Login| Sign Up| Help| Contact|

Patent Searching and Data


Title:
SECURE AUTHENTICATION AND FINANCIAL ATTRIBUTES SERVICES
Document Type and Number:
WIPO Patent Application WO/2018/140700
Kind Code:
A1
Abstract:
Provided are devices, interfaces, methods, and systems for secure authentication of identity of information including identification data and financial attributes, wherein the secure authentication comprises storing identity information in a protected data repository with a private data record, assigning a reference identifier for a private data record in a protected data repository, receiving a request for authenticating identity information comprising a reference identifier and public identity information, requesting access to private identity information through a private approval interface with said reference identifier, requesting a portion of said private data record from said protected data repository, verifying identity information from said portion of private data record and public identity information, responding with an authentication or multi-valent response.

Inventors:
HUTCHINSON SHAWN (US)
Application Number:
PCT/US2018/015401
Publication Date:
August 02, 2018
Filing Date:
January 26, 2018
Export Citation:
Click for automatic bibliography generation   Help
Assignee:
HUTCHINSON SHAWN (US)
International Classes:
G06F7/00
Foreign References:
US20090119757A12009-05-07
US20030225693A12003-12-04
US20100250411A12010-09-30
US20120278240A12012-11-01
Attorney, Agent or Firm:
VEPACHEDU, Sreenivasarao (US)
Download PDF:
Claims:
Applicant claims the following:

1. A method of authenticating identity information, comprising

Storing identity information in a protected data repository with a private data record;

Assigning a reference identifier for a private data record in a protected data repository;

Receiving a request for authenticating identity information comprising a reference identifier and public identity information;

Requesting access to private identity information through a private approval interface with said reference identifier;

Requesting a portion of said private data record from said protected data repository;

Verifying identity information from said portion of private data record and public identity information;

Responding with an authentication or multi-valent response.

2. The method of authenticating identity information of Claim 1, wherein identity information comprises social security number, driver's license, physical address, electronic address, or telephonic address.

3. The method of authenticating identity information of Claim 1, wherein said request for

authenticating personal identity information comprises a public reference identifier and defined feature attributes.

4. The method of authenticating identity information of Claim 3, wherein a defined feature attribute comprises personal data, financial data, biological data, and combinations thereof.

5. The method of authenticating identity information of Claim 4, wherein personal attributes comprises data about a person that includes a characteristic descriptor.

6. The method of authenticating identity information of Claim 4, wherein financial information includes income, debt, tax records, account transactions, credit score, credit report, and combinations thereof.

7. The method of authenticating identity information of Claim 4, wherein biological information include biometrics and biochemical indicia referring to attributes of a biological person.

8. The method of authenticating identity information of Claim 1, wherein said personal identity information comprises a social security number, bank account number, or driver's license number.

9. The method of authenticating identity information of Claim 1, wherein said protected data repository comprises data storage with electronic separation from the storage source that includes physical data storage.

10. The method of authenticating identity information of Claim 9, wherein said storage source comprises encrypted data, interrogative data device, etc.

11. The method of authenticating identity information of Claim 10, wherein said interrogative data storage device comprises physical or electronic separation from a requesting device.

12. The method of authenticating identity information of Claim 10, wherein said interrogative data storage device comprises a means for receiving a request for personal identity information or a means for supplying personal identity information.

13. The method of authenticating identity information of Claim 10, wherein said interrogative data storage device comprises a means for responding to a request including optical, thermal, chemical, tactile, coordinative, or translational means.

14. The method of authenticating identity information of Claim 1, wherein said reference identifier comprises a public static identifier, private dynamic identifier, or a combination thereof.

15. The method of authenticating identity information of Claim 14, wherein said static identifier comprises an alphanumeric serial string, private encryption key, numerical code, a fingerprint referent, a voiceprint referent, ocular referent, biological referent, or a combination thereof.

16. The method of authenticating identity information of Claim 14, wherein said dynamic identifier comprises a signal generated by a device for authentication of the identity information by the person owning said identity information.

17. The method of authenticating identity information of Claim 16, wherein said fingerprint referent comprises an image, portion, fragment, index, or identifying feature to a finger print.

18. The method of authenticating identity information of Claim 16, wherein said voiceprint referent comprises an image, portion, fragment, index, or identifying feature to a voice print.

19. The method of authenticating identity information of Claim 16, wherein said ocular referent comprises an image, portion, fragment, index, or identifying feature to a face, retina, or iris.

20. The method of authenticating identity information of Claim 16, wherein said biological referent comprises an image, portion, fragment, index, or identifying feature to biochemical indicia.

21. The method of authenticating identity information of Claim 1, wherein said requesting access comprises approval of access by message, chat, voice, text, signal, bit, or combinations thereof.

22. The method of authenticating identity information of Claim 1, wherein said receiving a request for authenticating personal information comprises a request from an intranet source, an internet source, an extranet source, or combinations thereof.

23. The method of authenticating identity information of Claim 1, wherein said private approval interface comprises a user interface for approving access to private data record such as through a graphical user interface, textual user interface, telephonic user interface, a video user interface, a human user interface, or combinations thereof.

24. The method of authenticating identity information of Claim 1, wherein said authentication value comprises a signal for the affirmative, negative, indeterminate, possible, or combinations thereof.

25. A method of authenticating identity information and financial attributes, comprising

Storing identity information in a data repository with a private data record;

Storing financial data in a data repository with a private data record;

Assigning a reference identifier for a private data record in a data repository;

Correlating a reference identifier for a private data record with financial data;

Receiving a request for authenticating identity information comprising a reference identifier and public identity information and for financial attribute;

Requesting access to private identity information through a private approval interface with said reference identifier;

Requesting a portion of said private data record from said data repository;

Verifying identity information from said portion of private data record and public identity information;

Responding with an authentication or multi-valent response;

Requesting access to financial data comprising identity information and authentication value; Receiving financial data from a private data record;

Performing a transaction with the financial data to determine a financial attribute;

Responding with a financial attribute and optional identity information.

