WO2006115715A2 - System and method for enhanced protection and control over the use of identity - Google Patents

System and method for enhanced protection and control over the use of identity Download PDF

Info

Publication number
WO2006115715A2
WO2006115715A2 PCT/US2006/012546 US2006012546W WO2006115715A2 WO 2006115715 A2 WO2006115715 A2 WO 2006115715A2 US 2006012546 W US2006012546 W US 2006012546W WO 2006115715 A2 WO2006115715 A2 WO 2006115715A2
Authority
WO
WIPO (PCT)
Prior art keywords
identity
service provider
user
information
entity
Prior art date
Application number
PCT/US2006/012546
Other languages
French (fr)
Other versions
WO2006115715A3 (en
Inventor
Gary M. Dennis
Sharon D. Dennis
Original Assignee
Dennis Gary M
Dennis Sharon D
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Family has litigation
First worldwide family litigation filed litigation Critical https://patents.darts-ip.com/?family=37215195&utm_source=google_patent&utm_medium=platform_link&utm_campaign=public_patent_search&patent=WO2006115715(A2) "Global patent litigation dataset” by Darts-ip is licensed under a Creative Commons Attribution 4.0 International License.
Application filed by Dennis Gary M, Dennis Sharon D filed Critical Dennis Gary M
Priority to CA2606263A priority Critical patent/CA2606263C/en
Priority to EP06740508.4A priority patent/EP1875344A4/en
Publication of WO2006115715A2 publication Critical patent/WO2006115715A2/en
Publication of WO2006115715A3 publication Critical patent/WO2006115715A3/en

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q50/00Information and communication technology [ICT] specially adapted for implementation of business processes of specific business sectors, e.g. utilities or tourism
    • G06Q50/10Services
    • G06Q50/26Government or public services
    • G06Q50/265Personal security, identity or safety
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • G06F21/32User authentication using biometric data, e.g. fingerprints, iris scans or voiceprints
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/45Structures or tools for the administration of authentication
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/604Tools and structures for managing or administering access control systems
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6218Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
    • G06F21/6245Protecting personal data, e.g. for financial or medical purposes
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/40Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/40Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
    • G06Q20/401Transaction verification
    • G06Q20/4014Identity check for transactions
    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07CTIME OR ATTENDANCE REGISTERS; REGISTERING OR INDICATING THE WORKING OF MACHINES; GENERATING RANDOM NUMBERS; VOTING OR LOTTERY APPARATUS; ARRANGEMENTS, SYSTEMS OR APPARATUS FOR CHECKING NOT PROVIDED FOR ELSEWHERE
    • G07C9/00Individual registration on entry or exit
    • G07C9/20Individual registration on entry or exit involving the use of a pass
    • G07C9/22Individual registration on entry or exit involving the use of a pass in combination with an identity check of the pass holder
    • G07C9/25Individual registration on entry or exit involving the use of a pass in combination with an identity check of the pass holder using biometric data, e.g. fingerprints, iris scans or voice recognition
    • G07C9/257Individual registration on entry or exit involving the use of a pass in combination with an identity check of the pass holder using biometric data, e.g. fingerprints, iris scans or voice recognition electronically
    • GPHYSICS
    • G16INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR SPECIFIC APPLICATION FIELDS
    • G16HHEALTHCARE INFORMATICS, i.e. INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR THE HANDLING OR PROCESSING OF MEDICAL OR HEALTHCARE DATA
    • G16H10/00ICT specially adapted for the handling or processing of patient-related medical or healthcare data
    • G16H10/60ICT specially adapted for the handling or processing of patient-related medical or healthcare data for patient-specific data, e.g. for electronic patient records
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/10Network architectures or network communication protocols for network security for controlling access to devices or network resources
    • H04L63/104Grouping of entities
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2105Dual mode as a secondary aspect
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2137Time limited access, e.g. to a computer or data

