Patent Issued for Digital credentials for location aware check in (USPTO 11683177): Workday Inc.

2023 JUL 10 (NewsRx) -- By a News Reporter-Staff News Editor at Insurance Daily News -- From Alexandria, Virginia, NewsRx journalists report that a patent by the inventors Hamel, Bjorn (Dublin, CA, US), Mangino, Scott (Oakland, CA, US), Ruggiero, Jonathan David (Danville, CA, US), filed on March 26, 2019, was published online on June 20, 2023.

The patent’s assignee for patent number 11683177 is Workday Inc. (Pleasanton, California, United States).

News editors obtained the following quote from the background information supplied by the inventors: “A database system distributes cryptographic digital credentials to a user to allow the user to prove qualifications (e.g., a degree, employment experience, health insurance coverage, etc.). Credentials can be assigned to a user by a trusted third party client of the database system (e.g., a university, an insurer, a government system, etc.). Digital credentials can be used to authenticate visitor access, however, using credentials for authentication requires a system designed to use the credentials securely.”

As a supplement to the background information on this patent, NewsRx correspondents also obtained the inventors’ summary information for this patent: “The invention can be implemented in numerous ways, including as a process; an apparatus; a system; a composition of matter; a computer program product embodied on a computer readable storage medium; and/or a processor, such as a processor configured to execute instructions stored on and/or provided by a memory coupled to the processor. In this specification, these implementations, or any other form that the invention may take, may be referred to as techniques. In general, the order of the steps of disclosed processes may be altered within the scope of the invention. Unless stated otherwise, a component such as a processor or a memory described as being configured to perform a task may be implemented as a general component that is temporarily configured to perform the task at a given time or a specific component that is manufactured to perform the task. As used herein, the term ‘processor’ refers to one or more devices, circuits, and/or processing cores configured to process data, such as computer program instructions.

“A detailed description of one or more embodiments of the invention is provided below along with accompanying figures that illustrate the principles of the invention. The invention is described in connection with such embodiments, but the invention is not limited to any embodiment. The scope of the invention is limited only by the claims and the invention encompasses numerous alternatives, modifications and equivalents. Numerous specific details are set forth in the following description in order to provide a thorough understanding of the invention. These details are provided for the purpose of example and the invention may be practiced according to the claims without some or all of these specific details. For the purpose of clarity, technical material that is known in the technical fields related to the invention has not been described in detail so that the invention is not unnecessarily obscured.

“The system for digital credentialing is designed to empower individual users to own their verifiable professional identity and to be able to enable this identity to be useable in scenarios where a verified identity allows access by providing proof of identity. An application might use the system to prove the identity or verify a user’s access ability to something. The application queries the system regarding a proof of identity and the user provides the proof using a credential to the system that is ultimately passed to the application to prove identity of the user. The system allows an application developer to pick attributes that an application challenges for and the sources that will satisfy any given challenge. The proof of identity is embodied in a digital credential that is able to be secured using a combination of cryptography and a distributed ledger (e.g., a decentralized ledger, a permissioned ledger, a public ledger, etc.) to assure legitimacy of the proof of identity.

“A system for digital credentialing receives the digital credential from a credential issuing system. The system for digital credentialing stores user information for the user. The system for digital credentialing further determines a set of credentials available to the user based on the user information as well as stores a record of previously issued credentials. The credentials comprise categories satisfied by the user information at differing levels of specificity (e.g., greater than an amount, in a range of amounts, less than an amount, etc.). For example, in the case where the user comprises an employee earning $95,000 per year, the system for digital credentialing could determine credentials available to the user indicating that the user earns more than $60,000 per year, that the user earns more than $80,000 per year, that the user earns in the range of $90,000-$100,000 per year, etc. When the user interacts with the system for digital credentialing using a credential requesting app or application, the system determines the set of credentials available to the user and provides the list of credentials to the credential requesting app or application. The user can then provide (e.g., from a storage on a user device) one or more available credentials to the credential requesting app or application.

“In various embodiments, a credential comprises data that is validated or verified to be authentic-for example, data verifying academic diplomas, academic degrees, certifications, security clearances, identification documents, badges, passwords, user names, keys, powers of attorney, human resource data, personal information, or any other relevant information,”

The claims supplied by the inventors are:

“1. A system for credential authentication, comprising: an interface configured to: receive a create indication to create a location aware credential, wherein the location aware credential specifies visit location data; and a processor configured to: create the location aware credential, wherein the location aware credential enables an authentication device to monitor its location and automatically initiate a check in; register the location aware credential in a distributed ledger; provide the location aware credential to the authentication device; receive a check in indication to check in from the authentication device, wherein the authentication device: determines whether a detected location of the authentication device at a current time is within a geographic boundary of a visit location requiring authorization, the geographic boundary being specified in the visit location data; in response to a determination that the detected location is within the geographic boundary, determines whether the location aware credential is expired at the current time; and in response to a determination that the location aware credential is not expired, provides a check in prompt to a user, wherein the check in indication is provided in response to the user accepting the prompt to check in; provide a proof request to the authentication device in response to receiving the check in indication; receive a proof response from the authentication device, wherein the proof response comprises the location aware credential; validate the proof response, comprising to check the location aware credential in the proof response received from the authentication device against the location aware credential registered in the distributed ledger; and in response to determining that the proof response is valid, provide a success indication of successful check in.

