US20100043064A1 - Method and system for protecting sensitive information and preventing unauthorized use of identity information - Google Patents

Method and system for protecting sensitive information and preventing unauthorized use of identity information Download PDF

Info

Publication number
US20100043064A1
US20100043064A1 US12/587,810 US58781009A US2010043064A1 US 20100043064 A1 US20100043064 A1 US 20100043064A1 US 58781009 A US58781009 A US 58781009A US 2010043064 A1 US2010043064 A1 US 2010043064A1
Authority
US
United States
Prior art keywords
information
virtual
processing entity
identifier
recited
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Abandoned
Application number
US12/587,810
Inventor
Lingyan Shu
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Individual
Original Assignee
Individual
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Individual filed Critical Individual
Priority to US12/587,810 priority Critical patent/US20100043064A1/en
Publication of US20100043064A1 publication Critical patent/US20100043064A1/en
Abandoned legal-status Critical Current

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/30Payment architectures, schemes or protocols characterised by the use of specific devices or networks
    • G06Q20/34Payment architectures, schemes or protocols characterised by the use of specific devices or networks using cards, e.g. integrated circuit [IC] cards or magnetic cards
    • G06Q20/351Virtual cards
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/08Payment architectures
    • G06Q20/20Point-of-sale [POS] network systems
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/382Payment protocols; Details thereof insuring higher security of transaction
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q30/00Commerce
    • G06Q30/02Marketing; Price estimation or determination; Fundraising

