Managing user information—authorization masking
First Claim
Patent Images
1. A computer-implemented method, comprising:
- performing, by one or more processors of a computing device configured with a secure storage device and to execute computer-executable instructions, a plurality of operations comprising;
receiving health information of a user associated with at least a subset of a plurality of different data types, the health information received from a data collection device of the user;
storing the health information of the user in the secure storage device of the computing device;
receiving, from a third-party application, an authorization request for accessing at least one data type of the plurality of different data types for the user, the at least one data type in the authorization request corresponding to the stored health information of the user;
providing, via a user interface, the authorization request to the user;
receiving a response from the user to the provided authorization request, the response indicating, to the computing device, whether the user has authorized access by the third-party application to the at least one data type;
in response to receiving the user'"'"'s response to the provided authorization request, masking the user'"'"'s response to the authorization request by providing, to the third-party application, an indication that the authorization request was presented to the user without indicating whether the authorization request was approved or not;
after providing the indication that the authorization request was presented to the user to the third-party application, receiving from the third-party application, a request for a value corresponding to the at least one data type;
determining whether the value corresponding to the at least one data type is available to fulfill the request;
providing, to the third-party application, a reply in response to determining that the value corresponding to the at least one data type is available to fulfill the request, wherein the computing device is configured to provide the reply by;
providing, in accordance with a determination that the user has authorized access to the at least one data type, the value corresponding to the at least one data type to the third-party application; and
providing, in accordance with a determination that the user has not authorized access to the at least one data type, the at least one data type with no value corresponding to the at least one data type to the third-party application.
1 Assignment
0 Petitions
Accused Products
Abstract
Systems, methods, and computer-readable medium are provided for managing user information. For example, data of the user may be stored in a memory. A request for a user to authorize access of at least a portion of the data may be provided. The authorization may be for an application to access the portion of the data. In some examples, a response to the request may be received, and an indication that the request was provided to the user may be provided without indicating whether the user denied the request.
-
Citations
20 Claims
-
1. A computer-implemented method, comprising:
performing, by one or more processors of a computing device configured with a secure storage device and to execute computer-executable instructions, a plurality of operations comprising; receiving health information of a user associated with at least a subset of a plurality of different data types, the health information received from a data collection device of the user; storing the health information of the user in the secure storage device of the computing device; receiving, from a third-party application, an authorization request for accessing at least one data type of the plurality of different data types for the user, the at least one data type in the authorization request corresponding to the stored health information of the user; providing, via a user interface, the authorization request to the user; receiving a response from the user to the provided authorization request, the response indicating, to the computing device, whether the user has authorized access by the third-party application to the at least one data type; in response to receiving the user'"'"'s response to the provided authorization request, masking the user'"'"'s response to the authorization request by providing, to the third-party application, an indication that the authorization request was presented to the user without indicating whether the authorization request was approved or not; after providing the indication that the authorization request was presented to the user to the third-party application, receiving from the third-party application, a request for a value corresponding to the at least one data type; determining whether the value corresponding to the at least one data type is available to fulfill the request; providing, to the third-party application, a reply in response to determining that the value corresponding to the at least one data type is available to fulfill the request, wherein the computing device is configured to provide the reply by; providing, in accordance with a determination that the user has authorized access to the at least one data type, the value corresponding to the at least one data type to the third-party application; and providing, in accordance with a determination that the user has not authorized access to the at least one data type, the at least one data type with no value corresponding to the at least one data type to the third-party application. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
8. A user device, comprising:
-
a memory configured to store computer-executable instructions; and a processor in communication with the memory configured to execute the computer-executable instructions to at least; configure the memory to store health data of a user; present a request, on an interface of the user device, for the user to authorize access of at least one data type of the health data to a third-party application of the user device; receive, from the interface of the user device, a response to the request, the response indicating, to the user device, whether the user has authorized access by the third-party application to the at least one data type; in response to receiving the user'"'"'s response to the presented request, mask the user'"'"'s response to the request by providing to the third-party application of the user device, an indication that the request was presented on the interface without indicating whether the request was approved or not; after providing the indication that the request was presented to the user to the third-party application, receive from the application, a request for a value corresponding to the at least one data type; determine whether the value corresponding to the at least one data type is available to fulfill the request for the value from the application; provide, to the third-party application a reply in response to determining that the value corresponding to the at least one data type is available to fulfill the request, wherein the user device is configured to provide the reply by; providing, in accordance with a determination that the user has authorized access to the at least one data type, the value corresponding to the at least one data type to the third-party application; and providing, in accordance with a determination that the user has not authorized access to the at least one data type, the at least one data type with no value corresponding to the at least one data type to the third-party application. - View Dependent Claims (9, 10, 11, 12, 13, 14, 15)
-
-
16. A non-transitory computer-readable storage medium storing computer-executable instructions that, when executed by a processor of a user device, configure the processor to perform operations comprising:
-
storing health information associated with a user in a data store of the user device; receiving a first request, from an application, for authorization to access the health information; providing, via a user interface, the first request to the user, for the user to authorize access of at least one data type of the health information to the application; receiving a response to the first request, the response indicating, to the user device, whether the user has authorized access by the application to the at least one data type; in response to receiving the user'"'"'s response to the authorization request, masking the user'"'"'s response to the authorization request by providing, to the application, an indication that the first request was presented to the user without indicating whether the first request was approved or not; after providing the indication that the authorization request was presented to the user to the application, receiving a second request, from the application, for a value corresponding to the at least one data type; determining whether the value corresponding to the at least one data type is available to fulfill the second request; providing, to the application, a reply in response to determining that the value corresponding to the at least one data type is available to fulfill the second request, wherein the user device is configured to provide the reply by; providing, in accordance with a determination that the user has authorized access to the at least one data type, the value corresponding to the at least one data type to the application; and providing, in accordance with a determination that the user has not authorized access to the at least one data type, the at least one data type with no value corresponding to the at least one data type to the application in response to the second request. - View Dependent Claims (17, 18, 19, 20)
-
Specification