摘要 |
A credential repository securely stores user credentials. The credential repository may be accessed by multiple entities. Instead of having a user carry his credentials with him (e.g., on a credit card or driver's license, which can be lost or stolen), the user's credentials are retrieved from the credential repository for use in a transaction. A merchant or other entity requesting the transaction receives these retrieved credentials and uses them to verify the identity of the user who seeks to participate in the transaction. A time-to-live value may be associated with the retrieved credentials. Successful verification of the user's identity enables private or personal data of the user to be released to the merchant or other entity. Optionally, the user explicitly authorizes the release of the data.
|