[go: up one dir, main page]

NL2010810C2 - System and method for checking the identity of a person. - Google Patents

System and method for checking the identity of a person. Download PDF

Info

Publication number
NL2010810C2
NL2010810C2 NL2010810A NL2010810A NL2010810C2 NL 2010810 C2 NL2010810 C2 NL 2010810C2 NL 2010810 A NL2010810 A NL 2010810A NL 2010810 A NL2010810 A NL 2010810A NL 2010810 C2 NL2010810 C2 NL 2010810C2
Authority
NL
Netherlands
Prior art keywords
identity information
user
unit
identity
face
Prior art date
Application number
NL2010810A
Other languages
Dutch (nl)
Inventor
Alfredo Alexander Rodriques
Arjen Setiawan Witsen
Michiel Joris Wolters
Original Assignee
Reviva B V
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Reviva B V filed Critical Reviva B V
Priority to NL2010810A priority Critical patent/NL2010810C2/en
Application granted granted Critical
Publication of NL2010810C2 publication Critical patent/NL2010810C2/en

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/40Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
    • G06Q20/401Transaction verification
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/08Payment architectures
    • G06Q20/12Payment architectures specially adapted for electronic shopping systems
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • G06F21/40User authentication by quorum, i.e. whereby two or more security principals are required
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/30Payment architectures, schemes or protocols characterised by the use of specific devices or networks
    • G06Q20/32Payment architectures, schemes or protocols characterised by the use of specific devices or networks using wireless devices
    • G06Q20/325Payment architectures, schemes or protocols characterised by the use of specific devices or networks using wireless devices using wireless networks
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/30Payment architectures, schemes or protocols characterised by the use of specific devices or networks
    • G06Q20/32Payment architectures, schemes or protocols characterised by the use of specific devices or networks using wireless devices
    • G06Q20/327Short range or proximity payments by means of M-devices
    • G06Q20/3278RFID or NFC payments by means of M-devices
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/385Payment protocols; Details thereof using an alias or single-use codes
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/40Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
    • G06Q20/401Transaction verification
    • G06Q20/4014Identity check for transactions
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/40Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
    • G06Q20/401Transaction verification
    • G06Q20/4014Identity check for transactions
    • G06Q20/40145Biometric identity checks
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/40Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
    • G06Q20/403Solvency checks
    • G06Q20/4037Remote solvency checks

Landscapes

  • Business, Economics & Management (AREA)
  • Engineering & Computer Science (AREA)
  • Accounting & Taxation (AREA)
  • Theoretical Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Strategic Management (AREA)
  • General Business, Economics & Management (AREA)
  • Computer Security & Cryptography (AREA)
  • Finance (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Computer Hardware Design (AREA)
  • Software Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)

