THIRD PARTY DATABASE SECURITY
First Claim
1. A method of restricting access to information, which information is retained by a company and relates to a person, to a third party authorized by the person, the method comprising:
- (a) the person obtaining an authorization device, wherein the authorization device expires automatically after a predetermined event;
(b) the third party receiving the authorization device;
(c) the third party conveying the authorization device to the company;
(d) the company permitting the third party to access the information about the person before the authorization device has expired, and prohibiting the third party from accessing the information about the person after the authorization device has expired; and
(e) the authorization device expiring automatically after the predetermined event.
0 Assignments
0 Petitions
Accused Products
Abstract
A method for increasing the control people and companies have over release of financial and other sensitive information. The method includes the use of a password that expires in a predetermined amount of time or after a predetermined number of uses. The password is given to a creditor or other third party desiring access to such information from information companies, such as credit reporting bureaus. With the password, the creditor can access the person'"'"'s information. Without the password, or once the password has expired, the creditor cannot access the person'"'"'s information. This permits legitimate credit-seeking persons to obtain credit, and prevents thieves from obtaining credit in someone else'"'"'s name.
25 Citations
11 Claims
-
1. A method of restricting access to information, which information is retained by a company and relates to a person, to a third party authorized by the person, the method comprising:
-
(a) the person obtaining an authorization device, wherein the authorization device expires automatically after a predetermined event; (b) the third party receiving the authorization device; (c) the third party conveying the authorization device to the company; (d) the company permitting the third party to access the information about the person before the authorization device has expired, and prohibiting the third party from accessing the information about the person after the authorization device has expired; and (e) the authorization device expiring automatically after the predetermined event. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
-
-
11. A method of restricting access to information, which information is retained by a company and relates to a person, to a third party authorized by the person, the method comprising:
-
(a) the person obtaining a password from a password generator, wherein the password expires after a predetermined time; (b) the person conveying the password to the third party; (c) the third party conveying the password to the company; (d) the company permitting the third party to access the information about the person before the password has expired, and prohibiting the third party from accessing the information about the person after the password has expired; and (e) the password expiring automatically after the passage of the predetermined time.
-
Specification