Patent Grant
8756676
The present invention relates to a system and method for securely providing a reply via the Internet in response to an online submission made by an unregistered user. More particularly, but not by way of limitation, the present invention is a system and method for securely providing a reply containing private information to a prospect who has submitted an online submission and/or inquiry via a website without having the prospect first pre-register or establish an account.
There is a need by organizations, such as businesses, to provide secure responses not only to an established customer, but also to an unregistered user or prospect. The prospect includes, for example, a unauthenticated visitor at a website who does not have an account with the organization associated with the website. The term “account” is not intended to be limiting and can apply to any type of record or documentation on the user, including, for example, in the context of a banking website, a credit card account, checking account, etc.
Although the capability to securely accept communications via the Internet may exist, there is not an effective and efficient way to reply to an unregistered prospect via the Internet in a secure form so that the prospect may remain anonymous. Therefore, private and/or confidential information is not included in replies to unregistered prospects via the Internet. Secure replies are limited to those registered users who have been authenticated and have an established account. Further, there is not an efficient and cost-effective way to incorporate existing infrastructure to provide the secure replies to the unregistered users.
Accordingly, there is a need for a system and method for securely providing a reply via the Internet in response to an online submission made by an unregistered user or prospect.
An embodiment of the present invention is a system and method whereby an unregistered user or prospect may go to an organization's website with a submission or inquiry, and receive a secure response from the organization without establishing an account with the organization. There is no requirement for the prospect to “log on.” The submission may be, for example, a loan application made to a financial services institution. The loan application by the unregistered prospect may contain private information about the prospect which he/she sends via a secure website. The response from a customer service representative at the financial services institution is also provided in a secure manner via the Internet, although the prospect did not pre-register and remains anonymous. The response may include the prospect's private information that was in the original submission, such as, an account number, a balance, or other additional private information. Although reference is made to the Internet, other communication systems are also within the scope of the invention.
An embodiment of the present invention provides that the prospect enter a prospect-created password as part of the original submission. In a further embodiment, the password is required to satisfy certain security requirements in terms of length and character combinations so that it cannot be easily guessed by another person. A secure relationship is created on a per-submission basis. For each submission he/she sends via the website, the prospect can use a different password (a different identification). The prospect is able to retrieve a return message in a secure manner because he/she is the only one who knows what was entered as the password. The prospect remains anonymous in the transaction to protect his/her privacy. Other embodiments include providing a user name along with a password, wherein the user name is the email address of the prospect. A different email address may also be provided by the prospect as the user name. Other embodiments involve passwords and/or other types of identifiers that have been provided to the prospect.
An embodiment of the present invention comprises the following steps: A user at a personal computer, kiosk, etc. enters a website, for example a website of a mortgage lender, and completes a “contact us” form wherein the user identifies himself/herself and provides specific information. The user provides a shared password for that particular communication. In this embodiment, the information is sent to an Internet Email Workflow Application (IEWA). A customer service representative, after verifying the user and the required data, prepares a reply to the user. A copy of the reply is placed in the web server. The reply may be made available for only a specified period of time, for example, 30 days. A notification email is sent (e.g., Simple Mail Transfer Protocol) to the user to securely retrieve the reply without any additional information. The notification, for example, takes the form of providing the user with a hyperlink of a Uniform Resource Locator in the notification email and an authentication screen is displayed whereby the user is asked for his/her identification and a password. Once authenticated, the secure reply is presented to the user.
Although examples of certain types of online forms have been identified, these examples are not meant to be limiting. There are countless varieties of online forms that may be used, such as, online forms pertaining to credit cards, loans, change of addresses, registration, identification, resumes, surveys, technical problems, etc.
As discussed, an embodiment of the present invention provides for a secure dialogue on a per submission/inquiry basis. The same prospect may complete a second online form and provide a different email address as an identifier and a different password. There is no need for the prospect to register or establish a universal account. A level of anonymity is therefore maintained and privacy is enhanced. Further, the person accessing the website need not be a first-time prospect but may be an existing customer, and the submission need not be an online form but can be any type of submission pertaining to a variety of matters.
A further embodiment of the invention is a method for providing a secure response to a first party, comprising the steps of: receiving a submission from the first party over a communications network, wherein the submission is directed to a second party and includes an identifier associated with the submission, and wherein the first party has not established a relationship with the second party. The steps further include receiving a response to the submission from the second party, storing the response for later retrieval by the first party or the second party, and sending a notification to the first party wherein the notification provides information for securely accessing the response. The steps also include receiving a second submission from the first party wherein the second submission comprises information for correlation to the identifier provided in the first submission, authenticating the first party, and permitting the first party to securely access the response from the second party.
