A computer-implemented method and a system for creating a revocably severed association between user accounts on an internet platform and a certified real-world identity

The method and system address the challenge of maintaining user anonymity and privacy by using a three-module architecture to split and distribute Seed Keys, ensuring identity discovery only under legal circumstances, thus preventing unlawful activities on social networks.

WO2026151356A1PCT designated stage Publication Date: 2026-07-16

Patent Information

Authority / Receiving Office
WO · WO
Patent Type
Applications
Filing Date
2026-01-12
Publication Date
2026-07-16

AI Technical Summary

Technical Problem

Existing online identity certification systems compromise user anonymity and privacy by requiring the sharing of extensive personal information, violating regulatory frameworks like GDPR, and fail to effectively address unlawful activities and bot accounts on social networks.

Method used

A computer-implemented method and system that creates a revocably severed association between user accounts and certified real-world identities using a three-module architecture: Authentication, Cryptography, and Ledger Modules, where Seed Keys are split and distributed among entities, ensuring anonymity and enabling identity discovery only under legal circumstances.

Benefits of technology

Guarantees user anonymity under normal conditions while allowing unequivocal identity discovery when necessary, without storing identifiable personal data, thus respecting privacy regulations and preventing unlawful activities.

✦ Generated by Eureka AI based on patent content.

Smart Images

  • Figure PT2026050005_16072026_PF_FP_ABST
    Figure PT2026050005_16072026_PF_FP_ABST
Patent Text Reader

Abstract

Method and system for creating a revocably severed association between user accounts on an Internet platform and a certified real- world identity. The method obtains an account identifier and an official identity identifier / token; invokes a Cryptography Module with the account identifier and the official identity identifier / token, and generates seed data comprising one string of data; creates a Seed Key by hashing the seed data; splits the Seed Key into at least two parts, and distributes the parts to different entities; creates an Identification Key by hashing the Seed Key; sends the Identification Key and the official identity identifier / token to a Ledger Module; and irreversibly destroys the Seed Key. To recreate a real-world identity corresponding to the account identifier, the Seed Key is reassembled from the distributed parts, enabling the recreation of the Identification Key, which in turn leads to the discovery of the real-world identity by the Authentication Authority / Service.
Need to check novelty before this filing date? Find Prior Art

Description

[0001] DESCRIPTION

[0002] A COMPUTER- IMPLEMENTED METHOD AND A SYSTEM FOR CREATING A REVOCABLY SEVERED ASSOCIATION BETWEEN USER ACCOUNTS ON AN INTERNET PLATFORM AND A CERTIFIED REAL-WORLD IDENTITY

[0003] TECHNICAL FIELD

[0004] The present invention relates to a computer implemented method and a system for creating a revocably severed association between user accounts on an Internet platform and a certified real-world identity .

[0005] BACKGROUND OF THE INVENTION

[0006] Online identity certification has become increasingly relevant in the context of social networks, digital platforms, and online services, particularly for addressing unlawful activity, fraud, and automated (non-human) account usage . Existing online identity certification services typically rely on private entities collecting and processing copies of official identity documents that contain extensive personal information unrelated to the specific purpose of online identification. In some cases, such services also involve the collection of biometric data .

[0007] The handling of such personal data raises significant data protection and privacy concerns, especially in jurisdictions subj ect to strict regulatory frameworks such as the General Data Protection Regulation (GDPR) . As a consequence, the deployment of mandatory online identity certification mechanisms within the European Union faces legal and practical limitations, resulting in a lack of a generally applicable technical solution that enables identification of online users while respecting anonymity, privacy and data minimization principles .

[0008] A number of solutions have been proposed to partially address some of the above-mentioned problems .

[0009] EP3782346B1 provides a system for the verification a user ' s identity and qualifications and authentication of credentialsassociated with a user ' s digital identity on a trust network (where service providers involved in a transaction may be independent parties operating with limited trust) , in which a pseudonymized transaction record may be created for that digital identity and stored in a shared ledger; identifying information for a user may be retained in a custodial escrow account for that user; and transactions may be re-correlated with identifying information for authorized third parties under established "due process" rules that are appropriate for the applicable j urisdiction ( s ) .

[0010] US2022027867A1 discloses a blockchain process to convert money to tokens . The solution intends to maintain a camouflaged connection between token bearer and the source .

