`
`(12) United States Patent
`(10) Patent No.:
`US 8,856,539 32
`
`Weiss
`(45) Date of Patent:
`Oct. 7, 2014
`
`(54) UNIVERSAL SECURE REGISTRY
`
`(56)
`
`References Cited
`
`(75)
`
`Inventor: Kenneth P. Weiss, Newton. MA (US)
`
`US PATENT DOCUMENTS
`
`(73) Assignee: Universal Seeure Registry, LLC.
`NEWIOII, MA(US)
`
`( “ ) Notice:
`
`Subject to any disclaimer. the lerin tiflhis
`patent is extended or adjusted under 35
`use. 154(b) by 221 days.
`
`j'gg'ggg :
`4.885973 A
`4.998.279 A
`
`510231903 A
`1058961 A
`
`$333 $22:
`l2-"1989 Weiss
`3.-"1991 Weiss
`
`61:199' Weiss
`10499]
`‘WelSS
`((Ttillllnllod)
`
`(21) Appl. No; 111768329
`..
`i
`.
`l‘iled.
`
`Jun. 26, 2007
`
`(22)
`
`(65]
`
`Prior Publication Data
`US 20050005576 Al
`Jan. 3, 2003
`
`Related U.S. Application Data
`(63) Continuation of application No. 091'810.703. filed on
`Mar. 16. 2001, now Pat. No. 7,2311 17.
`
`(51]
`
`Int. Cl.
`H04L 9/32
`.
`G06F 21/62
`LHI4L 29/06
`V
`('06:? 20/38
`(521 U-S- 0-
`CPC
`
`(2006.01)
`(2013.01)
`(2006.01 )
`
`(201201)
`
`”04L 63/105 (20l3.01); 6'06!" 21/6245
`(2013.01); Y1 OS 707/9993} (2013.01); Y1 OS
`707/99933 (2013.01): Y1 OS 707/99939
`(2013.01); GO6Q 20882 (201301); 1104,:
`2463/10.? (2013,01)
`7131182; 7131164; 71311847.?(171’9991101;
`707199911103: 707199911109
`(58) Field of Classification Search
`USPC
`7131169, 132, 134:. 70719. 999.001
`See application file for complete search history.
`
`USPC
`
`EP
`EP
`
`FOREIGN PATENT DOCUMENTS
`0 986 209
`312000
`0986209 A2
`33.2000
`
`((-‘Omimwdl
`OTHER PUBLICATIONS
`
`“FIPS Pub 46—3.” Oct. 25. 1999. National Institute of fiience and
`Technology (NlS'l').
`
`(Continued)
`Darren 13 Schwartz
`Primaru Examiner
`Assistant Examiner — Thomas Gyorfi
`(74) Attorney. Agent. or Firm — Lando & Anastasi, LLP
`
`.
`ABSTRACT _
`,
`(57)
`A secure registry system and method tor the use thereot are
`.
`.
`.
`.
`proVided which pennits secure access to a database contain—
`.
`‘
`‘
`.
`.
`.
`_
`_
`.
`‘
`ing selected data on a plurality ofentllies, at least portions of
`which database has restricted access. Mechanisms are pro-
`vided for controlling access to restricted access portions of
`the database are provided, such access being determined by at
`least one 01‘ the identity of the requesting entity and the
`entity’ 5 status. A multicharacter public code may be provided
`which the system can map to provide permit delivery ot'items.
`complete telephone calls and perform other functions for
`entities. The system may also be utilized to locate an indi—
`vidual based on limited biological data. Organiyations utiliz-
`ing the system may have custom soltware facilitating their
`access and "53 “the Sys‘em-
`38 Claims, 14 Drawing Sheets
`
`
`
`
`
`
`
`1 of 28
`
`10f28
`
`APPLE 1001
`
`APPLE 1 001
`
`
`
`US 8,856,539 B2
`
`Page2
`
`(56)
`
`References Cited
`
`U.S. PATENT DOCUMENTS
`
`1092505 A
`5‘153‘520 A
`5‘237‘5[4 A
`5.361.062 A
`5.367572 A
`5,398,285 .4 2
`50151747 A
`5,4295” A
`5.485.519 A
`5.052.388 A 2
`5.004.109 A
`5.813.000 ,4
`5.820.223 A
`5315,1123 A
`5.921.222 1\ 2
`6.073.106 A
`6.088.450 A
`6.130.62l A
`6.202.055 B1
`0.253.202 131
`0.253.203 131
`6.260.039 131
`6.308.203 Bl
`6.309.342 RI
`6.393.421 Bl
`6.498.861 B1
`6.516.315 131
`6.546.005 B1
`6.581.059 Bl
`6.540.211 Bl
`0.058.400 B2
`6.819.219 Bl
`6.845.448 131
`0.941.221 131*
`0.950.521 131
`2.002.298 Bl
`7231]” 32
`2.249.112 B2
`12313320 [32
`2.412.604 B1
`7.489.781 132
`2.502.459 131
`7.548.981 Bl
`2.552.333 132
`2.521.139 1312
`2.052.039 [32
`2305,3232 [32
`2.242.902 131*
`7.766.223 131
`7.805.372 B2
`7.809,651 32
`8.00l.055 BE
`8.079.079 132
`8.234.220 B2
`20111100321011 Al
`200110044900 Al
`20021110461161 Al
`2002101190930 Al
`20021017615l0 Al
`20021012831514 A1
`200210184538 Al
`20113101114372 Al
`20031002848l Al
`200310040540 .41
`200310084332 Al
`200310085808 Al
`200310115490 111
`200310123713 A1
`2003101299155 A1
`200310163710 Al
`200310226041 Al
`200310229637 A1
`200410017934 Al
`200410034771 A1
`200410059923 Al
`
`............... 380130
`
`3.11992 Weiss
`[2.11992 Weiss
`8111993 Weiss
`“[1994 Weiss e1 :11.