Description

Title: System and method for checking the identity of a person
TECHNICAL FIELD
The invention relates to a system and method for checking the identity of a person.
BACKGROUND
In various circumstances, such as sales, making of contracts, or the like, it is desirable to check an identity of a person. Checking of an identity of a person in the past typically was performed by a person to be identified presenting a personal identification document, such as a passport, and another person determining that the person presenting the personal identification document indeed correspond to the person identified in the personal identification document. This way of checking an identity, however, is not well suited for present day internet activity wherein sales and contracts are made online. In such situations in-person checking of a personal identification document and a person presenting the document might delay procedures considerably. On the other hand, the need for checking the identity of a person remains.
SUMMARY
It is an object of the invention to provide a system, such as a computer system, arranged for verifying the identity of a user and obviating the need for in-person checking of a personal identification document and a person presenting the document. Herein “user” refers to the person using the system to have his or her identity confirmed.
Thereto, according to the invention is provided a system for verifying the identity of a user. The system in preferably arranged for online and/or internet-based verifying of the identity. The system includes a first verification unit, comprising a first input unit arranged for receiving first identity information data representative of the identity of the user, and a first checking unit arranged for checking whether the first identity information corresponds with an identity information record stored in a first database including a plurality of identity information records. The system further includes a second verification unit comprising a second input unit arranged for receiving second information data representative of financial data of the user, the financial data including an identifier of an account of the user, and a second checking unit arranged for checking whether the funds can be been transferred between the account of the user and the predetermined other account. The system further includes a determination unit arranged for determining that the identity of the user has been verified if the first checking unit has determined that the first identity information corresponds with an identity information record stored in the first database, and if the second checking unit has determined that the funds can be transferred between the account of the user and the predetermined other account.
It will be appreciated that the system makes use of first identity information and second identity information. These can be checked via different, paths and/or at different sources. Using such different paths and/or different sources provides the advantage that misidentification due to inaccuracy or theft of the first identity information can be minimised.
The first identity information can e.g. include information from a personal identification document, such as a passport number, an expiry date, or the like. The first identity information can also include an identifiable photographic image of the face of the user, e.g. for future confirmation, e.g. a first photographic image of the face of the user as featured on the personal identification document. It is possible that the first identity information includes an image of a personal identification document, such as a scan or photograph of the personal identification document. The first identity information can be checked using the first database, e.g. a remote database. The second identity information identifies the account of the user, e.g. a bank account, such as an online bank account. It will be appreciated that the transferring of funds can only be verified with access to the account of the user or to the predetermined other account. The predetermined other account may be associated with a party on whose behalf the identity of the user is verified, or with a third party entrusted with verifying the account. It is noted that the system may include a transferring unit arranged for transferring funds between the account of the user and a predetermined other account, wherein the second checking unit may be arranged for checking whether the funds have been transferred between the account of the user and the predetermined other account. The second checking unit may check whether the funds have been transferred from the account of the user to the predetermined other account, and/or from the predetermined other account to the account of the user.
Access to an account, especially a bank account, is usually already highly secured and provides a good indication that the user of the account is indeed the owner of the account. Also, providing the first identity information, especially when taken from a personal identification document, provides a good indication that the user of the first identity information is indeed the person indicated by the first identity information.
Optionally, the determination unit is further arranged for determining that the identity of the user has been verified if the first identity information corresponds with the second identity information associated with the account of the user. The determination unit can e.g. check whether a family name included in the first identity information corresponds with a family name associated with the account of the user.
This provides enhanced indication of the identity of the user.
Optionally, the first identity information further includes a second photographic image of a face of the user. The first input unit can for instance include a digital camera for receiving the second photographic image. Optionally, the first input unit includes a photography unit arranged for determining whether face is properly placed in a field of view of the camera. The photography unit may include an instruction unit arranged for instructing the user how to position the face properly in the field of view of the camera. The first checking unit may be arranged for determining whether the face in the first photographic image corresponds to the face in the second photographic image. This determination may be based on facial recognition techniques which are known per se.
Optionally, the first input unit includes an RFID receiver for receiving identity information from an RFID chip in a personal identification document of the user. The identity information received from the RFID chip may include a third photographic image of the user, and the first checking unit may be arranged for determining whether the face in the third photographic image corresponds to the face in the second photographic image, e.g. on the basis of facial recognition.
Optionally, the first checking unit is arranged for determining a level of mismatch between alphanumerical first identity information and alphanumerical information of an identity information record stored in the first database, wherein the checking unit is arranged for determining that the first identity information corresponds with said identity information record if the level of mismatch is below a predetermined mismatch threshold level. The mismatch may e.g. be due to a typographical error in a number (e.g. document number) or a name, e.g. first name entered into the first input unit. The mismatch may also be due to an error caused by conversion of the first identity information, e.g. when extracting a number or a name from a scan or photograph of a personal identification document by means of OCR (optical character recognition). A predetermined level of mismatch may be allowed depending on the purpose of the verification of the identity of the user.
Additionally, or alternatively, a (partial) mismatch may be determined when comparing the second photographic image with the first and/or third photographic image, e.g. due to facial changes (ailment, scarring, tanning, etc.) or photographic artefacts (lighting conditions, poor image resolution, etc.). It is also possible to determine that the second photographic image corresponds with the first and/or second photographic image if the level of mismatch is below a predetermined photo mismatch threshold level.
Optionally, the above described system is arranged as a modular system, wherein the modular system includes one or more of: a first module having a first first input unit arranged for receiving alphanumerical first identity information of the user from an input device such as a keyboard or touchscreen; a second module having a second first input unit arranged for receiving photographical first identity information of the user, such as a scan or photograph of a personal identification document of the user; a third module having a third first input unit arranged for receiving a photograph of a face of the user; and a fourth module having a fourth first input unit arranged for receiving, e.g. via RFID interrogation, digital identity information stored in a personal identification document of the user; and one or more of: a first first checking unit arranged for checking whether the alphanumerical first identity information, received by the first first input unit, corresponds with alphanumerical identity information of an identity information record stored in the first database; a second first checking unit arranged for checking whether alphanumerical first identity information extracted from the photographical first identity information, received by the second first input unit, e.g. by means of OCR, corresponds with alphanumerical identity information of an identity information record stored in the first database; a third first checking unit arranged for checking whether the face in the photograph of the face of the user, received by the third first input unit, corresponds with the face in the photographical first identity information received by the second first input unit, and/or with a photographical representation of a face received by the fourth first input unit, and/or a photographical representation of a face stored in the first database; and a fourth first checking unit arranged for checking whether the digital identity information, received by the fourth first input unit, corresponds with identity information of an identity information record stored in the first database.
In an embodiment the modular system includes a selection unit. The selection unit includes a certainty level setting unit arranged for setting a desired level of certainty that the checked identity is correct. The level of certainty can e.g. be expressed as a percentage, or as a rating (e.g. 1-10).
The selection unit further includes a switching unit for switching one or more of the first, second, third and fourth first input unit and one or more of the first, second, third and fourth first checking units on or off on the basis of the selected level of certainty. For example, in response to the selection of a low level of certainty the switching unit may switch the first first input unit and the first first checking unit on and the remaining units off. For example, in response to the selection of a high level of certainty the switching unit may switch all units on.
In an embodiment the invention relates to a group of systems, wherein a first system of the group of systems includes a first selection of units of the modular system and a second system of the group of systems includes a second, different, selection of units of the modular system. The first, system includes a first selection of the first, second, third and fourth first, input units and the first, second, third and fourth first checking units of the modular system. The second system includes a different, second selection of the first, second, third and fourth first input units and the first, second, third and fourth first checking units of the modular system. Providing the group of systems provides the advantage that the first system can be tailored to a first application and the second system can be tailored to the second application, whereas the first and second system can be simply selected from the modular system, thus obviating the need for creating a dedicated system for creating a dedicated system for each and every application.
