Abstract: A method of authorizing a secure electronic payment from a payer to a payee. At a digital identity system, an electronic message is received, which comprises a payer credential and identifies a payee system, and a digital identity associated with the payer credential is accessed, the digital identity comprising: 1) at least one identity attribute or data for deriving at least one identity attribute, and 2) a payment token or data for obtaining a payment token, the payment token for effecting an electronic payment from the payer to a recipient of the payment token. At least one electronic message is transmitted from the digital identity system to the payee system to render the identity attribute and the payment token available to the payee system, for determining, based on the identity attribute rendered available to the payee device, whether to use the available payment token to effect the electronic payment.

Abstract: A method of a digital identity system generating a sharing token for authenticating a bearer to a validator, wherein a data store of the digital identity system holds a plurality of attributes of the bearer, the method comprising implementing by the digital identity system the following steps: receiving at the digital identity system from a bearer an electronic sharing token request, wherein the token request identifies at least one of the bearer's attributes in the data store selected for sharing with a validator; in response to the electronic token request, generating a sharing token, which is unique to that request, for presentation by the bearer to a validator; associating with the unique sharing token at the digital identity system the identified at least one bearer attribute; and issuing to the bearer the unique sharing token; and wherein later presentation of the unique sharing token to the digital identify system by a validator causes the at least one bearer attribute associated with the sharing token

Abstract: A method of authorizing a secure electronic payment from a payer to a payee. At a digital identity system, an electronic message is received, which comprises a payer credential and identifies a payee system. At the digital identity system, a digital identity associated with the payer credential is accessed, the digital identity comprising: 1) at least one identity attribute or data for deriving at least one identity attribute, and 2) a payment token or data for obtaining a payment token, the payment token for effecting an electronic payment from the payer to a recipient of the payment token. At least one electronic message is transmitted from the digital identity system to the payee system to render the identity attribute and the payment token available to the payee system, for determining, based on the identity attribute rendered available to the payee device, whether to use the available payment token to effect an electronic payment from the payer to the payee.

Abstract: A method of a digital identity system generating a sharing token for authenticating a bearer to a validator, wherein a data store of the digital identity system holds a plurality of attributes of the bearer, the method comprising implementing by the digital identity system the following steps: receiving at the digital identity system from a bearer an electronic sharing token request, wherein the token request identifies at least one of the bearer's attributes in the data store selected for sharing with a validator; in response to the electronic token request, generating a sharing token, which is unique to that request, for presentation by the bearer to a validator; associating with the unique sharing token at the digital identity system the identified at least one bearer attribute; and issuing to the bearer the unique sharing token; and wherein later presentation of the unique sharing token to the digital identify system by a validator causes the at least one bearer attribute associated with the sharing token