`[111994 Weiss
`311995 Borgcltctal.
`[0.11995 [31.9.0ch 8.1.
`[211995 Weiss
`111996 Weiss
`311992 Weiss ............................ 213.1185
`911992 Johnson e131.
`911998 Pulnemw elal.
`211999 Pare, Jr. {:12 a],
`611999 Bernstein
`1011999 1151110 ........................ 2351300
`512000 Romn El 211.
`212000 Davis el 31.
`[0.12000 Weiss
`3.12001
`lIOuvcncr et al.
`01-2001 Gilmour
`012001 0‘11'lahcrtyctal.
`7.1200[ Schneck et 3L
`[05200]
`Ilabzlshi c] 21.1.
`[01200] Blaze-y et a]_
`5.12002 Paglin
`1212002 Hamid Ct 31.
`212003 Gupta
`4.12003 Berkley et aL
`612003 33111:“ el al.
`[052003 Holden
`1212003 Perell el :11.
`[1.12004 Belle et a1.
`112005 Chaganti ct a1.
`912005 Soong ............................... 20513
`912005 Marcovicietal.
`212000 Shinzakietal.
`512007 Weiss
`212002 1300111101111.
`[0.120032 McGowan
`3.12003 Doyle
`212009 Klassencta].
`312009 Moseley
`012009 Tayloretal.
`012009 Wheelerel a1.
`312009 GinnL-mu el :11.
`2120“]
`111111011.
`4.12010 Bishopetal.
`012010 Keresman et a1.
`812010 Mcllo cta].
`9120l0 Weiss
`1012010 Weiss
`8120” Weiss
`1212011 Zhang etal.
`712012 Weiss
`1012001 Mahmudetal.
`[112001 Uchida
`412002 Wrightetal.
`712002 Fujiwaraeta].
`[112002 ()ka-‘zaki elal.
`111'2002 Weiss
`1212002 Sugimura eta].
`112003 Wheeler 0101.
`212003 Fliterofletal.
`312003 Nakamuraetal.
`512003 Krasinski et .11.
`512003 Goldberg
`012003 Russo cta].
`712003 (5003
`12003 Sicgel
`812003 Ortiz et a1.
`1212003 Palmerel a1.
`1212003 Baxter et at.
`112004 Kochct'
`212004 Edgcttetal.
`312004 51120an
`
`205140
`
`.............. 205132
`
`................ 380144
`
`612004 Duffy eta].
`200410111625 A1
`612004 Mmhosky
`2004101 17215 Al
`012004 Weichcrtctal.
`200410112302 At
`7'1'2004 Doughtyeta].
`200410133718?r Al
`8.12004
`[[0
`200410151351 A]
`912004 Cassone
`200410188519 Al
`11112004 Beenflll el 31.
`2004110235699 A1
`112005 Doughtyctal.
`200510001711 A1
`212005 Shapiro
`200510039027 Al
`513005 Okflbe
`2005011397" Al
`8112005 Lapsley el :11.
`200530187843 A]
`812005 1.3111011 at 211.
`200510187873 A]
`912005 R01L1lgi 81 31.
`200510210270 A1
`1012005 Scheidl'elal-
`200510235148 «*1
`1012005 C2110
`200510238147 Al
`1012005 $119
`290510238208 Al
`1112006 1-ernandcs {312 a].
`2006110000900 Al
`1.32006 Block etal.
`200610016884 Al
`512006 1035111113151.
`200610104435 N
`6112006 Cohen et :11.
`200610122939 Al
`12006 Dua
`200610165060 Al
`912006 Schallfclect al.
`200610206724 A1
`200610256961 Al“ 111'2006 Brainardctal.
`200230005988 Al
`1112007 Zhang eta].
`200710040017 1“
`21'2007 K9212?
`200710029136 A]
`1200'? Vlshlk eta].
`2007.10124-592I A1
`512007 Bedingfield
`200210124109?r Al
`512007 Dongclmans
`200230140145 A1
`612007 K1I1nal'et al.
`2007110186105 Al
`812007 Ballcycta].
`200710186115 Al
`812007 G30 El :11.
`200710198436 A]
`81200? Weiss
`200710245152 A]
`1012007 Pimuela].
`200730256120 A1
`[“2007 Shmzkmner 613.1.
`200120005576 Al
`112008 Weiss
`20083002199?r A1
`11'2008 Hinton
`20039040374 1‘1
`212008 U20 _
`3003191273” A1
`512003 2335110151.
