Search

EP-4636618-B1 - IDENTITY VERIFICATION WITH REUSABLE PROFILES

EP4636618B1EP 4636618 B1EP4636618 B1EP 4636618B1EP-4636618-B1

Inventors

  • HANIF, MUHAMMAD SHAHID
  • FAYYAZ, RAJA HASSAN
  • ASIF, FRAYYAM

Dates

Publication Date
20260513
Application Date
20250417

Claims (15)

  1. A computer-implemented method for verifying an identity of a user, comprising: receiving (502) a request to verify the identity of the user; receiving (504) an image of the user; determining (508) two or more matching profiles from a plurality of verified profiles comprising validated documents and previously captured images of validated users, the two or more matching profiles associated with two or more previously captured images that match the user in the image of the user; selecting (512) a matching profile from the two or more matching profiles, the matching profile being a most recent matching profile; displaying (518) information from the matching profile to the user among one or more fake profiles; and in response to a correct selection (520) by the user of the matching profile, returning (530) a response verifying the identity of the user.
  2. The method of claim 1, further comprising: extracting a facial image of a validated user from a validated document associated with the matching profile, optionally wherein the extracting runs in parallel with the displaying; and confirming that the user is the validated user by comparing the facial image with the image of the user to determine a match; optionally the confirming further comprising: calculating a match tolerance used by a face recognition module, wherein the match tolerance specifies a degree of similarity required for a first face and a second face to match; optionally further comprising adjusting the match tolerance based on a behavioral biometric; optionally wherein the behavioral biometric considers two or more factors of an angle of a head in the image, a user manner of presenting their face in an oval presented on a screen, a manner of typing, a browser footprint, a camera resolution, and a cognitive assessment.
  3. The method of any of the preceding claims, further comprising: receiving a second request to verify a second identity of a second user, the second request comprising a second image of the second user; determining that no validated user in the previously captured images of validated users matches the second user in the second image of the second user; and in response to the determining, verifying the second identity using an alternative verification method; optionally wherein the alternative verification method comprises: receiving an image of an identification document from the second user; validating the identification document; extracting one or more fields from the identification document using optical character recognition, optionally wherein the one or more fields comprise an expiration date, a name, a date of birth, and a document number; and adding a new profile to the plurality of verified profiles, the new profile comprising: the one or more fields, the second image of the second user, the image of the identification document, and a timestamp.
  4. The method of claim 3, the validating the identification document further comprising: checking the image of the identification document for integrity; identifying whether the identification document is a compromised document by referencing a list of compromised identification documents; and detecting a mismatch between the one or more fields and user-provided information.
  5. The method of any one of the preceding claims, further comprising: performing a liveness check on the image of the user by identifying one or more features in the image of the user; and comparing the one or more features to one or more known potential security risks to validate an authenticity of the image of the user, optionally wherein the one or more known potential security risks comprise: a face mask attack, a paper image detection, a deep fake, a static image attack, and an artificial-intelligence-generated image attack.
  6. The method of any one of the preceding claims, wherein the validated documents are one of: a passport, a governmental identification, a driver's license, a credit card, a debit card, a birth certificate, a social security card, a utility bill, a telephone bill, a mortgage, a rental agreement, an insurance policy, or a loan statement.
  7. The method of any one of the preceding claims, the displaying information from the matching profile further comprising: displaying a consent agreement to the user that informs the user that selecting the matching profile grants permission to use personal data in the matching profile to verify the identity of the user, and/or displaying a displayed name, a displayed document number, and a displayed date of birth, wherein the displayed name and the displayed_document number are masked by obscuring a subset of characters in the displayed name and the displayed document number.
  8. The method of any one of the preceding claims, further comprising: receiving a second request to verify a second identity of a second user, the second request comprising a second image of the second user; selecting a second matching profile from the plurality of verified profiles, the second matching profile selected by determining that a second validated user in a previously captured image associated with the second matching profile matches the second user in the second image of the second user; determining that an expiration date of a validated document associated with the second matching profile has passed; and prompting the second user to capture an updated image of an updated identification document.
  9. A computer-implemented method for verifying an identity of a user, comprising: receiving (502) a request to verify the identity of the user, the request comprising one or more parameters; receiving (504) an image of the user; determining (508) two or more matching profiles from a plurality of verified profiles comprising validated documents and previously captured images of validated users, the two or more matching profiles associated with two or more previously captured images that match the user in the image of the user; selecting (512) a matching profile from the two or more matching profiles based on the one or more parameters; displaying (518) information from the matching profile to the user among one or more fake profiles; and in response to a correct selection (520) by the user of the matching profile, returning (530) a response verifying the identity of the user.
  10. The method of claim 9, further comprising: extracting a facial image of a validated user from a validated document associated with the matching profile; and confirming that the user is the validated user by comparing the facial image with the image of the user to determine a match; optionally the confirming further comprising: calculating a match tolerance used by a face recognition module, wherein the match tolerance specifies a degree of similarity required for a first face and a second face to match; optionally further comprising adjusting the match tolerance based on a behavioral biometric.
  11. The method of claim 9 or 10, further comprising: performing a liveness check on the image of the user by identifying one or more features in the image of the user; and comparing the one or more features to one or more known potential security risks to validate an authenticity of the image of the user.
  12. The method of any one of claims 9 to 11, the displaying information from the matching profile further comprising: displaying a consent agreement to the user that informs the user that selecting the matching profile grants permission to use personal data in the matching profile to verify the identity of the user; and displaying a displayed name, a displayed document number, and a displayed date of birth, wherein the displayed name and the displayed document number are masked by obscuring a subset of characters in the displayed name and the displayed document number.
  13. The method of any one of claims 9 to 12, further comprising: receiving a second request to verify a second identity of a second user, the second request comprising a second image of the second user; selecting a second matching profile from the plurality of verified profiles, the second matching profile selected by determining that a second validated user in a previously captured image associated with the second matching profile matches the second user in the second image of the second user; determining that an expiration date of a validated document associated with the second matching profile has passed; and prompting the second user to capture an updated image of an updated identification document.
  14. A system for verifying an identity of a user, comprising: a memory; and at least one processor coupled to the memory and configured to perform a method according to any of claims 1 to 9; or to perform a method according to any one of claims 10 to 13.
  15. A non-transitory computer-readable device having instructions stored thereon that, when executed by at least one computing device, cause the at least one computing device to perform operations of a method for verifying an identity of a user according to any one of claims 1 to 9; or to perform operations of a method for verifying an identity of a user according to any one of claims 10 to 13.