Definitions

  • This invention relates generally to methods and systems for protecting sensitive information, particularly identity information from being disclosed, collected, mismanaged, or misused during transactions that involve multiple parties.
  • a central database is used to store the two parties' identities and data, as well as the rules for releasing the data.
  • the two parties could get each other's information without having to disclose its own identity.
  • This prior art is for establishing anonymous communications between only two parties and requires that the data and/or information sources related to both parties be centralized.
  • U.S. Pat. No. 6,029,890 a user-specified credit card system is described.
  • a central bank control system is used to transmit a user's request for a one-time credit card number to a credit provider and transmit back a one-time credit card number from the credit provider after the request is validated by the credit provider.
  • This prior art would achieve the object of not giving out a static credit card number to the vendors.
  • it requires a fairly large amount of changes to the current financial networks, including credit card approval and ATM networks to implement the central bank control system in this prior art. It also requires changes to each credit provider's business processes at a low level which is more difficult than making changes at a higher level. Therefore, it is costly and not easy to implement this prior art.
  • U.S. Pat. No. 5,890,137 a method of credit card payment settlement in an on-line shopping system is described.
  • a service center sends order data including the credit card information via a settlement network.
  • the approval center pays the price to the service center.
  • service center sends the order information to the shopping system.
  • the credit card information is not transmitted in public networks, such as the Internet.
  • This prior art too requires a large amount of changes to the existing business processes.
  • An embodiment of the present invention provides a method and system for protecting sensitive information, more particularly identity information during multi-party transaction processes.
  • This method prevents sensitive information from being disclosed to certain parties, especially the parties whose credibility is uncertain.
  • This method provides a way to prevent sensitive information from being collected illegally or being collected and used without authorization.
  • An entity called processing entity creates virtual identifiers for an information holder whose sensitive information is involved in the process.
  • a virtual identifier identifies an information holder and is usually temporary and has validity attributes. It usually maps to a static identity of the information holder.
  • the processing entity stores the information about the virtual identifiers. Usually, the virtual identifiers are issued to the information holder. The information holder uses a virtual identifier when interacting with third parties.
  • the third parties also use the virtual identifiers when interacting with other parties concerning the information holder.
  • a system comprises a processing entity which creates and processes virtual identifiers, a data management system for storing and retrieving data, and a communication component which includes the different interfaces for the communications between different parties.
  • This method eliminates the necessity of disclosing sensitive information, particularly identity information, to parties whose credibility is uncertain. Furthermore, this method greatly reduces the needs of using one's static identity information in the processes that are prone to eavesdropping and interception, such as Internet transactions, telephone transactions and mail transactions.
  • This method allows for one-time or multiple-time identification, therefore the virtual identifiers can serve the different functions the static identifiers serve currently and effectively protects the information holder from identity collection attacks and identity theft attacks. Yet, this method is easy to implement and does not require fundamental changes to the current business processes.
  • FIG. 1 is a block diagram illustrating the steps of the first embodiment described in the DETAILED DESCRIPTION
  • FIG. 2 is a block diagram illustrating an embodiment of the present invention
  • FIG. 3 is a block diagram illustrating an embodiment of the present invention.
  • FIG. 4 is a flow diagram illustrating an embodiment of the present invention.
  • FIG. 5 is a flow diagram illustrating an embodiment of the present invention.
  • FIG. 6 is a flow diagram illustrating an embodiment of the present invention in which a virtual identifier and another corresponding identifier are displayed in or on a medium;
  • FIG. 7 is a flow diagram illustrating an embodiment of the present invention in which a virtual identifier is a virtual account number and its corresponding identifier is a check number;
  • FIG. 8 is a flow diagram illustrating an embodiment of the present invention in which a virtual identifier is a virtual credit card number
  • FIG. 9 is a flow diagram illustrating an embodiment of the present invention in which a virtual identifier is a virtual social security number
  • FIG. 10 is a block diagram illustrating the components of an embodiment of the present invention.
  • Information destination entity that has to use the information directly to serve its function.
  • Information holder entity whose sensitive information is needed in the processes that involve multiple parties.
  • Information source entity that has sensitive information of an information holder.
  • An information destination and an information source can reside in the same entity.
  • Virtual identifier comprises information that identifies an information holder.
  • a virtual identifier usually corresponds to a static identity of an information holder. It is usually valid for a stated period of time for each of its specified functions. It can be valid for a one-time use or for multiple-time uses.
  • a possible virtual identifier string comprises a field that identifies the information holder, a field that indicates an information source and a field of a randomly generated string.
  • Processing entity entity that creates, manages and processes virtual identifiers.
  • a processing entity can reside in the same system as an information source and/or an information-destination.
  • a processing entity usually resides in a server computer system.
  • FIG. 1 is a block diagram illustrating the general steps of an embodiment of this invention.
  • a processing entity creates virtual identifiers for an information holder.
  • the processing entity links the virtual identifiers to the static information of the information holder, through a data management mechanism such as database tables.
  • the processing entity links other related information, such as the validity attributes of a virtual identifier, to the virtual identifier, usually through a data management mechanism or through adding the validity attributes to the virtual identifier string.
  • Virtual identifiers are used when the information holder deals with third parties, particularly non-information-destination entities. The third parties use the virtual identifiers when dealing with each other concerning the information holder.
  • virtual identifiers are mapped to the static information through a data management technique, such as a database query.
  • Static sensitive information particularly static identity information is not circulated in the process. Consequently, the static information is protected against collection and fraud.
  • a variant of this embodiment is to add the following step:
  • FIG. 2 illustrates this variation.
  • FIG. 3 the step of verifying the virtual identifiers after they are submitted to the processing entity is added.
  • FIG. 4 is a flowchart illustrating the general steps of an embodiment.
  • An information holder registers with a processing entity.
  • the processing entity stores the information in a computer system using data management mechanisms such as database systems.
  • the information can be encrypted by the processing entity before being stored.
  • each time when the information holder needs a virtual identifier he/she/it contacts the processing entity through a device that is connected to a network, a telephone or mail.
  • the processing entity authenticates the user (user is used interchangeably with information holder through out the Specification) through an authentication protocol, such as a user id and password pair. If the authentication is successful, the user is prompted to input the validity terms as the validity attributes for the virtual identifier.
  • the user can specify that the virtual identifier is valid for only one-time use within the current week.
  • the processing entity then creates a virtual identifier that can uniquely identify the user.
  • the processing entity links the virtual identifier to the static identity information through data management mechanisms such as database systems.
  • the processing entity issues the virtual identifier to a third party specified by the user or to the user. In the latter case, the user can then give this virtual identifier to a non-information-destination entity in a process. Then the non-information-destination gets in touch with the processing entity and requests for service.
  • the non-information-destination gives the virtual identifier to the processing entity.
  • the processing entity maps the virtual identifier to the static identity information.
  • the processing entity verifies, based on the validity information, if the virtual identifier is valid. If it is valid, the processing entity processes the request, which may mean using the static identity information to contact an information source to get information. Then the non-information-destination is given the result. Depending on how the virtual identifier's validity was specified, the processing entity changes the status of the virtual identifier after each use of it.
  • FIG. 5 is a flowchart of another embodiment of this invention.
  • the non-information-destination entity gives the virtual identifier to an information destination. Then the information destination and the processing entity get in touch with each other.
  • the processing entity maps the virtual identifier to the static identity and verifies if the virtual identifier is valid. If it is valid, then the processing entity processes for the information destination, which could include using the static identity information to get information from an information source.
  • the processing entity and the information source could reside in the same computer system.
  • FIG. 6 is a flowchart of another embodiment of this invention. It is a method of preventing forgery.
  • a processing entity creates virtual identifiers and another corresponding identifier for each virtual identifier and links them to the static identity information using data management mechanisms such as a database system.
  • Validity attributes for the virtual identifier are also linked to the static information.
  • Each virtual identifier contains a part that is randomly generated by a random number generation function or procedure.
  • the virtual identifiers, their corresponding other identifiers and the validity attributes are stored in a database system. Then the virtual identifiers and their corresponding other identifiers are displayed in or on a medium. Each such medium uses a different virtual identifier.
  • the virtual identifier and the corresponding other identifier are collected by the processing entity.
