Note : Les descriptions sont présentées dans la langue officielle dans laquelle elles ont été soumises.
SYSTEM AND METHOD FOR CONDUCTING BACKGROUND SCREENING AND
ADJUDICATION
FIELD OF THE INVENTION
The present invention relates to background screening. In particular, the
present invention
relates to an automated system and method which utilizes biometrics and/or
other information to
perform background screening and adjudication.
BACKGROUND
The process of performing background screening for such things as government
security
clearances is cumbersome and error prone as it typically involves paperwork
being completed
by the individual seeking the screening (the applicant), individual checks
being performed in
disconnected systems such as a credit check in Equifax or TransUnion and a
criminal record
check with a police organization or department. After all information is
gathered and checks are
performed an individual working for the party requesting the screening
(company, government
department, etc.), typically referred to as a Security Officer, must analyze
the information
received from the individual checks and make a determination if the applicant
should be granted
the clearance or screening level that is being requested. In addition to the
process being
cumbersome and error prone because of the different systems and parties
involved in the
different types of background checks, the process can take a long time (days,
weeks, months,
or, even in some cases, over a year).
In most cases, in Canada, an integral part of background screening is a
fingerprint-based
certified criminal record check verification conducted by the RCMP's Real-Time
Identification
(RTID) system. RTID accepts electronic fingerprints and demographic data
submitted
electronically to it from authorized agencies and police organizations and
departments.
Traditionally the systems that send the fingerprints into the RCMP are
archaic, inflexible, not
user friendly, and lack modern security features. The result is that
fingerprinting with these
systems can be difficult and unmanned/unattended "kiosks" are not possible.
This, in turn,
makes it such that fingerprinting may not be possible in remote locations and
is viewed as a
process which takes "too long" and is "not convenient". As a result of this,
many organizations,
if not required to perform fingerprint based criminal record verifications
will opt for name-based
criminal record checks, which are inherently unreliable and generally should
not be used.
I.
Date Recue/Date Received 2020-06-24
Exemplary systems for performing background checks and/or collecting biometric
data are
known in the art and include the following.
Canadian Patent No. 2,654,029 and Canadian Patent Application No. CA2,945,382
relate to a
method and apparatus for performing a background check. The system described
in these
patent documents include a first interface means for input of demographic data
situated at a first
location; a second interface means for input of authenticating demographic
data related to the
applicant at a second location.
Canadian Patent Application No. 2,925,143 relates to a background check system
including a
kiosk connected to a server which is connected to an identity database.
U.S. Patent Publication No. US2016/0078451 teaches high assurance federated
attribute
management system and method. The method may include receiving, by an
electronic
apparatus, identity data of a person, and receiving, by the electronic
apparatus, one or more
asserted attributes of the person. The method may additionally include
storing, by the electronic
apparatus and in an electronic database, the identity data of the person in
association with the
one or more asserted attributes of the person, and receiving, by the
electronic apparatus,
confirmation of the one or more asserted attributes based on information
received from one or
more publishers of the one or more asserted attributes. The method may further
include
associating, by the electronic apparatus, the confirmation with the one or
more asserted
attributes of the person, and storing, by the electronic apparatus and in the
electronic database,
an indication that the one or more asserted attributes are confirmed.
SUMMARY OF THE INVENTION
An object of the present invention is to provide a system and method for
conducting background
screening and adjudication. In one aspect of the present invention, there is
provided a method
of conducting an adjudication of an applicant, said method comprising:
receiving, by a server
computing device, personal information from said applicant; processing, by
said server
computing device, said personal information to determine, based on a pre-
defined set of rules,
and/or user input, data required to determine if an applicant meets pre-
defined requirement(s);
requesting said data from one or more data sources; receiving, by said server
computing
device, data from said one or more data sources; and processing, by said
server computing
device, said data, based on a pre-defined set of rules, and thereby
determining whether said
2
Date Recue/Date Received 2020-06-24
applicant meets the pre-defined requirement(s), does not meet said pre-defined
requirement(s)
or if further review is required.
In certain embodiments, the method further comprises inputting of said
personal information via
a user interface, optionally the user interface is in the form of an online
form or an application.
Optionally, the user interface comprises fields to input relevant personal
data and one or more
means to input biometric data.
In certain embodiments, the personal information comprises one or more of
name, address,
email address, phone number, social media accounts, educational history,
financial history,
criminal history, employment history and biometric information. The biometric
data may
comprise fingerprint data which may be collected by contact-based
fingerprinting or by non-
contact-based fingerprinting.
