System and method for authenticated, private and auditable actions in email and other communication applications
By using a workflow engine in the communication platform to encrypt communication content and visually encode it into authentication images, the problems of low security and poor user experience in traditional methods are solved, and a secure and reliable data verification and approval process is achieved.
Patent Information
- Authority / Receiving Office
- CN · China
- Patent Type
- Applications(China)
- Filing Date
- 2024-09-02
- Publication Date
- 2026-07-10
AI Technical Summary
In existing communication platforms, data verification and approval methods rely on traditional authentication and encryption technologies, which suffer from low security, susceptibility to tampering, poor user experience, and an inability to provide a comprehensive solution.
The system uses a workflow engine to encrypt communication content and visually encode it into an authentication image. The authentication identifier reader then decrypts and verifies the user's identity, thus enabling a data verification and approval authorization system.
It improves the security and user experience of the communication platform, ensures that only intended users can access and decrypt communication content, prevents unauthorized tampering and manipulation, and provides a comprehensive data verification and approval solution.
Smart Images

Figure CN122374747A_ABST
Abstract
Description
Cross-references to related applications
[0001] This application claims priority to U.S. Nonprovisional Application No. 18 / 515,294, filed November 21, 2023, pursuant to section 119(e) of title 35 of the United States Code, the entire contents of which are incorporated herein by reference. Technical Field
[0002] This invention relates to secure communication and authorization systems, and more particularly to systems and methods for transaction verification and approval in communication and communications platforms. Background Technology
[0003] Existing methods for data verification and approval in communication platforms typically rely on traditional authentication methods, such as manually entering usernames and passwords on third-party sites. These methods often require users to manually enter their credentials, which can be time-consuming and prone to human error. Furthermore, these methods may not provide a secure and effective way to verify the authenticity of communication content. Some existing systems attempt to address these issues by implementing encryption techniques. These systems encrypt communication content to ensure its confidentiality during transmission. However, these encryption methods do not provide a comprehensive solution for data verification and approval in communication platforms. In summary, previous methods for data verification and approval in communication platforms have all used traditional authentication methods, encryption techniques, and authentication images. However, none of these methods provide a comprehensive solution that incorporates the features described in this disclosure.
[0004] In various common scenarios such as payments, and in internet applications like e-commerce shopping carts, individuals and entities often need to notify, verify, authorize, or take action regarding specific information and transactions. This is typically accomplished through interactions on websites, mobile applications, or dedicated devices such as point-of-sale terminals. It can also occur via communication channels such as email, SMS, or other messaging applications.
[0005] However, the methods for taking such actions via email, SMS, or messaging apps are currently limited. It typically involves replying to or forwarding a message, or clicking a hyperlink that redirects the user to another web or mobile application that requires login to complete the action.
[0006] Replying to emails (or similar actions in text messages or messaging apps) carries certain risks and limitations. For example, if a user's email account is compromised, a hacker could take action on emails without the user's knowledge. Furthermore, the integrity of email content (including any attachments) cannot be guaranteed. This means that either a legitimate user or a hacker could manipulate the data, potentially leading to a distortion of the sender's intent. In such cases, it may be difficult for the sender or recipient to detect that the email content has been altered. Additionally, the data sent can easily be accessed and misused without authorization, either immediately or in the future, making it unwise to include sensitive information (e.g., card verification value (CVV) for credit card payments) in the initial reply.
[0007] Clicking hyperlinks in emails to perform actions in another application also has its drawbacks. Email hyperlinks are vulnerable to phishing attacks and / or the downloading of malware onto users' devices without their consent (i.e., malicious links), causing users to hesitate before clicking links that will redirect them out of their email application. Furthermore, if an email account is compromised, a hacker can click on a hyperlink and perform actions (e.g., clicking a password reset link and resetting the password). Additionally, after clicking a link, users often need to re-authenticate themselves on an external application or website before proceeding with the intended action. This process can be insecure, cumbersome, and provides a suboptimal user experience.