The system as described above can be used for verifying the identity of a user of an online service, such as a webshop or an online banking service. A webshop is an internet based facility, a computer program running on a programmable device, for making sales or contracts. The webshop conventionally includes modules such as a browsing module arranged for allowing the user to browse through products and/or services offered in the webshop, a shopping module (sometimes referred to as basket or shopping cart) arranged for collecting products and/or services the user has selected to be acquired, and a checkout module arranged for completion of the sale or contract including user identification, financial transaction and/or shipping agreement if applicable. Hence, the checkout module of the webshop can include a system as described above. It will be appreciated that also a checkout module of an alternative onhne service can include a system as described above.
Optionally, the online checkout module further includes an interface unit arranged for receiving the first identity information data and/or the second information data from a further onhne module, e.g. a further module of the webshop, and arranged for providing the first identity information data and/or the second information data to the first input unit and/or the second input unit, respectively. The further module can e.g. be a subscription module in which the user “subscribes” to the onhne service by providing identification information and creating a profile optionally including a user name and password.
Optionally, the online service further includes a reporting module for reporting the first identity information data and/or the second information data to an operator of the online service. The reporting module can also be arranged for reporting a result of the verification of the identity of the user (pass/fail) to the operator.
The invention also relates to a method for verifying the identity of a user, comprising receiving by a first input unit first identity information data representative of the identity of the user; checking by a first checking unit whether the first identity information corresponds with an identity information record stored in a first database including a plurality of identity information records; receiving by a second input unit second information data representative of financial data of the user, the financial data including an identifier of an account of the user; checking by a second checking unit whether funds can been transferred between the account of the user and the predetermined other account; and determining by a determination unit that the identity of the user has been verified if the first checking unit has determined that the first identity information corresponds with an identity information record stored in the first database, and the second checking unit has determined that the funds can be transferred between the account of the user and the predetermined other account.
BRIEF DESCRIPTION OF THE DRAWINGS
The invention will now further be elucidates referring to the drawing in which
Figure 1 shows a schematic representation of a first example of a online service of an operator;
Figure 2 shows an example of an embodiment of a first verification unit as it can be presented to the user on a screen of a communications device;
Figure 3 shows a schematic representation of an embodiment of a first verification unit;
Figure 4 shows an example of an embodiment of a first verification unit as it can be presented to the user on a screen of a communications device;
Figure 5 shows an example of an embodiment of a first verification unit as it can be presented to the user on a screen of a communications device;
Figure 6 shows an example of an embodiment of a first verification unit as it can be presented to the user on a screen of a communications device;
Figure 7 shows a schematic representation of payment for the sale of the product or service.
DETAILED DESCRIPTION
Figure 1 shows a schematic representation of a first example of an online service 1 of an operator. In this example, the onhne service is embodied as a webshop. In the webshop the user selects a desired product or service using a browsing module 2 of the webshop 1. The user can select the desired product 4A or service 4B by adding the desired item to a virtual shopping cart 6. An information module 8 of the webshop requests the user to enter information for completing the sale of the product or service. The information module 8 can be a module arranged for having the user make a user account, or for the user to access a previously created user account. The information module 8 can also be arranged for receiving user information without creating an account. The entered information in this example includes first identity information 10, in this example initials, prefix, surname, date of birth, type of identification document, number of identification document, and contact address (including street name, number, postal code, city, state, country). The entered information in this example also includes second information 12 including financial information, in this example a bank account number of the user. In this example the entered information further includes third information 14 comprising an indication that the user agrees to the general terms and conditions of the operator of the webshop. It will be appreciated that the first information 10 and second information 12 can be used to verify that the user of the webshop indeed is a real person with a real address and real funds to pay for the bought product or service. The first information 10, second information 12 and/or third information 14 can also be used as evidence of the legally binding nature of the sale of the product or service (contract).
Once the user has entered the required information in the information module 8, he needs to check out to complete the sale of the product 4A or service 4B. In this example, the webshop 1 includes a checkout module 16. The checkout module 16 is arranged for verifying the identity of the user.
In this example the checkout module 16 includes a first verification unit 18. The first verification unit includes a first input unit 20 and a first checking unit 22. The first input unit 20 is arranged for receiving first identity information data 10 representative of the identity of the user. The first input unit can receive the first information 10 from the information module 8. Additionally, or alternatively, the first input unit can directly receive the first information from the user. The first checking unit 22 is arranged for checking whether the first identity information corresponds with an identity information record 24 stored in a, in this example remote, first database 26 including a plurality of identity information records. In this example, the database 26 is accessed via a first intermediate node 28. It will be appreciated that it is possible that the first checking unit 22 submits (part of) the first identity information 10 to the first intermediate node 28, that the first intermediate node accesses the database 26, that the first intermediate node determines whether the first identity information corresponds with an identity information record 24 stored in the database 26, and that the first checking unit 22 receives a result of the checking from the first intermediate node 28.
In this example the checkout module 16 further includes a second verification unit 30. The verification unit includes a second input unit 32 and a second checking unit 34. The second input unit 32 is arranged for receiving the second information data 12 representative of financial data of the user. The second input unit can receive the second information 12 from the information module 8. Additionally, or alternatively, the second input unit can directly receive the second information from the user. The second checking unit 34 is arranged for checking whether funds can been transferred between the account of the user and a predetermined other account 36. In this example, the transfer of funds is checked via a second intermediate node 38. It will be appreciated that it is possible that the second checking unit 34 submits a request to check the transfer of funds to the second intermediate node 38, that the second intermediate node checks the transfer of funds, that the second intermediate node determines whether the transfer of funds between the account of the user and the other account 36 is possible, and that the second checking unit 34 receives a result of the checking from the second intermediate node 38.
In this example the checkout module 16 further includes a determination unit 40. The determination unit is arranged for determining that the identity of the user has been verified. If the determination unit 40 receives indication that the first checking unit 22 has determined that the first identity information 10 corresponds with an identity information record 24 stored in the first database, and that the second checking unit 34 has determined that the funds have been transferred between the account of the user and the predetermined other account, the determination unit 40 determines that the identity of the user has been verified. It will be appreciated that the determination unit 40 may require that, at least part of, the first identity information data (e.g. a surname) corresponds with, at least part of, the second information data associated with the account of the user (e.g. a surname), for the identity of the user to be verified.
Once the identity of the user has been verified, the sale of the product or service can be completed. The sale can e.g. be confirmed to the user on-screen and/or via a personal message, such as email or SMS. Also the picking and shipping of the product, or the providing of the service can be started.
Figure 2 shows an example of an embodiment of a first verification unit 18 as it can be presented to the user on a screen of a communications device such as a computer, tablet, mobile phone or the like. In this example the first verification unit 18 includes a picking unit 42. The picking unit 42 allows the user to pick one of a selection of ways for the user to supply the first information 10 to the first input unit 20. In this example, the picking unit 42 allows the user to pick one of a) uploading a scan or photograph of a personal identification document of the user, b) have the identity verified using a webcam of the computer, or c) having the identity verified using an application for a mobile telecommunications device such as a smartphone.
Figure 3 shows a schematic representation of an embodiment of a first verification unit 18. In this example the first verification unit 18 is arranged as a modular system. The first verification unit 18 in Figure 3 includes: a first module having a first first input unit 20.1 arranged for receiving alphanumerical first identity information of the user from an input device such as a keyboard or touchscreen; a second module having a second first input unit 20.2 arranged for receiving photographical first identity information of the user, such as a scan or photograph of a personal identification document of the user, e.g. using a digital camera 21; a third module having a third first input unit 20.3 arranged for receiving a photograph of a face of the user; and a fourth module having a fourth first input unit 20.4 arranged for receiving, e.g. via RFID interrogation, digital identity information stored in a personal identification document of the user;
