Search

US-12619391-B2 - System, device and method for embedding credentials on an electronic document

US12619391B2US 12619391 B2US12619391 B2US 12619391B2US-12619391-B2

Abstract

A system for embedding credentials on an electronic document includes a task assignment device, a document database, a signature server and a credential server. The task assignment device generates an assigned task. The signature server generates a first signature request and a second signature request according to the assigned task. A first electronic device generates first signature information according to the first signature request. A second electronic device generates second signature information according to the second signature request. The signature server generates a first credential request and a second credential request according to the first signature information and the second signature information. The credential server transmits a first credential object and a second credential object to the signature server in response to the first credential request and the second credential request. The signature server embeds the first credential object and the second credential object into an assignment document in sequence. The present disclosure also provides a method and a device for embedding credentials on an electronic document.

Inventors

  • Hsuan Tu
  • Wei-Chih Sun
  • Jia-Rou Lee
  • Ting-Wei Huang
  • Cheng-Yu Tsai

Assignees

  • Kdan Mobile Software Ltd.

Dates

Publication Date
20260505
Application Date
20240422

Claims (16)

  1. 1 . A system for embedding credentials on an electronic document, the system comprising: a task assignment device including a display configured to display a task creation interface for assigning an assignment document and a first processor configured to generate an assigned task according to the assignment document; a document database including a first storage component configured to store the assignment document; a signature server including a second storage component configured to store one or more instructions and a second processor electrically coupled to the second storage component and configured to execute the one or more instructions to receive the assigned task from the task assignment device and generate at least a first signature request and a second signature request according to the assigned task; a credential server including a third storage component configured to store at least a first electronic credential and a second electronic credential; a first electronic device including a first communication component configured to receive the first signature request from the signature server and a third processor electronically connected to the first communication component and configured to generate first signature information according to the first signature request, wherein the first communication component is further configured to transmit the first signature information to the signature server, wherein: the second processor of the signature server is further configured to execute the one or more instructions to transmit a first credential request to the credential server according to the first signature information; the credential server further includes a fourth processor configured to initiate a first credential authorization process, in response to the first credential request, to generate a first credential object and a second communication component configured to transmit the first credential object to the signature server, wherein the first credential object is generated according to the first electronic credential; and the second processor of the signature server is further configured to execute the one or more instructions to receive the first credential object, embed the first credential object into the assignment document to generate a first signed document, and store the first signed document in the document database; and a second electronic device including a third communication component configured to receive the second signature request from the signature server and a fifth processor electronically connected to the third communication component and configured to generate second signature information according to the second signature request, wherein the third communication component is further configured to transmit the second signature information to the signature server, wherein: the second processor of the signature server is further configured to execute the one or more instructions to transmit a second credential request to the credential server according to the second signature information; the fourth processor of the credential server is further configured to initiate a second credential authorization process, in response to the second credential request, to generate a second credential object, the second communication component is further configured to transmit the second credential object to the signature server, and the second credential object is generated according to the second electronic credential; and the second processor of the signature server is further configured to execute the one or more instructions to receive the second credential object and embed the second credential object into the first signed document to generate a second signed document.
  2. 2 . The system of claim 1 , wherein: the first signature information includes first identity verification information; the second signature information includes second identity verification information; and the second processor of the signature server is further configured to execute the one or more instructions to: verify whether the first identity verification information is correct; transmit the first credential request to the credential server after verifying that the first identity verification information is correct; verify whether the second identity verification information is correct; and transmit the second credential request to the credential server after verifying that the second identity verification information is correct.
  3. 3 . The system of claim 2 , wherein: in the first credential authorization procedure: the second communication component of the credential server is further configured to transmit first permission information in response to the first credential request; the second processor of the signature server is further configured to execute the one or more instructions to receive the first permission information, generate a first permission link according to the first permission information, and transmit the first permission link to the first electronic device; the third processor of the first electronic device is further configured to generate a first confirmation signal according to the first permission link, and the first communication component is further configured to transmit the first confirmation signal to the credential server; and the second communication component of the credential server is further configured to receive the first confirmation signal and transmit the first credential object to the signature server in response to the first confirmation signal; in the second credential authorization procedure: the second communication component of the credential server is further configured to transmit second permission information in response to the second credential request; the second processor of the signature server is further configured to execute the one or more instructions to receive the second permission information, generate a second permission link according to the second permission information, and transmit the second permission link to the second electronic device; the fifth processor of the second electronic device is further configured to generate a second confirmation signal according to the second permission link, and the third communication component is further configured to transmit the second confirmation signal to the credential server; and the second communication component of the credential server is further configured to receive the second confirmation signal and transmit the second credential object to the signature server in response to the second confirmation signal.
  4. 4 . The system of claim 2 , wherein: the first electronic device further includes a first display and a first input component; the first display is configured to display the assignment document; the first input component is configured to receive a first input via the first input component to generate a first signature object on the assignment document, wherein the first signature information further comprises the first signature object; the second electronic device further includes a second display and a second input component; the second display is configured to display the first signed document; and the second input component is configured to receive a second input via the second input component to generate a second signature object on the first signed document, wherein the second signature information further comprises the second signature object.