  • the processing entity maps the virtual identifier to the static identity information and verifies if the virtual identifier matches the corresponding identifier based on the stored information. It also verifies if the virtual identifier is valid based on the validity terms of the virtual identifier. If it is valid, a validity confirmation is sent to the requesting party. If it is invalid, an invalidity acknowledgement is sent to the requesting party.
  • FIG. 7 is a flowchart of another embodiment of this invention. It is a method of protecting account numbers against collection and fraud when checks are used.
  • the account holder requests for checks through a network connected communication device, e.g. a client computer that has Internet access, a telephone, mail service or in person.
  • a processing entity creates virtual account numbers and links them to the static account number using data management mechanisms such as a database system.
  • the default validity term for the virtual account numbers could be that each virtual account number is valid for one time for cashing and for the time periods specified by the financial institute for tracking, direct-deposit, automatic-drafting, etc.
  • Each virtual account number contains a part that is randomly generated by a random number generation function or procedure.
  • the virtual account numbers, their corresponding check numbers and the validity terms are stored in a database system. Then the virtual account numbers and their corresponding check numbers are printed on checks. Each check uses a different virtual account number. Then the checks are issued to the account holder. The account holder uses the checks the way it is done now. In each use, the virtual account number and the corresponding check number of a written check are collected by the processing entity. The processing entity maps the virtual account number to the static account number and verifies if the virtual account number matches the check number based on the stored information. It also verifies if the virtual account number is valid based on the validity terms of the virtual account number. If it is valid, a validity confirmation is sent to the requesting party.
  • a variation of this method is to include the static account number in a virtual account number.
  • the static account number is not protected from being disclosed. However, it prevents forged checks from being cashed.
  • FIG. 8 is a flowchart illustrating this method.
  • a credit card holder registers with a processing entity. This is done through a device connected to an electronic network, a telecommunication device, such as a telephone, or mail.
  • the processing entity stores the information securely in a database system.
  • a user id and password are created during registration.
  • the credit card holder can then contact the processing entity through a device connected to a network, or a telecommunication device, to get virtual credit card numbers.
  • an authentication procedure i.e. verifying the user's id and password
  • the processing entity prompts the user to specify the validity terms of the virtual card number.
  • the processing entity then creates a virtual credit card number and links it to the static credit card number, and then issues the virtual card number to the user.
  • the credit card holder can then use the virtual credit card number when dealing with a goods or services provider.
  • the provider submits the transaction with the virtual card number to the processing entity.
  • the processing entity maps the virtual credit card number to the static credit card number through a database system and checks the validity of the virtual credit card number that is being submitted. If the virtual card number is valid, the processing entity attaches the static credit card information to the transaction and submits the transaction to the credit card approval network or credit card issuer.
  • the processing entity gets the approval result and passes it to the goods or services provider. A credit card refund can be processed in the same way.
  • the services or goods provider submits the refund transaction with the virtual card number to the processing entity. If the processing entity determines that this is a refund and the virtual card number is valid for tracking, it attaches the static credit card number to the transaction and submits the transaction to the credit card approval network or credit card issuer. The processing entity then passes the confirmation result to the provider.
  • a virtual credit card number can be valid for only one day and only for one purchasing, but it can be valid for tracking or automatic billing, etc. for a much longer term, such as three years or longer.
  • FIG. 9 illustrates this method.
  • a social security number holder requests for a virtual social security number from a processing entity through a device connected to a network or a telephone.
  • the processing entity prompts the user to select validity terms and creates a virtual social security number.
  • the processing entity links the virtual social security number to the static social security number along with the validity terms.
  • the processing entity then issues the virtual social security number to the user.
  • the user uses the virtual social security number when dealing with third parties, particularly non-information-destination entities. When a third party needs to get information about the social security number holder, the third party submits the virtual social security number to the processing entity.
  • the processing entity maps the virtual social security number to the static social security number through a database system and determines the validity of the virtual social security number. If it is valid, the processing entity gets the results and passes them to the third party.
  • a third party can report to an information source through a processing entity using a virtual social security number.
  • the processing entity maps the virtual social security number to the static social security number, attaches the static social security number to the report, and then passes it to the information source through a network connection. Or the third party could report to an information source directly with the virtual social security number. The information source then could get the static social security number through the processing entity.
  • FIG. 10 illustrates the components of an embodiment of this invention.
  • the processing entity which usually resides in a server computer system is the main component.
  • the processing entity creates, manages and processes virtual identifiers. Through the different communication interface components, the processing entity communicates with information holders, information sources, information destinations and non-information-destinations.
  • the data management component links, stores and retrieves data and information.
  • an information holder When registering through a computer network, such as Internet, or a telephone, an information holder is prompted to create or given a user id. Then based on the authentication protocol used by the processing entity, the information holder needs at least another element for an authenticated hand-shake with the processing entity when requesting for virtual identifiers in the future. For example, if the authentication protocol uses a user id and password pair to verify a user, the information holder needs a password. If the authentication procedure uses cryptographic techniques, the information holder needs encryption/decryption keys. In this Specification, we use the user id and password pair scheme. After successfully getting the user id and password, the information holder provides his/her/its static information to the processing entity.
  • a computer network such as Internet
  • a telephone When registering through a computer network, such as Internet, or a telephone, an information holder is prompted to create or given a user id. Then based on the authentication protocol used by the processing entity, the information
  • a secure communication link is used in the registration.
  • the processing entity securely stores the information.
  • the user fills out the form with static information and then mails the form to the processing entity.
  • the processing entity creates a user id and an initial password for the user.
  • An information holder gets in touch with a processing entity through a networked device, such as a computer, a telephone or mail.
  • a networked device such as a computer, a telephone or mail.
  • the information holder is prompted to give input on the validity terms of the virtual identifier, e.g. the time period in which the virtual identifier can be used to get information, and how many times the virtual identifier can be used to get information from an information source or a processing entity.
  • the processing entity can also allow the user to select a default validity setting.
  • the processing entity stores the input and creates a virtual identifier for the information holder.
  • the processing entity can issue the virtual identifier to the information holder or give it directly to a specified third party.
  • An example of a virtual identifier is a string that comprises the information holder's user id, the code name of the information source, e.g. a credit card issuing company's code name.
  • the processing entity could also create a random string using a random number generator algorithm and appends it to the first string and makes sure that the final string is not a string that is already being used by the information holder.
  • the processing entity then links the virtual identifier to the static information, such as a credit card number.
  • the processing entity also links the validity attributes which specify the time period during which the identifier is valid, how many times the identifier can be used to get information and other constraints to the identifier.
  • the validity attributes could also be included in the virtual identifier string.
  • the links could be established through database tables.
  • a time period is specified for an identifier during which the identifier can be used by different entities, such as a non-information-destination to give input, such as reporting a no payment from the information holder, to the information source, and to conduct tracking, auto-drafting or auto-billing.
  • An information holder discloses a virtual identifier to third parties during the processes where the information holder's sensitive information is involved.
  • a non-information-destination entity passes the virtual identifier along with other information to the processing entity, an information-destination entity or a non-information-destination entity.
  • a processing entity processes transactions that contain virtual identifiers.
  • a processing entity determines the purpose of a transaction request, such as getting information, giving input to an information source, tracking, automatic drafting or automatic billing. It maps a virtual identifier to the static identity information through a data management mechanism, such as a database system. It checks if a virtual identifier is valid for the type of the request. If it is valid for getting information, the processing entity gets the requested information and transfers it to the entity that needs the information. If it is valid for reporting to the information source, the processing entity sends the report data to the information source.
  • Communications between different entities are done through devices connected to networks including private networks and public networks such as the Internet, telephones and mail services.
  • Virtual private network techniques and wireless devices can be used.
  • Cryptographic techniques and secure links could be used for secure communication.

