[go: up one dir, main page]
More Web Proxy on the site http://driver.im/

WO2024221057A1 - Digital identity system and methods - Google Patents

Digital identity system and methods Download PDF

Info

Publication number
WO2024221057A1
WO2024221057A1 PCT/AU2024/050410 AU2024050410W WO2024221057A1 WO 2024221057 A1 WO2024221057 A1 WO 2024221057A1 AU 2024050410 W AU2024050410 W AU 2024050410W WO 2024221057 A1 WO2024221057 A1 WO 2024221057A1
Authority
WO
WIPO (PCT)
Prior art keywords
biometric data
nft
digital identity
data
blockchain
Prior art date
Application number
PCT/AU2024/050410
Other languages
French (fr)
Inventor
Nikola Siljeg
Original Assignee
NFID ICC Limited
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Priority claimed from AU2023901254A external-priority patent/AU2023901254A0/en
Application filed by NFID ICC Limited filed Critical NFID ICC Limited
Publication of WO2024221057A1 publication Critical patent/WO2024221057A1/en

Links

Definitions

  • the present invention relates to a system and methods for using biometric markers for digital identification of an individual utilising non-fungible tokens on a block chain network to create a non-fungible identification (NFID).
  • NFID non-fungible identification
  • NFT Non-Fungible Token
  • the assigned blockchain node and an identity authorization application linked to any blockchain network can be uploaded to and assigned a private key perhaps described as a certificate or smart contract through cryptography providing a Proof of Work (PoW) or Proof of Stake (PoS) and ownership rights over the now digitized biometric asset.
  • PoW Proof of Work
  • PoS Proof of Stake
  • This digital asset and ID tool could also be quickly provided to crypto wallets and apps that provide the users blockchain address/key/password and NFT’s.
  • the object of this invention is to provide a digital identity system and methods to alleviate the above problems, or at least provide the public with a useful alternative.
  • the invention provides a method for creating a digital identity of a person based on biometric data of the persons, comprising the steps of: a) capturing biometric data of the person; b) creating a vector file to represent the biometric data; and c) uploading the vector file into a blockchain network in an original block as a non-fungible token (NFT) to produce an NFT asset.
  • NFT non-fungible token
  • the biometric data is selected from the group of: face print captured using a camera; voice spectrogram captured using a microphone; iris characteristics captured using a camera; gait captured using a camera; and a combination of face print, voice spectrogram, iris characteristics and gait.
  • the method further comprises generating a privacy-preserving vector mask representing the biometric data and uploading the vector mask to the NFT asset.
  • the method further comprises updating the vector file to represent the present biometric data of the person and uploading the vector mask to the NFT asset.
  • the method further comprises a Know Your Customer (KYC) verification process to ensure that the uploaded biometric data is associated with the person.
  • KYC Know Your Customer
  • the method further comprises adding supplementary biometric data to the NFT asset.
  • the supplementary data is added to the blockchain network as a new block which is chained to the NFT asset.
  • new block replaces the original block and uses the credentials of the original block.
  • the method further comprises attaching additional information to the NFT assets, to provide further authentication capabilities for the digital identity and a universal passport.
  • the digital identity is accessible and stored via a crypto wallet.
  • the method further comprises uploading to the NFT asset NFC (Near Field Communication) chip credentials belonging to the person, and using an NFC system to access the NFT asset to determine the NFC chip credentials.
  • NFC Near Field Communication
  • the method further comprises an optional two-factor authentication process for increased security when accessing and managing the digital identity, wherein the user may choose to provide additional verification, such as a one-time password (OTP), secondary or third biometric field (Voice, Fingerprint, Iris), or physical security key.
  • OTP one-time password
  • Voice Fingerprint
  • Iris physical security key
  • the privacy-preserving vector mask is generated using advanced security and or encryption techniques and/or zero-knowledge proof (ZKP) protocols, ensuring that the actual biometric data remains secure and confidential.
  • ZKP zero-knowledge proof
  • the method further comprises detecting and reporting any unauthorized access or usage of the digital identity, including unauthorized copying, sharing, or selling of the biometric data or its associated Image and likeness.
  • the method further comprises revoking access to the digital identity in the event of a security breach, lost or compromised private key, or upon the person’s request, wherein the blockchain network will update the status of the digital identity and prevent further unauthorized access or usage.
  • the method further comprises an adaptive algorithm or Al that learns and updates the biometric data over time, accounting for changes in an individual's facial features and voice due to aging, surgery, or other factors, thereby maintaining the accuracy and relevance of the digital identity.
  • an adaptive algorithm or Al that learns and updates the biometric data over time, accounting for changes in an individual's facial features and voice due to aging, surgery, or other factors, thereby maintaining the accuracy and relevance of the digital identity.
  • the digital identity is used as a decentralized attestation platform, allowing third-party entities to verify and authenticate the user's identity, credentials, or other attributes without having direct access to the sensitive biometric data.
  • the method further comprises selectively granting access to specific portions of the digital identity, allowing the user to maintain control over the sharing and disclosure of personal information.
  • any one of the aspects mentioned above may include any of the features of any of the other aspects mentioned above and may include any of the features of any of the embodiments described below as appropriate.
  • Figure 1 shows the system architecture of the digital identification system of the present invention.
  • Figure 2 shows a system flow diagram for using a person’s face to generate a digital identity.
  • NFID - Non-Fungible Identification a digital identification system and methods (referred to as NFID - Non-Fungible Identification) comprising a decentralized, self-sovereign digital identity and its proof of ownership via a smart contract on a blockchain network.
  • the digital identity specifically represents a person’s physical, real- life, face print, and biometric markers obtained through 2D, 3D, or multi-directional liveness scans of the face as well as other capture methods used to obtain biometric recordings.
  • the biometrics are then digitized into a unique vector file for each individual holder.
  • the generated vector file is uploaded into a blockchain network as a non- fungible token (NFT) asset to provide proof of ownership, preserved on a secure, immutable network.
  • NFT non- fungible token
  • the invention further includes a privacy-preserving vector mask for representing the biometric data, federated and Al learning for improved biometric accuracy, a mechanism for updating biometric data to accommodate changes in an individual's appearance over time, and integration with various applications and platforms for identity verification and authentication purposes.
  • the invention also incorporates voice biometrics in the form of sound spectrograms and a feature that enables integration with video chat and voice call applications to ensure secure communication are protect against deep fakes and cybercrime.
  • the invention provides a system for creating a decentralized, self-sovereign digital identity of a real-life person's face print and voice biometrics, comprising: a) capturing a 2D, 3D, or multi-directional liveness scans or any of the methods mentioned below, of the face including recording the individual's voice or additional biometrics (iris, fingerprint, gate etc.).
  • the system further comprises of a Know Your Customer (KYC) verification process to ensure that the uploaded biometric data is associated with the real-life individual and is not being used for fraudulent or Anti Money Laundering efforts (AML) purposes.
  • KYC Know Your Customer
  • the system further comprises a mechanism for adding supplementary biometric data, such as additional facial scans, voice recordings, or other biometric scans and information, to the NFT assets, wherein the supplementary data is added to the blockchain network as a new block that can be chained to the original block containing the initial biometric data, or destroying the previous block and uploading a new block using the credentials of the last block or in turn creating a new block altogether with all the relevant data.
  • supplementary biometric data such as additional facial scans, voice recordings, or other biometric scans and information
  • the system further comprises a mechanism for attaching additional information to the NFT assets, such as diplomas, certifications, health care information or other personal credentials like bank account details or crypto wallet addresses, to provide further authentication capabilities for the digital identity and universal passport.
  • additional information such as diplomas, certifications, health care information or other personal credentials like bank account details or crypto wallet addresses, to provide further authentication capabilities for the digital identity and universal passport.
  • the system further comprises a mechanism for assigning a copyright or trademark to the NFT assets, acknowledging the individual's rights to their digital identity as a personal asset or brand in the Web3 and Virtual world and or real-world space the likes of YouTube, podcasts or similar as examples but not limited to where they would need protection or monetization of their personal brand.
  • the digital identity is accessible and stored via a crypto wallet (e.g. MetaMask) or NFID purpose built digital wallet of its own or the likes, allowing for seamless integration with various banking and payment solution providers for fiat or crypto currency or blockchain networks, Distributed Ledger Technologies (DLT), crypto networks, applications, platforms and real world internet of things and smart cities, as an example an NFC chip (near field communication) allows a user to upload their NFC chip credentials into their NFID and instead of using an NFC chip for access to a restricted area or office building can instead use a smart device camera and could simply scan the users face and or voice or other biometrics of an NFID holder and they would then if verified be granted access to the area in question.
  • a crypto wallet e.g. MetaMask
  • NFID purpose built digital wallet of its own or the likes allowing for seamless integration with various banking and payment solution providers for fiat or crypto currency or blockchain networks, Distributed Ledger Technologies (DLT), crypto networks, applications, platforms and real world internet
  • a passport for travelling can now be made obsolete and no longer needed to carry a physical passport when abroad.
  • An NFID holder may scan the NFC chip found in a Passport and upload the passport document information into their NFID identity during the said NFID, KYC process to verify authenticity and ownership. This would then allow an actual copy of a government issued document of the highest importance relevant to each countries individual requirements to be verified and now digitized.
  • a person can now be identified, protected and self-sovereign/autonomous by using their biometrics backed by blockchain through NFID.
  • the system further comprises a mechanism for licensing the use of the biometric data, wherein the owner of the NFT assets can establish terms and conditions for third-party usage of their digital identity, including licensing fees and or penalties for non-compliance.
  • the smart contracts associated with the NFT assets are automatically updated to reflect any changes in the individual's biometric data, ensuring that the digital identity remains current and accurate over time.
  • the system further comprises an optional two-factor authentication process for increased security when accessing and managing the digital identity, wherein the user may choose to provide additional verification, such as a one-time password (OTP), secondary or third biometric field (Voice, Fingerprint, Iris), or physical security key, or using a device’s stored biometric data such as a fingerprint to further verify the individual.
  • OTP one-time password
  • Voice Fingerprint
  • Iris physical security key
  • the privacy-preserving vector mask is generated using advanced security and or encryption techniques and/or zero-knowledge proof (ZKP) protocols, ensuring that the actual biometric data remains secure and confidential.
  • ZKP zero-knowledge proof
  • the system further comprises an automated process for detecting and reporting any unauthorized access or usage of the digital identity, such as unauthorized copying, sharing, or selling of the biometric data or its associated Image and likeness, as per any asset or artwork that is afforded such protections via IP laws.
  • the system further comprises a mechanism for revoking access to the digital identity in the event of a security breach, lost or compromised private key, or upon user request, wherein the blockchain network will update the status of the digital identity and prevent further unauthorized access or usage.
  • the system further comprises an adaptive algorithm or Al that learns and updates the biometric data over time, accounting for changes in an individual's facial features and voice due to aging, surgery, or other factors, thereby maintaining the accuracy and relevance of the digital identity.
  • the digital identity may be used as a decentralized, custodial or noncustodial, attestation platform, allowing third-party entities to verify and authenticate the user's identity, credentials, or other attributes without having direct access to the sensitive biometric data.
  • the system further comprises a mechanism for selectively granting access to specific portions of the digital identity, allowing the user to maintain control over the sharing and disclosure of personal information based on the context and purpose of the interaction.
  • the system can be utilized to facilitate secure and efficient peer-to-peer transactions, such as payments, contracts, or data exchange, by leveraging the digital identity as a trust anchor for verifying the parties involved in the transaction.
  • the system can also be used as a foundation for creating and managing a digital reputation, which can be further utilized for various purposes such as risk assessment, trustworthiness evaluation, and access control.
  • the digital identity system can be extended to include other biometric modalities, such as fingerprints, iris scans, or gait patterns, etc. thereby providing a comprehensive and robust digital identity solution.
  • the system can collaborate and or integrate by design to comply with relevant data protection and privacy regulations, such as the General Data Protection Regulation (GDPR), the California Consumer Privacy Act (CCPA), or other applicable legislation, ensuring the user's rights and interests are protected.
  • relevant data protection and privacy regulations such as the General Data Protection Regulation (GDPR), the California Consumer Privacy Act (CCPA), or other applicable legislation, ensuring the user's rights and interests are protected.
  • GDPR General Data Protection Regulation
  • CCPA California Consumer Privacy Act
  • the system further comprises integration of NFID face mask and vector file and voice biometrics as a sound spectrogram and or an Iris Scan and or a Fingerprint, to provide additional layers of security and authentication.