Definitions

  • the present invention relates to the protection of identity by controlling access to use of an identity. More specifically, the present invention provides protection of the identity of an entity by placing limitations or conditions on its use, and whereby the entity's use-enabling identification information is not fully needed to authorize a transaction.
  • Identity information can be, and has been, exploited so as to cause an identity owner and other ancillary parties emotional and financial harm.
  • Examples of misuse of identity range from impersonation to financial fraud, such as a fraudulent loan application, fraudulent credit instrument use, check fraud, and other transactional frauds.
  • financial fraud such as a fraudulent loan application, fraudulent credit instrument use, check fraud, and other transactional frauds.
  • Tens of billions of dollars are lost each year in the United States alone due to identity theft, with estimates rising as of the writing of this application. This does not account for the additional cost of law enforcement efforts to capture and bring perpetrators to justice.
  • identity theft is no longer limited to instances where financial gain is the sole motive. Indeed, it has now become necessary not only to protect our most precious identification information from use by an unscrupulous stranger, but there must also be in place a system that allows an identity owner to protect his identification information from use by a known party such as a disgruntled employee. With the ability and ease that identification information can be used to commit fraud against an identity owner as well as the resulting added burden on courts and law enforcement, there is a need for a system to protect the identity of an entity from misuse at a more fundamental level.
  • a method of protecting use of an entity's identity comprises setting a status of the identity to a first state, the first state defining a scope of permitted use of the identity, changing, in advance of an intended use of the identity, the status to a second state defining a scope of permitted use of the identity that is different from the first state, requesting use of the identity after the changing; and returning, after the requesting, the state back to the first state.
  • the above embodiment may have one or more preferable features, of which the following are non-limiting examples.
  • the first state is a default state, and the returning occurs in response to completion of a use of the identity.
  • the first state may comprise a default state, and the returning occurs in response to a predetermined number of uses of the identity, an elapse of a predetermined time after a predetermined event, or the earlier of the onset of the predetermined number of transactions and the predetermined time after the predetermined event.
  • the predetermined event may comprise the changing, the requesting completion of a use of the identity which prompted the requesting, or dictated by a parameter within the second state.
  • the use of the identity may comprise use of a credit card, debit card, check card, financial institution account number, brokerage account number, or other instrument provided by an account holder of record.
  • the requesting may comprise transmitting, from a user of the identity to a service provider which maintains the state, a request for authorization to use the identity, where information in the request is insufficient to authorize the use of the identity.
  • a method of protecting use of an entity's identity comprises attempting to use an identity at a source, forwarding first information relating to the use to a user affiliated with the source location, forwarding second information from the user to a service provider, the second information being different from the first information, determining, by the service provider, whether the use of the identity is consistent with a pre-registered intent of the entity, and sending, from the service provider to the user, a decision based on the determining, wherein the second information is insufficient in and of itself to authorize any related use of the identity.
  • the above embodiment may have one or more preferable features, of which the following are non-limiting examples.
  • the pre-registered intent of the user may comprise at least one of allowance of use, limitation of use, expansion of use, denial of use, or insufficient information to make a determination.
  • the attempting to use may comprise entering information from a credit card or a debit card to facilitate a financial transaction, and the user is a company account holder of record of the credit card or debit card; making a request to access medical records of the entity, and the user is a health-care related organization; making a request for a loan, and the user is a lender; or accessing a secure location, and the user is a security company.
  • a method of protecting use of an entity's identity comprises establishing, by the user, a set of desired identification information parameters, sending, from the user to a service provider, the set, obtaining, by the service provider from the entity, information from the entity consistent with the set, storing the information provided by the obtaining, and using, by the service provider, at least some of the information provided in the obtaining to respond to a request by the user to authorize a use of the identity of the entity, wherein the user does not have direct access to the information provided by the entity and subject to the storing.
  • the above embodiment may have one or more preferable features, of which the following are non-limiting examples.
  • the set may comprise at least one of the entity's name, address, telephone number, personal identification number or biometric data.
  • the user cannot authorize the use of the identity of the entity absent permission from the service provider.
  • the service provider cannot provide the permission unless consistent with the intent of the entity as reflected in the results of the obtaining.
  • a method of protecting use of an entity's identity is provided.
  • the method comprises storing, at a service provider, data representing first identification information of an entity, and at least one criteria capable of limiting the use of the identity, receiving, at a service provider, a request to determine whether the use of an entity's identity by a party is authorized for a requested application, the request including second identification information, comparing at least some of the first identification information with at least some of the second identification information, determining, based at least partially on a result of the comparing, whether the use of the identity by the identity-use-source is authorized for a particular application, and responding from the service provider to the identity-use-source consistent with the result of the determining.
  • the above embodiment may have one or more preferable features, of which the following are non-limiting examples.
  • the responding further comprises sending a response, the response indicating one of allowance of use, denial of use, or insufficient information to make a determination.
  • the method may further comprise receiving, from the entity, the data representing the first identification information and the identity use criteria.
  • the receiving or responding may further comprise receiving or responding through a Web page, customer service representative, switched wired network, wireless network, in person, or any of combination thereof.
  • the storing, determining, or responding may further comprise storing, determining, or responding by a service provider that is an electronic computing device.
  • the storing, determining, or responding may further comprise storing, determining, or responding by an electric computing device that further comprises hardware, software, or a combination of both hardware and software.
  • FIG. 1 is a diagram depicting at a high level the interconnections between elements of a system capable of implementing a particular embodiment of the invention
  • FIG. 2 is a diagram of a portion of an embodiment of the invention that depicts in more detail the interaction between and around the identity owner and the service provider;
  • FIG. 3 is a diagram of a portion of an embodiment of the invention that depicts in more detail the interaction between and around the user and the service provider;
  • FIG. 4 is a diagram depicting the service provider in more detail as well as depicting the interconnections between elements of a system capable of implementing a particular embodiment of the invention
  • FIG. 5 depicts an example of a layer of security embodied by an electronic interface allowing an identity owner access to their identification information
  • FIG. 6 depicts an example of an electronic interface that displays the identity owner's identification information and allowing for management of the identification information by the identity owner.
  • a service provider 10 provides service provider 10 with an object template 16.
  • Object template 16 contains various fields that define the type(s) and nature of information that service provider 10 preferably accepts and/or stores for any particular identify owner(s) 30.
  • Identity owner 30 will in turn provide that information to service provider 10 for use in the authorization, limitation or denial of requests from user(s) 20 to use the identity of identity owner 30.
  • an attempt will be made at a source 27 to use the identity of identity owner 30. The particulars of such use will be transmitted to user 20 either directly or indirectly through one or more agents 24.
  • identity state request 111 preferably includes at least enough information to allow service provider 10 to locate the account information of the particular identity owner 30 and to determine the corresponding user instructions.
  • identity state request 111 is preferably in and of itself insufficient to enable the use of the identity for its intended use, such that its capture or loss would not expose vital information.
  • the credit card company sends to service provider 10 in identity state request 111 the name, address and phone number of identity owner 30, as well as the last four digits of the credit card. From this information, service provider 10 can determine whether use of the credit card is authorized at that time. Yet the information in identity state request 111 is either public (name, address, and phone number being in phone books) and/or useless (four digits of a credit card being insufficient for a transaction). This provides a layer of protection to the use of the identity of an entity that is not confined to service provider 10.
  • identity owner 30 interfaces with service provider 10, either directly or indirectly through a recorder 38 of service provider 10.
  • Service provider 10 stores identification information and corresponding state metadata 15.
  • Identity state metadata 15 accompanies account profiles 14, with one or more of account profiles 14 being associated with a particular identity owner 30.
  • Each account profile 14 preferably includes one or more identity objects 12.
  • Each identity object 12 preferably includes one or more identity attributes 13.
  • Identity attributes 13 represent identification information communicated to service provider 10 by identity owner 30 or an authorized surrogate of the identity owner 30. All of this information may be stored in a repository 11.
  • Service provider 10 is configured to allow identity owner 30 to set up, manage, and edit identification information stored in the corresponding account profile 14. Access to the account profile 14 is preferably at least password protected to prevent unauthorized access to the identification information.
  • the information which identity owner 30 provides to service provider 10 reflects the
  • identity owner 30 could set up account profile 14 as follows:
  • identity state response 112 is similar to identity state request 111 in that the information sent in identity state response 112 is sufficient to communicate the decision of service provider 10 but insufficient to enable the use of the identity for the intended use. Thus, capture or loss of identity state response 112 would not expose vital information. However, the contents of request 111 and response 112 may or may not overlap to varying degrees.
  • identity state response 112 may include actual identification information. Preferably, such a transfer would be limited to only those identification information attributes 13 that identity owner 30 has allowed for release to that particular user 20. In some cases identity state response 112 need only include the resulting identity state (e.g., "allow request” or "deny request"), without transmitting any other identification information of identity owner 30.
  • the instruction to deny or allow a use under certain conditions is an example of an identity attribute 13.
  • Such instructive identity attribute(s) 13 are referred to herein as the identity state 17 (shown in Fig. 3).
  • the connection between users 20 and service provider 10 such as TCP, HTTP other land and/or wireless connections
  • identity state response 112 sent from service provider 10 to the user 20 includes content identity state 17, which represents the preexisting intent of identity owner 30 to deny the particular transaction.
  • User 20 preferably complies with the identity state 17 and sends an appropriate denial message to source 27, either directly or through agent(s) 24.
  • identity owner 30 elects to deny use of its identity are not limited to avoidance of fraud. Privacy and self-control considerations may also be a factor. For example, an identity owner 30 who wants to maintain confidentiality of his medical records, but wants to preserve quick access in emergencies can set identity attributes 13 in account profile 14 to only approve identity state requests 111 from authorized health-care-related institutions. In another example, an identity owner 30 who spends too much money at a certain store or type of store can set identity attributes 13 in account profile 14 to deny requests from that store or type of store.
  • identify state request 111 and identity state response 112 the substantive contents of these communications is preferably enough to determine and communicate the intent of identity owner 30 with respect to a particular use of identity.
  • identification information in identity state request 111 is insufficient in and of itself to facilitate the use intended by source 27, and identity state response 112 need include nothing more than identity state 17.
  • service provider 10 can perform its function of permitting, limiting or denying transactions without receiving, storing, or sending identification information that enables the underlying use ("use-enabling information").
  • service provider 10 authorizes or denies requests without having access to sensitive identification information, such as, by way of non-limiting example, a full credit card number or Personal Identification Number (PIN).
  • Service provider 10 thus does not have enough information to take any action on its own. For example, service provider 10 would not be able to misuse the credit card of identity owner 30 because it would not have the credit card or the credit number.
  • service provider 10 authorizes transactions, it cannot by acting alone misuse the underlying instruments that trigger the transactions. In theory, service provider 10 may nonetheless have access to some of this information, although such information can be protected using passwords, encryption, or other known techniques.
  • user 20 will preferably know whether to authorize or deny a transaction without receiving any new identification information from service provider 10 other than identity state 17. Since user 20 does not have direct access to other information in account profile 14, user 20 does not have information that could enable other undesired uses. By way of non-limiting example, if user 20 is a credit card company, it would not have enough information to access the medical records of identity owner 30. Without possession of use-enabling information, service provider 10 obviously cannot or cause user 20 to divulge information to agent(s) 24 and/or source 27. The identity owner's identification information account profile 14 therefore need never pass beyond the protection of the service provider 10.
  • the service provider 10 may also be tasked with securing identification information so as to prevent unauthorized access to the identification information.
  • the security of identification information afforded by the service provider 10 is far reaching, dynamic and may contain one or more layers.
  • the service provider 10 would preferably take the barest, directly identifying, raw data of an identity owner 30, if any, encrypt it and secure it preferably never to be used again.
  • service provider 10 acts as a centralized location relative to multiple users 20 for the storage of identification information of identity owners 30.
  • an identity owner 30 would disclose identification information to the service provider 10 instead, hi this embodiment, these various users 20 would make identity state requests 111 to the service provider 10, which would determine what, if any, identification information is disclosed to users 20.
  • An embodiment such as this that includes service provider 10 can, at a minimum, reduce the number of institutions privy to sensitive identification information.
  • Service provider 10 preferably is a company that includes employees that operate the necessary computer hardware and software to secure identification information and to communicate with identity owners 30 and users 20.
  • service provider 10 is an automated combination of hardware and software that carries out the operations described herein.
  • an identity owner 30 can utilize either a computer service provider 10 that is maintained by an outside party or a computer maintained by the identity owner 30 to prevent unauthorized access to identification information (e.g. , a human identity owner 30 may, for the purpose of practicing this embodiment, maintain and/or utilize a personal computer as a service provider 10).
  • the service provider 10 is a computer, preferably a server, accessible to the identity owner 30 and the user 20 through a communication network that is maintained by the computer.
  • the computer in this example would preferably be programmed to provide responses to user 20 based on input from the user 20 and the identity owner 30.
  • Identity owner 30 is preferably an individual, a corporation, or a computer system.
  • the identity owner 30 will contact service provider 10 and request that the service provider 10 secure the identity owner's identification information subject to provided constraints.
  • Service provider 10 might, for example, employ a layered technique where the identity owner's raw identification information, such as social security number or other primary identification data, biometric data, address, phone number(s), and other such information, is encrypted in a separately secure layer. With raw identification information secure in a fundamental layer, the service provider 10 can then use an additional layer of security for protecting the encrypted identification information from misuse.
  • User 20 may be thought of as a credit lender who wants to access the records of repository 11.
  • User 20 may be, by way of non-limiting example, a credit card company, credit reporting agency, merchant, banking institution, brokerage firm, insurance provider, hospital, medical caregiver, computer, corporation, or family member. User 20 may also in theory be an imposter. In the preferred embodiment, the service provider 10 will implement double-checks and safeguards so as to help protect the identification information from imposters.
  • Identity use source 27 sends desired transaction-based information, which preferably would include the identity of source 27 and the amount of the transaction (if a financial-based transaction).
  • Service provider 10 can then respond to user 20 with information or instructions that will determine the next step in the transaction precipitated by the triggering identity use source 27. In the preferred embodiment, the instructions received by user 20 will properly control the transaction and provide the result desired by identity owner 30 and user 20.
