Abstract: A method for recovering data. Identity factors are collected at a device, wherein hashes of the identity factors are configured to be stored at a server. A dynamic password is generated at the device based on the identity factors and a Salt generated by the server and configured to be delivered to the device. A selfie is captured of a user. The device generates a symmetric key used to encrypt the selfie. The symmetric key is encrypted using the dynamic password. The encrypted symmetric key and the encrypted selfie are stored on the server. One or more data items are stored on the server. The dynamic password is recoverable by presenting the plurality of identity factors that are hashed to the server. The symmetric key is recoverable using the recovered dynamic password. The data items are recoverable by presenting the symmetric key and a second selfie of the user.

Abstract: Method of certification including receiving user data at a device of a certifying entity. The method includes generating a salt that is unique. The method includes hashing the data combined with the salt to create a generated hashed data. The method includes generating a certification record based on signing the generated hashed data using a private key of the certifying entity to create a signed certification of the data. The method includes hashing the certification record. The method includes transmitting the hashed certification record to a blockchain for storing. The method includes receiving a certification tx-ID of the hashed certification record. The method includes generating a certification data block including the certification record and the certification tx-ID. The method includes storing the certification data block to a side chain.

Abstract: A method for recovering data. The method including collecting identity factors at a user device, wherein hashes of the identity factors are configured to be stored at a server. The method including generating at the user device a dynamic password based on the identity factors and a Salt configured to be generated by the server and configured to be delivered to the user device. The method including generating at the user device a data key and encrypting the data key using the dynamic password to generate an encrypted data key configured to be stored at the server. The method including encrypting at the user device data items using the data key to generate encrypted data items configured to be stored at the server. As such, the data items are recoverable by presenting the identity factors to the server.

Abstract: A method for login, including making a login request to an entity through a federation server that generates a session identifier. A QR code is sent to the federation server to receive the session identifier. A secure envelope including user personal information is sent to the federation server to verify user registration with the federation server. A login token generated by the federation server is received and is associated with a smart contract generated by the federation server and stored on a blockchain. The login token is signed using user private key and sent to the blockchain for inclusion in the smart contract. A transaction identifier is received from the blockchain, and is sent to the federation server that generates a session record based on the login token. The federation server sends user verification to the entity to authorize a communication session between the user device and the entity.

Abstract: An apparatus for validating an identity of an individual based on biometrics includes a memory and a processor operatively coupled to a distributed database and the memory. The processor is configured to provide biometric data as an input to a predefined hash function to obtain a first biometric hash value. The processor is configured to obtain, using a first pointer to the distributed database, a signed second biometric hash value. The processor is configured to define a certification of the biometric data in response to verifying that a signature of the signed second biometric hash value is associated with the compute device and verifying that the first biometric hash value corresponds with the second biometric hash value. The processor is configured to digitally sign the certification using a private key associated with the processor to produce a signed biometric certification and store the signed biometric certification in the distributed database.

Abstract: Method of authentication including sending a login web page to a first device of a user including a scannable code having an envelope ID and a login challenge. The envelope ID generated by an identity manager is associated with a first envelope of data including a session ID. A confirmation login request is received from a second device associated with the user, and includes a second envelope of data comprising the session ID, a user ID, and a seal of the user ID registering the user ID with the identity manager. The confirmation login request to the login challenge is verified using the session ID, and the user is verified using the user ID and seal. User login is authorized upon successful verification of the login challenge and user, and a communication session having the session ID is established between the web server and the first device.

Abstract: A method of confirming receipt, including iteratively capturing by a receiving device visual codes in a series of visual codes displayed on a sending device. A corresponding captured visual code being from a display block that resulted from a partition of an original data file into display blocks, and wherein each display block is converted to a corresponding string and header including an ordered identifying display block number and a total count of the display blocks. Each corresponding string is converted to a corresponding visual code. Each of the captured visual codes is converted into a corresponding string and a header is read for the corresponding string. Captured display blocks are determined. A confirmation message is generated including information indicating which display blocks have been received. The confirmation message is sent over a wireless communication link to the sending device to reduce the number of visual codes being displayed.