Abstract

This invention features a method and system for protecting sensitive information and preventing the unauthorized use of identity information by third parties. Virtual identifiers that identify an information holder whose sensitive information is involved in the process, are dynamically created by an entity called processing entity. The virtual identifiers are usually linked to a static identity of the information holder through a data management mechanism, such as a database system. A virtual identifier could serve for multiple functions. Usually, validity attributes that indicate when and for how long a virtual identifier is valid for the different functions, are associated with the virtual identifier. When the information holder interacts with a third party in a process that involves the information holder's sensitive information, the information holder uses virtual identifiers. Then, through a device connected to a network including wireless devices, telephone or a mail service, the party either passes along the virtual identifiers to other parties or submits requests along with the virtual identifiers to the processing entity which could map the virtual identifiers to the static identity information and uses the static information to realize the requests.

Description

    CROSS-REFERENCE TO RELATED APPLICATION
  • This application is a continuation of a prior application entitled “Method And System For Protecting Sensitive Information And Preventing Unauthorized Use Of Identity Information”, which was assigned Ser. No. 10/653,846 and filed 2003 Sep. 2, now U.S. Pat. No. 7,603,320 and which claims the benefit of a provisional patent application Ser. No. 60/407,540, filed 2002 Aug. 31.
    • FIELD OF THE INVENTION
  • This invention relates generally to methods and systems for protecting sensitive information, particularly identity information from being disclosed, collected, mismanaged, or misused during transactions that involve multiple parties.
    • BACKGROUND OF THE INVENTION
  • Currently, the extensive and unprotected use of one's identity information makes it very hard to prevent such identity information from being collected, misused or mismanaged. For example, people are required to disclose their social security numbers and dates of birth to landlords when applying for renting a property, to disclose the same information to loan officers when applying for loans, to disclose the information to service representatives when applying for cellular phone services, etc. One needs to disclose his/her credit card information to the person on the other end of the telephone line when making a hotel reservation or when reserving a rental boat. When shopping on-line or off-line with credit cards, credit card numbers along with other personal information need to be disclosed. People have no control over how the disclosed information will be managed and used. Even worse, people are vulnerable to information collection attacks. People are sent credit card application invitations with good offers. All they need to do to apply for a credit card is to fill in their social security numbers, dates of birth and other personal information. Yet, these invitations may come from an entity that is trying to collect personal information. Because of the unprotected and extensive use of identity information, identity theft has become a serious problem that can affect anyone. Another problem with the extensive use of sensitive information is that people can lose privacy without even knowing it. Vendors can collect an individual's shopping lists and use them to get other information about the individual. Also, the more one uses his/her sensitive information over the transmission media, the more susceptible the information is to being intercepted and collected. In U.S. Pat. No. 5,884,272, a method and system for establishing anonymous communications between two parties are described. In this prior art, a central database is used to store the two parties' identities and data, as well as the rules for releasing the data. The two parties could get each other's information without having to disclose its own identity. This prior art is for establishing anonymous communications between only two parties and requires that the data and/or information sources related to both parties be centralized.
  • In U.S. Pat. No. 6,029,890, a user-specified credit card system is described. In this prior art, a central bank control system is used to transmit a user's request for a one-time credit card number to a credit provider and transmit back a one-time credit card number from the credit provider after the request is validated by the credit provider. This prior art would achieve the object of not giving out a static credit card number to the vendors. However, it requires a fairly large amount of changes to the current financial networks, including credit card approval and ATM networks to implement the central bank control system in this prior art. It also requires changes to each credit provider's business processes at a low level which is more difficult than making changes at a higher level. Therefore, it is costly and not easy to implement this prior art. In another prior art, U.S. Pat. No. 5,890,137, a method of credit card payment settlement in an on-line shopping system is described. In this method, a service center sends order data including the credit card information via a settlement network. The approval center pays the price to the service center. Then, service center sends the order information to the shopping system. This way the credit card information is not transmitted in public networks, such as the Internet. This prior art too, requires a large amount of changes to the existing business processes.
    • OBJECTS OF THE INVENTION
  • It is an object of the present invention to obviate the disadvantages of the prior art; It is an object of the present invention to provide a method and system for preventing sensitive information from being disclosed to certain parties, especially the parties whose credibility is uncertain, during transaction processes that involve multiple parties; It is an object of the present invention to provide a method and system for preventing unauthorized use of ones identity information by a third party; It is a further object to make it easy and cost-effective for the current business processes to adapt to the present invention.
    • SUMMARY OF THE INVENTION
  • An embodiment of the present invention provides a method and system for protecting sensitive information, more particularly identity information during multi-party transaction processes. This method prevents sensitive information from being disclosed to certain parties, especially the parties whose credibility is uncertain. This method provides a way to prevent sensitive information from being collected illegally or being collected and used without authorization. An entity called processing entity creates virtual identifiers for an information holder whose sensitive information is involved in the process. A virtual identifier identifies an information holder and is usually temporary and has validity attributes. It usually maps to a static identity of the information holder. The processing entity stores the information about the virtual identifiers. Usually, the virtual identifiers are issued to the information holder. The information holder uses a virtual identifier when interacting with third parties. The third parties also use the virtual identifiers when interacting with other parties concerning the information holder. Such a system comprises a processing entity which creates and processes virtual identifiers, a data management system for storing and retrieving data, and a communication component which includes the different interfaces for the communications between different parties.
  • This method eliminates the necessity of disclosing sensitive information, particularly identity information, to parties whose credibility is uncertain. Furthermore, this method greatly reduces the needs of using one's static identity information in the processes that are prone to eavesdropping and interception, such as Internet transactions, telephone transactions and mail transactions. This method allows for one-time or multiple-time identification, therefore the virtual identifiers can serve the different functions the static identifiers serve currently and effectively protects the information holder from identity collection attacks and identity theft attacks. Yet, this method is easy to implement and does not require fundamental changes to the current business processes.
    • BRIEF DESCRIPTION OF THE DRAWINGS
  • FIG. 1 is a block diagram illustrating the steps of the first embodiment described in the DETAILED DESCRIPTION;
  • FIG. 2 is a block diagram illustrating an embodiment of the present invention;
  • FIG. 3 is a block diagram illustrating an embodiment of the present invention;
  • FIG. 4 is a flow diagram illustrating an embodiment of the present invention;
  • FIG. 5 is a flow diagram illustrating an embodiment of the present invention;
  • FIG. 6 is a flow diagram illustrating an embodiment of the present invention in which a virtual identifier and another corresponding identifier are displayed in or on a medium;
  • FIG. 7 is a flow diagram illustrating an embodiment of the present invention in which a virtual identifier is a virtual account number and its corresponding identifier is a check number;
  • FIG. 8 is a flow diagram illustrating an embodiment of the present invention in which a virtual identifier is a virtual credit card number;
  • FIG. 9 is a flow diagram illustrating an embodiment of the present invention in which a virtual identifier is a virtual social security number;
  • FIG. 10 is a block diagram illustrating the components of an embodiment of the present invention.
    •  DETAILED DESCRIPTION OF THE INVENTION
  • The following terms are used in the description of this invention.
  • Information destination—entity that has to use the information directly to serve its function.
  • Non-information-destination—entity that uses the information indirectly to serve its function.
  • Information holder—entity whose sensitive information is needed in the processes that involve multiple parties.
  • Information source—entity that has sensitive information of an information holder. An information destination and an information source can reside in the same entity.
  • Virtual identifier—A virtual identifier comprises information that identifies an information holder. A virtual identifier usually corresponds to a static identity of an information holder. It is usually valid for a stated period of time for each of its specified functions. It can be valid for a one-time use or for multiple-time uses. A possible virtual identifier string comprises a field that identifies the information holder, a field that indicates an information source and a field of a randomly generated string.
  • Processing entity—entity that creates, manages and processes virtual identifiers. A processing entity can reside in the same system as an information source and/or an information-destination. A processing entity usually resides in a server computer system.
  • Where indicated, these terms are used interchangeably with some other terms through out the Specification.
  • FIG. 1 is a block diagram illustrating the general steps of an embodiment of this invention. A processing entity creates virtual identifiers for an information holder. The processing entity links the virtual identifiers to the static information of the information holder, through a data management mechanism such as database tables. The processing entity links other related information, such as the validity attributes of a virtual identifier, to the virtual identifier, usually through a data management mechanism or through adding the validity attributes to the virtual identifier string. Virtual identifiers are used when the information holder deals with third parties, particularly non-information-destination entities. The third parties use the virtual identifiers when dealing with each other concerning the information holder. At certain point of the process, virtual identifiers are mapped to the static information through a data management technique, such as a database query. Static sensitive information, particularly static identity information is not circulated in the process. Consequently, the static information is protected against collection and fraud. A variant of this embodiment is to add the following step:
      • a) Update the virtual identifier's validity attributes. For example, marking the virtual identifier as invalid.
  • FIG. 2 illustrates this variation. In FIG. 3, the step of verifying the virtual identifiers after they are submitted to the processing entity is added.
  • FIG. 4 is a flowchart illustrating the general steps of an embodiment. An information holder registers with a processing entity. The processing entity stores the information in a computer system using data management mechanisms such as database systems. For security purpose, the information can be encrypted by the processing entity before being stored. Then each time when the information holder needs a virtual identifier, he/she/it contacts the processing entity through a device that is connected to a network, a telephone or mail. The processing entity authenticates the user (user is used interchangeably with information holder through out the Specification) through an authentication protocol, such as a user id and password pair. If the authentication is successful, the user is prompted to input the validity terms as the validity attributes for the virtual identifier. For example, the user can specify that the virtual identifier is valid for only one-time use within the current week. The processing entity then creates a virtual identifier that can uniquely identify the user. The processing entity links the virtual identifier to the static identity information through data management mechanisms such as database systems. The processing entity issues the virtual identifier to a third party specified by the user or to the user. In the latter case, the user can then give this virtual identifier to a non-information-destination entity in a process. Then the non-information-destination gets in touch with the processing entity and requests for service. The non-information-destination gives the virtual identifier to the processing entity. The processing entity maps the virtual identifier to the static identity information. The processing entity verifies, based on the validity information, if the virtual identifier is valid. If it is valid, the processing entity processes the request, which may mean using the static identity information to contact an information source to get information. Then the non-information-destination is given the result. Depending on how the virtual identifier's validity was specified, the processing entity changes the status of the virtual identifier after each use of it.