26. The method of authenticating of Claim 25, wherein identity information comprises social security number, driver's license, physical address, electronic address, or telephonic address.

27. The method of authenticating of Claim 25, wherein said request for authenticating personal identity information comprises a public reference identifier and defined feature attributes.

28. The method of authenticating of Claim 27, wherein a defined feature attribute comprises personal data, financial data, biological data, and combinations thereof.

29. The method of authenticating of Claim 28, wherein personal attributes comprises data about a person that includes a characteristic descriptor.

30. The method of authenticating of Claim 28, wherein financial information includes income, debt, tax records, account transactions, credit score, credit report, and combinations thereof.

31. The method of authenticating of Claim 28, wherein biological information include biometrics and biochemical indicia referring to attributes of a biological person.

32. The method of authenticating of Claim 25, wherein said personal identity information comprises a social security number, bank account number, or driver's license number.

33. The method of authenticating of Claim 25, wherein said data repository comprises data storage with electronic separation from the storage source that includes data storage.

34. The method of authenticating of Claim 33, wherein said storage source comprises encrypted data, interrogative data device, etc.

35. The method of authenticating of Claim 34, wherein said interrogative data storage device comprises physical or electronic separation from a requesting device.

36. The method of authenticating of Claim 33, wherein said interrogative data storage device comprises a means for receiving a request for personal identity information or a means for supplying personal identity information.

37. The method of authenticating of Claim 33, wherein said interrogative data storage device comprises a means for responding to a request including optical, thermal, chemical, tactile, coordinative, or translational means.

38. The method of authenticating of Claim 25, wherein said reference identifier comprises a public static identifier, private dynamic identifier, or a combination thereof.

39. The method of authenticating of Claim 38, wherein said dynamic identifier comprises a signal generated by a device for authentication of the identity of the person owning said identity information.

40. The method of authenticating of Claim 39, wherein said static identifier comprises an alphanumeric serial string, private encryption key, numerical code, a fingerprint referent, a voiceprint referent, ocular referent, biological referent, or a combination thereof.

41. The method of authenticating of Claim 40, wherein said fingerprint referent comprises an image, portion, fragment, index, or identifying feature to a finger print.

42. The method of authenticating of Claim 40, wherein said voiceprint referent comprises an image, portion, fragment, index, or identifying feature to a voice print.

43. The method of authenticating of Claim 40, wherein said ocular referent comprises an image, portion, fragment, index, or identifying feature to a face, retina, or iris.

44. The method of authenticating of Claim 40, wherein said biological referent comprises an image, portion, fragment, index, or identifying feature to biochemical indicia.

45. The method of authenticating of Claim 25, wherein said requesting access comprises approval of access by message, chat, voice, text, signal, bit, or combinations thereof.

46. The method of authenticating of Claim 25, wherein said receiving a request for authenticating personal information comprises a request from an intranet source, an internet source, an extranet source, or combinations thereof.

47. The method of authenticating of Claim 25, wherein said private approval interface comprises a interface for approving access to a private data record through a graphical user interface, textual interface, telephonic interface, a video interface, a human interface, or combinations thereof.

48. The method of authenticating of Claim 25, wherein said authentication value comprises a signal for the affirmative, negative, indeterminate, possible, or combinations thereof.

49. The method of authenticating of Claim 25, wherein said financial data comprises income reports, debt records, tax transcripts, property deeds, property valuations, appraisals, sales, lien records, credit card transaction, account statements, credit score, credit report, and combinations thereof.

50. The method of authenticating of Claim 25, wherein said financial attribute comprises a numerical value, an approval, a quantified score, a qualification for service, a denial, a refusal, a risk, a decline, a data aggregate, or a ranking.

51. The method of authenticating of Claim 25, wherein requesting access to financial data comprises an automated request or a human request.

52. The method of authenticating of Claim 51, wherein said human request comprises a user interface for approving access to private data record through a graphical user interface, textual user interface, telephonic user interface, a video user interface, a human user interface, or combinations thereof.

53. The method of authenticating of Claim 25, wherein said performing a transaction comprises a credit card transaction request, verification of income, aggregate transaction data, automated clearinghouse transaction, debt-income calculations, determining an actuarial risk, or qualify for a financial product.

54. The method of authenticating of Claim 25, wherein said financial attribute is used to perform a secondary transaction with one of said financial data, identity information, and authentication value.

55. The method of authenticating of Claim 25, wherein said responding with a financial attribute comprises sending a response to a processor, an intranet source, internet source, or extranet source.

56. An interrogative data storage device, comprising:

data storage that is inaccessible by electronic signal;

a sensor that receives an interrogative request;

an output that provides data.

57. The device of Claim 56, wherein said output provides data through one or more audial, optical, electronic, electric, electromagnetic, thermal, chemical, tactile, coordinative, or translational means.

58. The device of Claim 56, wherein said sensor receives a request through one or more audial, optical, electric, electromagnetic, thermal, chemical, tactile, coordinative, or translational means

59. The device of Claim 56, wherein said data storage comprises a memory that stores data in one or more physical, electromagnetic, structural, chemical, thermal, temporal, or quantized formats

60. An interrogative data storage device, comprising:

an input that receives data;

data storage that is inaccessible by electronic signal;

a sensor that receives a interrogative request;

an output that provides data.

61. The device of Claim 56, wherein said output provides a signal through audial, optical, electronic, electromagnetic, frequency, thermal, chemical, tactile, coordinative, or translational format.

