System and Method for Electronic Certification and Authentification

US 20090031139A1
Filed: 07/27/2007
Published: 01/29/2009
Est. Priority Date: 07/27/2007
Status: Abandoned Application

First Claim

Patent Images

1. A system for electronic certification and authentication, comprising:

a main module (11);

a first subordinate module (12);

a database (14) for storing personal data and biometric data, anda biometric device (22) for capturing biometric data;

wherein the main module (11) is configured to;

generate a first asymmetric key pair for encrypting and decrypting biometric data;

generate a second asymmetric key pair for encrypting and decrypting personal data;

enroll a client for the first subordinate module (12) by;

capturing personal data of the client;

encrypting personal data of the client with a first key of the second asymmetric key pair;

storing the encrypted personal data of the client in the database (14);

capturing biometric data of the client by means of the biometric device (22);

encrypting the captured biometric data of the client with a first key of the first asymmetric key pair;

storing the encrypted biometric data of the client in the database (14); and

providing a client identity and a client password;

and wherein the first subordinate module (12) is configured to;

certify an identity of a client by;

capturing biometric data of the client by means of the biometric device (22);

decrypting the biometric data of the client which is stored in the database (14) with a second key of the first asymmetric key pair; and

comparing the biometric data captured by the biometric device (22) with the decrypted biometric data stored in the database (14).

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

The invention relates to electronic document security systems and in particular to user authentication and to the certification and secure transfer of sensitive document information of various type, like whole documents, certificates, signatures, stamps, etc., especially by verifying its correctness and safety/immunity from fraud.

44 Citations

View as Search Results

20 Claims

1. A system for electronic certification and authentication, comprising:
- a main module (11);
  
  a first subordinate module (12);
  
  a database (14) for storing personal data and biometric data, anda biometric device (22) for capturing biometric data;
  
  wherein the main module (11) is configured to;
  
  generate a first asymmetric key pair for encrypting and decrypting biometric data;
  
  generate a second asymmetric key pair for encrypting and decrypting personal data;
  
  enroll a client for the first subordinate module (12) by;
  
  capturing personal data of the client;
  
  encrypting personal data of the client with a first key of the second asymmetric key pair;
  
  storing the encrypted personal data of the client in the database (14);
  
  capturing biometric data of the client by means of the biometric device (22);
  
  encrypting the captured biometric data of the client with a first key of the first asymmetric key pair;
  
  storing the encrypted biometric data of the client in the database (14); and
  
  providing a client identity and a client password;
  
  and wherein the first subordinate module (12) is configured to;
  
  certify an identity of a client by;
  
  capturing biometric data of the client by means of the biometric device (22);
  
  decrypting the biometric data of the client which is stored in the database (14) with a second key of the first asymmetric key pair; and
  
  comparing the biometric data captured by the biometric device (22) with the decrypted biometric data stored in the database (14).
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
- - 2. The system of claim 1, further comprising a second subordinate module (13),wherein the main module (11) is further configured to generate a third asymmetric key pair for encrypting and decrypting document data;
    - and wherein the first subordinate module (12) is further configured to;
      
      enroll a member for the second subordinate module (13) by;
      
      encrypting personal data of the member with the first key of the second asymmetric key pair;
      
      storing the encrypted personal data of the member in the database (14);
      
      capturing biometric data of the member by means of the biometric device (22);
      
      encrypting the captured biometric data of the member with the first key of the first asymmetric key pair;
      
      storing the encrypted biometric data of the member in the database (14); and
      
      providing a member identity and a member password;
      
      and wherein the second subordinate module (13) comprises means for entering and/or uploading document data and is configured to;
      
      certify an identity of a member by;
      
      capturing biometric data of the member by means of the biometric device (22);
      
      decrypting the biometric data of the member which is stored in the database (14) with the second key of the first asymmetric key pair;
      
      comparing the biometric data captured by the biometric device (22) with the decrypted biometric data stored in the database (14);
      
      generate a document 2D barcode;
      
      print the document data together with the generated document 2D barcode; and
      
      authorize another member to print the document data together with the generated document 2D barcode.
  - 3. The system of claim 2, wherein the second subordinate module (13) is further configured to:
    - generate a data hash code from the document data;
      