  • the NFID can be used to integrate into applications capable of having video chat and voice calls, like WhatsApp, Skype online chats like Zoom or VoIP capabilities, periodically running face matches, voice matches, or both during the call to ensure the highest level of security against deep fakes during live communications and interactions.
  • the voice call will cross-reference the voice it hears against the NFID voice database and provide a rating, score and or liveness score percentage or confirmation to indicate authentication and verification when on a call or using VR or in virtual worlds, such as a Metaverse.
  • the same techniques can be used for the Face match for liveness scores, deepfake mitigation, face match scores etc. but not limited to.
  • the NFID through its own or any available channels or networks or applications, owners of an NFID can access exclusive virtual AR and VR corporate offices, spaces and or meeting rooms, medical examinations, confidential gatherings, and conversations but not limited to, with the assurance that they are connecting securely and with verified and authorised identities/parties, or perhaps government officials needing to have a private digital gathering in a totally secure environment.
  • the NFID face and or voice matching can be used during any networked interaction to ensure that participants using any available communication channels such as 3G, 4G, 5G, or future generation of connectivity and telecommunication capabilities including VOIP or direct satellite, are cross referenced and the persons they claim to be are indeed the said persons, providing additional security and trust in digital communications.
  • any available communication channels such as 3G, 4G, 5G, or future generation of connectivity and telecommunication capabilities including VOIP or direct satellite, are cross referenced and the persons they claim to be are indeed the said persons, providing additional security and trust in digital communications.
  • Block 101 NFID website portal; Block 102 Crypto Address Linked to NFID Platform; Block 103 (2FA) Email/Phone Verification; Block 104 KYC Verification Process; Block 105 Wallet Address and Biometrics Data Linked; Block 106 Generate the Digital ID; Block 107 Mint and Link NFID to Blockchain Block; 108 NFID Created;
  • Block 9 Add Verifiers and Credentials; and, Block 110 NFID profile to search and verify other NFID users.
  • Block 101 NFID website portal - a website is a collection of interconnected webpages typically hosted on a web server and accessible through the Internet. Each webpage is constructed using HTML (Hypertext Markup Language), CSS (Cascading Style Sheets) for styling, and JavaScript for interactivity. Websites are accessed by users through browsers like Chrome, Firefox, or Safari, which interpret these codes to present the content.
  • HTML Hypertext Markup Language
  • CSS CSS
  • JavaScript JavaScript
  • Block 102 Crypto Address Linked to NFID Platform - a cryptocurrency wallet is a digital tool that allows users to store and manage their blockchain credentials keys that allow them to transact on the blockchain.
  • Wallets can be software-based (hosted on a device or a cloud service) or hardware-based (physical devices that store keys offline). Wallets do not store the actual cryptocurrencies but rather the keys needed to access them on the blockchain.
  • Crypto Wallet - Public Key comparable to an account number, it can be shared publicly to receive funds.
  • Private Key similar to an account password, it should be kept secure as it allows the signing of transactions, thereby providing control over the associated cryptocurrencies.
  • Crypto Wallet Functionality - Generation of Keys upon setup, a wallet generates a cryptographic key pair: a public key and a private key. The public key is derived mathematically from the private key.
  • Transaction Signing to execute a transaction (e.g., sending crypto), the wallet uses the private key to sign the transaction data, creating a digital signature. This signature proves ownership of the funds being sent.clnteraction with Blockchain: the signed transaction is broadcast to the blockchain network, where miners validate it and, upon successful validation, add it to a block in the blockchain. The transaction then becomes part of the public ledger.
  • the website incorporates a wallet interaction interface using HTML, CSS, and JavaScript. This interface includes buttons and forms to initiate transactions or queries.
  • JavaScript Libraries Libraries such as Web3.js or Ethers.js are integrated into the website. These libraries provide functions that interact with blockchain networks and are crucial for sending transactions and accessing wallet data.
  • Wallet Selection and Connection Browser Extension - Wallets Wallets like MetaMask operate as browser extensions. When a transaction is initiated from the website, the wallet extension is prompted to open, asking for user authentication and permission to access the wallet.
  • Mobile Wallets Using QR codes or deep links, websites can interact with mobile-based wallets. The user scans a QR code with their wallet app, which triggers wallet actions relevant to the website’s request.
  • Authentication and Permissions - OAuth Protocols/Token-based Authentication Secure methods are used to verify the identity of the user and ensure that the wallet connection request is authorized.
  • Permission Requests The website must request permission to view account addresses and initiate transactions. The user must explicitly approve these permissions, which are managed by the wallet software.
  • Transaction Initiation and Signing - Initiating Transactions The website constructs a transaction request (including details like recipient address, amount, and gas fees) and sends it to the wallet. Signing: The wallet, upon user confirmation, signs the transaction using the stored private key. This process is securely handled by the wallet software or hardware, never exposing the private key to the website.
  • Block 103 (2FA) Email/Phone Verification.
  • Two-Factor Authentication Setup - Initial Verification The server sends a verification code via SMS to the provided phone number and an email to the provided email address. Libraries like Twilio or SendGrid might be used for SMS and email services, respectively.
  • Verification Confirmation The user enters the received codes on the website, which are then sent back to the server to confirm the authenticity of the phone number and email address.
  • OCR Optical Character Recognition
  • Google Cloud Vision API Optical Character Recognition
  • This API extracts text data from the images, converting them into structured data.
  • API Calls for Data Validation - extracted data, such as names and document numbers, are validated against public records and databases through RESTful API calls to third-party services that specialize in identity verification.
  • Biometric Verification with Real-Time Facial Recognition and Liveness Detection - Facial Recognition Software the user is required to take a live selfie using their smartphone or webcam. This image is processed using facial recognition software integrated into the KYC system. Technologies like Microsoft Azure's Face API or Amazon Rekognition are commonly employed. Liveness Detection Mechanisms: To ensure the presence of a live person rather than a photo or video, liveness detection software analyses the selfie for signs of life.
  • Capturing and Processing Biometric Data - Biometric Capture the user's facial biometrics are captured using a high-resolution camera integrated into a secure application. This could be part of a KYC process where the user's live facial features are scanned.
  • Feature Extraction advanced facial recognition software processes the captured image to extract key facial landmarks (eyes, nose, mouth, jawline, etc.). This is typically done using deep learning models trained to identify and map these features accurately.
  • Generate Vector Representation instead of storing raw biometric data, which poses privacy risks, the system converts the facial landmarks into a mathematical vector representation. This vector describes the relative positions and distances of facial landmarks and does not recreate the actual facial image.
  • Algorithms such as Principal Component Analysis (PCA) or Convolutional Neural Networks (CNNs) can be used to reduce the dimensionality of the data and generate a unique but anonymized "faceprint” or other biometric data such as a voice print, fingerprint, or the like.
  • PCA Principal Component Analysis
  • CNNs Convolutional Neural Networks
  • NFT Non-Transferable NFT - Smart Contract for NFT: a smart contract is developed on a blockchain platform like Ethereum. This contract contains the logic for minting NFTs and ensures that the NFTs are non-transferable once assigned to a wallet. This can be enforced by coding the transfer function to reject all transactions except those approved by the original minter (typically the issuing authority).
  • Minting the NFT the vector file or faceprint but not limited to is embedded within the NFT as its unique identifier or "tokenURI". This URI points to a secure location where the faceprint vector is stored encrypted.
  • the smart contract mints the NFT with a linkage to the user’s cryptocurrency wallet address. Metadata within the NFT includes cryptographic hashes of the user’s vector file for verification without revealing actual data.
  • Secure Storage and Access Control - Data Encryption the faceprint vector stored as part of the NFT metadata is encrypted using strong encryption algorithms (e.g., AES-256) but not limited to.
  • the decryption key is managed securely, ensuring that only authorized entities can access the actual data.
  • Blockchain Transactions all interactions with the NFT (queries, validations) are managed through blockchain transactions. These transactions are secured by the blockchain’s inherent cryptographic and consensus mechanisms, ensuring that they are tamper-proof and traceable.
  • Access Control access to decrypt and read the faceprint vector is strictly controlled through smart contract rules. Only persons with the correct permissions, such as the matching biometric data can be granted access to their profile.
  • the requesting system can query the blockchain to access the NFT metadata.
  • the verification system uses the provided vector file mask to perform a comparison with a live scan of the user’s face. This process ensures that the user’s privacy is maintained, as the actual biometric data is never exposed. Updating Biometric Data - in cases where biometric data needs updating (e.g., significant physical changes to facial features), a new vector file is generated, and a new NFT is minted. The previous NFT can be burned or invalidated via the smart contract to maintain data integrity.
  • the biometric data can be based on a person’s facial features or voice, or even other distinguishing features such as their gait, or combinations thereof.
  • Biometric Data Capture and Processing utilize secure, high-definition cameras within controlled environments to capture biometric data, specifically facial features. This can be part of a broader KYC process facilitated through a secure application on a smartphone or a dedicated kiosk.
  • Feature Extraction - employ facial recognition algorithms to analyse the captured images and extract crucial facial landmarks. Techniques such as deep learning and convolutional neural networks (CNNs) are used to map features like the distance between eyes, nose shape, and jawline contours.
  • CNNs convolutional neural networks
  • Generate Anonymized Vector Representation convert the raw biometric data into a numerical vector that describes facial features while ensuring privacy. This transformation uses dimensionality reduction techniques like Principal Component Analysis (PCA) to create a unique yet non-reversible vector, referred to as a "faceprint.”
  • PCA Principal Component Analysis
  • Figure 2 provides a system flow diagram 200 for using a person’s face to generate a verified digital identity, including the following functionality blocks.
  • the first step in facial recognition is acquiring a digital image of a person's face. This can be done using various types of cameras, such as RGB, infrared, or depth-sensing cameras, depending on the specific requirements of the application.
  • the camera sensor is responsible for converting light energy into electrical signals.
  • Most facial recognition systems use a charge-coupled device (CCD) or complementary metal-oxide-semiconductor (CMOS) sensor to capture the image.
  • CCD charge-coupled device
  • CMOS complementary metal-oxide-semiconductor
  • the camera lens focuses the light onto the sensor, determining the sharpness and quality of the captured image.
  • High-resolution images are preferable for facial recognition, as they provide more detail and allow for more accurate feature extraction. However, higher resolution also means larger file sizes and increased processing time.
  • pre-processing techniques are applied to improve the image quality and remove any unwanted noise or distortion.
  • Common preprocessing steps include: a) Grayscale Conversion - Converting the image to grayscale simplifies the data and reduces computational complexity while retaining sufficient information for facial recognition; b) Histogram Equalization - This technique enhances the image's contrast, ensuring that the facial features are more easily distinguishable; c) Noise Reduction - Noise reduction techniques, such as Gaussian smoothing or median filtering, are applied to remove any unwanted noise and artifacts from the image; and d) Geometric Normalization - Scaling, rotation, and translation transformations are applied to the image to normalize the face's position and size, ensuring consistency across different images.
  • Feature extraction involves identifying and extracting distinctive facial features from the pre-processed image.
  • There are several techniques for feature extraction including: a) Eigenfaces - This method uses principal component analysis (PGA) to identify the most significant features (eigenfaces) that represent the face's variations. The face is then projected onto the eigenface space to create a lowerdimensional representation, b) Local Binary Patterns (LBP) - LBP is a texture descriptor that encodes local contrast patterns in the image. LBP histograms can be used to represent facial features, c) Deep Learning - Deep learning techniques, such as convolutional neural networks (CNNs), can automatically learn hierarchical feature representations from the image data. Pre-trained models, such as VGGFace or FaceNet, can be fine-tuned for specific facial recognition tasks.
  • PGA principal component analysis
  • LBP Local Binary Patterns
  • CNNs convolutional neural networks
  • the facial features are represented as a feature vector or embedding.
  • This vector representation is a compact and efficient way of describing the face and can be used for comparison and matching purposes.
  • the vector representation can be generated using methods such as: a) PCA - In the eigenface method, the projection of the face onto the eigenface space creates a feature vector; b) LBP - The LBP histograms can be concatenated to form a feature vector; and c) CNNs - The output of the final fully connected layer in a CNN architecture can be used as the feature vector (embedding).
  • the final steps in facial recognition is comparing the vector representation of the captured face with a database of known faces. Similarity or distance metrics, such as Euclidean distance or cosine similarity, are used to measure the similarity between the captured face's vector representation and the vectors of faces in the database. A threshold value is typically used to determine if a match has been found. Identification - In this scenario, the captured face's vector representation is compared to all the vectors in the database to find the most similar match. If the similarity value exceeds the threshold, the system identifies the person as the corresponding match. Verification - In a verification scenario, the captured face's vector representation is compared to a specific known face's vector representation to confirm the person's claimed identity. If the similarity value exceeds the threshold, the system verifies the person's identity as claimed.
