Apparatus and method for authenticated multi-user personal information database

US 6,985,887 B1
Filed: 11/24/1999
Issued: 01/10/2006
Est. Priority Date: 03/19/1999
Status: Expired due to Fees

First Claim

Patent Images

1. A method of administering registration of personal information in a data base in a manner tending to assure integrity of the personal information therein, the method comprising:

a. obtaining, from each user with respect to whom data is to be placed in the data base, personal information of such user, the content of such personal information initially established by such user in an enrollment phase;

b. also obtaining, from each such user, a first set of physiological identifiers associated with such user, the first set of physiological identifiers initially provided by such user in the enrollment phase;

c. storing, in a digital storage medium, a data set pertinent to such user, the data set including such user'"'"'s personal information and a representation of the physiological identifiers associated with such user; and

d. permitting a subject claiming to be a specified user to modify the specified user'"'"'s personal information in the stored data set pertinent to such user only if (i) the subject provides a new set of physiological identifiers and (ii) it is determined, by recourse to the stored data set, that there is a sufficient match between at least one member in the new set and a corresponding member of the first set, so that the subject is authenticated as the specified user, so that there is established a repository of personal information using physiological identifiers to protect against unauthorized modification.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method of assuring integrity of a personal information in a data base containing personal information provided by multiple users uses in various embodiments physiological identifiers associated with each of the users. Related systems are also provided.

512 Citations

50 Claims

1. A method of administering registration of personal information in a data base in a manner tending to assure integrity of the personal information therein, the method comprising:
- a. obtaining, from each user with respect to whom data is to be placed in the data base, personal information of such user, the content of such personal information initially established by such user in an enrollment phase;
  
  b. also obtaining, from each such user, a first set of physiological identifiers associated with such user, the first set of physiological identifiers initially provided by such user in the enrollment phase;
  
  c. storing, in a digital storage medium, a data set pertinent to such user, the data set including such user'"'"'s personal information and a representation of the physiological identifiers associated with such user; and
  
  d. permitting a subject claiming to be a specified user to modify the specified user'"'"'s personal information in the stored data set pertinent to such user only if (i) the subject provides a new set of physiological identifiers and (ii) it is determined, by recourse to the stored data set, that there is a sufficient match between at least one member in the new set and a corresponding member of the first set, so that the subject is authenticated as the specified user, so that there is established a repository of personal information using physiological identifiers to protect against unauthorized modification.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 34, 35, 41, 42, 43, 44, 45, 46, 47, 48, 49, 50)
- - 2. A method according to claim 1, further comprising obtaining from such user such user'"'"'s medical information, wherein the data set includes such user'"'"'s medical information, and permitting a subject claiming to be a specified user to modify the specified user'"'"'s medical information in the stored data set pertinent to such user only if (i) the subject provides a new set of physiological identifiers and (ii) it is determined, by recourse to the stored data set, that there is a sufficient match between at least one member in the new set and a corresponding member of the first set, so that the subject is authenticated as the specified user, so that there is established a repository of medical information using physiological identifiers to protect against unauthorized modification.
  - 3. A method according to claim 1, wherein the first set includes a plurality of members.
  - 4. A method according to claim 1, wherein the first set of physiological identifiers includes the appearance of such user'"'"'s face.
  - 5. A method according to claim 1, wherein the first set of physiological identifiers includes characteristics of utterances of such user.
  - 6. A method according to claim 1, wherein the first set of physiological identifiers includes a fingerprint of such user.
  - 7. A method according to claim 1, wherein the first set of physiological identifiers includes the configuration of an iris in an eye of such user.
  - 8. A method according to claim 1, wherein the first set includes at least one member selected from the group consisting of a fingerprint of such user and the configuration of an iris in an eye of such user and at least one member selected from the group consisting of characteristics of utterances of such user and the appearance of such user'"'"'s face.
  - 9. A method according to any of claims 1 or 2, wherein, pursuant to step (d), the subject is permitted to modify the user'"'"'s information in the stored data set only if the subject provides the new set of physiological identifiers under a condition permitting verification, independent of the physiological identifiers, that the new set is being provided by the person purporting to provide them.
  - 10. A method according to claim 9, wherein the condition includes the physical presence of the subject when providing the new set.
  - 11. A method according to claim 9, wherein the condition includes having the subject provide the new set when prompted to do so.
  - 12. A method according to claim 9, wherein the condition includes having the subject provide a non-physiological identifier.
  - 13. A method according to claim 12, wherein the non-physiological identifier is selected from the group consisting of a password and a pass card.
  - 14. A method according to claim 12, wherein the non-physiological identifier is provided in the course of a session, over a computer network, employing a user'"'"'s public and private keys.
  - 15. A method according to claim 1, further comprising:
    - prompting each user, on a periodic basis, to update the user'"'"'s personal information in the data set pertinent to such user.
  - 16. A method according to claim 1, further comprising:
    - obtaining a test set of physiological identifiers from a subject purporting to be a specific user;
      
