FIELD OF THE INVENTION

[001] The present invention relates to an identity and access management system and a method for accessing restricted areas, particularly for generation of individual’s identity profile and granting access rights for restricted areas.

BACKGROUND OF THE INVENTION

[002] Identity Access Management System is the security discipline that manages individuals’ principals, their authentication, authorization and privileges within or across their organization. It provides the right access at the right times for the right reasons.

[003] Restricted/Gated areas manage access to information and applications across internal and external platforms and applications. More importantly, they provide this access for a growing number of identities without compromising security or exposing sensitive information.

[004] Gate security access control has recently been given increased attention as it provides basic safety protection for facilities and individuals who work in the facilities. In a typical gate security system for a large facility, personnel must show their ID cards and/or display authorization tags on their vehicles in order to gain access to the facility. In some cases, where a guard is not located at the gate, personnel can use a data card, such as an electronic data card, to release a gate to gain access to the facility.

[005] Biometric verification is now being employed more frequently to verify personnel identification. Such systems typically comprise a database storing personal biometric information, such as facial templates or features, finger prints, hand geometry, iris prints, thermo grams, skin colors of personnel, and others, or any combination of these.

[006] Typical access control systems are essentially insecure and less reliable systems. A fundamental problem with granting access to a secured physical location or to a secured system using conventional methodologies is that anyone in possession of the instrumentality of access can be granted access to the secured location or system. That is, in most systems, once the instrumentality of access is obtained by any person, there is no further verification to ensure that that person is in fact the person who is actually authorized to be granted access. The current way of validating individual identity and granting access is tamper prone and risks the privacy as well. The existing systems fail to track the visitors; utilize non-transferable tickets/passes; provides manual access control; are less reliable, do not use available data and lacks provision of blocking stolen tickets/passes.

[007] To overcome the aforesaid disadvantages, there exist a need to provide a solution that addresses the identity authentication and access management in a more secure and convenient manner without compromising privacy. The present invention provides an identity and access management system and method for the same.

SUMMARY OF THE INVENTION

[008] The present invention is directed to a system and method for generation of an individual identity; authenticating/verifying the same through OTP and biometric verification and further granting access rights for a secured location or gated/restricted area. The system is integrated with Aadhaar services for individual biometric verification and e-KYC (Know Your Customer). The system utilizes a mobile telecommunication unit (such as a smart phone or another mobile unit), for secured access to a resticted area. The system can also be integrated with Aadhaar services for e-KYC (Know Your Customer).

[009] According to one embodiment of the present invention, the identity and access management system provides a real-time communication with servers, comprising a mobile unit, access gate controllers linked to a location (web server; application server) server; and a main server connected to the location server through the Internet.

[010] According to another embodiment of the present invention, the method of present invention comprises the steps of- creating digital identity of an individual for a particular event or area and validating/verifying the same through OTP and biometric verification; generating dynamic QR codes and NFC Tags that are tempered proof with respect to individual’s identity profile; storing the access rights created in a platform on user device and main server; sending acess rights of individual to the location server of the particular event or area; checking the identity of the individual using said dynamic QR codes and NFC Tags on the mobile device with the server; allowing verified/validated individual to access a location (restricted or unrestricted) by access gate controllers.

[011] These and other features and advantages of the present invention may be incorporated into certain embodiments of the invention and will become more fully apparent from the following description, or may be learned by the practice of the invention as set forth hereinafter. The present invention does not require that all the advantageous features and all the advantages described herein be incorporated into every embodiment of the invention.

BRIEF DESCRIPTION OF DRAWING

[012] The present invention may be better understood and its numerous objects, features, components and advantages are made apparent to those skilled in the art, by referring to the accompanying drawings, in which:

Figure 1 illustrates the flowchart of the identity and access management system (access gate) embodying the present invention.

Figure 2 illustrates a flow diagram of working of the identity and access management system for Corporates.

Figure 3 illustrates a flow diagram of working of the identity and access management system for e-KYC.

Figure 4 illustrates a flow diagram of working of the identity and access management system for Events and Exhibitions.

