Identity theft and fraud protection system and method

US 8,719,106 B2
Filed: 10/06/2006
Issued: 05/06/2014
Est. Priority Date: 10/07/2005
Status: Active Grant

First Claim

Patent Images

1. A method for protecting against theft of personal identity information during purchase transactions, said method comprising the steps of:

registering an individual subscriber as a member of an identity protection system and obtaining personal identity information from the subscribing member as storable computer data, including the subscribing member'"'"'s name and account information for at least one funding source of the subscribing member, the at least one funding source being independent and external to the identity protection system and managed by an external financial institution, the identity protection system having a surrogate member server for making surrogate purchases for members of the identity protection system;

encrypting, using the surrogate member server, the obtained personal identity information and storing the personal identity information as encrypted data;

fragmenting the encrypted data by a computer;

storing portions of the fragmented encrypted data, by at least one computer, independently at separate computer storage locations;

preventing third party access to the fragmented encrypted data;

receiving a request from the subscribing member to use the surrogate member server for use in conducting at least one online purchase transaction with a merchant;

determining, using the surrogate member server, a monetary purchase value amount that is needed to fund the at least one online purchase transaction;

allowing the subscribing member, using the surrogate member server, to select the at least one funding source from which funds will be used for indirect payment of the purchase transaction;

requesting, by the surrogate member server, authorization from the external financial institution for the monetary purchase value amount to be charged against the at least one funding source of the subscribing member;

obtaining approval from the external financial institution for the monetary purchase value amount;

assigning the monetary purchase value amount to a temporary card number selected from a plurality of pre-approved card numbers at the time of obtaining approval of the external financial institution for the monetary purchase value amount, and assigning the temporary card number to an anonymous controlled use card for exclusive use by the surrogate member server to conduct the online purchase transaction, the anonymous controlled use card having no traceable connection outside the identity protection system to any financial account of the subscribing member including the at least one funding source;

providing, using the surrogate member server, the controlled use card and fictitious personal identity information, in lieu of aspects of the subscribing member'"'"'s personal identity information required to complete the online purchase transaction, to the merchant on behalf of the subscribing member; and

wherein the merchant obtains credit approval and payment for the purchase transaction against the controlled use card in an amount not exceeding the approved monetary purchase value amount and wherein no aspects of the subscribing member'"'"'s personal identity information are revealed to the merchant by the surrogate member server.

View all claims

13 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A system and method for preventing personal identity theft when making online and offline purchases requires a Purchaser to first subscribe and become a Member user by registering, providing relevant personal identity information, and establishing two-way multi-factor authentication information for security purposes. The ID protection system obtains a controlled use card (CUC) through a CUC issuer on behalf of the Member for use in making each purchase transaction. The CUC is anonymous with respect to user (Member) identity and may be a purchase-specific single-use card or a multi-purpose card with no traceable connection to any other financial account. When the Member makes a secure purchase, the Merchant is presented with anonymous information, except in instances where the Member'"'"'s real identity information is required (e.g. airline tickets).

Citations

21 Claims

1. A method for protecting against theft of personal identity information during purchase transactions, said method comprising the steps of:
- registering an individual subscriber as a member of an identity protection system and obtaining personal identity information from the subscribing member as storable computer data, including the subscribing member'"'"'s name and account information for at least one funding source of the subscribing member, the at least one funding source being independent and external to the identity protection system and managed by an external financial institution, the identity protection system having a surrogate member server for making surrogate purchases for members of the identity protection system;
  
  encrypting, using the surrogate member server, the obtained personal identity information and storing the personal identity information as encrypted data;
  
  fragmenting the encrypted data by a computer;
  
  storing portions of the fragmented encrypted data, by at least one computer, independently at separate computer storage locations;
  
  preventing third party access to the fragmented encrypted data;
  
  receiving a request from the subscribing member to use the surrogate member server for use in conducting at least one online purchase transaction with a merchant;
  
  determining, using the surrogate member server, a monetary purchase value amount that is needed to fund the at least one online purchase transaction;
  
