Search

US-12619787-B2 - Systems and methods for verifying digital documents

US12619787B2US 12619787 B2US12619787 B2US 12619787B2US-12619787-B2

Abstract

A system and method are provided by which an electronic address associated with a user is monitored. Based on the monitoring, an electronic message is detected including a digital document. A cryptographic function is applied to the digital document to generate a hash which is rendered accessible at a network location. An identification of the network location of the hash is transmitted to a first computing system associated with the user.

Inventors

  • David Luz Silva
  • Kevin Roundy
  • Paul Dunphy

Assignees

  • AVAST Software s.r.o.

Dates

Publication Date
20260505
Application Date
20230721

Claims (14)

  1. 1 . A method, performed by one or more processors, comprising: monitoring by the one or more processors online activity of a user via a local browser in a first computing system; detecting, by the one or more processors and based on the monitoring, a first digital document downloaded by the user via the local browser in the first computing system from a second computing system; applying, by a network-based browser in a third computing system, a cryptographic function to the first digital document to generate a first hash, wherein the first hash is generated by applying the cryptographic function to an obfuscated version of the first digital document; rendering accessible, by the one or more processors, the first hash at a network location; and transmitting, by the one or more processors, an identification of the network location of the first hash to the first computing system.
  2. 2 . The method of claim 1 , further comprising monitoring via the local browser the online activity via at least one of an application, a browser extension, or a browser embedded software module executed by the first computing system.
  3. 3 . The method of claim 1 , further comprising: enabling the network-based browser; enabling access by the user via the first computing system to the network-based browser via a network; monitoring the online activity of the user via the network-based browser; and detecting, by the one or more processors and based on the monitoring, the first digital document downloaded by the user via the network-based browser from the second computing system.
  4. 4 . The method of claim 1 , further comprising: detecting at least one of characters, phrases, or field labels in the first digital document at at least one location in the first digital document; and selectively obfuscating the first digital document based on the at least one location in the first digital document to generate the obfuscated version of the first digital document.
  5. 5 . The method of claim 1 , further comprising: receiving from a fourth computing system a verification request comprising a second digital document and the identification of the network location of the first hash; performing a verification that the second digital document is identical to the first digital document at least based on the second digital document and the first hash; and transmitting an indication of the verification to the fourth computing system.
  6. 6 . The method of claim 1 , further comprising transmitting, to the first computing system, an identification of the cryptographic function.
  7. 7 . The method of claim 6 , further comprising: receiving from a fourth computing system a verification request comprising a second hash and the identification of the network location of the first hash; comparing the first hash to the second hash to perform a verification to verify that the first hash is identical to the second hash; and transmitting an indication of the verification to the fourth computing system.
  8. 8 . The method of claim 1 , further comprising: receiving from a fourth computing system a request for the first hash comprising the identification of the network location of the first hash; and transmitting the first hash to the fourth computing system responsive to the request.
  9. 9 . The method of claim 8 , further comprising transmitting, to the first computing system, an identification of the cryptographic function.
  10. 10 . A system, comprising: one or more processors; and memory storing executable instructions that, as a result of being executed, cause the system to perform operations comprising: monitoring by the one or more processors online activity of a user via a local browser in a first computing system; detecting, by the one or more processors and based on the monitoring, a first digital document downloaded by the user via the local browser in the first computing system from a second computing system; applying, by a network-based browser in a third computing system, a cryptographic function to the first digital document to generate a first hash, wherein the first hash is generated by applying the cryptographic function to an obfuscated version of the first digital document; rendering accessible, by the one or more processors, the first hash at a network location; and transmitting, by the one or more processors, an identification of the network location of the first hash to the first computing system.
  11. 11 . The system of claim 10 , the operations further comprising: receiving from a fourth computing system a verification request comprising a second digital document and the identification of the network location of the first hash; performing a verification that the second digital document is identical to the first digital document at least based on the second digital document and the first hash; and transmitting an indication of the verification to the fourth computing system.
  12. 12 . The system of claim 10 , the operations further comprising: transmitting, to the first computing system associated with the user, an identification of the cryptographic function; receiving from a fourth computing system a verification request comprising a second hash and the identification of the network location of the first hash; comparing the first hash to the second hash to perform a verification to verify that the first hash is identical to the second hash; and transmitting an indication of the verification to the fourth computing system.
  13. 13 . The system of claim 10 , wherein the network-based browser comprises an isolated network-based browser, the operations further comprising: enabling the isolated network-based browser; enabling access by the user via the first computing system via the local browser executed by the first computing system to the isolated network-based browser via a network; monitoring the online activity of the user via the isolated network-based browser; and detecting, by the one or more processors and based on the monitoring of the online activity of the user via the isolated network-based browser, the first digital document downloaded by the user via the local browser via the isolated network-based browser from the second computing system.
  14. 14 . A non-transitory computer-readable storage medium storing executable instructions that, as a result of execution by one or more processors of a computer system, cause the computer system to perform operations comprising: monitoring by the one or more processors online activity of a user via a local browser in a first computing system; detecting, by the one or more processors and based on the monitoring, a first digital document downloaded by the user via the local browser in the first computing system from a second computing system; applying, by a network-based browser in a third computing system, a cryptographic function to the first digital document to generate a first hash, wherein the first hash is generated by applying the cryptographic function to an obfuscated version of the first digital document; rendering accessible, by the one or more processors, the first hash at a network location; and transmitting, by the one or more processors, an identification of the network location of the first hash to the first computing system.

