps of; a. requesting the user to enrol by first signing a personal consent release document; b. capturing one or more biometric data of the user; c. obtaining one or more of the user'"'"'s biographical information from the user; d. capturing, by the camera, one or more aliveness data by recording a live video sequences of the user; e. requesting one or more of the user'"'"'s current biographical data from authoritative government, commercial and private databases; f. determining geographical location and identifier of the computing device; g. establishing aliveness data of the user by analyzing movements of the captured live video sequences of the user; h. verifying differences of the biographical information with the biographical data; i. prompting to seek correction of the biographical information from the user for the verified differences; j. generating and storing a secure entity authentication label (SEAL) by combining the biographical information, biometric data and the aliveness data; k. requesting a subset of randomly selected biographical information, biometric data and aliveness data from the user upon a user'"'"'s request for a service; l. generating a new SEAL using the subset of randomly selected biographical information, biometric data and aliveness data from the user; m. comparing the new SEAL with the stored SEAL; n. authenticating service access to the requested service based on the compared result; o. updating the stored SEAL by using the new SEAL. - View Dependent Claims (9, 10, 11, 12, 13, 14)
-
Specification