62. The device of Claim 56, wherein said sensor receives a request through audial, optical, electric, magnetic, frequency, thermal, chemical, tactile, coordinative, or translational format.

63. The device of Claim 56, wherein said data storage comprises a memory that stores data in one or more physical, electromagnetic, structural, chemical, thermal, temporal, or quantized formats.

64. A device, comprising data storage, responsive to a signal, and inaccessible by electronic signal.

65. A method of using an interrogative data storage device, comprising:

Storing data with an input device in a memory device;

Interrogating a sensor with a non- electronic signal;

Receiving data from an output.

66. The method of Claim 65, wherein said input device comprises one or more audial, digital, optical, visual, electronic, electric, electromagnetic, frequency, thermal, chemical, tactile, coordinative, or translational format.

67. The method of Claim 56, wherein said sensor receives a signal through audial, optical, electric, magnetic, frequency, thermal, chemical, tactile, coordinative, or translational format.

68. The method of Claim 65, wherein said output comprises a signal data in audial, optical, visual, electronic, electromagnetic, frequency, thermal, chemical, tactile, coordinative, or translational format.

Description:
SECURE AUTHENTICATION AND FINANCIAL ATTRIBUTES SERVICES

Background

[0001] An essential need exists to protect personal identity data while also making this identity data available to process financial transactions. While a great deal of effort has focused on practices of authentication, encryption, protection, and security, these practices rely on the transmission of data to process financial transactions. Personal identity data is oftentimes transmitted during the process of authentication and financial services in order to process transactions. However, such approaches expose businesses to excessive liability and consumers to possibility of having private identity data

compromised. For businesses, reducing costs of protecting private consumer data leads to greater profitability, while for consumers, reducing exposure of private identity data leads to greater security.

[0002] Authentication and financial services systems often rely on application to propound information in a manner that is useful for verifying identity and obtaining financial services. Personal identity data is provided by a consumer on a loan, for example, and the information is inputted into a database. The data is checked and processed, and yet consumer records are held within a business database. The identity information often includes private data such as a social security number that may be encrypted or not, and transmitted in other transactions or internal to an organization. Such data, is an essential identifying feature for a consumer, and yet also vulnerable because it is a number that is assigned to a person for the duration of a lifetime. Therefore a practice and service that allows a consumer to obtain improved authentication and financial transactions advantageously protects businesses and consumers.

[0003] Additional transactions encompass the transmission of private data that pertains to a consumer that is not otherwise public information. Credit card numbers, as another example, are often held in business systems in order to process transactions on behalf of the customer. A business that records credit card numbers results in costly expenditures to businesses for the security and protection of consumer information. Furthermore, the cost of indemnifying and discovering fraudulent credit activity is an expensive cost to credit card companies. Therefore a practice and service that allows businesses to transact financial services such as credit card transactions without the exposure of credit card numbers advantageously protects credit card companies, businesses that depend on credit, as well as consumers. Summary

[0004] The purpose of Secure Authentication and Financial Attributes Services is to provide authentication and financial services using personal identity data while retaining the privacy of certain identity and financial attributes. These services operate in a manner that separates to varying degrees private identity data and public identity data from authentication and financial services. Private identity data is held separately from financial transactions at various times during the use of such data, in order to restrict the transmission of private data. Businesses may excise the cost and practice of holding private consumer data, as well as the risks of liability and exposure on account of having such data in their possession. Consumers may accordingly have various controls on their private identity data and the use of this data for authentication and financial transactions, as well as affordable assurance that such data is unavailable as a general rule. Providing extensive controls to consumers of identity data and financial attributes provides great confidence for purchase transactions of all levels. Providing configurable controls to businesses of the authentication and financial services provides even greater protection of profits and interests. The practice of secure authentication and financial attributes services encompasses devices, methods, and systems that leverage these controls for the advantages of businesses and consumers. The breadth of financial services encompasses transactions of any monetized format.

[0005] One of the essential and yet vulnerable types of private data that any and all consumers require is an identification number. In the United States of America, the Social Security Number is assigned by the government agency for every citizen at birth. This record static identification number is retained by the consumer during the course of one's lifetime. However, this number is also used repeatedly in order to obtain and to qualify for financial services such as applications, credits, loans, and taxes, and so forth. The number, however, were it obtained by a malicious third party, could be a factor in performing an actions that is often referred to as "identity theft". Therefore, one of the most preferred uses of the practice is to resolve the steps required for the authentication of a consumer identity that are used for financial transactions without the transmission of a Social Security Number.

[0006] For the purpose of an illustrative example, the practice retains private data information for a consumer within a denetworked system and responds to a request for a loan with a yes, or no, decision. The latitude and span of the practice, however, provides a flexible and modular system wherein any and all financial transactions are processable without the transmission of private data over networked channels. Although examples of the practice are illustrated with the use on a form interface of an identification number in the present invention and Social Security Number as prior art (Figs. 7A, 7B), the full scope of the identity authentication encompasses any manner of referencing a person or entity.

Figures

[0007] Figure 1. Data Input and Memory Devices. A data input device allows a consumer to input identity information into one or more memory storage devices.

[0008] Figure 2. Memory Devices and Data Retrieval. Data is accessed from a memory device with a memory process having connectivity to processors and a cloud.

[0009] Figure 3. Identifying Data and Secure Authentication. A flowchart for secure authentication of identifying data.

[0010] Figure 4. Financial Services Request, Third-Party. A flowchart for secure authentication of identifying data and response to financial attribute service request.

[0011] Figure 5. Financial Services Request, Consumer. A flowchart for a financial service request from a consumer at a Point of Sale.

[0012] Figure 6. Point of Sale Purchase Card. A consumer purchase card having selectable features.