DETAILED DESCRIPTION OF THE INVENTION

[013] The following description describes various features and functions of the disclosed system and method with reference to the accompanying figure. In the figure, similar symbols identify similar components, unless context dictates otherwise. The illustrative system and method described herein are not meant to be limiting. It can be readily understood that certain aspects of the disclosed system and method can be arranged and combined in a wide variety of different configurations, all of which are contemplated herein.

[014] The present invention will be better understood after reading the following detailed description of the presently preferred aspects.

[015] The embodiment is chosen and described to provide the best illustration of the principles of the invention and its practical application, and to enable one of ordinary skill in the art to utilize the invention in various embodiments and with various modifications as are suited to the particular use contemplated.

[016] The present invention is directed to a system and method for creating an individual global identity; authenticating/verifying the same through OTP and biometric verification and further granting access rights digitally to a secured location or a restricted area. The system is integrated with Aadhaar services for individual biometric verification and e-KYC (Know Your Customer).

[017] The identity and access management system provide an easy parking for visitors; reduces long queues for registerd users; generates a controlled, secure and quick access; integrated with access gates; configuration of gates according to different security levels and real time monitoring of visitors. The present syetm comprises: a mobile communication unit 1, wherein said mobile unit creates identity of an individual; a plurality of access gate controllers 2 associated to a location server 3, wherein said controllers provide access rights to said individuals by generating a QR code; and a main server 4 coupled to said location server 3, wherein said server stores the data of the individuals provided with access rights received from said location server. The digital identity of individual(s) created by the mobile communication unit 1 in the form of dynamic QR codes and NFC Tags which is verified/validated through OTP and biometric verification of individual(s); the acess rights of said individuals are sent and stored on the location server 3 coupled to main server 4; access to the verified/validated individuals to a resticted location is provided by the access gate controllers 2 based on the access rights of individuals.

[018] Figure 1 illustrates the identity and access management system, comprising a mobile unit 1, for creating identity of individuals, closely associated with the access gate controllers 2 that provide access rights and are linked to a location server 3 (web server; application server); and a main server 4 connected to the location server 3 through the Internet for storing, verifying and granting access rights to individuals.

[019] The mobile communication unit 1 may be a smart phone Additionally, mobile unit 1 also communicates with gate access controls 2 over a wireless connection. The gates are configured according to different security levels.

[020] The method of present invention comprises the steps of;

• creating digital identity of individual(s) using the mobile communication unit 1; validating/verifyingdetails of said individual(s) through OTP and biometric verification;
• generating dynamic QR codes and NFC Tags that are tamper proof with each identity profile and acess information in real time with servers;
• sending acess rights of said individuals to a location server 3 and storing the same;
• storing access rights of individuals;
• allowing verified/validated individuals access to a resticted location using access gate controllers 2.

[021] Figure 2 illustrates the flow diagram of working of the identity and access management system in corporate organisations. Firstly, a user including a visitor/ temporary employee/permanent employee enters the office building through the entry gate. Secondly, the temporary/permanent employee moves directly to the reception area to verfiy his/her profiles without standing in long queue and is allowed easy access to different departments of the office, whereas the visitor has to register himself/herself with the system installed at the entry of the gate and is allowed access to only selected area.

[022] The access of visitor in the restricted areas of the office, for example server room is allowed only after scanning of the profile, followed by a real time monitoring of the activity. In regard to the temporary workers, monthly or daily, a custom duration based passes are issued and the said passes are easily renewed or cancelled. The system also provides a configurable access control and bio-enabled access to the all the users of the organisation including visitor/ temporary employee/permanent employee.

[023] Figure 3 illustrates a flow diagram of working of the identity and access management system for performing e-KYC of the employees. The employee verification is based on e-KYC and the system performs e-KYC for new joinees and a bulk uploading process for the exisiting ones. The employees and temporary staff can verify themselves against the generated e- KYC requests as per their convenience using self service kiosk. This system is integrated with other systems to share e- KYC details.

[024] Figure 4 illustrates a flow diagram of working of the identity and access management system for Events and Exhibitions, wherein system restricts entry in VIP or priority sections. Also, passes are issued based on different categories. If in any case the passes are lost or stolen then the lost passes are immediately blocked.

[025] The identity and access management system also finds its application in Residential Complexes. In residential complexes, the system tracks the amount of time people spent inside the society, realtime housekeeping by residents and detailed report for the number of visitors, staying inside in the society or passes are issued to temporary workers. The system allows access to people with invitations or passes and to aadhaar verified visitors.

