Authenticating access to confidential information by unregistered requestor
First Claim
Patent Images
1. A method for providing access to confidential information of an individual, comprising:
- receiving, at a computer from an unregistered requestor, a personal identification number associated with the individual and a name of the unregistered requestor;
determining, by the computer, whether an authority approves the requestor for access to the confidential information of the individual;
determining, by the computer, whether the name is in a trusted database;
determining, by the computer, whether the individual consents to access of their confidential information by the requestor;
determining, by the computer, whether the requestor has a valid payment account with a third party;
determining, by the computer, a location of the requestor;
determining, by the computer, whether the requestor is authenticated based on the authority approval determination, the trusted database determination, the individual consent determination, the payment account determination and the location determination; and
when the authentication determination is that the requestor is authenticated, enabling, by the computer, the requestor to access the confidential information of the individual.
1 Assignment
0 Petitions
Accused Products
Abstract
An unregistered requestor requests access to confidential information of an individual stored at a computer. In one embodiment, the requestor is authenticated by the computer using at least two authentication tests. When the requestor is authenticated, the computer determines access permission for the requestor based on information provided from the requestor, and provides, to the requestor, access to the confidential information of the individual based on the access permission. In another embodiment, the computer presents a series of challenges to the requestor, and if any of the challenges is passed, access is granted.
6 Citations
20 Claims
-
1. A method for providing access to confidential information of an individual, comprising:
-
receiving, at a computer from an unregistered requestor, a personal identification number associated with the individual and a name of the unregistered requestor; determining, by the computer, whether an authority approves the requestor for access to the confidential information of the individual; determining, by the computer, whether the name is in a trusted database; determining, by the computer, whether the individual consents to access of their confidential information by the requestor; determining, by the computer, whether the requestor has a valid payment account with a third party; determining, by the computer, a location of the requestor; determining, by the computer, whether the requestor is authenticated based on the authority approval determination, the trusted database determination, the individual consent determination, the payment account determination and the location determination; and when the authentication determination is that the requestor is authenticated, enabling, by the computer, the requestor to access the confidential information of the individual.
-
-
2. A method for providing access to confidential information of an individual stored at a computer, comprising:
-
receiving, at the computer, a request for the confidential information from a requestor; determining, by the computer, whether the requestor is registered; when the requestor is determined to be unregistered, determining, by the computer, whether the requestor should be authenticated based on at least two authentication tests; when the requestor is authenticated, determining, by the computer, access permission for the requestor based on information provided from the requestor; and providing, from the computer to the requestor, access to the confidential information of the individual based on the access permission. - View Dependent Claims (3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17)
-
-
18. A method for providing access, to an unregistered requestor, to personal information of a registered individual, comprising:
-
receiving, at a computer from the unregistered requestor, a personal identification number associated with the registered individual and a name of the unregistered requestor; providing, from the computer to the unregistered requestor, a first challenge; when the unregistered requestor does not pass the first challenge, providing, from the computer to the unregistered requestor, a second challenge; when the unregistered requestor does not pass the second challenge, providing, from the computer to the unregistered requestor, a third challenge; when the unregistered requestor passes one of the first, second and third challenges, providing, from the computer to the unregistered requestor, access to the personal information of the registered individual; and when the unregistered requestor passes none of the first, second and third challenges, denying, from the computer to the unregistered requestor, access to the personal information of the registered individual. - View Dependent Claims (19, 20)
-
Specification