In certain embodiments, the biometric data is connected with one or more
biometric collection
devices which are connected to the server computing device. For example, the
fingerprint data
may be collected with an Electronic Fingerprint Capture Device or collected
with a smartphone,
optionally the method further comprises authenticating collected fingerprint
data.
In certain embodiments, the one or more databases are third party databases,
optionally the
third party databases are databases providing criminal record information,
vulnerable sector
and/or credit history. The criminal record or vulnerable sector check may be
finger-print based.
Optionally, if necessary, converting collected fingerprint data to a format
that is acceptable for
fingerprint-based record check.
In certain embodiments, a verifiable credential including but not limited to a
blockcert is issued if
the applicant meets the pre-defined requirements. Optionally, the verifiable
credential is stored
in a database. The database may be a ledger database or a blockchain database.
In certain embodiments, the pre-defined rule(s) and/or pre-defined
requirement(s) is
configurable.
In a further aspect of the present invention, there is provided a kiosk for
the collection of
biometrics comprising one or more biometric collection devices and a user
interface to input
non-biometric personal data, wherein said kiosk is operably connected to the
server computing
device either directly or through a network.
3
Date Recue/Date Received 2020-06-24
BRIEF DESCRIPTION OF THE FIGURES
Figure 1 is a photograph of the front view of a kiosk of an embodiment of the
present invention.
Figure 2 is a close-up photograph of the front view of the kiosk pictured in
Figure 1 showing
fingerprint sensor/scanner and touchscreen.
Figure 3 is a photograph of the side view of the kiosk pictured in Figure 1.
DEFINITIONS
As used herein, the term "background check" refers to the process of looking
up and reviewing
both confidential and public information to investigate a person or entity's
history. Types of
background checks include but are not limited to a criminal record check, or
education check, or
credit check, or any other type of check that will look for adverse conditions
for an applicant.
As used herein, the term "applicant" refers to the individual or entity that
requires a background
check.
As used herein, the term "personal information" includes any information about
the applicant.
"Personal Information" may include but is not limited to name, address, email
address, phone
number, social media accounts, race, nationality, ethnicity, origin, religious
or political beliefs or
associations, age (date of birth), sex, sexual orientation, gender, marital
status, family status,
health care history including but not limited to information on
physical/mental disability,
educational history, financial history, criminal history, employment history,
biometric information
including but not limited to finger prints, blood type, physical
characteristics including but not
limited to height, weight, hair, skin colour or eye colour.
As used herein, the terms fingerprint and fingerprint data as used herein
refers to the unique
pattern of friction ridges on a surface of a fingertip and impressions on a
surface produced by
this pattern that can be used for identification purposes. Fingerprints can be
collected using
contact and contactless methods.
As used herein, the term "adverse conditions" refers to one or more results of
a
background/security screening check that would potentially be considered as
undesirable to the
4
Date Recue/Date Received 2020-06-24
organization requesting the background check for an individual. An example is
the existence of
a criminal record for the applicant or a bankruptcy found during a credit
check.
As used herein, the term "biometric collection device" refers to a device that
can
capture/collection biometrics including but not limited to fingerprints from
an individual or images
of the individual. Such as device can also obtain information, such as
demographic information,
from an applicant. An example of a Biometric Collection Device is a
fingerprint sensor/scanner
(often referred to as an Electronic Fingerprint Capture Device, EFCD) . The
fingerprint capture
device may be contact based or non-contact based. A digital camera, including
but not limited to
the camera of a smartphone or tablet may be used in a non-contact method to
capture digital
image(s) of an individual's fingerprint(s). Another instance of a biometric
collection device is a
flatbed scanner that scans fingerprints from a piece of paper that have been
inked (for example)
and digitize them for electronic use. A digital camera may be used to capture
images (including
but not limited to facial images or fingerprint images) of the individual. An
iris scanner may be
used to capture iris images. Auditory biometric devices to record voices may
also be used.
As used herein, the term "biometric enrollment" refers to the process of
installing biometrics in a
system, often referred to as an Automated Biometrics Identification System
(ABIS) for the future
use of the biometrics. A future use can include, but is not limited to, using
the biometrics
enrolled in the ABIS to confirm the identity of an individual, often referred
to as a 1:1 search.
As used herein, the term "biometric kiosk" refers to an unmanned and/or
unattended Biometric
Collection Device that also allows an applicant to enter personal information,
such as their date
of birth and biological sex. A Biometric Kiosk may or may not have an
integrated video and/or
audio system.
As used herein, the term "adjudication" refers to the process by which an
organization
determines whether an applicant passes the security screening process. This is
not to be
confused with the purely legal definition of adjudication.
As used herein, the term "auto-screened adjudication" refers to an
adjudication process which
requires no human intervention.