  • Similarity or distance metrics such as Euclidean distance or cosine similarity
  • TPR True Positive Rate
  • FPR False Positive Rate
  • Precision The proportion of correctly identified positive instances among all instances classified as positive
  • F1 -Score The harmonic mean of precision and recall, providing a balanced measure of the system's performance
  • ROC Receiver Operating Characteristic
  • Face Detection The first step in facial recognition is to detect faces in an image.
  • Dlib's pre-trained face detector which is based on a Histogram of Oriented Gradients (HOG) feature combined with a linear classifier, an image pyramid, and sliding window detection scheme.
  • HOG Histogram of Oriented Gradients
  • the HOG feature descriptor captures the structural information of a face by considering the distribution of intensity gradients in localized portions of the image.
  • Facial Landmark Detection After detecting faces, the next step is to identify key facial landmarks, such as the corners of the eyes, nose, and mouth.
  • Dlib's shape predictor which is a pre-trained model based on an ensemble of regression trees. This model, shape_predictor_68_face_landmarks.dat, can detect 68 facial landmarks that are essential for extracting facial features but there is no real limit to captured points and NFID uses up to 400 points/landmarks or more.
  • Feature Extraction To represent the detected faces in a manner suitable for comparison, we need to extract facial features that capture unique information about each face.
  • Dlib's face_recognition_model_v1 based on the ResNet-34 architecture, which computes a 128-dimensional feature vector for each face. This deep learning model is pre-trained on a large dataset of faces and learns to generate a unique vector representation for each individual by considering various facial attributes.
  • Face Vector Comparison To compare two faces and determine their similarity, we calculate the Euclidean distance between their 128-dimensional feature vectors. If the distance is below a predefined threshold, the faces are considered to be similar or belonging to the same person.
  • ASM Active Shape Models
  • CoR Cascade of Regression
  • SDM Supervised Descent Method
  • CLM Constrained Local Model
  • ERT Ensemble of Regression Trees
  • DAN Deep Alignment Network
  • MTCNN Multi-task Cascaded Convolutional Networks
  • Facial recognition is used in conjunction with liveness testing to ensure that the facial features of an actual person co-operating with the system are captured in order to avoid deception by use of photos or videos of a person.
  • Active liveness testing requires user interaction, such as following on-screen prompts or performing specific actions (e.g., blinking, smiling, or turning the head). These tests help ensure that the subject is a live person rather than a static image or pre-recorded video.
  • Algorithms used for active liveness testing can include motion analysis, temporal analysis, and challenge-response methods.
  • Liveness testing using physiological signals typically involves analysing the inherent characteristics of a live person that are difficult to replicate, such as heart rate, blood flow, or skin temperature.
  • One common physiological signal used for liveness testing is the analysis of blood flow patterns in the face, also known as remote photoplethysmography (rPPG).
  • Motion Analysis This approach analyses the movement patterns of the face, such as the natural sway that occurs when a person is standing still. By tracking facial landmarks over time, the algorithm can determine if the motion is consistent with that of a live person.
  • Temporal Analysis This method involves examining the changes in facial appearance over a short period, such as variations in facial expressions or subtle movements. By comparing consecutive frames in a video feed, the algorithm can detect the dynamic changes expected from a live person.
  • Challenge-Response This technique requires the user to respond to a random challenge, such as blinking or smiling when prompted. The algorithm verifies if the subject's actions match the requested challenge, indicating that the subject is a live person.
  • Passive liveness testing does not require user interaction and instead relies on the natural properties of a live face, such as texture, depth, and physiological signals.
  • Algorithms used for passive liveness testing can include texture analysis, depth analysis, and physiological signal analysis.
  • Texture Analysis This approach examines the texture of the face, looking for patterns that are characteristic of live skin, such as micro-movements, skin reflectance, and perspiration.
  • Algorithms such as Local Binary Patterns (LBP) or Histogram of Oriented Gradients (HOG) can be employed to analyse facial texture and distinguish between live faces and spoofing attempts.
  • Depth Analysis Depth information can be used to differentiate between a live face and a flat image or video.
  • algorithms can generate a 3D representation of the face and verify its depth and contours. This can be achieved through methods such as point cloud analysis or depth map comparison.
  • Physiological Signal Analysis This technique involves detecting subtle physiological signals, such as blood flow or heart rate, which are unique to live subjects. Algorithms can analyse temporal changes in facial colour or thermal imaging data to capture these physiological signals and confirm the subject's liveness.
  • a robust facial recognition system incorporates liveness testing follows a multi-step process: a) Face Detection - First, the system detects a face in the input image or video using techniques like Viola-Jones, HOG, or deep learning-based approaches (e.g., MTCNN). b) Face Alignment and Normalization - The detected face is then aligned and normalized to ensure consistency across different input images.
  • Liveness Testing The system performs active or passive liveness testing (as described above) to ensure the presence of a live person, g) Feature Extraction - Once the liveness test is passed, the system extracts facial features using algorithms like Eigenfaces, Fisherfaces, Local Binary Patterns Histograms (LBPH), or deep learning-based approaches (e.g., FaceNet, ArcFace, or VGGFace2).
  • LBPH Local Binary Patterns Histograms
  • a microphone can be used to capture a person’s voiceprint.
  • the voiceprint scans will be represented and preserved as both a visual Waveform and or Spectrogram image/video and assigned as an NFT Non-Fungible Token including an actual sound recording clip of a spoken sentence representing the unique features of a person’s voice.
  • Statistical and technological methods are used to measure and find what is known as a mathematical model of a voice print using a set of numbers to represent shapes, sizes and movements of a person’s vocal organs each unique to every individual.
  • Mint Digital ID as NFT mint an NFT that encapsulates the user’s anonymized biometric vector.
  • the smart contract encodes the vector into the NFT's metadata, stored securely on the blockchain.
  • the metadata includes a link (URI) to the encrypted vector file, which is kept in a decentralized file storage system like IPFS (Interplanetary File System).
  • Secure Storage and Encryption encrypt the vector file using cryptographic algorithms such as AES-256. Store the encryption keys in a secure key management system that allows controlled access based on predefined permissions managed through blockchain transactions.
  • Hash Creation - Generate Hashes create cryptographic hashes of the digital ID’s data.
  • Hash functions such as SHA-256 (Secure Hash Algorithm 256-bit) are used to produce a unique output (hash) that acts as a fingerprint of the data. Storing these hashes on the blockchain allows for the verification of data integrity without exposing the actual data.
  • Blockchain Smart Contract Interaction - Smart Contract Development- Contract Coding develop a smart contract in Solidity (for Ethereum) or another smart contract language that supports the functionality needed. This contract governs how digital IDs are stored, accessed, and managed on the blockchain.
  • Contract Functions include functions to add new digital IDs, update existing ones, and verify stored data against provided hashes.
  • Contract Deployment - Deploy to Blockchain deploy the smart contract to the blockchain. This involves compiling the contract and transmitting it to the blockchain network, where it is propagated across all nodes.
  • Broadcast Transaction Send the signed transaction to the blockchain network, where it will be verified by network participants (miners or validators) and added to a block.
  • Confirmation and Error Handling - Transaction Confirmation - Block Inclusion monitor the transaction until it is included in a block and confirmed by the network. The number of confirmations required can vary depending on the blockchain's security protocols. Receipt Retrieval: retrieve the transaction receipt, which includes the transaction status, block number, and gas used, ensuring everything went as planned.
  • Consolidation of User Data Data Aggregation - after the completion of the KYC and biometric capture processes, the relevant user data, including verified personal details (name, address, date of birth) and the biometric vector (from the KYC process) are aggregated. This aggregation happens in the backend of the website, typically managed by server-side applications developed in languages such as Node.js, Python, or Java.
  • Digital ID Formation The server-side application constructs a digital ID object. This object includes not only the user's personal and biometric information but also references to the blockchain-stored data, such as the link to the non-transferable NFT that represents their biometric vector.
  • Encryption and Security all sensitive data within the digital ID is encrypted using robust encryption standards (e.g., AES-256) to ensure data integrity and confidentiality.
  • the encryption keys are managed via secure key management practices, often involving hardware security modules (HSMs) or similar technologies.
  • Blockchain Integration - Blockchain Record a blockchain transaction is executed to record the creation of the new digital ID. This transaction logs the user’s encrypted digital ID and the hash of the NFT link on the blockchain, providing an immutable ledger entry that verifies the ID’s creation date and time.
  • Smart Contract Interaction the website interacts with a smart contract on the blockchain to register the digital ID. This contract operation includes storing the minimal necessary data on the blockchain to ensure privacy while keeping references that allow for validation and verification of the ID against the blockchain data.
  • Database Storage the complete digital ID, including references to the blockchain data, is stored in the website's database.
  • This database is typically a secure, scalable database like PostgreSQL or MongoDB, which supports large volumes of data and complex data structures.
  • User Access and Interaction User Interface (Ul) Integration - the website provides a user interface where users can view their digital ID and the status of their biometric NFT. This Ul is designed with modern web technologies such as React or Angular, ensuring a responsive and secure experience.
  • Block 109 Add Verifiers and Credentials.
  • Profile Interaction and Management - Profile Dashboard once access is granted, the user is directed to their personal NFID dashboard. This web interface is tailored to display all relevant user information and credentials in a user-friendly layout. The dashboard is designed to be intuitive, allowing users to easily navigate through various sections such as personal information, bank account details, social media links, healthcare data, etc.
  • Adding and Managing Credentials users can add new credentials directly through their dashboard. For instance, to add a bank account detail, users would select the ‘Add New Bank Account’ option, fill in the necessary fields (e.g., account number, SWIFT code), and submit the data for encryption and secure storage.
  • Each section for adding credentials includes inline validation to ensure data integrity and correctness before submission.
  • Updating Existing Information users can update or remove existing information with just a few clicks.
  • Each piece of data listed in the dashboard includes 'edit' and 'delete' options, providing users with complete control over their information. Changes are processed in real-time, with all modifications encrypted and updated securely within the database.
  • Session Security all interactions within the session are conducted over HTTPS, encrypting the data exchange to prevent interception or unauthorized access.
  • the profile-access phase where users interact with their NFID profile following successful biometric authentication provides a secure and user-friendly environment for managing personal verifiers and credentials.
  • the system design emphasizes ease of use, security, and full user control over personal data, aligning with best practices in data protection and user experience design.
  • Block 110 NFID profile to search and verify other NFID users.
  • Profile Cross Referencing - the NFID system involves leveraging it as a cross-referencing tool within the ID profile where NFID users can verify each other's credentials, such as bank accounts, SWIFT or IBAN codes or cryptocurrency wallet addresses. This capability enhances trust and security within the ecosystem, facilitating safe and verified transactions or interactions among users.
  • Credential Sharing and Request Setup - User Consent and Data Sharing Setup - Consent Mechanism before any credential can be shared or verified, the NFID system ensures that user consent is obtained. Users can set permissions in their NFID profile to specify which data can be shared and under what conditions.
  • Credential Sharing Interface the NFID dashboard includes an interface where users can request to verify or share specific credentials with other users. This is managed through a secure form where users specify the credential type and the NFID of the user they wish to verify.
  • Credential Confirmation and Feedback - Verification Feedback once the verification is complete, both parties could receive a confirmation, or it can be automated. The requesting party can now view the verified credential marked as authenticated in their interface, ensuring accuracy and transparency.
  • the NFID system includes a dashboard feature that allows users to manage verification requests. This dashboard displays incoming and outgoing requests, statuses, and user controls for managing these requests. User Controls: Users have tools to revoke previously granted verifications or to update the terms of data sharing based on new consent or changing circumstances.
  • NFID serve as a powerful novel cross-referencing, verification tool that allows users to verify and prove each other’s credentials securely and effectively. This process not only enhances the security and trust within the NFID user community but also supports a wide range of applications, from financial transactions to secure communications, underpinned by robust privacy and security frameworks.
  • the invention provides a comprehensive, decentralized, and self-sovereign digital identity system, encompassing a wide range of unique features that address key challenges in privacy, security, and adaptability.
  • the facial recognition technology used involves capturing a person's face using a camera, pre-processing the image, extracting distinctive facial features, creating a vector representation of those features, and comparing it to a database of known faces for identification or verification .
  • incorporation of NFID face mask and vector files, voice biometrics, integration with video chat and voice call applications, and usage within virtual environments enhances the novelty and patentability of the invention.
  • the inventive steps outlined in this application demonstrate the potential for this system to transform the way digital identities are created, managed, and used, ultimately empowering individuals to take control of their personal data and digital footprint and offers a novel solution for managing and verifying identities in various applications, platforms, and settings.