The first verification unit 18 in Figure 3 further includes: a first first checking unit 22.1 arranged for checking whether the alphanumerical first identity information, received by the first first input unit 20.1, corresponds with alphanumerical identity information of an identity information record stored in the first database; a second first checking unit 22.2 arranged for checking whether alphanumerical first identity information extracted from the photographical first identity information, received by the second first input unit 20.2, e.g. by means of OCR, corresponds with alphanumerical identity information of an identity information record stored in the first database 26; a third first checking unit 22.3 arranged for checking whether the face in the photograph of the face of the user, received by the third first input unit 20.3, corresponds with the face in the photographical first identity information received by the second first input unit 20.2, and/or with a photographical representation of a face received by the fourth first input unit 20.4, and/or a photographical representation of a face stored in the first database 26; and a fourth first checking unit 22.4 arranged for checking whether the digital identity information, received by the fourth first input unit 20.4, corresponds with identity information of an identity information record stored in the first database 26.
The first verification unit 18 in Figure 3 further includes the picking unit 42 as described with reference to Figure 2. Alternatively, or additionally, the operator can determine which modules of the first verification unit 18 are presented to the user. Thereto, the operator may operate the picking unit and omit the picking unit 42 from the screen displayed to the user. In the example of Figure 2, for instance, the first first input unit 20.1 and the fourth first input unit 20.4 are not presented to the user. It will be appreciated that the option to check the identity using an application for a mobile telecommunications device, as shown in Figure 2, can be similar to one of the first input units 20.1,, 20.2, 20.3, 20.4.
It is also possible to make the selection of the module or modules presented to the user dependent on a desired level of certainty that the verified identity is correct (allowable level of false positives). This may e.g. depend on the nature or value of the product or service selected by the user. Thereto, the first verification unit may further comprising a selection unit 44. In Figure 3 the selection unit includes a certainty level setting unit 46 and a switching unit 48. The certainty level setting unit 46 is arranged for setting a desired level of certainty that the checked identity is correct. The switching unit 48 is arranged for switching one or more of the first input units 20.1, 20.2, 20.3, 20.4 and one or more of the first checking units 22.1, 22.2, 22.3, 22.4 on or off on the basis of the selected level of certainty.
Figure 4 shows an example of an embodiment of a first verification unit as it can be presented to the user on a screen of a communications device. In this example the user has selected the option to upload a scan or photograph of his personal identification document. The screen shows instructions on how to upload the information, based on the type of identification document. The type of document can already have been entered in the information module 8 of the webshop. It is also possible that the first verification unit 18 provides the option to enter the type of document, e.g. via a pulldown menu.
Once the scan or photograph of the personal identification document has been uploaded, the scan or photograph is processed for extraction of the first identity information. This processing may include rotating of the scan or photograph, resizing, cropping, conversion to a different image format, or the hke. As shown in Figure 4, after upload thumbnails of the scan or photograph can be shown on screen. It is possible that sensitive information, such as a social security number or photograph is rendered invisible or unrecognisable. The processing may further include obtaining alphanumerical first identity information data, such as initials, prefix, surname, date of birth, type of identification document, number of identification document, and contact address from the scan or photograph, e.g. by means of OCR. The processing may be performed by the first checking unit and/or the first intermediate node 28.
The first checking unit can be arranged for determining a level of mismatch between the alphanumerical first identity information obtained from the scan or photograph and alphanumerical information of an identity information record stored in the first database 26. The checking unit can be arranged for determining that the first identity information corresponds with said identity information record if the level of mismatch is below a predetermined mismatch threshold level. The predetermined threshold level may be dependent on the type of product or service, and/or on the value thereof.
Figure 5 shows an example of an embodiment of a first verification unit as it can be presented to the user on a screen of a communications device. In this example the user has selected the option to have the identity verified using the digital camera 21. In Figure 5, the first verification unit 18 requests the user to allow the digital camera to be activated. If the user agrees, the user is requested to place his personal identification document in the field of view of the digital camera so that a photograph can be taken of the personal identification document, e.g. via secure video streaming. The first verification unit 18 may be provided with a photography unit arranged for determining whether the document and/or face is properly placed in a field of view of the camera 21. The photography unit may e.g. show a five video image obtained by the digital camera 21 with markers between which the user must position the personal identification document. The photograph of the document can further be processed as described with respect to Figure 4.
In an embodiment using the third first input unit 20.3, the user will be requested to position his face in the field of view of the digital camera 21. The photography unit may provide markers and/or guidance as how to position the face. The third first input unit is arranged to take a photograph of the face of the user once the face is properly positioned in the field of view of the camera 21. The photograph of the face taken by the digital camera can be compared with the photograph of the face of the user on the personal identification document, or a photograph stored in the database 26. Face recognition techniques, known per se, can be used to verify whether the faces correspond.
Figure 6 shows an example of an embodiment of a first verification unit as it can be presented to the user on a screen of a communications device. In this example the user has selected the option to have the identity verified using an apphcation for a mobile telecommunications device. In Figure 6, the first verification unit 18 requests the user to start (or install and start) an application on a mobile telecommunications device 23. The first verification unit 18 provides a token to the user, which token in entered in the application. The token is unique and allows the first verification unit to recognise any communication from the telecommunications device 23 as being associated with the verification process of the first verification unit 18 being used by the current user. The application acts as an external digital camera and is arranged to obtain a photograph of the personal identification document and/or the face of the user as described with respect to Figure 4 and Figure 5. The application transmits the photograph(s) to a predetermined recipient associated with the first verification unit. Due to the token the recipient recognises the photograph as part of the current verification process.
In an embodiment a mobile telecommunications device is used having Near Field Communication (NFC) capabilities. Such devices can e.g. read out RFID (Radio Frequent Identification) chips. Such device can read out an RFID chip included in a personal identification document. The RFID chip in a personal identification document includes first identification information also printed on the personal identification document. Additionally the RFID chip can include biometric data such as a facial photograph and/or fingerprints. This RFID chip can be read by the fourth first input unit 20.4. The mobile telecommunications device can form part of the first verification unit, e.g. by means of an application running on the device.
The second verification unit 30 is arranged for checking whether funds can been transferred between the account of the user and the predetermined other account 36. This is particularly useful when the sale concerns a continuing service for which multiple payments are to be expected.
Figure 7 shows a schematic representation of an example of payment for the sale of the product or service. There are multiple options for payment such as online banking transfer 102, cash on dehvery 104, automatic debit 106 and invoicing 108. When paying through online banking transfer the transfer of funds can be tested immediately. The other options do not allow testing of the transfer of funds upon checkout. Therefore, these options trigger the request for payment 110 of a predetermined amount (e.g. 1 cent) through online banking transfer. The second checking unit 34 checks 112 whether the online banking transfer was successful. In this example, the second checking unit also checks 114 whether the account used for online banking transfer matches the account entered in the information unit 8. If the accounts match, the order is completed 116. If the account do not match, the account number entered in the information unit 8 can be changed (e.g. if allowed by the operator of the webshop), e.g. automatically 120.
After the checkout procedure has been completed, the operator of the webshop can send a confirmation, e.g. an email, to the user.
It is possible that the first and/or second information are verified in real time, i.e. during the checkout procedure. It is also possible that the first and/or second information are verified off-line, e.g. after completion of the checkout procedure and before confirmation by the operator of closing of the deal. If the verification procedure reveals that certain information does not pass the verification, it is possible to request the user to correct this information.
In the foregoing, the invention has been described with reference to specific examples of embodiments of the invention. It will, however, be evident that various modifications and changes may be made therein, without departing from the essence of the invention.
It is possible that the first and/or second information are verified in real time, i.e. during the checkout procedure. It is also possible that the first and/or second information are verified off-line, e.g. after completion of the checkout procedure and before confirmation by the operator of closing of the deal. If the verification procedure reveals that certain information does not pass the verification, it is possible to request the user to correct this information.
It will be appreciated that the verification units, input units, checking units, determination units, picking unit, selection unit, switching unit, level setting unit and/or photography unit can be embodied as dedicated electronic circuits, possibly including software code portions. The verification units, input units, checking units, determination units, picking unit, selection unit, switching unit, level setting unit and/or photography unit can also be embodied as software code portions executed on, and e.g. stored in a memory of, a programmable apparatus such as a computer.
However, other modifications, variations, and alternatives are also possible. The specifications, drawings and examples are, accordingly, to be regarded in an illustrative sense rather than in a restrictive sense.
In the claims, any reference signs placed between parentheses shall not be construed as limiting the claim. The word ‘comprising’ does not exclude the presence of other features or steps than those listed in a claim. Furthermore, the words ‘a’ and ‘an’ shall not be construed as limited to ‘only one’, but instead are used to mean ‘at least one’, and do not exclude a plurality. The mere fact that certain measures are recited in mutually different, claims does not indicate that a combination of these measures cannot be used to an advantage.

