Search

EP-4078420-B1 - DATA MANAGEMENT SYSTEMS AND METHODS

EP4078420B1EP 4078420 B1EP4078420 B1EP 4078420B1EP-4078420-B1

Inventors

  • SUTHERLAND, DAN
  • GBECKOR-KOVE, Sena

Dates

Publication Date
20260513
Application Date
20201217

Claims (15)

  1. A data management system for securely managing data transactions, the system comprising a computing system which incorporates: (i) a public key distribution system which is configured to distribute a public key of a public/private key pair for each respective party using the system; (ii) a trusted storage system which is in communication with the public key distribution system, the trusted storage system being configured to store a record for each respective party using the system, each record comprising a unique identifier and a public key for a respective party using the system; and (iii) a verification system which is in communication with the public key distribution system and the trusted storage system, the verification system being configured to check the identity of a party seeking to participate in a transaction involving an exchange of data, wherein: (a) if the verification system is not able to verify the identity of the party seeking to participate in the transaction, the verification system prevents the transaction from being carried out, and (b) if the verification system is able to verify the identity of the party seeking to participate in the transaction, the verification system permits the transaction to be carried out and the trusted storage system stores a transaction record comprising a record of the transaction and a record of the party participating in the transaction, and wherein the verification system is configured to check the identity of a party based on the result of a biometric check, wherein the verification system is configured to calculate a trust score which is indicative of a level of trust between a first party and a second party based on a public key of the second party, wherein the trust score is a first value if the verification system verifies the public key of the second party successfully and the trust score is a second value if the verification system cannot verify the public key of the second party, and the trusted storage system is configured to store the trust score, and wherein the verification system is configured to parse data stored by the trusted storage and generate a graph of nodes corresponding to parties and edges connecting the nodes, each edge representing a trust score of a trust relationship between two nodes, and wherein the verification system is configured to traverse the graph and calculate an aggregated trust score based on trust scores represented by a plurality of the edges.
  2. The system of claim 1, wherein the computing system comprises: a liveness score generator which is configured to generate a liveness score for a party based on at least one of: behavioural data, biometric data or behavioural biometric data generated following the use of the computing system by the party, or the length of time since the party successfully accessed a biometrically gated system of the computing system.
  3. The system of claim 1, wherein the trusted storage system is a blockchain or a distributed ledger, or other data storage medium providing the properties of integrity, authenticity and optionally non-repudiation of data.
  4. The system of claim 1, wherein the system further comprises: a trusted agent which is in communication with the verification system, the trusted agent being identified by a trusted agent identifier which is pseudonymous or anonymous with respect to a party using the system or a computing system of the system, wherein the trusted agent is configured to provide an output to the verification system in relation to a transaction on behalf of a party using the system or a computing system of the system.
  5. The system of claim 1, wherein the computing system further comprises: (i) a processor; (ii) a behavioural data generator which is configured to generate behavioural data in response to the use of the computing system by a party; and (iii) a memory storing executable instructions which, when executed by the processor, cause the processor to: (a) store, in the memory, a first block of behavioural data which is generated by the behavioural data generator over a first predetermined length of time; (b) store, in the memory, a second block of behavioural data which is generated by the behavioural data generator over a second predetermined length of time; (c) compare the second block of behavioural data with the first block of behavioural data; (d) generate a surety score based on a similarity between the second block of behavioural data and the first block of behavioural data, wherein the surety score is selected from a range of values, one end of the range of values being indicative of the second block of behavioural data being similar to the first block of behavioural data and the other end of the range of values being indicative of the second block of behavioural data being dissimilar to the first block of behavioural data; and (e) transmit an output to the verification system for the verification system to check the identity of the party using the computing system, wherein the output is indicative of: a verification of the identity of the party if the surety score is beyond a predetermined surety threshold, or a failure in the verification of the party if the surety score is not beyond the predetermined surety threshold.
  6. The system of claim 5, wherein the behavioural data generator comprises at least one sensor which is selected from the group consisting of: (i) a location sensor configured to sense the geographical location of the computing system; (ii) a camera configured to capture still images and/or video; (iii) a gyroscope configured to sense an orientation of the computing system; or an (iv) accelerometer configured to sense an acceleration of the computing system, and wherein the computing system comprises: an encryption system which is configured to encrypt behavioural data generated by the behavioural data generator; and a biometrically gated memory which is configured to store encrypted behavioural data generated by the encryption system.
  7. The system of claim 6, wherein the behavioural data generator is configured to generate behavioural data selected from the group consisting of: (i) walking cadence data indicative of the walking cadence of a user walking while carrying the computing system; (ii) typing cadence data indicative of the typing cadence of a user typing characters into a keyboard of the computing system; (iii) typing rhythm data statistically derived from the rhythm with which a user enters information into the computing system via a keyboard; or (iv) retinal saccade data indicative of a retinal saccade pattern of a user.
