Search

EP-4736040-A1 - METHOD AND SYSTEM FOR OBFUSCATING SENSTIVE PERSONAL DATA AVAILABLE ON AN UNREGULATED PLATFORMS

EP4736040A1EP 4736040 A1EP4736040 A1EP 4736040A1EP-4736040-A1

Abstract

Disclosed is a method and system, in FIG. 1, for verifying authenticity of specific personal data responsive to a unique wallet address (70) on a public ledger (66) of an unregulated platform (60). The wallet contains one or more non-transferable NFTs each locked to the wallet and related to specific personal data. The non-transferable NFT was minted from a regulated platform (27) to which there is a record (76) in the public ledger. Supplying the unique address of the wallet to a service supplier affects a log-in of a client (18) to the service supplier (90), whereafter message interactions over a network (12) between the service supplier and the unregulated platform (60) permits searching for a relevant (72) non-transferable NFTs (74) stored in the wallet and related to the specific personal data. Return of any relevant non-transferable NFT related to the personal data thus verifies authenticity of the specific personal data by association with a regulated platform.

Inventors

  • SMITH, DAVID PETER
  • LYSKE, JOSEPH MICHAEL WILLIAM

Assignees

  • Shearer, Richard Alexander

Dates

Publication Date
20260506
Application Date
20230613

Claims (1)

