« PreviousContinue »
(12) United States Patent ao) Patent No.: us 6,862,610 B2
Shuster (45) Date of Patent: Mar. 1,2005
(54) METHOD AND APPARATUS FOR VERIFYING THE IDENTITY OF INDIVIDUALS
(75) Inventor: Gary Stephen Shuster, Fresno, CA (US)
(73) Assignee: Ideaflood, Inc., Zephyr Cove, NV (US)
( * ) Notice: Subject to any disclaimer, the term ol this patent is extended or adjusted under 35 U.S.C. 154(b) by 608 days.
(21) Appl. No.: 09/850,838
(22) Filed: May 8, 2001
(65) Prior Publication Data
US 2002/0095482 Al Jul. 18, 2002
Related U.S. Application Data
(60) Provisional application No. 60/202,753, filed on May 8, 2000.
(51) Int. CI.7 G06F 15/16
(52) U.S. CI 709/217; 707/5; 707/6;
(58) Field of Search 709/217, 219;
713/200, 201; 707/2, 3, 6, 10
(56) References Cited
U.S. PATENT DOCUMENTS
5,912,949 A * 6/1999 Chan et al 379/88.03
6,018,724 A * 1/2000 Arent 705/44
6,282,658 B2 * 8/2001 French et al 713/201
6,374,259 Bl * 4/2002 Celik 707/104.1
6,704,787 Bl * 3/2004 Umbreit 709/229
6,711,681 Bl * 3/2004 Al-Salqan et al 713/184
6,734,886 Bl * 5/2004 Hagan et al 345/853
* cited by examiner
Primary Examiner—-William A. Cuchlinski, Jr.
Assistant Examiner—-Joseph R Maniwang
(74) Attorney, Agent, or Firm—O'Melveny & Myers LLP
A method for verilying the identity ol users connected to a computer network comprises providing fractional information queries to users, wherein responses to these individual queries are not sufficient to identily the user. This method lurther comprises receiving responses to these fractional information queries and comparing these responses to data available from within a computer network. A set ol potential matches to the user is generated according to these responses and is used in determining whether the set ol potential matches is sufficient to identily the user.
14 Claims, 2 Drawing Sheets
METHOD AND APPARATUS FOR
VERIFYING THE IDENTITY OF
CROSS-REFERENCE TO RELATED 5
This application claims priority pursuant to 35 U.S.C. § 119(e) to U.S. Provisional Application No. 60/202,753, filed May 8, 2000, which application is specifically incorporated herein, in its entirety, by reference.
BACKGROUND OF THE INVENTION
1. Field of the Invention
The present invention relates to the verification of an 15 individual's identity in a wide area network. More specifically, this invention relates to a method and apparatus for verifying identity using fractional information taken from the user.
2. Description of Related Art
For many years, the global retail market has been characterized as a market in which products are sold from physical locations. In recent years, however, this dynamic has undergone a significant change in response to the 25 increasing popularity of the Internet. It should be appreciated that the Internet is defined here as a collection of interconnected (public and/or private) networks linked together by a set of standard protocols (such as TCP/IP and HTTP) to form a global, distributed network. While this 30 term is intended to refer to what is now commonly known as the Internet, it is also intended to encompass variations which may be made in the future, including changes and additions to existing standard protocols. Using the Internet, businesses can now more readily sell their products to a vast 35 number of customers beyond local boundaries. Business transacted primarily over computer networks such as the Internet is commonly known as electronic commerce and will herein be referred to as such.
Systems for wide-area networks, such as the Internet, are 40 presently limited, however, in the amount of security they offer to consumers and businesses against fraud. In particular, in electronic commerce it is commonplace to approve electronic transactions without ever seeing the purchaser or viewing any identifying material (such as a 45 drivers license). In addition to financial fraud, the Internet has also experienced a growing problem with regards to age representation fraud, whereby underage individuals are able to gain unauthorized access to many websites on the Internet by claiming to be older than they actually are. To prevent 50 such unauthorized access (and in general, to prevent other forms of fraud and theft), it is desirable to confirm the identity and/or age of the user requesting access to restricted material by checking an identifying code supplied by an unknown user against publicly available identity databases. 55 For example, if a social security number is supplied, this information can then be used to verify other information about the user, such as the user's age, gender, credit history, state of residence, etc. For further example, many Internet age-verifying services operate chiefly by obtaining a user's go credit card number over the Internet.
While it is certainly possible in an electronic commerce transaction to request identifying information about an individual, such as a full social security number, credit card number, or a telephone number, individuals are in many 65 situations reluctant to give such information for fear of compromising their privacy or risking loss of control over
their confidential identifying and account information. Individuals may be particularly reluctant to share identifying information when the reputation of the requesting entity is not known to the user, and its trustworthiness is therefore in question. Currently, no system exists that enables users to verify certain facts about themselves, such as their age, without forfeiting their privacy and supplying confidential identity numbers to a potentially untrustworthy requestor. If these disadvantages could be overcome, it is anticipated that more electronic commerce transactions would occur than presently take place. It would thus be advantageous to implement an electronic business method and system which enables businesses to verify the identity of such clients at a minimal risk to the clients' privacy and without needing to posses confidential identity numbers belonging to the clients.
SUMMARY OF THE INVENTION
In an embodiment of the invention, a method and apparatus for verifying the identity of users connected to a computer network comprises providing fractional information queries to users, wherein responses to individual ones of these queries are not sufficient to identify the user. In combination, however, the responses to the queries have a very high probability of uniquely identifying the user. This method further comprises receiving responses to these fractional information queries and comparing these responses to data available from a secure, preferably independent source within a computer network. A set of potential matches to the user is generated according to these responses by the secure source. If more than one match is discovered, additional information may be supplied by the user until the user's identity is confirmed. At the same time, the potentially untrustworthy site need not ever posses any identifying information while still being assured that the user is who she claims to be.
A more complete understanding of a method and apparatus for identifying the identity of individuals will be afforded to those skilled in the art, as well as a realization of additional advantages and objects thereof, by a consideration of the following detailed description of the preferred embodiment. Reference will be made to the appended sheets of drawings which will first be described briefly.
BRIEF DESCRIPTION OF THE DRAWINGS
FIG. 1 is block diagram demonstrating a preferred embodiment of the invention; and
FIG. 2 is a flow chart illustrating the steps for identifying a client according to an embodiment of the invention.
DETAILED DESCRIPTION OF THE
The present invention is directed towards a method and apparatus for verifying the identity of individuals in a wide area network. More specifically, this invention is directed towards verifying an individual's identity using fractional information taken from the user.
Referring first to FIG. 1, a block diagram is illustrated of a wide area network employing a method and apparatus according to an embodiment of the invention. Although the invention is especially suitable for implementation on a system as will be described, the method may also be effectively implemented on other systems. It is anticipated that the present invention operates with a plurality of computers that are coupled together on a wide area network,