[0008] In the current market, most email applications, especially those designed for enterprise use, include read receipts. When a user opens an email, the sender receives a notification indicating that the recipient has "read" the email. It's important to note that this read receipt feature is passive, meaning it only indicates that the email has been accessed and does not necessarily confirm that the intended recipient has actually viewed it. In fact, in some cases, anyone with access to the email account (not necessarily the specific intended recipient) could trigger this notification. Furthermore, users may sometimes mark an email as "read" by interacting with user interface (UI) elements such as badges, which in turn triggers a read receipt without actually opening the email. Therefore, relying solely on read receipt notifications to proactively confirm that an email has actually been opened, let alone read, may not always be accurate.
[0009] Currently, merchants communicate offers for purchasing goods and services to potential and existing customers via SMS or email. These offers typically include: 1) coupons and / or discounts on specific goods or services; and 2) advertisements highlighting special offers on certain goods or services. To redeem these offers, users typically follow one of two methods: a) clicking a hyperlink that redirects them from a messaging or email application to the merchant's website or application; or b) receiving a code in an email or SMS that they may use when visiting a retailer's or service provider's website or physical location (whether digital or physical). However, these methods also have their drawbacks. In the first example of uncontrolled sharing, the method is easily abused because anyone with the hyperlink and code can access them, making it difficult for merchants to restrict offers to specific recipients or limit the number of recipients. In static examples, if these offers remain fixed (e.g., offer duration, pricing, or discount level), changing the offer requires sending a new email. In examples with limited data privacy, many methods offer no data privacy for merchants because the information in the email is transmitted in plaintext and can be forwarded to any email address, potentially allowing competitors to see and react to the offered. In examples of limited personalization, due to the limitations outlined in the examples above, merchants are forced to create broad marketing offers that lack personalization for individual recipients. In examples of insecure redemption processes, many methods lack reliable means to verify whether potential customers have redeemed offers directly from their emails, unless they contain hyperlinks clicked by the user or direct email replies from the user (both methods are unreliable and easily abused by authorized users with access to such emails, even if the email is a forwarded message).
[0010] Regarding information verification, most email applications lack a mechanism for recipients to confirm the accuracy of information received in emails. While users may reply to the email indicating their belief in the accuracy of the information, this method is unreliable and easily abused by authorized users in the event of a compromised email account (e.g., unauthorized approval, data breach), making it easy to alter the information contained in the email. The same challenge remains when information is appended to the email instead of being included in the email body. Alternatively, users may be directed to (usually via hyperlinks, but not limited to) another application or website where they must re-enter an authentication process to access, view, and verify the received information. For example, banks send monthly emails to customers notifying them that their bank statements are available for review to ensure accuracy. Users exit the email application and navigate to the bank's website to verify their financial transactions and statements. Another scenario involves verifying a user's bank account details for a payment. In this case, users typically need to call their bank (or answer their phone) or visit another application or website, usually belonging to the bank, to verify their bank account and routing number.
[0011] Regarding the granting of approval information, there is currently no established method for recipients of emails, text messages, or other forms of messaging to directly approve within these platforms. While users may reply to emails with text indicating their desire for approval, this method is considered unreliable, susceptible to abuse by unauthorized individuals, vulnerable to phishing attacks, and highly discordant, and is generally considered unsuitable for most approval processes. Alternatively, users typically receive (but are not limited to) hyperlinks from their email applications that redirect to external applications or websites where they can initiate, resume, or complete the approval process.
[0012] Regarding authorized payments and purchases, individuals receiving emails, text messages, or other forms of communication currently lack a direct means of authorizing in-platform payments or purchases. While users might reply with a message in an email indicating their intention to proceed with the purchase, this method is considered unreliable, vulnerable to unauthorized use, and unsuitable for transactions involving monetary value. As an alternative, users are directed (usually via hyperlinks, but not limited to) to another application or website where they can complete the purchase of goods or services through a payment transaction. Typically, the website the user is redirected to is the same one that initiated the purchase process. While this method improves the user experience by providing, for example, payment links, it still lacks a comprehensive authorization and access control system.