Description

BACKGROUND Humans have identities. In a basic sense, an identity is who a person is. An identity signifies that a person "X" is recognized in a given community as person "X." A person may need to prove their identity-e.g., to obtain a driver's license, get a library card, start a new job, enroll in a university, access medical records, travel internationally, etc. For another example, a person may walk into a bank to open a bank account in their name. To prevent fraud, the bank may need to verify that the person is not impersonating a different individual. Generally speaking, to prove identity, a person may provide personally identifying information (e.g., a photo, name, date of birth, identifying number, etc.) that allows the receiving party to verify that the person is the claimed individual. Towards this end, a person may present a document such as a government-issued identification ("ID"), a national ID card, passport, birth certificate, social security card, driver's license, etc. Additional documents may be required to prove other aspects of identity. For example, a person may also need to present a utility bill, telephone bill, mortgage, rental agreement, insurance policy, loan statement, credit card, etc. that includes an address to prove residency in a particular state or city. The complexities of identity verification are compounded in digital realms. As interpersonal, commercial, and governmental relationships increasingly occur online, verifying user identity is of paramount importance across a multitude of scenarios and use cases. Indeed, the need for fast and reliable identity verification techniques is heightened online given the capacity of digital technologies to facilitate malfeasance and identity theft. Just as a physical bank needs to verify the ID of a user opening an account, an online banking system must do the same. However, an online user may not want to visit a brick-and-mortar location to show their ID because doing so would be time-consuming and inconvenient. Thus, the bank must verify the user's identity behind the obscurity and anonymity of an Internet connection. Moreover, ensuring compliance with a myriad of recent and diverse laws and regulations governing identity verification and privacy creates significant challenges for identity verification. These regulations differ by country, by state and objectives-to protect privacy, to prevent fraud, to prevent money laundering, for example. Perhaps, the best known such regulation is the General Data Protection Regulation ("GDPR"), which in the European Union establishes rules for the collection and use of personal data, including data that can be used for identity verification. The GDPR regulations were enacted recently in 2018, dramatically impacting not just EU countries, but having cross-border impacts across the globe. There are also a plethora of other regulations, such as anti-money laundering ("AML") and counter-terrorist ("CTF") regulations, Know your Customer regulations, and consumer privacy acts. In the United States in particular, states have enacted different privacy acts, such as the California Consumer Privacy Act, that are complex and have different requirements that vary by state. These complex and varying regulations impose significant, changing demands on identity verification systems. Prior art document US2020/097645-A1 discloses a method and system for confirming a person's online identity with data and using biometric confirmation for identifying a real person from a fake person. Towards this end, identity verification ("IDV") platforms exist that verify a user's identity in online environments. IDV platforms may leverage a software-as-a-service ("SaaS") model and furnish application programming interfaces ("APIs") that technical entities across the digital landscape may access to verify users' identities. An IDV platform allows a wide-array of persons, businesses, organizations, governments, and other actors to remotely conduct transactions secure in the knowledge that the other party is indeed who they say they are. BRIEF DESCRIPTION OF THE DRAWINGS/FIGURES The accompanying drawings, which are incorporated herein and form a part of the specification, illustrate embodiments of the present disclosure and, together with the description, further serve to explain the principles of the disclosure and to enable a person skilled in the arts to make and use the embodiments. FIG. 1 is a block diagram of an environment implementing an IDV platform, according to some embodiments.FIGS. 2A-2G are example screen displays of an interface that allows a user to complete an IDV process using reusable profiles, according to some embodiments.FIGS. 3A-3G are example screen displays of an interface that allows a user to complete an IDV process by capturing and uploading an ID or other document, according to some embodiments.FIGS. 4A-4B are example screen displays of a reporting page that includes a profile of a previously complet