Abstract: Anti-spoofing technology is provided for verifying a user of a fixed computer terminal. Image data of at least one verification image is received, as captured by an image capture device of the fixed computer terminal at a time corresponding to a request for access to a restricted function of the fixed computer terminal. User verification is applied to determine whether to grant access to the restricted function of the fixed computer terminal. A differential feature descriptor is determined, which encodes feature differences between the verification image data and image data of at least one unobstructed background image as captured by the image capture device. An anti-spoofing classifier processes the differential feature descriptor to classify it in relation to real and spoofing classes. Access to the restricted function of the fixed computer terminal is refused or granted based on the classification of the differential feature descriptor by the anti-spoofing classifier.

Abstract: A method of a digital identity system generating a sharing token for authenticating a bearer to a validator, wherein a data store of the digital identity system holds a plurality of attributes of the bearer, the method comprising implementing by the digital identity system the following steps: receiving at the digital identity system from a bearer an electronic sharing token request, wherein the token request identifies at least one of the bearer's attributes in the data store selected for sharing with a validator; in response to the electronic token request, generating a sharing token, which is unique to that request, for presentation by the bearer to a validator; associating with the unique sharing token at the digital identity system the identified at least one bearer attribute; and issuing to the bearer the unique sharing token; and wherein later presentation of the unique sharing token to the digital identify system by a validator causes the at least one bearer attribute associated with the sharing token

Abstract: A liveness detection system comprises a controller, a video input, a feature recognition module, and a liveness detection module. The controller is configured to control an output device to provide randomized outputs to an entity over an interval of time. The video input is configured to receive a moving image of the entity captured by a camera over the interval of time. The feature recognition module is configured to process the moving image to detect at least one human feature of the entity. The liveness detection module is configured to compare with the randomized outputs a behaviour exhibited by the detected human feature over the interval of time to determine whether the behaviour is an expected reaction to the randomized outputs, thereby determining whether the entity is a living being.

Abstract: A method of a digital identity system generating a sharing token for authenticating a bearer to a validator, wherein a data store of the digital identity system holds a plurality of attributes of the bearer, the method comprising implementing by the digital identity system the following steps: receiving at the digital identity system from a bearer an electronic sharing token request, wherein the token request identifies at least one of the bearer's attributes in the data store selected for sharing with a validator; in response to the electronic token request, generating a sharing token, which is unique to that request, for presentation by the bearer to a validator; associating with the unique sharing token at the digital identity system the identified at least one bearer attribute; and issuing to the bearer the unique sharing token; and wherein later presentation of the unique sharing token to the digital identify system by a validator causes the at least one bearer attribute associated with the sharing token

Abstract: In a liveness detection system, a first set of one or more parameters of a first liveness test is selected at random. The first parameter set is transmitted to a user device available to an entity, thereby causing the user device to perform the first liveness test according to the first parameter set. Results of the first liveness test performed at the user device according to the first parameter set are received form the user device. Results of a second liveness test pertaining to the entity are received. The liveness detection system determines whether the entity is a living being using the results of the liveness tests, the results of the first liveness test being so used by comparing them with the first parameter set.

Abstract: A liveness detection system comprises a controller, a video input, a feature recognition module, and a liveness detection module. The controller is configured to control an output device to provide randomized outputs to an entity over an interval of time. The video input is configured to receive a moving image of the entity captured by a camera over the interval of time. The feature recognition module is configured to process the moving image to detect at least one human feature of the entity. The liveness detection module is configured to compare with the randomized outputs a behaviour exhibited by the detected human feature over the interval of time to determine whether the behaviour is an expected reaction to the randomized outputs, thereby determining whether the entity is a living being.

Abstract: A method of authorizing a secure electronic payment from a payer to a payee. At a digital identity system, an electronic message is received, which comprises a payer credential and identifies a payee system. At the digital identity system, a digital identity associated with the payer credential is accessed, the digital identity comprising: 1) at least one identity attribute or data for deriving at least one identity attribute, and 2) a payment token or data for obtaining a payment token, the payment token for effecting an electronic payment from the payer to a recipient of the payment token. At least one electronic message is transmitted from the digital identity system to the payee system to render the identity attribute and the payment token available to the payee system, for determining, based on the identity attribute rendered available to the payee device, whether to use the available payment token to effect an electronic payment from the payer to the payee.

