1. Field of the Invention
The present invention relates to the protection of identity by controlling access to use of an identity. More specifically, the present invention provides protection of the identity of an entity by placing limitations or conditions on its use, and whereby the entity's use-enabling identification information is not fully needed to authorize a transaction.
2. Discussion of Background Information
Identity information can be, and has been, exploited so as to cause an identity owner and other ancillary parties emotional and financial harm. Examples of misuse of identity range from impersonation to financial fraud, such as a fraudulent loan application, fraudulent credit instrument use, check fraud, and other transactional frauds. Tens of billions of dollars are lost each year in the United States alone due to identity theft, with estimates rising as of the writing of this application. This does not account for the additional cost of law enforcement efforts to capture and bring perpetrators to justice.
With the increased technical and Internet literacy of our culture, identity theft is no longer limited to instances where financial gain is the sole motive. Indeed, it has now become necessary not only to protect our most precious identification information from use by an unscrupulous stranger, but there must also be in place a system that allows an identity owner to protect his identification information from use by a known party such as a disgruntled employee. With the ability and ease that identification information can be used to commit fraud against an identity owner as well as the resulting added burden on courts and law enforcement, there is a need for a system to protect the identity of an entity from misuse at a more fundamental level.
Traditional responses to this problem have been inadequate. The most common response involves monitoring the use of identity resources and notifying a consumer after detection of an unusual use of the identity. For example, a credit card company can detect unusual purchase activity and contact the account holder to determine whether the charges were authorized. While such, monitoring mitigates against any continuing misuse of identity, responsive action is generally limited to apportion the burden of the harm between the victimized parties and seek prosecution of the offender. Such methods are thus reactive in that the damage has already been done, and otherwise lack the ability to prevent or undo the ill effects of the damage in the first place.
Current technology, as disclosed in U.S. Pat. Nos. 6,529,885, 6,811,082, 6,817,521, and 6,332,134, highlights a fundamental failing in the current state of the art. Such prior mechanisms require the identity owner to either use a “smart instrument,” carry his own credit scanning device, or use a bank as a third party to a transaction as common as the simplest purchase. While these prior patents illustrate an attempt to address the issue of protecting and managing financial transactions, the solutions they present lack broader financial and non-financial application, practicability and/or simply substitute one flawed mechanism of protection and management for another. This is true in part because an identity owner has no means of proactively controlling use of his identity and identification information with a system designed specifically for such control.