Privacy-preserving identity attribute verification using policy tokens

Assignee

• Visa International Service Association · US

Inventors

• Kim R. Wagner · Sunnyvale, US
• Sunpreet Singh Arora · San Mateo, US
• Gaven James Watson · Palo Alto, US
• Mihai Christodorescu · San Jose, US
• Shashank Agrawal · Sunnyvale, US

Key dates

Classification

• Technology area (CPC H)Electricity
• CPC primaryH04W12/069
• WIPO fieldDigital communication
• WIPO sectorElectrical engineering

Abstract

Methods and systems for privacy-preserving identity attribute verification are presented. During an interaction between a relying entity and a user, a relying entity computer can transmit a policy token to a user device. The policy token may indicate the information needed by the relying entity in order to perform the interaction. The user device can verify the policy token, then use the policy token in conjunction with an identity token to generate a zero-knowledge proof. The user device may transmit the zero-knowledge proof to an identity service provider computer. The identity service provider computer may verify the zero-knowledge proof, then generate a verification message. The identity service provider computer may sign the verification message and transmit the signed verification message to the relying entity computer. The relying entity computer may verify the verification message and complete the interaction with the user.