  • a non-limiting example of an end-to-end exchange is as follows. For set up, user 20, which in this example is a credit card company, will have previously given service provider 10 an object template 16. Object template 16 defines the identification information that user 20 needs in order to process a transaction by source 27. Identity owner 30 provides service provider 10 with the corresponding identification information through interface 300, such as a Web page.
  • a credit card is offered to complete a transaction at source 27.
  • Source 27 communicates the details of the transaction, as well as any desired details, to user 20.
  • User 20 forms an appropriate identity state request 111 and sends it to service provider 10.
  • Service provider 10 compares the contents of the identity state request with the identity object(s) 12 which describe the intent of identity owner 30 with regard to the particular transaction.
  • Service provider 10 determines whether the transaction is authorized or not, and then send a corresponding identity state response 112 to user 20.
  • service provider 10 may release other identification information to user 20 as may be authorized by the identity obj ect(s) 12 within account profile 14.
  • obj ect template 16 allows an identity owner 30 to set the default status of the credit identification instrument ⁇ e.g. , the credit card or underlying account) as on or off.
  • identity owner 30 sets the default of the credit card to "deny," essentially placing the use of the credit card in a lockdown state. If identity owner 30 wants to use the credit card at a particular time, then identity owner 30 can contact service provider 10 via, e.g., the Internet to change identity state 17 at the appropriate time, such as between 12:30 PM and 2:30 PM that day.
  • Identity owner 30 makes the purchase, or not, secure in the knowledge that use of the credit instrument was permitted within that limited two-hour window. Before the window opens, and after it closes, the default state is "deny,” thus preventing any unauthorized (or even authorized) use outside that window.
  • source 27 can be initiated by a person, a credit instrument, an Internet transmission, the identity owner 30, an imposter, user 20, or agent 24.
  • source 27 may be the point-of-sale terminal through which the credit card is scanned.
  • user 20 is a lending institution such as a bank
  • identity owner 30 is a person
  • service provider 10 is a form of company that preferably would use, by way of non-limiting example, electronic methodology such as a computer server to provide a network through which all parties to the transaction can communicate.
  • the service provider 10 could be a corporation or company whose sole purpose is directed to management of identification information; the service provider 10 could just as well be a credit reporting agency, insurance agency, health agency, or any established entity that has been enabled to practice the invention.
  • the network may take the form of voice communication (e.g. , through telephony or by face-to-face encounter) or an electronic interconnection such as an Internet or intranet Web browser interface, or any wireless or direct interface assisted by a software component such as a client-side application.
  • the process may begin when the service provider 10 sets up an object template 16 (e.g., a template that defines the options for an identity owner 30 to establish an account profile 14 to contain its identification information).
  • an object template 16 e.g., a template that defines the options for an identity owner 30 to establish an account profile 14 to contain its identification information.
  • the process may also begin when a user 20 (e.g. , a credit provider) contacts the service provider 10 and sets up an object template 16 (e.g., criteria an identity owner 30 must disclose for a particular transaction, or set of transactions, with that particular user 20 type).
  • Identity owner 30 (Joe E. Patent) establishes an account profile 14 with a service provider 10. For simplicity, assume that at the end of the process, the following information exists in the database, or repository 11, of service provider 10. For example:
  • the identity owner 30 protects a credit instrument event. For example, suppose XYZ Corporation provides object template 16 that requires six information fields. Five of the fields are required to "query" the identity state 17 of the identity object 12 (if any), and one field contains the identity state 17 of the identity object 12 last set by the identity owner 30. For example:
  • Identity object 12 data Identity obj ect type: XYZPer
  • the five data fields can replace the need for use-enabling information, such as, for example, the credit instrument number.
  • the information in these fields alone is insufficient to enable the desired use of the identity of identify owner 30, such that service provider 10 cannot misuse the identity.
  • the sixth field, "permit" is necessary to illustrate the role of the service provider 10 as a gatekeeper so that an attempted use of the identity of identity owner 30 must pass before user 20 can follow through on the intended use.
  • identity owner 30 If, for example, a credit instrument of identity owner 30 is misplaced, then it is a simple matter for the identity owner 30 to contact the service provider 10 and change identity state 17 of the XYZPer identity object 12 to "deny" until certain that the instrument is not lost. By way of non-limiting example, this can be accomplished by the identity owner 30 accessing interface 300 and making the necessary changes. That layer of security, in addition to the preferred implementation of an outer shell of interface security 200, as shown in Fig. 5, and other possible layers of security such as, by way of non-limiting example, encryption methods of identification information, is a preferred benefit to the embodiment.
  • a thief attempts to use the XYZ instrument at a merchant agent 24. This is an attempted use of identity at source 27, a transaction that implies or directly uses identification information.
  • the merchant communicates the transaction information to user 20, in this case the XYZ transaction approval network.
  • XYZ generates an appropriate identity state request 111 and sends it to service provider 10.
  • An example of the contents of the corresponding identity state request 111 is as follows: ⁇ Identity request>
  • the primary identification data need not be alphanumeric. There may exist embodiments where it is preferable to include primary identification data that is biometric (fingerprint or retinal image). Once the primary identification data is entered at the time the account profile 14 is created (and indeed, if the data is numeric, it may not be necessary to store the full primary identification number in an implementation of the embodiment), this information is preferably encrypted.
  • the responsibility of sending identity state request 111 to service provider 10 is allocated to the holder of record for account information related directly to the identity use by source 27. Typically this will be user 20 (XYZ in this example) or a representative of user 20. Either way, there must be sufficient information to supply data conforming to the identity object template 16 requirements and to positively match the identity objects 12 associated with the identity account profile 14.
  • An account profile 14 is accessible to the identity owner 30 either directly with service provider 10 or indirectly though recorder 38. Through access to the account profile 14, the identity owner 30 is able to observe, add, delete, and modify its state identity information. Multiple identity objects 12 and/or account profiles 14 may exist for each identity owner 30.
  • Object templates 16 can streamline a transaction by providing advance notice to an identity owner 30 of the specific identification information required by the user 20. Furnishing an identity owner 30 with an object template 16 is preferably accomplished either through one of the recorders 38 of the service provider 10 or by direct input of the object template 16 into the repository 11. Referring now to Fig.4, an embodiment of service provider 10 is illustrated in detail.
  • Identity state 17 is the result of the comparison between identity state request 111 and identity obj ects 12 input by identity owner 30. Whenever possible, it is preferable for service provider 10 to provide identity state 17 while avoiding disclosure of extra identification information of an identity owner 30. hi a preferred embodiment of the invention, the service provider 10 accomplishes this through use of an interpreter 18. On instruction from, for example, user 20, recorder 38, identity owner 30, or a supplier 19 of service provider 10, interpreter 18 will compare the identity state request 111 and at least one identity object 12 for a particular identity owner 30. Preferably, interpreter 18 can also compare identity state requests 111 that are formulated based on requirements described by applicable object templates 16, as well as against criteria set by the identity owner 30.
  • Identity state 17 may be based on one or more identity objects 12; in this case, the identity object 12 must have contained identity attributes 13 such as "at 3 :00 AM", "off or a time period that includes 3 :00 AM, designated as "off' (e.g., 2:00 AM - 4:00 AM).
  • Interpreter 18 thus evaluates identity state request 111 against the criteria, rules and requirements contained in the state identity object 12 of the identity owner. After evaluation, interpreter 18 preferably communicates the result of the analysis, either directly or indirectly, to user 20 without disclosing sensitive identification information. Instead, the identity state response 112 only contains the status of a transaction (in this example, the status is the "identity state" 17) involving identification information.
  • Interpreter 18 and supplier 19 are preferably the entities within service provider 10 with access to state metadata 15.
  • Interpreter 18 and supplier 19 may be people and/or electronic devices such as computers that implement algorithms designed to assess and interpret an identity state 17 as described herein.
  • Non-limiting examples of potential identity state 17 responses 112 include: permit, deny, not enough information, and permit only for emergency use. By way of non-limiting example, the latter response would exist in a preferred embodiment that included identification information that was medical in nature.
  • An identity owner 30 may authorize release of his medical history to known licensed caregivers only in the case of an emergency.
  • a second object template 16 that defines the requirements for controlling identity relative to acquiring additional credit.
  • a customer applies for a loan at a federal bank.
  • the customer triggers identity use source
  • the customer represents on the loan application that his primary identification data value is 555- 55-5555.
  • the Federal Bank would contact a credit reporting agency to obtain a credit worthiness report for the loan applicant.
  • the credit reporting agency (a user 20) would determine if the loan applicant had an identity account profile 14.
  • the service provider 10 would have reported the fact that identity owner 30 had such an account in the normal course of business.
  • the credit reporting agency contacts supplier 19 and requests identity state 17, based on its "new credit" object template 16, for a customer having a primary identification data value of 555-55-5555.
  • Interpreter 18 acting as an agent of service provider 10 as opposed to the credit reporting agency as user 20, determines identity state 17. Once found, the "new credit" object template 16 is compared to the corresponding identity object(s) 12. The interpreter 18 ensures that all fields match. After noting the account profile number associated with the customer name provided by the bank (Account No. CACTUS), interpreter 18 accesses and confirms that the primary identification data value matches the one in the original identity state request 111. Further examination of identity obj ects 12 in account profile 14 shows that identity state 17 has been set to "Type - Identity Off.
  • interpreter 18 informs supplier 19 that identity state 17 is "deny" and, thus, any use of the identification information of identity owner 30 should be denied.
  • Supplier sends this identity state 17 to the credit reporting agency in the manner discussed herein.
  • the credit reporting agency communicates this state to the Federal Bank that requested the loan applicant credit report.
  • the federal bank knows that one of two situations exists. Either the person applying for the loan forgot to change their identity object 12 before applying for the loan, or the person making the application is trying to fraudulently obtain a loan. If the person is the legitimate identity owner, then the error can be corrected. If the person is an imposter, the fraud is revealed.
  • state metadata 15 represents identity attribute information 13 of identity owner 30.
  • State metadata 15 alteration by identity owner 30 permits control over the state metadata 15 and, thus, bestows an identity owner 30 with control over the use of its identity and identification information.
  • identity attributes 13 may be entered directly by identity owners 30 acting on their own behalf as identity recorders 38. This process may be achieved in person, by phone, wireless device, Web browser or any other device capable of communicating instructions of identity owner 30.
  • identity owner 30 decides to use a credit instrument for a vacation outside the United States, but notes that his account profile 14 prevents use of his identification information outside the United States ("USA Only").
  • Identity owner 30 accordingly decides to modify his account profile 14 through a call to recorder 38.
  • Recorder 38 will go through one or more security protocols, such as a password check, date of birth, the last four characters of a primary identification data value, etc.
  • the recorder 38 is satisfied that the caller is identity owner 30 of identity account profile 14 CACTUS.
  • Identity owner 30 communicates his intent for use of XYZ credit instrument's transactions to be enabled outside the United States . Identity owner 30 is then asked to supply the last six digits of the account number and the phone number including the area code associated with this credit instrument account.
  • Service provider 10 preferably by using an authorized interpreter 18, examines the existing identity objects 12 to make sure that none of the identity objects 12 already refers to this credit instrument. If no entries exist, recorder 38 inputs an identity object 12 into the repository 11 , "Type - Credit Usage - permit globally, instrument type XYZ Corporation, account suffix 565787, phone 5555555555". This allows usage of the instrument xxxxxx565787 outside the United States. As illustrated in the above example, an identity owner 30 may record identity attributes 13 and transmit these by mail, courier, electronic transmission or voice to recorder(s) 38 acting on the behalf of identity owner 30.
  • identity objects 12 are configured to resist compromise of the security of the identification information of the identity owner 30.
  • identity attributes 13 are a partial representation of the identity object 12 is significant because it prevents the state metadata 15 from containing information that could j eopardize security of the identity owner 30 if breached.
  • an identity owner 30 communicates through a security layer 200 that hinders unauthorized access to the identification information of identity owner 30.
  • service provider 10 has a software barrier in the form of a log-in screen interface which requires ausername201 and apassword202.
  • anidentity owner 30 practicing the preferred embodiment can, after successful authorization, access its account profile 14.
  • the accessed data appears in a convenient layout, preferably all in one view.
  • Interface 300 is depicted in Fig. 6 as one of many methods of layout for viewing, deleting, adding, and manipulating account profile 14.
  • Interface 300 is essentially split into four topical sections.
  • the topmost section contains an identity object 12 manipulation workspace 303.
  • Workspace 303 is the area where identity owner 30 and recorder 38 can access and modify identity objects 12.
  • user 20 is granted the ability to use supplier 19 to deposit an object template 16 into repository 11 for use by identity owner 30 and/or recorder 38. It is also possible to give user 20 a more direct, write-only type of access to the repository 11.
  • identity owner 30 would only be able to configure an identity obj ect 12 for an XYZ credit instrument if XYZ company had previously provided an object template 16 for this type of financial instrument.
  • the second area of workspace 303 is the control set 309.
  • Control set 309 is where either identity owner 30 or recorder 38 (at the behest of the identity owner 30) can manipulate identity objects 12.
  • the identity attribute 13 "Parking Space 3R" can be set to "deny Crystal McCity access to location information.”
  • this portion of workspace 303 is where identity objects 12 and identity attributes 13, such as "1 transaction per day”, can be added to, for example, identity attribute 13 "bank account withdrawals” to form an identity object 12 that places a limit on the number of transactions for a particular bank account per day.
  • the bottommost two sections 320, 330 consist of one section that has two distinct portions, and it may have a name such as Recent Activity Monitor or Transaction Notification 330.
  • identity owner 30 or interpreter 18 at the behest of identity owner 30
  • identity-related activities such as credit instrument usage, or, as seen in Fig. 6, passport usage 330.
  • the data is used to create an identity object 12 representing a name and address related to the account profile 14.
  • the name of this set can act as a short form reference to a particular name and address and help the user avoid the re-entry of name and address data for identity assets sharing common attributes.
  • Field 330 is illustrative of how the identity owner 30 and/or the authorities have a tool with which to track usage of such things as passports, credit instruments, ID tags, or even keys/keyinstruments to buildings.
  • Identity owner 30 is again an entity, human or otherwise, capable of making investments in securities.
  • User 20 is a brokerage firm.
  • Service provider 10 maintains its function as an entity that can, but need not, encrypt and store the most fundamental and sensitive data in a separately secure layer. Similar to the steps disclosed above, this embodiment affords preventative security against misuse of any investment account.
  • Fig. 6 depicts how certain embodiments can be used to determine the details surrounding the identification information use for a passport. Each occurrence of the passport usage is listed.
  • a transaction notification 330 is optional but can be a useful tool allowing the identity owner 30 to monitor the use of identification information. Indeed, it implicates, essentially, other embodiments that can be used in law enforcement.
  • Another non-financial use is monitoring of an identifying building access key, key instrument, or any locating device and is not limited to building area entry and exit monitoring. Such use would allow the system to track the location of the occupants of a building based on where they last used their key. This could be life saving in an emergency or, on the other hand, help the security or management of a building discern likely suspects after discovery of an unscrupulous act.
  • Another non-financial use is the protection of data that is medical in nature.
  • Food allergies and diseases such as diabetes are non-limiting examples of such medical information that an identity owner 30 would not want accessed by anyone other than, for example, a licensed medical professional or licensed medical professional organization.
  • Such systems provide, on a consistent, easily transferable basis, information as might be required as part of standard service industry entity (e.g., dentists, physicians, veterinarians, schools) registration procedures, such information and name, address, and contact information.
  • identity owner 30 is operating with the cooperation of or under the control of law enforcement.
  • certain "zones" may be set up relative to the person's identity. For example, a sex offender may not be able to leave the local jurisdiction, or someone under house arrest cannot leave the home.
  • Flags can be set up in object template 16 or related operations that monitor use of identity and alert law enforcement if the use is for a prescribed activity or in a prescribed area.