  • FIG. 5 is a flowchart of another embodiment of this invention. In this embodiment, the non-information-destination entity gives the virtual identifier to an information destination. Then the information destination and the processing entity get in touch with each other. The processing entity maps the virtual identifier to the static identity and verifies if the virtual identifier is valid. If it is valid, then the processing entity processes for the information destination, which could include using the static identity information to get information from an information source. The processing entity and the information source could reside in the same computer system.
  • FIG. 6 is a flowchart of another embodiment of this invention. It is a method of preventing forgery. A processing entity creates virtual identifiers and another corresponding identifier for each virtual identifier and links them to the static identity information using data management mechanisms such as a database system. Validity attributes for the virtual identifier are also linked to the static information. Each virtual identifier contains a part that is randomly generated by a random number generation function or procedure. The virtual identifiers, their corresponding other identifiers and the validity attributes are stored in a database system. Then the virtual identifiers and their corresponding other identifiers are displayed in or on a medium. Each such medium uses a different virtual identifier. In each use of a medium, the virtual identifier and the corresponding other identifier are collected by the processing entity. The processing entity maps the virtual identifier to the static identity information and verifies if the virtual identifier matches the corresponding identifier based on the stored information. It also verifies if the virtual identifier is valid based on the validity terms of the virtual identifier. If it is valid, a validity confirmation is sent to the requesting party. If it is invalid, an invalidity acknowledgement is sent to the requesting party.
  • FIG. 7 is a flowchart of another embodiment of this invention. It is a method of protecting account numbers against collection and fraud when checks are used. The account holder requests for checks through a network connected communication device, e.g. a client computer that has Internet access, a telephone, mail service or in person. A processing entity creates virtual account numbers and links them to the static account number using data management mechanisms such as a database system. The default validity term for the virtual account numbers could be that each virtual account number is valid for one time for cashing and for the time periods specified by the financial institute for tracking, direct-deposit, automatic-drafting, etc. Each virtual account number contains a part that is randomly generated by a random number generation function or procedure. The virtual account numbers, their corresponding check numbers and the validity terms are stored in a database system. Then the virtual account numbers and their corresponding check numbers are printed on checks. Each check uses a different virtual account number. Then the checks are issued to the account holder. The account holder uses the checks the way it is done now. In each use, the virtual account number and the corresponding check number of a written check are collected by the processing entity. The processing entity maps the virtual account number to the static account number and verifies if the virtual account number matches the check number based on the stored information. It also verifies if the virtual account number is valid based on the validity terms of the virtual account number. If it is valid, a validity confirmation is sent to the requesting party. If it is invalid, an invalidity acknowledgement is sent to the requesting party. A variation of this method is to include the static account number in a virtual account number. In this method, the static account number is not protected from being disclosed. However, it prevents forged checks from being cashed.
  • The following embodiment of this invention is a method of protecting credit card numbers. FIG. 8 is a flowchart illustrating this method. A credit card holder registers with a processing entity. This is done through a device connected to an electronic network, a telecommunication device, such as a telephone, or mail. The processing entity stores the information securely in a database system. A user id and password are created during registration. The credit card holder can then contact the processing entity through a device connected to a network, or a telecommunication device, to get virtual credit card numbers. After an authentication procedure, i.e. verifying the user's id and password, the processing entity prompts the user to specify the validity terms of the virtual card number. The processing entity then creates a virtual credit card number and links it to the static credit card number, and then issues the virtual card number to the user. The credit card holder can then use the virtual credit card number when dealing with a goods or services provider. The provider submits the transaction with the virtual card number to the processing entity. The processing entity maps the virtual credit card number to the static credit card number through a database system and checks the validity of the virtual credit card number that is being submitted. If the virtual card number is valid, the processing entity attaches the static credit card information to the transaction and submits the transaction to the credit card approval network or credit card issuer. The processing entity gets the approval result and passes it to the goods or services provider. A credit card refund can be processed in the same way. The services or goods provider submits the refund transaction with the virtual card number to the processing entity. If the processing entity determines that this is a refund and the virtual card number is valid for tracking, it attaches the static credit card number to the transaction and submits the transaction to the credit card approval network or credit card issuer. The processing entity then passes the confirmation result to the provider. A virtual credit card number can be valid for only one day and only for one purchasing, but it can be valid for tracking or automatic billing, etc. for a much longer term, such as three years or longer.
  • Another embodiment of this invention is a method of protecting social security numbers. FIG. 9 illustrates this method. In this method, a social security number holder requests for a virtual social security number from a processing entity through a device connected to a network or a telephone. The processing entity prompts the user to select validity terms and creates a virtual social security number. The processing entity links the virtual social security number to the static social security number along with the validity terms. The processing entity then issues the virtual social security number to the user. The user uses the virtual social security number when dealing with third parties, particularly non-information-destination entities. When a third party needs to get information about the social security number holder, the third party submits the virtual social security number to the processing entity. The processing entity maps the virtual social security number to the static social security number through a database system and determines the validity of the virtual social security number. If it is valid, the processing entity gets the results and passes them to the third party. On the other hand, a third party can report to an information source through a processing entity using a virtual social security number. The processing entity maps the virtual social security number to the static social security number, attaches the static social security number to the report, and then passes it to the information source through a network connection. Or the third party could report to an information source directly with the virtual social security number. The information source then could get the static social security number through the processing entity.
  • FIG. 10 illustrates the components of an embodiment of this invention. The processing entity which usually resides in a server computer system is the main component. The processing entity creates, manages and processes virtual identifiers. Through the different communication interface components, the processing entity communicates with information holders, information sources, information destinations and non-information-destinations. The data management component links, stores and retrieves data and information.
  • Many embodiments of this invention comprise all or some of the following processes.
    • Registration Process:
  • When registering through a computer network, such as Internet, or a telephone, an information holder is prompted to create or given a user id. Then based on the authentication protocol used by the processing entity, the information holder needs at least another element for an authenticated hand-shake with the processing entity when requesting for virtual identifiers in the future. For example, if the authentication protocol uses a user id and password pair to verify a user, the information holder needs a password. If the authentication procedure uses cryptographic techniques, the information holder needs encryption/decryption keys. In this Specification, we use the user id and password pair scheme. After successfully getting the user id and password, the information holder provides his/her/its static information to the processing entity. For a higher security requirement, a secure communication link is used in the registration. The processing entity securely stores the information. When registering through a mail service, the user fills out the form with static information and then mails the form to the processing entity. The processing entity creates a user id and an initial password for the user.
    • Request for Virtual Identifier Process:
  • An information holder gets in touch with a processing entity through a networked device, such as a computer, a telephone or mail. When using a computer or telephone, the information holder is prompted to give input on the validity terms of the virtual identifier, e.g. the time period in which the virtual identifier can be used to get information, and how many times the virtual identifier can be used to get information from an information source or a processing entity. The processing entity can also allow the user to select a default validity setting. The processing entity stores the input and creates a virtual identifier for the information holder. The processing entity can issue the virtual identifier to the information holder or give it directly to a specified third party.
    • Virtual Identifier Creation Process:
  • An example of a virtual identifier is a string that comprises the information holder's user id, the code name of the information source, e.g. a credit card issuing company's code name. The processing entity could also create a random string using a random number generator algorithm and appends it to the first string and makes sure that the final string is not a string that is already being used by the information holder. The processing entity then links the virtual identifier to the static information, such as a credit card number. The processing entity also links the validity attributes which specify the time period during which the identifier is valid, how many times the identifier can be used to get information and other constraints to the identifier. The validity attributes could also be included in the virtual identifier string. The links could be established through database tables. Also a time period is specified for an identifier during which the identifier can be used by different entities, such as a non-information-destination to give input, such as reporting a no payment from the information holder, to the information source, and to conduct tracking, auto-drafting or auto-billing.
    • Using a Virtual Identifier by an Information Holder:
  • An information holder discloses a virtual identifier to third parties during the processes where the information holder's sensitive information is involved.
    • Using a Virtual Identifier by a Non-Information-Destination Entity:
  • A non-information-destination entity passes the virtual identifier along with other information to the processing entity, an information-destination entity or a non-information-destination entity.
    • Processing a Virtual Identifier by a Processing Entity:
  • A processing entity processes transactions that contain virtual identifiers. A processing entity determines the purpose of a transaction request, such as getting information, giving input to an information source, tracking, automatic drafting or automatic billing. It maps a virtual identifier to the static identity information through a data management mechanism, such as a database system. It checks if a virtual identifier is valid for the type of the request. If it is valid for getting information, the processing entity gets the requested information and transfers it to the entity that needs the information. If it is valid for reporting to the information source, the processing entity sends the report data to the information source.
    • Communication Processes:
  • Communications between different entities are done through devices connected to networks including private networks and public networks such as the Internet, telephones and mail services. Virtual private network techniques and wireless devices can be used. Cryptographic techniques and secure links could be used for secure communication.
  • While several embodiments of the invention have been shown and described herein, it will be obvious to those skilled in the art that various changes and modifications can be made therein without departing from the scope of the invention as defined by the Claims.

