Patent Application Titled “Cryptographically Transmitting And Storing Identity Tokens And/Or Activity Data Among Spatially Distributed Computing Devices” Published Online (USPTO 20190158487)

2019 JUN 11 (NewsRx) -- By a News Reporter-Staff News Editor at Insurance Daily News -- According to news reporting originating from Washington, D.C., by NewsRx journalists, a patent application by the inventors Hayes, Howard (Glencoe, IL); Park, Jason D. (Chicago, IL); Parkinson, John S. (Burlington, VT), filed on November 20, 2017, was made available online on May 23, 2019.

The assignee for this patent application is Allstate Insurance Company (Northbrook, Illinois, United States).

Reporters obtained the following quote from the background information supplied by the inventors: “Trusted third party devices are often used to authenticate a computing device or a user of the computing device. For example, the trusted third party device may be used to vouch for the identity of the user if the user provides the third party device with appropriate information (e.g., username/pas sword, PIN code, government ID, etc.). Once the trusted third party device authenticates the computing device or user thereof, the user may be granted permission to perform one or more activities, such as interacting with other computing devices or users thereof. However, various technological problems may exist with using trusted third party devices to authenticate users. For example, the trusted third party device may fail or go offline, and the computing device might not be able to perform the requested activities until the third party device is back online. Third party devices also might not be able to properly secure the user’s identity. For example, if a bad actor is able to obtain the user’s username/password, PIN code, etc., the bad actor may be able to imitate the user and perform activities as the user.”

In addition to obtaining background information on this patent application, NewsRx editors also obtained the inventors’ summary information for this patent application: “The following presents a simplified summary in order to provide a basic understanding of some aspects of the disclosure. The summary is not an extensive overview of the disclosure. It is neither intended to identify key or critical elements of the disclosure nor to delineate the scope of the disclosure. The following summary merely presents some concepts of the disclosure in a simplified form as a prelude to the description below.

“Aspects of the disclosure relate to a system and method comprising receiving, by a computing device, first identity data associated with a user. The computing device may generate, based on the first identity data associated with the user, a first identity token for the user. The computing device may transmit, to a plurality of other computing devices, the first identity token for the user. Based on a verification of the first identity token for the user by one or more of the plurality of other computing devices, the first identity token for the user may be stored in an identity chain. The first identity token for the user may indicate a prior identity token stored in the identity chain. The computing device may receive a request to perform an activity. In response to receiving the request to perform the activity, the computing device may request second identity data associated with the user. The computing device may receive the second identity data associated with the user. The computing device may generate, based on the second identity data associated with the user, a second identity token for the user. Based on a comparison of the second identity token to the first identity token, the user may be authenticated, and an activity token for the activity may be generated. The activity token for the activity may be stored in an activity chain, and the activity token may indicate a prior activity token stored in an activity chain.

“In some aspects, generating the first identity token for the user may comprise hashing the first identity data associated with the user to generate a character string. In some aspects, the computing device may encrypt the first identity token for the user, and transmitting the first identity token for the user may comprise transmitting the encrypted first identity token for the user. Verification of the first identity token for the user by one or more of the plurality of other computing devices may be based on a consensus algorithm. The first identity data associated with the user may comprise two or more of device activity data associated with the user, location data associated with the user, or biometric data of the user.

“In some aspects, the computing device may receive third identity data associated with the user. The computing device may generate, based on the third identity data associated with the user, a third identity token for the user. The computing device may transmit, to one or more of the plurality of other computing devices, the third identity token for the user. Based on a failure to verify the third identity token for the user by one or more of the plurality of other computing devices, the third identity token for the user may be discarded.

“In some aspects, the computing device may transmit, to one or more of the plurality of other computing devices, the activity token for the activity, and storing the activity token for the activity in the activity chain may be based on a verification of the activity token by one or more of the plurality of other computing devices. The computing device and the plurality of other computing devices may form a network of trusted computing devices in some examples.

“Other features and advantages of the disclosure will be apparent from the additional description provided herein.”

The claims supplied by the inventors are:

“1. A method comprising: receiving, by a computing device, first identity data associated with a user; generating, by the computing device and based on the first identity data associated with the user, a first identity token for the user; transmitting, by the computing device and to a plurality of other computing devices, the first identity token for the user; based on a verification of the first identity token for the user by one or more of the plurality of other computing devices, storing the first identity token for the user in an identity chain, wherein the first identity token for the user indicates a prior identity token stored in the identity chain; receiving, by the computing device, a request to perform an activity; in response to receiving the request to perform the activity, requesting, by the computing device, second identity data associated with the user; receiving, by the computing device, the second identity data associated with the user; generating, by the computing device and based on the second identity data associated with the user, a second identity token for the user; based on a comparison of the second identity token to the first identity token, authenticating the user and generating an activity token for the activity; and storing the activity token for the activity in an activity chain, wherein the activity token indicates a prior activity token stored in an activity chain.

“2. The method of claim 1, wherein the generating the first identity token for the user comprises hashing the first identity data associated with the user to generate a character string.

“3. The method of claim 1, further comprising: encrypting, by the computing device, the first identity token for the user, wherein the transmitting the first identity token for the user comprises transmitting the encrypted first identity token for the user.

“4. The method of claim 1, wherein the verification of the first identity token for the user by one or more of the plurality of other computing devices is based on a consensus algorithm.