[0011] US9043891B2 A discloses a privacy-preserving identity system that combines low disclosure tokens with an identity metasystem to allow proof of a user ' s identity and other claims about the user in a manner that preserves the user ' s privacy by avoiding disclosing unnecessary information about the user . A low or minimal disclosure token is a security token that encodes claims in such a way that the token can be long-lived, the token can be presented in an unlinkable manner, or the user can minimally disclose the encoded information to respond to an unanticipated Relying Party policy. Using the privacy preserving system within an identity metasystem, users can obtain long-lived, low disclosure tokens from the Identity Provider and later present them to Relying Parties; thus improving both user ' privacy and the system' s scalability. This system is intended to be used to identify a known person using low information content . Basically, a way of disclosing partial identity information. Privacy, in this case has to do with low information, not anonymity.

[0012] US9154306B2 discloses systems and methods for privacy-preserving flexible user-selected anonymous and pseudonymous access at a relying party (RP) , mediated by an identity provider ( IdP) . Anonymous access is unlinkable to any previous or future accesses of the user at the RP . Pseudonymous access allows the user to associate the access to a pseudonym previously registered at theRP . A pseudonym system is disclosed. The pseudonym system allows a large number of different and unlinkable pseudonyms to be generated using only a small number of secrets held by the user . The pseudonym system can generate tokens capable of including rich semantics in both a fixed format and a free format . The tokens can be used in obtaining from the IdP, confirmation of access privilege and / or of selective partial disclosure of user characteristics required for access at the RPs . The pseudonym system and associated protocols also support user-enabled linkability between pseudonyms . This system depends on the IdP that knows the user and, is called to attest on its identity supplying pseudonyms while keeping track of those . It' s anonymous only on the relying party RP side .

[0013] US11936796B1 discloses implementations to obtain credential information including an encrypted digital identity ( ID) . The encrypted digital ID may include a public component of a credential and identity data . Furthermore, the credential information may include cryptographically obfuscated data based on the identity data and a private component of the credential . A proof is obtained that includes proof data . The proof data may confirm that the credential information was correctly generated. Verification of the proof data, and confirmation that the cryptographically obfuscated data is not associated in a collection of cryptographically obfuscated data, cause a computer-implemented service to issue a pseudonym. The pseudonym is usable to generate a relationship associated with a computer-implemented service . Thus, this system relies on one part (issuer) knowing the identity of the person. When used, it provides a direct trace to the user . It' s a Citizen Card structure, basically.

[0014] US11943358B2 relates to distributed ledger-based networks (DLNs) and aims to facilitate the identification and auditing of anonymized account owners on zero-knowledge proof ( ZKP) -enabled DLNs . It is intended to provide methods and systems that allow auditors to verify ownership or access to accounts on DLNs without compromising the privacy, security, or anonymity of the accountowners . The invention applies to auditing ownership of accounts that have sent or received tokens representing physical off-the-DLN assets, enabling secure, private, and non-interactive verification of account access using ZKP techniques . Therefore, the system refers to a payment solution intended to obfuscate ownership maintaining validity through algorithms (i . e . a different scope of protection compared to the present invention) . US11949794B2 discloses systems for anonymizing raw data within a trusted execution environment and storing cryptographic authenticator obj ects on a blockchain ledger . The approach focuses on secure anonymization and validation of data shared across distributed systems . This relates to generic anonymization. It doesn' t describe the process, but it' s application to blockchain transactions instead. Different scope .

[0015] EP3864797B1 discloses a technique including identity verification implanted via a blockchain. An identity system utilizes a key library to store private keys and a smart contract functionality to facilitate verification with third-party users . The identity system generates a public key based on the private key where the public key is stored on a blockchain. The public key stored on the blockchain can be retrieved by a third-party user via the smart contract functionality to authenticate a user on the blockchain. This patent relies on credentials and keys . Basically, a way to encrypt communications where identity is known by an authority party .