Claims (37)

1. Systeem voor het verifiëren van de identiteit van een gebruiker, voorzien van: - een eerste verificatieeenheid voorzien van een eerste inputeenheid ingericht voor het ontvangen van eerste identiteitsinformatiedata representatief voor een identiteit van de gebruiker, en een eerste controleeenheid ingericht voor het controleren of de eerste identiteitsinformatie correspondeert met een identiteitsinformatierecord op geslagen in een eerste databank die een veelvoud van 1 dentit,eitsinform atl erecords omvat; - een tweede verificatieeenheid voorzien van een tweede inputeenheid ingericht voor het ontvangen van tweede informatiedata representatief voor financiële data van de gebruiker, waarbij de financiële data een identificatie van een account van de gebruiker omvat, een tweede controleeenheid ingericht voor het controleren of middelen kunnen worden overgedragen tussen de account van de gebruiker en een vooraf bepaalde andere account; en - een bepalingseenheid voor het bepalen dat de identiteit van de gebruiker geverifieerd is als de eerste controleeenheid heeft bepaald dat de eerste identiteitsinformatie correspondeert met een in de eerste databank opgeslagen identiteitsinformatierecord, en de tweede controleeenheid heeft bepaald dat de middelen kunnen worden overgedragen tussen de account van de gebruiker en de vooraf bepaalde andere account.A system for verifying the identity of a user, comprising: - a first verification unit provided with a first input unit adapted to receive first identity information data representative of an identity of the user, and a first control unit adapted to check whether the first identity information corresponds to an identity information record stored in a first database comprising a multiple of 1 dent information record records; - a second verification unit provided with a second input unit adapted to receive second information data representative of financial data from the user, the financial data comprising an identification of an account of the user, a second control unit adapted to check whether resources can be transferred between the user's account and a predetermined other account; and - a determining unit for determining that the identity of the user is verified if the first checking unit has determined that the first identity information corresponds to an identity information record stored in the first database, and the second checking unit has determined that the means can be transferred between the account of the user and the predetermined other account. 2. System volgens conclusie 1, waarbij de bepalingseenheid verder ingericht is voor het bepalen dat de identiteit van de gebruiker geverifieerd is als de eerste identiteitsinformatiedata correspondeert met de tweede informatiedata geassocieerd met de account van de gebruiker.The system of claim 1, wherein the determining unit is further adapted to determine that the identity of the user is verified if the first identity information data corresponds to the second information data associated with the user's account. 3. Systeem volgens conclusie 1 of 2, waarbij de eerste identiteitsinformatie alfanumerieke informatie omvat.The system of claim 1 or 2, wherein the first identity information comprises alphanumeric information. 4. Systeem volgens een der conclusies 1-3, waarbij de eerste identiteitsinformatie een eerste identificeerbaar fotografisch beeld van de gebruiker omvat.The system of any one of claims 1-3, wherein the first identity information comprises a first identifiable photographic image of the user. 5. Systeem volgens conclusie 4, waarbij de eerste identiteitsinformatie een beeld van een persoonlijk identiteitsdocument omvat voorzien van een eerste fotografisch beeld van een gezicht van de gebruiker op het persoonlijk identiteitsdocument.The system of claim 4, wherein the first identity information comprises an image of a personal identity document provided with a first photographic image of a user's face on the personal identity document. 6. Systeem volgens conclusie 5, waarbij de eerste identiteitsinformatie verder een tweede fotografisch beeld van een gezicht van de gebruiker omvat.The system of claim 5, wherein the first identity information further comprises a second photographic image of a user's face. 7. Systeem volgens een der conclusies 4-6, waarbij de eerste inputeenheid een digitale camera omvat voor het generen van het(de) fotografische beeld(en).A system according to any of claims 4-6, wherein the first input unit comprises a digital camera for generating the photographic image (s). 8. Systeem volgens een der conclusies 4-6, waarbij de eerste inputeenheid ingericht is voor het generen van een token, waarbij het systeem verder voorzien is van een applicatieeenheid op een mobiele telecommunicatieinrichting voorzien van een digitale camera die ingericht is voor het generen van het(de) fotografische beeld(en) en voor het overbrengen van het(de) beeld(en) en informatie representatief voor de token aan de eerste verificatieeenheid.8. System as claimed in any of the claims 4-6, wherein the first input unit is adapted to generate a token, wherein the system is further provided with an application unit on a mobile telecommunication device provided with a digital camera which is adapted to generate the (de) photographic image (s) and for transferring the image (s) and information representative of the token to the first verification unit. 9. Systeem volgens conclusie 7 of 8, waarbij de eerste inputeenheid en/of de applicatie eenheid een fotografieeenheid omvat ingericht voor het bepalen of het document en/of gezicht op de juiste manier gepositioneerd is in een gezichtsveld van de camera.A system according to claim 7 or 8, wherein the first input unit and / or the application unit comprises a photography unit adapted to determine whether the document and / or face is correctly positioned in a field of view of the camera. 10. Systeem volgens een der conclusies 4-9, waarbij de eerste controleeenheid ingericht is voor het bepalen of het gezicht in het eerste fotografische beeld correspondeert met het gezicht in het tweede fotografische beeld op basis van gezichtsherkenning.The system of any one of claims 4-9, wherein the first control unit is adapted to determine whether the face in the first photographic image corresponds to the face in the second photographic image based on face recognition. 11. Systeem volgens een der conclusies 1-10, waarbij de eerste inputeenheid een RFID ontvanger omvat voor het ontvangen van identiteitsinformatie van een RFID chip in een persoonlijk identificatiedocument van de gebruiker.The system of any one of claims 1-10, wherein the first input unit comprises an RFID receiver for receiving identity information from an RFID chip in a user's personal identification document. 12. Systeem volgens conclusie 11, waarbij de van de RFID chip ontvangen identiteitsinformatie een derde fotografisch beeld van de gebruiker omvat, en waarbij de eerste controleeenheid ingericht is voor het bepalen of het gezicht in het derde fotografisch beeld correspondeert met het gezicht in het tweede fotografisch beeld op basis van gezichtsherkenning.The system of claim 11, wherein the identity information received from the RFID chip comprises a third photographic image of the user, and wherein the first control unit is adapted to determine whether the face in the third photographic image corresponds to the face in the second photographic image based on face recognition. 13. Systeem volgens een der conclusies 2-12, waarbij de eerste controleeenheid ingericht is voor het bepalen van een mate van discrepantie tussen de alfanumerieke eerste identiteitsinformatie en alfanumerieke informatie van een in de eerste databank opgeslagen identiteitsinformatierecord, waarbij de bepalingseenheid ingericht is voor het bepalen dat de eerste identiteitsinformatie correspondeert met de genoemde identiteitsinformatierecord als de mate van discrepantie onder een vooraf bepaalde discrepantie drempel is.A system according to any of claims 2-12, wherein the first control unit is arranged to determine a degree of discrepancy between the alphanumeric first identity information and alphanumeric information of an identity information record stored in the first database, the determining unit being arranged to determine that the first identity information corresponds to said identity information record if the degree of discrepancy is below a predetermined discrepancy threshold. 14. Systeem volgens een der voorgaande conclusies, waarbij het system ingericht is als een modulair systeem voorzien van een of meer van: een eerste module met een eerste eerste inputeenheid ingericht voor het ontvangen van alfanumerieke eerste identiteitsinformatie van een gebruiker van een inputinrichting zoals een toetsenboord of aanraakscherm; een tweede module met een tweede eerste inputeenheid ingericht voor het ontvangen van fotografische eerste identiteitsinformatie van de gebruiker, zoals een scan of foto van een persoonlijk identificatiedocument van de gebruiker; een derde module met een derde eerste inputeenheid ingericht voor het ontvangen van een foto van een gezicht van de gebruiker; en een vierde module met een vierde eerste inputeenheid ingericht voor het ontvangen, e.g. via RFID ondervraging, van digitale identiteitsinformatie die opgeslagen is in een persoonlijk identificatiedocument van de gebruiker; en een of meer van: een eerste eerste controleeenheid ingericht voor het controleren of de door de eerste eerste inputeenheid ontvangen alfanumerieke eerste identiteitsinformatie correspondeert met alfanumerieke identiteitsinformatie van een in de eerste databank opgeslagen identiteitsinformatierecord; een tweede eerste controleeenheid ingericht voor het controleren of uit de fotografische eerste identiteitsinformatie geëxtraheerde alfanumerieke eerste identiteitsinformatie die ontvangen is door de tweede eerste inputeenheid, e.g. door middel van OCR, corresopndeert met alfanumerieke identiteitsinformatie van een in de eerste databank opgeslagen identiteitsinformatierecord; een derde eerste controleeenheid ingericht voor het controleren of het gezicht in de foto van het gezicht van de gebruiker, die ontvangen is door de derde eerste inputeenheid, correspondeert met het gezicht in de fotografische eerste