1. Technical Field
The present invention relates generally to managing identifiers, and in particular, to a computer implemented method for allowing the creation of a unique mutable identifier by a service provider and managing the attributes associated with that identifier.
2. Description of Related Art
Identity management includes managing identifiers of individuals. This includes the authentication, authorization and privileges of these identifiers across system, infrastructure, and/or enterprise domains. This is performed with the intent of providing security and increasing productivity.
Device identification includes assigning a unique identification to a device. This is also performed with the intent of providing security and increasing productivity, but for a device instead of an individual. One of the issues with using device identifiers is that they are immutable and many times they are associated with an individual. As a result, the device identifiers end up being an extension of an identity thus combining the two different domains.
Mobile devices such as smart phones, pad and pen-based computers are often linked to an individual with personally identifiable information (PII). PII may be obtained by a service or product provider of those devices during a registration and/or subscription process. The PII may be required for the purpose of providing service to the individual using the device.
Device identifiers are often used for purposes other than their original intention. One use of the device identifier is in digital advertising. The mobile advertising industry has relied heavily on device identifiers as a means to identify an individual on a device and across applications for the sole purpose of providing targeted advertising and measuring the effectiveness of that advertising. Because only certain information (behaviorally based) can be attributed to an individual, many times a mobile advertiser will attempt to bind identifying information obtained on a device with other offline information in order to form a complete profile of that individual. They don't have direct access to PII provided upon registration of the device itself, so they do it by other means and bind that information to the device identifier.
Such an approach has inherent disadvantages to an individual but is very advantageous to the advertisers. First of all, for those individuals who feel strongly about their privacy, there is no means for them to control use of their personal information. This has led to some device providers removing access to the device identifier from the device operating system. Advertisers may use alternative end-user identifiers on other operating systems or platforms, but this also raises concerns of privacy advocates.
With the myriad of mobile applications and the security and privacy related issues associated with those applications, there has been a focus on the various schemes that are used by these applications to associate device identifiers with an end user. There are many different techniques that mobile application developers use to identify end users of a mobile device.
Most solutions today use a unique characteristic of the device itself. Whether it's UDID (unique device identifier), MAC (media access control) address, IMEI (international mobile equipment identity), device fingerprint or some other method, these particular modes of identification are also easy to track across applications and time and may be correlated back to the device and the user.