[0016] DESCRIPTION OF THE INVENTION

[0017] The present invention proposes, according to one aspect, a computer-implemented method for creating a revocably severed association between user accounts on an Internet platform and a certified real-world identity. The method comprises obtaining, by an Authentication Module, an account identifier associated with a given Internet platform user and, an official identity identifier or token of a real-world person, provided by an Authentication Authority / Service ; invoking a Cryptography Module with the accountidentifier and the official identity identif ier / token as parameters, and generating, in the Cryptography Module, seed data comprising at least one string of data; creating a Seed Key by hashing the seed data with at least one hash function; splitting the Seed Key into at least two parts, and distributing the parts to at least two different entities, the latter storing each part in association with the account identifier; creating an Identification Key by hashing the Seed Key with at least one hash function; sending the Identification Key and the official identity identif ier / token to a Ledger Module for storage thereof as a pair; and irreversibly destroying the Seed Key.

[0018] To recreate a real-world identity corresponding to the account identifier, the Seed Key is reassembled / re j oined from the distributed parts, thus enabling the recreation of the Identification Key, which in turn leads to the discovery of the real-world identity by the Authentication Authority / Service .

[0019] In some embodiments, the official identity identif ier / token comprises an identifier selected from a citizen identity number, a driver' s license number, a fiscal identification number, a social security number, or another legally recognized identity identifier provided by the Authentication Authority.

[0020] In some embodiments, the seed data further comprises session-related data, including a timestamp, an IP address, and / or the user identifier .

[0021] In some embodiments, the string of data comprises a long, random, alphanumeric string.

[0022] In some embodiments, the reconstruction of the Seed Key requires retrieval of all distributed parts .

[0023] In some embodiments, the method further generates an Encryption Key from the Identification Key and provides the Encryption Key to the Internet platform for encryption of user information.

[0024] In some embodiments, a part of the Seed Key comprises a Public Key that is sent to the Internet Platform and another part of the Seed Key comprises a Secret Key that is sent to a Records Repository.In some embodiments, the official identity identif ier / token is only stored in the Ledger Module, paired with the Identification Key .

[0025] In some embodiments, the reconstruction of the Seed Key requires retrieval of all distributed partial seed values .

[0026] Other embodiments of the invention that are disclosed herein also include a system and software programs to perform the method embodiment steps and operations summarized above and disclosed in detail below. More particularly, a computer program product is one embodiment that has a computer-readable medium including computer program instructions encoded thereon that when executed on at least one processor in a computer system causes the processor to perform the operations indicated herein as embodiments of the invention. Therefore, the present invention addresses two very serious problems that emerged from the exponential growth of Internet platforms, such as Social Networks :

[0027] - Complete anonymity provides almost total impunity to crimes committed online under a common user account, namely in Social Networks, such as defamation, spread of false information, along with many other crimes related to fraud or attacks on people' s reputation, to name a few.

[0028] - Robot accounts, commonly called "bots", or ghost accounts, are a tool to generate traffic and manipulate Social Network' s algorithms, usually used to spread some types of information and manipulate the Public Opinion in masse . Such tools are now weaponized at an industrial scale, being employed by large organizations and hostile countries to manipulate a countries Public Opinion.

[0029] At the same time, the present invention avoids a downside, or problem, common to all known commercial identity certification solutions, which is the loss of anonymity. First, users are compelled or forced to share private information, such as images of identity documents, to private operators to store and monetize in some way. Second, anonymity is lost when user' s real-worldidentity is explicitly associated with their internet service account .

[0030] The loss of privacy by sharing images of documents with private operators, for example, goes against ideals of Privacy enshrined in Law in the EU (GDPR) , Brazil (LGPD) and California (CCPA) , for example .

[0031] The major novelties of the present invention are :

[0032] -A process that guarantees anonymity to social media users under normal circumstances while enabling unequivocal identity discovery under special circumstances .

[0033] -User' s identity isn' t known unless the two stakeholders, internet service operator / internet platform and State agent agree, namely in case of a legal order by a judicial authority. - Identity discovery happens through a mathematical mechanism that delivers the identification of a user when State side operator and internet service operator / internet platform both share their part of the Seed Key which is then mathematically rebuilt by a dedicated system.

[0034] - No identifiable personal data is ever stored anywhere in the system.

[0035] - Internet service operators don' t ever have access to the real identity of a user .

[0036] - Because it relies on official identification systems, non (human) citizens are excluded from obtaining an identity certification.

[0037] BRIEF DESCRIPTION OF THE DRAWINGS

[0038] The previous and other advantages and features will be more fully understood from the following detailed description of embodiments, with reference to the attached figures, which must be considered in an illustrative and non-limiting manner, in which:

[0039] Fig. 1 : Identity certification and user association process .