  5. 5 . The system of claim 4 , wherein: in the first credential authorization procedure: the second communication component of the credential server is further configured to transmit first permission information in response to the first credential request; the second processor of the signature server is further configured to execute the one or more instructions to receive the first permission information; the second processor of the signature server is further configured to execute the one or more instructions to generate a first permission link according to the first permission information and transmit the first permission link to the first electronic device; the third processor of the first electronic device is further configured to generate a first confirmation signal according to the first permission link, and the first communication component is further configured to transmit the first confirmation signal to the credential server; the second communication component of the credential server is further configured to receive the first confirmation signal and transmit a first authorization success signal to the signature server in response to the first confirmation signal; in response to the first authorization success signal, the second processor of the signature server is further configured to execute the one or more instructions to: combine the first signature object with the assignment document, and extract a first specified feature from the assignment document combined with the first signature object and transmit the first specified feature to the credential server; in the second credential authorization procedure: the second communication component of the credential server is further configured to transmit second permission information in response to the second credential request; the second processor of the signature server is further configured to execute the one or more instructions to receive the second permission information; the second processor of the signature server is further configured to execute the one or more instructions to generate a second permission link according to the second permission information and transmit the second permission link to the second electronic device; the fifth processor of the second electronic device is further configured to generate a second confirmation signal according to the second permission link, and the third communication component is further configured to transmit the second confirmation signal to the credential server; the second communication component of the credential server is further configured to receive the second confirmation signal and transmit a second authorization success signal to the signature server in response to the second confirmation signal; in response to the second authorization success signal, the second processor of the signature server is further configured to execute the one or more instructions to: combine the second signature object with the first signed document, and extract a second specified feature from the first signed document combined with the second signature object and transmit the second specified feature to the credential server; the fourth processor of the credential server is further configured to: generate the first credential object according to the first specified feature and the first electronic credential, and generate the second credential object according to the second specified feature and the second electronic credential; the second processor of the signature server is further configured to execute the one or more instructions to: receive the first credential object from the credential server and embed the first credential object into the assignment document combined with the first signature object to generate the first signed document, and receive the second credential object from the credential server and embed the second credential object into the first signed document combined with the second signature object to generate the second signed document.
  6. 6 . The system of claim 5 , wherein: the third storage component of the credential server is further configured to store a third electronic credential; the second processor of the signature server is further configured to execute the one or more instructions to extract a third specified feature from the second signed document and transmit the third specified feature to the credential server; the fourth processor of the credential server is further configured to generate a third credential object according to the third specified feature and the third electronic credential, and the second communication component is further configured to transmit the third credential object to the signature server; and the second processor of the signature server is further configured to execute the one or more instructions to receive the third credential object from the credential server and embed the third credential object into the second signed document to generate a third signed document.
  7. 7 . A method for embedding credentials on an electronic document, the method comprising: receiving an assigned task and generating at least a first signature request and a second signature request according to the assigned task, wherein the assigned task is associated with an assignment document; transmitting the first signature request to a first electronic device, such that the first electronic device generates first signature information according to the first signature request; receiving the first signature information from the first electronic device and transmitting a first credential request to a credential server according to the first signature information, such that the credential server initiates a first credential authorization procedure in response to the first credential request to generate and transmit a first credential object; receiving the first credential object from the credential server and embedding the first credential object into the assignment document to generate a first signed document; transmitting the second signature request to a second electronic device, such that the second electronic device generates second signature information according to the second signature request; receiving the second signature information from the second electronic device and transmitting a second credential request to the credential server according to the second signature information, such that the credential server initiates a second credential authorization procedure in response to the second credential request to generate and transmit a second credential object; and receiving the second credential object from the credential server and embedding the second credential object into the first signed document to generate a second signed document.
  8. 8 . The method of claim 7 , wherein: the first signature information includes first identity verification information; the second signature information includes second identity verification information; and the method further comprises: verifying whether the first identity verification information is correct; transmitting the first credential request to the credential server after verifying that the first identity verification information is correct; verifying whether the second identity verification information is correct; and transmitting the second credential request to the credential server after verifying that the second identity verification information is correct.
  9. 9 . The method of claim 8 , further comprising: in the first credential authorization procedure: receiving, from the credential server, first permission information transmitted in response to the first credential request and generating a first permission link according to the first permission information; and transmitting the first permission link to the first electronic device, such that the first electronic device generates a first confirmation signal according to the first permission link and such that the credential server transmits the first credential object in response to the first confirmation signal; in the second credential authorization procedure: receiving, from the credential server, second permission information transmitted in response to the second credential request and generating a second permission link according to the second permission information; and transmitting the second permission link to the second electronic device, such that the second electronic device generates a second confirmation signal according to the second permission link and such that the credential server transmits the second credential object in response to the second confirmation signal.
