| CPC G06F 21/32 (2013.01) [G06V 10/40 (2022.01); H04L 9/0825 (2013.01); H04L 9/3213 (2013.01); H04L 9/3247 (2013.01); H04L 63/0823 (2013.01); G06F 2221/2133 (2013.01)] | 29 Claims |
|
1. An apparatus, to verify an age of a user, comprising:
a processing system having a hardware processor configured to perform a predefined set of basic operations by loading corresponding ones of a predefined native instruction set of codes, the predefined native instruction set of codes constituting a set of instructions selectable for execution by the hardware processor;
a memory accessible to the processing system;
a communication controller, under control of the processing system;
engagement logic, stored in the memory, comprising a first respective sequence of instructions selected from the predefined native instruction set of codes of the hardware processor and adapted to establish a secure connection with a user mobile-identification-credential device (UMD), having a mobile identification credential (MIC) associated with official information including a date of birth of the user, via the communication controller;
information request logic, stored in the memory, comprising a second respective sequence of instructions selected from the predefined native instruction set of codes of the hardware processor and adapted to send the UMD a MIC user information request message, seeking the official information associated with the MIC, over the secure connection;
verification logic, stored in the memory, comprising a third respective sequence of instructions selected from the predefined native instruction set of codes of the hardware processor and adapted to send an authorizing party system (APS) a token received from the UMD;
APS verification logic, stored in the memory, comprising a fourth respective sequence of instructions selected from the predefined native instruction set of codes of the hardware processor and adapted to receive the official information and to cryptographically verify the official information; and
the memory further storing instructions, selected from the predefined native instruction set of codes, defining logic adapted to:
send, by the online host serving as a relying party system (RPS), a MIC user information request message, with a scope custom tailored for use in requesting verification of an age of the user while maximizing privacy of the user, requesting the user to furnish their identity to verify the age;
receive, from the UMD, a user consent response token indicating selective approval of the user's consent to release a date of birth of the user corresponding to the age;
transmit the user consent response token to the APS; and
receive, from the APS, the MIC user information for the date of birth, corresponding to the user consent response token consenting to release only the date of birth from the APS to the RPS.
|