identiteitsinformatie, die ontvangen is door de tweede eerste inputeenheid, en/of met een fotografische representatie van een gezicht, dat ontvangen is door de vierde eerste inputeenheid, en/of een in de eerste databank opgeslagen fotografische representatie van een gezicht; en een vierde eerste controleeenheid ingericht voor het controleren of de digitale identiteitsinformatie, die ontvangen is door de vierde eerste inputeenheid, correspondeert met identiteitsinformatie van een in de eerste databank opgeslagen identiteitsinformatierecord.A system according to any one of the preceding claims, wherein the system is arranged as a modular system provided with one or more of: a first module with a first first input unit adapted to receive alphanumeric first identity information from a user of an input device such as a keyboard or touch screen; a second module with a second first input unit adapted to receive photographic first identity information from the user, such as a scan or photo of a user's personal identification document; a third module with a third first input unit adapted to receive a photo of a user's face; and a fourth module with a fourth first input unit adapted to receive, e.g. via RFID interrogation, digital identity information stored in a user's personal identification document; and one or more of: a first first control unit adapted to check whether the alphanumeric first identity information received by the first first input unit corresponds to alphanumeric identity information of an identity information record stored in the first database; a second first control unit adapted to check whether alphanumeric first identity information extracted from the photographic first identity information received by the second first input unit, e.g. by means of OCR, with alphanumeric identity information of an identity information record stored in the first database; a third first check unit adapted to check whether the face in the photograph of the user's face received by the third first input unit corresponds to the face in the photographic first identity information received by the second first input unit, and / or with a photographic representation of a face received by the fourth first input unit, and / or a photographic representation of a face stored in the first database; and a fourth first control unit adapted to check whether the digital identity information received by the fourth first input unit corresponds to identity information from an identity information record stored in the first database. 15. Systeem volgens conclusie 14 verder voorzien van een selectie eenheid omvattende een zekerheidsmate-insteleenheid ingericht voor het instellen van een wenselijke zekerheidsmate dat de gecontroleerde identiteit juist is, en een schakeleenheid ingericht voor het aan of uit schakelen van een of meer van de eerste inputeenheden en een of meer van de eerste controleeenheden op basis van de geselecteerde zekerheidsmate.The system of claim 14 further comprising a selection unit comprising a security degree setting unit adapted to set a desirable security degree that the checked identity is correct, and a switching unit adapted to switch on or off one or more of the first input units and one or more of the first control units based on the selected degree of certainty. 16. Groep van systemen voor het verifiëren van de identiteit van een gebruiker voorzien van een eerste systeem en een tweede systeem, waarbij het eerste systeem voorzien is van een eerste selectie van eerste inputeenheden en eerste controleeenheden van het modulaire systeem volgens conclusie 13, en waarbij het tweede systeem voorzien is van een verschillende, tweede selectie van eerste inputeenheden en eerste controleeenheden van het modulaire systeem volgens conclusie 13.A group of systems for verifying the identity of a user provided with a first system and a second system, the first system comprising a first selection of first input units and first control units of the modular system according to claim 13, and wherein the second system is provided with a different, second selection of first input units and first control units of the modular system according to claim 13. 17. Online checkoutmodule voorzien van een systeem volgens een der conclusies 1-15, of een eerste of tweede systeem volgens conclusie 16.17. Online checkout module provided with a system according to any of claims 1-15, or a first or second system according to claim 16. 18. Online checkoutmodule volgens conclusie 17, verder voorzien van een koppeleenheid ingericht voor het ontvangen van de eerste identiteitsinformatiedata en/of de tweede informatiedata van een verdere online module, en ingericht voor het verschaffen van de eerste identiteitsinformatiedata en/of de tweede informatiedata aan de eerste inputeenheid en/of de tweede inputeenheid, respectievelijk.The online checkout module according to claim 17, further comprising a coupling unit adapted to receive the first identity information data and / or the second information data from a further online module, and adapted to provide the first identity information data and / or the second information data to the first input unit and / or the second input unit, respectively. 19. Online checkoutmodule volgens conclusie 17 of 18, verder voorzien van een rapporteermodule voor het rapporteren van de eerste identiteitsinformatiedata en/of de tweede informatiedata aan een operator van de online checkoutmodule.19. Online checkout module according to claim 17 or 18, further provided with a reporting module for reporting the first identity information data and / or the second information data to an operator of the online checkout module. 20. Werkwijze voor het verifiëren van de identiteit van een gebruiker, omvattende: het ontvangen door een eerste inputeenheid van eerste identiteitsinformatiedata representatief voor de identiteit van de gebruiker, het controleren door een eerste controleeenheid of de eerste identiteitsinformatie correspondeert met een identiteitsinformatierecord die opgeslagen is in een eerste databank die een veelvoud van i d enti tei tsi nform a ti erecord s omvat; het ontvangen door een tweede inputeenheid van tweede informatiedata representatief voor financiële data van de gebruiker, waarbij de financiële data een identificatie van een account van de gebruiker omvat, het controleren door een tweede controleeenheid of middelen kunnen worden overgedragen tussen de account van de gebruiker en een vooraf bepaalde andere account; en het bepalen door een bepalingseenheid dat de identiteit van de gebruiker geverifieerd is als de eerste controleeenheid heeft bepaald dat de eerste identiteitsinformatie correspondeert met een in de eerste databank opgeslagen identiteitsinformatierecord, en de tweede controleeenheid heeft bepaald dat de middelen kunnen worden overgedragen tussen de account van de gebruiker en de vooraf bepaalde andere account.A method for verifying the identity of a user, comprising: receiving by a first input unit of first identity information data representative of the identity of the user, checking by a first checking unit whether the first identity information corresponds to an identity information record stored in a first database comprising a plurality of id enti tsi information conformance records; receiving by a second input unit of second information data representative of the user's financial data, wherein the financial data comprises an identification of a user's account, checking by a second checking unit or means can be transferred between the user's account and a predetermined other account; and determining by a determining unit that the identity of the user is verified if the first checking unit has determined that the first identity information corresponds to an identity information record stored in the first database, and the second checking unit has determined that the means can be transferred between the account of the user and the predetermined other account. 21. Werkwijze volgens conclusie 20, verder omvattende de stap van het bepalen dat de identiteit van de gebruiker geverifieerd is als de eerste identiteitsinformatiedata correspondeert met tweede informatiedata geassocieerd met de account van de gebruiker.The method of claim 20, further comprising the step of determining that the user's identity is verified if the first identity information data corresponds to second information data associated with the user's account. 22. Werkwijze volgens conclusie 20 of 21, waarbij de eerste identiteitsinformatie alfanumeriek informatie omvat.The method of claim 20 or 21, wherein the first identity information comprises alphanumeric information. 23. Werkwijze volgens een der conclusies 20-22, waarbij de eerste identiteitsinformatie een eerste identificeerbaar fotografisch beeld van de gebruiker omvat.The method of any one of claims 20-22, wherein the first identity information comprises a first identifiable photographic image of the user. 24. Werkwijze volgens conclusie 22, waarbij de eerste identiteitsinformatie een beeld van een persoonlijk identiteitsdocument omvat voorzien van een eerste fotografisch beeld van een gezicht van de gebruiker op het persoonlijk identiteitsdocument.The method of claim 22, wherein the first identity information comprises an image of a personal identity document provided with a first photographic image of a user's face on the personal identity document. 