[0040] Fig. 2 : Identification Key generation workflow.

[0041] Fig. 3 : Key re-generation process and Identity discovery.Fig. 4 : Identity discovery process .

[0042] Fig. 5 : Shows an embodiment of the present invention to establish an indirect association between an Internet Platform' s user and a real-world identity.

[0043] Fig. 6 : Shows an embodiment of the present invention to discover of a real-world identity associated to a username (i . e . an account identifier) of a given Internet Platform.

[0044] DETAILED DESCRIPTION OF THE INVENTION AND OF PREFERRED EMBODIMENTS

[0045] The invention relates to a digital identity certification system and method, implemented as a Software as a Service (SaaS) platform, enabling the association of official identification to registered users, in particular for social network accounts .

[0046] In some embodiments, the proposed system is architected as a three-module system, designed to ensure privacy preservation, true anonymity, and conditional identity discovery under legally valid circumstances :

[0047] Authentication Module, which manages all aspect related to the real-world identity of the user

[0048] Cryptography Module, which processes the data to generate anonymized Identification and Encryption Keys, feed the Ledger Module and split and distribute Seed Key data .

[0049] Ledger Module, which stores the real-world Identification, or token of, relative to Identification Keys .

[0050] Fig. 1 illustrates an embodiment of an identity certification and total anonymization process using the three modules . In this embodiment, the System B is invoked from a Social Network A, not limitative, as any other internet plat f orm / internet service operator, or Gatekeeper could be used. The call can happen, typically, from an Identity section inside the user profile settings or configuration interface . The Citizen ID manager F (i . e . an Identity Authentication Authority / Service ) is invoked by the System B .Then, an Official Identity Number or an Official identity token (Official ID) is collected / obtained 3 for the user . The collection happens in a separate processing space from the internet platform, by using a dedicated webpage in an iframe to access an Identity Authentication Authority / Service, like the Portuguese Digital Mobile Key. Please note that the Official ID can exist in any legally acceptable form (Citizen ID Number, Driver' s License Number, Fiscal or Social Security Number...) , depending on the country of the user to be identified.

[0051] The Authentication Module 0 then invokes 4 the Cryptography Module D using the Profile User ID and the Official ID as parameters . Next, the Cryptography Module D gathers Seed data (see Fig. 2 ) , including a unique long alphanumeric string, and optionally, session data like timestamps, IP address of the browser where the request originates, and / or the Citizen and user IDs . The Seed Data or the string resulting from the combination of any of these elements is then hashed 7 (Figs . 2 ) , creating a Seed Key.

[0052] A function breaks the Seed Key in two or more parts : a Public Key 8 is delivered 5b for storage to the Social Network A, being recorded along with the user account identifier and / or data . A Secret Key 9 is delivered 5a to an Official Record Repository H, along with the Profile User ID.

[0053] An Identification Key is obtained by hashing the Seed Key. The Identification Key and the Official ID are sent as a pair 6 to the Ledger Module E . The Ledger Module E is the only part of the system where the Official ID is stored, openly or anonymized. When authentication and anonymization is processed, the Ledger Module E stores both the Identification Key and the Official ID as a pair . The Seed key is then irreversibly destroyed. This way, it is impossible to discover the Identification Key from any single piece of available information.

[0054] To discover the Official ID associated to an Internet Platform' s (e . g. : Social Network) user, both Public 11 and Secret 12 Keys must be used to rebuild the Seed Key, allowing the Identification Key to be recreated by hashing 13.With reference now to Fig. 5, therein another embodiment of the invention is shown. In this case the system is configured to perform a first function, referred to as "Username / ID Association", that establishes an indirect association between an Internet Platform' s user - i . e . a digital environment including, but not limited to, social networking services, messaging and communication applications, and systems configured for the storage, communications and management of user data, typically implemented via cloud-based architectures-, and a real-world identity .

[0055] In Fig. 6, the system is configured to perform a second function, referred to as "ID Discovery", which enables the discovery of a real-world identity associated to a username of a given Internet Platform.

[0056] The key feature in the disclosed process is that the Seed Key is irreversibly eliminated during the ID association phase, thereby precluding any subsequent discovery or correlation of identities based on residual or stored information.

[0057] Establishing an association between the user and identity, necessitates the execution of a cryptographic procedure, where the requisite information for such procedure is apportioned among at least two distinct entities, each of which must participate in the process . Furthermore, unauthorized access to participating entities does not enable a successful correlation or linkage between users and identities .