[0013] None of the above-mentioned techniques solve all the problems addressed by the present invention. Summary of the Invention
[0014] An authorization system for data verification and approval in a communication platform is disclosed. The system includes a workflow engine comprising one or more processors and at least one storage element for storing instructions. The workflow engine retains a client identifier associated with the communication content. A client device communicating with the workflow engine includes a processor, storage element, display, and a communication platform with a user interface. The communication platform receives communication content generated by a computer system and encrypted by the workflow engine. The encrypted communication content is visually encoded as an authentication image and displayed within the communication platform. An electronic device also communicating with the workflow engine includes a display, processor, storage element, and authentication identifier reader. The reader decrypts the client identifier from the authentication image, and the decrypted client identifier is verified by the workflow engine to authenticate the intended user. The authenticated communication content is displayed on the client device, and authorization to access the communication content is transmitted to the workflow engine, which also includes improvements to overcome the limitations of the prior art. The authorization system now conforms to a novel, practical, and non-obvious invention.
[0015] In some aspects, the technology described herein relates to an authorization system for data verification and approval in a communication platform, comprising: a workflow engine including: one or more processors and at least one storage element configured to store instructions for controlling the one or more processors, the at least one storage element holding one or more client identifiers associated with communication content; a client device communicating with the workflow engine via a network. The client device includes: one or more processors; at least one storage element configured to store instructions for controlling the one or more processors; a display; and a communication platform having a user interface, the communication platform of the client device configured to receive communication content via a computer system having a client identifier among one or more client identifiers for identifying the intended user creating the communication content, the communication content being configured to be generated by the computer system and encrypted by the workflow engine. In response to encryption, the encrypted communication content is visually encoded as an authentication image, the authentication image being displayed within the communication platform of the client device.
[0016] The electronic device communicates with a workflow engine via a network. The electronic device includes: a display with a graphical user interface; one or more processors; at least one storage element storing a client identifier of the computer system; and an authentication identifier reader. The authentication identifier reader is configured to decrypt the client identifier from an authentication image when the reader recognizes the image, wherein, in response to decryption, the decrypted client identifier is configured to be verified by the workflow engine to authenticate the intended user. The authenticated decrypted communication content is configured to be displayed to the authenticated intended user on the display of the client device, and authorization for access to the communication content of the communication platform is configured to be transmitted from the electronic device to the workflow engine.
[0017] In some respects, the technology described herein relates to an authorization system for data verification and approval in a communication platform, wherein an authentication image is configured to indicate to the sender of the communication content when at least a portion of the communication content has been accessed by an authenticated intended user.
[0018] In some respects, the technology described herein relates to an authorization system for data verification and approval in a communication platform, wherein communication content is configured to be modified in real time by the sender of the communication content, and wherein the modified communication content is configured to be displayed on the communication platform of the client device when an authenticated intended user decrypts an authentication image.
[0019] In some respects, the technology described herein relates to an authorization system for data verification and approval in a communication platform, wherein an encrypted client identifier has encrypted content.
[0020] In some respects, the technology described herein relates to an authorization system for data verification and approval in a communication platform, wherein the authentication image is a visual representation of the communication content.
[0021] In some respects, the technology described herein relates to an authorization system for data verification and approval in a communication platform, wherein an electronic device has a camera configured to capture an authentication image of the display of a client device.
[0022] In some respects, the technology described herein relates to an authorization system for data verification and approval in a communication platform, wherein an authentication image displayed on a client device is uploaded to an electronic device.
[0023] In some respects, the technology described herein relates to an authorization system for data verification and approval in a communication platform, wherein the client identifier is at least one of a username, email address, or user name.
[0024] In some respects, the technology described herein relates to an authorization system for data verification and approval in a communication platform, wherein the electronic device has an input sensor disposed on the display of the electronic device, the input sensor being configured to sense external input to submit authorization for access to communication content to a workflow engine.
[0025] In some respects, the technology described herein relates to an authorization system for data verification and approval in a communication platform, wherein authorization for access to the communication content is transmitted to the workflow engine when the client identifier of an electronic device matches a client identifier associated with communication content of a workflow engine.
