Privacy leakage protection

US 9,424,438 B2
Filed: 03/31/2014
Issued: 08/23/2016
Est. Priority Date: 03/31/2014
Status: Active Grant

First Claim

Patent Images

1. A system, comprising:

a client device, including,a memory component on the client device, the memory component is arranged to securely store personal information of a user via a password,a control module arranged to encrypt requested personal information requested by a third-party website using a received transport token from the third-party website, in response to a first input received from the user to privately reveal the requested personal information to the third-party website after the user has already logged in to the third-party website, wherein the transport token comprises an encryption token and is generated by the third-party website, the personal information is used to complete a transaction between the user and the third-party website,a display module arranged to display the received transport token and the requested personal information to the user for verification by the user, anda communication module arranged to send the encrypted requested personal information to the third-party website, in response to a second input from the user comprising the transport token and authorization to send the requested personal information to the third-party website for decryption by the third-party website using the transport token to complete the transaction; and

a server component arranged to receive the transport token from the third-party website and to send the transport token to the client device, and arranged to send the encrypted requested information from the client device to the third-party website, the server component being unable to read the encrypted requested personal information and having no access to unencrypted personal information.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A client device securely transfers personal information to a third-party website. The client device stores personal information of a user and encrypts personal information requested by the third-party website, so that the third-party website can decrypt and retrieve the personal information, and so that a remote proxy server facilitating the transfer of personal information from the client device to the third-party website cannot read the encrypted personal information and has no access to unencrypted personal information.

Citations

19 Claims

1. A system, comprising:
- a client device, including,a memory component on the client device, the memory component is arranged to securely store personal information of a user via a password,a control module arranged to encrypt requested personal information requested by a third-party website using a received transport token from the third-party website, in response to a first input received from the user to privately reveal the requested personal information to the third-party website after the user has already logged in to the third-party website, wherein the transport token comprises an encryption token and is generated by the third-party website, the personal information is used to complete a transaction between the user and the third-party website,a display module arranged to display the received transport token and the requested personal information to the user for verification by the user, anda communication module arranged to send the encrypted requested personal information to the third-party website, in response to a second input from the user comprising the transport token and authorization to send the requested personal information to the third-party website for decryption by the third-party website using the transport token to complete the transaction; and
  
  a server component arranged to receive the transport token from the third-party website and to send the transport token to the client device, and arranged to send the encrypted requested information from the client device to the third-party website, the server component being unable to read the encrypted requested personal information and having no access to unencrypted personal information.
- View Dependent Claims (2, 3)
- - 2. The system of claim 1, further comprising another client device, and wherein the server component is arranged to synchronize the personal information between the client device and the other client device, the personal information being encrypted during the synchronization.
  - 3. The system of claim 1, wherein the server component is arranged to communicate with the client device and/or the third-party website via a standardized open data protocol.

4. A client device, comprising:
- a memory component arranged to store personal information of a user;
  
  a control module, the control module configured to encrypt requested personal information of a user by a request from a third-party website to complete a transaction between the user and the third-party website after the user has logged in to the third-party website, wherein the requested personal information of the user is encrypted using a transport token comprising an encryption token received from the third-party website via a remote server component, the transport token is generated by the third-party website;
  
  a display module arranged to display the received transport token and the personal information to the user for verification by the user; and
  
  a communication module arranged to send the encrypted requested personal information to the third-party website via the remote server component, the encrypted requested personal information is decrypted by the third-party website using the transport token to complete the transaction, wherein the remote server component is unable to read the encrypted requested personal information and has no access to unencrypted personal information.
- View Dependent Claims (5, 6, 7, 8, 9)
- - 5. The client device of claim 4, wherein the communication module is arranged to send the encrypted requested personal information to the third-party website via one or more remote proxy servers and without exposing unencrypted requested personal information to the one or more remote proxy servers.
  - 6. The client device of claim 5, wherein the one or more remote proxy servers are arranged to identify the client device during the third-party website request, based on prior registration of the client device with the one or more remote proxy servers.
  - 7. The client device of claim 4, wherein the communication module is further arranged to send the encrypted requested personal information to a remote proxy server arranged to forward the encrypted requested personal information to the third-party website using an open data standard, the remote proxy server being unable to read the encrypted requested personal information and having no access to unencrypted personal information.
  - 8. The client device of claim 4, wherein the control module is arranged to encrypt the requested personal information using a local password and to share the encrypted requested personal information with another client device via a remote proxy server that is unable to read the encrypted requested personal information.
  - 9. The client device of claim 4, wherein the control module is arranged to automatically retrieve address information of the user from the memory component and the display module is arranged to display the address information for user verification, in response to the request from the third-party website for user address information to complete the transaction.

10. A method, comprising:
- storing personal information of a user at a local client device;
  
  receiving a first input from the user to privately reveal requested personal information to a third-party website to complete a transaction between the user and the third-party website after the user has logged in to the third-party website;
  
  displaying a received transport token from the third-party website via a remote server component to the user at the client device, the transport token comprises an encryption token;
  
  receiving a second input from the user comprising the transport token and authorization to send the requested personal information to the third-party website;
  
  encrypting the requested personal information using the transport token at the client device; and
  
  sending the encrypted requested personal information from the client device to the third-party website via the remote server component for decryption by the third-party website to complete the transaction.
- View Dependent Claims (11, 12, 13, 14, 15, 16, 17, 18, 19)
- - 11. The method of claim 10, further comprising registering the client device to a remote proxy server, for passing the encrypted requested personal information to third-party websites.
  - 12. The method of claim 10, further comprising receiving the transport token from the third-party website via the remote server component.
  - 13. The method of claim 10, further comprising:
    - encrypting the personal information at the client device;
      
      synchronizing the personal information with another client device via a remote proxy server; and
      
      decrypting the personal information at the other client device.
  - 14. The method of claim 10, wherein the transport token is sent from the third-party website to the client device by a remote proxy server.
  - 15. The method of claim 10, wherein the encrypted requested personal information is sent from the client device to the third-party web site by a remote proxy server.
  - 16. The method of claim 15, wherein the remote proxy server is unable to read the encrypted requested personal information and has no access to unencrypted personal information.
  - 17. The method of claim 15, wherein the client device, the third-party web site, and the remote proxy server send and/or receive the encrypted requested personal information via a standardized open data protocol.
  - 18. The method of claim 10, wherein the third-party website decrypts the encrypted requested personal information using the transport token, and deletes the encrypted requested personal information after fulfillment of a transaction.
  - 19. The method of claim 10, wherein the client device comprises one of a smartphone, a personal digital assistant, a desktop computing device, a mobile computing device, a wearable computing device, or a digital tablet device.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
SAP SE
Original Assignee
SAP SE
Inventors
Lin, Wei
Primary Examiner(s)
Zand, Kambiz
Assistant Examiner(s)
KAPLAN, BENJAMIN A

Application Number

US14/230,010
Publication Number

US 20150278550A1
Time in Patent Office

876 Days
Field of Search

713/153
US Class Current

1/1
CPC Class Codes

G06F 21/6263   during internet communicati...

H04L 63/04   for providing a confidentia...

H04L 63/0428   wherein the data content is...

H04L 63/06   for supporting key manageme...

Privacy leakage protection

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

Citations

19 Claims

Specification

Solutions

Use Cases

Quick Links

Privacy leakage protection

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

19 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links