A new Apple Patent Reveals yet another Dimension to their Gigantic Security ID Credentials System In-the-Works
Late last month Patently Apple posted a detailed report titled "Apple Patent Reveals a Developing Security ID System tied to a National Database to assist Brick and Mortar Merchants & more." Our report also pointed out that back in July five patent applications from Apple were published by the US Patent & Trademark Office with the common title "Providing Verified Claims for User Identity (01, 02, 03, 04 and 05). While all five patents shared the same patent figures, they provided distinctly different aspects of this gigantic project in their abstracts.
Today the US Patent & Trademark Office published yet another part of Apple's gigantic security ID system in-the-making.
Apple states that physical identity credentials, such as driver's licenses, passports, etc., may be migrating to digital form, such as digital identity credentials stored on electronic devices. As the credentials themselves change, so too will the manner in which a user provides his identity credential to a third party, such as a government official, a commercial entity, and the like. For example, the user may wirelessly transmit their digital identity credential from their device to a wireless terminal device of a third party.
In Apple's future digital identity credential system, a user's driver's license, passport, or other identifying credential will be digitally stored on their electronic devices, such as an iPhone.
For example, a governmental authority, or other issuing body, may provision a user's digital identity credential onto the user's device. The subject technology pertains to embodiments where a user may provide all or part of their digital identity credential (and/or the identifying information contained therein), such as their mobile driver's license, to wireless terminal devices of third parties, such as a wireless terminal device of a government official, a store employee, and the like, and/or for display, such as to a governmental authority.
The subject system provides controlled methods of releasing, or providing, the user's digital identity credential, such as to government authorities (e.g., transportation security administration (TSA), first responders, security checkpoint personnel, etc.), and/or commercial entities (e.g., to provide identification matching a credit card, proof of age, etc.).
In one example, the user's identity credential is displayed on the user's device while the user's device remains in the locked state. In this manner, the user can provide their device to a third party (e.g., a TSA personnel and/or security checkpoint personnel), without comprising the security/privacy of the user's data stored on the device.
For example, the user may select, or initiate display of, the identity credential while the device in an unlocked state, and the selection may automatically cause the device to enter a locked state while displaying the identity credential.
In another example, the device of a first responder, such as police officer, firefighter, etc. may have its own digital credential that authorizes the first responder to automatically receive the user's identity credential when in proximity to the user's device.
In this instance, the device of the first responder may transmit its own identity credential to the user's device, and the user's device, upon verifying that the first responder is authorized to receive the identity credential, may automatically transmit the user's identity credential to the device of the first responder, e.g., if the user pre-configured their device to provide the user's identity credential and/or other information to a first responder.
In one example, the first responder's device can send out a beacon signal that includes the first responder's credential (such as after an earthquake and/or other emergency situation) and any proximate user devices may automatically respond with the corresponding users' identity credentials (and/or location). In this way the user's device may transmit the user's identity credential without the user authenticating, even when the identity credential is secured by a secure element or secure enclave processor of the user's device.
Apple's patent FIG. 1 below illustrates an example network environment for controlled identity credential release; FIG. 2 illustrates an example electronic device in a controlled identity credential release system illustrating a secure hardware element akin to Apple's secure enclave.
Apple's patent FIG. 9 above illustrates a flow diagram of an example process of a controlled release of an identity credential to an application; FIG. 11 illustrates an example lock screen user interface that may be implemented by an electronic device in a controlled identity credential release system.
One last point of interest is that Apple's patent points to an iPhone having a "plurality of biometric identifiers. The patent lists Touch ID, Face ID and Retina scan.
Apple's patent application number 20200320188 that was published today by the U.S. Patent Office was filed back April of this year. To dive deeper into specific details, check out the full application here. Considering that this is a patent application, the timing of such a product to market is unknown at this time.