System and method for protecting identity information

US 20040187013A1
Filed: 03/11/2003
Published: 09/23/2004
Est. Priority Date: 03/11/2003
Status: Active Grant

First Claim

Patent Images

1. A method for using an identity service for protecting identity information during an electronic transaction, the method comprising:

registering an identity client, wherein the identity client possesses an associated multi-component identity; and

regulating access to the multi-component identity such that the identity service authorizes dissemination of fewer than all components of the multi-component identity to an identity requestor.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method is provided for using an identity service for protecting identity information during an electronic transaction. The method includes registering an identity client, wherein the identity client possesses an associated multi-component identity. The method further includes regulating access to the multi-component identity such that the identity service authorizes dissemination of fewer than all components of the multi-component identity to an identity requestor. The invention additionally includes a method for providing client identity repair in order to protect a client from fraudulent distribution of electronically available client identity information. The method for providing repair includes creating a new identity reference upon detection of fraudulent distribution of identity information and tracking attempts to access an old identity reference. The method additionally includes determining if the attempts to access the old identity reference are authorized and re-directing the attempts to the new identity reference if the attempts were authorized and denying access to the new identity reference if the attempts were not authorized. An associated identity service and insurance and repair service are provided to perform these functions.

Citations

39 Claims

1. A method for using an identity service for protecting identity information during an electronic transaction, the method comprising:
- registering an identity client, wherein the identity client possesses an associated multi-component identity; and
  
  regulating access to the multi-component identity such that the identity service authorizes dissemination of fewer than all components of the multi-component identity to an identity requestor.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 25)
- - 2. The method of claim 1, further comprising creating a unique identity pointer with the identity service that controls access to the multi-component identity.
  - 3. The method of claim 1, further comprising accessing the multi-component identity outside of the identity service.
  - 4. The method of claim 1, further comprising receiving an identity information request from an identity requestor participating in a retail transaction.
  - 5. The method of claim 1, further comprising determining appropriate identity components by locating a requestor class.
  - 6. The method of claim 5, wherein locating a requestor class comprises locating one of a merchant class, credit service provider class;
    - and delivery service class.
  - 7. The method of claim 6, wherein a component available for the merchant class is verification of sufficient funds.
  - 8. The method of claim 6, wherein a component available for the credit service provider class includes a transaction amount.
  - 9. The method of claim 6, wherein components available for the delivery service class include an address and phone number.
  - 10. The method of claim 1, further comprising tagging distributed identity information in order to indicate origin.
  - 11. The method of claim 10, further comprising providing identity repair upon detection of fraudulently distributed identity information.
  - 12. A computer-readable medium having computer-executable instructions for performing the method recited in claim 1.
  - 25. The system of claim 1, further comprising means for tagging distributed identity information in order to indicate origin.

13. An identity service for protecting identity information during an electronic transaction, the identity service comprising:
- registration tools for registering identity clients and identity requestors, wherein each identity client is associated with an identity having a plurality of discrete components;
  
  reference tools for creating a unique identity pointer to reference the identity of each identity client; and
  
  access distribution logic for regulating access to the identity such that each registered identity requestor is entitled to access fewer than all components of the identity.
- View Dependent Claims (14, 15, 16, 17)
- - 14. The identity service of claim 13, wherein the identity information distribution logic determines the components of available information by locating a requestor class.
  - 15. The identity service of claim 14, wherein the requestor class includes one of a merchant class, credit service provider class;
    - and delivery service class.
  - 16. The identity service of claim 15, wherein available identity components for the merchant class includes verification of sufficient funds, available identity components for the credit service provider class include a transaction amount, and available identity components for the delivery service class include an address and phone number.
  - 17. The identity service of claim 13, further comprising identity insurance and repair mechanisms.