[0026] In some respects, the technology described herein relates to an authorization system for data verification and approval in a communication platform, wherein authenticated decrypted communication content is configured to be modified by an authenticated intended user.
[0027] In some respects, the technology described herein relates to an authorization system for data verification and approval in a communication platform, wherein authenticated decrypted communication content is configured to be authorized sequentially by one or more authenticated intended users.
[0028] In some respects, the technology described herein relates to an authorization system for data verification and approval in a communication platform, wherein authenticated decrypted communication content is configured to be authorized in parallel by one or more authenticated intended users.
[0029] In some respects, the technology described herein relates to an authorization system for data verification and approval in a communication platform, and also includes a financial transaction system that communicates with a workflow engine and authenticated decrypted communication content, wherein the authenticated decrypted communication content is a payment request.
[0030] In some respects, the technology described herein relates to an authorization system for data verification and approval in a communication platform, wherein authenticated decrypted communication content is configured to be modified by an authenticated intended user.
[0031] In some aspects, the technology described herein relates to an authorization system for data verification and approval in a communication platform, comprising: a workflow engine including one or more processors and at least one storage element configured to store instructions for controlling the one or more processors and retain one or more client identifiers associated with communication content; and an electronic device communicating with the workflow engine via a network, the electronic device including: one or more processors; at least one storage element configured to store instructions for controlling the one or more processors; a display; and a communication platform having a user interface, the communication platform of the client device being configured to receive communication content via a computer system having features for identifying the creation of communication. The content includes one or more client identifiers of the intended user, the communication content is configured to be generated by a computer system and encrypted by a workflow engine, and wherein, in response to encryption, the encrypted communication content is visually encoded into an authentication image, the authentication image being displayed within the communication system of the electronic device; and an authentication identifier reader, when the authentication identifier reader recognizes the authentication image, the authentication identifier reader is configured to decrypt the client identifier from the authentication image, and wherein, in response to decryption, the decrypted client identifier is configured to be verified by the workflow engine to authenticate the intended user, and wherein the authenticated decrypted communication content is configured to be displayed on the display of the electronic device to the authenticated intended user, and authorization for access to the communication content of the communication platform is configured to be transmitted from the electronic device to the workflow engine.
[0032] In some aspects, the technology described herein relates to a method for data verification and approval in a communication platform, comprising: generating communication content having a client identifier used to identify an intended user by a computer system; encrypting the communication content by a workflow engine; visually encoding the encrypted communication content into an authentication image in response to encryption; displaying the authentication image within the communication platform using a display of an electronic device; decrypting the client identifier from the authentication image using the authentication identifier reader when the authentication identifier reader recognizes it; verifying the decrypted client identifier by the workflow engine in response to decryption to authenticate the intended user; displaying the authenticated decrypted communication content to the authenticated intended user on the display of the electronic device; and transmitting authorization for accessing the communication content of the communication platform from the electronic device to the workflow engine.
[0033] In some respects, the techniques described herein relate to a method for data verification and approval in a communication platform, which also includes the modification of authenticated decrypted communication content by an authenticated intended user.
[0034] In some respects, the technology described herein relates to a method for data verification and approval in a communication platform, further comprising real-time modification of the communication content by the sender of the communication content, and wherein the modified communication content is displayed on the communication platform of the electronic device when an authenticated intended user decrypts an authentication image.
[0035] In some respects, the techniques described herein relate to a method for data verification and approval in a communication platform, further comprising transmitting authorization for access to the communication content to the workflow engine when the client identifier of the electronic device matches a client identifier associated with the communication content of the workflow engine. Attached Figure Description
[0036] By referring to the accompanying drawings, those skilled in the art can better understand the contents of this disclosure and make its many features and advantages apparent. The same reference numerals are used in different drawings to denote similar or identical items.
[0037] Figure 1 This is a block diagram illustrating an authorized system according to some embodiments of the present disclosure.