Landscapes

  • Collating Specific Patterns (AREA)

Abstract

A digital identity and its proof of ownership via a smart contract on a blockchain network representing a person's physical, face print, or biometric markers obtained through scans of the face as well as other capture methods. The biometrics are digitized into a vector file which is uploaded into a blockchain network as a non-fungible token (NFT) asset. The invention further includes a privacy-preserving vector mask for representing the biometric data, and a mechanism for updating biometric data to accommodate changes in an individual's characteristics over time.

Description

Digital Identity System and Methods
FIELD OF THE INVENTION
[0001] The present invention relates to a system and methods for using biometric markers for digital identification of an individual utilising non-fungible tokens on a block chain network to create a non-fungible identification (NFID).
BACKGROUND TO THE INVENTION
[0002] In recent times identity theft, fraud, scams, and data breaches have often been associated in some degree to the profile picture of a person’s face taken and used in a fraudulent manner. This has resulted in companies being sued to everyday mums and dads losing their life savings to promised returns on investments turning out to be illegitimate scams. Dating apps and online love connections are using fake IDs (identifcations) and stolen profile pictures to trick would be love interests out of their savings. Governments are struggling to keep up with constant new ID frauds by people posing as someone they are not to commit fraudulent crimes. Social media channels have also played a huge role in their lack of or incapability or controlling and mitigating scams and ID theft on their platforms.
[0003] Voices are also used to identify people and suffer from similar problems. Around the world people who have accumulated a lifetime of education and knowledge record and upload their audible recordings on social media channels, podcasts, YouTube or any other means only to have them pirated and misused. Gaming communities who spend countless hours invested into channels and games are recognised by their voices in chat rooms and the likes but have no way of protecting their ability to monetize and control use of their unique voice biometrics as their own or their conversations and dialogue spoken regarding any subject matter. These recording are being freely taken and edited to create fake accounts, podcasts, profiles or to catfish users into donating and sponsoring them during game play or selling the works recorded as their own content. Snippets of material and information are taken and the subject matter is then used and claimed to be their own when in fact it originated from the rightful publisher.
[0004] There is a substantial need to validate the identity of people so these social media networks can have verified and trusted users via the smart contract associated to the person wanting to open or continue to have an account. This will ensure a one of one type users is on their platforms meaning a matching image and name or other ID markers are cross referenced on the blockchain. With the new era of Web3 and the metaverse never has there been a more pressing time to ensure identity is verifiable and protected.
[0005] By an individual owning their own image or voice through a verifiable and trusted cryptographic network it can provide a clear solution to any number of login management requirements, real world use cases and interactions needing to officially proof and identify individuals on applications used on and by blockchain networks including Crypto exchanges, digital and metaverse networks, real life use cases, single sign-in or sign-on. Airports, checkpoints and or government requirements or events etc. allow for these scenarios to be solved and streamlined through this decentralized form of identity on the blockchain of an owned and verified digital identity. Allowing for complex and normally drawn-out ID verifications sign in and sign on procedures and verification uses including providing repeated KYC (Know Your Customer) enrolments, keeping hardcopies, records, and documents and even identity fraud especially in the Web3 space can be heavily omitted.
[0006] A verified and unique NFT (Non-Fungible Token) identity could also be used as a solution for a long-standing problem for governments and enterprise issues the likes of voter ID requirements at polling booths or by other means during election periods to prove a person’s real-life proof of identity, now someone could use their NFT to vote over a website or application due to the owners of the NFT having already being KYC’d and verified. One vote per NFT that can then be cross referenced and verified via the blockchain network in near real time. If more than one voter with the same ID votes again it does not count. Privacy becomes something that can now be controlled by the rightful owner yet used for the benefit of all.
[0007] The assigned blockchain node and an identity authorization application linked to any blockchain network can be uploaded to and assigned a private key perhaps described as a certificate or smart contract through cryptography providing a Proof of Work (PoW) or Proof of Stake (PoS) and ownership rights over the now digitized biometric asset.
[0008] Individuals could independently own and manage their personal digital identity and public real-world use through intelligent contracts and ownership on the blockchain through cryptography and its associated NFT or keys/address. The owner could safely and efficiently interact with and log into traditional websites or blockchain security login and logon requirements through their digital identities associated with their proof of image ownership as an NFT protocol which once complete becomes decentralized and self-governed. The owner of the biometric scans would have complete controlling rights over their digital identity asset without depending on a third- party identity verifier and any unknown vulnerable data servers.
[0009] This digital asset and ID tool could also be quickly provided to crypto wallets and apps that provide the users blockchain address/key/password and NFT’s.
[0010] The object of this invention is to provide a digital identity system and methods to alleviate the above problems, or at least provide the public with a useful alternative.
SUMMARY OF THE INVENTION
[0011] In a first aspect the invention provides a method for creating a digital identity of a person based on biometric data of the persons, comprising the steps of: a) capturing biometric data of the person; b) creating a vector file to represent the biometric data; and c) uploading the vector file into a blockchain network in an original block as a non-fungible token (NFT) to produce an NFT asset.
[0012] Preferably the biometric data is selected from the group of: face print captured using a camera; voice spectrogram captured using a microphone; iris characteristics captured using a camera; gait captured using a camera; and a combination of face print, voice spectrogram, iris characteristics and gait.
[0013] Preferably the method further comprises generating a privacy-preserving vector mask representing the biometric data and uploading the vector mask to the NFT asset.
[0014] Preferably the method further comprises updating the vector file to represent the present biometric data of the person and uploading the vector mask to the NFT asset.
[0015] Preferably the method further comprises a Know Your Customer (KYC) verification process to ensure that the uploaded biometric data is associated with the person. [0016] Preferably the method further comprises adding supplementary biometric data to the NFT asset.
[0017] Preferably the supplementary data is added to the blockchain network as a new block which is chained to the NFT asset.
[0018] Preferably new block replaces the original block and uses the credentials of the original block.
[0019] Preferably the method further comprises attaching additional information to the NFT assets, to provide further authentication capabilities for the digital identity and a universal passport.
[0020] Preferably the digital identity is accessible and stored via a crypto wallet.
[0021] Preferably the method further comprises uploading to the NFT asset NFC (Near Field Communication) chip credentials belonging to the person, and using an NFC system to access the NFT asset to determine the NFC chip credentials.
[0022] Preferably the method further comprises an optional two-factor authentication process for increased security when accessing and managing the digital identity, wherein the user may choose to provide additional verification, such as a one-time password (OTP), secondary or third biometric field (Voice, Fingerprint, Iris), or physical security key.
[0023] Preferably the privacy-preserving vector mask is generated using advanced security and or encryption techniques and/or zero-knowledge proof (ZKP) protocols, ensuring that the actual biometric data remains secure and confidential.
[0024] Preferably the method further comprises detecting and reporting any unauthorized access or usage of the digital identity, including unauthorized copying, sharing, or selling of the biometric data or its associated Image and likeness.
[0025] Preferably the method further comprises revoking access to the digital identity in the event of a security breach, lost or compromised private key, or upon the person’s request, wherein the blockchain network will update the status of the digital identity and prevent further unauthorized access or usage.
[0026] Preferably the method further comprises an adaptive algorithm or Al that learns and updates the biometric data over time, accounting for changes in an individual's facial features and voice due to aging, surgery, or other factors, thereby maintaining the accuracy and relevance of the digital identity.
[0027] Preferably the digital identity is used as a decentralized attestation platform, allowing third-party entities to verify and authenticate the user's identity, credentials, or other attributes without having direct access to the sensitive biometric data.
[0028] Preferably the method further comprises selectively granting access to specific portions of the digital identity, allowing the user to maintain control over the sharing and disclosure of personal information.
[0029] It should be noted that any one of the aspects mentioned above may include any of the features of any of the other aspects mentioned above and may include any of the features of any of the embodiments described below as appropriate.
BRIEF DESCRIPTION OF THE DRAWINGS
[0030] Preferred features, embodiments and variations of the invention may be discerned from the following Detailed Description which provides sufficient information for those skilled in the art to perform the invention. The Detailed Description is not to be regarded as limiting the scope of the preceding Summary of the Invention in any way. The Detailed Description will make reference to a number of drawings as follows.
[0031] Figure 1 shows the system architecture of the digital identification system of the present invention.
[0032] Figure 2 shows a system flow diagram for using a person’s face to generate a digital identity.
DETAILED DESCRIPTION OF THE INVENTION
[0033] The following detailed description of the invention refers to the accompanying drawings. Wherever possible, the same reference numbers will be used throughout the drawings and the following description to refer to the same and like parts. Dimensions of certain parts shown in the drawings may have been modified and/or exaggerated for the purposes of clarity or illustration. [0034] In essence the present invention provides a digital identification system and methods (referred to as NFID - Non-Fungible Identification) comprising a decentralized, self-sovereign digital identity and its proof of ownership via a smart contract on a blockchain network. The digital identity specifically represents a person’s physical, real- life, face print, and biometric markers obtained through 2D, 3D, or multi-directional liveness scans of the face as well as other capture methods used to obtain biometric recordings. The biometrics are then digitized into a unique vector file for each individual holder. The generated vector file is uploaded into a blockchain network as a non- fungible token (NFT) asset to provide proof of ownership, preserved on a secure, immutable network. The invention further includes a privacy-preserving vector mask for representing the biometric data, federated and Al learning for improved biometric accuracy, a mechanism for updating biometric data to accommodate changes in an individual's appearance over time, and integration with various applications and platforms for identity verification and authentication purposes. The invention also incorporates voice biometrics in the form of sound spectrograms and a feature that enables integration with video chat and voice call applications to ensure secure communication are protect against deep fakes and cybercrime.
[0035] More specifically the invention provides a system for creating a decentralized, self-sovereign digital identity of a real-life person's face print and voice biometrics, comprising: a) capturing a 2D, 3D, or multi-directional liveness scans or any of the methods mentioned below, of the face including recording the individual's voice or additional biometrics (iris, fingerprint, gate etc.). For this example we will use creating a digital representations of the face and voice using unique vector files and associated data sets representing the biometrics used; b) generating privacy-preserving vector masks representing the biometric data without revealing the actual images of the person's face or a spectrograph for the specific voice recording to only be shown and stored on the blockchain; c) utilizing federated and Al learning to improve the accuracy of the biometric data captured; d) uploading the vector files and the privacy-preserving vector masks into a blockchain network as non-fungible, Soul Bound token (Soul Bound meaning that the NFID is a non-transferrable) asset to provide proof of ownership preserved on a secure, immutable blockchain network; e) allowing the owner of the NFT assets to update their biometric data to accommodate changes in their appearance, credentials, voice or other uploaded biometrics over time, while preserving the history of their digital identity on the blockchain network; f) providing a mechanism for individuals to control the access and usage of their biometric data through smart contracts and or legally backed smart contracts, cryptographic keys and intellectual property IP laws granted (for example) Copyright and Trademark IP and protections granted by these laws; and g) integrating the decentralized digital identity (DID) with various applications and platforms for identity verification and authentication purposes, including but not limited to cryptocurrency exchanges, bank accounts, digital and metaverse, virtual worlds, augmented reality (AR), virtual realities (VR), simulations, networks, real-life use cases, single sign-in, single sign-on solutions, video chat, and voice call applications over any capable network.
[0036] The system further comprises of a Know Your Customer (KYC) verification process to ensure that the uploaded biometric data is associated with the real-life individual and is not being used for fraudulent or Anti Money Laundering efforts (AML) purposes.
[0037] The system further comprises a mechanism for adding supplementary biometric data, such as additional facial scans, voice recordings, or other biometric scans and information, to the NFT assets, wherein the supplementary data is added to the blockchain network as a new block that can be chained to the original block containing the initial biometric data, or destroying the previous block and uploading a new block using the credentials of the last block or in turn creating a new block altogether with all the relevant data.
[0038] The system further comprises a mechanism for attaching additional information to the NFT assets, such as diplomas, certifications, health care information or other personal credentials like bank account details or crypto wallet addresses, to provide further authentication capabilities for the digital identity and universal passport.
[0039] The system further comprises a mechanism for assigning a copyright or trademark to the NFT assets, acknowledging the individual's rights to their digital identity as a personal asset or brand in the Web3 and Virtual world and or real-world space the likes of YouTube, podcasts or similar as examples but not limited to where they would need protection or monetization of their personal brand.