Abstract: An apparatus for validating an identity of an individual based on biometrics includes a memory and a processor operatively coupled to a distributed database and the memory. The processor is configured to provide biometric data as an input to a predefined hash function to obtain a first biometric hash value. The processor is configured to obtain, using a first pointer to the distributed database, a signed second biometric hash value. The processor is configured to define a certification of the biometric data in response to verifying that a signature of the signed second biometric hash value is associated with the compute device and verifying that the first biometric hash value corresponds with the second biometric hash value. The processor is configured to digitally sign the certification using a private key associated with the processor to produce a signed biometric certification and store the signed biometric certification in the distributed database.

Abstract: Method of certification including receiving user data at a device of a certifying entity. The method includes generating a salt that is unique. The method includes hashing the data combined with the salt to create a generated hashed data. The method includes generating a certification record based on signing the generated hashed data using a private key of the certifying entity to create a signed certification of the data. The method includes hashing the certification record. The method includes transmitting the hashed certification record to a blockchain for storing. The method includes receiving a certification tx-ID of the hashed certification record. The method includes generating a certification data block including the certification record and the certification tx-ID. The method includes storing the certification data block to a side chain.

Abstract: An apparatus for validating an identity of an individual based on biometrics includes a memory and a processor operatively coupled to a distributed database and the memory. The processor is configured to provide biometric data as an input to a predefined hash function to obtain a first biometric hash value. The processor is configured to obtain, using a first pointer to the distributed database, a signed second biometric hash value. The processor is configured to define a certification of the biometric data in response to verifying that a signature of the signed second biometric hash value is associated with the compute device and verifying that the first biometric hash value corresponds with the second biometric hash value. The processor is configured to digitally sign the certification using a private key associated with the processor to produce a signed biometric certification and store the signed biometric certification in the distributed database.

Abstract: An apparatus for validating an identity of an individual based on biometrics includes a memory and a processor operatively coupled to a distributed database and the memory. The processor is configured to provide biometric data as an input to a predefined hash function to obtain a first biometric hash value. The processor is configured to obtain, using a first pointer to the distributed database, a signed second biometric hash value. The processor is configured to define a certification of the biometric data in response to verifying that a signature of the signed second biometric hash value is associated with the compute device and verifying that the first biometric hash value corresponds with the second biometric hash value. The processor is configured to digitally sign the certification using a private key associated with the processor to produce a signed biometric certification and store the signed biometric certification in the distributed database.

Abstract: Software on an image-capturing device iteratively captures a visual code in a series of visual codes displayed in a repeating progression on a screen of a mobile device. The visual code was generated from a display block that resulted from a partition of an original data file into a series of display blocks of at least a specified size. The software converts the visual code back into a display block and reads a header for the display block, discarding the display block if it has already been captured, as determined by the ordered identifying block number in a header. The software stops the iterative capturing when all of the display blocks in the series have been captured, as determined by the count in the header and coalesces the captured display blocks into the original data file, using an order determined by the ordered identifying block numbers.

Abstract: A method for recovering data. The method including collecting identity factors at a user device, wherein hashes of the identity factors are configured to be stored at a server. The method including generating at the user device a dynamic password based on the identity factors and a Salt configured to be generated by the server and configured to be delivered to the user device. The method including generating at the user device a data key and encrypting the data key using the dynamic password to generate an encrypted data key configured to be stored at the server. The method including encrypting at the user device data items using the data key to generate encrypted data items configured to be stored at the server. As such, the data items are recoverable by presenting the identity factors to the server.