[0013] Figure 7. Financial Services Sample Form. Financial services application form with and without a SSN.

Detailed Description

[0014] A secure authentication of identity commences first with receiving an identification number for a person or entity. An identification number or record is stored in a data memory. An identification number for a customer may be a Social Security Number. An identification number for an entity may be an Employer Identification Number. A data memory may be in the format of a solidstate device, or it may be a device that is on a network such as the internet, an intranet, extranet, deepnet, and/or a cloud. The identification record is held in memory that is accessible to a processor. The processor is able to make at least basic operations such as comparisons and computations. The processor interfaces with the data memory in order to retrieve at least a portion of the identification record such as a number.

[0015] For each unique identification number, a record also has stored a reference number that a consumer uses to reference an identity record. The identification number in this example may be a Social Security Number. While a reference number comprises a portion that the consumer may use for applications and forms rather than the Social Security Number. The reference number may comprise a static and/or dynamic portion. The reference number may mask or encrypt the identification number. The data record comprises at least equivalent identifying features of the identity of a person.

[0016] The processor receives a reference number for the purposes of authenticating the identity of a consumer. The processor also receives identifying information about the person's identity. The identifying information may comprise information that is public and/or private. The identifying information may accompany the authentication request at the time of receipt, or according to a desired time differential. Public identifying information may include an address, telephone number, or any kind of information that is available on a public record. Private identifying information may include identifying features that are known privately by the consumer, such as biographical details, taxable income, and/or personal information. The identifying information may also include a private verification protocol through a telephone number, text message, finger print, or other unique referencing identifiers or authentication protocols.

[0017] The consumer has the ability to control access to the identifying number with the desired methods of providing an accompanying identifying information. The consumer may provide settings for the availability of accessing the identifying number for the purposes of authentication. Settings may include number of accesses, time of access, address of location, entity permissions, rendezvous timing, recurring access, and/or desirable rules that customize the level of security of the identifying number for consumer. The consumer may be notified of a request for authentication through a digital interface, such as through a telephonic prompt, sms text, electronic mail, voice mail, or other alert or notification of a request to access private identity information. [0018] The processor receives public and/or private identifying information from the consumer and/or a third party. The consumer provides the identifying information to the processor and/or data record. The consumer provides the identifying information from an interface that has connectivity through an internet, intranet, extranet, cloud, solid memory, chip, a physical input at a node, or a method of input that is non- electronic. Identifying information may be held in the data record with the identification number and reference number or may be held in another port of memory that is accessible to the processor or that the processor receives data from. The size of such memory may be from a bit or less, a chip card, an identification card, to macromemory devices such as a drive, shared resources, or to networked resourced such as a cloud. Information may be recorded and/or stored in any manner that allows a processor to receive the information or to request the information when queried to authenticate the identity of a consumer. Transmission of data to, from, with, accompanying, and between the processor and memory may be conducted in any desired protocol such as a secure channel, private-key encryption, integrated circuit, as well as non-electronic transmissions.

[0019] The processor receives public and/or private identifying information for a consumer from a third party. The third party supplies the information or requests the information on behalf of the consumer. The consumer may provide a consent or an authorization for the authentication of identifying. The consumer may provide a static or dynamic reference code in order to authorize the authentication. The consumer may provide rules or settings in order to control access to the authentication protocol. The authentication may require input from the consumer in order to complete the authentication request. The processor receives or retrieves the components of the authentication request from the consumer and the third party. The processor then performs a process of authenticating the consumer's identity according to the data provided. The processor may be a crypto, secure, private, distributed, quantum, parcel, mapping, deconvoluting, or encrypted processor.

[0020] The third party may, for example, provide a physical address, telephonic address, name, and Zip code of the consumer. The consumer may be notified that the third party is requesting authentication. The processor retrieves data from one or more memory records with the identifying data, or has data supplied to it. Authentication of the identity is accomplished with data check, verification,

deconvolution, or any practice of comparing the validity of and/or matching the value of data. The processor responds to a request to authenticate identity with binary response such as yes/no as well as a condition, status, request, bit, code, number, and/or provision of data. Responses may furthermore elicit additional requests and transmission of data.

[0021] The response of the processor to the authentication request provides a method for the system to respond to the authentication of a consumer identity in a multi-valent manner. Multi-valent responses allows the authentication to respond with confirmation of an identity, as well as more complex responses. Examples of the multi-valent responses that are complex encompass the likes of provisional authentication, authentication with indication, authentication with request, and/or a negatived authentication with one or more error codes. Error codes could indicate the kind of mismatch of data, missing data, suspicious data, and proprietary indicia. Furthermore, authentication responses, or their negatives, may additional accompany a payment increment, fee, toll, and/or token.

[0022] A third party may request various levels of authentication of information that may comprise a fee structure according to the level of detail. A third party could require: a surface match with regards to a social security reference that matches with address, a history match with regards the purchases and debts, a more extensive background check that cross-checks personal accounts with biographic details, or an exhaustive probe that exposits the results of a thorough examination of all of a consumer's personal and financial records. As such, the data record for a consumer may moreover comprise data for and/or access to public and private records that comprise financial attributes such as credit report, tax transcripts, court records, medical records, and/or any type of record that refers to, depends upon, references, or is linked to the identity of a person and/or entity. A third-party may also cause to have data transmitted to, with, preceding, or following an authentication request.