Landscapes

  • Engineering & Computer Science (AREA)
  • Business, Economics & Management (AREA)
  • Computer Security & Cryptography (AREA)
  • Theoretical Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Physics & Mathematics (AREA)
  • Health & Medical Sciences (AREA)
  • General Health & Medical Sciences (AREA)
  • Computer Hardware Design (AREA)
  • General Engineering & Computer Science (AREA)
  • Accounting & Taxation (AREA)
  • Strategic Management (AREA)
  • General Business, Economics & Management (AREA)
  • Software Systems (AREA)
  • Bioethics (AREA)
  • Tourism & Hospitality (AREA)
  • Finance (AREA)
  • Medical Informatics (AREA)
  • Primary Health Care (AREA)
  • Signal Processing (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Computing Systems (AREA)
  • Databases & Information Systems (AREA)
  • Development Economics (AREA)
  • Educational Administration (AREA)
  • Economics (AREA)
  • Human Resources & Organizations (AREA)
  • Marketing (AREA)
  • Human Computer Interaction (AREA)
  • Epidemiology (AREA)
  • Public Health (AREA)
  • Automation & Control Theory (AREA)
  • Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)
  • Lock And Its Accessories (AREA)
  • Storage Device Security (AREA)
  • Telephonic Communication Services (AREA)

Abstract

A method of protecting use of an entity's identity is provided. The method comprises setting a status of the identity to a first state, the first state defining a scope of permitted use of the identity, changing, in advance of an intended use of the identity, the status to a second state defining a scope of permitted use of the identity that is different from the first state, requesting use of the identity after the changing; and returning, after the requesting, the state back to the first state.