[0038] Figure 2 This is a block diagram illustrating an authorized system according to some embodiments of the present disclosure.
[0039] Figure 3 This is a flowchart illustrating a method according to some embodiments of the present disclosure.
[0040] Figure 4 This further illustrates some embodiments according to the present disclosure. Figure 3 The flowchart of the method. Detailed Implementation
[0041] Exemplary embodiments of the invention will now be described with reference to the accompanying drawings. These embodiments are provided by way of explanation and are not intended to limit the invention. In fact, those skilled in the art will understand after reading this specification and reviewing the accompanying drawings that various modifications and variations can be made thereto.
[0042] Figures 1-4 Example methods and systems for secure communication and authorization processes, as well as transaction verification and approval, are illustrated. The technical infrastructure or platform is designed to facilitate secure and protected information exchange between different entities and / or systems. It also includes elements that ensure only authorized users and / or entities can access certain functions or data within the system. In such systems, secure communication involves using encryption protocols and / or other security measures to protect data during transmission. On the other hand, the authorization component involves mechanisms for verifying the identity of users or systems and granting them specific permissions or privileges based on their credentials.
[0043] In one example, the system can be configured to allow users to perform actions securely and efficiently directly within communication and messaging platforms, such as email applications, SMS and / or messaging apps, including but not limited to notifying receipt, verification, approval and / or authorization of information and / or transactions. Cyphlens images (i.e., visual encoding of encrypted content) provide a solution within email applications, allowing users to perform actions such as notifying receipt, making statements, verifying, approving or authorizing information and transactions. This approach mitigates the risks and usability issues discussed earlier. Using Cyphlens, users can take actions directly from their email applications without being redirected to other platforms, thus enhancing the overall security of the process.
[0044] At its core, Cyphlens images sent via email applications are resistant to modification or tampering by unauthorized individuals. It provides protection against email account intrusion, ensuring that only the intended recipient can decrypt and take action against them. Any unauthorized individual accessing a user's email account will be unable to decrypt Cyphlens images and take any further action. Furthermore, Cyphlens maintains the integrity of encrypted content, preventing any unauthorized manipulation or alteration. The following examples illustrate how Cyphlens allows users to perform various actions directly within their email applications, SMS, or other communication applications.
[0045] Figure 1 This is a block diagram illustrating an authorization system 102 according to some embodiments of the present disclosure. In some embodiments, the authorization system 102 may include a workflow engine 104. The authorization system 102 may also include a client device 110, which can communicate with the workflow engine 104 via a network. The authorization system 102 may also include an electronic device 122, which can communicate with the workflow engine 104 via a network.
[0046] In some embodiments, workflow engine 104 may include one or more processors 106. Workflow engine 104 may also include at least one storage element 108 configured to store instructions for controlling one or more processors 106. At least one storage element 108 retains one or more client identifiers associated with communication content. Client device 110 may include one or more processors 112, a display 116, and a communication platform 118. Client device 110 may also include at least one storage element 114 configured to store instructions for controlling one or more processors 112.
[0047] In some embodiments, the communication platform 118 may further include a user interface 120, and the communication platform 118 of the client device 110 may be configured to receive communication content, including but not limited to emails and / or messages, through the computer system 136. The electronic device 122 may include a display 124 and one or more processors 128. The electronic device 122 may also include at least one storage element 130 that stores the client identifier 138 of the computer system 136. The electronic device 122 may also include an authentication identifier reader 132, which may be configured to decrypt the client identifier 138 from an authentication image when the authentication identifier reader 136 recognizes an authentication image.
[0048] In some embodiments, the display 124 may include a graphical user interface 126. The authentication identifier reader 132 may also include an authorization 134 for accessing communication content on the communication platform 118, which may be configured to be transmitted by the electronic device 122 to the workflow engine 104. In response to decryption, the decrypted client identifier may be configured to be verified by the workflow engine 104 to authenticate the intended user.