[0023] The practice of and service to the authentication of identity may be provided through computer or digital systems. Interfaces to the processor for a consumer may be an internet website, wireless connectivity, automated programming interface (API), automated clearninghouse, batch processes, secure sockets, direct coding, and/or software calls. The consumer may input data through a human- memory interface that is assisted through a node, terminal, website, and/or computer interface. The interface may include physical components that are transported or shipped to and from the consumer. [0024] A physical interface may include a solidstate memory device that may be accessible only one time, a limited number of times, or unlimited number of times in order to record personal data of the consumer. Personal data may include social security numbers, account numbers, biometric data, and/or biographical information. A physical-digital interface may be provide to the consumer in order to input this data in an alphanumeric, digital, audio, electromagnetic, and/or frequentive input. The interface may be sent to and received from the consumer. The data from an interface may be recorded onto, into, through, and/or coded in a data memory record. The data record is accessible directly or indirectly to the processor. The memory device may comprise a processor that interfaces with the authentication request processor, or may be accessed through another processor that interprets between processors.

[0025] A data memory device may be inaccessible to a signal or caused to be inaccessible to an electronic signal. The processor that accesses a data memory device may be inaccessible to an electronic signal or caused to be inaccessible to an electronic signal. The processor that retrieves data from a data memory device may comprise a probe or sensor that transmits and/or receives a signal in an optical, wavelength, electromagnetic, molecular compound, combinatorial, thermal, and/or structural format. The data device receives and/or transmits a data signal in an optical, wavelength,

electromagnetic, molecular compound, combinatorial, thermal, and/or structural format.

[0026] The memory device and/or the processor may receive an electronic signal and subsequently be rendered inaccessible to electronic signals. The memory device and/or the processor may receive an electronic signal and subsequently be rendered inaccessible to electronic signals. The memory device may be rendered inaccessible in order to protect the data from electronic reading and/or writing. The memory device may undergo transformation of physical, chemical, structural, crystallographic, electric, thermal, and/or phase states. Data may be stored, written, encoded, and/or incorporated in or with a physical, chemical, structural, crystallographic, electric, electronic, optical, thermal, and/or phase states of matter. The memory device and/or the processor may have been rendered inaccessible to electronic signals and rendered accessible. A device or processor may be rendered accessible or inaccessible through a physical, electromagnetic, interference, and/or thermal device or apparatus such as a shield or scrambler. A device or processor may be rendered accessible or inaccessible through a timing device, sensor, probe, radiation, thermal, and/or chemical sequence or combination of exposures. [0027] The memory device communicates a signal to the processor with one or more of the methods accessible and/or transformational states. The memory device and processor may also communicate in electronic formats through cifer, interpreter, key, quanta, piranha, rubrix, shibboleth, signals, sublimate, tokens, and/or encrypted data. The processor may read, sense, determine, or register that a signal or state of the memory device. The memory device and processor may be programmed with rules regarding the accessibility of the data and/or device. Accessibility, signals, state, and/or rules are implemented in order to protect the integrity and security of the data. A routine or sequence of one or more of these signals, states, and/or rules may be programmed, calculated, determined, and/or handled in order to grant an access accessibility for the processor to retrieve data. Data is communicated in one or more of these methods to and from one or more memory devices and processors.

[0028] In order to authenticate the consumer data, a processor retrieves data from the memory device and receives consumer data from the authentication request. One or more processors conduct the operation of authenticating the consumer data. The processor responds with a determinate signal or status of the consumer identity. The processor may also respond in one or more of the confirmation or complex responses as defined above. The processor that retrieves data from the memory device may be a transmission chip or simple query device that responds with data in a format for a processor performing the authentication check. Separating the function of processors into low-level operations and data storage protects the integrity and security of consumer data. Implementing memory devices that respond in non- electronic ways provides degrees of separation that protect and secure data. The practice of performing authentication of consumer data using the memory devices that are accessible in non-electronic ways further protects the integrity and security of consumer data.

[0029] One preferred embodiment of the method protecting and securing data is the protection of credit card information during transactions. The data for financial transactions, for example, is moved from customer to business to credit card company to business to business transactions. With the use of the reference number, customers can be provided with new purchase and sales cards that allow the use of remote b2b transactions in order to process credit card purchase. Merchants and sellers would not need to store credit card information in order to process transactions. One or more reference numbers of the customers, in static and/or dynamic format, would allow a purchase card to process at a point of sale system and supply the needed information to approve a transaction without transmitting a credit card number from the point of sale device. A smartphone or electronic device with selectable accounts also may be used at a point of sale device. Rather, with the one or more reference numbers the purchase card provides the data that the point of sale device uses to process a transaction with a system having a processor that processes the transaction with a credit card company on behalf of the customer.

[0030] In the embodiment having the one or more reference numbers and a credit card. Processing of a transaction may proceed first with the method of authenticating identity as described above. Processing a transaction may proceed without a response for authenticating identity or with a multi-valent response as described above. In a portion of a data memory device, credit card numbers may be stored. The customer may have provided these numbers through a graphical user interface or a device that allows for inputting of account numbers. The consumer may select accounts for use with a purchase and/or at a point of sale. The consumer may use one card for purchase while drafting from one or more payment debit, credit, money, derivative, resource buffer, future, pool, donation, and/or bank accounts.

[0031] The consumer may also provide settings that automate the selection of one or more credit card accounts in order to process one or more transactions. Previous settings on the priority or preferential use of credit card accounts allows customers to preselect cards for specific uses, such as for food, groceries, fuel, utilities, exchanges, marketplaces, and/or bets. Selection of an account may activate the purchase card for use and/or configure a chip or stripe for use at a point of sale device. The purchase card may be a Smart Card that is programmable by the consumer or a third -party for use at a POS. The consumer can trace and track the details regarding third party requests for financial services such as with the time of request and type of financial service conducted. One or more reports or statements may generate or caused to be generated through any one or more contact, inquiry, request, transaction, notification, authorization, purchase, and/or sale. One or more consumers, entities, networks, systems, commissions, agencies, registers, logs, inquiries, officials, bots, persons, and/or transcripts

receive/access to track and/or trace the one or more systems and/or practice that implement one or more financial services.