      accessing information in the data set pertinent to the specific user; and
      
      determining if there is a sufficient match between at least one member in the test set and a corresponding physiological identifier represented in the data set.
  - 34. A method according to claim 1, wherein obtaining personal information of such user includes obtaining data pertaining to one or more merchants.
  - 35. A method according to claim 1, wherein any financial information that may be in the data set is not limited to that of a particular banking or financial institution.
  - 41. A method according to any of claims 1, 17, 36 or 39, further comprising:
    - retaining a representation of at least one of the new set of physiological identifiers, if there is an insufficient match.
  - 42. A method according to claim 41, further comprising:
    - providing access to the retained representation of the at least one of the new set of physiological identifiers by a law enforcement official.
  - 43. A method according to any of claims 1 or 36, further comprising:
    - permitting a third party of a specified kind to view but not modify the user'"'"'s personal information in the stored data set without requiring such third party to provide a physiological identifier that sufficiently matches a corresponding member of the first set of physiological identifiers stored in the data set.
  - 44. A method according to claim 43, wherein the specified kind is a merchant.
  - 45. A method according to claim 2, further comprising:
    - permitting a third party of a specified kind to view but not modify the user'"'"'s medical information in the stored data set without requiring such third party to provide a physiological identifier that sufficiently matches a corresponding member of the first set of physiological identifiers stored in the data set.
  - 46. A method according to claim 45, wherein the specified kind is a health care provider.
  - 47. A method according to any of claims 1 or 2, further comprising:
    - providing, to each user, a token indicating that the user has provided information to the data base.
  - 48. A method according to claim 47, wherein the token comprises a card.
  - 49. A method according to claim 47, wherein the token includes an identifier that, when presented to the data base by a third party, enables such third party to access but not modify the user'"'"'s information in the data base.
  - 50. A method according to claim 49, wherein the identifier comprises:
    - a record number identifying the data set pertinent to such user.

17. A method for authenticating a user transaction, the method comprising:
- obtaining a test set of physiological identifiers from a subject purporting to be a specific user;
  
  accessing information in a first data set pertinent to the specific user stored in a registration data base, the data base containing information provided by multiple users in a separate data set for each user, each data set of a specific user including (i) personal information, of the specific user, that has been established by the specific user, and (ii) a representation of a first set of physiological identifiers, associated with the specific user, that has been provided by the specific user, the data base being maintained under conditions wherein modification by a subject claiming to be a specific user of the specific user'"'"'s personal information in a stored data set pertinent to the specific user is permitted only if (i) the subject provides a new set of physiological identifiers and (ii) it is determined, by recourse to the stored data set, that there is a sufficient match between at least one member in the new set and a corresponding member of the first set, so that the subject is authenticated as the specific user, so that there is established a repository of personal information using physiological identifiers to protect against unauthorized modification; and
  