  8. The system of claim 6, wherein the behavioural data generator is configured to generate behavioural data comprising at least one of: (i) operating system analytics data indicative of the use of an operating system of the computing system by a user; (ii) application usage data indicative of the use of at least one executable application installed in a memory in the computing system; (iii) keystore access data indicative of the access to an encryption key stored in a memory of the computing system; (iv) vocabulary usage data indicative of the vocabulary used by a user inputting words into the computing system; or (v) transaction data indicative of a transaction performed by the user using the computing system, and wherein the behavioural data generator is configured to generate behavioural data comprising network data by scanning computer networks which are accessible by the computing system.
  9. A data management method for securely managing data transactions, the method comprising: (i) distributing, using a public key distribution system, a public key of a public/private key pair for each respective party involved in a transaction; (ii) storing a unique identifier and a public key for each respective party in a trusted storage system; and (iii) checking the identity of a party seeking to participate in a transaction involving an exchange of data, wherein: if the identity of the party seeking to participate in the transaction cannot be verified, the method prevents the transaction from being carried out; but if the identity of the party seeking to participate in the transaction can be verified, the method permits the transaction to be carried out, and the method stores a transaction record comprising a record of the transaction and a record of the party participating in the transaction, wherein the checking the identity of a party is based on the result of a biometric check and further comprises calculating a trust score which is indicative of a level of trust between a first party and a second party based on a public key of the second party, wherein the trust score is a first value if the public key of the second party is verified successfully and the trust score is a second value if the public key of the second party cannot be verified, and the trusted storage system is configured to store the trust score, and wherein the checking the identity of a party further comprises parsing data stored by the trusted storage and generating a graph of nodes corresponding to parties and edges connecting the nodes, each edge representing a trust score of a trust relationship between two nodes, and traversing the graph and calculating an aggregated trust score based on trust scores represented by a plurality of the edges.
  10. The method of claim 9, wherein the method further comprises: providing a trusted agent which is identified by a trusted agent identifier, the trusted agent identifier being pseudonymous or anonymous with respect to a party seeking to participate in a transaction; and wherein the method further comprises: (i) providing, on behalf of the party, an output from the trusted agent in relation to the transaction, (ii) performing pattern recognition on a party; (iii) generating pattern recognition data; and (iv) verifying the generated pattern recognition data at the trusted agent by transmitting a query based on the generated pattern recognition data to the trusted agent.
  11. The method of claim 10, wherein the method further comprises: (i) training a pattern recognition model for a party by repeatedly: (ii) performing pattern recognition on a party; (iii) generating pattern recognition data; and (iv) verifying the generated pattern recognition data at the trusted agent by transmitting a query based on the generated pattern recognition data to the trusted agent, wherein the pattern recognition data is historical data and wherein the training data is live data.
  12. The method of claim 11, wherein the method comprises performing at least one type of pattern recognition selected from a group consisting of: (i) fingerprint recognition, (ii) voice recognition, (iii) facial recognition, or (iv) retinal saccade pattern recognition; and wherein the method comprises: calculating a trust score which is indicative of a level of trust between a first party and a second party based on a public key of the second party, wherein the trust score is a first value if the method verifies the public key of the second party successfully, and the trust score is a second value if the method cannot verify the public key of the second party, wherein the method further comprises storing the trust score in the trusted storage system.
  13. The method of claim 11 wherein the method further comprises: (i) storing, in a memory, a first block of behavioural data which is generated by a behavioural data generator of a computing system in response to the use of the computing system by a party over a first predetermined length of time; (ii) storing, in the memory, a second block of behavioural data which is generated by the behavioural data generator of the computing system in response to the use of the computing system over a second predetermined length of time; (iii) comparing the second block of behavioural data with the first block of behavioural data; (iv) generating a surety score based on a similarity between the second block of behavioural data and the first block of behavioural data, wherein the surety score is selected from a range of values, one end of the range of values being indicative of the second block of behavioural data being similar to the first block of behavioural data, and the other end of the range of values being indicative of the second block of behavioural data being dissimilar to the first block of behavioural data; and (v) providing an output which is indicative of a verification of the identity of the party if the surety score is beyond a predetermined surety threshold, or a failure in the verification of the party if the surety score is not beyond the predetermined surety threshold.
  14. The method of claim 13, wherein the behavioural data is selected from the group consisting of: (i) walking cadence data indicative of the walking cadence of a user walking while carrying the computing system; (ii) typing cadence data indicative of the typing cadence of a user typing characters into a keyboard of the computing system; (iii) typing rhythm data statistically derived from the rhythm with which a user enters information into the computing system via a keyboard; or (iv) retinal saccade data indicative of a retinal saccade pattern of a user.
  15. The method of claim 13, wherein the behavioural data comprises at least one of: (i) operating system analytics data indicative of the use of an operating system of the computing system by a user; (ii) application usage data indicative of the use of at least one executable application installed in a memory in the computing system; (iii) keystore access data indicative of the access to an encryption key stored in a memory of the computing system; (iv) vocabulary usage data indicative of the vocabulary used by a user inputting words into the computing system; or (v) transaction data indicative of a transaction performed by the user using the computing system, and wherein the behavioural data generator is configured to generate behavioural data comprising network data by scanning computer networks which are accessible by the computing system.

