With the advent of computer technology, especially the Internet global computer network, the transmission of personal private and secured information has become very critical. For example, credit card transactions necessarily must be secure transmissions or the critical data on the credit card can be taken and used in unauthorized transactions.
In a similar vein, people have concerns about their personal information, such as their Social Security number, medical history, financial status, employment, personal history etc. Frequently, this is the type of information that people do not want to have freely circulated and they want it to remain confidential.
It is not uncommon with modem computers for the user to set up some type of privacy profile. Without the necessary password, access to the computer and its use is effectively blocked. Only the person with the correct password can use it. A potential security breach can be created, however, if the computer has a modem and a computer hacker accesses the computer remotely and enters into the memory of the computer through the modem. In this manner, the privacy information might be improperly copied and used in an unauthorized manner.
As a result, there is an ever-increasing creation of software and hardware that makes it more and more difficult to access a computer without authorization and to obtain secured files. Bezos (U.S. Pat. No. 5,727,163), Rose (U.S. Pat. No. 5,757,917) and Apte (U.S. Pat. No. 5,778,173) disclose various Internet transaction protocols to provide security for the buyer's credit card information. These patents do not, however, disclose any specific method whereby the proprietor of the confidential information himself can control and regulate the outflow of this information. Rather, each of these systems requires some process apart from the Internet in order to maintain the integrity of the secured information on the Internet. This defeats the entire goal of a fast and efficient transaction on the Internet.
Other approaches include Materna (U.S. Pat. No. 5,007,084), Bickham (U.S. Pat. No. 5,530,438) and Wong (U.S. Pat. No. 5,615,110), which disclose various means for secure transactions which do not involve the use of the Internet. A universal authenticator for use with an ordinary telephone station over an ordinary telephone line is disclosed by Akhteruzzaman (U.S. Pat. No. 5,406,619) which does not involve transmitting any information over the Internet. Colbert (U.S. Pat. No. 5,485,510) discloses a method for making a credit card purchase without revealing the account information to the vendor. A method for dial-in access security using a multi-media modem is disclosed by Holmquist (U.S. Pat. No. 5,636,282). Ogram (U.S. Pat. No. 5,822,737) discloses an automated payment system for use over the Internet. Wolf (U.S. Pat. No. 5,875,232) discloses a personalized voice mail identification system.
The courier electronic payment system provides customers, merchants and banks with a secure mechanism for using a public network as a platform for credit card payment services. This was developed by Elgamal (U.S. Pat. No. 5,671,279). This system uses a secure connection with an electronic payment protocol that secures credit card payments and certifies infrastructure that is required to enable all the parties to participate. This system suffers the inherent Internet problem that the secured information is in some manner stored, albeit temporarily, in one computer. If the information is so stored, even for only a minimal amount of time, it lends itself to the possibility of being misappropriated.
Online sales are now in the billions of dollars as many computer users have embraced the digital marketplace. In the first quarter of the year 2000, retail electronic commerce sales were over five billion dollars. Some predict that online shopping could grow to seventy-eight billion dollars per year by the year 2003. With more than one-third of all households in the United States connected online to the Internet, consumers increasingly are using the Internet to conduct any number of daily activities. Many of these include confidential information, such as credit card information, bank information, personal financial information, personal history, etc. A June 2000 FOX News opinion poll revealed that 69% of respondents said that they are very concerned about their ability to keep things such as medical or financial records private, and 90% said that it is getting harder to keep such information confidential.
In 2000, the United States Senate Judiciary Committee Chairman, Senator Orrin G. Hatch, issued a report entitled “Know the Rules Use the Tools, Privacy in the Digital Age: A Resource for Internet Users.” In this report, there is an express recognition of the “growing concerns about the vulnerability of their private information on the Internet.” The Senate Judiciary Committee found that “many people are worried about sharing their credit card and other personal information over the Internet” and that “certain conduct is taking place online that could threaten to chill the continued rapid expansion of the digital marketplace: the extensive collection by websites of personally identifiable information about consumers, often without consumers' consent or knowledge.” Indeed, the Senate report found that various surveys show that “consumers are so fearful of losing their privacy that they are avoiding engaging in e-commerce altogether.” It seems that the casual accumulation of private, personal data by businesses and governments in the course of their dealings with individuals is truly worrisome to many people.
According to the Senate report, Novell has an Identity Management Service known as DigitalMe that enables Internet users to store their confidential information on “mecards.” While this keeps the information in a more secure location and out of the computer, its use is somewhat limited. In particular, such cards can be used only with computers that are configured with reading devices that are compatible with these cards. This system works only when the majority of all computers are provided with the necessary card readers. Another inherent difficulty with this system is that the information on the cards cannot be easily changed and updated and/or supplemented. Moreover, this system does not give the choice to the user to perform the transaction without disclosing all his personal data.
In a different approach, one of the first products to take advantage of the new Bluetooth wireless technology is a system developed by the Finnish company Sonera SmartTrust Oy that is described in International patent publication No. WO 00/56105. The user has a portable device in which his identification code is stored, along with other pertinent information. Upon reaching a service provider, such as a gas station, the portable device comes within range of a compatible device at the service provider. By means of Bluetooth technology, the two devices can communicate and data from the user's device is provided to complete the transaction.
The problem with this method is that the device is always “on.” By this it is meant that the device is essentially always transmitting data. Therefore, any time the user comes within range of a receiving device maintained by a service provider, communication will be established and there will be a transmission of vital data about the user. Also, the user is not free to add and use private data. Thus, unwarranted transactions could occur as well as the undesired transmission of confidential information.
The Sonera device is somewhat like the EZ Pass® transmitter used in New York state and elsewhere. The device is always transmitting a signal, whether the user desires to do so or not. Each time the user uses it to go through a toll plaza, the user's account with the authority is charged the amount of the toll. If the driver pays the toll by some other means, because the EZ Pass device is always transmitting the driver will then be charged twice—once via the EZ Pass and once through the other means that was used. There is no way to disable the EZ Pass. The best that can be done is to place the EZ Pass in some type of shielding device that effectively blocks the continuous transmission of the signal, as disclosed in U.S. Pat. No. 6,127,938 to the present applicant.
The same disadvantage occurs with the Sonera device. Someone who has this device and enters a gas station (or other service provider) with the complementary unit will necessarily have communication established and a transaction will be concluded. There is no way for the user to control his device so as to limit or restrict the outflow of data and to prevent unwarranted communications.
Finally, in the interest of providing security, there are systems that provide what is called a “trusted go-between.” Rather than communicating directly with each other, two users of the system communicate with a third party which is trusted to have the necessary security protocols in place and not to use or reveal the information it receives from the users. Nevertheless, these systems still require that the confidential information of both parties be present in the trusted go-between while the transaction is taking place, and data must be transferred to all the parties involved. Therefore these systems are susceptible to misuse and cannot provide true user anonymity.
Accordingly, while there exist systems providing some security for Internet transactions, there is no system available which provides the desirable degree of privacy and anonymity for users.