  1. CLAIMS 1. A method of verifying authenticity of specific personal data based on supply of a wallet address stored on a public ledger database of an unregulated platform, wherein the public ledger database contains a first wallet having a unique address and containing one or more non-transferable non-fungible tokens “NFTs” locked to the first wallet and wherein each non-transferable NFT was minted from a regulated platform to which there is a record in the public ledger database and each non-transferable NFT includes a hash that verifies a nature of a related document and wherein each non-transferable NFT cannot be moved from the unregulated wallet or in any way changed by any interaction other than an interaction directly involving a related linked regulated wallet on the regulated platform, the method comprising: supplying the unique address of the first wallet to a service supplier to affect a log-in of the service provider into the first wallet; through message interaction over a network between the service supplier and the unregulated platform, searching for a record of specific personal data in the public ledger database to locate non-transferable NFTs stored in the first wallet and related to the specific personal data; and at the service supplier, verifying authenticity of the specific personal data through inspection, over the network and from the first wallet, of the hash stored on each non-transferable NFT whereby existence of the hash verifies authenticity of the specific personal data. 2. The method of claim 1, wherein linking of the first wallet on the unregulated platform through said minting of non-transferable NFT associated with a known client of a regulated digital wallet on said regulated platform further comprises: during establishment of the regulated digital wallet, generating an encoded certificate for each of a plurality of personal documents submitted electronically to the regulated platform to satisfy regulatory requirements for establishing the regulated digital wallet in the name of the known client, and storing in the regulated trading platform an association between the encoded certificate and the regulated digital wallet; minting each said generated encoded certificate to produce said non-transferable NFTs locked to the first wallet of the unregulated platform; and establishing a relationship between the first wallet and the regulated digital wallet when said non-transferable NFTs are within the first wallet to verify and record common ownership of the first wallet and the regulated digital wallet with the known client. 3. The method of claim 1 or 2, wherein linking of the first wallet on the unregulated platform through said minting of non-transferable NFT associated with a known client of a regulated digital wallet on said regulated platform further comprises: verifying an identity of a prospective account holder seeking to establish a first regulated digital wallet by authenticating a plurality of instances of personal data submitted by the prospective account holder; issuing, as a hash, a certificate for each instance of personal data and associating, in a private ledger database of the regulated platform, each hash with at least a document type and the regulated digital wallet to establish a cryptocurrency account for the prospective account holder; using the plurality of instances of personal data to identify at least one link to the first wallet having the unique address; using said at least one link, automatically interrogating the first wallet to recover data entries in the first wallet that reflect at least one of transactional entries, recorded wallet interactions, NFTs, general personal data and uses of cryptocurrency; based on said recovered data entries, identifying searchable links to third-party databases independent of the unregulated platform and independent of the regulated platform, scraping said third-party databases for personal data or further links related to operation of the first wallet, and returning scraped data to generate a profile of a registrant of the first wallet; based on the profile, parsing said returned scraped data to generate a list of different document types each with a respective associated document; within the private ledger database, identifying any commonality between said list of different document types and the document type linked to the first digital wallet; in the event that there is at least one identified commonality in the document type and a content match exists between the respective associated document and a verified document associated with the regulated digital wallet, evaluating an honesty score associated with the content match; and determining if the honesty score exceeds a threshold and, when it does, linking the first wallet to the regulated digital wallet by minting the non-transferable NFT and storing said non-transferable NFT in at least the first wallet. 4. The method of claim 3, wherein the returned personal data is at least one of: a personal telephone number, an employment history, transactions involving NFTs, cryptocurrency transaction histories, smart interactions, events stored in the ledger of the unregulated wallet, addresses of other unregulated wallets, user-related geographic locations, images/pictures, email addresses, public government data, and company affiliations. 5. The method according to claim 3 or 4, further comprising: in the event of failing to identify commonality, generating at least one random challenge from selected content in said returned scraped data and displaying the at least one random challenge on the interface of the app; monitoring a response to the at least one random challenge and assessing correctness of the response; in the event of correlation of the response to the selected content of the random challenge, generating a second hash for the selected content; associating the second hash with at least one of the first regulated digital wallet and the first unregulated digital wallet; and using the second hash to verify a common ownership of the first regulated digital wallet and the first unregulated digital wallet. 6. The method according to any preceding claim, wherein said minted non- transferable NFT is further stored in the first regulated digital wallet of the private ledger database. 7. A networked system comprising: a third-party service platform having a first server at least partially administering access to services, said services obtained subject to receipt of authenticated personal data of a client and subsequent to supply of log-in data for the client, wherein said login data is receivable via a user interface through which a unique address of a first digital wallet of the client is obtained; an unregulated trading platform remote to the third-party service platform, the unregulated trading platform having a public server and a public ledger database in which is stored a plurality of unique wallet addresses including that of the first digital wallet and wherein the first digital wallet contains one or more non-transferable non- fungible tokens “NFTs” locked to the first digital wallet and wherein each non- transferable NFT was minted from a regulated platform to which there is a record in the public ledger database and each non-transferable NFT includes a hash that verifies a nature of a related document and wherein each non-transferable NFT cannot be moved from the unregulated wallet or in any way changed by any interaction other than an interaction directly involving a related linked regulated wallet on the regulated platform; a network providing a communication backbone through which the first server communicates with the public server and obtain access to information stored in the first digital wallet; and wherein the first server is arranged: through message interaction over the network with the