If the first and second hashes match, this means that the QR code data is PSA-issued and is not tampered with. Thereafter, the website generates a second hash of the QR code data. This will then yield a hash of data initially generated before the printing of the QR code onto the PhilID.
Upon scanning, the embedded public key in the PhilSys Check website decrypts the digital signature embedded in the PhilID QR code and checks if it is active or revoked. To do this, PhilSys Check requires the presentation of PhilID, scanning of the QR code, and cross-checking the data stored in the QR code against the data printed on the PhilID. Offline authentication refers to the process wherein the identity of an individual is validated against the information contained in the PhilID. This allows relying parties to verify the authenticity of the PSA-issued PhilID through its QR Code feature. PSA developed PhilSys Check as an offline identity authentication tool in the form of a website that uses public-private key cryptography.
0 kommentar(er)