[0049] In some embodiments, authenticated decrypted communication content may be configured to be displayed on display 124 of client device 110 to an authenticated intended user. Computer system 136 may also include a client identifier 138 among one or more client identifiers used to identify an intended user capable of creating the communication content, the communication content being configured to be generated by computer system 136 and encrypted by workflow engine 104. In response to encryption, the encrypted communication content may be visually encoded as an authentication image, which may be displayed within communication platform 118 of client device 110.
[0050] In some embodiments, the authentication image may be configured to indicate to the sender of the communication content when at least a portion of the communication content has been accessed by an authenticated intended user. In some embodiments, the communication content may be configured to be modified in real time by the sender of the communication content. The modified communication content may be configured to be displayed on the communication platform 118 of the client device 110 when an authenticated intended user can decrypt the authentication image.
[0051] In some embodiments, the encrypted client identifier may include encrypted content. In some embodiments, the authentication image may be a visual representation of the communication content. In some embodiments, the electronic device 122 may also include a camera configured to capture the authentication image of the display 124 of the client device 110. In some embodiments, the authentication image of the display 124 of the client device 110 may be uploaded to the electronic device 122.
[0052] In some embodiments, the client identifier 138 may be at least one of a username, email address, or user name. In some embodiments, the electronic device 122 may also include an input sensor disposed on a display 124 of the electronic device 122, the input sensor being configured to sense external input to submit authorization 134 for access to communication content via the workflow engine 104.
[0053] In some embodiments, when the client identifier 138 of the electronic device 122 matches a client identifier 38 associated with communication content of the workflow engine 104, an authorization 134 for accessing the communication content can be transmitted to the workflow engine 104. In some embodiments, the authenticated decrypted communication content can be configured to be modified by an authenticated intended user.
[0054] In some embodiments, authenticated decrypted communication content can be configured to be authorized sequentially by one or more authenticated intended users. In some embodiments, authenticated decrypted communication content can be configured to be authorized in parallel by one or more authenticated intended users. In some embodiments, the authorization system 102 is used for data verification and approval within the communication platform. The authenticated decrypted communication content may be a payment request. In some embodiments, authenticated decrypted communication content can be configured to be modified by an authenticated intended user.
[0055] Figure 2 This is a block diagram illustrating an authorization system 202 according to some embodiments of the present disclosure. In some embodiments, the authorization system 202 may include a workflow engine 204. The authorization system 202 may also include an electronic device 210, which can communicate with the workflow engine 204 via a network. The workflow engine 204 may include one or more processors 206. The workflow engine 204 may also include at least one storage element 208 configured to store instructions for controlling one or more processors 206, and the at least one storage element 208 retains one or more client identifiers associated with communication content.
[0056] In some embodiments, electronic device 210 may include one or more processors 212, a display 216, and a communication platform 218. Electronic device 210 may also include at least one storage element 214 configured to store instructions for controlling one or more processors 212. Electronic device 210 may also include an authorization 222 for accessing communication content of communication platform 218, the authorization 222 being configured to be transmitted by electronic device 210 to workflow engine 204.
[0057] In some embodiments, the communication platform 218 may further include a user interface 220, and the communication platform 218 of the client device may be configured to receive communication content via computer system 224. In response to decryption, the decrypted client identifier may be configured to be verified by workflow engine 204 to authenticate the intended user. The authenticated decrypted communication content may be configured to be displayed to the authenticated intended user on display 216 of electronic device 210.
[0058] In some embodiments, computer system 224 may further include client identifier 226, one of one or more client identifiers used to identify an intended user capable of creating communication content, the communication content being configured to be generated by computer system 224 and encrypted by workflow engine 204. Client identifier 226 may also include authentication identifier reader 228, which may be configured to decrypt client identifier 226 from an authentication image when authentication identifier reader 226 recognizes an authentication image. In response to encryption, encrypted communication content may be visually encoded as an authentication image, which may be displayed within communication platform 218 of electronic device 210.
