We increasingly rely on electronic transactions in commerce, banking and other aspects of daily life. This has lead to a need to exchange personal data with others, including sharing personally identifying information and financial information. This information is generally considered sensitive or confidential as its unwanted disclosure to unauthorized persons can expose the owner of the information (and others associated with the owner) to liability, economic loss, and other personal and financial risks. Accordingly, most people and organizations guard their personal data to secure it against accidental or intentional loss. But there are times when we must relinquish some personal data in order to conduct a transaction with a party that requires our personal data to consummate the transaction.
FIG. 1 illustrates an exemplary transaction according to the prior art. A customer and/or customer device 100 relay personal data 110 (depicted by dashed lines) to a merchant employee and/or point of sale/point of service (POS) device 120 as required to conduct a transaction (e.g., purchase an item from a retail shop). However, the personal data 110 (whether audible, visual or transmitted electronically from a wireless device) is also at risk of exposure to third parties and/or their devices 130 who may be in the vicinity of or privy to the transaction and communications between the customer 100 and the merchant 120. If the transaction is electronic, the personal data 110 sent from the customer 100 to the merchant 120 is usually in the form of an electronic file or message. The electronic file or message will typically include for example the customer's personally identifying information and financial data, which the customer usually cannot or does not modify for the purpose of the transaction. For example, if the transaction requires the customer's contact information, this information is typically in an electronic file containing all of the customer's contact information (name, address, email, phone, etc.) and the transmission of this information will commonly include sensitive personally identifying information beyond what the transaction actually needs and beyond what the customer would like the merchant to receive—and certainly more than the customer wishes third party bystanders 120 to receive.
There is currently no practical means for flexibly facilitating secure transactions without revealing to other parties sensitive personally identifying information or financial information (generally, personal data) in the context of device-enabled transactions. Also, with regard to local sharing of personal data (e.g., personally identifying information or financial data), existing measures to reduce the risks of exposure of personal data, such as privacy screens at POS terminals and secure key pads, still do not eliminate the risk of exposure of certain personal data such as the data owner's name, address, identification card, credit card information, telephone number, email address, signature, and other data. Other existing systems do not offer an owner of the personal data any options for selectively sharing his or her information with other parties. The owner is required to hand a card or transmit an electronic file to the other parties which contains a pre-determined set of personal data that the owner cannot limit or customize for the purpose of a given transaction or context.