In the drawings:
Reference will now be made in detail to embodiments of the invention, one or more examples of which are illustrated in the accompanying drawing. Each example is provided by way of explanation of the invention, not as a limitation of the invention. It will be apparent to those skilled in the art that various modifications and variations can be made in the present invention without departing from the scope or spirit of the invention. For instance, features illustrated or described as part of one embodiment can be used on another embodiment to yield a still further embodiment. Thus, it is intended that the present invention cover such modifications and variations that come within the scope of the invention.
In an embodiment of the present invention, communication is submitted by a user visiting a web site. The communication may be, for example, forms-based, meaning a form with a preset design, such as an online application form or customer service communication form. The embodiment further comprises a secure e-mail messaging system, such as, an Internet Email Workflow Application (IEWA) that supports two way messaging and allows a business to receive and process customer communications sent via the web site. Communication from the Internet user is secured using, for example, SSL with 128-bit encryption.
Once a response has been prepared to the user's submission, communication to the user is made via an unsecured e-mail notification that provides the user with an HTTPS link to an authentication page. The user then enters his/her user identification, for example, the user's email address and password which was associated with the original submission. Once the email address and password are authenticated, the secure response message is displayed on the user's web browser in SSL.
Referring now to
IEWA saves the secure response in the secure response database residing on the same Domino server 5 as the workflow database. Also, the secure response message is saved in the history section of the original message. A notification message 7, configurable by workflow administrators, is sent to the user's email address with instructions on how to access the secure response via a web browser in SSL connection. If the above notification message 7 is bounced, IEWA locates the original message in the workflow database and marks the message status as bounced.
When the user attempts to retrieve 8, 8a the secure response in a SSL session using the link provided in the notification message, he or she is prompted to enter the email address and password that was provided in his or her initial request message. The page will make HTTPS connections 9 to the IEWA Domino Server for the secure response content. If the email address and password combination is correct, the response message will be displayed on the user's web browser in SSL. Otherwise, the user will be asked to reenter the email address and the password. If the user fails to provide the correct combination for, for example, six consecutive times, the secure response will be disabled/locked from the secure response database. Time and status of the user's attempts to retrieve the secure response is recorded in the history section of the original message. Regardless of user success or failure to retrieve the response message, the secure response is disabled/locked in the secure response database after, for example, seven days. IEWA removes the disabled/locked secure response from the secure response database after a specified number of days.