  allowing the subscribing member, using the surrogate member server, to select the at least one funding source from which funds will be used for indirect payment of the purchase transaction;
  
  requesting, by the surrogate member server, authorization from the external financial institution for the monetary purchase value amount to be charged against the at least one funding source of the subscribing member;
  
  obtaining approval from the external financial institution for the monetary purchase value amount;
  
  assigning the monetary purchase value amount to a temporary card number selected from a plurality of pre-approved card numbers at the time of obtaining approval of the external financial institution for the monetary purchase value amount, and assigning the temporary card number to an anonymous controlled use card for exclusive use by the surrogate member server to conduct the online purchase transaction, the anonymous controlled use card having no traceable connection outside the identity protection system to any financial account of the subscribing member including the at least one funding source;
  
  providing, using the surrogate member server, the controlled use card and fictitious personal identity information, in lieu of aspects of the subscribing member'"'"'s personal identity information required to complete the online purchase transaction, to the merchant on behalf of the subscribing member; and
  
  wherein the merchant obtains credit approval and payment for the purchase transaction against the controlled use card in an amount not exceeding the approved monetary purchase value amount and wherein no aspects of the subscribing member'"'"'s personal identity information are revealed to the merchant by the surrogate member server.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20)
- - 2. The method as recited in claim 1 wherein said at least one funding source of the subscribing member is a credit card account.
  - 3. The method as recited in claim 2 wherein said account information obtained during said step of registering includes a plurality of credit card accounts.
  - 4. The method as recited in claim 1 wherein said at least one funding source of the subscribing member is a bank account.
  - 5. The method as recited in claim 4 wherein the approved monetary purchase value amount to pay for the at least one purchase transaction is obtained from the bank account by direct debit.
  - 6. The method as recited in claim 4 wherein the approved monetary purchase value amount to pay for the at least one purchase transaction is obtained from the bank account by automated clearing house.
  - 7. The method as recited in claim 1 wherein said at least one funding source of the subscribing member is a debit card account.
  - 8. The method as recited in claim 1 wherein said at least one funding source of the subscribing member is an e-currency account.
  - 9. The method as recited in claim 1 wherein the approved monetary purchase value amount to pay for the at least one purchase transaction is obtained by electronic funds transfer.
  - 10. The method as recited in claim 1 further comprising the steps of:
    - providing the subscribing member with a user name and password; and
      
      providing a software application for installation on a computer used by the subscribing member.
  - 11. The method as recited in claim 10 wherein providing fictitious personal identity information comprises entering anonymous information in an order placement screen, via the software application, of the merchant on behalf of the subscribing member to avoid revealing any unnecessary personal identity information of the subscribing member to the merchant.
  - 12. The method as recited in claim 11 further comprising the steps of:
    - establishing an anonymous email address on behalf of the subscribing member;
      
      providing the anonymous email address to the merchant;
      
      receiving email communications from the merchant at the anonymous email address;
      
      allowing the subscribing member to access the email communications; and
      
      forwarding email communications from the subscribing member to the merchant via the anonymous email address without ever revealing the subscribing member'"'"'s real email address to the merchant.
  - 13. The method as recited in claim 1 further comprising:
    - receiving and verifying a user password of the subscribing member, the user password being predetermined by the subscribing member during the registering step;
      
      assigning the merchant a virtual password that is unknown to the subscribing member; and
      
      sending the virtual password to the merchant to complete the transaction.
  - 14. The method as recited in claim 13, wherein the virtual password is only usable for the at least one transaction and not thereafter.
  - 15. The method as recited in claim 1, wherein the subscribing member'"'"'s identity with respect to the at least one transaction is unknown to the merchant and to any external party that the merchant communicates with to obtain the credit approval and payment for the controlled used card.
  - 16. The method as recited in claim 15, wherein the merchant and any external party are unaware that the controlled used card is anonymous and not of a standard transaction.
  - 17. The method as recited in claim 1, wherein the obtaining approval step further comprises:
    - retrieving the fragmented and encrypted personal identity information from the separate computer storage locations for a limited time period,defragmenting the personal identity information in a secure encrypted environment that is only accessible by a computer in the computer-based system to access the personal identity information; and
      