Claims (20)

1. A method of protecting a static identifier of an information holder, comprising:
a) receiving a request for one or a plurality of virtual identifiers by a processing entity computer system;
b) creating one or a plurality of virtual identifiers by said processing entity computer system with each of said one or a plurality of virtual identifiers uniquely identifies said information holder;
c) linking said one or a plurality of virtual identifiers to said static identifier by said processing entity computer system;
d) issuing said one or a plurality of virtual identifiers to said information holder;
e) receiving a message comprising a request for service with a virtual identifier by said processing entity computer system from a first device of a requesting party, said requesting party being a party that received said virtual identifier from said information holder or from a non-information-destination and submitted said request for service to said processing entity computer system;
f) processing said request for service from said requesting party by said processing entity computer system;
g) transmitting the result of step f) to said first device of said requesting party or a second device of said requesting party;
whereby the creation and issuance of the virtual identifiers are independent of those of the static identifier since the format of the virtual identifier is independent of that of the static identifier.
2. The method as recited in claim 1 further comprising:
a) receiving said static identifier of said information holder from a device of said information holder by said processing entity computer system;
b) transmitting said static identifier to a data management system.
3. The method as recited in claim 2 wherein the step of receiving said static identifier from a device of said information holder is conducted through a public network.
4. The method as recited in claim 3 wherein said public network is the Internet.
5. The method as recited in claim 2 wherein step e) is conducted through a public network.
6. The method as recited in claim 5 wherein said public network is the Internet.
7. The method as recited in claim 5, further comprising:
validating said virtual identifier by said processing entity computer system.
8. The method as recited in claim 7, further comprising:
identifying by said processing entity computer system said static identifier of said information holder using said virtual identifier.
9. The method as recited in claim 8 wherein step f) is conducted through transmitting a message comprising a request for sensitive information of said information holder with said static identifier to an information source and receiving the requested sensitive information from said information source.
10. The method as recited in claim 8 wherein the result of step f) comprises said static identifier.
11. The method as recited in claim 8 further comprising:
updating said virtual identifier's validity status by said processing entity computer system.
12. The method as recited in claim 11 wherein said static identifier is a social security number.
13. The method as recited in claim 9 wherein said virtual identifier is valid for one-time or multiple-time for requesting said sensitive information.
14. The method as recited in claim 8 wherein said virtual identifier comprises validity attributes.
15. A system of protecting a static identifier of an information holder, comprising:
a data management system to store and retrieve data;
a processing entity to receive a request for one or a plurality of virtual identifiers, to create one or a plurality of virtual identifiers with each of said one or a plurality of virtual identifiers uniquely identifies said information holder, to link said one or a plurality of virtual identifiers to said static identifier, to issue said one or a plurality of virtual identifiers to said information holder, to receive a message comprising a request for service with a virtual identifier from a first device of a requesting party, said requesting party being a party that received said virtual identifier from said information holder or from a non-information-destination and submitted said request for service to said processing entity, to process said request for service from said requesting party, to transmit the result of the above processing to said first device of said requesting party or a second device of said requesting party, said processing entity residing in a computer system; and
wherein said processing entity sends data to and gets data from said data management system.
16. The system as recited in claim 15 wherein said processing entity receives said message comprising a request for service through a public network.
17. The system as recited in claim 16 wherein said public network is the Internet.
18. The system as recited in claim 15 wherein said data management system comprises a database system.
19. The system as recited in claim 15 wherein said processing entity processes said request for service through transmitting a message comprising a request for obtaining sensitive information of said information holder to an information source.
20. The system as recited in claim 19 wherein said virtual identifier is limited to be valid for one-time or multiple-time.
US12/587,810 2002-08-31 2009-10-13 Method and system for protecting sensitive information and preventing unauthorized use of identity information Abandoned US20100043064A1 (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
US12/587,810 US20100043064A1 (en) 2002-08-31 2009-10-13 Method and system for protecting sensitive information and preventing unauthorized use of identity information