[0058] The disclosed processes apply repeatedly to each pair Internet plat f orm / user . A real-world person may have several different accounts on any Internet platform. Revealing the identity associated with one account doesn' t reveal that other accounts are associated with the same real-world person, even on the same Internet platform.

[0059] More specifically, as illustrated in the embodiment of Fig. 5, the system relies on a third-party identity curator, referred to as Citizen ID manager F, usually a State operated Identity Curator (e . g. Institute dos Registos e Notariado in Portugal) , to providea connection to a real-world Identity, referred to as RWID. Moreover, the process implies that a valid Internet platform user is identified, typically by a username 110. The process begins with the generation of seed data 501, created by concatenating user and session data, like user ID, IP and timestamp, or simply generating a random string, that is processed to become the Seed Key 502 for the process ahead.

[0060] Particularly, the invention comprises an Identification Key generated in such a way that it cannot be derived or recalculated from any pre-existing or residual information. First, the Identification Key 503 is generated by a process that includes hashing. The Identification Key is then passed 504 to the Ledger Module E that will store it 505, paired with an official ID (responsibility for identity management, including processes such as anonymization, resides exclusively with designated identity curators . These operations are outside the scope of the present disclosure, as they do not constitute any aspect of the claimed innovation) .

[0061] As a subproduct of the process, an Encryption Key is generated 506. The Encryption Key is sent 507 to the Internet platform A to be used to encrypt user information 508, like communication or storage .

[0062] After both Identification Key and Encryption Key are delivered and stored, the Seed Key that enables the computation of these two artifacts is processed. First the Seed Key is broken into two or more parts 509. Then, the resulting parts, Public and Secret Keys, are processed as follows :

[0063] One part, the Public Key, is sent 510 to the Internet platform A to be stored paired with the username 511.

[0064] One part, the Secret Key, is sent 512 to the Records Repository H to be stored paired with the username 513.

[0065] If the system, for extra security, is set to work with more third-party hosts besides the Records Repository H, one part of the Seed Key can be sent 514 to each one of such hosts .A key aspect comprises the execution of an irreversible destruction operation 515 of the Seed Key subsequent to completion of the foregoing processes . This operation is irreversible and makes the identity discovery mathematically impossible without the "ID discovery" Fig. 6 process described ahead. Without said discovery process the real-world identity (RW-ID) would be impossible to establish from the data available in any part of the system. The impossibility to discover RW-ID of Internet platform users, grants users Anonymity and Privacy.

[0066] Regarding the ID discovery function, as illustrated in the embodiment of Fig. 6, the system is designed to make the discovery process a collaborative one . The obj ective behind the workflow is to guarantee that no entity, either a State actor or Internet Platforms or even the Records Repository, can discover any identification or personal information related to Internet platform users without some process, usually a legal one . Following the Username / ID association, that distributed the seed information that is key to associating a user to a RW-ID, the discovery process is integral part of the innovation by providing a method to make a connection between the Internet platform user and the RW-ID. In this embodiment, the discovery process relies on the same agents as the Username / ID association, namely the Internet platform A, for example a Social Network, the Ledger Module E and the Records Repository H. The input data comprises a username 601 associated with an Internet platform A.

[0067] Upon completion of the discovery process, the system is configured to output two distinct artifacts : the associated Identification Key 610, which is configured to be converted by the Ledger Module E into a valid RW-ID 611 through execution of a deanonymization procedure; and the associated Encryption Key 613.

[0068] The discovery process is generally executed by a judicial authority or law enforcement agency, wherein third-party entities, such as Internet platforms, are queried pursuant to a judicial mandate that such entities are legally obligated to acknowledge and comply with. It is noted that the involvement of third-party entities inthe discovery process enables the preservation of anonymity protections . In contrast, direct access by State actors may present a potential risk to the privacy of law-abiding individuals .

[0069] The discovery component may be characterized as a collaborative procedure where an investigative agent submits an inquiry to the system by providing a Internet Platform' s username . The system propagates the request to entities maintaining the distributed parts of the Seed Key. Upon availability of such Seed Key, the corresponding Identification and Encryption Keys can be reconstructed through a cryptographic procedure .

