Secure information storage and delivery system and method

US 9,049,190 B2
Filed: 12/02/2013
Issued: 06/02/2015
Est. Priority Date: 02/08/2008
Status: Active Grant

First Claim

Patent Images

1. A method comprising:

receiving a user service type, the user service type comprising a size of a secure vault at a vault repository;

receiving, at the vault repository, user-identification information for verifying the identity of a user;

transmitting, in response to determining that the user-identification information is valid, a soft token to a computing device associated with the user, the soft token configured to generate a first single-use password;

receiving, at the vault repository, the first single-use password generated by the soft token;

generating, at the vault repository, a second single-use password;

authenticating, based on the first single-use password and the second single-use password, the computing device to access the secure vault at the vault repository;

receiving, at the vault repository, a request for data associated with the user, the request comprising a destination address;

identifying, in response to receiving the request, the data in the secure vault; and

sending the data to the destination address.

View all claims

21 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A system for secure information storage and delivery includes a vault repository that includes a secure vault associated with a user, wherein the secure vault is associated with a service level including at least one of a data type or a data size limit associated with the secure vault, the secure vault being adapted to receive and at least one data entry and securely store the at least one data entry if the at least one of a size or a type of the at least one data entry is consistent with the service level. A mobile vault server coupled to the vault repository creates a mobile vault on a mobile device based on the secure vault and is capable of authenticating the mobile device based on user authentication information. The mobile vault server includes a mobile device handler that communicates with the mobile device. A synchronization utility determines whether the at least one data entry on the secure vault is transferable to or storable on the mobile vault based on at least one of the size or the type of the at least one data entry and transfers the at least one data entry from the secure vault to a corresponding data entry on the mobile vault if the at least one data entry on the secure vault is determined to be transferable to or storable on the mobile vault.

Citations

25 Claims

1. A method comprising:
- receiving a user service type, the user service type comprising a size of a secure vault at a vault repository;
  
  receiving, at the vault repository, user-identification information for verifying the identity of a user;
  
  transmitting, in response to determining that the user-identification information is valid, a soft token to a computing device associated with the user, the soft token configured to generate a first single-use password;
  
  receiving, at the vault repository, the first single-use password generated by the soft token;
  
  generating, at the vault repository, a second single-use password;
  
  authenticating, based on the first single-use password and the second single-use password, the computing device to access the secure vault at the vault repository;
  
  receiving, at the vault repository, a request for data associated with the user, the request comprising a destination address;
  
  identifying, in response to receiving the request, the data in the secure vault; and
  
  sending the data to the destination address.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17)
- - 2. The method of claim 1, wherein the user-identification information comprises a username and a password associated with the user, and wherein the determining that the user-identification information is valid comprises validating the username and the password.
  - 3. The method of claim 2, wherein the user-identification information comprises an access code different from the username and the password, and wherein the determining that the user-identification information is valid comprises validating the access code.
  - 4. The method of claim 1, wherein the soft token generates the first single-use password using a mathematical algorithm based on a previously-generated single-use password.
  - 5. The method of claim 1, wherein the soft token generates the first single-use password based on time-synchronization between a single-use password server and the soft token.
  - 6. The method of claim 1, wherein the soft token generates the first single-use password using a mathematical algorithm based on a challenge and a counter.
  - 7. The method of claim 1, comprising:
    - comparing the first single-use password generated by the soft token and the second single-use password generated at the vault repository,wherein the authenticating is based on determining, based on the comparing, that the first single-use password is the same as the second single-use password.
  - 8. The method of claim 1, comprising:
    - creating the secure vault at the vault repository, the secure vault being associated with the user, the secure vault being adapted to securely store at least one data entry associated with the user.
  - 9. The method of claim 1, comprising:
    - granting the computing device access to at least one data entry in the secure vault based on the first single-use password and the second single-use password.
  - 10. The method of claim 1,wherein the request comprises a delivery mode, andwherein the data is formatted, according to the delivery mode, for delivery to the destination address.
  - 11. The method of claim 10, wherein the data is formatted for delivery to the destination address via facsimile.
  - 12. The method of claim 10, wherein the data is formatted for delivery to the destination address via email.
  - 13. The method of claim 10, wherein the data is formatted for delivery to the destination address via SMS message.
  - 14. The method of claim 1, comprising:
    - creating, on the computing device associated with the user, a second secure vault adapted to securely store at least one data entry associated with the user.
  - 15. The method of claim 14, comprising:
    - synchronizing the secure vault with the second secure vault by transferring the at least one data entry from one of the secure vault and the second secure vault to the other of the secure vault and the second secure vault.
  - 16. The method of claim 15, wherein the at least one data entry is transferred from the one of the secure vault and the second secure vault to the other of the secure vault and the second secure vault based on whether the at least one data entry in the secure vault or the at least one data entry in the second secure vault was most-recently updated.
  - 17. The method of claim 15, comprising:
    - determining, before the synchronizing, whether a size of the at least one data entry is too large for transfer; and
      
      preventing, in response to determining that the size of the at least one data entry is too large for transfer, the at least one data entry from being transferred.

