Patent attributes
Sensitive user information management system and method. In accordance with some embodiments of the subject innovations, a RESTful “custodial” web service is provided to online service applications of an online service for storing and retrieving sensitive user information. More particularly, the custodial web service offers an operational interface to the online service applications accessible over a data network. The operational interface comprises two operations: STORE and RETRIEVE. The STORE operation allows an online service application to store sensitive user information with the custodial web service. The RETRIEVE operation allows the online service application to later retrieve the sensitive user information from the custodial web service. The custodial web service also ensures that received sensitive user information is cryptographically encrypted when in the custody of the web service.