[0040] The digital identity is accessible and stored via a crypto wallet (e.g. MetaMask) or NFID purpose built digital wallet of its own or the likes, allowing for seamless integration with various banking and payment solution providers for fiat or crypto currency or blockchain networks, Distributed Ledger Technologies (DLT), crypto networks, applications, platforms and real world internet of things and smart cities, as an example an NFC chip (near field communication) allows a user to upload their NFC chip credentials into their NFID and instead of using an NFC chip for access to a restricted area or office building can instead use a smart device camera and could simply scan the users face and or voice or other biometrics of an NFID holder and they would then if verified be granted access to the area in question. Similarly, a passport for travelling can now be made obsolete and no longer needed to carry a physical passport when abroad. An NFID holder may scan the NFC chip found in a Passport and upload the passport document information into their NFID identity during the said NFID, KYC process to verify authenticity and ownership. This would then allow an actual copy of a government issued document of the highest importance relevant to each countries individual requirements to be verified and now digitized. A person can now be identified, protected and self-sovereign/autonomous by using their biometrics backed by blockchain through NFID.
[0041] The system further comprises a mechanism for licensing the use of the biometric data, wherein the owner of the NFT assets can establish terms and conditions for third-party usage of their digital identity, including licensing fees and or penalties for non-compliance.
[0042] The smart contracts associated with the NFT assets are automatically updated to reflect any changes in the individual's biometric data, ensuring that the digital identity remains current and accurate over time.
[0043] The system further comprises an optional two-factor authentication process for increased security when accessing and managing the digital identity, wherein the user may choose to provide additional verification, such as a one-time password (OTP), secondary or third biometric field (Voice, Fingerprint, Iris), or physical security key, or using a device’s stored biometric data such as a fingerprint to further verify the individual.
[0044] The privacy-preserving vector mask is generated using advanced security and or encryption techniques and/or zero-knowledge proof (ZKP) protocols, ensuring that the actual biometric data remains secure and confidential.
[0045] The system further comprises an automated process for detecting and reporting any unauthorized access or usage of the digital identity, such as unauthorized copying, sharing, or selling of the biometric data or its associated Image and likeness, as per any asset or artwork that is afforded such protections via IP laws.
[0046] The system further comprises a mechanism for revoking access to the digital identity in the event of a security breach, lost or compromised private key, or upon user request, wherein the blockchain network will update the status of the digital identity and prevent further unauthorized access or usage.
[0047] The system further comprises an adaptive algorithm or Al that learns and updates the biometric data over time, accounting for changes in an individual's facial features and voice due to aging, surgery, or other factors, thereby maintaining the accuracy and relevance of the digital identity.
[0048] The digital identity may be used as a decentralized, custodial or noncustodial, attestation platform, allowing third-party entities to verify and authenticate the user's identity, credentials, or other attributes without having direct access to the sensitive biometric data.
[0049] The system further comprises a mechanism for selectively granting access to specific portions of the digital identity, allowing the user to maintain control over the sharing and disclosure of personal information based on the context and purpose of the interaction.
[0050] The system can be utilized to facilitate secure and efficient peer-to-peer transactions, such as payments, contracts, or data exchange, by leveraging the digital identity as a trust anchor for verifying the parties involved in the transaction.
[0051] The system can also be used as a foundation for creating and managing a digital reputation, which can be further utilized for various purposes such as risk assessment, trustworthiness evaluation, and access control.
[0052] The digital identity system can be extended to include other biometric modalities, such as fingerprints, iris scans, or gait patterns, etc. thereby providing a comprehensive and robust digital identity solution.
[0053] The system can collaborate and or integrate by design to comply with relevant data protection and privacy regulations, such as the General Data Protection Regulation (GDPR), the California Consumer Privacy Act (CCPA), or other applicable legislation, ensuring the user's rights and interests are protected.
[0054] The system further comprises integration of NFID face mask and vector file and voice biometrics as a sound spectrogram and or an Iris Scan and or a Fingerprint, to provide additional layers of security and authentication.
[0055] The NFID can be used to integrate into applications capable of having video chat and voice calls, like WhatsApp, Skype online chats like Zoom or VoIP capabilities, periodically running face matches, voice matches, or both during the call to ensure the highest level of security against deep fakes during live communications and interactions.
[0056] The voice call will cross-reference the voice it hears against the NFID voice database and provide a rating, score and or liveness score percentage or confirmation to indicate authentication and verification when on a call or using VR or in virtual worlds, such as a Metaverse. The same techniques can be used for the Face match for liveness scores, deepfake mitigation, face match scores etc. but not limited to.
[0057] The NFID through its own or any available channels or networks or applications, owners of an NFID can access exclusive virtual AR and VR corporate offices, spaces and or meeting rooms, medical examinations, confidential gatherings, and conversations but not limited to, with the assurance that they are connecting securely and with verified and authorised identities/parties, or perhaps government officials needing to have a private digital gathering in a totally secure environment.
[0058] The NFID face and or voice matching can be used during any networked interaction to ensure that participants using any available communication channels such as 3G, 4G, 5G, or future generation of connectivity and telecommunication capabilities including VOIP or direct satellite, are cross referenced and the persons they claim to be are indeed the said persons, providing additional security and trust in digital communications.
[0059] Implementation of the system 100 can be understood with the aid of the system architecture diagram of Figure 1 which shows blocks for the following functionality. Block 101 NFID website portal; Block 102 Crypto Address Linked to NFID Platform; Block 103 (2FA) Email/Phone Verification; Block 104 KYC Verification Process; Block 105 Wallet Address and Biometrics Data Linked; Block 106 Generate the Digital ID; Block 107 Mint and Link NFID to Blockchain Block; 108 NFID Created;
Block 9 Add Verifiers and Credentials; and, Block 110 NFID profile to search and verify other NFID users.
[0060] The various blocks of the system are described in further detail below.
[0061] Block 101 NFID website portal - a website is a collection of interconnected webpages typically hosted on a web server and accessible through the Internet. Each webpage is constructed using HTML (Hypertext Markup Language), CSS (Cascading Style Sheets) for styling, and JavaScript for interactivity. Websites are accessed by users through browsers like Chrome, Firefox, or Safari, which interpret these codes to present the content.
[0062] Block 102 Crypto Address Linked to NFID Platform - a cryptocurrency wallet is a digital tool that allows users to store and manage their blockchain credentials keys that allow them to transact on the blockchain. Wallets can be software-based (hosted on a device or a cloud service) or hardware-based (physical devices that store keys offline). Wallets do not store the actual cryptocurrencies but rather the keys needed to access them on the blockchain.
[0063] Key Components of a Crypto Wallet - Public Key: comparable to an account number, it can be shared publicly to receive funds. Private Key: similar to an account password, it should be kept secure as it allows the signing of transactions, thereby providing control over the associated cryptocurrencies.
[0064] Crypto Wallet Functionality - Generation of Keys: upon setup, a wallet generates a cryptographic key pair: a public key and a private key. The public key is derived mathematically from the private key. Transaction Signing: to execute a transaction (e.g., sending crypto), the wallet uses the private key to sign the transaction data, creating a digital signature. This signature proves ownership of the funds being sent.clnteraction with Blockchain: the signed transaction is broadcast to the blockchain network, where miners validate it and, upon successful validation, add it to a block in the blockchain. The transaction then becomes part of the public ledger.
[0065] Connecting the Website to a Cryptocurrency Wallet - User Interface Integration - Frontend Development: the website incorporates a wallet interaction interface using HTML, CSS, and JavaScript. This interface includes buttons and forms to initiate transactions or queries. JavaScript Libraries: Libraries such as Web3.js or Ethers.js are integrated into the website. These libraries provide functions that interact with blockchain networks and are crucial for sending transactions and accessing wallet data.
[0066] Wallet Selection and Connection Browser Extension - Wallets: Wallets like MetaMask operate as browser extensions. When a transaction is initiated from the website, the wallet extension is prompted to open, asking for user authentication and permission to access the wallet. Mobile Wallets: Using QR codes or deep links, websites can interact with mobile-based wallets. The user scans a QR code with their wallet app, which triggers wallet actions relevant to the website’s request.
[0067] Authentication and Permissions - OAuth Protocols/Token-based Authentication: Secure methods are used to verify the identity of the user and ensure that the wallet connection request is authorized. Permission Requests: The website must request permission to view account addresses and initiate transactions. The user must explicitly approve these permissions, which are managed by the wallet software.
[0068] Transaction Initiation and Signing - Initiating Transactions: The website constructs a transaction request (including details like recipient address, amount, and gas fees) and sends it to the wallet. Signing: The wallet, upon user confirmation, signs the transaction using the stored private key. This process is securely handled by the wallet software or hardware, never exposing the private key to the website.
[0069] Broadcast to Blockchain - Network Interaction: The signed transaction is sent back to the website’s server or directly to the blockchain network via the wallet’s network interface. Confirmation Handling: The website monitors the transaction status on the blockchain and updates the user interface accordingly to reflect the confirmed or failed transaction status. SSL/TLS Encryption: Ensures that all data exchanged between the user's browser and the website is encrypted, protecting sensitive information from interception.
[0070] Connecting a cryptocurrency wallet to a website involves sophisticated interactions between web technologies and blockchain-based cryptographic principles. This integration enables websites to facilitate secure and efficient cryptocurrency transactions directly through user interfaces, enhancing user experience and expanding the usability of digital assets in various online applications.
[0071] Block 103 (2FA) Email/Phone Verification. [0072] Two-Factor Authentication Setup - Initial Verification: The server sends a verification code via SMS to the provided phone number and an email to the provided email address. Libraries like Twilio or SendGrid might be used for SMS and email services, respectively. Verification Confirmation: The user enters the received codes on the website, which are then sent back to the server to confirm the authenticity of the phone number and email address.
[0073] Block 104 KYC Verification Process.
[0074] Initial User Prompt for KYC Compliance - Secure Session Establishment: When a user finishes their basic registration on a website, a secure session is initiated using HTTPS. This session encrypts all data exchanges using SSL/TLS protocols to safeguard the sensitive personal information that will be transmitted. Collection and Upload of KYC Documents: Document Submission Interface - the user is prompted through a web interface to upload digital copies of required documents, such as a passport or driver's license. This interface uses HTML5 and JavaScript to facilitate file uploads and provide immediate feedback on image quality and file format. Client-side Image Validation - JavaScript libraries are used to perform preliminary checks on the images for resolution, clarity, and detect common issues like underexposure or overexposure, guiding users to resubmit if necessary.
[0075] Document Verification through OCR and API Integration: Optical Character Recognition (OCR) Processing - once documents are uploaded, they are processed through an OCR system (e.g., Google Cloud Vision API). This API extracts text data from the images, converting them into structured data. API Calls for Data Validation - extracted data, such as names and document numbers, are validated against public records and databases through RESTful API calls to third-party services that specialize in identity verification.
[0076] Biometric Verification with Real-Time Facial Recognition and Liveness Detection - Facial Recognition Software: the user is required to take a live selfie using their smartphone or webcam. This image is processed using facial recognition software integrated into the KYC system. Technologies like Microsoft Azure's Face API or Amazon Rekognition are commonly employed. Liveness Detection Mechanisms: To ensure the presence of a live person rather than a photo or video, liveness detection software analyses the selfie for signs of life. This can include: Motion Analysis - detecting small movements such as blinking or head movements; Texture Analysis - identifying skin texture and patterns that are not present in photographs; Challenge- Response Tests - asking the user to perform random movements, such as smiling or frowning, and capturing these actions in real-time to verify liveness; Facial Matching Algorithms - once liveness is confirmed, the facial recognition software compares geometric and photometric features from the selfie with the photo on the ID document. This comparison is done using algorithms that measure the spatial relationships between key facial landmarks (eyes, nose, mouth, jawline).
[0077] This detailed description of the KYC process uses a combination of secure web technologies, advanced biometric analysis, and third-party API integrations to ensure a robust and compliant system. Each is designed to verify the user's identity accurately. Such a system is crucial for financial institutions, fintech companies, and any other sector where identity verification is critical for legal and security reasons.
[0078] Block 105 Wallet Address and Biometrics Data Linked.
[0079] To integrate biometric data into a cryptocurrency wallet as a non-transferable NFT (Non-Fungible Token) while preserving privacy using only a vector file mask or landmark representation of the user's face, a sophisticated process involving biometric processing, blockchain technology, and cryptographic security.