As used herein, the term "manually reviewed adjudication", refers to an
adjudication process
which requires human intervention.
As used herein, the term "centralized database" is a database that is located,
stored, and
maintained in a single location and typically controlled by single entity.
Date Recue/Date Received 2020-06-24
As used herein, the term "decentralized database" is a database that is
located and stored in
multiple locations that are typically geographically located in different
locations. As used herein,
"decentralized database" is synonymous with the term "distributed database".
As used herein, the term "immutable database" is a database that can only have
records
added/appended to it. For clarity, an immutable database cannot have existing
records modified
or existing records deleted.
As used here, the term "ledger database" is a centralized or distributed
database that is
immutable and is controlled by one or more authorities.
As used herein, the term "blockchain", "block chain", "blockchain database",
and "block chain
database" is a distributed database which is an immutable database and is not
under the control
of any authority/authorities.
As used herein, the term "verifiable credentials" is the electronic equivalent
of a physical
credential such as, but not limited to, passports, plastic cards, driver's
licenses, qualifications,
and awards. Verifiable Credentials are held and controlled by the individual
they pertain to.
As used herein, the term "Blockcerts" is an open standard for creating,
issuing, viewing, and
verifying blockchain-based certificates and verifiable credentials.
DETAILED DESCRIPTION
The process of performing background screening of applicants is labor
intensive and as such
can be expensive and costly to perform. Moreover, the process can be error
prone. The
present invention provides an integrated and automated system and method for
performing
background screening and adjudicating individuals. In certain embodiments,
following the initial
input of personal information, the system and method of the present invention,
is fully
automated and manual intervention is only required if further review is
required. Accordingly,
the present invention reduces the time required for background screening and
adjudicating
individuals and/or reduces error rate.
Method of Conducting an Adiudication
In certain embodiments, there is provided a method of conducting an
adjudication of an
applicant, said method comprising: receiving, by a server computing device,
personal
information from said applicant; processing, by said server computing device,
said personal
6
Date Recue/Date Received 2020-06-24
information to determine, based on a pre-defined set of rules, and/or user
input, additional data
required to determine if an applicant meets pre-defined requirement(s);
requesting said
additional data from one or more data sources; receiving, by said server
computing device, data
from said one or more data sources; and processing, by said server computing
device, said
data, based on a pre-defined set of rules, and thereby determining whether
said applicant meets
the pre-defined requirement(s), does not meet said pre-defined requirement(s)
or if further
review is required.
In certain embodiments, the pre-defined rule(s) and/or pre-defined
requirement(s) is
configurable. This allows the methods to be customized by the user.
The server computing device may be one or more physical and/or virtual
servers. In certain
embodiments, the server is a cloud-based server.
Intake Personal Information
Intake of personal information may be by one or more means including but not
limited to user
interface(s)/portal(s), integration with other systems or platforms, and
devices including but not
limited to scanners and biometric collection devices.
In certain embodiments, there is provided a user interface which includes a
variety of
fields/options to input relevant personal data. In certain embodiments, the
interface is in the
form of an online form. In other embodiments, the interface/portal is app
based (i.e. a mobile
user interface). In specific embodiments, access to the interface is
restricted. For example,
requires users to be registered/logged in or is via invitation only.
In certain embodiments, there is provided a means to input biometric data. In
certain
embodiments, the means to input biometric data is one or more dedicated
biometric collection
devices including but not limited to an Electronic Fingerprint Capture Device
or a digital camera.
In specific embodiments, the one or more dedicated biometric collection
devices form part of a
biometric kiosk. In other embodiments, a smartphone or tablet may be used as a
means to
input biometric data. In specific embodiments, the camera of a smartphone or
tablet is used for
contactless fingerprinting.
The use of a smartphone or tablet to collect biometric data allows for such
data to be collected
at any location without the use of specialized equipment. In specific
embodiments which utilize
an applicant's smartphone or tablet to collect biometric data, the methods
include steps to
ensure accuracy of biometric data or authenticate the biometric data. In
certain embodiments,
7
Date Recue/Date Received 2020-06-24
authentication of biometric data refers to ensuring that the biometric data is
from the applicant.
In certain embodiments, authentication is through a virtual appointment with a
fingerprint
operator and optionally includes a review of security documents, The
fingerprint operator may
be either a virtual operator or a human operator via video meeting. In certain
embodiments, the
methods further comprise conversion of the finger photos to fingerprint images
which are
acceptable for fingerprint-based record check.