Abstract: Method of certification including receiving user data at a device of a certifying entity. The method includes generating a salt that is unique. The method includes hashing the data combined with the salt to create a generated hashed data. The method includes generating a certification record based on signing the generated hashed data using a private key of the certifying entity to create a signed certification of the data. The method includes hashing the certification record. The method includes transmitting the hashed certification record to a blockchain for storing. The method includes receiving a certification tx-ID of the hashed certification record. The method includes generating a certification data block including the certification record and the certification tx-ID. The method includes storing the certification data block to a side chain.

Abstract: Method of authentication including sending a login web page to a first device of a user including a scannable code having an envelope ID and a login challenge. The envelope ID generated by an identity manager is associated with a first envelope of data including a session ID. A confirmation login request is received from a second device associated with the user, and includes a second envelope of data comprising the session ID, a user ID, and a seal of the user ID registering the user ID with the identity manager. The confirmation login request to the login challenge is verified using the session ID, and the user is verified using the user ID and seal. User login is authorized upon successful verification of the login challenge and user, and a communication session having the session ID is established between the web server and the first device.

Abstract: Software on an image-capturing device iteratively captures a visual code in a series of visual codes displayed in a repeating progression on a screen of a mobile device. The visual code was generated from a display block that resulted from a partition of an original data file into a series of display blocks of at least a specified size. The software converts the visual code back into a display block and reads a header for the display block, discarding the display block if it has already been captured, as determined by the ordered identifying block number in a header. The software stops the iterative capturing when all of the display blocks in the series have been captured, as determined by the count in the header and coalesces the captured display blocks into the original data file, using an order determined by the ordered identifying block numbers.

Abstract: A method for login, including making a login request to an entity through a federation server that generates a session identifier. A QR code is sent to the federation server to receive the session identifier. A secure envelope including user personal information is sent to the federation server to verify user registration with the federation server. A login token generated by the federation server is received and is associated with a smart contract generated by the federation server and stored on a blockchain. The login token is signed using user private key and sent to the blockchain for inclusion in the smart contract. A transaction identifier is received from the blockchain, and is sent to the federation server that generates a session record based on the login token. The federation server sends user verification to the entity to authorize a communication session between the user device and the entity.

Abstract: A method for recovering data. Identity factors are collected at a device, wherein hashes of the identity factors are configured to be stored at a server. A dynamic password is generated at the device based on the identity factors and a Salt generated by the server and configured to be delivered to the device. A selfie is captured of a user. The device generates a symmetric key used to encrypt the selfie. The symmetric key is encrypted using the dynamic password. The encrypted symmetric key and the encrypted selfie are stored on the server. One or more data items are stored on the server. The dynamic password is recoverable by presenting the plurality of identity factors that are hashed to the server. The symmetric key is recoverable using the recovered dynamic password. The data items are recoverable by presenting the symmetric key and a second selfie of the user.

Abstract: A method of confirming receipt, including iteratively capturing by a receiving device visual codes in a series of visual codes displayed on a sending device. A corresponding captured visual code being from a display block that resulted from a partition of an original data file into display blocks, and wherein each display block is converted to a corresponding string and header including an ordered identifying display block number and a total count of the display blocks. Each corresponding string is converted to a corresponding visual code. Each of the captured visual codes is converted into a corresponding string and a header is read for the corresponding string. Captured display blocks are determined. A confirmation message is generated including information indicating which display blocks have been received. The confirmation message is sent over a wireless communication link to the sending device to reduce the number of visual codes being displayed.

Abstract: A method for recovering data. The method including collecting identity factors at a user device, wherein hashes of the identity factors are configured to be stored at a server. The method including generating at the user device a dynamic password based on the identity factors and a Salt configured to be generated by the server and configured to be delivered to the user device. The method including generating at the user device a data key and encrypting the data key using the dynamic password to generate an encrypted data key configured to be stored at the server. The method including encrypting at the user device data items using the data key to generate encrypted data items configured to be stored at the server. As such, the data items are recoverable by presenting the identity factors to the server.