`200319212343 1“
`912008 “We
`200310375319 A1
`“9008 R10“
`200910083544 A1
`312009 Scholnick eta].
`2009101443314 Al
`12009 53030
`200930111550?r A1
`71'2009 Schaffnct‘
`200910203355 Al
`812009 Clark
`300910292641 A1
`“1’2009 Weiss
`201019000455 1“
`l-QOIU Harper
`201010046443 Al
`212010 1001111.
`201110358120 A1
`1012011 Welss-
`201310037479 Al
`212013 Luqchlctat
`2012110130904 A1
`5112012 WCISS
`201210240195 A]
`912012 We1ss
`201310024374 A1
`“2913 We!“
`
`up
`EP
`(5B
`(313
`wo
`wo
`wo
`wo
`WU
`wo
`wo
`wo
`
`FOREIGN PATENT DOCUMENTS
`
`31201) 1
`11131532 At
`212001
`1031532
`512003
`2 382 006
`512003
`2382006 A
`411992
`9202435
`411992
`9202435 1111
`1111095
`9636934
`1111996
`9636934 A1
`212002
`0214985
`212002
`11214935 A2
`1.12010
`2010000455 1111
`312012
`201232429 Al
`-
`..
`_
`OlI-HER PUBULAIIONS
`
`“PGP:AnIntrodIIctionto Cryptography-"2000.
`International Search Report from PC"1'1USZOD7.1'UO4645 mailed Nov.
`27'. 2007.
`Inlematiunal Semch Report from PCT1'IJ'S2009103 5282 mailed Jul.
`10, 2009.
`Pabrai, L]. “Biometrics for PC-Uscr Authentication: A Primer“ Feb.
`1. 200]. Access Contmls 81 Stacurityr Systems. All pages. <htlp211’
`“311w.securitysoluti0ns.c01nfrmg"sceurity_biomctrics_pcuscr_au-
`Lhenticationfindexhtmb.
`
`2 of 28
`
`20f28
`
`
`
`US 8,856,539 B2
`
`Page 3
`
`(56)
`
`References Cited
`
`OTHER PUBLICATIONS
`
`“Biometrics: Who‘sWatchingYou‘?“, Electronic Frontier Foundation
`(El-'1"). Sep. 2003. all pages. http:J"MW.eff.orge'wp.-'biometrics-
`whos—watehing—you.
`"PGP: An intn’xluelion to cryptography". 2000. all pages.
`"Single Sign on Authentication“. Authentication World. Mar. 13.
`200?. all pages. relrieved Jul. 9. 2010 Via Wayhaek Machine. {llll'pitl-l
`web.archive.orglwebf200703 l3200434.’htlp:flww.
`authenticationworld.com-"Single-Sig-On-Authentication-'5.
`11ongtington, “101 Things to know about single sign on". Authenti-
`cation World, 2006. all pages. fihllp:.F.-'Ww.alllhenliealionworld.
`cornr'Single—Sign—On—Aulhenlieat iorv'
`101 "I'hings'l'o KnowAboutSingleSignOn.pd f>.
`
`Kessler. “An overview of cryptography". Aug. 22. 2002. all pages.
`retrieved via Wayhaek Machine on Jan.
`[9. 2010. hllpze’r'wrw.
`garykessleiznetr'libraiyr'cryptohtml.
`Treasuryr Board of Canada Secretariat, PKI for Beginners Glossary.
`hl1p:.-'»"www.lbs—scl.gc.ea.r'pki—ie[flbegi rlners-“glossaryengasp.
`“Blueloolh TeChnology FAQ"1 Mohileinfoeom. Jan. 2]. 2001. all
`pages. http:x'fwww.web.amhive.org’web-’200 10 121 155 [dings-"WW:
`mobileinfo.comIBluetoothfl'iAthm.
`Inlemalional Search Report and Wrilten Opinion for Inlernalional
`Application No. PCTILISZOI 1;"051966, 49 pages (2012).
`“Information Security: Challenges in Using Biometrics” Sep. 9.
`2003. All pages. <hllp'.:".l'\.\W.gao.g0\dnewjlernsr'dOBl [37Lpdf'z
`Inlemalional Search Report from NITI'1132007.“’070701 mailed Mar.
`1 l. 2008.
`
`* cited by examiner
`
`3 of 28
`
`30f28
`
`
`
`US. Patent
`
`Oct. 7, 2014
`
`Sheet 1 0f 14
`
`US 8,856,539 32
`
`12\
`
`
`
`/10
`
`20
`
`22
`
`26
`
`User
`
`18
`
`USR
`Software
`
`Comm.
`Port
`
`Wide
`Area
`Network
`
`15
`
`14
`
`24
`
`.30
`
`30
`
`.30
`
`Universal Secure
`
`Registry
`
`
`
`Person No.
`
`1
`
`
`
`.
`
`Person No. n
`
`7
`
`FIG.
`4 of 28
`
`40f28
`
`
`
`US. Patent
`
`Oct. 7, 2014
`
`Sheet 2 MM
`
`US 8,856,539 32
`
`F0
`
`Computer
`Module
`
`Module
`
`Computer Computer
`Module
`
`USR System
`
`
`Module
` Computer Computer Computer
`
`27
`
`_
`
`Interface
`Center
`
`Interface
`Center
`
`27
`
`Wide Area Network
`
`
`
`.-
`
`.
