Personal electronic devices exist that are designed primarily for the purpose of storing a user's own contact details and exchanging these contact details with other users of similar devices. The process is likened to exchanging business cards.
Typically these devices are battery-powered, very compact and hand-held. They usually have a very minimal user interface consisting of just a button, an LED and a USB port for connecting the device to a personal computer.
To exchange contact details, two device users, each with one of these devices, each bring their own device into proximity or alignment with the other device. Then upon pressing their respective buttons on their device, each user's contact information is copied to the other device.
The information exchanged is usually not viewed on the device itself, but the device is later plugged into a USB port of a personal computer, and the information viewed on this personal computer.
Usually this service is provided via a dedicated web server, created for the users of a particular manufacturer's device. When the device is plugged into a personal computer, the information from each device is moved to the web server, where it is stored and presented back to the user, through a web page on the personal computer.
Additionally, some of these web servers may collect and share additional contact information such as phone numbers or links to a user's social networking profile.
The devices generally exchange telephone numbers, email addresses, personal information for online social-networking websites, or other forms of contact information, or at least provide the means to obtain this information indirectly.
However, a problem exists in that known devices have several security flaws and usage limitations caused by the mechanisms by which they exchange data, the nature of the data exchanged, and the methods of uploading data.
For example, these known devices typically exchange data between a sending device and a receiving device and later transmit both the data received as well as the data sent to a server, via the user's computer. By not providing a capability to prevent third parties from accessing this shared data, for example by capturing the data surreptitiously during the data exchange, or through malware on the user's computer, it becomes quite clear that the proposed relationship between the two parties is potentially accessible and compromised.
Further, it is typically a requirement that these types of devices require users of the devices to enter their contact details on the device prior to use, or that some further configuration of the device is necessary. This may be problematic if the user's contact details have changed between the data entry steps and the exchange of contact information resulting in incorrect contact details being exchanged, or simply be inconvenient in the social context in which the device is used.
Also, the exchange of contact details between these types of devices is typically transferred to the servers in an unencrypted format enabling third parties to gain access to the data without permission. This also means that, if the information is sent to or diverted to an incorrect server, the data may be compromised. Other vulnerabilities to malicious usage may include the manufacture and sale of compatible devices by unauthorised third parties, computer-based malware able to delete or alter genuine contacts or introduce new non-genuine contacts, and web server vulnerabilities to distributed-denial-of-service and other attacks through being flooded with inauthentic data.
Further, users of these types of devices are not able to determine, without intervention by the user, if a person they are conversing with, mingling with or who is in the same general vicinity as themselves has a compatible device for sharing contact information. Further, there are security and privacy implications, and power-consumption constraints, to enabling automatic detection.
Typically, devices that are designed for the purpose of storing the user's own contact details and exchanging these details with other users of similar devices lack any facility to detect nearby devices.
Existing devices typically either use electromagnetic coupling employing induction coils and require the user of one device to hold it in close proximity and alignment to another user's device, or they use infra-red or optical beams and require the user of one device to deliberately aim that device at another device, whilst the second user aims their device at the first user's device. No other communication can occur between these devices.
This inability to detect nearby devices and alert the users that there may be a person nearby with a similar device is seen as a limitation to usefulness of the device due to the user's lack of awareness that another user, with which they might want to exchange contact details, also has such a device in their possession.
Further, users are limited in gaining access to any data exchanged until such time as they have access to a suitable internet-connected computer. This inability to synchronise data held within the device without such access is seen as a limitation to the user being able to make immediate use of any data exchanged.
Further, users are limited in that identical personal data is shared in every data exchange, without an option to selectively share certain information with some users and not with others. This inability for the user to select which information is shared with which party is seen as a limitation of current devices.
Further, users are limited in that personal information must be recorded prior to use of the device. This inability to provide flexibility regarding the registration of personal information is seen as a limitation regarding the organisation of events where the device will be used.
Further, devices are limited to responding to user-initiated behaviour only.
An object of the present invention is to provide a device or method of using such a device that provides a technical solution to protecting the data against malicious third parties, along with improved data-privacy functionality or to at least provide the public with a useful choice.
The present invention aims to overcome, or at least alleviate, some or all of the afore-mentioned problems.
Further objects and advantages of the invention will be brought out in the following portions of the specification, wherein the detailed description is for the purpose of fully disclosing the preferred embodiment of the invention without placing limitations thereon.
The background discussion (including any potential prior art) is not to be taken as an admission of the common general knowledge.