  determining if there is a sufficient match between at least one member in the test set and a corresponding physiological identifier represented in the data set.
- View Dependent Claims (18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 32, 33)
- - 18. A method according to claim 17, wherein:
    - the database is accessible via a server at a first location;
      
      obtaining the test set of physiological identifiers is performed at a second location remote from the first location;
      
      determining if there is a sufficient match includes communicating with the server from the second location over a network.
  - 19. A method according to claim 18, wherein:
    - obtaining the test set of physiological identifiers is performed under supervision of a merchant.
  - 20. A method according to claim 19, wherein:
    - determining if there is a sufficient match is performed without revealing content of the first data set to the merchant.
  - 21. A method according to any of claims 18, 19, or 20, wherein the transaction is a change of address for an account.
  - 22. A method according to any of claims 18, 19, or 20, wherein the transaction is an application to open an account.
  - 23. A method according to claim 21, wherein the account authorizes the transfer of funds.
  - 24. A method according to claim 22, wherein the account authorizes the transfer of funds.
  - 25. A method according to claim 21, wherein the account is based on the extension of credit to the account holder.
  - 26. A method according to claim 22, wherein the account is based on the extension of credit to the account holder.
  - 27. A method according to claim 18, wherein the transaction is an application to a government agency for one of a license and a renewal of a license.
  - 28. A method according to claim 18, wherein the transaction is an application to a government agency for one of an identification token and a renewal of an identification token.
  - 32. A system according to claim 28, wherein the first set includes a plurality of members.
  - 33. A system according to claim 28, wherein the first set includes at least one member selected from the group consisting of a fingerprint of the user and the configuration of an iris in an eye of the user and at least one member selected from the group consisting of characteristics of utterances of the user and the appearance of the user'"'"'s face.

29. A computer system comprising:
- a digital storage medium on which has been recorded a multi-user personal information data base, the data base comprising, for each specific user, a data set pertinent to the specific user, the data set including;
  
  (a) the specific user'"'"'s personal information obtained from the specific user;
  
  (b) a representation of a first set of physiological identifiers associated with the specific user; and
  
  (c) the specific user'"'"'s emergency information obtained from the specific user; and
  
  a computer process running in association with the storage medium to cause the storage medium to be maintained under conditions wherein modification by a subject claiming to be a specific user of such specific user'"'"'s personal and emergency information in a stored data set pertinent to the specific user is permitted only if (i) the subject provides a new set of physiological identifiers and (ii) it is determined, by recourse to the stored data set, that there is a sufficient match between at least one member in the new set and a corresponding member of the first set, so that the subject is authenticated as the specific user, so that there is established a repository of personal information using physiological identifiers to protect against unauthorized modification.

30. A system for updating a personal information database containing a data set for each one of multiple users, each data set including a user'"'"'s personal information and a representation of a first set of physiological identifiers associated with the user, the system comprising:
- a. a physiological identifier transducer having an output representing a physiological identifier associated with a subject claiming to be a specified user;
  
  b. a user access authorization module, coupled to the physiological identifier transducer and to the database, for determining whether the output of the physiological identifier transducer sufficiently matches the representation of the first set of physiological identifiers, so that the subject is authenticated as the specified user;
  
  c. a user data set access module, coupled to the user access authorization module and to the database, for accessing the user data set pertinent to the specified user, in the event that the user access authorization module has authenticated the subject as the specified user; and
  
  d. a user data set update module, coupled to the database, to the user data set access module, and to a user input, permitting the subject to update the specified user'"'"'s personal information in the corresponding data set in the database in the event that the user data set access module has provided access to the user data set, so that there is established a repository of personal information using physiological identifiers to protect against unauthorized modification.