`
`27
`
`Interface
`Center
`
`Interface ..
`Center
`
`27
`
`I
`interface
`Center
`
`'
`Interface
`Center
`
`27
`
`27
`
`FIG. 2
`
`5 of 28
`
`50f28
`
`
`
`US. Patent
`
`a0
`
`M
`
`US 8,856,539 32
`
`On.
`
`7.,6:3an.
`
`
`
`
`
`
`
`
`
`
`mmaa=o><mmooo<coronzgMcozoELEEComoELQE5:09:85Camacho;m39.34
`
`
`
`comLmn.
`
`m830.585acoreF285559585
`328:$5025S.no:.P60”550.6F02
`_o_o:oc_.._mx“:828%2
`coroELouFE
`
`6 of 28
`
`60f28
`
`a».3vNV9‘
`
`M.6t
`
`
`
`
`US. Patent
`
`Oct. 7, 2014
`
`Sheet 4 of 14
`
`US 8,856,539 32
`
`Wide Area Network
`
`Public
`Information
`Interface
`Centers
`
`Medical
`Information
`Interface
`Centers
`
`Tax .
`Information
`Interfoce
`Centers
`
`Job Application
`Information
`Interface
`Centers
`
`Financial
`Medical
`Public
`information Information Information
`Computer Computer Computer
`Module
`Module
`Module
`
`USR System
`
`Tax
`Job
`Address
`Information Application Information
`Computer Computer Computer
`Module
`Module
`Module
`
`Centers
`
`
` Interface
`
`Financial
`Information
`
`Centers
`
`Address
`Information
`Interface
`
`FIG. 4
`
`7 of 28
`
`70f28
`
`
`
`US. Patent
`
`Oct. 7, 2014
`
`Sheet 5 0f14
`
`US 8,856,539 32
`
`Train the Database
`
`500
`
`Identification
`
`Validate Person’s
`
`502
`
`
`Does
`No
`
`Person Have Rights to
`Enter Data
`‘9
`
`
`
`Enable Person to Enter
`Basic Personal Data
`
`
`
`
` Does
`Person Have Right to
`
`Enter Additional Data
`
`Yes /508
`
`
`
`Enable Person to Enter
`Advanced Personal Data
`
`
`
`Enable Person to Specify Access
`to Advanced Personal Data
`
`512
`
`FIG. 5
`
`8 of 28
`
`80f28
`
`
`
`US. Patent
`
`Oct. 7, 2014
`
`Sheet 6 0f14
`
`US 8,856,539 32
`
`Enable Access to
`
`Basic Personal Data
`
`602
`
`
`
`ls
`
`
`Additional Information
`Requested
`
`?
`Yes
`
`600
`
`No
`
`
`/ 604 / 608
`
`
`
`
`No
`Does Requester
`
`Participating in
`Have Rights to Access
`
`Transaction
`Type of Requested
`
`
`
`Data ?
`
`
`Is Person
`
`
`
`
`
`Validate Person's
`Identity
`
`
`
`Enable Person to
`Change Access
`Rights to Data
`
`
`
`
` Does Requester
`
`Have Rights to Access
`
`Type of Requested
`Data ?
`
`Yes
`
`Cause USR to Enable
`
`Access to Type of
`Requested Data
`
`
`606
`
`610
`
`FIG. 6
`
`9 of 28
`
`90f28
`
`
`
`US. Patent
`
`Oct. 7, 2014
`
`Sheet 7 of 14
`
`US 8,856,539 32
`
`700
`
`User initiates Purchase
`
`
`
`
`702
`
`User Enters Secret Code
`in Secure ID
`
`
`
`704
`
`Merchant Transmits to Credit
`Card Company
`
`
`
`
`(1) Code from Secure ID
`(2) Store Number
`(3) Amount of Purchase
`
`706
`
`
`
`Credit Card Company
`Sends Code to USR
`
`708
`
`710
`
`712
`
`
`
`USR Determines if Code is Valid. and if
`Valid Accesses User's Credit Card
`Information and Transmits Credit Card
`
`Number to Credit Card Company
`
`
`
`
`
`
`
`
`Credit Card Company Checks
`Credit Worthiness and Declines
`
`
`
`
`
`
`Card or Debits User's Account and
`Transfers $ to Merchant's Account
`
`
`
`
`
`
`CCC Notifies Merchant of
`Result of Transaction
`
`FIG. 7
`
`10 of 28
`
`10 0f28
`
`
`
`US. Patent
`
`Oct. 7, 2014
`
`Sheet 8 0f14
`
`US 8,856,539 32
`
`User Initiates Purchase
`
`User Enters Secret Code
`in Secure ID
`
`Merchant Tronsmits to USR
`
`
`
`(1) Code from Secure i0
`(2) Store Number
`(.3) Amount of Purchase
`
`USR Determines if Code is Valid
`
`800
`
`802
`
`804
`
