Security system for internet provider transaction

US 5,845,070 A
Filed: 12/18/1996
Issued: 12/01/1998
Est. Priority Date: 12/18/1996
Status: Expired due to Term

- Alert
- Pin

Associated Cases

Associated Defendants

First Claim

Patent Images

1. A method of authenticating a user'"'"'s confidential information and preserving the confidentiality against unauthorized use, said information being essential for conducting Internet transactions between a log-in and log-out session, comprising the steps of:

accessing the Internet by the user entering a first data set into a computer based controller to control modems and communication protocols;

establishing a data base containing confidential information subject to authentication with a user'"'"'s first data set;

submitting said first data set to a tracking and authentication control module requesting authentication of the user, said tracking and authentication control module including a data base containing user'"'"'s confidential information, an authentication server for authenticating said first data set and a certification server, said certification server containing validation data for authenticating and internet entity approved for conducting internet transaction;

comparing the user'"'"'s first data set input to the authentication server incident to accessing the internet with the I.D. and password in the data base and subject to a validating match;

issuing a second data set in real time by the authentication server subject to a validation match of the I.D. and password with the data in the database usable for the instant transaction;

submitting the second data set to the certification server upon the initiation of a transaction by the user;

consummating the transaction subject to validation of the second data set by tying the confidential information in the data base to the user whereby the confidential information is retained undisclosed in the data base.

View all claims

5 Assignments

Timeline View

Assignment View

Litigations

0 Petitions

Accused Products

Abstract

This invention provides security controls against exposing Confidential Information that is required to purchase goods and services from Internet Entity 56 offered on a home page site. The Confidential Information is input to a data base 52 which is part of a tracking and authentication module 50. Including in the tracking and authentication module 50 is a certification server 54, and authentication server 53 and the data base 52. A series of look-up tables, 200, 300 and 400 are provided in the data base 52 and the data entries in the tables, including the Confidential Information, is tied to a first data set which typically includes a user'"'"'s ID/password and a second data set comprising a framed IP address issued for use only during each log-in - log-out session. It can be any form of alpha-numerical designation. The Confidential Information contained in table 400, if misappropriated, could be used to make purchases chargeable to the user. The purchases can be made without the Confidential Information leaving the data base 52 (table 400). The second data set is used to query the module 50 for validation of the user'"'"'s creditworthiness and transaction completed by the data base sending a message to the issuer of the credit card to charge the user'"'"'s account or alternatively noticing the Internet Entity to directly bill user. An additional security measure is provided by the system assigning a third data set consisting of the destination address of each and every Internet Entity that the user contacts during a log-in - log-out session which is tracked by being entered into any one of the tables 200, 300 or 400. It provides another level of validation against the first and second data sets.

424 Citations

13 Claims

1. A method of authenticating a user'"'"'s confidential information and preserving the confidentiality against unauthorized use, said information being essential for conducting Internet transactions between a log-in and log-out session, comprising the steps of:
- accessing the Internet by the user entering a first data set into a computer based controller to control modems and communication protocols;
  
  establishing a data base containing confidential information subject to authentication with a user'"'"'s first data set;
  
  submitting said first data set to a tracking and authentication control module requesting authentication of the user, said tracking and authentication control module including a data base containing user'"'"'s confidential information, an authentication server for authenticating said first data set and a certification server, said certification server containing validation data for authenticating and internet entity approved for conducting internet transaction;
  
  comparing the user'"'"'s first data set input to the authentication server incident to accessing the internet with the I.D. and password in the data base and subject to a validating match;
  
  issuing a second data set in real time by the authentication server subject to a validation match of the I.D. and password with the data in the database usable for the instant transaction;
  
  submitting the second data set to the certification server upon the initiation of a transaction by the user;
  
  consummating the transaction subject to validation of the second data set by tying the confidential information in the data base to the user whereby the confidential information is retained undisclosed in the data base.
- View Dependent Claims (2, 3, 4, 5, 6, 12)
- - 2. The method as claimed in claim 1 wherein the second data set is a framed-IP-address.
  - 3. The method as claimed in claim 1 wherein the framed -IP- address is confirmed by the data base and the authorization control module certifies the credit standing of the user.
  - 4. The method as claimed in claim 1 wherein the user initiates an Internet transaction by inputting the second data set to the Internet Entity and said Internet Entity queries the certification server to verify the identity of the second data set as a condition of completing the transaction.
  - 5. The method as claimed in claim 1 wherein the data base comprises a series of look-up tables containing the first data set, the second data set and the confidential information.
  - 6. The method as claimed in claim 5 wherein the tables in the data base are updated in real time keeping track of each transaction.
  - 12. The method as claimed in claims 1 and 7 wherein the data base can alternately authorizes the certification module to instruct the Internet Entity to bill any charges directly to the user.