In certain embodiments, the biometric collection devices are connected to the
server computing
device (either directly or through one or more network(s)). The network may be
any type of
network including but not limited to a local area network (LAN), metropolitan
area network
(MAN), wide area network (WAN), wireless and internet. In certain embodiments
where the
biometric collection devices are in a network with the server computing
device, biometric data is
automatically inputted into the method of the present invention (i.e. without
user input) from the
biometric collection device(s). In other embodiments, user input is required
to input collected
biometric data. In other embodiments, the biometric data is transmitted to the
server computing
device via email (SMTP). In other embodiments the biometric data is
transmitted to the server
computing device via HTTP(s). In certain embodiments, the user
interface/portal allows for the
attachment of digital data files comprising biometric data.
In certain embodiments, there is provided a user interface to input relevant
personal data and
one or more means to input biometric data.
In certain embodiments, previously collected biometric data is used in the
methods of the
invention.
The personal information may be inputted by the applicant, by a third party,
such as a recruiter,
Human Resource staff, security officer etc. or a combination (i.e. part of the
information inputted
by applicant and part of the information inputted by the third party or
combination of multiple
third parties).
In certain embodiments, personal information may be inputted in response to an
invitation.
In specific embodiments, the system/method of the present invention allows for
individuals such
as recruiters, HR staff, security officers, etc. to send electronic
invitations to an applicant (for
example via the user interface provided by the server computing device or via
an integration
with an existing system, such as a CRM) to request that the applicant fill out
information online
that is required to perform the requested background check for the individual
and/or an invitation
8
Date Recue/Date Received 2020-06-24
to perform the collection of biometrics, such as digital fingerprinting, to be
used in the
background check process. Invitations may be sent to the applicant via any
means such as an
email or an SMS text message. The invitation may or may not include the
specific checks that
are to be performed. The invention may or may not include a link to an online
interface for input
of the information.
In certain embodiments, the server computing device automatically reviews the
personal data
provided and sends a notification to the user and/or applicant indicating that
the data has been
received, and optionally is sufficient/insufficient.
In certain embodiments, the personal information is saved to a database(s).
The database may
be any type of secure database including but not limited to a centralized
database,
decentralized database/distributed database. In certain embodiments, the
database is an
immutable database such as a ledger database or a blockchain database.
Processing the Personal Information and Requesting Additional Data
The server computing device next determines the type of additional data
required to determine if
the applicant meets the configurable pre-defined requirements. The additional
data may be any
data, including for example, criminal record, criminal record suspension
(pardon), credit history,
employment checks, reference checks (both employment and personal), education
checks,
open source checks (e.g. Facebook, Twitter, etc.), terrorist watch list check,
biometrically-
enabled watch list (BEWL) check and/or law-enforcement records check (LERC).
The determination of what data is required may be automatic based on a pre-
defined set of
rules, optionally, the pre-defined set of rules are configurable and/or user
input. For example, in
response to input of fingerprint data, the server computing device may
automatically determine
information from a criminal record database is required. Alternatively, the
server computing
device may determine that information from a criminal record database is
required in response
to a user request for a criminal record check or a vulnerable sector check.
The server computing device requests the additional data from one or more
third party
databases. The request may be automatic based on a pre-defined set of rules,
optionally pre-
defined set of rules and/or in response to user input. For example, if the
server computing
device determined that information relating to criminal record or a vulnerable
sector check is
required the server computing device may automatically request a search of the
criminal record
9
Date Recue/Date Received 2020-06-24
database using the fingerprint and/or applicant name). Alternatively, the
server may request a
search of the criminal database in response to user input.
Third party databases include but are not limited to databases providing
criminal record
information or credit history. Such databases are known in the art. For
example, the Royal
Canadian Mounted Police's (RCMP's) Real-Time Identification System (RTID) may
be used to
search for criminal records. Credit histories are available through Equifax or
TransUnion. In
certain embodiments, if a search of one database falls to identify any
additional data a further
database is searched.
Determining if the Applicant Meets the Pre-Defined Requirement(s)
Upon receiving the data from the one or more database(s), the server computing
device
automatically determines, based on a pre-defined set of rules (optionally
configurable pre-
defined set of rules), whether the applicant meets the pre-defined
requirement(s), does not meet
the pre-defined requirement(s) (optionally configurable pre-defined
requirement(s)) or if further
review is required.
For example, the rules may be if no adverse conditions were identified, the
applicant is
determined to having met the configurable pre-defined requirements; if an
adverse condition of
a particular category is identified, the applicant is determined to have not
met the pre-defined
requirements, optionally configurable pre-defined requirements and if an
adverse condition of a
different category is identified, a further review is required.