`5306
`
`808
`
`USR Accesses User's Credit Card
`
`Information and Tronsmits to 000
`
`(5) Amount of Purchase
`
`(1) Credit Card Number
`(2) Store Number
`
`
`
`
`
`CCC Checks Credit Worthiness and
`Declines Card or Debits User's Account
`
`
`
`810
`
`and Transfers $ to Merchant's Account
`
`
` 814
`
`
`
`812
`
`
`
`CCC Notifies USR of
`Result of Transaction
`
`
`
`
`
`USR Notifies Merchant of
`Result of Transaction
`
`
`FIG. 8
`
`11 of 28
`
`110f28
`
`
`
`US. Patent
`
`Oct. 7, 2014
`
`Sheet 9 MM
`
`US 8,856,539 32
`
`900
`
`User Initiates Purchase and
`
`Writes Check to Merchant
`
`User Enters Secret Code
`in Secure ID
`
`
`
`Merchant Transmits to USR
`
`(1) Code from Secure ID
`(2) Store Number
`(3) Amount of Purchase
`
`
`
`USR Determines if Code is Valid
`
`
`
`USR Accesses User's Bank
`
`Information and Transmits to Bank
`
`(1) Bank Account Number
`(2) Store Number
`(3) Amount of Purchase
`
`
`
`Bonk Checks Account Balance
`
`to Verify Availability of Funds
`
`
`
`Bank Notifies USR of
`Result of Verification
`
`.902
`
`.904
`
`906
`
`908
`
`910
`
`912
`
`914
`
`USR Notifies Merchant of
`Result of Verification
`
`FIG. 9
`
`12 of 28
`
`12 0f28
`
`
`
`US. Patent
`
`Oct. 7, 2014
`
`Sheet 10 0f 14
`
`US 8,856,539 32
`
`by Entering Secret Code in Secure
`ID and Transmitting Result to
`
`Merchant Transmits to USR
`
`(1) Code from Secure ID
`(2) Store Number
`(3) Amount of Purchase
`
`1000
`
`1002
`
`1'004
`
`1006
`
`
`
`USR Accesses User’s Credit Card
`Information and Transmits to C00:
`
`
` User initiates Anonymous Purchase
`On—Line Merchant
`
`
`
`
`
`
`USR Determines if Code is Valid
`
`3
`
`
`Amount of Purchase
`
`1) Credit Card Number
`2; Store Number
`
`
`1008
`
`
`
`CCC Checks Credit Worthiness and
`Declines Card or Debits User’s Account
`
`
`and Transfers 3 to Merchant's Account
`
`
`
`1010
`
`
`
`CCC Notifies USR
`of Result of Transaction
`
`
` 1014
`
`
`
`
`If Credit Declined,
`USR Notifies Merchant
`
`1012
`
`If Credit Accepted, USR
`Accesses Address Code
`
`and Provides Merchant
`with Address Code
`
`with Address Code and Ships
`
`FIG. 70
`
`13 of 28
`
`13 0f28
`
`
`
`US. Patent
`
`Oct. 7, 2014
`
`Sheet 11 0f 14
`
`US 8,856,539 32
`
`1100
`
`User Provides Address
`Code on Public Area
`
`
` 1102
`
`
`
`
`”08\
`
`
`User Provides Address Information
`in Address Area of USR
`
`”04
`
`Person Places Public Code
`on Parcel
`to be Mailed
`
`1106
`
`
`
`Post Office Accesses USR
`to Retrieve Address Information
`
`
`
`/1110
`
`Post Office Delivers Parcel to
`Address in Address Area of USR
`
`Post Office Prints Bar Code
`on Parcel
`to Automate
`Delivery of Parcel
`to Address
`in Address Area of USR
`
`
`FIG.
`
`77
`
`
`
`
`
`
`
`1200
`
`1202
`
`1204
`
`1206
`
`
`
`User Provides Telephone
`Code on Public Area
`
`
`
`
`
`
`
`Person Dials USR Phone Number and
`
`
`Enters Telephone Code for User
`
`
`
`
`User Provides Telephone Information
`in Telephone Area of USR
`
`USR Connects Person to Telephone
`Number Without Providing User
`Person with Telephone Number
`
`
`
`FIG. 72
`
`14 of 28
`
`14 0f28
`
`
`
`m
`
`.3:
`
`aO
`
`7”,+9:
`
`Aw
`
`pl.0n
`
`mno:
`
`8:
`
`US 8,856,539 32
`
`3Gt
`
`M.“GE
`
`
`
`
`
`5033051mafia:3882mm:
`
`/m6h.h
`
`Law:P81«MU
`wcoEoo:om38:035:22ao>2n_3mEEofi<
`583:0;4n:EzommEat0300mmm:3£832..