18. A system for controlling distribution of client identity information during an electronic transaction, the system comprising:
- identity request processing tools for processing a request for client identity information from an identity requestor;
  
  identity information distribution logic for determining a type of client identity information available to the identity information requestor;
  
  reference tools for referencing the type of available client identity information; and
  
  identity information dissemination tools for providing the available type of identity information to the identity requestor.
- View Dependent Claims (19, 20, 21, 22, 23, 24, 26)
- - 19. The system of claim 18, wherein the reference tools comprise an identity pointer for pointing to the client identity information.
  - 20. The system of claim 18, wherein the identity requestor is a participant in a retail transaction.
  - 21. The system of claim 18, wherein the identity information distribution logic determines the type of available information by locating a requestor class.
  - 22. The system of claim 21, wherein the requestor class includes one of a merchant class, credit service provider class;
    - and delivery service class.
  - 23. The system of claim 22, wherein available identity information for the merchant class includes verification of sufficient funds, available identity information for the credit service provider class includes a transaction amount, and available identity information for the delivery service class includes an address and phone number.
  - 24. The system of claim 18, wherein the client identity information is located outside the identity service.
  - 26. The system of claim 18, further comprising an identity insurance component for providing identity repair upon detection of fraudulently distributed identity information.

27. A method for controlling distribution of client identity information during an electronic transaction using an identity service, the method comprising:
- receiving an incoming request for client identity information from an identity requestor;
  
  determining a subset of client identity information available to the identity requestor;
  
  referencing the available subset of client identity information; and
  
  disseminating only the available subset of client identity information to the identity requestor.
- View Dependent Claims (28, 29, 30, 31, 32, 33, 34, 35, 36)
- - 28. The method of claim 27, further comprising referencing the available subset of client identity information using an identity pointer to the identity information.
  - 29. The method of claim 27, wherein the client identity information is located outside of the identity service.
  - 30. The method of claim 27, further comprising receiving the identity information request from an identity requestor participating in a retail transaction.
  - 31. The method of claim 27, further comprising determining a type of available information by locating a requestor class.
  - 32. The method of claim 31, wherein locating a requestor class comprises locating one of a merchant class, credit service provider class;
    - and delivery service class.
  - 33. The method of claim 32, wherein available identity information for the merchant class includes verification of sufficient funds, available identity information for the credit service provider class includes a transaction amount, and available identity information for the delivery service class includes an address and phone number.
  - 34. The method of claim 27, further comprising tagging distributed identity information in order to indicate origin.
  - 35. The method of claim 27, further comprising providing identity repair upon detection of fraudulently distributed identity information.
  - 36. A computer-readable medium having computer-executable instructions for performing the method recited in claim 27.

37. A method for providing client identity repair in order to protect a client from fraudulent distribution of electronically available client identity information, the method comprising:
- creating a new identity reference upon detection of potentially fraudulent distribution of identity information;
  
  tracking attempts to access an old identity reference;
  
  determining if the attempts to access the old identity reference are authorized; and
  
  re-directing the attempts to the new identity reference if the attempts were authorized and denying access to the new identity reference if the attempts were not authorized.
- View Dependent Claims (38, 39)
- - 38. The method of claim 37, further comprising marking electronically disseminated information in order to identify a source of the disseminated information.
  - 39. A computer-readable medium having computer-executable instructions for performing the method recited in claim 37.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Microsoft Technology Licensing LLC (Microsoft Corporation)
Original Assignee
Microsoft Corporation
Inventors
Cluts, Jonathan C., Heath, Pamela J., Pleyer, Sven

Granted Patent

US 7,162,640 B2
Time in Patent Office

Days
Field of Search
US Class Current

713/200
CPC Class Codes

G06F 21/6263   during internet communicati...

G06F 21/6272   by registering files or doc...

G06Q 20/341   Active cards, i.e. cards in...

G06Q 20/4014   Identity check for transact...

G07F 7/1008   Active credit-cards provide...

G07F 7/1083   Counting of PIN attempts

System and method for protecting identity information

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

Citations

39 Claims

Specification

Solutions

Use Cases

Quick Links

System and method for protecting identity information

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

39 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links