Description

SYSTEM AND METHOD FOR ENHANCED PROTECTION AND CONTROL
OVER THE USE OF IDENTITY
BACKGROUND OF THE INVENTION
1. Field of the Invention
The present invention relates to the protection of identity by controlling access to use of an identity. More specifically, the present invention provides protection of the identity of an entity by placing limitations or conditions on its use, and whereby the entity's use-enabling identification information is not fully needed to authorize a transaction. 2. Discussion of Background Information
Identity information can be, and has been, exploited so as to cause an identity owner and other ancillary parties emotional and financial harm. Examples of misuse of identity range from impersonation to financial fraud, such as a fraudulent loan application, fraudulent credit instrument use, check fraud, and other transactional frauds. Tens of billions of dollars are lost each year in the United States alone due to identity theft, with estimates rising as of the writing of this application. This does not account for the additional cost of law enforcement efforts to capture and bring perpetrators to justice.
With the increased technical and Internet literacy of our culture, identity theft is no longer limited to instances where financial gain is the sole motive. Indeed, it has now become necessary not only to protect our most precious identification information from use by an unscrupulous stranger, but there must also be in place a system that allows an identity owner to protect his identification information from use by a known party such as a disgruntled employee. With the ability and ease that identification information can be used to commit fraud against an identity owner as well as the resulting added burden on courts and law enforcement, there is a need for a system to protect the identity of an entity from misuse at a more fundamental level.
Traditional responses to this problem have been inadequate. The most common response involves monitoring the use of identity resources and notifying a consumer after detection of an unusual use of the identity. For example, a credit card company can detect unusual purchase activity and contact the account holder to determine whether the charges were authorized. While such monitoring mitigates against any continuing misuse of identity, responsive action is generally limited to apportion the burden of the harm between the victimized parties and seek prosecution of the offender. Such methods are thus reactive in that the damage has already been done, and otherwise lack the ability to prevent or undo the ill effects of the damage in the first place.
Current technology, as disclosed in U.S. PatentNos. 6,529,885, 6,811,082, 6,817,521, and 6,332,134, highlights a fundamental failing in the current state of the art. Such prior mechanisms require the identity owner to either use a "smart instrument," carry his own credit scanning device, or use a bank as a third party to a transaction as common as the simplest purchase. While these prior patents illustrate an attempt to address the issue of protecting and managing financial transactions, the solutions they present lack broader financial and non-financial application, practicability and/or simply substitute one flawed mechanism of protection and management for another. This is true in part because an identity owner has no means of proactively controlling use of his identity and identification information with a system designed specifically for such control.
SUMMARY OF THE INVENTION Various embodiments of the invention improve security of identification information by giving an individual or other entity increased control over implied or direct use of his identity.
According to an embodiment of the invention, a method of protecting use of an entity's identity is provided. The method comprises setting a status of the identity to a first state, the first state defining a scope of permitted use of the identity, changing, in advance of an intended use of the identity, the status to a second state defining a scope of permitted use of the identity that is different from the first state, requesting use of the identity after the changing; and returning, after the requesting, the state back to the first state. The above embodiment may have one or more preferable features, of which the following are non-limiting examples. The first state is a default state, and the returning occurs in response to completion of a use of the identity. The first state may comprise a default state, and the returning occurs in response to a predetermined number of uses of the identity, an elapse of a predetermined time after a predetermined event, or the earlier of the onset of the predetermined number of transactions and the predetermined time after the predetermined event. The predetermined event may comprise the changing, the requesting completion of a use of the identity which prompted the requesting, or dictated by a parameter within the second state. The use of the identity may comprise use of a credit card, debit card, check card, financial institution account number, brokerage account number, or other instrument provided by an account holder of record. The requesting may comprise transmitting, from a user of the identity to a service provider which maintains the state, a request for authorization to use the identity, where information in the request is insufficient to authorize the use of the identity.
According to another embodiment of the invention, a method of protecting use of an entity's identity is provided. The method comprises attempting to use an identity at a source, forwarding first information relating to the use to a user affiliated with the source location, forwarding second information from the user to a service provider, the second information being different from the first information, determining, by the service provider, whether the use of the identity is consistent with a pre-registered intent of the entity, and sending, from the service provider to the user, a decision based on the determining, wherein the second information is insufficient in and of itself to authorize any related use of the identity.
The above embodiment may have one or more preferable features, of which the following are non-limiting examples. The pre-registered intent of the user may comprise at least one of allowance of use, limitation of use, expansion of use, denial of use, or insufficient information to make a determination. The attempting to use may comprise entering information from a credit card or a debit card to facilitate a financial transaction, and the user is a company account holder of record of the credit card or debit card; making a request to access medical records of the entity, and the user is a health-care related organization; making a request for a loan, and the user is a lender; or accessing a secure location, and the user is a security company. According to yet another embodiment of the invention, a method of protecting use of an entity's identity is provided. The method comprises establishing, by the user, a set of desired identification information parameters, sending, from the user to a service provider, the set, obtaining, by the service provider from the entity, information from the entity consistent with the set, storing the information provided by the obtaining, and using, by the service provider, at least some of the information provided in the obtaining to respond to a request by the user to authorize a use of the identity of the entity, wherein the user does not have direct access to the information provided by the entity and subject to the storing.
The above embodiment may have one or more preferable features, of which the following are non-limiting examples. The set may comprise at least one of the entity's name, address, telephone number, personal identification number or biometric data.
Preferably the user cannot authorize the use of the identity of the entity absent permission from the service provider. Preferably the service provider cannot provide the permission unless consistent with the intent of the entity as reflected in the results of the obtaining. According to still yet another embodiment of the invention, there is provided a method of protecting use of an entity's identity. The method comprises storing, at a service provider, data representing first identification information of an entity, and at least one criteria capable of limiting the use of the identity, receiving, at a service provider, a request to determine whether the use of an entity's identity by a party is authorized for a requested application, the request including second identification information, comparing at least some of the first identification information with at least some of the second identification information, determining, based at least partially on a result of the comparing, whether the use of the identity by the identity-use-source is authorized for a particular application, and responding from the service provider to the identity-use-source consistent with the result of the determining. The above embodiment may have one or more preferable features, of which the following are non-limiting examples. The responding further comprises sending a response, the response indicating one of allowance of use, denial of use, or insufficient information to make a determination. The method may further comprise receiving, from the entity, the data representing the first identification information and the identity use criteria. The receiving or responding may further comprise receiving or responding through a Web page, customer service representative, switched wired network, wireless network, in person, or any of combination thereof. The storing, determining, or responding may further comprise storing, determining, or responding by a service provider that is an electronic computing device. The storing, determining, or responding may further comprise storing, determining, or responding by an electric computing device that further comprises hardware, software, or a combination of both hardware and software. BRIEF DESCRgTION OF THE DRAWINGS
The present invention is further described in the detailed description which follows, in reference to the noted plurality of drawings by way of non-limiting examples of certain embodiments of the present invention, in which like numerals represent like elements throughout the several views of the drawings, and wherein:
FIG. 1 is a diagram depicting at a high level the interconnections between elements of a system capable of implementing a particular embodiment of the invention;
FIG. 2 is a diagram of a portion of an embodiment of the invention that depicts in more detail the interaction between and around the identity owner and the service provider; FIG. 3 is a diagram of a portion of an embodiment of the invention that depicts in more detail the interaction between and around the user and the service provider;
FIG. 4 is a diagram depicting the service provider in more detail as well as depicting the interconnections between elements of a system capable of implementing a particular embodiment of the invention; FIG. 5 depicts an example of a layer of security embodied by an electronic interface allowing an identity owner access to their identification information; and
FIG. 6 depicts an example of an electronic interface that displays the identity owner's identification information and allowing for management of the identification information by the identity owner. DETAILED DESCRIPTION OF THE EXEMPLARY EMBODIMENT
The particulars shown herein are by way of example and for purposes of illustrative discussion of the embodiments of the present invention only and are presented in the cause of providing what is believed to be the most useful and readily understood description of the principles and conceptual aspects of the present invention. In this regard, no attempt is made to show structural details of the present invention in more detail than is necessary for the fundamental understanding of the present invention, the description taken with the drawings making apparent to those skilled in the art how the several forms of the present invention may be embodied in practice.
Referring now to Fig. 1 , the elements of a particular embodiment are illustrated where a service provider 10, a user 20 and an identity owner 30 interact to use an identity owner's identity and/or identification information. User 20 provides service provider 10 with an object template 16. Object template 16 contains various fields that define the type(s) and nature of information that service provider 10 preferably accepts and/or stores for any particular identify owner(s) 30. Identity owner 30 will in turn provide that information to service provider 10 for use in the authorization, limitation or denial of requests from user(s) 20 to use the identity of identity owner 30. At some later point in time, an attempt will be made at a source 27 to use the identity of identity owner 30. The particulars of such use will be transmitted to user 20 either directly or indirectly through one or more agents 24. User 20 then sends an identity state request 111 to service provider 10, which requests authorization to complete the underlying transaction. Based on the information in identity state request 111 relative to information previously provided by identity owner 30, service provider 10 will determine whether to authorize, limit or deny the requested use. Service provider 10 sends an appropriate response to user 20 in an identity state response 112. User 20 in turn sends appropriate instructions to source 27 either directly or indirectly through one or more agents 24. hi the preferred embodiment, identity state request 111 preferably includes at least enough information to allow service provider 10 to locate the account information of the particular identity owner 30 and to determine the corresponding user instructions. However, the information in identity state request 111 is preferably in and of itself insufficient to enable the use of the identity for its intended use, such that its capture or loss would not expose vital information. By way of non-limiting example, if the triggering event is use of a credit card, then the credit card company (user 20) sends to service provider 10 in identity state request 111 the name, address and phone number of identity owner 30, as well as the last four digits of the credit card. From this information, service provider 10 can determine whether use of the credit card is authorized at that time. Yet the information in identity state request 111 is either public (name, address, and phone number being in phone books) and/or useless (four digits of a credit card being insufficient for a transaction). This provides a layer of protection to the use of the identity of an entity that is not confined to service provider 10.
Referring now to Fig. 2, identity owner 30 interfaces with service provider 10, either directly or indirectly through a recorder 38 of service provider 10. Service provider 10 stores identification information and corresponding state metadata 15. (Metadata is understood in the electronic arts as data that is contained within an electronic file that is not necessarily needed to use the file, but rather contains information on the information within the file.) Identity state metadata 15 accompanies account profiles 14, with one or more of account profiles 14 being associated with a particular identity owner 30. Each account profile 14 preferably includes one or more identity objects 12. Each identity object 12 preferably includes one or more identity attributes 13. Identity attributes 13 represent identification information communicated to service provider 10 by identity owner 30 or an authorized surrogate of the identity owner 30. All of this information may be stored in a repository 11.
Service provider 10 is configured to allow identity owner 30 to set up, manage, and edit identification information stored in the corresponding account profile 14. Access to the account profile 14 is preferably at least password protected to prevent unauthorized access to the identification information. The information which identity owner 30 provides to service provider 10 reflects the
' intent of the identity owner 30 to, by way of non-limiting example allow, deny, limit, secure, protect or otherwise control a type of use of the identity of an entity. The nature and scope of the control and management of identity use is essentially unlimited and based only on the parameters as may be defined by user 20 and identity owner 30. By way of non-limiting example, identity owner 30 could set up account profile 14 as follows:
(1) credit cards can only be used between 9 AM and 11 PM..
(2) medical information is available at all times but only to users 20 that are pre-authorized for health services (e.g., doctors, hospitals, pharmacies).
(3) applications for loans or new credit are never to be approved. Limitations such as the above establish default and real-time use control over the identity of an identity owner 30. Attempts to use identity outside the authorized scope will be denied, preventing misuse before it takes place and identifying a possible fraud in progress for law enforcement response. If identity owner 30 needs to use its identity in a manner inconsistent with the above limitations, then identity owner 30 can modify account profile 14 in advance of such use and then return account profile 14 to its prior state (or any other desired state) after the need for the use concludes. It is also helpful for an identity owner 30 to be capable of modifying identification information on a whim, creating a real-time, or near real-time system that is fluid and constantly capable of meeting the needs of identity owner 30 while securing the identification information. Based on use limitations in account profile 14, service provider 10 will advise user 20 as to whether or not the transaction is approved or not in identity state response 112. Preferably, identity state response 112 is similar to identity state request 111 in that the information sent in identity state response 112 is sufficient to communicate the decision of service provider 10 but insufficient to enable the use of the identity for the intended use. Thus, capture or loss of identity state response 112 would not expose vital information. However, the contents of request 111 and response 112 may or may not overlap to varying degrees.
In certain circumstances, identity state response 112 may include actual identification information. Preferably, such a transfer would be limited to only those identification information attributes 13 that identity owner 30 has allowed for release to that particular user 20. In some cases identity state response 112 need only include the resulting identity state (e.g., "allow request" or "deny request"), without transmitting any other identification information of identity owner 30. The instruction to deny or allow a use under certain conditions is an example of an identity attribute 13. Such instructive identity attribute(s) 13 are referred to herein as the identity state 17 (shown in Fig. 3). In such situations, the connection between users 20 and service provider 10 (such as TCP, HTTP other land and/or wireless connections) may provide sufficient routing information to process identity state response 112 to its intended destination within user 20 without sending other specific identification information.
Thus, in the above example where service provider 10 decides to deny a request for use, identity state response 112 sent from service provider 10 to the user 20 includes content identity state 17, which represents the preexisting intent of identity owner 30 to deny the particular transaction. User 20 preferably complies with the identity state 17 and sends an appropriate denial message to source 27, either directly or through agent(s) 24.
The circumstances under which identity owner 30 elects to deny use of its identity are not limited to avoidance of fraud. Privacy and self-control considerations may also be a factor. For example, an identity owner 30 who wants to maintain confidentiality of his medical records, but wants to preserve quick access in emergencies can set identity attributes 13 in account profile 14 to only approve identity state requests 111 from authorized health-care-related institutions. In another example, an identity owner 30 who spends too much money at a certain store or type of store can set identity attributes 13 in account profile 14 to deny requests from that store or type of store.
Advantages of the preferred embodiment with respect to the contents of identify state request 111 and identity state response 112 will now be discussed. As discussed above, the substantive contents of these communications is preferably enough to determine and communicate the intent of identity owner 30 with respect to a particular use of identity.
Particularly, identification information in identity state request 111 is insufficient in and of itself to facilitate the use intended by source 27, and identity state response 112 need include nothing more than identity state 17. As such, service provider 10 can perform its function of permitting, limiting or denying transactions without receiving, storing, or sending identification information that enables the underlying use ("use-enabling information").
Thus, service provider 10 authorizes or denies requests without having access to sensitive identification information, such as, by way of non-limiting example, a full credit card number or Personal Identification Number (PIN). Service provider 10 thus does not have enough information to take any action on its own. For example, service provider 10 would not be able to misuse the credit card of identity owner 30 because it would not have the credit card or the credit number. Thus, while service provider 10 authorizes transactions, it cannot by acting alone misuse the underlying instruments that trigger the transactions. In theory, service provider 10 may nonetheless have access to some of this information, although such information can be protected using passwords, encryption, or other known techniques.
Similarly, user 20 will preferably know whether to authorize or deny a transaction without receiving any new identification information from service provider 10 other than identity state 17. Since user 20 does not have direct access to other information in account profile 14, user 20 does not have information that could enable other undesired uses. By way of non-limiting example, if user 20 is a credit card company, it would not have enough information to access the medical records of identity owner 30. Without possession of use-enabling information, service provider 10 obviously cannot or cause user 20 to divulge information to agent(s) 24 and/or source 27. The identity owner's identification information account profile 14 therefore need never pass beyond the protection of the service provider 10.
The service provider 10 may also be tasked with securing identification information so as to prevent unauthorized access to the identification information. In a preferred embodiment, the security of identification information afforded by the service provider 10 is far reaching, dynamic and may contain one or more layers. As a threshold issue, the service provider 10 would preferably take the barest, directly identifying, raw data of an identity owner 30, if any, encrypt it and secure it preferably never to be used again. In another embodiment, service provider 10 acts as a centralized location relative to multiple users 20 for the storage of identification information of identity owners 30. That is, rather than disseminating identification information to every bank, credit agency, insurance company, or any other entity that requests identification information, an identity owner 30 would disclose identification information to the service provider 10 instead, hi this embodiment, these various users 20 would make identity state requests 111 to the service provider 10, which would determine what, if any, identification information is disclosed to users 20. An embodiment such as this that includes service provider 10 can, at a minimum, reduce the number of institutions privy to sensitive identification information. Service provider 10 preferably is a company that includes employees that operate the necessary computer hardware and software to secure identification information and to communicate with identity owners 30 and users 20. hi an alternative embodiment, service provider 10 is an automated combination of hardware and software that carries out the operations described herein. By way of non-limiting example, an identity owner 30 can utilize either a computer service provider 10 that is maintained by an outside party or a computer maintained by the identity owner 30 to prevent unauthorized access to identification information (e.g. , a human identity owner 30 may, for the purpose of practicing this embodiment, maintain and/or utilize a personal computer as a service provider 10). hi this example, the service provider 10 is a computer, preferably a server, accessible to the identity owner 30 and the user 20 through a communication network that is maintained by the computer. The computer in this example would preferably be programmed to provide responses to user 20 based on input from the user 20 and the identity owner 30.
Identity owner 30 is preferably an individual, a corporation, or a computer system. Preferably, the identity owner 30 will contact service provider 10 and request that the service provider 10 secure the identity owner's identification information subject to provided constraints. Service provider 10 might, for example, employ a layered technique where the identity owner's raw identification information, such as social security number or other primary identification data, biometric data, address, phone number(s), and other such information, is encrypted in a separately secure layer. With raw identification information secure in a fundamental layer, the service provider 10 can then use an additional layer of security for protecting the encrypted identification information from misuse. User 20 may be thought of as a credit lender who wants to access the records of repository 11. User 20 may be, by way of non-limiting example, a credit card company, credit reporting agency, merchant, banking institution, brokerage firm, insurance provider, hospital, medical caregiver, computer, corporation, or family member. User 20 may also in theory be an imposter. In the preferred embodiment, the service provider 10 will implement double-checks and safeguards so as to help protect the identification information from imposters.
