Allstate Insurance Company – InsuranceNewsNet

MARCH 14, 2022 (NewsRx) — By a News Reporter – Staff News Editor at Daily Insurance News — From washington d.c.NewsRx reporters report that a patent application filed by inventors De Guia, Nicolette (Chicago, IL, WE); Hansen, Mark D. (Greensboro, North Carolina, WE); Harris, David (Wheaton, IL, WE); Parkinson, John (Burlington, VermontUnited States), filed on November 4, 2021was posted on February 24, 2022.

The assignee of the patent is Allstate Insurance Company (Northbrook, Ill., United States).

News editors got the following quote from the background information provided by the inventors: “Protecting confidential information in today’s online environment is challenging due to increased connectivity and increased number of accounts of users accessed through web-enabled computing devices. Creating mutual trust between a user and a provider through the use of a website or mobile application requires the user to trust the operating policies and data use and sharing practices of the site or application and that the site trusts the identity of the user. This is difficult in the digital dimension, where the two entities may never meet and must depend on an exchange of information, third-party verification services and multi-factor authentication mechanisms.

“Current user authentication methods and systems may expose a user’s credentials or use arbitrary credential semantics that are not preferred by vendors. These existing processes and systems for exchanging information between users and vendors introduce friction into the process of using a vendor’s website or mobile app for purchases through third-party verification services.

“Therefore, there is a desire for a system that implements a more convenient mechanism for identifying trusted sites combined with a mechanism for reliably confirming a user’s identity that establishes and reinforces mutual trust while reducing friction.”

In addition to the general information about this patent application, NewsRx correspondents have also obtained the inventors’ summary information for this patent application: understanding certain aspects of the invention. This summary is not a detailed overview of the invention. It is not intended to identify key or critical elements of the invention or to delineate the scope of the invention. The following summary merely presents a few concepts of the invention in a simplified form as a prelude to the more detailed description provided below.

“Aspects of the disclosure address one or more of the above issues by disclosing methods, computer-readable storage media, software, systems, and devices for conducting a trusted online transaction between a user and a provider. A user can be confident that a site using the secure sign-in button is a trusted site that has been verified and audited to ensure that its policies and practices meet minimum standards for privacy, data sharing, and compliance. A provider can be sure that the system has verified the identity of the user.

“Furthermore, the system compares a user’s privacy preferences with a provider’s privacy policy and, in some embodiments, recommends alternative providers whose privacy policies more closely match the provider’s privacy preferences. ‘user. Recommended alternative providers may be displayed for display to the user along with indications of the different qualities of the providers’ privacy policies, and indications of how, or whether, those qualities conform or do not conform to the user’s preferences. user’s privacy. The disclosed cybersecurity system can help a user avoid interacting with vendors that have privacy policies that do not match the user’s preferences, and can help the user find other vendors whose privacy policies more closely match their privacy preferences.

Of course, the methods and systems of the aforementioned embodiments may also include other additional elements, steps, computer-executable instructions, or computer-readable data structures. In this regard, other embodiments are also described and claimed herein. The details of these and other embodiments of the present invention are set forth in the accompanying drawings and the description below. Other features and advantages of the invention will be apparent from the description, drawings and claims.

The claims provided by the inventors are:

“1. Apparatus, comprising: one or more processors configured to: receive a connection request, resulting from the activation of a connection button displayed on a requesting site, to carry out a transaction between a user and the requesting site; verify an identity of the user of the transaction, comprising confirming that at least a required number of authentication factors are predefined in a verified user profile; generating an encrypted token comprising verification information resulting from the verification of the identity of the user; determining whether the requesting site is a trusted site; and based on both the determination of the trusted site and the verification of the user’s identity, passing the generated token to the requesting site.

2. Apparatus according to claim 1, wherein the one or more processors are further configured to communicate with the requesting site to obtain requirements defining at least the required number of authentication factors.

“3. Apparatus according to claim 2, wherein verifying the identity comprises verifying the presence of user identification information, predefined in the verified user profile, of at least one type required by the requesting site based on the requirements obtained through the communication.

“4. Apparatus according to claim 3, wherein the one or more processors are further configured to request from the user at least one type of credential, required by the requesting site, in response to at least one type of credential identity not included in the verified user profile.

“5. The apparatus of claim 1, wherein the one or more processors are further configured to prompt the user for additional credentials, up to at least the required number of authentication factors, in response to the number credential requirement included in the verified user profile being less than the required authentication factors.

6. Apparatus according to claim 1, wherein the identification information comprises the biometrics of the user.

7. Apparatus according to claim 1, wherein the identification information comprises personal user information.

“8. Apparatus according to claim 1, wherein the identification information comprises an accumulated user reputation, accumulated by previous successful transactions.

“9. Method comprising: receiving a connection request, resulting from the activation of a connection button displayed on a requesting site, to carry out a transaction between a user and the requesting site; verifying an identity of the user of the transaction, comprising confirming that at least authentication factors of one or more required types are predefined in a verified user profile; and generating an encrypted token comprising verification information resulting from the verification of the user identity.

10. The method of claim 9, further comprising communicating with the requesting site to obtain requirements further defining a required number of authentication factors.

A method according to claim 10, wherein the required type or types are required by the requesting site and indicated in the requirements obtained via the communication.

“12. The method of claim 11, further comprising prompting the user for at least one type of credential, required by the requesting site, in response to the fact that at least one type of credential is identity is not included in the verified user profile.

The method of claim 10, further comprising prompting the user for additional credentials, up to at least the required number of authentication factors, in response to the required number of credentials. included in the verified user profile being less than the required authentication factors.

“14. A method according to claim 9, wherein the identification information comprises the biometrics of the user.

15. A method according to claim 9, wherein the identification information comprises personal user information.

16. A method according to claim 9, wherein the identification information includes accumulated user reputation accumulated from previous successful transactions.

“17. Method comprising: receiving a connection request, resulting from the activation of a connection button displayed on a requesting site, to carry out a transaction between a user and the requesting site; verifying an identity of the transaction user, including confirming that at least a required number of authentication factors of one or more required types are predefined in a verified user profile, the required number and required types being defined by the requesting site and generating an encrypted token comprising verification information resulting from the verification of the user’s identity.

18. A method according to claim 17, wherein at least one of the required number and required types is obtained via communication with the requesting site.

The method of claim 17, further comprising: prompting the user for at least one type of credential information, required by the requesting site, in response to at least one type of credential information, identification not included in the verified user profile; and prompting the user to provide additional credentials, up to at least the required number of authentication factors, in response to the required number of credentials included in the verified user profile being below the required authentication factors.

“20. The method of claim 17, wherein the identifying information includes at least one of the user’s biometrics, the user’s personal information, or the user’s accumulated reputation, accumulated through previous successful transactions.

For more information on this patent application, see: De Guia, Nicolette; Hansen, Mark D.; Harris, David; Parkinson, John. Secure connection. Class November 4, 2021 and posted February 24, 2022. Patent URL: https://appft.uspto.gov/netacgi/nph-Parser?Sect1=PTO1&Sect2=HITOFF&d=PG01&p=1&u=%2Fnetahtml%2FPTO%2Fsrchnum.html&r=1&f=G&l=50&s1=%2220220060466%22.PGNR.&OS= DN/20220060466&RS=DN/20220060466

(Our reports provide factual information on research and discoveries from around the world.)