Privacy leakage protection
First Claim
Patent Images
1. A system, comprising:
- a client device, including,a memory component on the client device, the memory component is arranged to securely store personal information of a user via a password,a control module arranged to encrypt requested personal information requested by a third-party website using a received transport token from the third-party website, in response to a first input received from the user to privately reveal the requested personal information to the third-party website after the user has already logged in to the third-party website, wherein the transport token comprises an encryption token and is generated by the third-party website, the personal information is used to complete a transaction between the user and the third-party website,a display module arranged to display the received transport token and the requested personal information to the user for verification by the user, anda communication module arranged to send the encrypted requested personal information to the third-party website, in response to a second input from the user comprising the transport token and authorization to send the requested personal information to the third-party website for decryption by the third-party website using the transport token to complete the transaction; and
a server component arranged to receive the transport token from the third-party website and to send the transport token to the client device, and arranged to send the encrypted requested information from the client device to the third-party website, the server component being unable to read the encrypted requested personal information and having no access to unencrypted personal information.
2 Assignments
0 Petitions
Accused Products
Abstract
A client device securely transfers personal information to a third-party website. The client device stores personal information of a user and encrypts personal information requested by the third-party website, so that the third-party website can decrypt and retrieve the personal information, and so that a remote proxy server facilitating the transfer of personal information from the client device to the third-party website cannot read the encrypted personal information and has no access to unencrypted personal information.
-
Citations
19 Claims
-
1. A system, comprising:
-
a client device, including, a memory component on the client device, the memory component is arranged to securely store personal information of a user via a password, a control module arranged to encrypt requested personal information requested by a third-party website using a received transport token from the third-party website, in response to a first input received from the user to privately reveal the requested personal information to the third-party website after the user has already logged in to the third-party website, wherein the transport token comprises an encryption token and is generated by the third-party website, the personal information is used to complete a transaction between the user and the third-party website, a display module arranged to display the received transport token and the requested personal information to the user for verification by the user, and a communication module arranged to send the encrypted requested personal information to the third-party website, in response to a second input from the user comprising the transport token and authorization to send the requested personal information to the third-party website for decryption by the third-party website using the transport token to complete the transaction; and a server component arranged to receive the transport token from the third-party website and to send the transport token to the client device, and arranged to send the encrypted requested information from the client device to the third-party website, the server component being unable to read the encrypted requested personal information and having no access to unencrypted personal information. - View Dependent Claims (2, 3)
-
-
4. A client device, comprising:
-
a memory component arranged to store personal information of a user; a control module, the control module configured to encrypt requested personal information of a user by a request from a third-party website to complete a transaction between the user and the third-party website after the user has logged in to the third-party website, wherein the requested personal information of the user is encrypted using a transport token comprising an encryption token received from the third-party website via a remote server component, the transport token is generated by the third-party website; a display module arranged to display the received transport token and the personal information to the user for verification by the user; and a communication module arranged to send the encrypted requested personal information to the third-party website via the remote server component, the encrypted requested personal information is decrypted by the third-party website using the transport token to complete the transaction, wherein the remote server component is unable to read the encrypted requested personal information and has no access to unencrypted personal information. - View Dependent Claims (5, 6, 7, 8, 9)
-
-
10. A method, comprising:
-
storing personal information of a user at a local client device; receiving a first input from the user to privately reveal requested personal information to a third-party website to complete a transaction between the user and the third-party website after the user has logged in to the third-party website; displaying a received transport token from the third-party website via a remote server component to the user at the client device, the transport token comprises an encryption token; receiving a second input from the user comprising the transport token and authorization to send the requested personal information to the third-party website; encrypting the requested personal information using the transport token at the client device; and sending the encrypted requested personal information from the client device to the third-party website via the remote server component for decryption by the third-party website to complete the transaction. - View Dependent Claims (11, 12, 13, 14, 15, 16, 17, 18, 19)
-
Specification