Search

US-12621151-B2 - Method for identity verification and system thereof

US12621151B2US 12621151 B2US12621151 B2US 12621151B2US-12621151-B2

Abstract

Disclosed are techniques for identity verification. In one aspect, the method includes determining whether a user account has the identity data; obtaining from a blockchain the hash value of the identity data signed with the private key if it is determined that the user account has the identity data; using the public key to verify the hash value of the identity data signed with the private key to obtain a decrypted hash value of the identity data; and comparing the decrypted hash value of the identity data with the hash value of the identity data stored in the database to generate an identity verification result.

Inventors

  • YAO-CHIEH HU
  • XIN-HONG CHEN

Assignees

  • Turing Chain Ltd.

Dates

Publication Date
20260505
Application Date
20230419
Priority Date
20221128

Claims (6)

  1. 1 . A method for identity verification implemented by a server, a database of the server stores a public key of a unique asymmetric key pair generated by the server corresponding to an uploader, identity data, and a hash value of the identity data, wherein the server is connected to the uploader and a blockchain through a communication network, the blockchain stores the hash value of the identity data signed with a private key of the unique asymmetric key pair, and the method includes: determining whether a user account has the identity data; obtaining from the blockchain the hash value of the identity data signed with the private key if it is determined that the user account has the identity data; using the public key to verify the hash value of the identity data signed with the private key to obtain a decrypted hash value of the identity data; and comparing the decrypted hash value of the identity data with the hash value of the identity data stored in the database to generate an identity verification result, wherein the database of the server further stores a symmetric-key hash value corresponding to a symmetric key and the private key encrypted with the symmetric key, and the method further includes: receiving the symmetric key and the identity data by the server; calculating a hash value of the symmetric key at the server for comparison with the symmetric-key hash value; decrypting the private key encrypted with the symmetric key with the symmetric key according to the comparison result of the calculated hash value of the symmetric key being the same as the symmetric-key hash value; calculating the hash value of the identity data; storing the identity data, the hash value of the identity data in the database; and signing the hash value of the identity data with the private key decrypted and uploading the hash value of the identity data signed with the private key to the blockchain.
  2. 2 . The method of claim 1 , further comprising generating a unique identification (ID) of the identity data, and storing the unique ID of the identity data in the database in a manner associated with the user account.
  3. 3 . The method of claim 2 , wherein determining whether the user account has the identity data includes: determining that the user account has the identity data according to the user account being associated with the unique ID of the identity data.
  4. 4 . The method of claim 1 , wherein uploading the hash value of the identity data signed with the private key to the blockchain further includes: storing a blockchain ID in the database in a manner associated with the identity data, wherein the blockchain ID corresponds to the hash value of the identity data signed with the private key and stored in the blockchain.
  5. 5 . The method of claim 4 , wherein obtaining the hash value of the identity data signed with the private key from the blockchain includes: retrieving from the blockchain through the blockchain ID to obtain the hash value of the identity data signed with the private key.
  6. 6 . A system for identity verification, including a server comprising at least one computing device and a database, wherein the server is connected to a blockchain through a communication network, and the at least one computing device of the server is configured to: receive an input of a user account and a user password from a user of an application through the communication network; verify the identity of the user according to the method of claim 1 , after confirming that the user account number and the user password are correct, to generate an identity verification result, wherein the identity verification result includes success or failure; and return the identity verification result to the application, wherein the application allows the user to log in to the application if the identity verification result received shows success.

Description

BACKGROUND OF THE INVENTION 1. Field of the Invention Aspects of the disclosure relate to the technical field of identity verification. Specifically, the aspects of the disclosure relate to an identity verification method and system using blockchain technology. 2. Description of the Prior Art With the development of the Internet, the demand for verifying the identities and permissions of users online has increased. For example, applications or websites may require users to provide identity data or require users to complete real-name authentication to allow users to log in or provide further services. However, providing personal information to applications or websites may increase the risk of a data breach. In addition, it is difficult for applications or websites to identify users with forged identities. Therefore, it is necessary to provide an identity verification method that reduces the risk of personal information breaches and prevents identity forgery. SUMMARY OF THE INVENTION It is an object of the present disclosure to provide an identity verification method, which can avoid providing personal data to the application or website, so as to reduce the risk of a data breach. It is an object of the present disclosure to provide an identity verification method, which can avoid the problem of identity forgery by taking advantage of the tamper-proof properties of blockchains. In an embodiment, a method for identity verification is implemented by a server, and a database of the server stores a public key of a key pair, identity data, and a hash value of the identity data, wherein the server is connected to a blockchain through a communication network, and the blockchain stores the hash value of the identity data signed with a private key of the key pair. The method includes: determining whether a user account has the identity data; obtaining from the blockchain the hash value of the identity data signed with the private key if it is determined that the user account has the identity data; using the public key to verify the hash value of the identity data signed with the private key to obtain a decrypted hash value of the identity data; and comparing the decrypted hash value of the identity data with the hash value of the identity data stored in the database to generate an identity verification result. In another embodiment, a system for identity verification includes a server and a database, wherein the server is connected to a blockchain through a communication network, and the system is configured to: receive an input of a user account and a user password from a user of an application through the communication network; after confirming that the user account number and the user password are correct, verify the identity of the user according to the method of the embodiment mentioned above to generate an identity verification result, wherein the identity verification result includes success or failure; and return the identity verification result to the application, wherein the application allows the user to log in to the application if the identity verification result received shows success. With this configuration, the user does not need to repeatedly provide identity data to different applications, thereby reducing the risk of a data breach. At the same time, due to the tamper-proof properties of blockchain, the application can also prevent users with forged identities from logging into the application. BRIEF DESCRIPTION OF THE APPENDED DRAWINGS FIG. 1 shows a flow chart of the stage of uploading identity data of the method for identity verification according to an embodiment of the present disclosure. FIG. 2A shows a schematic block diagram of the stage of uploading identity data of the method for identity verification according to an embodiment of the present disclosure. FIG. 2B shows a schematic block diagram of the stage of uploading identity data of the method for identity verification according to an embodiment of the present disclosure. FIG. 2C shows a schematic block diagram of the method for identity verification after uploading identity data according to an embodiment of the present disclosure. FIG. 3 shows a lookup table of unique identification (ID) of the identity data corresponding to user accounts of the method for identity verification according to an embodiment of the present disclosure. FIG. 4 shows a flow chart of the stage of identity verification of the method for identity verification according to an embodiment of the present disclosure. FIG. 5 shows a schematic block diagram of a system for identity verification according to another embodiment of the present disclosure. DETAILED DESCRIPTION OF THE INVENTION The following describes the method for identity verification and the system thereof of the present disclosure through embodiments and drawings. With the present disclosure, those skilled in the art can understand the technology and effect of the present disclosure. However, the conte