      refragmenting the personal identity information for restorage at the separate computer multiple data storage locations after the limited time period.
  - 18. The method as recited in claim 17, wherein the personal identity information is refragmented randomly.
  - 19. The method as recited in claim 17, wherein a key code is required to defragment the personal identity information in the secure encrypted environment, and wherein the key code is stored in a key vault of the computer-based system.
  - 20. The method as recited in claim 19, wherein the key code is periodically changed by the computer-based system.

21. An identity protection system for protecting personal identity information during purchase transactions, said system comprising at least one server configured for:
- registering an individual subscriber as a member and obtaining personal identity information from the subscribing member as storable computer data, including the subscribing member'"'"'s name and account information for at least one funding source of the subscribing member, the at least one funding source being independent and external to the identity protection system and managed by an external financial institution, the identity protection system having a surrogate member server for making surrogate purchases for members of the identity protection system;
  
  encrypting the entered personal identity information by a computer;
  
  fragmenting the encrypted personal identity information by a computer;
  
  storing portions of the fragmented encrypted personal identity information, by at least one computer, independently at separate computer storage locations;
  
  receiving a request from the subscribing member to use the surrogate member server for use in conducting at least one online purchase transaction with a merchant;
  
  determining a monetary purchase value amount that is needed to fund the at least one online purchase transaction;
  
  allowing the subscribing member, using the surrogate member server, to select the at least one funding source from which funds will be used for indirect payment of the purchase transaction;
  
  requesting authorization from the external financial institution for the monetary purchase value amount to be charged against the at least one funding source of the subscribing member;
  
  obtaining approval from the external financial institution for the monetary purchase value amount;
  
  assigning the monetary purchase value amount to a temporary card number selected from a plurality of pre-approved card numbers at the time of obtaining approval of the external financial institution for the monetary purchase value amount, and assigning the temporary card number to an anonymous controlled use card for exclusive use by the surrogate member server to conduct the online purchase transaction, the anonymous controlled use card having no traceable connection outside the identity protection system to any financial account of the subscribing member including the at least one funding source;
  
  providing the controlled use card and fictitious personal identity information, in lieu of aspects of the subscribing member'"'"'s personal identity information required to complete the online purchase transaction, to the merchant on behalf of the subscribing member; and
  
  wherein the merchant obtains credit approval and payment for the purchase transaction against the controlled use card in an amount not exceeding the approved monetary purchase value amount and wherein no aspects of the subscribing member'"'"'s personal identity information are revealed to the merchant by the at least one server.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Aura Sub, LLC
Original Assignee
Kemesa Incorporated
Inventors
Bachenheimer, Steven I.
Primary Examiner(s)
CRAWLEY, TALIA F

Application Number

US12/083,147
Publication Number

US 20090259560A1
Time in Patent Office

2,769 Days
Field of Search

705/26, 705/74
US Class Current

705/26.1
CPC Class Codes

G06Q 20/02   involving a neutral party, ...

G06Q 20/12   specially adapted for elect...

G06Q 20/341   Active cards, i.e. cards in...

G06Q 20/385   using an alias or single-us...

G06Q 20/40   Authorisation, e.g. identif...

G06Q 20/4014   Identity check for transact...

G06Q 30/06   Buying, selling or leasing ...

G06Q 30/0601   Electronic shopping [e-shop...

G06Q 40/00   Finance; Insurance; Tax str...

G07F 7/1008   Active credit-cards provide...

G07F 7/1083   Counting of PIN attempts

Identity theft and fraud protection system and method

First Claim

13 Assignments

0 Petitions

Accused Products

Abstract

Citations

21 Claims

Specification

Solutions

Use Cases

Quick Links

Identity theft and fraud protection system and method

First Claim

13 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

21 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links