Description

Field The present invention relates to data management systems and methods. The present invention more particularly relates to data management system for securely managing data transactions between client devices. Background Conventional Internet-based communication does not allow users and other entities to share data freely with others in a secure manner. This leads to the risks, fears and uncertainty that are inherent in conventional Internet-based communication. For example, conventional Internet-based communication makes it very difficult for parents to protect their children from viewing content or playing games that are not age appropriate. This limits the children from having the freedom to explore and benefit from Internet-based technologies. It is also very difficult or impossible to share personal data safely over conventional Internet-based communication because there is always a risk that the personal data may be shared more widely than the intended recipients. The way personal data is processed in a connected world is not good for anyone. Capturing personal data, storing it and analysing it all carry an inherent risk for the user and for the organisation. Furthermore, measures designed to make the connected world safer have made the user experience worse and negatively impacted an organisation's ability to communicate with users. Further problems arise due to modern "big-data" and machine learning (ML) based targeting methods which rely on the asymmetric nature of the relationship between "Big Tech" service providers and the end-users utilising their services. In essence, this results in a massively asymmetric tension between a user who wishes to simply use a service and who has only their own brain, attention and knowledge to protect their data (assuming they are even aware of the risks) and the big tech players who bringing massive amounts data, statistical and ML analysis and manpower to bear on each individual in an attempt to monitor and change their behaviour, usually towards a transaction (but sometimes in order to change their perceptions). Even current systems which rely on biometrics for improved security suffer problems. For instance, current systems only provide black box proof of a biometric check having been done. In these systems, there is no explicit proof that the check was performed by the same individual. This means, for example, that fingerprint and face recognition on a mobile device can be bypassed relatively easily by adding another fingerprint or face regardless of who they belong to. The conventional approach for verifying the identity of a user involves the user providing an identity document as evidence of their identity. For instance, a user wishing to verify their identity will typically provide a government issued identity document, such as a passport or driving licence in order to verify their identity. Conventional arrangements which rely on an identity document are open to abuse by anyone who is able to create and use a fake identity documents. Online transactions are also vulnerable to abuse by malicious parties creating and using fake identities. To combat this abuse, conventional systems typically attempt to recreate an online equivalent digital identity for a government issued document, such as a passport or driving licence. However, this approach is also vulnerable to abuse by malicious parties who can create fake versions of these digital identities. US 2019/164156 discloses a system for for secure authentication. The system comprises: an authenticator on a client device to securely store one or more private keys, at least one of the private keys usable to authenticate a block of a blockchain; and an attestation module of the authenticator or coupled to the authenticator, the attestation module to generate a signature using the block and the private key, the signature usable to attest to the authenticity of the block by a device having a public key corresponding to the private key. WO 2019/177298 discloses an apparatus for managing user authentication in a blockchain network, the apparatus comprising a processor configured to transmit, to a server, a request for a snapshot identifier (ID) with user data comprising at least one of one-time password, biometric data, context data, routine data, or device metadata, receive the snapshot ID generated based on the user data, initiate a transaction with the snapshot ID in the blockchain network comprising a blockchain server which authenticates the snapshot ID, and output blockchain transaction data associated with the transaction based on the authentication of the snapshot ID. There is a need for improved data management systems and methods. The present invention seeks to provide improved data management systems and methods and is defined in the independent claims, with optional features being defined in the dependent claims. Summary According to one aspect, there is provided a data management system for securel