Embodiments of the present invention have now been described in fulfillment of the above objects. It will be appreciated that these examples are merely illustrative of the invention. Many variations and modifications will be apparent to those skilled in the art. Although examples have been provided in the context of private information related to financial matters, the invention is not limited as such and is also applicable to private information related to, for example, health and other personal matters.
This application is a continuation of and claims priority to U.S. patent application Ser. No. 10/777,129, now U.S. Pat. No. 7,827,603, entitled “System and Method for Secure Message Reply,” filed on Feb. 13, 2004, which is hereby incorporated by reference in its entirety.
| Number | Name | Date | Kind |
|---|---|---|---|
| 5754938 | Herz et al. | May 1998 | A |
| 5754939 | Herz et al. | May 1998 | A |
| 5812670 | Micali | Sep 1998 | A |
| 5878403 | DeFrancesco et al. | Mar 1999 | A |
| 5890140 | Clark et al. | Mar 1999 | A |
| 5991414 | Garay et al. | Nov 1999 | A |
| 5995947 | Fraser et al. | Nov 1999 | A |
| 6023510 | Epstein | Feb 2000 | A |
| 6035402 | Vaeth et al. | Mar 2000 | A |
| 6108644 | Goldschlag et al. | Aug 2000 | A |
| 6158044 | Tibbetts | Dec 2000 | A |
| 6161185 | Guthrie et al. | Dec 2000 | A |
| 6192472 | Garay et al. | Feb 2001 | B1 |
| 6208973 | Boyer et al. | Mar 2001 | B1 |
| 6209100 | Robertson et al. | Mar 2001 | B1 |
| 6233565 | Lewis et al. | May 2001 | B1 |
| 6308277 | Vaeth et al. | Oct 2001 | B1 |
| 6363365 | Kou | Mar 2002 | B1 |
| 6385594 | Lebda et al. | May 2002 | B1 |
| 6385614 | Vellandi | May 2002 | B1 |
| 6438583 | McDowell et al. | Aug 2002 | B1 |
| 6442687 | Savage | Aug 2002 | B1 |
| 6446206 | Feldbaum | Sep 2002 | B1 |
| 6584564 | Olkin et al. | Jun 2003 | B2 |
| 6587841 | DeFrancesco et al. | Jul 2003 | B1 |
| 6608888 | Bedingfield et al. | Aug 2003 | B2 |
| 6611816 | Lebda et al. | Aug 2003 | B2 |
| 6622131 | Brown et al. | Sep 2003 | B1 |
| 6654724 | Rubin et al. | Nov 2003 | B1 |
| 6704716 | Force | Mar 2004 | B1 |
| 6807530 | Shub et al. | Oct 2004 | B1 |
| 6839843 | Bacha et al. | Jan 2005 | B1 |
| 6851049 | Price, III | Feb 2005 | B1 |
| 6892222 | McDowell et al. | May 2005 | B2 |
| 6904412 | Broadbent et al. | Jun 2005 | B1 |
| 6920463 | Kishimoto | Jul 2005 | B2 |
| 6938022 | Singhal | Aug 2005 | B1 |
| 6941285 | Sarcanin | Sep 2005 | B2 |
| 6952769 | Dubey et al. | Oct 2005 | B1 |
| 6981222 | Rush et al. | Dec 2005 | B2 |
| 6985886 | Broadbent et al. | Jan 2006 | B1 |
| 6989732 | Fisher | Jan 2006 | B2 |
| 7003661 | Beattie et al. | Feb 2006 | B2 |
| 7003799 | Jorgenson | Feb 2006 | B2 |
| 7010512 | Gillin et al. | Mar 2006 | B1 |
| 7010572 | Benjamin et al. | Mar 2006 | B1 |
| 7047532 | Connelly | May 2006 | B1 |
| 7069234 | Cornelius et al. | Jun 2006 | B1 |
| 7107246 | Wang | Sep 2006 | B2 |
| 7120929 | Beattie et al. | Oct 2006 | B2 |
| 7143058 | Sugimoto et al. | Nov 2006 | B2 |
| 7152045 | Hoffman | Dec 2006 | B2 |
| 7181427 | DeFrancesco et al. | Feb 2007 | B1 |
| 7200578 | Paltenghe et al. | Apr 2007 | B2 |
| 7222156 | Gupta et al. | May 2007 | B2 |
| 7236957 | Crosson Smith | Jun 2007 | B2 |
| 7242946 | Kokkonen et al. | Jul 2007 | B2 |
| 7272716 | Haller et al. | Sep 2007 | B2 |
| 7277549 | Olkin et al. | Oct 2007 | B2 |
| 7305436 | Willis | Dec 2007 | B2 |
| 7325127 | Olkin et al. | Jan 2008 | B2 |
| 7334184 | Simons | Feb 2008 | B1 |
| 7356481 | Mitsuoka et al. | Apr 2008 | B2 |
| 7418256 | Kall et al. | Aug 2008 | B2 |
| 7418437 | Marks | Aug 2008 | B1 |
| 7421476 | Weaver | Sep 2008 | B2 |
| 7428495 | Dhar et al. | Sep 2008 | B2 |
| 7458079 | Connelly | Nov 2008 | B2 |
| 7472071 | Marks et al. | Dec 2008 | B2 |