[0070] Given an Internet platform username 601, a request 602 for the associated partial seed is sent by the system to the Internet Platform A and the Records Repository H.

[0071] If the Internet platform A complies with the request 603, it provides 604 the associated partial Seed Key (i . e . the Public Key) . The Records Repository H provides 605 its partial part of the Seed Key (i . e . the Secret Key) . If any third party is involved in the process as a guardian of part of the Seed Key, it can be also queried 606, the respective parts of the Seed Key are provided 607. After all parts of the seed are made available, the Seed Key is rebuilt 608 .

[0072] From the full Seed Key the Identification Key is recreated 609 and delivered 610 to the recipient entity through the Ledger Module E for final deanonymization and definitive RW-ID discovery 611. When applicable, the Encryption Key is generated 612 and delivered 613 allowing the decryption of a system or application.

[0073] The scope of the present invention is defined in the following set of claims .

[0074] Lisbon, 12thJanuary 2026

Claims

CLAIMS1 . A computer-implemented method for creating a revocably severed association between user accounts on an Internet platform and a certified real-world identity, the method comprising:obtaining, by an Authentication Module, an account identifier associated with a given Internet platform user and, an official identity identifier or token of a real-world person, provided by an Authentication Authority / Service ;invoking a Cryptography Module with the account identifier and the official identity identif ier / token as parameters, and generating, in the Cryptography Module, seed data comprising one string of data;creating a Seed Key by hashing the seed data with at least one hash function;splitting the Seed Key into at least two parts, and distributing the parts to at least two different entities, the latter storing each part in association with the account identifier;creating an Identification Key by hashing the Seed Key with at least one hash function;sending the Identification Key and the official identity identif ier / token to a Ledger Module for storage thereof as a pair; andirreversibly destroying the Seed Key;wherein, to recreate the Identification Key allowing the identification of a real-world identity corresponding to the account identifier, the Seed Key is reconstructed by rejoining the split parts, and the Identification Key is regenerated, enabling the conversion into the real-world identity by the Authentication Authority / Service .2 . The method of claim 1, wherein the string of data comprises an alphanumeric string.

3. The method according to any one of the preceding claims, wherein reconstruction of the Seed Key requires retrieval of all distributed parts .

4. The method according to any one of the preceding claims, further comprising generating an Encryption Key from the Identification Key and providing the Encryption Key to the Internet platform for encryption of user information.

5. The method according to any one of the preceding claims, wherein a part of the Seed Key comprises a Public Key that is sent to the Internet Platform and another part of the Seed Key comprises a Secret Key that is sent to a Records Repository.

6. The method according to any one of the preceding claims, wherein the official identity identifier / token is only stored in the Ledger Module .

7. The method according to any one of the preceding claims, wherein the official identity identif ier / token comprises an identifier selected from a citizen identity number, a driver' s license number, a fiscal identification number, a social security number, or another legally recognized identity identifier provided by the Authentication Authority.

8. The method according to any one of the preceding claims, wherein the seed data further comprises session-related data, including a timestamp, an IP address, and / or the user identifier .

9. A system for creating a revocably severed association between user accounts on an Internet platform and a certified real-world identity, the system being implemented as a Software as a Service platform and comprising:- an Authentication Module, configured to obtain an account identifier associated with a given Internet Platform user and anofficial identity identifier or token of a real-world person, provided by an Authentication Authority / Service ;- a Cryptography Module configured to :receive the account identifier and the official identity identifier or token as input parameters;generate seed data comprising one string of data;create a Seed Key by hashing the seed data with at least one hash function;split the Seed Key into at least two parts and distribute the parts to at least two different entities for storage in association with the account identifier;create an Identification Key by hashing the Seed Key with at least one hash function;send the Identification Key and the official identity identifier or token to a Ledger Module, andirreversibly destroy the Seed Key after distribution; and - a Ledger Module, configured to store the Identification Key together with the official identity identifier or token as a pair; wherein the system is configured such that, to recreate a real-world identity corresponding to the account identifier, the Seed Key is reassembled from the distributed parts , thus enabling the recreation of the Identification Key, which in turn leads to the discovery of the real-world identity by the Authentication Authority / Service .

10. The system of claim 9, wherein the Cryptography Module is further configured to generate an Encryption Key from the Identification Key and to provide the Encryption Key to the Internet platform for encryption of user information.Lisbon, 12thJanuary 2026