public server, to search for a record of specific personal data in the public ledger database to locate non-transferable NFTs stored in the first wallet and related to the specific personal data, and over the network, to inspect the first digital wallet for existence of the hash stored on each non-transferable NFT whereby existence of the hash verifies of the specific personal data; and to provide access to the services based the existence of the hash within a relevant non-transferable NFT relating to the specific personal data. 8. A method of verifying authenticity of specific personal data based on supply of a wallet address stored on a public ledger database of an unregulated platform, wherein the public ledger database contains a first wallet having a unique address and containing one or more non-transferable non- fungible tokens “NFTs” locked to the first wallet and wherein each non-transferable NFT was minted from a regulated platform to which there is a record in the public ledger database, the method comprising: supplying the unique address of the first wallet to a service supplier to affect a log-in of the service provider into the first wallet; through message interaction over a network between the service supplier and the unregulated platform, searching for a record of specific personal data in the public ledger database to locate non-transferable NFTs stored in the first wallet and related to the specific personal data; at the service supplier, verifying authenticity of the specific personal data through return, over the network and from the first wallet, of at least one relevant non- transferable NFT related to the personal data; and wherein an authenticated common ownership relationship exists between the first wallet on the unregulated platform and a regulated digital wallet of a known client on the regulated platform, the authenticated common ownership relationship arising from the first wallet containing minted non-transferable NFTs associated with the known client, and wherein the common ownership relationship is established by: during initial establishment of the regulated digital wallet, generating an encoded certificate for each of a plurality of personal documents submitted electronically to the regulated platform to satisfy regulatory requirements for establishing the regulated digital wallet in the name of the known client, and storing in the regulated trading platform an association between each encoded certificate and the regulated digital wallet; and minting each generated encoded certificate to produce the non-transferable NFTs locked to the first wallet of the unregulated platform. 9. A method of verifying authenticity of specific personal data based on supply of a wallet address stored on a public ledger database of an unregulated platform, wherein the public ledger database contains a first wallet having a unique address and contains one or more non-transferable non-fungible tokens “NFTs” locked to the first wallet and wherein each non-transferable NFT was minted from a regulated platform to which there is a record in the public ledger database, the method comprising: supplying the unique address of the first wallet to a service supplier to affect a login of the service provider into the first wallet; through message interaction over a network between the service supplier and the unregulated platform, searching for a record of specific personal data in the public ledger database to locate non-transferable NFTs that are stored in the first wallet and that are related to the specific personal data; at the service supplier, verifying authenticity of the specific personal data through return, over the network and from the first wallet, of at least one relevant non- transferable NFT related to the personal data; and wherein the first wallet on the unregulated platform was previously linked to a regulated digital wallet on the regulated platform through the minting of non-transferable NFTs associated with a known client of the regulated digital wallet on the regulated platform, and wherein the linking of the regulated digital wallet to the first wallet further comprises: verifying an identity of a prospective account holder seeking to establish a first regulated digital wallet by authenticating a plurality of instances of personal data submitted by the prospective account holder; issuing, as a hash, a certificate for each instance of personal data and associating, in a private ledger database of the regulated platform, each hash with at least a document type and the regulated digital wallet to establish a cryptocurrency account for the prospective account holder; using the plurality of instances of personal data to identify at least one link to the first wallet having the unique address; using the at least one link, automatically interrogating the first wallet to recover data entries in the first wallet that reflect at least one of transactional entries, recorded wallet interactions, NFTs, general personal data and uses of cryptocurrency; based on the recovered data entries, identifying searchable links to third- party databases independent of the unregulated platform and independent of the regulated platform; scraping the third-party databases for personal data or further links related to operation of the first wallet, and returning scraped data to generate a profile of a registrant of the first wallet; based on the profile, parsing the returned scraped data to generate a list of different document types each with a respective associated document; within the private ledger database, identifying any commonality between the list of different document types and the document type linked to the first digital wallet; determining that there is at least one identified commonality in the document type and further determining that a content match exists between the respective associated document and a verified document associated with the regulated digital wallet, wallet; for each determined identified commonality in document type and content match, evaluating an honesty score associated with the content match; and determining if the honesty score exceeds a threshold; and linking the first wallet to the regulated digital wallet for each honesty score exceeding the threshold by minting the non-transferable NFT and storing the non-transferable NFT in at least the first wallet. The method of claim 8 or 9, wherein the returned personal data is at least one of: a personal telephone number, an employment history, transactions involving NFTs, cryptocurrency transaction histories, smart interactions, events stored in the ledger of the unregulated wallet, addresses of other unregulated wallets, user-related geographic locations, images/pictures, email addresses, public government data, and company affiliations. 11. The method according to claim 10, further comprising: determining a lack of commonality and, as a consequence of the determined lack of commonality, generating at least one random challenge from selected content in the returned scraped data and displaying the at least one random challenge on an app interface; monitoring a response to the at least one random challenge and assessing correctness of the response; determining correlation between the response and the selected content of the random challenge, and, responsive to the determined correlation, generating a second hash for the selected content; associating the second hash with at least one of the first regulated digital wallet and the first unregulated digital wallet; and using the second hash to verify a common ownership of the first regulated digital wallet and the first unregulated digital wallet. 12. The method according to any of claims 8 to 11, wherein the minted non- transferable NFT is further stored in the first regulated digital wallet of the private ledger database.