25. Werkwijze volgens conclusie 24, waarbij de eerste identiteitsinformatie verder een tweede fotografisch beeld van een gezicht van de gebruiker omvat.The method of claim 24, wherein the first identity information further comprises a second photographic image of a user's face. 26. Werkwijze volgens een der conclusies 23-25, verder omvattende de stap van het generen van het(de) fotografische beeld(en) door een digitale camera van de eerste inputeenheid.The method of any one of claims 23-25, further comprising the step of generating the photographic image (s) by a digital camera of the first input unit. 27. Werkwijze volgens een der conclusies 23-25, verder omvattende de stappen van: het generen door de eerste verificatieeenheid van een token het generen door een applicatie op een mobiele telecommunicatieinrichting voorzien van een digitale camera van het(de) fotografische beeld(en), het verschaffen van de token aan de applicatie, en het overbrengen van het(de) beeld(en) en informatie representatief voor de token aan de eerste verificatieeenheid.A method according to any of claims 23-25, further comprising the steps of: generating a token by the first verification unit generating by an application on a mobile telecommunications device provided with a digital camera of the photographic image (s) , providing the token to the application, and transferring the image (s) and information representative of the token to the first verification unit. 28. Werkwijze volgens conclusie 26 of 27, verder omvattende de stap van het bepalen of het document en/of gezicht op de juiste manier gepositioneerd is in een gezichtsveld van de camera.The method of claim 26 or 27, further comprising the step of determining whether the document and / or face is properly positioned in a field of view of the camera. 29. Werkwijze volgens een der conclusies 23-28, verder omvattende de stap van het bepalen of het gezicht in het eerste fotografische beeld correspondeert met het gezicht in het tweede fotografische beeld op basis van gezichtsherkenning.The method of any one of claims 23-28, further comprising the step of determining whether the face in the first photographic image corresponds to the face in the second photographic image based on face recognition. 30. Werkwijze volgens een der conclusies 20-29, verder omvattende de stap van het ontvangen van identiteitsinformatie van een RFID chip in een persoonlijk identificatiedocument van de gebruiker.The method of any one of claims 20-29, further comprising the step of receiving identity information from an RFID chip in a user's personal identification document. 31. Werkwijze volgens conclusie 30, waarbij de van de RFID chip ontvangen identiteitsinformatie een derde fotografisch beeld van de gebruiker omvat, en waarbij de werkwijze verder omvat het bepalen door de eerste controleeenheid of het gezicht in het derde fotografisch beeld correspondeert met het gezicht in het tweede fotografisch beeld op basis van gezichtsherkenning.The method of claim 30, wherein the identity information received from the RFID chip comprises a third photographic image of the user, and wherein the method further comprises determining by the first control unit whether the face in the third photographic image corresponds to the face in the third image second photographic image based on face recognition. 32. Werkwijze volgens een der conclusies 23-31, verder omvattende de stap van het bepalen door de eerste controleeenheid van een mate van discrepantie tussen de alfanumerieke eerste identiteitsinformatie en alfanumerieke informatie van een in de eerste databank opgeslagen identiteitsinformatierecord, en bepalen dat de eerste identiteitsinformatie correspondeert met de genoemde identiteitsinformatierecord als de mate van discrepantie onder een vooraf bepaalde discrepantie drempel is.The method of any one of claims 23-31, further comprising the step of determining by the first control unit a degree of discrepancy between the alphanumeric first identity information and alphanumeric information of an identity information record stored in the first database, and determining that the first identity information corresponds to said identity information record if the degree of discrepancy is below a predetermined discrepancy threshold. 33. Werkwijze volgens een der voorgaande conclusies 20-32, omvattende de stap van het verschaffen van een of meer van: een eerste module met een eerste eerste inputeenheid ingericht voor het ontvangen van alfanumerieke eerste identiteitsinformatie van een gebruiker van een inputinrichting zoals een toetsenboord of aanraakscherm; een tweede module met een tweede eerste inputeenheid ingericht voor het ontvangen van fotografische eerste identiteitsinformatie van de gebruiker, zoals een scan of foto van een persoonlijk identificatiedocument van de gebruiker; een derde module met een derde eerste inputeenheid ingericht voor het ontvangen van een foto van een gezicht van de gebruiker; en een vierde module met een vierde eerste inputeenheid ingericht voor het ontvangen, e.g. via RFID ondervraging, van digitale identiteitsinformatie die opgeslagen is in een persoonlijk identificatiedocument van de gebruiker; en een of meer van: een eerste eerste controleeenheid ingericht voor het controleren of de door de eerste eerste inputeenheid ontvangen alfanumerieke eerste identiteitsinformatie correspondeert met alfanumerieke identiteitsinformatie van een in de eerste databank opgeslagen identiteitsinformatierecord; een tweede eerste controleeenheid ingericht voor het controleren of uit de fotografische eerste identiteitsinformatie geëxtraheerde alfanumerieke eerste identiteitsinformatie die ontvangen is door de tweede eerste inputeenheid, e.g. door middel van OCR, correspondeert met alfanumerieke identiteitsinformatie van een in de eerste databank opgeslagen identiteitsinformatierecord; een derde eerste controleeenheid ingericht voor het controleren of het gezicht in de foto van het gezicht van de gebruiker, die ontvangen is door de derde eerste inputeenheid, correspondeert met het gezicht in de fotografische eerste identiteitsinformatie, die ontvangen is door de tweede eerste inputeenheid, en/of met een fotografische representatie van een gezicht, dat ontvangen is door de vierde eerste inputeenheid, en/of een in de eerste databank opgeslagen fotografische representatie van een gezicht; en een vierde eerste controleeenheid ingericht voor het controleren of de digitale identiteitsinformatie, die ontvangen is door de vierde eerste inputeenheid, correspondeert met identiteitsinformatie van een in de eerste databank opgeslagen identiteitsinformatierecord.A method according to any one of the preceding claims 20-32, comprising the step of providing one or more of: a first module with a first first input unit adapted to receive alphanumeric first identity information from a user of an input device such as a keypad or touch screen; a second module with a second first input unit adapted to receive photographic first identity information from the user, such as a scan or photo of a user's personal identification document; a third module with a third first input unit adapted to receive a photo of a user's face; and a fourth module with a fourth first input unit adapted to receive, e.g. via RFID interrogation, digital identity information stored in a user's personal identification document; and one or more of: a first first control unit adapted to check whether the alphanumeric first identity information received by the first first input unit corresponds to alphanumeric identity information of an identity information record stored in the first database; a second first control unit adapted to check whether alphanumeric first identity information extracted from the photographic first identity information received by the second first input unit, e.g. by means of OCR, corresponds to alphanumeric identity information of an identity information record stored in the first database; a third first check unit adapted to check whether the face in the photograph of the user's face received by the third first input unit corresponds to the face in the photographic first identity information received by the second first input unit, and / or with a photographic representation of a face received by the fourth first input unit, and / or a photographic representation of a face stored in the first database; and a fourth first control unit adapted to check whether the digital identity information received by the fourth first input unit corresponds to identity information from an identity information record stored in the first database. 34. Werkwijze volgens conclusie 33 verder omvattende de stappen van: het instellen door een zekerheidsmate-insteleenheid van een wenselijke zekerheidsmate dat de gecontroleerde identiteit juist is, en het aan of uit schakelen door een schakeleenheid van een of meer van de eerste inputeenheden en een of meer van de eerste controleeenheden op basis van de geselecteerde zekerheidsmate.The method of claim 33 further comprising the steps of: setting a desired degree of certainty that the checked identity is correct by a security level setting unit, and switching on or off by a switching unit of one or more of the first input units and one or more of the first control units based on the selected degree of certainty. 35. Werkwijze volgens conclusie 33 omvattende de stap van het verschaffen van een eerste systeem en een tweede systeem, waarbij het eerste systeem voorzien is van een eerste selectie van eerste inputeenheden en eerste controleeenheden zoals verschaft volgens conclusie 33, en waarbij het tweede systeem voorzien is van een verschillende, tweede selectie van eerste inputeenheden en eerste controleeenheden zoals verschaft volgens conclusie 33.The method of claim 33 including the step of providing a first system and a second system, wherein the first system includes a first selection of first input units and first control units as provided according to claim 33, and wherein the second system is provided from a different, second selection of first input units and first control units as provided in claim 33. 36. Computer programmeerbaar product ingericht om te worden uitgevoerd op een programmeerbare inrichting, ingericht wanneer uitgevoerd op een programmeerbare inrichting voor het uitvoeren van de stappen van een van de conclusies 20-35.A computer programmable product adapted to be executed on a programmable device, arranged when executed on a programmable device for performing the steps of any of claims 20-35. 37. Computer leesbare opslagmiddel met daarop opgeslagen computer leesbare programma-codegedeelten, die wanneer uitgevoerd op een programmeerbare inrichting de stappen van een van de conclusies 20-35 uitvoeren.A computer-readable storage means having computer-readable program code portions stored thereon which, when executed on a programmable device, perform the steps of any of claims 20-35.
NL2010810A 2013-05-16 2013-05-16 System and method for checking the identity of a person. NL2010810C2 (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
NL2010810A NL2010810C2 (en) 2013-05-16 2013-05-16 System and method for checking the identity of a person.