  10. 10 . The method of claim 8 , wherein: the first signature information further comprises a first signature object generated by the first electronic device on the assignment document; the second signature information further comprises a second signature object generated by the second electronic device on the first signed document; and the method further comprises: in the first credential authorization procedure: receiving, from the credential server, first permission information transmitted in response to the first credential request and generating a first permission link according to the first permission information; transmitting the first permission link to the first electronic device, such that the first electronic device generates a first confirmation signal according to the first permission link and such that the credential server transmits a first authorization success signal in response to the first confirmation signal; combining the first signature object with the assignment document in response to the first authorization success signal; extracting a first specified feature from the assignment document combined with the first signature object and transmitting the first specified feature to the credential server, such that the credential server generates the first credential object according to the first specified feature and a first electronic credential; and receiving the first credential object from the credential server and embedding the first credential object into the assignment document combined with the first signature object to generate the first signed document; in the second credential authorization procedure: receiving, from the credential server, second permission information transmitted in response to the second credential request and generating a second permission link according to the second permission information; transmitting the second permission link to the second electronic device, such that the second electronic device generates a second confirmation signal according to the second permission link and such that the credential server transmits a second authorization success signal in response to the second confirmation signal; combining the second signature object with the first signed document in response to the second authorization success signal; extracting a second specified feature from the first signed document combined with the second signature object and transmitting the second specified feature to the credential server, such that the credential server generates the second credential object according to the second specified feature and a second electronic credential; and receiving the second credential object from the credential server and embedding the second credential object into the first signed document combined with the second signature object to generate the second signed document.
  11. 11 . The method of claim 10 , further comprising: extracting a third specified feature from the second signed document and transmitting the third specified feature to the credential server, such that the credential server generates a third credential object according to the third specified feature and a third electronic credential; and receiving the third credential object from the credential server and embedding the third credential object into the second signed document to generate a third signed document.
  12. 12 . A device for embedding credentials on an electronic document, the device comprising: a storage component configured to store one or more instructions; and a processor electrically coupled to the storage component and configured to execute the one or more instructions to: receive an assigned task and generate at least a first signature request and a second signature request according to the assigned task, wherein the assigned task is associated with an assignment document; transmit the first signature request to a first electronic device, such that the first electronic device generates first signature information according to the first signature request; receive the first signature information from the first electronic device and transmit a first credential request to a credential server according to the first signature information, such that the credential server initiates a first credential authorization procedure in response to the first credential request to generate and transmit a first credential object; receive the first credential object from the credential server and embed the first credential object into the assignment document to generate a first signed document; transmit the second signature request to a second electronic device, such that the second electronic device generates second signature information according to the second signature request; receive the second signature information from the second electronic device and transmit a second credential request to the credential server according to the second signature information, such that the credential server initiates a second credential authorization procedure in response to the second credential request to generate and transmit a second credential object; and receive the second credential object from the credential server and embed the second credential object into the first signed document to generate a second signed document.
  13. 13 . The device of claim 12 , wherein: the first signature information includes first identity verification information; the second signature information includes second identity verification information; and the processor is further configured to execute the one or more instructions to: verify whether the first identity verification information is correct; transmit the first credential request to the credential server after verifying that the first identity verification information is correct; verify whether the second identity verification information is correct; and transmit the second credential request to the credential server after verifying that the second identity verification information is correct.
  14. 14 . The device of claim 13 , wherein the processor is further configured to execute the one or more instructions to: in the first credential authorization procedure: receive, from the credential server, first permission information transmitted in response to the first credential request and generate a first permission link according to the first permission information; and transmit the first permission link to the first electronic device, such that the first electronic device generates a first confirmation signal according to the first permission link and such that the credential server transmits the first credential object in response to the first confirmation signal; in the second credential authorization procedure: receive, from the credential server, second permission information transmitted in response to the second credential request and generate a second permission link according to the second permission information; and transmit the second permission link to the second electronic device, such that the second electronic device generates a second confirmation signal according to the second permission link and such that the credential server transmits the second credential object in response to the second confirmation signal.
  15. 15 . The device of claim 13 , wherein: the first signature information further comprises a first signature object generated by the first electronic device on the assignment document; the second signature information further comprises a second signature object generated by the second electronic device on the first signed document; and the processor is further configured to execute the one or more instructions to: in the first credential authorization procedure: receive, from the credential server, first permission information transmitted in response to the first credential request and generate a first permission link according to the first permission information; transmit the first permission link to the first electronic device, such that the first electronic device generates a first confirmation signal according to the first permission link and such that the credential server transmits a first authorization success signal in response to the first confirmation signal; combine the first signature object with the assignment document in response to the first authorization success signal; extract a first specified feature from the assignment document combined with the first signature object and transmit the first specified feature to the credential server, such that the credential server generates the first credential object according to the first specified feature and a first electronic credential; and receive the first credential object from the credential server and embed the first credential object into the assignment document combined with the first signature object to generate the first signed document; in the second credential authorization procedure: receive, from the credential server, second permission information transmitted in response to the second credential request and generate a second permission link according to the second permission information; transmit the second permission link to the second electronic device, such that the second electronic device generates a second confirmation signal according to the second permission link and such that the credential server transmits a second authorization success signal in response to the second confirmation signal; combine the second signature object with the first signed document in response to the second authorization success signal; extract a second specified feature from the first signed document combined with the second signature object and transmit the second specified feature to the credential server, such that the credential server generates the second credential object according to the second specified feature and a second electronic credential; and receive the second credential object from the credential server and embed the second credential object into the first signed document combined with the second signature object to generate the second signed document.
  16. 16 . The device of claim 15 , wherein the processor is further configured to execute the one or more instructions to: extract a third specified feature from the second signed document and transmit the third specified feature to the credential server, such that the credential server generates a third credential object according to the third specified feature and a third electronic credential; and receive the third credential object from the credential server and embed the third credential object into the second signed document to generate a third signed document.