“5. The method of claim 1, wherein the first identity data associated with the user comprises two or more of device activity data associated with the user, location data associated with the user, or biometric data of the user.

“6. The method of claim 1, further comprising: receiving, by the computing device, third identity data associated with the user; generating, by the computing device and based on the third identity data associated with the user, a third identity token for the user; transmitting, by the computing device and to one or more of the plurality of other computing devices, the third identity token for the user; and based on a failure to verify the third identity token for the user by one or more of the plurality of other computing devices, discarding the third identity token for the user.

“7. The method of claim 1, further comprising: transmitting, by the computing device and to one or more of the plurality of other computing devices, the activity token for the activity, wherein the storing the activity token for the activity in the activity chain is based on a verification of the activity token by one or more of the plurality of other computing devices.

“8. The method of claim 1, wherein the computing device and the plurality of other computing devices form a network of trusted computing devices.

“9. A computing device comprising: a processor; and memory storing computer-executable instructions that, when executed by the processor, cause the computing device to: receive first identity data associated with a user; generate, based on the first identity data associated with the user, a first identity token for the user; transmit, to a plurality of other computing devices, the first identity token for the user; based on a verification of the first identity token for the user by one or more of the plurality of other computing devices, store the first identity token for the user in an identity chain, wherein the first identity token for the user indicates a prior identity token stored in the identity chain; receive a request to perform an activity; in response to receiving the request to perform the activity, request second identity data associated with the user; receive the second identity data associated with the user; generate, based on the second identity data associated with the user, a second identity token for the user; based on a comparison of the second identity token to the first identity token, authenticate the user and generate an activity token for the activity; and store the activity token for the activity in an activity chain, wherein the activity token indicates a prior activity token stored in an activity chain.

“10. The computing device of claim 9, wherein the generating the first identity token for the user comprises hashing the first identity data associated with the user to generate a character string.

“11. The computing device of claim 9, wherein the memory stores computer-executable instructions that, when executed by the processor, causes the computing device to: encrypt the first identity token for the user, wherein the transmitting the first identity token for the user comprises transmitting the encrypted first identity token for the user.

“12. The computing device of claim 9, wherein the verification of the first identity token for the user by one or more of the plurality of other computing devices is based on a consensus algorithm.

“13. The computing device of claim 9, wherein the first identity data associated with the user comprises two or more of device activity data associated with the user, location data associated with the user, or biometric data of the user.

“14. The computing device of claim 9, wherein the memory stores computer-executable instructions that, when executed by the processor, causes the computing device to: receive third identity data associated with the user; generate, based on the third identity data associated with the user, a third identity token for the user; transmit, to one or more of the plurality of other computing devices, the third identity token for the user; and based on a failure to verify the third identity token for the user by one or more of the plurality of other computing devices, discard the third identity token for the user.

“15. The computing device of claim 9, wherein the memory stores computer-executable instructions that, when executed by the processor, causes the computing device to: transmit, to one or more of the plurality of other computing devices, the activity token for the activity, wherein the storing the activity token for the activity in the activity chain is based on a verification of the activity token by one or more of the plurality of other computing devices.

“16. The computing device of claim 9, wherein the computing device and the plurality of other computing devices form a network of trusted computing devices.

“17. A non-transitory computer readable medium storing instructions that, when read by a computing device, cause the computing device to: receive first identity data associated with a user; generate, based on the first identity data associated with the user, a first identity token for the user; transmit, to a plurality of other computing devices, the first identity token for the user; based on a verification of the first identity token for the user by one or more of the plurality of other computing devices, store the first identity token for the user in an identity chain, wherein the first identity token for the user indicates a prior identity token stored in the identity chain; receive a request to perform an activity; in response to receiving the request to perform the activity, request second identity data associated with the user; receive the second identity data associated with the user; generate, based on the second identity data associated with the user, a second identity token for the user; based on a comparison of the second identity token to the first identity token, authenticate the user and generate an activity token for the activity; and store the activity token for the activity in an activity chain, wherein the activity token indicates a prior activity token stored in an activity chain.

“18. The non-transitory computer readable medium of claim 17, wherein the generating the first identity token for the user comprises hashing the first identity data associated with the user to generate a character string.

“19. The non-transitory computer readable medium of claim 17, storing instructions that, when read by the computing device, cause the computing device to: encrypt the first identity token for the user, wherein the transmitting the first identity token for the user comprises transmitting the encrypted first identity token for the user.

“20. The non-transitory computer readable medium of claim 17, wherein the verification of the first identity token for the user by one or more of the plurality of other computing devices is based on a consensus algorithm.”

For more information, see this patent application: Hayes, Howard; Park, Jason D.; Parkinson, John S. Cryptographically Transmitting And Storing Identity Tokens And/Or Activity Data Among Spatially Distributed Computing Devices. Filed November 20, 2017 and posted May 23, 2019. Patent URL: http://appft.uspto.gov/netacgi/nph-Parser?Sect1=PTO1&Sect2=HITOFF&d=PG01&p=1&u=%2Fnetahtml%2FPTO%2Fsrchnum.html&r=1&f=G&l=50&s1=%2220190158487%22.PGNR.&OS=DN/20190158487&RS=DN/20190158487

(Our reports deliver fact-based news of research and discoveries from around the world.)