Description

TECHNICAL FIELD The disclosure relates generally to verifying digital documents. BACKGROUND Digital documents are frequently provided to verify the qualifications of people. Digital documents can be provided for example as a proof of achievement of a university degree, of an academic course accomplishment, or of professional experience. In an electronic transaction involving a digital document, actors typically include an issuer, an earner, and a target entity. An “issuer” is an entity that generates a digital document, for example a university, an online course or certification platform, or a human resources (“HR”) department of a business entity. An “earner” is a person or other entity who has earned and is entitled to obtain a digital document as a proof of an achievement or a qualification of theirs, for example a university graduate entitled to obtain their university transcript. A “target entity” is an entity that seeks to obtain and verify a digital document as a proof of a qualification, achievement, or other criteria that relates to an earner, for example a prospective employer, prospective financer, or prospective landlord of the earner. SUMMARY This Summary introduces simplified concepts that are further described below in the Detailed Description of Illustrative Embodiments. This Summary is not intended to identify key features or essential features of the claimed subject matter and is not intended to be used to limit the scope of the claimed subject matter. A method is provided including monitoring by one or more processors a first electronic address associated with a user. The method further includes detecting, based on the monitoring, an electronic message including a first digital document. A cryptographic function is applied to the first digital document to generate a first hash. The first hash is rendered accessible at a network location, and an identification of the network location of the first hash is transmitted to a first computing system associated with the user. Another method is provided including monitoring by one or more processors online activity of a user, the user performing the online activity via a first computing system. The method further includes detecting, based on the monitoring by the one or more processors of the online activity, a first digital document downloaded by the user from a second computing system. A cryptographic function is applied to the first digital document to generate a first hash. The first hash is rendered accessible at a network location, and an identification of the network location of the first hash is transmitted to the first computing system. A system is provided including one or more processors and memory storing executable instructions that, as a result of being executed, cause the system to perform operations. The operations include monitoring by one or more processors a first electronic address associated with a user. The operations further include detecting, based on the monitoring, an electronic message including a first digital document. A cryptographic function is applied to the first digital document to generate a first hash. The first hash is rendered accessible at a network location, and an identification of the network location of the first hash is transmitted to a first computing system associated with the user. Another system is provided including one or more processors and memory storing executable instructions that, as a result of being executed, cause the system to perform operations. The operations include monitoring by one or more processors online activity of a user, the user performing the online activity via a first computing system. The operations further include detecting, based on the monitoring by the one or more processors of the online activity, a first digital document downloaded by the user from a second computing system. A cryptographic function is applied to the first digital document to generate a first hash. The first hash is rendered accessible at a network location, and an identification of the network location of the first hash is transmitted to the first computing system. A non-transitory computer-readable storage medium storing executable instructions that, as a result of execution by one or more processors of a computer system, cause the computer system to perform operations. The operations include monitoring by one or more processors online activity of a user, the user performing the online activity via a first computing system. The operations further include detecting, based on the monitoring by the one or more processors of the online activity, a first digital document downloaded by the user from a second computing system. A cryptographic function is applied to the first digital document to generate a first hash. The first hash is rendered accessible at a network location, and an identification of the network location of the first hash is transmitted to the first computing system. BRIEF DESCRIPTION OF