The issuing of digital certificates to promote electronic commerce is known. Digital certificates, that is, specially issued files containing identification and other information, provide a level of security and authentication that gives vendors, suppliers and others comfort as they increasingly commit to electronic commerce. Digital certificates provide electronic confirmation of the identity of a potential customer or other user seeking to access a resource or to process a transaction. Digital certificates also regulate the access to particular transactions or information. For example, digital certificates can differentiate classes of transaction within a Web site based upon credit or other information contained in a digital certificate or directory.
Typically, the steps involved in deciding whether to issue a digital certificate involve an interaction between a user who wants to perform a transaction and a certification authority. In most cases, the certification authority is not a party to the eventual transaction but serves instead to qualify the user to perform transactions by issuing a digital certificate. The certification authority queries the user for information and attempts to match the responses to known data from databases to determine whether to issue the digital certificate to the requesting user. In addition, the responses provided and the data available in the databases may be used by the certification authority to determine the content or privilege level of the digital certificate. That is, the certification authority determines what financial, privilege or other limitations will be associated with the digital certificate, as indicated by the criteria of the online vendor.
An important aspect of the process of issuing the digital certificate is confirming the identity of network users. Various systems exist that perform some level of user authentication. These systems generally require a user to provide certain basic identification information, such as name, date of birth, social security number, address, telephone number and sometimes driver's license information. This type of information is sometimes known as wallet information, and it is compared to known data, such as from a credit file to determine a level of match between the stored and presented information. However this type of validation by itself is limited and not flexible in accepting other types of background information. Other problems exist.