`
`
`w26>238:moEEEonmm:
`
`coroELBE380m8:01nco5:09:85
`
`35:33.6moLoam6383*026.;A3
`
`foam”:BEETS9.650.5%at3:953
`
`n:mLaocmEmuoo«BOOMmgoutmmeD
`
`
`53530:”;{$33383.mm:
`
`3:52v5838%?E:oEmozom3mfiEchFvac
`620:n:2308yo230EANV
`
`320:n:Escom06830Ea3:52B8:855).3362.2,3mtEwan.vcocofiuELEE
`90.58mE230yobmmESE.5m:
`
`
`
`96$3EQEBEhow:
`
`532.2,BcomuoczcoE
`
`
`
`mm:3maggot.L2.23:;
`
`Q233E2»230
`
`26>m_300tmocEfiEgmm:
`
`
`
`
`
`//Nanh
`
`ooh.“
`
`won.“
`
`man.“
`
`15 of 28
`
`15 0f28
`
`
`
`
`
`US. Patent
`
`Oct. 7, 2014
`
`Sheet 13 MM
`
`US 8,856,539 32
`
`com“
`
`N92
`
`V09
`
`mom“
`
`no.2
`
`.36E
`
`.32.5L839?.B8:;me5w:
`26>m_250men.535,5300mm:
`9830mmE230“Scam9.chLaw:
`o_nu__o><mtEmcofi955:05.35
`
`Law:2.:.6tocomcocozoozqg:0
`
`Eat250mm:3«3825:..63
`
`333800.6Low:8coSoELoE.
`
`:ofico:aa<wmmm:mommooo<mm:
`
`
`3005302391Econ:938m
`ycuEtoa<Lo£920
`.26E Atom3cozoELoug
`
`9SzommE0.30waomm33cmEm:
`mtEmcot.vacmuooatomB05308.433;3o_no__o><
`”30:94
`
`mug/oiB«PicaLam:
`
`353Snooczfiy
`
`/Nom.h
`
`
`
`/Gem.“
`
`
`
`“68mm:3£520:€01
`
`9.30atom96a.230mmE9:
`
`26>m_mvoot858530mmn
`
`
`
`coonLouFE3me3383»mm:
`
`won“
`
`mom.“
`
`hon"
`
`16 of 28
`
`16 0f28
`
`
`
`
`US. Patent
`
`Oct. 7, 2014
`
`Sheet 14 0f 14
`
`US 8,856,539 32
`
`10
`
`USR System
`
`
`
`
`
` Lop Top
`
`Computer
`
`Electronic
`
`Device
`Automobile
`
`
`FIG. 77
`
`17 of 28
`
`17 0f28
`
`
`
`US 8,856,539 BZ
`
`2
`
`1
`UNIVERSAL SECURE REGISTRY
`
`RELATED APPLICATIONS
`
`This application claims the benefit under 35 U .S .(T. §120 of S
`U .8. application Ser. No. 09/8] 0,703, filed on Mar. 16, 2001
`and issued on Jun. 26, 2007 as US. Pat. No. 7,237,] 17, which
`is herein incorporated by reference in its entirety.
`
`lfl
`
`15
`
`2f]
`
`25
`
`30
`
`40
`
`50
`
`60
`
`BACKGROUND 0]" [NVliN'l‘lON
`
`1. Field of Invention
`
`This invention generally relates to a method and apparatus
`for securely storing and disseminating in formation regarding
`individuals and, more particularly, to a cotupttter system for
`authenticating identity or verifying the identity ofirtdividuals
`and other entities seeking access to certain privileges and for
`selectively granting privileges and providing other services in
`response to such identificationsfverilications.
`2. Discussion of Related Art
`
`Dissemination of information regarding various entities,
`including individuals, in society is conventionally done in a
`tion-centralized fashion, often requiring specialiZed knowl-
`edge of a likely storage location to access the information.
`This specialized knowledge may not be available when the
`information is needed, thus effectively preventing distribu—
`tion of the infonnation when required. For example, a doctor
`in an emergency room may desire access to a patient’s medi-
`cal history in determining a course of treatment. If the person
`is not carrying a complete medical record, which is typically
`the situation, the medical records may not be available to the
`doctor. Even if these medical records are available electroni—
`
`cally, for example via a computer accessible in the person’s
`regular doctor’s office.
`the records may effectively be
`unavailable if the person is unconscious or otherwise inca—
`pacitated or if restrictions on access to the doctor’s records
`cannot otherwise be overcome. The retrieval of required
`medical records can be further complicated by the fact that
`such records can be located at a number of different sites:{
`systems which are not linked. For example, the patient’s
`primary care physician may not have records from a specialist
`treating the patient, and none of these physicians may have
`dental records. Similar problems arise iii other environments
`where relevant data may be scattered andfor otherwise diffi-
`cult to access.
`
`Identification ofa person from other persons within a soci—
`ety and verification ofa person as being who he says he is are
`extremely important for litany reasons. For example, deter-
`111inatiom’verification ofa person’s identity will typically dic—
`tate extension ofcredit, granting access to information, allow—
`ing entry to a restricted area, or the granting of numerous
`other privileges.
`Most people carry multiple forms of identification. For
`example. a typical person may carry an identification card
`issued by a federal, state, or local governmental entity, an
`identification card issued by a university or place of employ-
`ment, title or more credit cards that serve to identify the person
`as a holder ofa credit card account, one or more bank cards
`that serve to identify the person as holder ofa batik account,
`medical infomiation cards identifying the person as a mem—
`ber of, for example, a health maintenance organization or as a
`person holding an insurance policy front a specified insttrance
`company, keys that identify the person as owner of an auto—
`mobile, house, etc., and numerous other identification cards
`that may be used for specialized purposes, such as identifying
`the person as a member of a health club, a library, or a
`professional organization.