Description

METHOD AND SYSTEM FOR OBFUSCATING SENSTIVE PERSONAL DATA AVAILABLE ON AN UNREGULATED PLATFORMS FIELD OF THE INVENTION This invention relates, in general, to a client authentication process establishing account associations across multiple independent and disparate platforms. Particularly, but not exclusively, the invention is applicable a method and system that obfuscates and authenticates personal data that otherwise would be necessarily communicated over an open public network supporting third generation internet services, such as web 3.0 and generally an unregulated environment, in order to secure access to third-party services. SUMMARY OF THE PRIOR ART Blockchain is essentially a distributed database that is shared among the nodes of a public computer network. As a database, a blockchain stores information electronically in digital format. Blockchains are best known for their role in cryptocurrency systems, such as Bitcoin, and are arranged to maintain a secure and decentralized record of transactions. The concept behind blockchain is that it guarantees the fidelity, integrity, and security of a record of data and generates trust without the need for a trusted third party. However, on a generally never basis, an individual or organization cannot control or manipulate the protocol behind a cryptocurrency because it is cryptographically secure. Furthermore, there is no, little or limited and ineffectual regulation of certain aspects of blockchains on both a national or international governmental level, with this lack of oversight leading to questionable use of block technology in potentially dubious or otherwise entirely illegal activities, such as money laundering, terrorist financing or narcotics trafficking in the latter case. One key difference between a typical database and a blockchain is how the data is structured. A blockchain collects information together in groups, known as blocks, which hold sets of information. Blocks have certain storage capacities and, when filled, are closed and linked to the previously filled block thus forming the “blockchain”. All new information that follows that freshly added block is compiled into a newly formed block that will then also be added to the chain once filled. A conventional database usually structures its data into tables, whereas a blockchain, like its name implies, structures its data into chunks (blocks) that are strung together. This data structure inherently makes an irreversible timeline of data when implemented in a decentralized nature. When a block is filled, it is set in stone and becomes a part of this timeline. Each block in the chain is given an exact time stamp when it is added to the chain. Blockchain technology is, for example, the basis for cryptocurrency transactions, such as supported by Bitcoin. Another platform is Ethereum which is both similar and dissimilar to Bitcoin. For example, both are cryptocurrencies that can be traded, and both are acquired through mining activity of a numerically limited pool of coins or tokens. Cryptocurrencies are fungible in that one ETH can be exchanged for a different ETH without any consequence or loss. Other blockchain technologies, such as Solano, exist. These may have certain advantages or disadvantages relative to more accepted mainstream blockchains of Bitcoin and Ethereum. In dealing with blockchain cryptocurrencies, it is typical to use a cryptocurrency exchange firm, such as CoinBase. Coinbase is a cryptocurrency trading and investing platform that offers users the ability to buy, sell, and exchange over one hundred tradable cryptocurrencies such as Bitcoin, Ethereum, and Dogecoin. Unlike traditional brokerage firms, cryptocurrency exchanges are generally not members of the Securities Investor Protection Corp. (SIPC) and the like. Therefore, unless user terms specify otherwise, investors with cryptocurrency assets commingled on a custodial cryptocurrency exchange could potentially lose their funds as unsecured creditors. Coinbase, however, is regulated in the UK by the UK Financial Conduct Authority because such blockchain financial transactions are subject to regulatory approval/control, although the specific form of account/wallet holder validation is not known. Contrastingly, non-fungible tokens “NFTs” are unique digital assets addressing certifiable things, for example, photographs, music, videos, and trading cards. Consequently, NFTs are not mutually interchangeable/fungible since each NFT is in itself unique. NFTs are managed in a digital ledger and traded on the web. For instance, rather than buying a genuine photo to show on a divider, the purchaser gets a unique digital file. Nearly any digital asset, for example, a piece of collectible advanced characters, virtual land, or unique online media posts, can be made and bought as an NFT. NFTs are joined to explicit qualities with certificates of authenticity, which means that the digital assets cannot be traded or supplanted with each