Abstract: A method of a digital identity system generating a sharing token for authenticating a bearer to a validator, wherein a data store of the digital identity system holds a plurality of attributes of the bearer, the method comprising implementing by the digital identity system the following steps: receiving at the digital identity system from a bearer an electronic sharing token request, wherein the token request identifies at least one of the bearer's attributes in the data store selected for sharing with a validator; in response to the electronic token request, generating a sharing token, which is unique to that request, for presentation by the bearer to a validator; associating with the unique sharing token at the digital identity system the identified at least one bearer attribute; and issuing to the bearer the unique sharing token; and wherein later presentation of the unique sharing token to the digital identify system by a validator causes the at least one bearer attribute associated with the sharing token

Abstract: A method of a digital identity system generating a sharing token for authenticating a bearer to a validator, wherein a data store of the digital identity system holds a plurality of attributes of the bearer, the method comprising implementing by the digital identity system the following steps: receiving at the digital identity system from a bearer an electronic sharing token request, wherein the token request identifies at least one of the bearer's attributes in the data store selected for sharing with a validator; in response to the electronic token request, generating a sharing token, which is unique to that request, for presentation by the bearer to a validator; associating with the unique sharing token at the digital identity system the identified at least one bearer attribute; and issuing to the bearer the unique sharing token; and wherein later presentation of the unique sharing token to the digital identify system by a validator causes the at least one bearer attribute associated with the sharing token

Abstract: A digital identity system comprises an enrolment module configured to receive a data item captured from an identity document, and create in persistent electronic storage a digital identity comprising the data item, a credential creation module configured to issue to a user device a credential bound to the digital identity, and a validation service. The validation service is configured to receive an electronic message comprising the credential and identifying a target device, validate the credential, and if the credential is valid, use the credential to transmit an electronic message to the target device, so as to render the data item of the digital identity available to the target device.

Abstract: In a liveness detection system, a first set of one or more parameters of a first liveness test is selected at random. The first parameter set is transmitted to a user device available to an entity, thereby causing the user device to perform the first liveness test according to the first parameter set. Results of the first liveness test performed at the user device according to the first parameter set are received form the user device. Results of a second liveness test pertaining to the entity are received. The liveness detection system determines whether the entity is a living being using the results of the liveness tests, the results of the first liveness test being so used by comparing them with the first parameter set.

Abstract: In a liveness detection system, a first set of one or more parameters of a first liveness test is selected at random. The first parameter set is transmitted to a user device available to an entity, thereby causing the user device to perform the first liveness test according to the first parameter set. Results of the first liveness test performed at the user device according to the first parameter set are received form the user device. Results of a second liveness test pertaining to the entity are received. The liveness detection system determines whether the entity is a living being using the results of the liveness tests, the results of the first liveness test being so used by comparing them with the first parameter set.

Abstract: The disclosure relates to a method of authenticating content offered by a content source to a local device for displaying content. The method includes establishing a communication session between the content source and a browser executing at the local device, transmitting from the content source to the browser a validation page comprising a content authentication token which is a randomly generated one-time use only credential bound to the content source, and capturing the content authentication token from the browser by a verification application. The method also includes transmitting the authentication token to a validation service which determines whether the token is bound to a valid source of content and causing the content to be displayed on the local device if the token is bound to a valid source of content.

Abstract: A liveness detection system comprises a controller, a video input, a feature recognition module, and a liveness detection module. The controller is configured to control an output device to provide randomized outputs to an entity over an interval of time. The video input is configured to receive a moving image of the entity captured by a camera over the interval of time. The feature recognition module is configured to process the moving image to detect at least one human feature of the entity. The liveness detection module is configured to compare with the randomized outputs a behaviour exhibited by the detected human feature over the interval of time to determine whether the behaviour is an expected reaction to the randomized outputs, thereby determining whether the entity is a living being.

Abstract: In a liveness detection system, a first set of one or more parameters of a first liveness test is selected at random. The first parameter set is transmitted to a user device available to an entity, thereby causing the user device to perform the first liveness test according to the first parameter set. Results of the first liveness test performed at the user device according to the first parameter set are received form the user device. Results of a second liveness test pertaining to the entity are received. The liveness detection system determines whether the entity is a living being using the results of the liveness tests, the results of the first liveness test being so used by comparing them with the first parameter set.

Abstract: The disclosure relates to a method of authenticating content offered by a content source to a local device for displaying content. The method includes establishing a communication session between the content source and a browser executing at the local device, transmitting from the content source to the browser a validation page comprising a content authentication token which is a randomly generated one-time use only credential bound to the content source, and capturing the content authentication token from the browser by a verification application. The method also includes transmitting the authentication token to a validation service which determines whether the token is bound to a valid source of content and causing the content to be displayed on the local device if the token is bound to a valid source of content.