`
`To enable the person to function effectively in society, the
`person mu st typically have one or more ofthese identification
`devices with them if they wish to undertake an associated
`activity. For example, a person is not allowed to drive a car or
`purchase alcohol without a governliientally issued driver’s
`license. Likewise, although cash may be used to purchase
`goods andfor services, the person will typically not be able to
`purchase goods andfor services with a credit card ifthe person
`is not physically carrying the credit card. Similarly, most
`hospitals and other medical facilities will require proof of
`insurance before rendering medical attention. Carrying these
`multifarious identification devices can become onerous.
`
`Additionally, if one or more of the identification devices is
`lost, stolen or forgotten, it can be inconvenient, lnaking it
`dillicult to obtain goods or services requiring the miSsing
`identification.
`There are also times when the individual may wish to be
`identified or at least verified without providing personal infor—
`matiOn. For example, a person may wish to purchase goods
`andfor services without publicly providing hisfher credit card
`information for fear that the credit card information be may be
`stolen and used fraudulently. Likewise, the person may wish
`to purchase goods or order goods to be delivered to an address
`without revealing the address to the vendor. Unfortunately,
`conventional identification devices require that at least solne
`personal information be transmitted to complete a transac—
`tion.
`There are other related problems. For example. when there
`is a need to locate a person or other entity where only limited
`biographical data is known, this can be difficult since relevant
`information is seldom available from a single database.
`Another potential problem is the forwarding of mail, pack—
`ages.
`telephone callsfmessages. e-mails and other items
`where a party is in a situatiOn where they are changing loca-
`tion frequently andt'or where the person does not want such
`information to be generally available for security or other
`reasons. A simple, yet secure, way ofdealing with such issues
`does not cttrrently exist.
`Another potential problem is filling in forms, particularly
`for an individual who frequently has to complete the same or
`similar fonn. Such forms can for example be medical forms
`when visiting a doctor or entering a hospital, innnigration
`forms on entering the country, employment fomts, college
`entry fomts. etc. It would be desirable if such fomts could be
`completed once and be available for future use, and it would
`be even better ifthe information for each such form could be
`automatically drawn from an existing database to complete
`the form. There is also a frequent requirement to periodically
`update information in a form, for example financial informa-
`tion for a line of credit. It would be desirable if such updates
`could be automatically performed from data in a general
`database.
`
`Still another potential problem is that a person may be
`forced to make requests on a database, for example financial
`requests. under duress. It would be desirable if the person
`could easily and undetectably signal such duress when mak—
`ing the request and the receiving system be able to act appro-
`priately to assist and protect the individual.
`Systems capable of effectively performing all of these
`fiinctions do not currently exist.
`
`SUMMARY OF lNVl-EN'IION
`
`There is thus a need for an identification system that will
`enable a person to be identified or verified {“identification”
`sometimes being used hereinafter to mean either identified or
`verified) andfor authenticated without necessitating the pro-
`
`18 of 28
`
`18 0f28
`
`
`
`US 8,856,539 BZ
`
`3
`vision of any personal infonnation. Likewise, there is a need
`for an identification system that will enable a person to be
`identified universally without requiring the person to carry
`multiple forms of identification.
`Accordingly. this invention relates. in one embodiment, to
`an infiirmation systeln that may be used as a universal iden-
`tification system andfor used to selectively provide personal,
`financial or other information about a person to authorized
`users. 'l‘ransactions to and from the database may take place
`using a public keyfprivate key security system to enable users
`of the system and the system itself to encrypt transaction
`information during the transactions. Additionally, the private
`keya'public key security system may be used to allow users to
`validate their identity andfor sign instructions being sent to a
`universal secure registry (USR) system of the type to which
`this invention relates. For example, in one embodiment, a
`smart card such as the SecurIDTM card from RSI Security. Inc.
`may be provided with the user’s private key and the USR
`system’s public key to enable the card to encrypt messages
`being sent to the U SR system and to decrypt messages from
`the USR system 10.
`This USR system or database may be used to identify the
`person in many situations, and thus may take the place of
`multiple conventional forms of identification. Additionally.
`the USR system may enable the user’s identity to be con-
`fimied or verified without providing any identifying infonna—
`tion about the person to the entity requiring identification.
`This can be advantageous where the person suspects that
`providing identifying information may subject the identify-
`ing information to usurpation.
`Enabling anonymous identification facilitates multiple
`new forms oftransactions. For example, enabling anonymous
`identification enables the identified person to be telephoned
`by or receive e-mails from other persons Without providing
`the other person with a telephone number or e—mail address.
`and will permit this to be accomplished even where there are
`frequent changes in the person’s location. Similarly. enabling
`anonymous identification will enable the person to receive
`mail, other delivered parcels and other items without provid-
`ing the recipient’s address information to the sender. By
`restricting access to particular classes ofpersonsfentities, the
`person can effectively prevent receipt of junk mail. other
`unsolicited mail. telemarketing calls and the like.