User 20 sends identity state requests 111 in response to a triggering event at identity use source 27. Identity use source 27 sends desired transaction-based information, which preferably would include the identity of source 27 and the amount of the transaction (if a financial-based transaction). Service provider 10 can then respond to user 20 with information or instructions that will determine the next step in the transaction precipitated by the triggering identity use source 27. In the preferred embodiment, the instructions received by user 20 will properly control the transaction and provide the result desired by identity owner 30 and user 20.
A non-limiting example of an end-to-end exchange is as follows. For set up, user 20, which in this example is a credit card company, will have previously given service provider 10 an object template 16. Object template 16 defines the identification information that user 20 needs in order to process a transaction by source 27. Identity owner 30 provides service provider 10 with the corresponding identification information through interface 300, such as a Web page.
At a later point in time, a credit card is offered to complete a transaction at source 27. Source 27 communicates the details of the transaction, as well as any desired details, to user 20. User 20 forms an appropriate identity state request 111 and sends it to service provider 10. Service provider 10 compares the contents of the identity state request with the identity object(s) 12 which describe the intent of identity owner 30 with regard to the particular transaction. Service provider 10 determines whether the transaction is authorized or not, and then send a corresponding identity state response 112 to user 20. In addition, service provider 10 may release other identification information to user 20 as may be authorized by the identity obj ect(s) 12 within account profile 14.
In a related example, obj ect template 16 allows an identity owner 30 to set the default status of the credit identification instrument {e.g. , the credit card or underlying account) as on or off. In this example, identity owner 30 sets the default of the credit card to "deny," essentially placing the use of the credit card in a lockdown state. If identity owner 30 wants to use the credit card at a particular time, then identity owner 30 can contact service provider 10 via, e.g., the Internet to change identity state 17 at the appropriate time, such as between 12:30 PM and 2:30 PM that day. Identity owner 30 makes the purchase, or not, secure in the knowledge that use of the credit instrument was permitted within that limited two-hour window. Before the window opens, and after it closes, the default state is "deny," thus preventing any unauthorized (or even authorized) use outside that window.
User 20 sends identity state request 111 in response to a use of identity at source 27. By way of non-limiting example, source 27 can be initiated by a person, a credit instrument, an Internet transmission, the identity owner 30, an imposter, user 20, or agent 24. In a credit card example, source 27 may be the point-of-sale terminal through which the credit card is scanned.
In a preferred embodiment, user 20 is a lending institution such as a bank, identity owner 30 is a person, and service provider 10 is a form of company that preferably would use, by way of non-limiting example, electronic methodology such as a computer server to provide a network through which all parties to the transaction can communicate. By way of non-limiting example, the service provider 10 could be a corporation or company whose sole purpose is directed to management of identification information; the service provider 10 could just as well be a credit reporting agency, insurance agency, health agency, or any established entity that has been enabled to practice the invention. Also, by way of non-limiting example, the network may take the form of voice communication (e.g. , through telephony or by face-to-face encounter) or an electronic interconnection such as an Internet or intranet Web browser interface, or any wireless or direct interface assisted by a software component such as a client-side application.
In an embodiment, the process may begin when the service provider 10 sets up an object template 16 (e.g., a template that defines the options for an identity owner 30 to establish an account profile 14 to contain its identification information). The process may also begin when a user 20 (e.g. , a credit provider) contacts the service provider 10 and sets up an object template 16 (e.g., criteria an identity owner 30 must disclose for a particular transaction, or set of transactions, with that particular user 20 type). Identity owner 30 (Joe E. Patent) establishes an account profile 14 with a service provider 10. For simplicity, assume that at the end of the process, the following information exists in the database, or repository 11, of service provider 10. For example:
Account profile 14 data
Account ID: CACTUS Account password: flowersforalgernon
Name: Joe E. Patent
Address: 102 Brown Street
Primary identification number: 222-22-2222
Next, the identity owner 30 protects a credit instrument event. For example, suppose XYZ Corporation provides object template 16 that requires six information fields. Five of the fields are required to "query" the identity state 17 of the identity object 12 (if any), and one field contains the identity state 17 of the identity object 12 last set by the identity owner 30. For example:
Identity object 12 data Identity obj ect type: XYZPer
Identity object account suffix: 565787
Identity object account name: Joe E. Patent
Identity object account phone: (555) 716-5555
Identity object account zip: 55555 Identity object state: permit
In the above example, the five data fields can replace the need for use-enabling information, such as, for example, the credit instrument number. However, the information in these fields alone is insufficient to enable the desired use of the identity of identify owner 30, such that service provider 10 cannot misuse the identity. The sixth field, "permit", is necessary to illustrate the role of the service provider 10 as a gatekeeper so that an attempted use of the identity of identity owner 30 must pass before user 20 can follow through on the intended use.
If, for example, a credit instrument of identity owner 30 is misplaced, then it is a simple matter for the identity owner 30 to contact the service provider 10 and change identity state 17 of the XYZPer identity object 12 to "deny" until certain that the instrument is not lost. By way of non-limiting example, this can be accomplished by the identity owner 30 accessing interface 300 and making the necessary changes. That layer of security, in addition to the preferred implementation of an outer shell of interface security 200, as shown in Fig. 5, and other possible layers of security such as, by way of non-limiting example, encryption methods of identification information, is a preferred benefit to the embodiment.
Continuing the example, a thief attempts to use the XYZ instrument at a merchant agent 24. This is an attempted use of identity at source 27, a transaction that implies or directly uses identification information. The merchant communicates the transaction information to user 20, in this case the XYZ transaction approval network. XYZ generates an appropriate identity state request 111 and sends it to service provider 10. An example of the contents of the corresponding identity state request 111 is as follows: <Identity request>
<Identity object type>XYZPer<Identity object type/> <Identity object account suffix>565787<Identity object account suffix/> <Identity object account name>Joe E. Patent<Identity object account name/> <Identity object account phone>5555555555<Identity object account phone/> <Identity object account zip>55555<Identity object account zip/>
<Identity request/>
In this example, with the exception of the primary identification data, nothing exists in the account profile 14 that has any security implication. Note that the primary identification data need not be alphanumeric. There may exist embodiments where it is preferable to include primary identification data that is biometric (fingerprint or retinal image). Once the primary identification data is entered at the time the account profile 14 is created (and indeed, if the data is numeric, it may not be necessary to store the full primary identification number in an implementation of the embodiment), this information is preferably encrypted.
Preferably, the responsibility of sending identity state request 111 to service provider 10 is allocated to the holder of record for account information related directly to the identity use by source 27. Typically this will be user 20 (XYZ in this example) or a representative of user 20. Either way, there must be sufficient information to supply data conforming to the identity object template 16 requirements and to positively match the identity objects 12 associated with the identity account profile 14. An account profile 14 is accessible to the identity owner 30 either directly with service provider 10 or indirectly though recorder 38. Through access to the account profile 14, the identity owner 30 is able to observe, add, delete, and modify its state identity information. Multiple identity objects 12 and/or account profiles 14 may exist for each identity owner 30.
User 20 establishes the types of identification information to be used in object template 16, but preferably does not have access to account profile(s) 14 that contain the information itself. Object templates 16 can streamline a transaction by providing advance notice to an identity owner 30 of the specific identification information required by the user 20. Furnishing an identity owner 30 with an object template 16 is preferably accomplished either through one of the recorders 38 of the service provider 10 or by direct input of the object template 16 into the repository 11. Referring now to Fig.4, an embodiment of service provider 10 is illustrated in detail.
Object templates 16, akin to those described above, allow user 20 to practice proactively. To an extent, the types of identity obj ects 12 available to identity owner 30 are controlled by user 20 through the creation of object templates 16. Object templates 16 provide the criteria for identity state request 111, identity response 112, and attribution of identity objects 12. Stated another way, in certain dealings the identity owner 30 can only create personalized identity objects 12 for which users 20 have created object templates 16. The reason for this is that having the resources available to protect identity are ineffective unless user 20 (those relying on identity to act on behalf of identity owner 30) are prepared to cooperate with service provider 10. Preferably, object templates 16 provide user 20 with sufficient control and efficiency that will encourage the cooperation of user 20.
Identity state 17 is the result of the comparison between identity state request 111 and identity obj ects 12 input by identity owner 30. Whenever possible, it is preferable for service provider 10 to provide identity state 17 while avoiding disclosure of extra identification information of an identity owner 30. hi a preferred embodiment of the invention, the service provider 10 accomplishes this through use of an interpreter 18. On instruction from, for example, user 20, recorder 38, identity owner 30, or a supplier 19 of service provider 10, interpreter 18 will compare the identity state request 111 and at least one identity object 12 for a particular identity owner 30. Preferably, interpreter 18 can also compare identity state requests 111 that are formulated based on requirements described by applicable object templates 16, as well as against criteria set by the identity owner 30.
By way of non-limiting example, if a merchant user 20 issues an identity state request 111 for a purchase at 3:00 AM and the corresponding identity owner 30 has not authorized such transactions at that hour, then interpreter 18 transmits the identity state response 112 by informing the user 20, either directly or indirectly through supplier 19, that the purchase is "denied." Identity state 17 may be based on one or more identity objects 12; in this case, the identity object 12 must have contained identity attributes 13 such as "at 3 :00 AM", "off or a time period that includes 3 :00 AM, designated as "off' (e.g., 2:00 AM - 4:00 AM).
Interpreter 18 thus evaluates identity state request 111 against the criteria, rules and requirements contained in the state identity object 12 of the identity owner. After evaluation, interpreter 18 preferably communicates the result of the analysis, either directly or indirectly, to user 20 without disclosing sensitive identification information. Instead, the identity state response 112 only contains the status of a transaction (in this example, the status is the "identity state" 17) involving identification information. Interpreter 18 and supplier 19 are preferably the entities within service provider 10 with access to state metadata 15. Interpreter 18 and supplier 19 may be people and/or electronic devices such as computers that implement algorithms designed to assess and interpret an identity state 17 as described herein. Non-limiting examples of potential identity state 17 responses 112 include: permit, deny, not enough information, and permit only for emergency use. By way of non-limiting example, the latter response would exist in a preferred embodiment that included identification information that was medical in nature. An identity owner 30 may authorize release of his medical history to known licensed caregivers only in the case of an emergency.
By way of further example, there maybe a second object template 16 that defines the requirements for controlling identity relative to acquiring additional credit. In this example, a customer applies for a loan at a federal bank. Here, the customer triggers identity use source
27 (the bank) that initiates the steps described herein. As part of the loan application, the customer represents on the loan application that his primary identification data value is 555- 55-5555. As a matter of course, the Federal Bank would contact a credit reporting agency to obtain a credit worthiness report for the loan applicant. The credit reporting agency (a user 20) would determine if the loan applicant had an identity account profile 14. The service provider 10 would have reported the fact that identity owner 30 had such an account in the normal course of business. After discovering the presence of an identity account profile 14 in the credit information of the loan applicant, the credit reporting agency contacts supplier 19 and requests identity state 17, based on its "new credit" object template 16, for a customer having a primary identification data value of 555-55-5555. Interpreter 18, acting as an agent of service provider 10 as opposed to the credit reporting agency as user 20, determines identity state 17. Once found, the "new credit" object template 16 is compared to the corresponding identity object(s) 12. The interpreter 18 ensures that all fields match. After noting the account profile number associated with the customer name provided by the bank (Account No. CACTUS), interpreter 18 accesses and confirms that the primary identification data value matches the one in the original identity state request 111. Further examination of identity obj ects 12 in account profile 14 shows that identity state 17 has been set to "Type - Identity Off. Since no other identity objects 12 exist for this identity owner 30 that supersede this identity state 17, interpreter 18 informs supplier 19 that identity state 17 is "deny" and, thus, any use of the identification information of identity owner 30 should be denied. Supplier sends this identity state 17 to the credit reporting agency in the manner discussed herein. The credit reporting agency communicates this state to the Federal Bank that requested the loan applicant credit report. At this point the federal bank knows that one of two situations exists. Either the person applying for the loan forgot to change their identity object 12 before applying for the loan, or the person making the application is trying to fraudulently obtain a loan. If the person is the legitimate identity owner, then the error can be corrected. If the person is an imposter, the fraud is revealed. Using state metadata 15, it is possible to determine the identity attribute information 13 of identity owner 30. The state metadata 15 represents identity attribute information 13 of identity owner 30. State metadata 15 alteration by identity owner 30 permits control over the state metadata 15 and, thus, bestows an identity owner 30 with control over the use of its identity and identification information. As seen in Figs. 5 and 6, discussed in detail below, identity attributes 13 may be entered directly by identity owners 30 acting on their own behalf as identity recorders 38. This process may be achieved in person, by phone, wireless device, Web browser or any other device capable of communicating instructions of identity owner 30. hi another example, identity owner 30 decides to use a credit instrument for a vacation outside the United States, but notes that his account profile 14 prevents use of his identification information outside the United States ("USA Only"). Identity owner 30 accordingly decides to modify his account profile 14 through a call to recorder 38. Recorder 38 will go through one or more security protocols, such as a password check, date of birth, the last four characters of a primary identification data value, etc. The recorder 38 is satisfied that the caller is identity owner 30 of identity account profile 14 CACTUS. Identity owner 30 communicates his intent for use of XYZ credit instrument's transactions to be enabled outside the United States . Identity owner 30 is then asked to supply the last six digits of the account number and the phone number including the area code associated with this credit instrument account.
Service provider 10, preferably by using an authorized interpreter 18, examines the existing identity objects 12 to make sure that none of the identity objects 12 already refers to this credit instrument. If no entries exist, recorder 38 inputs an identity object 12 into the repository 11 , "Type - Credit Usage - permit globally, instrument type XYZ Corporation, account suffix 565787, phone 5555555555". This allows usage of the instrument xxxxxx565787 outside the United States. As illustrated in the above example, an identity owner 30 may record identity attributes 13 and transmit these by mail, courier, electronic transmission or voice to recorder(s) 38 acting on the behalf of identity owner 30.
Storage, transmission, and disclosure of identity objects 12 are configured to resist compromise of the security of the identification information of the identity owner 30. The fact that identity attributes 13 are a partial representation of the identity object 12 is significant because it prevents the state metadata 15 from containing information that could j eopardize security of the identity owner 30 if breached.
Referring to Fig. 5 an identity owner 30 communicates through a security layer 200 that hinders unauthorized access to the identification information of identity owner 30. In this embodiment, service provider 10 has a software barrier in the form of a log-in screen interface which requires ausername201 and apassword202. Referring to Fig. 6, anidentity owner 30 practicing the preferred embodiment can, after successful authorization, access its account profile 14. Preferably the accessed data appears in a convenient layout, preferably all in one view.
An example of interface 300 is depicted in Fig. 6 as one of many methods of layout for viewing, deleting, adding, and manipulating account profile 14. Interface 300 is essentially split into four topical sections. The topmost section contains an identity object 12 manipulation workspace 303. Workspace 303 is the area where identity owner 30 and recorder 38 can access and modify identity objects 12. Though not granted direct access, it is preferable that user 20 is granted the ability to use supplier 19 to deposit an object template 16 into repository 11 for use by identity owner 30 and/or recorder 38. It is also possible to give user 20 a more direct, write-only type of access to the repository 11. In the case of the example illustrated by Fig. 6, identity owner 30 would only be able to configure an identity obj ect 12 for an XYZ credit instrument if XYZ company had previously provided an object template 16 for this type of financial instrument.
The second area of workspace 303 is the control set 309. Control set 309 is where either identity owner 30 or recorder 38 (at the behest of the identity owner 30) can manipulate identity objects 12. By way of non-limiting example, the identity attribute 13 "Parking Space 3R" can be set to "deny Crystal McCity access to location information." By way of further non-limiting example, this portion of workspace 303 is where identity objects 12 and identity attributes 13, such as "1 transaction per day", can be added to, for example, identity attribute 13 "bank account withdrawals" to form an identity object 12 that places a limit on the number of transactions for a particular bank account per day. The bottommost two sections 320, 330 consist of one section that has two distinct portions, and it may have a name such as Recent Activity Monitor or Transaction Notification 330. In this section, it is possible for identity owner 30 or interpreter 18 (at the behest of identity owner 30), to monitor use of various identity-related activities such as credit instrument usage, or, as seen in Fig. 6, passport usage 330. After entering the appropriate data 390 in the Name Set Add/Modify field 320, the data is used to create an identity object 12 representing a name and address related to the account profile 14. The name of this set can act as a short form reference to a particular name and address and help the user avoid the re-entry of name and address data for identity assets sharing common attributes. Field 330 is illustrative of how the identity owner 30 and/or the authorities have a tool with which to track usage of such things as passports, credit instruments, ID tags, or even keys/keyinstruments to buildings.
Another embodiment of the invention applies to brokerage firms and investors. Identity owner 30 is again an entity, human or otherwise, capable of making investments in securities. User 20 is a brokerage firm. Service provider 10 maintains its function as an entity that can, but need not, encrypt and store the most fundamental and sensitive data in a separately secure layer. Similar to the steps disclosed above, this embodiment affords preventative security against misuse of any investment account. Although the above-mentioned embodiments have been predominantly described in terms of financial transactions, the invention is not so limited. For example, Fig. 6 depicts how certain embodiments can be used to determine the details surrounding the identification information use for a passport. Each occurrence of the passport usage is listed. A transaction notification 330 is optional but can be a useful tool allowing the identity owner 30 to monitor the use of identification information. Indeed, it implicates, essentially, other embodiments that can be used in law enforcement.
Another non-financial use is monitoring of an identifying building access key, key instrument, or any locating device and is not limited to building area entry and exit monitoring. Such use would allow the system to track the location of the occupants of a building based on where they last used their key. This could be life saving in an emergency or, on the other hand, help the security or management of a building discern likely suspects after discovery of an unscrupulous act.
Another non-financial use is the protection of data that is medical in nature. Food allergies and diseases such as diabetes are non-limiting examples of such medical information that an identity owner 30 would not want accessed by anyone other than, for example, a licensed medical professional or licensed medical professional organization. Such systems provide, on a consistent, easily transferable basis, information as might be required as part of standard service industry entity (e.g., dentists, physicians, veterinarians, schools) registration procedures, such information and name, address, and contact information.
In a law enforcement embodiment, identity owner 30 is operating with the cooperation of or under the control of law enforcement. In this embodiment, certain "zones" may be set up relative to the person's identity. For example, a sex offender may not be able to leave the local jurisdiction, or someone under house arrest cannot leave the home. Flags can be set up in object template 16 or related operations that monitor use of identity and alert law enforcement if the use is for a prescribed activity or in a prescribed area.
It is noted that the foregoing examples have been provided merely for the purpose of explanation and are in no way to be construed as limiting of the present invention. While the present invention has been described with reference to certain embodiments, it is understood that the words which have been used herein are words of description and illustration, rather than words of limitation. Changes may be made, within the purview of the appended claims, as presently stated and as amended, without departing from the scope and spirit of the present invention in its aspects. Although the present invention has been described herein with reference to particular means, materials and embodiments, the present invention is not intended to be limited to the particulars disclosed herein; rather, the present invention extends to all functionally equivalent structures, methods and uses, such as are within the scope of the appended claims.