[0032] A purchase card may work on and/or with existing merchant accounts, automated clearinghouse, debit, automated teller machine, and/or credit card transaction systems. Arrangements and

configurations may be used to transact purchases automatically and/or automated. Purchases may be initiated and/or transacted by or on behalf of one or more consumers and/or entities. Similarly sales may be conducted using a system as in a sales card rather than a purchase card. As such families may apportion budgetary monies towards accounts that are accessible by one or more persons. Business entities may provide a purchase and/or sales card in order to acquire and/or purchase of materials, goods, services, contracts, transactions, and/or exchanges. Consumers and/or entities may joint accounts with access to shared resources. An entity may cause one or more purchase and/or sales actions to occur and/or operate.

[0033] The arrangement of accounts, purchases, and/or sales may be done automatically, with triggers, timing, ranges, thresholds, notification, authorization, or any consumer or supplier control. The customer may also, or alternatively, use a programmable purchase card or purchase device that transmits with a reference number a code or selection of an account to use. A purchase card or device may comprise a chip, display, buttons, indicia, touch-screen and/or touch-sensitive areas that make selections at the time of purchase, at other desired times at the point of sale device, and/or by the customer. Similarly, the point of sale device may also be equipped with such features in order to process customer accounts and/or to process coupons and/or incentives of the retailer or seller. These selections at the point of sale device may be supplied at the time of sale in order to adjust prices. The use of a preferred embodiment of the system allows one or more consumers and/or entities to arrange and configure a customizable system/s and/or infrastructure/s to conduct purchases and/or sales according to private means that are undetectable in public networks. Portions of a system may or may not contain private, personal, financial, and/or identity information on a public network, internet, intranet, extranet, and/or cloud.

[0034] A preferred embodiment serves financial decisions according to customer information and third- party data. Processing of a transaction may proceed first with the method of authenticating identity as described above. Processing a transaction may proceed without a response for authenticating identity or with a multi-valent response as described above. A third-party defines a procedure for making financial decisions that comprise one or more rules, programs, regulations, computations, formulas, criterions, and/or evaluations needed to respond to a request for and/or inquiry into a financial service such as auction, barter, credit, derivative, exchange, future, hedge, loan, purchase, refinance, increment, stock, bond, trade, grant, distribution, approval, conditional, request, substitution, transfer, liability, debt, collection, and/or sale of a monetary value. A system may be implemented in order to extend, expand, retract, cancel, and/or recall one or more financial services. Any entity that uses financial services may implement the process of rendering financial decisions. A purchase, sales, service, and/or transaction system may be implemented as a substitute to, competitive with, to supplement, advantageously position, to price, and/or perform auxiliary functions with one or more existing financial systems, exchanges, marketplaces, and/or networks. One or more procedures from one or more entities may be implemented to render one or more financial decisions for one or more customers and/or entities.

[0035] The entities may be actuarial, banking, government, revenue, insurance, medical,

manufacturers, exchanges, marketplaces, consumer goods, and/or service companies or organizations that use or reference a Social Security Number and/or Employer Identification Number. The third-party requests the reference number of a customer and additional identifying features such as address and telephone number as defined above. The identifying information of the customer may be used to authenticate identity of a customer, entity, and/or a third-party. This request may be through a paper form, digital format, graphical interface, website, automated programming interface, audial format, keypad, telephonic format, and/or electronic input. Similarly the entity may define a procedure through one or more request formats for inputting a procedure. The procedure may translated into one or more program, script, interface, language, code, symbol, and encrypted formats. The procedure may be sent with requests or may be requested from another entity, customer, processor, and/or data memory. Procedures may be run in one or more automated form, batch, clearinghouse, register, and/or shell.

[0036] A processor retrieves a third-party procedure and a processor retrieves customer information. A processor processes the customer information according to the third-party procedure. The third-party procedure is implemented to apply custom defined logic to the data of the customer. The processor responds to the request for verification for financial attributes to the third-party. Specific financial data and/or identifying data may, or may not, be provided in the response from a processor to a third-party. The customer may or may not be notified of the request. The customer may or may not be prompted to grant permission to access identity and/or financial data. The customer may or may not have set financial data in a data memory record similar to the identifying information as discussed above. The customer may or may not be prompted about a conditional response that may or may not require permission about a decision of a third-party procedure. The customer may or may not receive information about further actions to obtain a financial product from one or more third-parties. The customer may or may not receive advertisements from third-parties. Customer data and response may or may not be forwarded to one or more third-parties such as a financial services entity or marketplace. A customer, third-party, or entity processing the authentication and/or request may receive incentive, compensation, reward, credit, or commission for processing and/or completing a request.

[0037] The third-party procedure may be defined by the third-party, on behalf of a third-party, or for a third party. A procedure may be defined by one or more procedures from one or more individuals, entities, organizations, and/or groups. A procedure defines a set of logical conditions comprising one or more rules, definitions, programs, regulations, computations, formulas, criterions, and/or evaluations needed to respond to a request for and/or inquiry into a financial service such as auction, barter, credit, derivative, exchange, future, hedge, loan, purchase, refinance, increment, stock, bond, trade, grant, distribution, approval, conditional, request, substitution, transfer, and/or sale of a monetary value. The procedure may be used to mask a financial service. The procedure may be used to conceal information about a customer and/or third-party from transmission relating to a financial service. A processor completes a procedure that may or may not result in a response. A processor completes a procedure that may or may not result a read, write, or update of data memory. The procedure may require additional steps or sequences, request information, exchange data, or obtain procedures in order to complete a request. The processor or procedure may respond with a multi-valent response. A multi-valent response may accompany an authentication of identity. A multi-valent response may further include one or more indication, condition, request for more information, time- sensitive response, offer, purchase, sale, instruction, recommendation, denial, transcript, title, lien, deed, bill, record, receipt, or statement.