[0080] Capturing and Processing Biometric Data - Biometric Capture: the user's facial biometrics are captured using a high-resolution camera integrated into a secure application. This could be part of a KYC process where the user's live facial features are scanned. Feature Extraction: advanced facial recognition software processes the captured image to extract key facial landmarks (eyes, nose, mouth, jawline, etc.). This is typically done using deep learning models trained to identify and map these features accurately. Generate Vector Representation: instead of storing raw biometric data, which poses privacy risks, the system converts the facial landmarks into a mathematical vector representation. This vector describes the relative positions and distances of facial landmarks and does not recreate the actual facial image. Algorithms such as Principal Component Analysis (PCA) or Convolutional Neural Networks (CNNs) can be used to reduce the dimensionality of the data and generate a unique but anonymized "faceprint" or other biometric data such as a voice print, fingerprint, or the like.
[0081] Create a Non-Transferable NFT - Smart Contract for NFT: a smart contract is developed on a blockchain platform like Ethereum. This contract contains the logic for minting NFTs and ensures that the NFTs are non-transferable once assigned to a wallet. This can be enforced by coding the transfer function to reject all transactions except those approved by the original minter (typically the issuing authority). Minting the NFT : the vector file or faceprint but not limited to is embedded within the NFT as its unique identifier or "tokenURI". This URI points to a secure location where the faceprint vector is stored encrypted. The smart contract mints the NFT with a linkage to the user’s cryptocurrency wallet address. Metadata within the NFT includes cryptographic hashes of the user’s vector file for verification without revealing actual data.
[0082] Secure Storage and Access Control - Data Encryption: the faceprint vector stored as part of the NFT metadata is encrypted using strong encryption algorithms (e.g., AES-256) but not limited to. The decryption key is managed securely, ensuring that only authorized entities can access the actual data. Blockchain Transactions: all interactions with the NFT (queries, validations) are managed through blockchain transactions. These transactions are secured by the blockchain’s inherent cryptographic and consensus mechanisms, ensuring that they are tamper-proof and traceable.
Access Control: access to decrypt and read the faceprint vector is strictly controlled through smart contract rules. Only persons with the correct permissions, such as the matching biometric data can be granted access to their profile.
[0083] Privacy-Preserving Verification - Verification Using Masked Representation: for any verification process (e.g., accessing a secured area or system), the requesting system can query the blockchain to access the NFT metadata. The verification system uses the provided vector file mask to perform a comparison with a live scan of the user’s face. This process ensures that the user’s privacy is maintained, as the actual biometric data is never exposed. Updating Biometric Data - in cases where biometric data needs updating (e.g., significant physical changes to facial features), a new vector file is generated, and a new NFT is minted. The previous NFT can be burned or invalidated via the smart contract to maintain data integrity.
[0084] This approach to integrating biometric data into a cryptocurrency wallet as a non-transferable NFT (also called a Soul Bound Token) not only ensures robust security and privacy but also leverages the benefits of blockchain technology for transparency and immutability. By using vector representations but not limited to and secure smart contracts, the system effectively balances privacy concerns with the need for accurate and reliable biometric verification. [0085] Block 106 Generate the Digital ID
[0086] Creating a digital ID by leveraging biometric data, blockchain technology, and the processes of capturing and encoding biometric information into non-transferable NFTs involves several high-level technical steps. This digital ID, embedded into a blockchain ecosystem as an NFT, represents a secure and innovative approach to identity management.
[0087] The biometric data can be based on a person’s facial features or voice, or even other distinguishing features such as their gait, or combinations thereof.
[0088] Biometric Data Capture and Processing: Capture Biometric Data - utilize secure, high-definition cameras within controlled environments to capture biometric data, specifically facial features. This can be part of a broader KYC process facilitated through a secure application on a smartphone or a dedicated kiosk. Feature Extraction - employ facial recognition algorithms to analyse the captured images and extract crucial facial landmarks. Techniques such as deep learning and convolutional neural networks (CNNs) are used to map features like the distance between eyes, nose shape, and jawline contours. Generate Anonymized Vector Representation - convert the raw biometric data into a numerical vector that describes facial features while ensuring privacy. This transformation uses dimensionality reduction techniques like Principal Component Analysis (PCA) to create a unique yet non-reversible vector, referred to as a "faceprint."
[0089] Figure 2 provides a system flow diagram 200 for using a person’s face to generate a verified digital identity, including the following functionality blocks. Block 201 Image capture, Block 202 Pre-processing, Block 203 Feature Extraction, Block 204 Vector Representation, and Blocks 205, 206, 207 Comparison, Matching and Verification.
[0090] Block 201 Image capture
[0091] The first step in facial recognition is acquiring a digital image of a person's face. This can be done using various types of cameras, such as RGB, infrared, or depth-sensing cameras, depending on the specific requirements of the application. The camera sensor is responsible for converting light energy into electrical signals. Most facial recognition systems use a charge-coupled device (CCD) or complementary metal-oxide-semiconductor (CMOS) sensor to capture the image. The camera lens focuses the light onto the sensor, determining the sharpness and quality of the captured image. High-resolution images are preferable for facial recognition, as they provide more detail and allow for more accurate feature extraction. However, higher resolution also means larger file sizes and increased processing time.
[0092] Block 202 Pre-processing
[0093] After capturing the facial image, pre-processing techniques are applied to improve the image quality and remove any unwanted noise or distortion. Common preprocessing steps include: a) Grayscale Conversion - Converting the image to grayscale simplifies the data and reduces computational complexity while retaining sufficient information for facial recognition; b) Histogram Equalization - This technique enhances the image's contrast, ensuring that the facial features are more easily distinguishable; c) Noise Reduction - Noise reduction techniques, such as Gaussian smoothing or median filtering, are applied to remove any unwanted noise and artifacts from the image; and d) Geometric Normalization - Scaling, rotation, and translation transformations are applied to the image to normalize the face's position and size, ensuring consistency across different images.
[0094] Block 203 Feature Extraction
[0095] Feature extraction involves identifying and extracting distinctive facial features from the pre-processed image. There are several techniques for feature extraction, including: a) Eigenfaces - This method uses principal component analysis (PGA) to identify the most significant features (eigenfaces) that represent the face's variations. The face is then projected onto the eigenface space to create a lowerdimensional representation, b) Local Binary Patterns (LBP) - LBP is a texture descriptor that encodes local contrast patterns in the image. LBP histograms can be used to represent facial features, c) Deep Learning - Deep learning techniques, such as convolutional neural networks (CNNs), can automatically learn hierarchical feature representations from the image data. Pre-trained models, such as VGGFace or FaceNet, can be fine-tuned for specific facial recognition tasks.
[0096] Block 204 Vector Representation
[0097] Once the facial features have been extracted, they are represented as a feature vector or embedding. This vector representation is a compact and efficient way of describing the face and can be used for comparison and matching purposes. The vector representation can be generated using methods such as: a) PCA - In the eigenface method, the projection of the face onto the eigenface space creates a feature vector; b) LBP - The LBP histograms can be concatenated to form a feature vector; and c) CNNs - The output of the final fully connected layer in a CNN architecture can be used as the feature vector (embedding).
[0098] Blocks 205, 206, 207 Comparison, Matching and Verification
[0099] The final steps in facial recognition is comparing the vector representation of the captured face with a database of known faces. Similarity or distance metrics, such as Euclidean distance or cosine similarity, are used to measure the similarity between the captured face's vector representation and the vectors of faces in the database. A threshold value is typically used to determine if a match has been found. Identification - In this scenario, the captured face's vector representation is compared to all the vectors in the database to find the most similar match. If the similarity value exceeds the threshold, the system identifies the person as the corresponding match. Verification - In a verification scenario, the captured face's vector representation is compared to a specific known face's vector representation to confirm the person's claimed identity. If the similarity value exceeds the threshold, the system verifies the person's identity as claimed.
[00100] Evaluating the performance of a facial recognition system is crucial for ensuring its accuracy and effectiveness. The performance can be assessed using various metrics, such as: a) True Positive Rate (TPR) or Recall: The proportion of correctly identified positive instances (genuine matches) among all actual positive instances, b) False Positive Rate (FPR): The proportion of incorrectly identified positive instances (impostor matches) among all actual negative instances, c) Precision: The proportion of correctly identified positive instances among all instances classified as positive, d) F1 -Score: The harmonic mean of precision and recall, providing a balanced measure of the system's performance, e) Receiver Operating Characteristic (ROC) curve: A graphical representation of the TPR against the FPR at various threshold values. The area under the ROC curve (AUG) provides a single measure of the system's performance.
[00101] A simple example of how facial recognition technology works and can be used by NFID, using Python and the open-source library Dlib, which implements a facial recognition algorithm based on deep learning. This example demonstrates how to capture an image, detect faces, extract facial features, and calculate the Euclidean distance between two faces' vector representations.
[00102] Face Detection - The first step in facial recognition is to detect faces in an image. In this example, we use Dlib's pre-trained face detector, which is based on a Histogram of Oriented Gradients (HOG) feature combined with a linear classifier, an image pyramid, and sliding window detection scheme. The HOG feature descriptor captures the structural information of a face by considering the distribution of intensity gradients in localized portions of the image.
[00103] Facial Landmark Detection - After detecting faces, the next step is to identify key facial landmarks, such as the corners of the eyes, nose, and mouth. In our example, we use Dlib's shape predictor, which is a pre-trained model based on an ensemble of regression trees. This model, shape_predictor_68_face_landmarks.dat, can detect 68 facial landmarks that are essential for extracting facial features but there is no real limit to captured points and NFID uses up to 400 points/landmarks or more.
[00104] Feature Extraction - To represent the detected faces in a manner suitable for comparison, we need to extract facial features that capture unique information about each face. In our example, we use Dlib's face_recognition_model_v1 based on the ResNet-34 architecture, which computes a 128-dimensional feature vector for each face. This deep learning model is pre-trained on a large dataset of faces and learns to generate a unique vector representation for each individual by considering various facial attributes.
[00105] Face Vector Comparison - To compare two faces and determine their similarity, we calculate the Euclidean distance between their 128-dimensional feature vectors. If the distance is below a predefined threshold, the faces are considered to be similar or belonging to the same person.
[00106] There are several other methods that could be used to find facial biometric landmarks. Some of these methods include: Active Shape Models (ASM), Cascade of Regression (CoR), Supervised Descent Method (SDM), Constrained Local Model (CLM), Ensemble of Regression Trees (ERT), and Deep Alignment Network (DAN), Multi-task Cascaded Convolutional Networks (MTCNN). These mentioned methods can be implemented using various libraries and tools, such as OpenCV, Dlib, or TensorFlow. [00107] Facial recognition is used in conjunction with liveness testing to ensure that the facial features of an actual person co-operating with the system are captured in order to avoid deception by use of photos or videos of a person.
[00108] Active liveness testing requires user interaction, such as following on-screen prompts or performing specific actions (e.g., blinking, smiling, or turning the head). These tests help ensure that the subject is a live person rather than a static image or pre-recorded video. Algorithms used for active liveness testing can include motion analysis, temporal analysis, and challenge-response methods. Liveness testing using physiological signals typically involves analysing the inherent characteristics of a live person that are difficult to replicate, such as heart rate, blood flow, or skin temperature. One common physiological signal used for liveness testing is the analysis of blood flow patterns in the face, also known as remote photoplethysmography (rPPG). Motion Analysis - This approach analyses the movement patterns of the face, such as the natural sway that occurs when a person is standing still. By tracking facial landmarks over time, the algorithm can determine if the motion is consistent with that of a live person. Temporal Analysis - This method involves examining the changes in facial appearance over a short period, such as variations in facial expressions or subtle movements. By comparing consecutive frames in a video feed, the algorithm can detect the dynamic changes expected from a live person. Challenge-Response - This technique requires the user to respond to a random challenge, such as blinking or smiling when prompted. The algorithm verifies if the subject's actions match the requested challenge, indicating that the subject is a live person.
[00109] Passive liveness testing does not require user interaction and instead relies on the natural properties of a live face, such as texture, depth, and physiological signals. Algorithms used for passive liveness testing can include texture analysis, depth analysis, and physiological signal analysis. Texture Analysis - This approach examines the texture of the face, looking for patterns that are characteristic of live skin, such as micro-movements, skin reflectance, and perspiration. Algorithms such as Local Binary Patterns (LBP) or Histogram of Oriented Gradients (HOG) can be employed to analyse facial texture and distinguish between live faces and spoofing attempts. Depth Analysis - Depth information can be used to differentiate between a live face and a flat image or video. By utilizing depth-sensing cameras or structured light systems, algorithms can generate a 3D representation of the face and verify its depth and contours. This can be achieved through methods such as point cloud analysis or depth map comparison. Physiological Signal Analysis - This technique involves detecting subtle physiological signals, such as blood flow or heart rate, which are unique to live subjects. Algorithms can analyse temporal changes in facial colour or thermal imaging data to capture these physiological signals and confirm the subject's liveness.
