×

Managing user information—authorization masking

  • US 10,236,079 B2
  • Filed: 09/29/2014
  • Issued: 03/19/2019
  • Est. Priority Date: 05/30/2014
  • Status: Active Grant
First Claim
Patent Images

1. A computer-implemented method, comprising:

  • performing, by one or more processors of a computing device configured with a secure storage device and to execute computer-executable instructions, a plurality of operations comprising;

    receiving health information of a user associated with at least a subset of a plurality of different data types, the health information received from a data collection device of the user;

    storing the health information of the user in the secure storage device of the computing device;

    receiving, from a third-party application, an authorization request for accessing at least one data type of the plurality of different data types for the user, the at least one data type in the authorization request corresponding to the stored health information of the user;

    providing, via a user interface, the authorization request to the user;

    receiving a response from the user to the provided authorization request, the response indicating, to the computing device, whether the user has authorized access by the third-party application to the at least one data type;

    in response to receiving the user'"'"'s response to the provided authorization request, masking the user'"'"'s response to the authorization request by providing, to the third-party application, an indication that the authorization request was presented to the user without indicating whether the authorization request was approved or not;

    after providing the indication that the authorization request was presented to the user to the third-party application, receiving from the third-party application, a request for a value corresponding to the at least one data type;

    determining whether the value corresponding to the at least one data type is available to fulfill the request;

    providing, to the third-party application, a reply in response to determining that the value corresponding to the at least one data type is available to fulfill the request, wherein the computing device is configured to provide the reply by;

    providing, in accordance with a determination that the user has authorized access to the at least one data type, the value corresponding to the at least one data type to the third-party application; and

    providing, in accordance with a determination that the user has not authorized access to the at least one data type, the at least one data type with no value corresponding to the at least one data type to the third-party application.

View all claims
  • 1 Assignment
Timeline View
Assignment View
    ×
    ×