7. A method of controlling a user'"'"'s confidential information and preserving the confidentiality against unauthorized use, said information being essential for conducting internet transactions between a log-in and log-out session, comprising the steps of:
- accessing the internet by the user entering a first data set into a computer based controller to control modems and communication protocols;
  
  establishing a data base containing user'"'"'s confidential information subject to authentication with a user'"'"'s first data set;
  
  submitting said first data set to an authentication control module requesting authentication of the user, said authentication control module including a data base containing user'"'"'s confidential information, and authentication server containing validation data for authenticating an internet entity approved for conducting Internet transactions;
  
  comparing the user'"'"'s first data set incident to accessing the internet with the confidential information in the data base and subject to a validating match said computer based controller for controlling modems and communication protocols issuing a second data set;
  
  monitoring the user'"'"'s selection of an internet entity by the tracking and authentication module and the authentication server and wherein the POP issues a third data set, said second data set and third data set being issued in real time usable for the internet log-in transaction; and
  
  consummating a transaction subject to the authentication of the second and third data sets with the first data set in the data base thereby tying the confidential information to the user whereby the confidential information is retained undisclosed in the data base.
- View Dependent Claims (8, 9, 10, 11)
- - 8. The method as claimed in claim 7 wherein the third data set is the destination address of the internet entity browsed or engaged by the user.
  - 9. The method as claimed in claim 7 wherein computer based controller for controlling modems and communication protocols is a point of presence program.
  - 10. The method as claimed in claim 7 wherein the certification server identifies the Internet Entity as authorized to conduct transactions on the Internet.
  - 11. The method as claimed in claim 7 wherein the authentication control module tracks the Internet Entity browsed or engaged by the user during the session updating the data base and issuing a new third data set with each such browsing or engagement contact.

13. A method of controlling the confidentiality of a user'"'"'s Confidential information against unauthorized use, said information being essential for conducting internet transactions comprising the steps of:
- providing a data base for tracking and authenticating information input to a tracking and authentication module, said tracking and authentication module including an authentication server and certification server;
  
  establishing a series of look up tables in said data base that record the i.d. and password of the user, the framed IP address, destination IP address and the user'"'"'s confidential information, said tables including a user table containing the addressability information of the user;
  
  submitting a first data set into the tracking and authentication module;
  
  performing a validation check of the user'"'"'s first data set with the confidential information in said user table;
  
  issuing a second data set responsive to a successful validation of the first data set with the information in the series of tables;
  
  inputting in real time the second data set to the look up tables;
  
  consummating a transaction subject to the authentication of the second data set with the information in the user table confirming the user as the owner of the confidential information, whereby the confidential information is maintained undisclosed in a series of look up tables.

Specification

Resources

Litigation Campaign Assessment

Litigation Data

Current Assignee
Guyzar LLC (IP Edge LLC)
Original Assignee
Auric Web Systems Inc.
Inventors
Ikudome, Koichiro
Primary Examiner(s)
Beausoliel, Jr., Robert W.
Assistant Examiner(s)
ELISCA, PIERRE E

Application Number

US08/769,590
Time in Patent Office

713 Days
Field of Search

395/200.16, 395/200.17, 395/187.01, 395/186, 395/188.01, 395/200.59, 380/25
US Class Current

726/28
CPC Class Codes

G06Q 20/0855   involving a third party

H04L 63/08   for authentication of entit...

H04L 63/126   the source of the received ...

H04L 9/40   Network security protocols

Security system for internet provider transaction

First Claim

5 Assignments

Litigations

0 Petitions

Accused Products

Abstract

424 Citations

13 Claims

Specification

1 Family Member

Thank you for your feedback