[0038] A procedure defines a set of logical conditions that establish a way to evaluate a procedure or request. As genera, the procedure refers to identification and/or financial data, wherein a procedure requests at least one of these types of data in order to respond to a request. One of the purposes of the procedure is to define a procedure for the criterion to authenticate identity. For example, identity in a form may need to be authenticated according to a time, location, probability, and/or likelihood. Identity may also need to be authenticated using financial data such as tax records, credit card transactions, purchases, sales, and other kinds of transactions that indicate the time and location of a person. A procedure that authenticates identity furthermore responds with one or more responses that may or may not be in a multi-valent format. Procedures may be defined in a manner that is generic for

computational and/or human methods of authenticating information depending on the level of sensitivity of the person and/or information. An automated system that operates the services may define procedures that third-parties may use. One or more procedures could define governmental regulations for conducting actuary, business, commerce, pricing, exchanges, transactions, transfers, purchases, sales, tax revenue, tariffs, risk, and/or loans. Or third-parties may define procedures that the service uses to provide customized authentication and/or responses. Procedures may be programmed with one or more flowcharts, process diagrams, scripts, programs, executibles, tags, codes, languages, assembly, in-chip, and/or on-chip implements. The procedure may be defined as a software program or in hardware circuits. A procedure may be performed by a processor in one or more local, distributed, remote, cloud, or server computers.

[0039] For financial services, the procedure encodes the logic used to determine financial decisions. A procedure automates the process of making financial decisions or decisions that use financial data. A customer application for a loan in one example of the procedure for authentication and response. A loan form routinely includes personal information including name and contact information. The form, however, may include an identifying number or reference for the customer that a procedure uses to authenticate the identity of the customer. Another procedure could operate to obtain the financial information of the customer. A procedure could respond with a query to the customer to supply current income, debt, and address. The procedure could automatically obtain this data from information provided by the customer. Another procedure could obtain the credit score and report on behalf of the customer and store the data in a memory device. Another procedure operates to process the financial information according to the evaluation process of the loan application. Procedures may automate any financial transaction wherein data may or may not be transmitted between a third party and services system. Procedures may be used to record information and/or to respond with business decisions.

Explanation of Figures

[0040] The following explanation of figures exemplifies embodiments of further preferred and illustrative devices, interfaces, methods, and systems for secure authentication of identifying data and financial attributes services. The following embodiments are meant for illustrative purposes and not to limit the span or breadth of the envisioned inventions. [0041] Figure 1. Data Input and Memory Devices. A data input device allows a consumer to input identity information into one or more memory storage devices. Consumer inputs information, 100, through an input device such as a keyboard or keypad. A portion of the data, 110, is stored on a networked cloud, 120, and another portion on a memory device, 140. The memory device may be inaccessible to another electronic device after storing the data. A consumer may update and/or modify information through an interface to the memory device or to a memory record in a remote location for processor procedures.

[0042] Figure 2. Memory Devices and Data Retrieval. Data is accessed from a memory device, 200, with a memory process having connectivity to processors and a cloud, 240. Data from a set of memory devices, 220, is retrieved by a memory processor, 200. The memory devices operate with an accompanying sensor, 210, or supply device that responds to a request from the memory device to supply identifying data. The perforated lines represent accessible or inaccessible connectivity through an electronic signal. The memory processor sends an interrogative signal to the sensor to obtain data from the memory device. The memory processor provides data to one or more processors, 230, to authenticate the data or retrieve identifying data and/or financial attributes. The personal data is available only to the processors and for a certain amount of time. Personal data may not be stored on a processor or accessible to the cloud. The processor responds through a cloud interface to a request.

[0043] Figure 3. Identifying Data and Secure Authentication. A flowchart for secure authentication of identifying data. A request for authentication accompanies personal identifying information, 300. A request processor optionally uses the identifying information to notify a customer of a request for authentication. The dotted lines represent optional sequence or process flow. Notification may be sent through a sms text, email alert, telephonic interface, and/or automated preselected response. The request processor forwards the identifying information to a data processor. The customer responds to the notification of the request for authentication. The data processor obtains identifying number, 310, from the memory device if the customer approves the request. The data processor otherwise forwards the customer response to the authentication processor. The authentication processor authenticates the personal data from the memory device and the identifying data that accompanies the request for authentication, 300, if the customer approves the request. The authentication response, 320, provides the results of the authentication processor according to the identifying information provided in the request and the customer response to authentication notification.

[0044] Figure 4. Financial Services Request, Third-Party. A flowchart for secure authentication of identifying data and response to financial attribute service request. A request for authentication accompanies personal identifying information, 400, and a selection for a procedure to process financial attribute data, 410. A request for financial service may be initiated with a form interface (Fig. 7A). A request processor optionally uses the identifying information to notify a customer of a request for authentication. The dotted lines represent optional sequence or process flow. Notification may be sent through a sms text, email alert, telephonic interface, and/or automated preselected response. The request processor forwards the identifying information to a data processor. The customer responds to the notification of the request for authentication. The data processor obtains identifying data and financial attributes, 420, from the memory device if the customer approves the request. The memory processor obtains the Social Security Number and using the identifying information obtains an identification number from the memory device. The memory processor obtains a financial attribute such as income level. The data processor otherwise forwards the customer response to the

authentication processor. The authentication processor authenticates the personal data from the memory device and the identifying data, 400, and financial attributes, 420, if the customer approves the request. The authentication processor forwards the results of the authentication to the procedure processor.

