1. Field of Invention
The invention introduces the term “personal identity-identifier”. Personal identity-identifiers are of two types; those that are fixed over a person's entire life span, and those that change from time to time.
A person's social security number, for example, is a “fixed-for-life identity-identifier. Other examples of this sort are a person's finger print when it has been scanned and digitized into a computer-readable format, a digital representation of one's iris, ear lobe pattern, a piece of his/her DNA and other representative biometric data when stored in digital format.
Examples of semi-fixed identity-identifiers can be a credit card number, a door-access-code, a software-license-number, or any other identifier that attaches pre-defined access rights and/or privileges to a person based on his/her identity that is associated with who they are, where they work, and/or what and how much they paid for such an access right and privilege.
This invention presents a number of methods to curb the ever increasing instances of personal identity theft resulting from theft of various types of identity-identifiers. While the implementation of these methods vary slightly by what kind of identity-identifier we intend to protect, the underlying principal used remain the same. Protection begins by assigning one or more changeable “identity-passwords” to one or more of the identity-identifiers we are to protect. By assigning and appending a variable password to a fixed identity-identifier, we are in essence converting that fixed or semi fixed identifier to a variable data item. A first rule is “assignment” of two data to each other. A second rule might be a “concatenation” of data. A third “rule” for commingling a password with an identifier can be assigned as “encryption”. A forth “rule” might be using two methods of encryption algorithms in series, and yet a fifth rule may be “concatenation” and “encryption” combined, and so forth. We are thus introducing a “rule flag” that holds a value indicating to a processor which rule, or what combinations of rules to apply when making a “complex-data-item” from identity-identifiers and identity-passwords.
We have outlined four separate sections under “Detailed Description” describing in detail how to properly authenticate the owner of a “partial” social security number, how to verify a credit card owner and the authenticity of a charge transaction, authentication of semi-fixed-identity-identifiers, and how to authenticate a person without asking a social security number, or other identifiers.
More emphasis has been placed on personal identity-authentication through use of social security number, since these days, it is used as the main key by which one is identified and is currently the only means of access into people's personal, financial, and credit history records. Unfortunately this number is used to also authenticate one's identity, since it is unique to a person and is fixed for life of that person. The very fact that SSN is not changeable, and at the same time is the key to a lots of information about a person has made every man, woman, and child in the United States venerable to identity theft and its misuse.
Soon to come is the same kind of problem when using digitized representation of one's finger print, iris, ear lope pattern, and other types of biometric data. The widespread use of computers and sharing of data will doom the usage of such novel identifiers, as they may seem today, as faulty as is usage of social security numbers is today.
Under this approach, an owner of an identity-identifier can change his/her identity-password after a single use or exposure. With this prerequisite, only a person having the same identity-identifier as its owner, along with the correct identity-password can be reliably authenticated.
2. Status of Prior Art
Social security number was not created to serve as a publicly used identity identifier, and was never intended to become people's national identification number in the United States. In recent times, it has wrongfully become the primary means of authenticating personal identity and a tool used in credit history checks. The computer age and mass storage of this identity-identifier had not been anticipated. Currently, the social security numbers of any person can be obtained and misused by any criminal who would be after it. Given time, other forms of identity-identifiers that look glamorous and sophisticated today, would follow the same fate, as the social security number. A few examples that can be mentioned are: digital finger prints, retina markings, ear lobe patterns, voice frequencies and inflections, or other biometric data, some of which are yet to be discovered and placed in use.
To date, no practical attempt has been made to place passwords on social security numbers, finger prints, and the like. Methodology and concepts that are introduced here can be utilized to protect and guard the usage of the social security number, credit card numbers, software access codes, door access codes, as well as many other identity-identifiers in use today, or soon to be in common place.