[00110] A robust facial recognition system incorporates liveness testing follows a multi-step process: a) Face Detection - First, the system detects a face in the input image or video using techniques like Viola-Jones, HOG, or deep learning-based approaches (e.g., MTCNN). b) Face Alignment and Normalization - The detected face is then aligned and normalized to ensure consistency across different input images. This can be achieved using methods like Procrustes analysis or affine transformations based on facial landmarks, f) Liveness Testing - The system performs active or passive liveness testing (as described above) to ensure the presence of a live person, g) Feature Extraction - Once the liveness test is passed, the system extracts facial features using algorithms like Eigenfaces, Fisherfaces, Local Binary Patterns Histograms (LBPH), or deep learning-based approaches (e.g., FaceNet, ArcFace, or VGGFace2).
[00111] A microphone can be used to capture a person’s voiceprint. The voiceprint scans will be represented and preserved as both a visual Waveform and or Spectrogram image/video and assigned as an NFT Non-Fungible Token including an actual sound recording clip of a spoken sentence representing the unique features of a person’s voice. Statistical and technological methods are used to measure and find what is known as a mathematical model of a voice print using a set of numbers to represent shapes, sizes and movements of a person’s vocal organs each unique to every individual.
[00112] Block 107 Mint and Link NFID to Blockchain - Integration with Blockchain for generating the Digital IDs. Design and Deploy Smart Contracts: develop and deploy smart contracts on a blockchain platform like Ethereum. These contracts govern the creation, non-transferability, and lifecycle of the digital ID NFTs. They include functions to mint, update, and burn NFTs, alongside strict rules preventing the transfer of these tokens to ensure identity integrity. Mint Digital ID as NFT: mint an NFT that encapsulates the user’s anonymized biometric vector. The smart contract encodes the vector into the NFT's metadata, stored securely on the blockchain. The metadata includes a link (URI) to the encrypted vector file, which is kept in a decentralized file storage system like IPFS (Interplanetary File System). Secure Storage and Encryption: encrypt the vector file using cryptographic algorithms such as AES-256. Store the encryption keys in a secure key management system that allows controlled access based on predefined permissions managed through blockchain transactions.
[00113] Upload to the Blockchain - Preparation of the Digital ID for Blockchain Upload - Data Serialization: Format Conversion, convert the digital ID data into a format suitable for blockchain storage. This usually involves serialization into JSON (JavaScript Object Notation) format, which is widely used for data interchange and is compatible with many blockchain platforms. Data Minimization: Due to the cost and speed constraints associated with blockchain transactions, minimize the data to be stored directly on the blockchain. Typically, only essential identifiers and hashes of the data are stored on-chain to ensure privacy and efficiency.
[00114] Hash Creation - Generate Hashes: create cryptographic hashes of the digital ID’s data. Hash functions such as SHA-256 (Secure Hash Algorithm 256-bit) are used to produce a unique output (hash) that acts as a fingerprint of the data. Storing these hashes on the blockchain allows for the verification of data integrity without exposing the actual data.
[00115] Blockchain Smart Contract Interaction - Smart Contract Development- Contract Coding: develop a smart contract in Solidity (for Ethereum) or another smart contract language that supports the functionality needed. This contract governs how digital IDs are stored, accessed, and managed on the blockchain. Contract Functions: include functions to add new digital IDs, update existing ones, and verify stored data against provided hashes. Contract Deployment - Deploy to Blockchain: deploy the smart contract to the blockchain. This involves compiling the contract and transmitting it to the blockchain network, where it is propagated across all nodes.
[00116] Uploading Data to the Blockchain - Transaction Creation - Creating a Blockchain Transaction: initiate a blockchain transaction to store the digital ID’s data hash and any other relevant identifiers (like a user's public blockchain address) on the blockchain. The transaction includes calling the smart contract function designed for adding new IDs and passing the data to be stored. Transaction Fee: calculate and attach the necessary transaction fee (or "gas" in the case of Ethereum) to ensure the transaction is processed by the blockchain miners. [00117] Data Verification - Transaction Signing: the transaction must be signed using the website’s private key associated with its blockchain wallet. This authenticates the transaction origin and ensures it has not been tampered with during transmission.
Broadcast Transaction: Send the signed transaction to the blockchain network, where it will be verified by network participants (miners or validators) and added to a block.
[00118] Confirmation and Error Handling - Transaction Confirmation - Block Inclusion: monitor the transaction until it is included in a block and confirmed by the network. The number of confirmations required can vary depending on the blockchain's security protocols. Receipt Retrieval: retrieve the transaction receipt, which includes the transaction status, block number, and gas used, ensuring everything went as planned.
[00119] Uploading a digital ID to the blockchain involves careful preparation of the data, smart contract management, secure transaction handling, and robust error and access management. The digital ID is not only stored securely and immutably on the blockchain but also made readily verifiable, enhancing trust and transparency in digital identity verification.
[00120] Block 108 NFID Created.
[00121] Consolidation of User Data: Data Aggregation - after the completion of the KYC and biometric capture processes, the relevant user data, including verified personal details (name, address, date of birth) and the biometric vector (from the KYC process) are aggregated. This aggregation happens in the backend of the website, typically managed by server-side applications developed in languages such as Node.js, Python, or Java.
[00122] Creation of Digital ID: Digital ID Formation - The server-side application constructs a digital ID object. This object includes not only the user's personal and biometric information but also references to the blockchain-stored data, such as the link to the non-transferable NFT that represents their biometric vector. Encryption and Security - all sensitive data within the digital ID is encrypted using robust encryption standards (e.g., AES-256) to ensure data integrity and confidentiality. The encryption keys are managed via secure key management practices, often involving hardware security modules (HSMs) or similar technologies.
[00123] Blockchain Integration - Blockchain Record: a blockchain transaction is executed to record the creation of the new digital ID. This transaction logs the user’s encrypted digital ID and the hash of the NFT link on the blockchain, providing an immutable ledger entry that verifies the ID’s creation date and time. Smart Contract Interaction: the website interacts with a smart contract on the blockchain to register the digital ID. This contract operation includes storing the minimal necessary data on the blockchain to ensure privacy while keeping references that allow for validation and verification of the ID against the blockchain data.
[00124] Storage on the Website: Database Storage - the complete digital ID, including references to the blockchain data, is stored in the website's database. This database is typically a secure, scalable database like PostgreSQL or MongoDB, which supports large volumes of data and complex data structures.
[00125] User Access and Interaction: User Interface (Ul) Integration - the website provides a user interface where users can view their digital ID and the status of their biometric NFT. This Ul is designed with modern web technologies such as React or Angular, ensuring a responsive and secure experience.
[00126] This systematic approach to creating and storing a digital ID on a website, after completing KYC and biometric data processes and integrating blockchain technology, results in a robust and secure digital identity management system that leverages advanced encryption through biometric and blockchain technology.
[00127] Block 109 Add Verifiers and Credentials.
[00128] Profile access for adding verifiers and credentials: accessing the NFID Profile via Biometric Authentication - when a user wishes to access their NFID profile, they initiate the login process through a biometric scan (e.g., facial recognition) using their device. The biometric data is captured in real-time and transmitted securely to the NFID authentication server. The server processes this biometric data, comparing it with the stored biometric vector associated with the user’s profile. Advanced matching algorithms analyse both the geometric and dynamic features of the biometrics to ensure accurate and secure user identification. Upon successful biometric matching, which confirms the user's identity, the system grants access to the NFID profile.
[00129] Profile Interaction and Management - Profile Dashboard: once access is granted, the user is directed to their personal NFID dashboard. This web interface is tailored to display all relevant user information and credentials in a user-friendly layout. The dashboard is designed to be intuitive, allowing users to easily navigate through various sections such as personal information, bank account details, social media links, healthcare data, etc.
[00130] Adding and Managing Credentials: users can add new credentials directly through their dashboard. For instance, to add a bank account detail, users would select the ‘Add New Bank Account’ option, fill in the necessary fields (e.g., account number, SWIFT code), and submit the data for encryption and secure storage. Each section for adding credentials includes inline validation to ensure data integrity and correctness before submission.
[00131] Updating Existing Information: users can update or remove existing information with just a few clicks. Each piece of data listed in the dashboard includes 'edit' and 'delete' options, providing users with complete control over their information. Changes are processed in real-time, with all modifications encrypted and updated securely within the database.
[00132] Secure Session Management: Session Security - all interactions within the session are conducted over HTTPS, encrypting the data exchange to prevent interception or unauthorized access.
[00133] The profile-access phase where users interact with their NFID profile following successful biometric authentication, provides a secure and user-friendly environment for managing personal verifiers and credentials. The system design emphasizes ease of use, security, and full user control over personal data, aligning with best practices in data protection and user experience design.
[00134] Block 110 NFID profile to search and verify other NFID users.
[00135] Profile Cross Referencing - the NFID system involves leveraging it as a cross-referencing tool within the ID profile where NFID users can verify each other's credentials, such as bank accounts, SWIFT or IBAN codes or cryptocurrency wallet addresses. This capability enhances trust and security within the ecosystem, facilitating safe and verified transactions or interactions among users.
[00136] Credential Sharing and Request Setup - User Consent and Data Sharing Setup - Consent Mechanism: before any credential can be shared or verified, the NFID system ensures that user consent is obtained. Users can set permissions in their NFID profile to specify which data can be shared and under what conditions. Credential Sharing Interface: the NFID dashboard includes an interface where users can request to verify or share specific credentials with other users. This is managed through a secure form where users specify the credential type and the NFID of the user they wish to verify.
[00137] Data Request and Verification Process - Initiating Requests: when a user submits a request to verify a credential, the system can send a notification to the credential owner, asking them to approve or deny the verification request or it can be automated due to profile set up and pre-approved credentials. Encryption and Anonymity: all data shared during this process is encrypted. The system uses public key infrastructure (PKI), where the requesting user’s public key is used to encrypt the data, ensuring that only the consenting recipient can decrypt it using their private key.
[00138] Secure Credential Verification - Automated Verification Checks - Smart Contract Verification: for credentials that involve blockchain-based elements like crypto wallets, the NFID system can use smart contracts to automate the verification process. These contracts can validate that the wallet address exists and belongs to the user by cross-referencing logs, wallet registration and profile details. Database Checks: for bank accounts and similar credentials, the NFID system could integrate with financial APIs to perform real-time status checks, ensuring the account is active and matches the user’s details as per their NFID profile or verified during the sign-up process and profile setup.
[00139] Credential Confirmation and Feedback - Verification Feedback: once the verification is complete, both parties could receive a confirmation, or it can be automated. The requesting party can now view the verified credential marked as authenticated in their interface, ensuring accuracy and transparency.
[00140] User Interface and Interaction - Interactive Verification Dashboard - User Interface: the NFID system includes a dashboard feature that allows users to manage verification requests. This dashboard displays incoming and outgoing requests, statuses, and user controls for managing these requests. User Controls: Users have tools to revoke previously granted verifications or to update the terms of data sharing based on new consent or changing circumstances.
[00141] By implementing this comprehensive system, NFID serve as a powerful novel cross-referencing, verification tool that allows users to verify and prove each other’s credentials securely and effectively. This process not only enhances the security and trust within the NFID user community but also supports a wide range of applications, from financial transactions to secure communications, underpinned by robust privacy and security frameworks.
[00142] To summarise, the invention provides a comprehensive, decentralized, and self-sovereign digital identity system, encompassing a wide range of unique features that address key challenges in privacy, security, and adaptability. The facial recognition technology used involves capturing a person's face using a camera, pre-processing the image, extracting distinctive facial features, creating a vector representation of those features, and comparing it to a database of known faces for identification or verification . incorporation of NFID face mask and vector files, voice biometrics, integration with video chat and voice call applications, and usage within virtual environments enhances the novelty and patentability of the invention. The inventive steps outlined in this application demonstrate the potential for this system to transform the way digital identities are created, managed, and used, ultimately empowering individuals to take control of their personal data and digital footprint and offers a novel solution for managing and verifying identities in various applications, platforms, and settings.
[00143] The reader will now appreciate the present invention which provides A digital identity system and methods giving proof of ownership via a smart contract on a blockchain network representing a person’s physical, face print, or biometric markers obtained through scans of the face as well as other capture methods.
[00144] Further advantages and improvements may very well be made to the present invention without deviating from its scope. Although the invention has been shown and described in what is conceived to be the most practical and preferred embodiment, it is recognized that departures may be made therefrom within the scope of the invention, which is not to be limited to the details disclosed herein but is to be accorded the full scope of the claims so as to embrace any and all equivalent systems. Any discussion of the prior art throughout the specification should in no way be considered as an admission that such prior art is widely known or forms part of the common general knowledge in this field.
[00145] In the present specification and claims (if any), the word "comprising" and its derivatives including "comprises" and "comprise" include each of the stated integers but does not exclude the inclusion of one or more further integers.