If no further review is required, the server computing device automatically
issues a notification
or report detailing the results. It may be sent to the individual requesting
the report, individual
tracking the applicant through the process and/or the applicant. In certain
embodiments, the
report or notification is in the form of an email, is posted on a secure
website,
If a further review is required, the server computing device, may
automatically initiate a further
review or send a notification / request for a further review. The further
review may be based on
a different set of rules or a manual review.
In certain embodiments, the further review is conducted by a human, such as a
security officer,
and the server computing device notifies the individual by email, SMS, or some
other means,
that a further review is required and either forwards the results for review
or provides an
indication of where the results can be viewed.
io
Date Recue/Date Received 2020-06-24
In certain embodiments, the method is repeated at pre-determined intervals.
For example, an
individual may be required to update their security clearance on a yearly
basis. In such cases,
in certain embodiments, the server computing device utilizes the previously
collected personal
data and determines if the applicant still meets the pre-defined requirements.
In certain embodiments, the method of the present invention further comprises
the issuance of a
verifiable credential if the applicant meets the pre-defined requirements. In
certain
embodiments, the verifiable credential is stored in a database. The database
may be any type
of secure database including but not limited to a centralized database,
decentralized
database/distributed database. In certain embodiments, the database is an
immutable
database such as a ledger database or a blockchain database. In specific
embodiments, the
verifiable credential is stored as a blockcert.
In certain embodiments, the biometrics obtained are automatically stored in an
automated
biometrics identification system (ABIS).
Biometric Kiosk
The present invention further provides a kiosk for the collection of
biometrics. In certain
embodiments the kiosk comprises one or more biometric collection devices and a
user interface
to input non-biometric personal data, and is operably connected to the server
computing device
either directly or through a network. In specific embodiments, the biometric
kiosk allows for the
touchless entry of personal data, including biometric data. For example, the
kiosk may allow
voice entry of information, contactless scanning of documents and/or
contactless fingerprinting.
The biometric kiosk may be used for the methods of the present invention.
Example 1:
Detailed below is an exemplary non-limiting touchless fingerprinting workflow
of an embodiment
of the present invention.
1. The applicant is invited by a security officer, hiring official, etc. via
an email, text, some other
means. This may be done through the platform of the invention.
2. In the invitation the applicant is prompted to download a native
application for their phone or
to access the invitation over a web-based application. The link to download
applications or use
the web-app is applicant specific. This means that when the applicant installs
the application on
their phone or accesses the web-application, the app/web-app will know and be
able to pull the
ii
Date Recue/Date Received 2020-06-24
information from our security screening platform to be displayed for that
applicant, such as their
name, date of birth, clearance/screening level they are seeking, etc.
3. The applicant fills out their demographic info or any other info that they
need to
provide/confirm and submit the information which gets sent to the security
screening platform.
4. The applicant uploads one or more pieces of identification using the
phone's camera and the
native app.
In certain embodiments where the fingerprint images are authenticated, the
following steps
occur:
5. The platform sends them a link on their native app and/or to their email to
book a virtual
fingerprinting appointment with a virtual fingerprint operator. The link may
be in the form of a OR
code or some other format.
6. At the time of appointment, the applicant uses another device which has a
camera, such as a
computer or a kiosk, etc. and invokes the link on the other device by, as an
example, scanning
the OR code.
7. A video meeting starts between the secondary device the user is using (the
one that scanned
the OR code) and one of the virtual fingerprint operators.
8. The virtual fingerprint operator watches and instructs the applicant to use
the native app on
their primary device that was downloaded to take photos of their fingers.
Fingers are normally
captured in groups of fingers, but could be captured as one finger/thumb at a
time, or some
combination of groups and single fingers/thumbs. In some cases certain fingers
will not be
required at all.
9. Once the fingers are captured, the applicant presses a button to send them
into the security
screening platform of the invention.
In alternate embodiments, steps 5 to 8 do not occur and the applicant simply
takes photos of
their fingers and sends them to the screening platform of the invention.
The conversion of the finger photos to fingerprint images acceptable by the
RCMP is performed
on the native application or part of the backend platform in the future.
10. Depending upon a configurable setting, in embodiments where the
fingerprint images are
authenticated, the virtual fingerprint operator may be required to review the
submitted
12
Date Recue/Date Received 2020-06-24
demographic data, fingerprints, identification photos, or any other possible
information on the
backend security screening platform prior to them being sent into the RCMP.
This scenario is
called "Manual Release".
11. The native app on the phone that submitted may receive one or more
transactions from the
security screening platform and/or the RCMP indicating the status of the
submitted transaction.
12. At this point the process continues like it would through the platform for
adjudication as it
would in a non-touchless scenario.
13
Date Recue/Date Received 2020-06-24