      encrypt the data hash code with a first key of the third asymmetric key pair;
      
      compress the document data;
      
      generate the document 2D barcode from the encrypted hash code concatenated with the compressed document data.
  - 4. The system of according to claim 2, wherein the main module (11) is further configured to:
    - compress the personal data of the client and the biometric data of the client;
      
      encrypt the compressed personal and biometric data of the client with a system generated random key;
      
      encrypt the system generated random key with the first key of the second asymmetric key pair;
      
      generate a 2D barcode from the encrypted system generated random key concatenated with the compressed personal and biometric data of the client;
      
      print a client identity card comprising the 2D barcode.
  - 5. The system according to claim 3, wherein the main module (11) is further configured to:
    - compress the personal data of the client and the biometric data of the client;
      
      encrypt the compressed personal and biometric data of the client with a system generated random key;
      
      encrypt the system generated random key with the first key of the second asymmetric key pair;
      
      generate a 2D barcode from the encrypted system generated random key concatenated with the compressed personal and biometric data of the client;
      
      print a client identity card comprising the 2D barcode.
  - 6. The system of claim 5, wherein the first subordinate module (12) is further configured to:
    - compress the personal data of the member and the biometric data of the member;
      
      encrypt the compressed personal and biometric data of the member with a system generated random key;
      
      encrypt the system generated random key with the first key of the second asymmetric key pair;
      
      generate a further 2D barcode from the encrypted system generated random key concatenated with the compressed personal and biometric data of the member;
      
      print a member identity card comprising the further 2D barcode.
  - 7. The system of claim 6, further comprising a verification module for a computer (31) connected to a scanner (33) and a further biometric device (32),the verification module being configured to certify an identity of a client by:
    - capturing biometric data by means of the further biometric device (32);
      
      reading the client identity card of the client by means of the scanner (33);
      
      decrypting the system generated random key comprised in the 2D barcode of the client identity card with the second key of the second asymmetric key pair;
      
      comparing the biometric data of the client, which is captured by the further biometric device (32) with the biometric data of the client from the client identity card.
  - 8. The system of claim 7, wherein the verification module is further configured to certify an identity of a member by:
    - capturing biometric data by means of the further biometric device (32);
      
      reading the member identity card of the member by means of the scanner (33);
      
      decrypting the system generated random key comprised in the 2D barcode of the member identity card with the second key of the second asymmetric key pair;
      
      comparing the biometric data of the member, which is captured by the further biometric device (32) with the biometric data of the member from the member identity card.
  - 9. The system according to claim 2, wherein at least one module of the main module (11), the first and the second subordinate modules (12, 13) is accessible over the internet using an internet browser.
  - 10. The system according to claim 2, wherein access to the first and the second subordinate modules (12, 13), respectively, is granted by entering the client identity and member identity, respectively, and the client password and member password, respectively.

11. A method for electronic certification and authentication for use in a system comprising a main module (11), first subordinate module (12), a second subordinate module (13), a database (14) for storing biometric data, and a biometric device (22) for capturing biometric data;
- the method comprising the following steps carried out by the main module (11);
  
  generating a first asymmetric key pair for encrypting and decrypting biometric data;
  
  generating a second asymmetric key pair for encrypting and decrypting personal data;
  
  enrolling a client for the first subordinate module (12) by;
  
  encrypting personal data of the client with a first key of the second asymmetric key pair;
  
  storing the encrypted personal data of the client in the database (14);
  
  capturing biometric data of the client by the biometric device (22);
  
  encrypting the captured biometric data of the client with a first key of the first asymmetric key pair; and
  
  storing the encrypted biometric data of the client in the database (14);
  
  assigning a client password and a client identity to the client;
  
  the method further comprising the following steps carried out by the first subordinate module (12);
  
  certifying an identity of a client by;
  
  capturing biometric data of the client by means of the biometric device (22);
  
  decrypting the biometric data of the client which is stored in the database (14) with a second key of the first asymmetric key pair;
  
  comparing the biometric data captured by the biometric device (22) with the decrypted biometric data stored in the database (14).
- View Dependent Claims (12, 13, 14, 15, 16, 17, 18, 19, 20)
- - 12. The method of claim 11, further comprising:
    - the step of generating, by the main module (11), a third asymmetric key pair for encrypting and decrypting document data;
      