Applications Claiming Priority (3)

Application Number Priority Date Filing Date Title
US40754002P 2002-08-31 2002-08-31
US10/653,846 US7603320B1 (en) 2002-08-31 2003-09-02 Method and system for protecting sensitive information and preventing unauthorized use of identity information
US12/587,810 US20100043064A1 (en) 2002-08-31 2009-10-13 Method and system for protecting sensitive information and preventing unauthorized use of identity information

Related Parent Applications (1)

Application Number Title Priority Date Filing Date
US10/653,846 Continuation US7603320B1 (en) 2002-08-31 2003-09-02 Method and system for protecting sensitive information and preventing unauthorized use of identity information

Publications (1)

Publication Number Publication Date
US20100043064A1 true US20100043064A1 (en) 2010-02-18

Family

ID=41138077

Family Applications (2)

Application Number Title Priority Date Filing Date
US10/653,846 Expired - Fee Related US7603320B1 (en) 2002-08-31 2003-09-02 Method and system for protecting sensitive information and preventing unauthorized use of identity information
US12/587,810 Abandoned US20100043064A1 (en) 2002-08-31 2009-10-13 Method and system for protecting sensitive information and preventing unauthorized use of identity information

Family Applications Before (1)

Application Number Title Priority Date Filing Date
US10/653,846 Expired - Fee Related US7603320B1 (en) 2002-08-31 2003-09-02 Method and system for protecting sensitive information and preventing unauthorized use of identity information

Country Status (1)

Country Link
US (2) US7603320B1 (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US9009790B2 (en) 2010-09-11 2015-04-14 At&T Intellectual Property I, L.P. Association of multiple public user identifiers to disparate applications in an end-user's device

Families Citing this family (13)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US8041761B1 (en) * 2002-12-23 2011-10-18 Netapp, Inc. Virtual filer and IP space based IT configuration transitioning framework
US8430300B2 (en) * 2005-05-26 2013-04-30 Codebroker, Llc Using validity events to control the use of coupons containing barcodes in mobile devices that display the barcodes for reading by barcode readers
US8736615B2 (en) * 2006-04-27 2014-05-27 Codebroker, Llc Customizing barcode images for particular displays
US9324076B2 (en) * 2006-06-02 2016-04-26 First Data Corporation PIN creation system and method
US8746581B2 (en) 2007-06-19 2014-06-10 Codebroker, Llc Techniques for providing an electronic representation of a card
DE102007048976A1 (en) * 2007-06-29 2009-01-02 Voice.Trust Ag Virtual prepaid or credit card and method and system for providing such and for electronic payments
US8407607B2 (en) * 2009-02-19 2013-03-26 International Business Machines Corporation Dynamic virtual dashboard
WO2012149062A2 (en) * 2011-04-25 2012-11-01 Mastercard International Incorporated Methods and systems for offer and dynamic gift verification and redemption
US20130060693A1 (en) * 2011-09-06 2013-03-07 Rawllin International Inc. Unified charging system
EP2803030A4 (en) * 2012-01-12 2015-06-03 Mastercard International Inc Systems and methods for managing overages in daily deals
KR20140060849A (en) * 2012-11-12 2014-05-21 주식회사 케이티 System and method for card payment
US10762496B2 (en) 2015-02-06 2020-09-01 Google Llc Providing payment account information associated with a digital wallet account to a user at a merchant point of sale device
US11909729B2 (en) * 2018-04-26 2024-02-20 Google Llc Auto-form fill based website authentication

Citations (24)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US4630201A (en) * 1984-02-14 1986-12-16 International Security Note & Computer Corporation On-line and off-line transaction security system using a code generated from a transaction parameter and a random number
US4747526A (en) * 1985-09-24 1988-05-31 Play, S.A. Transportable infant seat
US5230523A (en) * 1991-07-31 1993-07-27 Wilhelm James E Multi-functional child carrier device
US5329589A (en) * 1991-02-27 1994-07-12 At&T Bell Laboratories Mediation of transactions by a communications system
US5367148A (en) * 1986-04-18 1994-11-22 Cias, Inc. Counterfeit detection using ID numbers with at least one random portion
US5432506A (en) * 1992-02-25 1995-07-11 Chapman; Thomas R. Counterfeit document detection system
US5431478A (en) * 1993-03-22 1995-07-11 Noonan; Mark Convertible baby carrier
US5485510A (en) * 1992-09-29 1996-01-16 At&T Corp. Secure credit/debit card authorization
US5553145A (en) * 1995-03-21 1996-09-03 Micali; Silvia Simultaneous electronic transactions with visible trusted parties
US5588570A (en) * 1994-12-28 1996-12-31 Zirbel; Kurt D. Combination backpack and seat device
US5662339A (en) * 1995-11-09 1997-09-02 Lisco, Inc. Infant frame carrier
US5689799A (en) * 1995-04-26 1997-11-18 Wink Communications, Inc. Method and apparatus for routing confidential information
US5883810A (en) * 1997-09-24 1999-03-16 Microsoft Corporation Electronic online commerce card with transactionproxy number for online transactions
US5884272A (en) * 1996-09-06 1999-03-16 Walker Asset Management Limited Partnership Method and system for establishing and maintaining user-controlled anonymous communications
US5890137A (en) * 1995-12-15 1999-03-30 Kabushiki Kaisha N.K. Kikaku On-line shopping system and the method of payment settlement
US6006200A (en) * 1998-05-22 1999-12-21 International Business Machines Corporation Method of providing an identifier for transactions
US6029890A (en) * 1998-06-22 2000-02-29 Austin; Frank User-Specified credit card system
US20010044787A1 (en) * 2000-01-13 2001-11-22 Gil Shwartz Secure private agent for electronic transactions
US6327578B1 (en) * 1998-12-29 2001-12-04 International Business Machines Corporation Four-party credit/debit payment protocol
US20020174030A1 (en) * 1999-09-28 2002-11-21 Praisner C. Todd Dynamic payment cards and related management systems and associated methods
US20030028481A1 (en) * 1998-03-25 2003-02-06 Orbis Patents, Ltd. Credit card system and method
US6543722B1 (en) * 2001-08-24 2003-04-08 Golden Talon Aviation Consulting, Inc. Child restraint system for aircraft use
US6766301B1 (en) * 2000-02-28 2004-07-20 Mike Daniel Fraud deterred product and service coupons
US6901387B2 (en) * 2001-12-07 2005-05-31 General Electric Capital Financial Electronic purchasing method and apparatus for performing the same