“2. The system of claim 1, wherein the interface is further configured to receive a claim indication from the authentication device to claim the location aware credential.

“3. The system of claim 2, wherein the authentication device is configured to activate a location detection system upon claiming a location aware credential, wherein the detected location is measured by the location detection system of the authentication device and is monitored by the authentication device to determine when to provide the check in indication to check in.

“4. The system of claim 1, wherein the visit location data comprises a latitude and a longitude.

“5. The system of claim 1, wherein the location aware credential comprises a set of visit locations.

“6. The system of claim 1, wherein the detected location is detected using a global positioning system.

“7. The system of claim 1, wherein the geographic boundary comprises a distance from a location of the visit location data specified by the location aware credential.

“8. The system of claim 1, wherein the geographic boundary comprises a user-defined geofence.

“9. The system of claim 1, wherein the authentication device prompts the user to check in automatically in response to determining that the detected location is within the geographic boundary that is specified in the visit location data of the location aware credential that is being held by the authentication device.

“10. The system of claim 1, wherein the user prompt additionally comprises a host location to meet a host or a badge location to receive guest identification.

“11. The system of claim 1, wherein the success indication of successful check in is provided to a visitor tracking system or a visitor host.

“12. The system of claim 1, wherein the processor is additionally configured to provide a location specific message to the authentication device.

“13. The system of claim 12, wherein the location specific message comprises emergency information, local point of contact information, or local destination information.

“14. The system of claim 12, wherein the processor provides the location specific message in response to a determination that a location rule is satisfied.

“15. The system of claim 14, wherein the location rule comprises a home location rule, a recent locations rule, or an unusual location rule.

“16. The system of claim 1, wherein validating the proof response using the distributed ledger comprises determining that a credential associated with the proof response satisfies the proof request, determining that a proof response signature is valid, determining that a credential associated with the proof response is not expired, or determining that a credential associated with the proof response is not revoked by looking in the distributed ledger.

“17. A method for credential authentication, comprising: receiving an indication to create a location aware credential, wherein the location aware credential specifies visitor location data; creating the location aware credential, wherein the location aware credential enables an authentication device to monitor its location and automatically initiate a check in; registering the location aware credential in a distributed ledger; providing the location aware credential to the authentication device; receiving a check in indication to check in from the authentication device, wherein the authentication device: determines whether a detected location of the authentication device at a current time is within a geographic boundary of a visit location requiring authorization, the geographic boundary being specified in the visit location data; in response to a determination that the detected location is within the geographic boundary, determines whether the location aware credential is expired at the current time; and in response to a determination that the location aware credential is not expired, provides a check in prompt to a user, wherein the check in indication is provided in response to the user accepting the prompt to check in; providing a proof request to the authentication device in response to receiving the check in indication; receiving a proof response from the authentication device, wherein the proof response comprises the location aware credential; validating the proof response, comprising checking the location aware credential in the proof response received from the authentication device against the location aware credential registered in the distributed ledger; and in response to determining that the proof response is valid, providing a success indication of successful check in.

“18. A computer program product for credential authentication, the computer program product being embodied in a non-transitory computer readable storage medium and comprising computer instructions for: receiving an indication to create a location aware credential, wherein the location aware credential specifies visitor location data; creating the location aware credential, wherein the location aware credential enables an authentication device to monitor its location and automatically initiate check in; registering the location aware credential in a distributed ledger; providing the location aware credential to the authentication device; receiving a check in indication to check in from the authentication device, wherein the authentication device: determines whether a detected location of the authentication device at a current time is within a geographic boundary of a visit location requiring authorization, the geographic boundary being specified in the visit location data; in response to a determination that the detected location is within the geographic boundary, determines whether the location aware credential is expired at the current time; and in response to a determination that the location aware credential is not expired, provides a check in prompt to a user, wherein the check in indication is provided in response to the user accepting the prompt to check in; providing a proof request to the authentication device in response to receiving the check in indication; receiving a proof response from the authentication device, wherein the proof response comprises the location aware credential; validating the proof response, comprising checking the location aware credential in the proof response received from the authentication device against the location aware credential registered in the distributed ledger; and in response to determining that the proof response is valid, providing a success indication of successful check in.”

For additional information on this patent, see: Hamel, Bjorn. Digital credentials for location aware check in. U.S. Patent Number 11683177, filed March 26, 2019, and published online on June 20, 2023. Patent URL (for desktop use only): https://ppubs.uspto.gov/pubwebapp/external.html?q=(11683177)&db=USPAT&type=ids

(Our reports deliver fact-based news of research and discoveries from around the world.)