Claims

What Is Claimed Is:
1. A method of protecting use of an entity' s identity comprising: setting a status of the identity to a first state, the first state defining a scope of permitted use of the identity; changing, in advance of an intended use of the identity, the status to a second state defining a scope of permitted use of the identity that is different from the first state; requesting use of the identity after said changing; and returning, after said requesting, the state back to the first state.
2. The method of claim 1 , wherein the first state is a default state, and said returning occurs in response to completion of a use of the identity.
3. The method of claim 1 wherein the first state is a default state, and said returning occurs in response to a predetermined number of uses of the identity, an elapse of a predetermined time after a predetermined event, or the earlier of the onset of the predetermined number of transactions and the predetermined time after the predetermined event.
4. The method of claim 3, wherein the predetermined event is said changing, said requesting completion of a use of the identity which prompted said requesting, or dictated by a parameter within the second state.
5. The method of claim 1 , wherein the use of the identity comprises use of a credit card, debit card, check card, financial institution account number, brokerage account number, or other instrument provided by an account holder of record.
6. The method of claim 1 , wherein said requesting comprises transmitting, from a user of said identity to a service provider which maintains the state, a request for authorization to use the identity, where information in the request is insufficient to authorize the use of the identity.
7. A method of protecting use of an entity's identity comprising: attempting to use an identity at a source; forwarding first information relating to said use to a user affiliated with the source location; forwarding second information from the user to a service provider, the second information being different from the first information; determining, by the service provider, whether the use of the identity is consistent with a pre-registered intent of the entity; and sending, from the service provider to the user, a decision based on the determining; wherein the second information is insufficient in and of itself to authorize any related use of the identity.
8. The method of claim 7, wherein the pre-registered intent of the user comprises at least one of allowance of use, limitation of use, expansion of use, denial of use, or insufficient information to make a determination.
9. The method of claim 7, wherein said attempting comprises entering information from a credit card or a debit card to facilitate a financial transaction, and said user is a company account holder of record of the credit card or debit card.
10. The method of claim 7, wherein said attempting to use an identity comprises making a request to access medical records of the entity, and the user is a health-care related organization.
11. The method of claim 7, wherein said attempting to use an identity comprises making a request for a loan, and the user is a lender.
12. The method of claim 7, wherein said attempting to use an identity comprises accessing a secure location, and the user is a security company.
13. A method of protecting use of an entity' s identity comprising: establishing, by the user, a set of desired identification information parameters; sending, from the user to a service provider, the set; obtaining, by the service provider from the entity, information from the entity consistent with the set; storing the information provided by said obtaining; and using, by the service provider, at least some of the information provided in said obtaining to respond to a request by the user to authorize a use of the identity of the entity; wherein the user does not have direct access to the information provided by the entity and subject to said storing.
14. The method of claim 13, wherein said set comprises at least one of the entity's name, address, telephone number, personal identification number or biometric data.
15. The method of claim 13, wherein the user cannot authorize the use of the identity of the entity absent permission from the service provider.
16. The method of claim 15, wherein the service provider cannot provide the permission unless consistent with the intent of the entity as reflected in the results of said obtaining.
17. A method of protecting use of an entity' s identity comprising: storing, at a service provider, data representing first identification information of an entity, and at least one criteria capable of limiting the use of the identity; receiving, at a service provider, a request to determine whether the use of an entity's identity by a party is authorized for a requested application, the request including second identification information; comparing at least some of the first identification information with at least some of the second identification information; determining, based at least partially on a result of said comparing, whether the use of the identity by the identity-use-source is authorized for a particular application; and responding from the service provider to the identity-use-source consistent with the result of said determining.
18. The method of claim 17, wherein said responding further comprises sending a response, said response indicating one of allowance of use, denial of use, or insufficient information to make a determination.
19. The method of claim 17, further comprising receiving, from the entity, the data representing the first identification information and the identity use criteria.
20. The method of claim 17, wherein said receiving or responding further comprises receiving or responding through a Web page, customer service representative, switched wired network, wireless network, in person, or any of combination thereof.
21. The method of claim 17, wherein said storing, determining, or responding further comprises storing, determining, or responding by a service provider that is an electronic computing device.
22. The method of claim 17, wherein said storing, determining, or responding further comprises storing, determining, or responding by an electric computing device that further comprises hardware, software, or a combination of both hardware and software.
PCT/US2006/012546 2005-04-27 2006-04-05 System and method for enhanced protection and control over the use of identity WO2006115715A2 (en)

Priority Applications (2)

Application Number Priority Date Filing Date Title
CA2606263A CA2606263C (en) 2005-04-27 2006-04-05 System and method for enhanced protection and control over the use of identity
EP06740508.4A EP1875344A4 (en) 2005-04-27 2006-04-05 System and method for enhanced protection and control over the use of identity

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
US11/115,239 2005-04-27
US11/115,239 US7779456B2 (en) 2005-04-27 2005-04-27 System and method for enhanced protection and control over the use of identity

Publications (2)

Publication Number Publication Date
WO2006115715A2 true WO2006115715A2 (en) 2006-11-02
WO2006115715A3 WO2006115715A3 (en) 2007-11-15

Family

ID=37215195

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/US2006/012546 WO2006115715A2 (en) 2005-04-27 2006-04-05 System and method for enhanced protection and control over the use of identity

Country Status (4)

Country Link
US (5) US7779456B2 (en)
EP (1) EP1875344A4 (en)
CA (4) CA3048595A1 (en)
WO (1) WO2006115715A2 (en)

Families Citing this family (53)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US8682755B2 (en) * 2012-07-03 2014-03-25 Lexisnexis Risk Solutions Fl Inc. Systems and methods for detecting tax refund fraud
JP4640932B2 (en) * 2004-12-10 2011-03-02 富士通株式会社 Automatic transaction control method, automatic transaction apparatus and program thereof
JP4640933B2 (en) * 2004-12-10 2011-03-02 富士通株式会社 Automatic transaction control method, automatic transaction apparatus and program thereof
US8359278B2 (en) 2006-10-25 2013-01-22 IndentityTruth, Inc. Identity protection
US20080103800A1 (en) * 2006-10-25 2008-05-01 Domenikos Steven D Identity Protection
US8516116B2 (en) * 2006-11-30 2013-08-20 Accenture Global Services Limited Context-based routing of requests in a service-oriented architecture
US8479272B2 (en) * 2007-06-04 2013-07-02 Avaya Inc. Identity assertion
US9990674B1 (en) 2007-12-14 2018-06-05 Consumerinfo.Com, Inc. Card registry systems and methods
US8799983B2 (en) * 2008-05-22 2014-08-05 Avaya Inc. Insight distribution
US8312033B1 (en) 2008-06-26 2012-11-13 Experian Marketing Solutions, Inc. Systems and methods for providing an integrated identifier
US8060424B2 (en) 2008-11-05 2011-11-15 Consumerinfo.Com, Inc. On-line method and system for monitoring and reporting unused available credit
US9652802B1 (en) 2010-03-24 2017-05-16 Consumerinfo.Com, Inc. Indirect monitoring and reporting of a user's credit data
WO2012112781A1 (en) 2011-02-18 2012-08-23 Csidentity Corporation System and methods for identifying compromised personally identifiable information on the internet
US9483606B1 (en) 2011-07-08 2016-11-01 Consumerinfo.Com, Inc. Lifescore
US9106691B1 (en) 2011-09-16 2015-08-11 Consumerinfo.Com, Inc. Systems and methods of identity protection and management
US8819793B2 (en) 2011-09-20 2014-08-26 Csidentity Corporation Systems and methods for secure and efficient enrollment into a federation which utilizes a biometric repository
US8738516B1 (en) 2011-10-13 2014-05-27 Consumerinfo.Com, Inc. Debt services candidate locator
US11030562B1 (en) 2011-10-31 2021-06-08 Consumerinfo.Com, Inc. Pre-data breach monitoring
US20130218918A1 (en) * 2012-02-16 2013-08-22 Microsoft Corporation Claim based execution control
US9853959B1 (en) 2012-05-07 2017-12-26 Consumerinfo.Com, Inc. Storage and maintenance of personal data
US20130305378A1 (en) * 2012-05-09 2013-11-14 Visa Europe Limited Method and system for establishing trust between a service provider and a client of the service provider
US10089686B2 (en) 2012-07-03 2018-10-02 Lexisnexis Risk Solutions Fl Inc. Systems and methods for increasing efficiency in the detection of identity-based fraud indicators
US10043213B2 (en) * 2012-07-03 2018-08-07 Lexisnexis Risk Solutions Fl Inc. Systems and methods for improving computation efficiency in the detection of fraud indicators for loans with multiple applicants
US9160747B2 (en) * 2012-07-04 2015-10-13 Basware Corporation Method for data access control of third parties in a multitenant system
US9654541B1 (en) 2012-11-12 2017-05-16 Consumerinfo.Com, Inc. Aggregating user web browsing data
US9916621B1 (en) 2012-11-30 2018-03-13 Consumerinfo.Com, Inc. Presentation of credit score factors
US10102570B1 (en) 2013-03-14 2018-10-16 Consumerinfo.Com, Inc. Account vulnerability alerts
US9406085B1 (en) 2013-03-14 2016-08-02 Consumerinfo.Com, Inc. System and methods for credit dispute processing, resolution, and reporting
US8812387B1 (en) 2013-03-14 2014-08-19 Csidentity Corporation System and method for identifying related credit inquiries
US10685398B1 (en) 2013-04-23 2020-06-16 Consumerinfo.Com, Inc. Presenting credit score information
US9477737B1 (en) 2013-11-20 2016-10-25 Consumerinfo.Com, Inc. Systems and user interfaces for dynamic access of multiple remote databases and synchronization of data based on user rules
US20170091412A1 (en) 2014-05-30 2017-03-30 Apple Inc. Systems and Methods for Facilitating Health Research Using a Personal Wearable Device With Multiple Pairing Configurations
US9582643B2 (en) * 2014-05-30 2017-02-28 Apple Inc. Managing user information—source prioritization
US10733266B2 (en) 2014-05-30 2020-08-04 Apple Inc. Systems and methods of providing patient apps
US11107578B2 (en) 2014-05-30 2021-08-31 Apple Inc. Systems and methods for facilitating health research
US9852276B2 (en) * 2014-07-03 2017-12-26 Scayl. Inc. System and methods for validating and managing user identities
US11728030B2 (en) 2014-09-29 2023-08-15 Apple Inc. Methods of treatment and diagnosis using enhanced patient-physician communication
US10339527B1 (en) 2014-10-31 2019-07-02 Experian Information Solutions, Inc. System and architecture for electronic fraud detection
US10152714B2 (en) * 2015-04-29 2018-12-11 Capital One Services, LLP System to automatically restore payment purchasing power
US11151468B1 (en) 2015-07-02 2021-10-19 Experian Information Solutions, Inc. Behavior analysis using distributed representations of event data
CA3060710A1 (en) 2017-04-27 2018-11-01 Robert Joseph SCHUKAI Systems and methods for identity atomization and usage
CA3061047A1 (en) 2017-04-27 2018-11-01 Financial & Risk Organisation Limited Systems and methods for distributed data mapping
US10699028B1 (en) 2017-09-28 2020-06-30 Csidentity Corporation Identity security architecture systems and methods
US10896472B1 (en) 2017-11-14 2021-01-19 Csidentity Corporation Security and identity verification system and architecture
US11265324B2 (en) 2018-09-05 2022-03-01 Consumerinfo.Com, Inc. User permissions for access to secure data at third-party
US11349823B2 (en) * 2018-09-28 2022-05-31 Dell Products, Lp System and method for PC as a service authentication and subscription via low power wide area network communications
WO2020072529A1 (en) 2018-10-02 2020-04-09 Capital One Services, Llc Systems and methods for cryptographic authentication of contactless cards
US10581611B1 (en) * 2018-10-02 2020-03-03 Capital One Services, Llc Systems and methods for cryptographic authentication of contactless cards
US11315179B1 (en) 2018-11-16 2022-04-26 Consumerinfo.Com, Inc. Methods and apparatuses for customized card recommendations
US11238656B1 (en) 2019-02-22 2022-02-01 Consumerinfo.Com, Inc. System and method for an augmented reality experience via an artificial intelligence bot
US11941065B1 (en) 2019-09-13 2024-03-26 Experian Information Solutions, Inc. Single identifier platform for storing entity data
US11636225B2 (en) 2020-05-22 2023-04-25 The Toronto-Dominion Bank Method and system for managing access to entity identity data
US11770377B1 (en) * 2020-06-29 2023-09-26 Cyral Inc. Non-in line data monitoring and security services