31. A system for authenticating transactions, the system comprising:
- a. a multi-user personal information data base, the data base comprising, for each specific user, a data set pertinent to the specific user, the data set including;
  
  (i) personal information, of the specific user, that has been established by the specific user;
  
  (ii) a representation of a first set of physiological identifiers, associated with the specific user, that has been provided by the specific user;
  
  the data base being maintained under conditions wherein modification by a subject claiming to be a specific user of the specific user'"'"'s personal information in a stored data set pertinent to the specific user is permitted only if (i) the subject provides a new set of physiological identifiers and (ii) it is determined, by recourse to the stored data set, that there is a sufficient match between at least one member in the new set and a corresponding member of the first set, so that the subject is authenticated as the specific user, so that there is established a repository of personal information using physiological identifiers to protect against unauthorized modification;
  
  b. a multiplicity of remotely distributed terminals in communication with the data base, each terminal including a physiological identifier transducer and a communication link with a merchant; and
  
  c. an authenticity checker, which determines whether there is a sufficient match between the output of a physiological identifier transducer attributable to a subject purporting to be a user and a physiological identifier in the first set.

36. A method of administering personal information in a data base in a manner tending to assure integrity of data therein, the data base being of a type wherein a stored data set is established for each user and there has been obtained from each user with respect to such data a first set of physiological identifiers associated with such user and included in the data set, the method comprising:
- a. obtaining from a subject seeking to modify information in the stored data set pertinent to such user a new set of physiological identifiers, andb. permitting the subject to modify such user'"'"'s personal information in the stored data set only if it is determined, by recourse to the stored data set, that there is a sufficient match between at least one member in the new set and a corresponding member of the first set, so that the subject is authenticated as such user, so that there is established a repository of personal information using physiological identifiers to protect against unauthorized modification.
- View Dependent Claims (37, 38)
- - 37. A method according to claim 36, wherein any financial information that may be in the stored data set is not limited to that of a particular banking or financial institution.
  - 38. A method according to claim 36, wherein obtaining the new set of physiological identifiers and permitting the subject to modify the information in the stored data set are performed in a facility established for that purpose.

39. A method for authenticating a user transaction using a data base of a type wherein a stored data set is established for each potential user and there has been obtained from each potential user with respect to such data a first set of physiological identifiers associated with such potential user and included in the data set, the method comprising:
- administering the data base in a manner such that personal information in a stored data set pertinent to an individual may not be modified by a person purporting to be the individual unless there has been obtained a sufficient match between at least one physiological identifier in the stored data set and a new physiological identifier obtained from the person, so that there is established a repository of personal information using physiological identifiers to protect against unauthorized modification;
  
  obtaining a test set of physiological identifiers from a subject purporting to be a specific user;
  
  accessing information in the data set pertinent to the specific user in the data base; and
  
  determining if there is a sufficient match between at least one member in the test set and a corresponding physiological identifier represented in the data set.
- View Dependent Claims (40)
- - 40. A method according to claim 39, wherein any financial information that may be in the stored data set is not limited to that of a particular banking or financial institution.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Gold Standard Technology LLC
Original Assignee
Suncrest USA Incorporated
Inventors
Shapiro, Eileen C., Sunstein, Bruce D.
Primary Examiner(s)
Trammell, James P.
Assistant Examiner(s)
Reagan, James A

Application Number

US09/448,722
Time in Patent Office

2,239 Days
Field of Search

705/50, 705/51, 705/56, 705/67, 705/75, 370/218, 707/2, 707/3, 707/7, 707/104, 283/71, 715/854, 715/864
US Class Current

705/51
CPC Class Codes

G06F 21/32   using biometric data, e.g. ...

G06F 21/64   Protecting data integrity, ...

G06Q 20/3674   involving authentication

G06Q 20/401   Transaction verification

Y10S 707/99932   Access augmentation or opti...

Y10S 707/99933   Query processing, i.e. sear...

Y10S 707/99937   Sorting

Apparatus and method for authenticated multi-user personal information database

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

512 Citations

50 Claims

Specification

Solutions

Use Cases

Quick Links

Apparatus and method for authenticated multi-user personal information database

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

512 Citations

50 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links