[0045] The authentication response, 420, forwards the results and the procedure selection, 410, to the procedure processor. The procedure processor obtains the selected procedure logic, 430. The procedure processor processes the financial attributes, 420, according to the logic of the procedure, 430. Auxiliary processes may be used to obtain additional data or service, either remote or local, through a network or software. Additional data may be a supplemental information required to process the financial service. Additional service may be a request for Credit Report from a Credit Bureau. The procedure processor responds with an authentication response, 440, and a multi-valent response, 450. The multi-valent response comprises an approval and a loan amount. The procedure processor provides the results of the authentication processor according to the identifying information provided in the request, the customer response to authentication notification, the identifying data, and the financial attributes. [0046] Figure 5. Financial Services Request, Consumer. A flowchart for a financial service request from a consumer at a Point of Sale. A flowchart for requesting a financial service at a POS. A request for authentication accompanies personal identifying information, 500, and a selection for an account from a purchase card to process purchase request, 510 (Fig. 6). The consumer presets the accounts for selection through an input device and data input interface with connectivity to a cloud data record (Figs. 1, 2). A digital shopping cart, or store register, provides the currency amount to be purchased, 560, such as the amount in USD. A request processor optionally uses the identifying information to notify a customer of a request for authentication. The dotted lines represent optional sequence or process flow. Notification may be sent through a sms text, email alert, telephonic interface, and/or automated preselected response. The request processor forwards the identifying information to a data processor. The customer responds to the notification of the request for authentication. The data processor obtains identifying data and account number, 520, from the memory device if the customer approves the request. The data processor otherwise forwards the customer response to the

authentication processor. The memory processor using the account selection obtains a credit card account number from a cloud memory and using the identifying information obtains an identification number from the memory device (Fig. 2). The authentication processor authenticates the consumer data from the memory device and the identifying data, 500, and identification number and account number, 520, if the customer approves the request. The authentication processor forwards the results of the authentication to the procedure processor.

[0047] The authentication processor, 520, forwards the results and the account selection, 510, to the procedure processor. The procedure processor obtains the selected procedure logic, 530. The procedure processor processes a financial transaction with the account number, 520, according to the logic of the procedure, 530, and purchase amount, 560 through a credit card network with connectivity through the auxiliary transactions. The procedure processor responds with an authentication response, 540, and a multi-valent response, 550. The multi-valent response comprises a transaction number and timestamp. The procedure processor provides the results of the authentication processor as a multi-valent response according to the identifying information, the identification number, the customer response to authentication notification, the account selection, and the purchase amount. [0048] Figure 6. Point of Sale Purchase Card. A consumer purchase card, 600, having selectable features, 620. The purchase card may be used at a point of sale device and processes the purchase through a procedure. The purchase card initiates the financial services request and sends identifying information to a request processor (Fig. 5). The consumer may select a financial account from the purchase card, 620. The account selection sets the microchip to provide the account selection and is programmed through the electronic connectivity, 630, from the selectable features, 620, to the microchip, 610. The purchase card is inserted into a Point of Sale system that reads the microchip, 610. The request for financial service of a purchase is transmitted to a request processor. The account is sent with the request along with the identifying information. A purchase transaction using a credit card account is processed through the procedure processor. The request receives a multi-valent response of authentication and completion of purchase transaction.

[0049] Figure 7. Financial Services Sample Form Interface. Financial services application form with and without a SSN. A form for financial services includes identifying information of a consumer. A form requests information with an identifying number that authenticates without a Social Security Number, 700. The Social Security Number is stored in a memory device and retrievable through a memory processor (Figs. 1, 2, 4.). A request for authentication and financial service such as a loan is processed without the consumer providing the Social Security Number on a form interface. A prior art form interface requires the consumer to provide the Social Security Number in order to process a request for financial service.

Definitions

[0050] Identifying Number. A number that refers to, points to, references, calls, symbolizes, signifies, and/or gives an address a person, individual, group, and/or entity. Examples of identifying numbers include Social Security Number, Employer Identity Number, driver's license, a customer number, a medical ID number, a serial number, a bar-code, and/or an anonymity identifier.

[0051] Address. An address refers to one or more mailing address, telephonic telephone number, IP address, domain name, account, number, user login, email address, and/or any way of refer to a location or presence of a person, individual, group, and/or entity. An address may be static, dynamic, referential, sequential, or combinations thereof.

[0052] An anonymity identifier. An identifier that may be used when assigning a number when referring to a person, individual, group, and/or entity for the purposes of statistical, medical, informational, governmental, or organizational purposes.

[0053] A number may be an alphanumeric, cardinal, ordinal, decimal, quantum state, and/or fractional number, and combinations thereof.

[0054] A third-party may retain anonymity, remain anonymous, or be publicly known. An anonymous third-party could be, i.e., a bank advertising credit card offers to customers. A known third-party could be an insurance company processing an application form of a customer in order to obtain health insurance.

[0055] A financial service. An auction, barter, credit, derivative, exchange, future, hedge, loan, purchase, refinance, increment, stock, bond, trade, grant, distribution, approval, conditional, request, substitution, transfer, and/or sale or a monetary value. Any manner, procedure, means, instrument, or process involving any action of, for, by and/or on behalf of a monetary value. Monetary value may be a currency, credit, metal, note, and/or any form of referring to some-thing of value.

[0056] A multi-valent response. Data that signifies one or more modes of information, such as a decision and a confirmation number. Modes of information include gradients, scales, litmus, advisory, alert, caution, signs, symbols, signals, colors, wavelengths, frequencies, and any manner of encoding information. One or more types or forms of data may accompany, associate, follow, precede, refer to, sequence, and/or transmit with one or more modes of communication within any duration or span of time.

[0057] POS. Point of Sale Device.