Claims

1 . A method for creating a digital identity of a person based on biometric data of the persons, comprising the steps of: a) capturing biometric data of the person; b) creating a vector file to represent the biometric data; and c) uploading the vector file into a blockchain network in an original block as a non-fungible token (NFT) to produce an NFT asset.
2. The method of claim 1 wherein the biometric data is selected from the group of: face print captured using a camera; voice spectrogram captured using a microphone; iris characteristics captured using a camera; gait captured using a camera; and a combination of face print, voice spectrogram, iris characteristics and gait.
3. The method of claim 1 or claim 2 further comprising generating a privacypreserving vector mask representing the biometric data and uploading the vector mask to the NFT asset.
4. The method of any one of the preceding claims, further comprising creating an updated vector file to represent the present biometric data of the person and uploading the vector mask to the NFT asset.
5. The method of any one of the preceding claims, further comprising a Know Your Customer (KYC) verification process to ensure that the uploaded biometric data is associated with the person.
6. The method of any one of the preceding claims, further comprising adding supplementary biometric data to the NFT asset.
7. The method of claim 6, wherein the supplementary data is added to the blockchain network as a new block which is chained to the NFT asset.
8. The method of any one of the preceding claims, wherein the new block replaces the original block and uses the credentials of the original block.
9. The method of any one of the preceding claims, further comprising attaching additional information to the NFT assets, to provide further authentication capabilities for the digital identity and a universal passport.
10. The method of any one of the preceding claims, wherein the digital identity is accessible and stored via a crypto wallet.
11 . The method of any one of the preceding claims, further comprising uploading to the NFT asset NFC (Near Field Communication) chip credentials belonging to the person, and using an NFC system to access the NFT asset to determine the NFC chip credentials.
12. The method of any one of the preceding claims, further comprising of an optional two-factor authentication process for increased security when accessing and managing the digital identity, wherein the user may choose to provide additional verification, such as a one-time password (OTP), secondary or third biometric field (Voice, Fingerprint, Iris), or physical security key.
13. The method of any one of the preceding claims, wherein the privacy-preserving vector mask is generated using advanced security and or encryption techniques and/or zero-knowledge proof (ZKP) protocols, ensuring that the actual biometric data remains secure and confidential.
14. The method of any one of the preceding claims, further comprising detecting and reporting any unauthorized access or usage of the digital identity, including unauthorized copying, sharing, or selling of the biometric data or its associated Image and likeness.
15. The method of any one of the preceding claims, further comprising revoking access to the digital identity in the event of a security breach, lost or compromised private key, or upon the person’s request, wherein the blockchain network will update the status of the digital identity and prevent further unauthorized access or usage.
16. The method of any one of the preceding claims, further comprising an adaptive algorithm or Al that learns and updates the biometric data over time, accounting for changes in an individual's facial features and voice due to aging, surgery, or other factors, thereby maintaining the accuracy and relevance of the digital identity.
17. The method of any one of the preceding claims, wherein the digital identity is used as a decentralized attestation platform, allowing third-party entities to verify and authenticate the user's identity, credentials, or other attributes without having direct access to the sensitive biometric data.
18. The method of any one of the preceding claims, further comprising selectively granting access to specific portions of the digital identity, allowing the user to maintain control over the sharing and disclosure of personal information.
PCT/AU2024/050410 2023-04-28 2024-04-28 Digital identity system and methods WO2024221057A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
AU2023901254 2023-04-28
AU2023901254A AU2023901254A0 (en) 2023-04-28 Decentralized, Self-Sovereign Digital Identity and Universal Passport System Based on Biometrics and Blockchain Technology

Publications (1)

Publication Number Publication Date
WO2024221057A1 true WO2024221057A1 (en) 2024-10-31

Family

ID=93255108

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/AU2024/050410 WO2024221057A1 (en) 2023-04-28 2024-04-28 Digital identity system and methods

Country Status (1)

Country Link
WO (1) WO2024221057A1 (en)

Similar Documents

Publication Publication Date Title
US20220052852A1 (en) Secure biometric authentication using electronic identity
US12126715B2 (en) Methods and systems of providing verification of information using a centralized or distributed ledger
US12074973B2 (en) Digital notarization using a biometric identification service
JP2009543176A (en) Traceless biometric identification system and method
KR20190038938A (en) SYSTEM, METHOD, AND SERVER COMPUTER SYSTEM FOR IMPLEMENTING CONVERTING ONE entity in a heterogeneous communication network environment to a verifiably authenticated entity
Toli et al. A survey on multimodal biometrics and the protection of their templates
Mastorakis et al. Dlwiot: Deep learning-based watermarking for authorized iot onboarding
US11681787B1 (en) Ownership validation for cryptographic asset contracts using irreversibly transformed identity tokens
Ng Contemporary Identity and Access Management Architectures: Emerging Research and Opportunities: Emerging Research and Opportunities
Chand et al. Biometric Authentication using SaaS in Cloud Computing
WO2024221057A1 (en) Digital identity system and methods
Salem et al. Blockchain-based biometric identity management
US20200204377A1 (en) Digital notarization station that uses a biometric identification service
US20240380592A1 (en) Digital notarization using a biometric identification service
US20230254309A1 (en) Decentralized secure true digital id for communication
Pimple et al. Biometric Authentication in Cloud
Xu et al. Privacy-aware biometric blockchain based e-passport system for automatic border control
Salice et al. Adversarial Behavior—Attack and Defense
Kumar et al. Security of IoT Automated Devices Using Different Authentication Methods
Li Mobile Fingerprint Authentication System with Enhanced Security