[0059] Figure 3 This is a flowchart describing a method according to some embodiments of the present disclosure. In some embodiments, at 310, the method may include generating communication content having a client identifier by a computer system to identify an intended user. At 320, the method may include encrypting the communication content by a workflow engine. At 330, the method may include displaying an authentication image within a communication platform using a display of an electronic device. At 340, the method may include decrypting the client identifier from the authentication image using an authentication identifier reader when the authentication identifier reader recognizes the authentication image.
[0060] In some embodiments, at 350, the method may include, in response to decryption, having a workflow engine verify a decrypted client identifier to authenticate an intended user. At 360, the method may include displaying authenticated decrypted communication content to the authenticated intended user on a display of an electronic device. At 370, the method may include transmitting authorization for accessing communication content of the communication platform from the electronic device to the workflow engine. In some embodiments, a method for data verification and approval in a communication platform, in response to encryption, may visually encode encrypted communication content as an authentication image. In some embodiments, a method for data verification and approval in a communication platform, wherein the authenticated intended user modifies the authenticated decrypted communication content.
[0061] Figure 4 Further description of some embodiments according to this disclosure Figure 3The flowchart illustrates the method. In some embodiments, a method for data verification and approval in a communication platform, at 410, the change may include displaying the changed communication content on the communication platform of the electronic device when an authenticated intended user decrypts the authentication image. At 420, the sender of the communication content can change the communication content in real time.
[0062] Additional Notes
[0063] In one embodiment, using Cyphlens, a dedicated receipt image can be generated and included in an email. Upon receiving it, the authorized recipient can proactively confirm opening the email and decrypt it using their Cyphlens application to view the content contained in the image. This Cyphlens image can be embedded directly in the email body or attached as a file. The sender will then receive a notification or access record indicating that the Cyphlens image has been accessed and confirming that the authorized recipient has acknowledged receipt. Furthermore, as an alternative to or supplement to the entire email, the Cyphlens image can be used to indicate that a specific, distinct component of the email has been viewed (e.g., product cost or medical diagnosis).
[0064] In embodiments using Cyphlens, merchants or businesses can generate customized Cyphlens images to present personalized, dynamic offers to potential customers. This offer can only be securely claimed (i.e., acted upon) by a designated recipient without leaving the email client. Cyphlens images can be embedded directly into the email content or included as attachments. Furthermore, merchants will receive notifications or accessible logs confirming that the Cyphlens image has been accessed and that the potential customer has viewed and claimed (or not claimed) the offer in a seamless process. Offers created using Cyphlens can only be accessed and claimed by the intended recipient, making them resistant to competitive data collection. Other individuals with access to such emails will not be able to decrypt them or discern the specific details of the offer or any applicable discounts.
[0065] Furthermore, offers made using Cyphlens can be adjustable, allowing merchants to adjust details (such as amount, expiry date) in real time without requiring a new email. Users will decrypt the same Cyphlens image, now displaying updated offer details. For example, if an offer is offered on the same day, a retailer could send a specific user a Cyphlens image including a special price of $19.99. However, if the user attempts to view and claim the offer the following day, the displayed price will be adjusted to $24.99. Finally, if the user tries to access the offer on the third day, it has expired, and the user will not see any price or offer details. Examples of this application include notifications of meeting invitations, confirmation of email receipt by a specified date, and providing evidence of other specific, unique information that the sender requests the recipient to explicitly acknowledge receipt of.
[0066] By using Cyphlens, the data planned for verification can be encrypted within a Cyphlens image. Users can then securely inspect and verify this information through the Cyphlens application without ever logging out of their email platform. For example, a bank could send a Cyphlens image to its customers containing their month-end balance. Only the designated recipient has access to this information and can subsequently confirm their acceptance of the balance provided by the bank (i.e., verify its accuracy).
[0067] Using Cyphlens, the approval process is achieved by decrypting Cyphlens images within the Cyphlens application. Specifically, the designated recipient decrypts a Cyphlens image containing encrypted information within an email and confirms approval with a swipe gesture, all within the Cyphlens application. No redirection or external platform login is required. For example, an employee might seek manager approval to offer a specific pricing to a potential client. Using the Cyphlens platform, the employee generates a Cyphlens image with an encrypted approval request and emails it to their manager. Upon receiving the email, the manager decrypts the Cyphlens image and provides approval directly within the Cyphlens application. This approval process can be done independently (only the manager can decrypt and approve the request in the Cyphlens image) or as part of a larger approval group, either sequentially or in parallel (multiple managers can decrypt and approve the application in the Cyphlens image).