| 7555459 | Dhar et al. | Jun 2009 | B2 |
| 7610339 | Evans et al. | Oct 2009 | B2 |
| 7640204 | Florance et al. | Dec 2009 | B2 |
| 7653679 | Kantor et al. | Jan 2010 | B2 |
| 7720910 | Goodman et al. | May 2010 | B2 |
| 7827603 | Lan et al. | Nov 2010 | B1 |
| 7930252 | Bender et al. | Apr 2011 | B2 |
| 7941488 | Goodman et al. | May 2011 | B2 |
| 8001014 | Sonderegger et al. | Aug 2011 | B2 |
| 20010029472 | Hataguchi | Oct 2001 | A1 |
| 20010029496 | Otto et al. | Oct 2001 | A1 |
| 20010034709 | Stoifo et al. | Oct 2001 | A1 |
| 20010034723 | Subramaniam | Oct 2001 | A1 |
| 20010044785 | Stoifo et al. | Nov 2001 | A1 |
| 20020004900 | Patel | Jan 2002 | A1 |
| 20020019764 | Mascarenhas | Feb 2002 | A1 |
| 20020032602 | Lanzillo et al. | Mar 2002 | A1 |
| 20020040312 | Dhar et al. | Apr 2002 | A1 |
| 20020040339 | Dhar et al. | Apr 2002 | A1 |
| 20020049642 | Moderegger et al. | Apr 2002 | A1 |
| 20020053021 | Rice et al. | May 2002 | A1 |
| 20020054170 | Rush et al. | May 2002 | A1 |
| 20020059137 | Freeman et al. | May 2002 | A1 |
| 20020059532 | Ata et al. | May 2002 | A1 |
| 20020062342 | Sidles | May 2002 | A1 |
| 20020069139 | Bernstein et al. | Jun 2002 | A1 |
| 20020072975 | Steele et al. | Jun 2002 | A1 |
| 20020087483 | Harif | Jul 2002 | A1 |
| 20020099775 | Gupta et al. | Jul 2002 | A1 |
| 20020099824 | Bender et al. | Jul 2002 | A1 |
| 20020103562 | Kishimoto | Aug 2002 | A1 |
| 20020107804 | Kravitz | Aug 2002 | A1 |
| 20020111835 | Hele et al. | Aug 2002 | A1 |
| 20020116231 | Hele et al. | Aug 2002 | A1 |
| 20020165815 | Vincent | Nov 2002 | A1 |
| 20020165948 | Vincent | Nov 2002 | A1 |
| 20020190123 | Anvekar et al. | Dec 2002 | A1 |
| 20020194501 | Wenocur et al. | Dec 2002 | A1 |
| 20030014631 | Sprague | Jan 2003 | A1 |
| 20030037232 | Bailiff | Feb 2003 | A1 |
| 20030069803 | Pollitt | Apr 2003 | A1 |
| 20030083986 | Kobayashi | May 2003 | A1 |
| 20030115272 | Muttitt et al. | Jun 2003 | A1 |
| 20030120608 | Pereyra | Jun 2003 | A1 |
| 20030158960 | Engberg | Aug 2003 | A1 |
| 20030163413 | Wiczkowski | Aug 2003 | A1 |
| 20030163416 | Kitajima | Aug 2003 | A1 |
| 20030172120 | Tomkow et al. | Sep 2003 | A1 |
| 20030179870 | deSa et al. | Sep 2003 | A1 |
| 20030190046 | Kamerman et al. | Oct 2003 | A1 |
| 20030208532 | Kuriya | Nov 2003 | A1 |
| 20030220867 | Goodwin et al. | Nov 2003 | A1 |
| 20040078475 | Camenisch et al. | Apr 2004 | A1 |
| 20040148326 | Nadgir et al. | Jul 2004 | A1 |
| 20040148356 | Bishop et al. | Jul 2004 | A1 |
| 20040148526 | Sands et al. | Jul 2004 | A1 |
| 20040162056 | Engelhart | Aug 2004 | A1 |
| 20040176995 | Fusz | Sep 2004 | A1 |
| 20040190707 | Ljubicich | Sep 2004 | A1 |
| 20040230566 | Balijepalli et al. | Nov 2004 | A1 |
| 20050010507 | Straub | Jan 2005 | A1 |
| 20050015506 | Padborg | Jan 2005 | A1 |
| 20050027543 | Labrou et al. | Feb 2005 | A1 |
| 20050027617 | Zucker et al. | Feb 2005 | A1 |
| 20050027618 | Zucker et al. | Feb 2005 | A1 |
| 20050033659 | Zucker et al. | Feb 2005 | A1 |
| 20050076089 | Fonseca | Apr 2005 | A1 |
| 20050114218 | Zucker et al. | May 2005 | A1 |
| 20050177495 | Crosson Smith | Aug 2005 | A1 |
| 20050177504 | Crosson Smith | Aug 2005 | A1 |
| 20050187856 | Rabenold et al. | Aug 2005 | A1 |
| 20050192896 | Hutchison et al. | Sep 2005 | A1 |
| 20050240490 | Mackey | Oct 2005 | A1 |
| 20060031301 | Herz et al. | Feb 2006 | A1 |
| 20060112165 | Tomkow et al. | May 2006 | A9 |
| 20060183463 | Falk et al. | Aug 2006 | A1 |
| 20060265455 | Yakushev et al. | Nov 2006 | A1 |
| 20070061230 | Kim-E | Mar 2007 | A1 |
| Number | Date | Country | |
|---|---|---|---|
| Parent | 10777129 | Feb 2004 | US |
| Child | 12896457 | US |