Description

CROSS-REFERENCE TO RELATED APPLICATION The present disclosure claims the benefit of and priority to U.S. provisional Patent Application Ser. No. 63/460,700 filed on Apr. 20, 2023, entitled “Online Signature System, Method and Electronic Apparatus,” (hereinafter referred to as “the '700 provisional”). The disclosure of the '700 provisional is hereby incorporated fully by reference into the present disclosure. FIELD The present invention relates generally to a system, device and method for embedding credentials, and more particularly to a system, device and method for embedding credentials on an electronic document. BACKGROUND With the development of global e-commerce, many document or contract reviews and signature execution are no longer limited to paper documents, and the paper documents have been gradually replaced by electronic documents. However, when an electronic document requires signatures from multiple parties online, ensuring the uniqueness, non-repudiation, reliability, and integrity of the signed electronic document is one of the current issues to be resolved. SUMMARY The system for embedding credentials on an electronic document according to the present disclosure includes a task assignment device, a document database, a signature server, a credential server, a first electronic device and a second electronic device. The task assignment device is configured to generate an assigned task according to an assignment document. The document database is configured to store the assignment document. The signature server is configured to receive the assigned task from the task assignment device and generate at least a first signature request and a second signature request according to the assigned task. The credential server is configured to store at least a first electronic credential and a second electronic credential. The first electronic device is configured to receive the first signature request from the signature server, generate first signature information according to the first signature request, and transmit the first signature information to the signature server. The signature server is further configured to transmit a first credential request to the credential server according to the first signature information. The credential server is further configured to initiate a first credential authorization process, in response to the first credential request, to generate and transmit a first credential object to the signature server. The first credential object is generated according to the first electronic credential. The signature server is further configured to receive the first credential object, embed the first credential object into the assignment document to generate a first signed document, and store the first signed document in the document database. The second electronic device is configured to receive the second signature request from the signature server, generate second signature information according to the second signature request, and transmit the second signature information to the signature server. The signature server is further configured to transmit a second credential request to the credential server according to the second signature information. The credential server is further configured to initiate a second credential authorization process, in response to the second credential request, to generate and transmit a second credential object to the signature server. The second credential object is generated according to the second electronic credential. The signature server is further configured to receive the second credential object and embed the second credential object into the first signed document to generate a second signed document. In the system of an embodiment according to the present disclosure, the first signature information includes a first identity verification information, and the second signature information includes a second identity verification information. The signature server is further configured to verify whether the first identity verification information is correct, transmit the first credential request to the credential server after verifying that the first identity verification information is correct, verify whether the second identity verification information is correct, and transmit the second credential request to the credential server after verifying that the second identity verification information is correct. In the system of an embodiment according to the present disclosure, the credential server is further configured to transmit first permission information in response to the first credential request in the first credential authorization procedure. The signature server is further configured to receive the first permission information, generate a first permission link according to the first permission information, and transmit the first permission link to the first electronic device. The first electronic device is further configured to generate a