US 12,217,245 B2
Systems and methods for distributed ledger-based institutional identity management
Christine Moy, New York, NY (US); Tyrone Lobban, London (GB); George Kassis, London (GB); Vishakh Vishakh, New York, NY (US); Bhaskar Kishore, Greater Noida (IN); and Navkiran Arneja, Westbury, NY (US)
Assigned to JPMORGAN CHASE BANK, N.A., New York, NY (US)
Filed by JPMORGAN CHASE BANK, N.A., New York, NY (US)
Filed on Feb. 12, 2021, as Appl. No. 17/174,650.
Claims priority of provisional application 63/126,335, filed on Dec. 16, 2020.
Claims priority of provisional application 62/976,262, filed on Feb. 13, 2020.
Prior Publication US 2021/0256508 A1, Aug. 19, 2021
Int. Cl. G06Q 20/36 (2012.01); G06Q 20/38 (2012.01)
CPC G06Q 20/3674 (2013.01) [G06Q 20/363 (2013.01); G06Q 20/38215 (2013.01); G06Q 20/3825 (2013.01)] 15 Claims
OG exemplary drawing
 
1. A computer-based method for providing attestations for an identity consumer from an identity provider to a relying party, comprising:
providing, by the identity consumer to an identity provider server for the identity provider, identity consumer information;
validating, by the identity provider server, the identity consumer information;
receiving, by the identity provider server, a root attestation from a system operator that authorizes the identity provider server to issue identity provider attestations;
generating, by the identity provider server, an identity provider attestation comprising an attestation about the identity consumer information;
generating, by the identity provider server, a nested attestation comprising the identity provider attestation and the root attestation, wherein the nested attestation establishes a chain of trust by building the identity provider attestation on the root attestation in a single attestation;
receiving, by an identity consumer computer program executed by an electronic device for the identity consumer and from the identity provider server, a notification that the nested attestation is available;
requesting, by the identity consumer computer program, the nested attestation from the identity provider server;
downloading, by the identity consumer computer program, the nested attestation to an identity consumer electronic wallet for the identity consumer;
committing, by the identity provider server, the nested attestation to a distributed ledger, wherein the distributed ledger maintains a current status for the root attestation and the identity provider attestation;
receiving, by the identity consumer computer program and from a relying party computer application for the relying party, a request for the nested attestation;
generating, by the identity consumer computer program, a machine-readable code for the nested attestation that is stored in the identity consumer electronic wallet;
communicating, by the identity consumer computer program and to the relying party computer application, the machine-readable code for the nested attestation;
extracting, by the relying party computer application, the nested attestation from the machine-readable code;
identifying, by the relying party computer application, the root attestation and the identity provider attestation from the nested attestation;
verifying, by the relying party computer application and on the distributed ledger, that the root attestation and the identity provider attestation are valid and active; and
executing, by the relying party computer application, an action based on reliance on the verification.