      the following steps carried out by the first subordinate module (12);
      
      enrolling a member for the second subordinate module (13) by;
      
      encrypting personal data of the member with the first key of the second asymmetric key pair;
      
      storing the encrypted personal data of the member in the database (14);
      
      capturing biometric data of the member by the biometric device (22);
      
      encrypting the captured biometric data of the member with the first key of the first asymmetric key pair; and
      
      storing the encrypted biometric data of the member in the database (14);
      
      providing a member password and a member identity;
      
      the following steps carried out by the second subordinate module (13);
      
      entering and/or uploading document data;
      
      certifying an identity of a member by;
      
      capturing biometric data of the member by means of the biometric device (22);
      
      decrypting the biometric data of the member which is stored in the database (14) with the second key of the first asymmetric key pair;
      
      comparing the biometric data captured by the biometric device (22) with the decrypted biometric data stored in the database (14);
      
      generating a document 2D barcode; and
      
      printing the document data together with the generated document 2D barcode.
  - 13. The method of claim 12, further comprising the following step carried out by the second subordinate module (13):
    - authorizing another member to print the document data together with the generated document 2D barcode.
  - 14. The method according to claim 12, wherein the step of generating the document 2D barcode comprises:
    - generating a data hash code from the document data;
      
      encrypting the data hash code with a first key of the third asymmetric key pair;
      
      compressing the document data; and
      
      generating the document 2D barcode from the encrypted hash code concatenated with the compressed document data.
  - 15. The method according to claim 12, further comprising the following steps carried out by the main module (11):
    - compressing the personal data of the client and the biometric data of the client;
      
      encrypting the compressed personal and biometric data of the client with a system generated random key;
      
      encrypting the system generated random key with the first key of the second asymmetric key pair;
      
      generating a 2D barcode from the encrypted system generated random key concatenated with the compressed personal and biometric data of the client; and
      
      printing a client identity card comprising the 2D barcode.
  - 16. The method according to claim 15, further comprising the following steps carried out by the first subordinate module (12):
    - compressing the personal data of the member and the biometric data of the member;
      
      encrypting the compressed personal and biometric data of the member with a system generated random key;
      
      encrypting the system generated random key with the first key of the second asymmetric key pair;
      
      generating a further 2D barcode from the encrypted system generated random key concatenated with the compressed personal and biometric data of the member;
      
      generating a further 2D barcode comprising the encrypted personal data of the member and the encrypted biometric data of the member; and
      
      printing a member identity card comprising the further 2D barcode.
  - 17. The method according to claim 15, further comprising the step of certifying an identity of a client by:
    - capturing biometric data of the client by means of the biometric device (22);
      
      reading the client identity card of the client by means of a scanner (23);
      
      decrypting the system generated random key comprised in the 2D barcode of the client identity card with the second key of the second asymmetric key pair;
      
      comparing the biometric data of the client, which is captured by the biometric device (22) with the biometric data of the client from the client identity card.
  - 18. The method according to claim 16, further comprising the step of certifying an identity of a member by:
    - capturing biometric data of the member by means of the biometric device (22);
      
      reading the member identity card of the member by means of a scanner (23);
      
      decrypting the system generated random key comprised in the 2D barcode of the member identity card with the second key of the second asymmetric key pair;
      
      comparing the biometric data of the member, which is captured by the biometric device (22) with the biometric data of the member from the member identity card.
  - 19. The method according to claim 11, further comprising the step of accessing at least one module of the main module (11), the first and the second subordinate modules (12, 13) over the internet using an internet browser.
  - 20. The method according to claim 11, further comprising the step of entering the client identity and member identity, respectively, and the client password and member password, respectively, to access the first and the second subordinate modules (12, 13), respectively.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
House of Development LLC
Original Assignee
House of Development LLC
Inventors
Geoffrey, Mohammed Alawi

Application Number

US11/829,639
Publication Number

US 20090031139A1
Time in Patent Office

Days
Field of Search
US Class Current

713/186
CPC Class Codes

H04L 9/3231 Biological data, e.g. finge...

System and Method for Electronic Certification and Authentification

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

44 Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

System and Method for Electronic Certification and Authentification

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

44 Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links