Family Cites Families (41)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
DE3166261D1 (en) * 1980-04-15 1984-10-31 Post Office Improvements in or relating to computer control systems
US5819226A (en) * 1992-09-08 1998-10-06 Hnc Software Inc. Fraud detection using predictive modeling
US5884289A (en) * 1995-06-16 1999-03-16 Card Alert Services, Inc. Debit card fraud detection and control system
US6094643A (en) * 1996-06-14 2000-07-25 Card Alert Services, Inc. System for detecting counterfeit financial card fraud
US7096003B2 (en) 1996-08-08 2006-08-22 Raymond Anthony Joao Transaction security apparatus
AU733803B2 (en) 1997-05-09 2001-05-24 Connotech Experts-Conseils Inc. Initial secret key establishment including facilities for verification of identity
US6636833B1 (en) 1998-03-25 2003-10-21 Obis Patents Ltd. Credit card system and method
DE19831884C2 (en) * 1998-07-17 2001-09-20 Ibm System and method for protection against analytical spying on secret information
US6529885B1 (en) 1999-03-18 2003-03-04 Oracle Corporation Methods and systems for carrying out directory-authenticated electronic transactions including contingency-dependent payments via secure electronic bank drafts
US6332134B1 (en) 1999-11-01 2001-12-18 Chuck Foster Financial transaction system
AU2086301A (en) * 1999-12-10 2001-06-18 Auripay, Inc. Method and apparatus for improved financial instrument processing
US6934858B2 (en) 1999-12-15 2005-08-23 Authentify, Inc. System and method of using the public switched telephone network in providing authentication or authorization for online transactions
US6516056B1 (en) * 2000-01-07 2003-02-04 Vesta Corporation Fraud prevention system and method
AU2001245808A1 (en) * 2000-03-17 2001-10-03 United States Postal Service Methods and systems for providing a secure electronic mailbox
US9098685B2 (en) * 2000-07-25 2015-08-04 Activcard Ireland Limited Flexible method of user authentication
US7809650B2 (en) * 2003-07-01 2010-10-05 Visa U.S.A. Inc. Method and system for providing risk information in connection with transaction processing
JP2002269350A (en) 2001-03-14 2002-09-20 Hitachi Ltd Transaction settlement method, transaction settlement system and portable communication terminal used therefor and settlement terminal for member store
EP1393179A4 (en) * 2001-05-08 2005-10-05 Ipool Corp Privacy protection system and method
US8001053B2 (en) * 2001-05-31 2011-08-16 Contentguard Holdings, Inc. System and method for rights offering and granting using shared state variables
EP1282024A1 (en) * 2001-07-30 2003-02-05 Hewlett-Packard Company Trusted identities on a trusted computing platform
US6811082B2 (en) 2001-09-18 2004-11-02 Jacob Y. Wong Advanced magnetic stripe bridge (AMSB)
US20030065626A1 (en) * 2001-09-28 2003-04-03 Allen Karl H. User verification for conducting health-related transactions
US20030070101A1 (en) 2001-10-09 2003-04-10 Buscemi James S. Method and apparatus for protecting personal information and for verifying identities
KR100439171B1 (en) * 2001-11-21 2004-07-05 한국전자통신연구원 Method for providing a trusted path between client and system
GB0131046D0 (en) * 2001-12-28 2002-02-13 Nokia Corp Service access
US20030187759A1 (en) * 2002-03-27 2003-10-02 First Data Corporation Systems and methods for electronically monitoring fraudulent activity
US20030208439A1 (en) 2002-05-03 2003-11-06 Rast Rodger H. Automated soft limit control of electronic transaction accounts
FR2841073B1 (en) * 2002-06-18 2007-03-30 Patient On Line INFORMATION MANAGEMENT SYSTEM FOR EMERGENCY SITUATION
US20040010472A1 (en) * 2002-07-12 2004-01-15 Hilby Robert T. System and method for verifying information
GB2392517A (en) * 2002-09-02 2004-03-03 Sony Uk Ltd Providing secure access to a database
US20040078324A1 (en) * 2002-10-16 2004-04-22 Carl Lonnberg Systems and methods for authenticating a financial account at activation
US20040111329A1 (en) 2002-12-10 2004-06-10 First Data Corporation Restricted-use transaction systems
US20040148256A1 (en) * 2003-01-23 2004-07-29 International Business Machines Corporation Fraud detection within an electronic payment system
US7941840B2 (en) * 2003-02-25 2011-05-10 Hewlett-Packard Development Company, L.P. Secure resource access
US7548886B2 (en) * 2003-06-12 2009-06-16 International Business Machines Corporation System and method for early detection and prevention of identity theft
US20050027983A1 (en) * 2003-08-01 2005-02-03 Klawon Kevin T. Integrated verification system
US7350237B2 (en) * 2003-08-18 2008-03-25 Sap Ag Managing access control information
JP4014165B2 (en) * 2003-10-29 2007-11-28 インターナショナル・ビジネス・マシーンズ・コーポレーション Access management system, access execution device, access execution program, access execution method, and recording medium
US7650644B2 (en) * 2003-11-25 2010-01-19 Sap Aktiengesellschaft Object-based access control
US7716135B2 (en) * 2004-01-29 2010-05-11 International Business Machines Corporation Incremental compliance environment, an enterprise-wide system for detecting fraud
US8412601B2 (en) * 2004-05-28 2013-04-02 Bank Of America Corporation Method and system to evaluate anti-money laundering risk

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
See references of EP1875344A4 *

Also Published As

Publication number Publication date
CA3048600C (en) 2023-01-03
US20060248593A1 (en) 2006-11-02
US8719953B2 (en) 2014-05-06
US20130104216A1 (en) 2013-04-25
EP1875344A2 (en) 2008-01-09
CA3048592C (en) 2022-06-21
CA2606263C (en) 2021-02-16
US20210326420A1 (en) 2021-10-21
CA3048600A1 (en) 2006-11-02
CA3048595A1 (en) 2006-11-02
US7779456B2 (en) 2010-08-17
US20110041172A1 (en) 2011-02-17
CA2606263A1 (en) 2006-11-02
EP1875344A4 (en) 2016-07-20
WO2006115715A3 (en) 2007-11-15
US8353027B2 (en) 2013-01-08
US20140207681A1 (en) 2014-07-24
CA3048592A1 (en) 2006-11-02
US9361658B2 (en) 2016-06-07

Similar Documents

Publication Publication Date Title
US20210326420A1 (en) Identity use server
US6985887B1 (en) Apparatus and method for authenticated multi-user personal information database
US8037512B2 (en) Protection of privacy data
US20050125686A1 (en) Method and system for preventing identity theft in electronic communications
US20100250411A1 (en) Method and system for centralized identity and account controls
US20030115148A1 (en) Method and apparatus for processing a secure transaction
US20120131657A1 (en) Apparatus and Method for Authenticated Multi-User Personal Information Database
US20100313273A1 (en) Securing or Protecting from Theft, Social Security or Other Sensitive Numbers in a Computerized Environment
WO2005125092A1 (en) Identity verification system
US20070294403A1 (en) Third party database security
Wójtowicz et al. New challenges for user privacy in cyberspace
Nanda et al. Oracle Privacy Security Auditing: Includes Federal Law Compliance with HIPAA, Sarbanes Oxley and the Gramm Leach Bliley Act GLB
US20070271221A1 (en) Securing social security numbers with pins
Arthur Conklin et al. Information security foundations for the interoperability of electronic health records
Elson et al. Customer information: protecting the organization’s most critical asset from misappropriation and identity theft
Alliance Privacy and Secure Identification Systems: The role of smart cards as a privacy-enabling technology
Wen et al. Privacy and security in E-healthcare information management
JP2004192577A (en) Double-authentication information managing system and method using ic card or personal identification device
CA2408181C (en) Apparatus and method for assuring the integrity of a multi-user personal information database
Ghorai et al. Business & legal framework for health data privacy assessment: Example of ambient assisted living online care coordination
Ahmed Identity Crime Prevention and Impact Minimization Strategy
Clark et al. Healthcare information security and assurance
WO2010054351A2 (en) Methods and apparatus related to transmission of confidential information to a relying entity
BR102023000630A2 (en) FRAUD PREVENTION DEFENSE SYSTEM, IDENTIFICATION DATA CONTROL PROCESS AND IDENTITY VALIDATION PROCESS
Smith et al. Identity theft and e-fraud driving CRM information exchanges

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application
ENP Entry into the national phase

Ref document number: 2606263

Country of ref document: CA

NENP Non-entry into the national phase

Ref country code: DE

WWE Wipo information: entry into national phase

Ref document number: 2006740508

Country of ref document: EP

NENP Non-entry into the national phase

Ref country code: RU