18. A system comprising:
- at least one processor; and
  
  non-transitory computer-readable media storing program instructions that, when executed by the at least one processor, cause the system to perform the steps of;
  
  receiving a user service type, the user service type comprising a size of a secure vault at a vault repository;
  
  receiving, at the vault repository, user-identification information for verifying the identity of a user;
  
  transmitting, in response to determining that the user-identification information is valid, a soft token to a computing device associated with the user, the soft token configured to generate a first single-use password;
  
  receiving, at the vault repository, the first single-use password generated by the soft token;
  
  generating, at the vault repository, a second single-use password;
  
  authenticating, based on the first single-use password and the second single-use password, the computing device to access the secure vault at the vault repository;
  
  receiving, at the vault repository, a request for data associated with the user, the request comprising a destination address;
  
  identifying, in response to receiving the request, the data in the secure vault; and
  
  sending the data to the destination address.
- View Dependent Claims (19, 20, 21)
- - 19. The system of claim 18, wherein the non-transitory computer-readable media stores program instructions that, when executed by the at least one processor, cause the system to perform the step of:
    - creating the secure vault at the vault repository, the secure vault being associated with the user, the secure vault being adapted to securely store at least one data entry associated with the user.
  - 20. The system of claim 18, wherein the non-transitory computer-readable media stores program instructions that, when executed by the at least one processor, cause the system to perform the step of:
    - synchronizing the secure vault with a second secure vault by transferring the at least one data entry from one of the secure vault and the second secure vault to the other of the secure vault and the second secure vault.
  - 21. The system of claim 18, wherein the non-transitory computer-readable media stores program instructions that, when executed by the at least one processor, cause the system to perform the steps of:
    - determining whether a size of the at least one data entry is too large for transfer; and
      
      preventing, in response to determining that the size of the at least one data entry is too large for transfer, the at least one data entry from being transferred.

22. One or more non-transitory computer-readable media storing program instructions that, when executed by a computer, cause the computer to perform the steps of:
- receiving a user service type, the user service type comprising a size of a secure vault at a vault repository on the computer;
  
  receiving, at the vault repository on the computer, user-identification information for verifying the identity of a user;
  
  transmitting, in response to determining that the user-identification information is valid, a soft token to a computing device associated with the user, the soft token configured to generate a first single-use password;
  
  receiving, at the vault repository, the first single-use password generated by the soft token;
  
  generating, at the vault repository, a second single-use password;
  
  authenticating, based on the first single-use password and the second single-use password, the computing device to access the secure vault at the vault repository;
  
  receiving, at the vault repository, a request for data associated with the user, the request comprising a destination address;
  
  identifying, in response to receiving the request, the data in the secure vault; and
  
  sending the data to the destination address.
- View Dependent Claims (23, 24, 25)
- - 23. The one or more non-transitory computer-readable media of claim 22, storing program instructions that, when executed by the computer, cause the computer to perform the step of:
    - creating the secure vault at the vault repository, the secure vault being associated with the user, the secure vault being adapted to securely store at least one data entry associated with the user.
  - 24. The one or more non-transitory computer-readable media of claim 22, storing program instructions that, when executed by the computer, cause the computer to perform the step of:
    - synchronizing the secure vault with a second secure vault by transferring the at least one data entry from one of the secure vault and the second secure vault to the other of the secure vault and the second secure vault.
  - 25. The one or more non-transitory computer-readable media of claim 22, storing program instructions that, when executed by the computer, cause the computer to perform the steps of:
    - determining whether a size of the at least one data entry is too large for transfer; and
      
      preventing, in response to determining that the size of the at least one data entry is too large for transfer, the at least one data entry from being transferred.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Aura Sub, LLC
Original Assignee
Intersections Incorporated (Aura Sub, LLC)
Inventors
Slaton, Jonathan, Johnson, Ryan B., Tran, Toan, Reed, David, Ravindran, Abhilash, Tsantes, George K.
Primary Examiner(s)
Traore, Fatoumata
Assistant Examiner(s)
ABEDIN, SHANTO

Application Number

US14/094,212
Publication Number

US 20140165168A1
Time in Patent Office

547 Days
Field of Search

726 2- 6, 726/30, 713/168, 713182-185, 707/607, 707/608, 707/621, 707/781, 709/219, 709/248
US Class Current

1/1
CPC Class Codes

G06Q 20/36   using electronic wallets or...

G06Q 40/03   Credit; Loans; Processing t...

H04L 2463/082   applying multi-factor authe...

H04L 63/08   for authentication of entit...

H04L 63/0815   providing single-sign-on or...

H04L 63/083   using passwords cryptograph...

H04L 63/0838   using one-time-passwords

H04W 12/06   Authentication

H04W 12/068   using credential vaults, e....

H04W 12/08   Access security

Secure information storage and delivery system and method

First Claim

21 Assignments

0 Petitions

Accused Products

Abstract

Citations

25 Claims

Specification

Solutions

Use Cases

Quick Links

Secure information storage and delivery system and method

First Claim

21 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

25 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links