`In a financial context, providing anonymous identification
`of a person enables the person to purchase goods andfor
`services from a merchant without ever transmitting to the
`merchant information, such as the person’s credit card num-
`ber, or even the person’s name, that could be intercepted
`andr’or usurped and used in subsequent or additional unautho—
`rized transactions or for other undesired purposes. Enabling
`anonymous identification may be particularly advantageous
`in an unsecured environment, such as the Intemet, where it
`has been found to be relatively trivial to intercept such credit
`card information.
`
`in addition to
`In a medical context. the USR system.
`enabling a person seeking medical treatment to ident ify them-
`selves, may be configured to provide insurance data. medical
`history data, and other appropriate medical information to a
`medical provider, once that medical provider has been estab—
`lished as an authorized recipient. The USR system may also
`contain links to other databases containing por1ions of the
`patient’s medical records, for example x-rays. MRI pictures.
`dental records, glasses. prescriptions, etc.
`Access to the USR system may be by smart card, such as a
`SecurIDT“ card, or any other secure access device. The tech—
`nology enabling the USR system may be physically embod-
`ied as a separate identification device such as a smart II) card.
`
`If]
`
`15
`
`2f]
`
`25
`
`30
`
`40
`
`50
`
`60
`
`4
`
`or may be incorporated into another electronic device, such as
`a cell phone, pager, wrist watch, computer, personal digital
`assistant such as a Palm PilotTM, key fob. or other commonly
`available electronic device. The identity of the user possess—
`ing the identifying device may be verified at the point of use
`via any combination ofa memorized PIN number or code,
`biometric identification such as a fingerprint, voice print.
`signature, iris or facial scan, or DNA analysis. or any other
`method of identifying the person possessing the device. If
`desired, the identifying device may also be provided with a
`picttlre of the person autliorich to use the device to enhance
`security.
`The USR system may be usefill for numerous other iden—
`ti fication purposes. l-‘or example, the U SR anonymous iden-
`ti fication may serve as a library card. a phone card, a health
`club card. a professional association membership card, a
`parking access card, a key for access to one’s home, office.
`car, etc. or any one of a host of similar identificationfverifi—
`cation andfor access functions. Additionally, equipment code
`information may be stored in the USR system and distributed
`under the user‘s control and at the user’s discretion. to main—
`tain personal property or public property in an operative state.
`
`BRII it: D] ESCRIP’I‘ION ()l" DRAWINGS
`
`This invention is pointed out with particularity in the
`appended claims. The above and filrther advantages of this
`invention may be better understood by referring to the fol-
`lowing description when taken in conjunction with the
`accompanying drawings. The accompanying drawings are
`not intended to be drawn to scale. In the drawings, each
`identical or nearly identical component that is illustrated in
`various figures is represented by a like numeral. For purposes
`of clarity, not every component may be labeled in every
`thawing. In the drawings:
`FIG. 1 is a functional block diagram ofa computer system
`configured to implement
`the universal
`secure registry
`(“U SR").
`including a USR database. according to one
`embodiment of the invention;
`FIG. 2 is a functional block diagram ofa first embodiment
`ofa networked enviromnent including the computer system
`ofl"'lG. 1;
`FIG. 3 is a functional block diagram of an entry of a
`database forming the U SR database of l"'lG. ];
`FIG. 4 is a functional block diagram of a second embodi—
`ment of a networked environment including the computer
`System of 1" IG. 1:
`FIG. 5 is a flow chart illustrating steps in a process of
`inputting data into the USR database;
`FIG. 6 is a flow chart illustrating steps in a process of
`retrieving data from the USR database;
`FIG. 7 is a flow chart illustrating a first protocol for pur-
`chasing goods fl'om a merchant via the U SR database without
`transmitting credit card information to the merchant;
`FIG. 8 is a flow chart illustrating a second protocol for
`purchasing goods from a merchant via the USR database
`without transmitting credit card information to the merchant;
`I: IG. 9 is a flow chan illustrating a protocol for purchasing
`goods from a merchant via the USR database by validating
`the user’s check;
`FIG. III is a flow chart illustrating a protocol for purchasing
`goods from an on-line merchant via the U SR database with-
`out transmitting credit card infonnation to the on—line mer—
`chant, and enabling the on~line merchant to ship the goods to
`a virtual address;
`FIG. 11 is a flow chart illustrating a protocol for shipping
`goods to a vinual address via the USR database;
`
`19 of 28
`
`19 0f28
`
`
`
`US 8,856,539 BZ
`
`5
`[“IG. [2 is a [low char1 illustrating a protocol for telephon-
`ing a virtual phone number via the USR database;
`FIG. 13 is a flow chart illustrating a protocol for identifying
`a person via the USR database;
`FIG. 14 is allow chart illustrating a protocol for identifying
`a person to a policeman via the USR database:
`FIG. 15 is a flow chart illustrating a protocol for providing
`information to an authorized recipient of the infonnation via
`the USR database;
`FIG. 16 is a flow chart illustrating a protocol for providing
`application information to an authorized recipient of the
`information via the USR database: and
`FIG. 17 is a functional block diagram of an embodiment
`configured to use information in the U SR system to activate or
`keep active properly secured through the U SR system.
`
`DETAILED DESCRIPTION
`
`This invention is not limited in its application to the details
`of construct