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
NL2010810 2013-05-16
NL2010810A NL2010810C2 (en) 2013-05-16 2013-05-16 System and method for checking the identity of a person.

Publications (1)

Publication Number Publication Date
NL2010810C2 true NL2010810C2 (en) 2014-11-24

Family

ID=48951543

Family Applications (1)

Application Number Title Priority Date Filing Date
NL2010810A NL2010810C2 (en) 2013-05-16 2013-05-16 System and method for checking the identity of a person.

Country Status (1)

Country Link
NL (1) NL2010810C2 (en)

Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20030015583A1 (en) * 2001-07-23 2003-01-23 Abdi Faisal H. Self service check cashing system and method
US20040039651A1 (en) * 2000-09-14 2004-02-26 Stefan Grunzig Method for securing a transaction on a computer network
WO2010131218A1 (en) * 2009-05-15 2010-11-18 Setcom (Pty) Ltd Security system and method
US20120078751A1 (en) * 2010-09-24 2012-03-29 Macphail William Mobile device point of sale transaction system
US20120311320A1 (en) * 2011-06-02 2012-12-06 Brown Kerry D Mobile Transaction Methods and Devices With Three-Dimensional Colorgram Tokens
US20130036462A1 (en) * 2011-08-02 2013-02-07 Qualcomm Incorporated Method and apparatus for using a multi-factor password or a dynamic password for enhanced security on a device

Patent Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20040039651A1 (en) * 2000-09-14 2004-02-26 Stefan Grunzig Method for securing a transaction on a computer network
US20030015583A1 (en) * 2001-07-23 2003-01-23 Abdi Faisal H. Self service check cashing system and method
WO2010131218A1 (en) * 2009-05-15 2010-11-18 Setcom (Pty) Ltd Security system and method
US20120078751A1 (en) * 2010-09-24 2012-03-29 Macphail William Mobile device point of sale transaction system
US20120311320A1 (en) * 2011-06-02 2012-12-06 Brown Kerry D Mobile Transaction Methods and Devices With Three-Dimensional Colorgram Tokens
US20130036462A1 (en) * 2011-08-02 2013-02-07 Qualcomm Incorporated Method and apparatus for using a multi-factor password or a dynamic password for enhanced security on a device

Non-Patent Citations (2)

* Cited by examiner, † Cited by third party
Title
O'GORMAN L: "Comparing passwords, tokens, and biometrics for user authentication", PROCEEDINGS OF THE IEEE, IEEE. NEW YORK, US, vol. 91, no. 12, 12 December 2003 (2003-12-12), pages 2021 - 2040, XP011103638, ISSN: 0018-9219, DOI: 10.1109/JPROC.2003.819611 *
SHINTARO MIZUNO ET AL: "AUTHENTICATION USING MULTIPLE COMMUNICATION CHANNELS", INTERNET CITATION, 11 November 2005 (2005-11-11), pages 54 - 62, XP002495045, ISBN: 978-1-59593-232-7, Retrieved from the Internet <URL:http://delivery.acm.org/> [retrieved on 20080909] *

Similar Documents

Publication Publication Date Title
US11263636B2 (en) Systems for providing and processing pre-authorized customizable gift tokens
US11068894B2 (en) Systems and methods for tokenless authentication of consumers during payment transactions
KR102116325B1 (en) Certification system for honest goods and transaction based on blockchain
US10528946B2 (en) System and method for authenticating, associating and storing secure information
US10897461B2 (en) Pharmacy database access methods and systems
US20230138002A1 (en) Methods and systems for a combined transaction by an assignee on behalf of one or more users
US20160019528A1 (en) System and method for payment and settlement using barcode
WO2015067038A1 (en) System and method for authenticating,associating and storing secure information
US20200045052A1 (en) Systems for providing electronic items having customizable locking mechanism
US20230079505A1 (en) Selling and Purchasing Intermediation Method Using Self-Service Stand
CN103718192A (en) Image-based financial processing
EP2788938A1 (en) Network-accessible point-of-sale device instance
KR20180103984A (en) Direct settlement of hands-free transactions
US10055769B1 (en) Automatic invoice generation
TW201640424A (en) Remittance method and system of transaction processing for direct remittance using user account and a non-transitory computer-readable recording medium
WO2021097167A1 (en) Ir display for user authentication
US20230146126A1 (en) Product Dispensing System and Method
US10885500B2 (en) Systems and methods of pending transaction augmentation and automatic attachment to settled transactions
CN116342136B (en) Palm-based payment processing method and device
US11049178B2 (en) Offer and acceptance matching to obtain physical cash
US11488164B2 (en) Computerized methods and computer systems for verification of transactions
NL2010810C2 (en) System and method for checking the identity of a person.
US10891355B2 (en) Pharmacy authentication methods and systems
CN111937021B (en) Electronic transaction system
US11176617B1 (en) Mobile submission of pharmacy insurance information

Legal Events

Date Code Title Description
MM Lapsed because of non-payment of the annual fee

Effective date: 20160601