Method and system for protecting sensitive information and preventing unauthorized use of identity information
First Claim
1. A method of obtaining a piece of an information holder'"'"'s sensitive information stored in an information source computer system using a virtual identifier that corresponds to a piece of said information holder'"'"'s static information, comprising:
- a) receiving from a first device of said information holder, said piece of static information of said information holder by a processing entity computer system;
b) authenticating said information holder by said processing entity computer system using an authentication protocol and receiving validity information from said first device of said information holder or a second device of said information holder;
c) creating said virtual identifier by said processing entity computer system;
d) linking said virtual identifier to said information holder'"'"'s static information and said validity information by a data management system;
e) transmitting said virtual identifier from said processing entity computer system to said first device of said information holder, said second device of said information holder or a third device of said information holder;
f) receiving by said processing entity computer system a request for said piece of sensitive information of said information holder with said virtual identifier from a first device of a third party;
g) identifying by said processing entity computer system said static information of said information holder using said virtual identifier;
h) validating said virtual identifier by said processing entity computer system using said validity information;
i) transmitting a request for obtaining said piece of sensitive information of said information holder to said information source computer system by said processing entity computer system;
j) receiving said piece of sensitive information of said information holder from said information source computer system in response to said request for obtaining said piece of sensitive information;
k) transmitting said piece of sensitive information of said information holder to said first device of said third party or a second device of said third party from said processing entity computer system.
0 Assignments
0 Petitions
Accused Products
Abstract
This invention features a method and system for protecting sensitive information from being disclosed and preventing unauthorized use of identity information by third parties. Virtual identifiers that identify an information holder whose sensitive information is involved in the process currently, are dynamically created by an entity called processing entity. The virtual identifiers are usually linked to a static identity of the information holder through a data management mechanism, such as a database system. A virtual identifier could serve for multiple functions. Usually, validity attributes that indicate when and for how long a virtual identifier is valid for the different functions, are associated with the virtual identifier. When an information holder interacts with a third party in a process that involves the information holder'"'"'s sensitive information currently, the information holder uses a virtual identifier. Then, through a device connected to a network including wireless devices, telephone, a mail service, or direct human communication, the third party either passes along the virtual identifier to other parties or submits requests along with the virtual identifier to the processing entity which could map the virtual identifier to the static identity information and uses the static information to realize the requests.
-
Citations
18 Claims
-
1. A method of obtaining a piece of an information holder'"'"'s sensitive information stored in an information source computer system using a virtual identifier that corresponds to a piece of said information holder'"'"'s static information, comprising:
-
a) receiving from a first device of said information holder, said piece of static information of said information holder by a processing entity computer system; b) authenticating said information holder by said processing entity computer system using an authentication protocol and receiving validity information from said first device of said information holder or a second device of said information holder; c) creating said virtual identifier by said processing entity computer system; d) linking said virtual identifier to said information holder'"'"'s static information and said validity information by a data management system; e) transmitting said virtual identifier from said processing entity computer system to said first device of said information holder, said second device of said information holder or a third device of said information holder; f) receiving by said processing entity computer system a request for said piece of sensitive information of said information holder with said virtual identifier from a first device of a third party; g) identifying by said processing entity computer system said static information of said information holder using said virtual identifier; h) validating said virtual identifier by said processing entity computer system using said validity information; i) transmitting a request for obtaining said piece of sensitive information of said information holder to said information source computer system by said processing entity computer system; j) receiving said piece of sensitive information of said information holder from said information source computer system in response to said request for obtaining said piece of sensitive information; k) transmitting said piece of sensitive information of said information holder to said first device of said third party or a second device of said third party from said processing entity computer system. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17)
-
-
18. A method of obtaining a piece of an information holder'"'"'s sensitive information stored in an information destination computer system using a virtual identifier that corresponds to a piece of said information holder'"'"'s static information, comprising:
-
a) receiving from a first device of said information holder, said piece of static information of said information holder by a processing entity computer system; b) authenticating said information holder by said processing entity computer system using an authentication protocol and receiving validity information from said first device of said information holder or a second device of said information holder; c) creating said virtual identifier by said processing entity computer system; d) linking said virtual identifier to said information holder'"'"'s static information and said validity information by a data management system; e) transmitting said virtual identifier from said processing entity computer system to said first device of said information holder, said second device of said information holder or a third device of said information holder; f) receiving by said information destination computer system a request for said piece of sensitive information of said information holder with said virtual identifier from a third party device; g) receiving by said processing entity computer system a request for said piece of static information of said information holder with said virtual identifier from said information destination computer system; h) identifying by said processing entity computer system said static information of said information holder using said virtual identifier; i) validating said virtual identifier by said processing entity computer system using said validity information; j) transmitting said piece of static information of said information holder from said processing entity computer system to said information destination computer system.
-
Specification