Family Cites Families (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6163771A (en) 1997-08-28 2000-12-19 Walker Digital, Llc Method and device for generating a single-use financial account number
US6422462B1 (en) 1998-03-30 2002-07-23 Morris E. Cohen Apparatus and methods for improved credit cards and credit card transactions
US20020133414A1 (en) * 2001-03-14 2002-09-19 Pradhan Salil Vjaykumar Mediated shopping method and system

Patent Citations (25)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US4630201A (en) * 1984-02-14 1986-12-16 International Security Note & Computer Corporation On-line and off-line transaction security system using a code generated from a transaction parameter and a random number
US4747526A (en) * 1985-09-24 1988-05-31 Play, S.A. Transportable infant seat
US5367148A (en) * 1986-04-18 1994-11-22 Cias, Inc. Counterfeit detection using ID numbers with at least one random portion
US5329589A (en) * 1991-02-27 1994-07-12 At&T Bell Laboratories Mediation of transactions by a communications system
US5230523A (en) * 1991-07-31 1993-07-27 Wilhelm James E Multi-functional child carrier device
US5432506A (en) * 1992-02-25 1995-07-11 Chapman; Thomas R. Counterfeit document detection system
US5485510A (en) * 1992-09-29 1996-01-16 At&T Corp. Secure credit/debit card authorization
US5431478A (en) * 1993-03-22 1995-07-11 Noonan; Mark Convertible baby carrier
US5588570A (en) * 1994-12-28 1996-12-31 Zirbel; Kurt D. Combination backpack and seat device
US5553145A (en) * 1995-03-21 1996-09-03 Micali; Silvia Simultaneous electronic transactions with visible trusted parties
US5689799A (en) * 1995-04-26 1997-11-18 Wink Communications, Inc. Method and apparatus for routing confidential information
US5662339A (en) * 1995-11-09 1997-09-02 Lisco, Inc. Infant frame carrier
US5890137A (en) * 1995-12-15 1999-03-30 Kabushiki Kaisha N.K. Kikaku On-line shopping system and the method of payment settlement
US5884272A (en) * 1996-09-06 1999-03-16 Walker Asset Management Limited Partnership Method and system for establishing and maintaining user-controlled anonymous communications
US5883810A (en) * 1997-09-24 1999-03-16 Microsoft Corporation Electronic online commerce card with transactionproxy number for online transactions
US20030028481A1 (en) * 1998-03-25 2003-02-06 Orbis Patents, Ltd. Credit card system and method
US6636833B1 (en) * 1998-03-25 2003-10-21 Obis Patents Ltd. Credit card system and method
US6006200A (en) * 1998-05-22 1999-12-21 International Business Machines Corporation Method of providing an identifier for transactions
US6029890A (en) * 1998-06-22 2000-02-29 Austin; Frank User-Specified credit card system
US6327578B1 (en) * 1998-12-29 2001-12-04 International Business Machines Corporation Four-party credit/debit payment protocol
US20020174030A1 (en) * 1999-09-28 2002-11-21 Praisner C. Todd Dynamic payment cards and related management systems and associated methods
US20010044787A1 (en) * 2000-01-13 2001-11-22 Gil Shwartz Secure private agent for electronic transactions
US6766301B1 (en) * 2000-02-28 2004-07-20 Mike Daniel Fraud deterred product and service coupons
US6543722B1 (en) * 2001-08-24 2003-04-08 Golden Talon Aviation Consulting, Inc. Child restraint system for aircraft use
US6901387B2 (en) * 2001-12-07 2005-05-31 General Electric Capital Financial Electronic purchasing method and apparatus for performing the same

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US9009790B2 (en) 2010-09-11 2015-04-14 At&T Intellectual Property I, L.P. Association of multiple public user identifiers to disparate applications in an end-user's device

Also Published As

Publication number Publication date
US7603320B1 (en) 2009-10-13

Similar Documents

Publication Publication Date Title
US20100043064A1 (en) Method and system for protecting sensitive information and preventing unauthorized use of identity information
US7925878B2 (en) System and method for creating a trusted network capable of facilitating secure open network transactions using batch credentials
US6898577B1 (en) Methods and systems for single sign-on authentication in a multi-vendor e-commerce environment and directory-authenticated bank drafts
KR101155858B1 (en) Electronic transfer system
EP0662673B1 (en) Anonymous credit card transactions
US7676433B1 (en) Secure, confidential authentication with private data
US7478239B1 (en) Electronic ticket vending system
AU2003267149B2 (en) Data authentication and provisioning method and system
US8601260B2 (en) Creation of user digital certificate for portable consumer payment device
US6959381B2 (en) Central key authority (CKA) database for user accounts in ABDS system
US6983368B2 (en) Linking public key of device to information during manufacture
US20030069792A1 (en) System and method for effecting secure online payment using a client payment card
US20090013182A1 (en) Centralized Identification and Authentication System and Method
US20050114666A1 (en) Blocked tree authorization and status systems
US20060123465A1 (en) Method and system of authentication on an open network
JPH10504150A (en) A method for securely using digital signatures in commercial cryptosystems
WO2000002150A1 (en) Transaction authorisation method
WO2002099710A1 (en) Electronic dealing method using electronic coupon
US6742125B1 (en) Distributed protocol for secure communication of commercial transactions and decentralized network employing the protocol
JP2002514839A (en) Cryptographic system and method for electronic commerce
JP2002536732A (en) How to operate infrastructure and applications for encryption-supported services
US6954740B2 (en) Action verification system using central verification authority
JP2001331646A (en) System and method for financial transaction using fingerprint matching
US7257554B1 (en) Anonymous purchases while allowing verifiable identities for refunds returned along the paths taken to make the purchases
JP3999527B2 (en) Computer network authentication method and data distribution method

Legal Events

Date Code Title Description
STCB Information on status: application discontinuation

Free format text: ABANDONED -- FAILURE TO RESPOND TO AN OFFICE ACTION