[026] The digital identity of the individual(s) can be created by verification through Mobile Number; Email; Aadhaar number; Aadhaar Biometric; Additionally, one of the following documents can also be used - PAN Card; Driving License and Vehicle Registration Number. The digital identity of an individual is stored on individual’s phone and on the main server.

[027] The verification of the individual identity is performed online and requires internet connection to validate profile and access in real time with servers.

[028] The temporary pass is a digital/ physical pass that has a time limit in terms of hours/ days. It is generated based on the access need in respect of a particular individual, fed into the system.

[029] The Real-time Quick Response (QR) codes are tamper proof codes and formed with a time location and time stamp and are valid for a particular duration. The QR code is used for validation of identity and access on the Access Gate Controllers. QR is generated through Biometric Identification. QR code thus generated uses bank grade encryption (AES-256) for storing access information. QR code is unique in each case and is absolutely tamper proof. The QR code does not carry any user information, it is specific to the location and the period of its validity is controlled.

[030] The system requires no manual setup and is auto upgradable and provides an effective emergency response preparednes i.e. in case of any emergency, the system sends a notification to all the individuals present in the building to evacuate immediately.

[031] The system provides access for visitors in residential complexes and a pass based access for housekeeping. Further, in relation to events and exhibitions, an efficient and controlled access is provided for visitors and delegates. Also, the system is integrated with airports to retreive ticket information from Email/SMS on the mobile of the user and further generating an access card (QR Code) with identity and access information.

[032] Although the embodiments herein are described with various specific embodiments, it will be obvious for a person skilled in the art to practice the invention with modifications. However, all such modifications are deemed to be within the scope of the invention.

WE CLAIM:

1) An identity and access management system, wherein the system, comprising;
• a mobile communication unit 1, wherein said mobile unit creates identity of an individual;
• a plurality of access gate controllers 2 associated to a location server 3, wherein said controllers provide access rights to said individuals by generating a QR code; and
• a main server 4 coupled to said location server 3, wherein said server stores the data of the individuals provided with access rights received from said location server;
wherein,
the digital identity of individual(s) created by the mobile communication unit 1 in the form of dynamic QR codes and NFC Tags; the acess rights of said individuals are sent and stored on the location server 3 coupled to main server 4; access to the verified/validated individuals to a resticted location is provided by the access gate controllers 2 based on the access rights of individuals.
¬
2) The system as claimed in Claim 1, wherein said mobile communication unit 1 is preferably a smart phone

3) The system as claimed in Claim 1, wherein said system does not require manual setup and is auto upgradable.

4) The system as claimed in Claim 1, wherein said system provides an effective emergency response preparednes i.e. in case of any emergency, a notification is sent to all the individuals present in the building to evacuate immediately.

5) The system as claimed in claim 1, wherein digital identity of the individual(s) is created by verification through Mobile Number; Email; Aadhaar number; Aadhaar Biometric; PAN Card; Driving License and Vehicle Registration Number.

6) The system as claimed in claim 1, wherein the verification of the individual identity is performed online and requires internet connection to validate profile and access in real time with servers.

7) The system as claimed in claim 1, wherein QR code is generated through Biometric Identification.

8) The method for identity and access management, wherein the method comprises the steps of :
• creating digital identity of individual(s) using the mobile communication unit 1; validating/verifyingdetails of said individual(s) through OTP and biometric verification;
• generating dynamic QR codes and NFC Tags that are tempered proof with each identity profile and acess information in real time with servers;
• sending acess rights of said individuals to a location server 3 and storing the same;
• storing access rights of individuals; and
• allowing verified/validated individuals access to a resticted location using access gate controllers 2.

9) The method as claimed in Claim 8, wherein said mobile communication unit 1 is preferably a smart phone.

10) The method as claimed in claim 8, wherein digital identity of the individual(s) is craeted by verification through Mobile Number; Email; Aadhaar number; Aadhaar Biometric; PAN Card; Driving License and Vehicle Registration Number.

11) The method as claimed in claim 8, wherein the verification of the individual identity is performed online and requires internet connection to validate profile and access in real time with servers.

12) The method as claimed in claim 8, wherein QR code is generated through Biometric Identification.