The present invention relates generally to a method and apparatus for personal information data storage and retrieval system. More specifically, the invention is directed to the use of information provided on personal cards for use with a database operated by targeted recipients of such cards.
The use of traditional printed cards for database purposes is exemplified by social security cards, business cards, credit cards, medical cards of various types, etc. Oftentimes business cards, medical record cards, and other cards relate to data which requires revision. Accordingly, the holder of the card must supply new information. In addition, certain organizations such as insurance companies or persons building databases must deal with large amounts of changing personal information.
An alternative to the use of paper cards is a practice commonly used at trade shows. The exchange of information occurs by using plastic cards with a magnetic stripe. The plastic cards allow exhibitors and others to take a swipe of the plastic magnetic card. To obtain a plastic card, a person completes a form with information which is entered into a database. Exhibitors and others are thus able to collect information without having to collect stacks of business cards. An exhibitor then accesses the database to obtain personal information about a contact, make phone calls, generate mailings, and several other functions.
However, not unlike business cards, this information is likely to become outdated, as change is inevitable. There is a need to enable the person whose personal information is used by others to easily update such information whether such information is demographic, medical, insurance, tax or other personal information. It is desirable that these updates are secure and low cost so that the user is encouraged to make updates so that current information is always available. Security and privacy are becoming major issues as personal information databases proliferate. It is an object of the invention to devise a personal information database system which ensures privacy and secure access so that people have confidence in use of the database system.
The above object has been met with a database system which includes providing a public and a private cryptographic key to a person. The person publishes the public key in a convenient format, such as a bar-coded or other machine readable or eye readable format on a paper or business card and publishes the card by distribution to others. The person""s demographic information is read into a computer database, usually remote from the user and indexed by the person""s public key. The demographic information is not encrypted. The public key is a unique identifier of the database record of the person. The person""s demographic information is retrieved from the database by using the person""s public key as a record identifier. In an alternate embodiment, information, intended only for specific targeted users or agencies, such as an insurance company, is encrypted with the person""s private key and the targeted agency""s public key. The card may be a physical card of the type now commonly carried in wallets or purses as business cards, or may be a virtual card published on the Internet. A targeted agency recipient of such a card, reads the bar code to obtain the person""s public key. The recipient agency then can access the database to obtain the person""s information. The person can update or cancel his information, public or private, with his private key, by accessing the database. A person""s demographic information is at a low security level, perhaps unencrypted. However, information for a targeted agency is encrypted with the user""s private key and the agency""s public key.
In a variation of the alternate embodiment an organization, such as an Internet Service Provider (ISP), can become an escrow holder of the information. The ISP is treated as a target agency using public key-private key encryption so that only the ISP has access to the information. When the person sends the ISP a secure message to direct the information to a particular target agency, the ISP uses the target agency""s public key and its own private key to re-encrypt the person""s information for the target agency.