Many identity verification systems use a broker-based model, which employs a broker to facilitate end-user identification. For example, one federated model used on the Internet allows a user to identify to a relying party by leveraging existing data from a preferred identity provider. The traditional deployment model uses a centralized broker to act as the interface between identity providers and relying parties.
However, existing broker-based models suffer from a number of drawbacks. For example, existing models rely upon the continued and active participation of identity providers, meaning that service outages or the decommissioning of identity provider services can result in the inability to use a source of identification. Existing models do not allow for users to mix-and-match identification attributes from multiple identity providers, limiting their usefulness in many situations. Furthermore, existing models require the disclosure, such as an address, of the sensitive data that is being used for identification. These and other drawbacks highlight the need for improved methods and systems for electronic identity provision and verification.