[0068] For example, using Cyphlens, a website that initiates a purchase (but does not complete it) can generate a Cyphlens image containing details of the user's shopping cart. This encrypted Cyphlens image can be transmitted to the user via email (or other communication platform) and can only be decrypted by a designated recipient. Upon receiving this email, the user can use their Cyphlens application to decrypt the Cyphlens image, make any necessary updates to the items in the decrypted shopping cart (e.g., adjust quantities, delete items), and then complete the purchase by authorizing a payment transaction. All these steps occur within the Cyphlens application and the user's email, without requiring redirection to any external website or platform.
[0069] In some cases, completing a purchase payment or authorization may require multiple approvals (for example, corporate purchases may require approval from employees and the Chief Financial Officer (CFO)). In such cases, all intended users can decrypt the Cyphlens image, and their authorizations can be made sequentially or simultaneously. Furthermore, in certain situations, suppliers may require payment via Cyphlens through email (or other communication platforms) to enhance the security of the payment process. For example, a customer visits an online retailer's website, adds items to their shopping cart, but then abandons the purchase. The retailer can then send the user a Cyphlens image containing encrypted information (including the cart items and the total amount due) and request authorization to complete the purchase. The user can then access their shopping cart and complete the payment directly from their email using their Cyphlens application. Another scenario might involve purchasing airline tickets, where the final payment might be made later or in real-time (for added security) via the customer's email and Cyphlens, following a similar process to the one described above.
[0070] When describing elements of this disclosure or embodiments thereof, the articles “a,” “an,” and “the” are intended to indicate the presence of one or more of that element. Similarly, the adjective “another” used to describe an element is intended to indicate one or more of that element. The terms “comprising” and “having” are intended to be inclusive, allowing for the possibility of the presence of other elements besides those listed.
[0071] Although the invention has been described with a degree of specificity, it should be understood that this disclosure is by way of illustration only, and many changes may be made to the details of the construction and arrangement of the components without departing from the spirit and scope of the invention.
Claims
1. An authorization system for data verification and approval in a communication platform, comprising: Workflow engines, including: One or more processors; and At least one storage element, the at least one storage element being configured to store instructions for controlling the one or more processors, the at least one storage element retaining one or more client identifiers associated with communication content; A client device, which communicates with the workflow engine via a network, includes: One or more processors; At least one storage element, the at least one storage element being configured to store instructions for controlling the one or more processors; Displays; and A communication platform with a user interface, wherein the communication platform of the client device is configured to receive the communication content via a computer system having a client identifier among one or more client identifiers for identifying the intended user who created the communication content, the communication content being configured to be generated by the computer system and encrypted by the workflow engine, and wherein... In response to encryption, the encrypted communication content is visually encoded into an authentication image, which is displayed within the communication platform of the client device; and An electronic device, which communicates with the workflow engine via the network, includes: A display with a graphical user interface; One or more processors; At least one storage element, the at least one storage element storing the client identifier of the computer system; and An authentication identifier reader is configured to decrypt the client identifier from the authentication image when the authentication identifier reader recognizes the authentication image, wherein... In response to decryption, the decrypted client identifier is configured to be verified by the workflow engine to authenticate the intended user, and wherein... The authenticated decrypted communication content is configured to be displayed on the display of the client device to the authenticated intended user, and Authorization for accessing communication content on the communication platform is configured to be transmitted from the electronic device to the workflow engine.
2. The authorization system for data verification and approval in a communication platform according to claim 1, wherein, The authentication image is configured to indicate to the sender of the communication content when at least a portion of the communication content has been accessed by the authenticated intended user.
3. The authorization system for data verification and approval in a communication platform according to claim 1, wherein, The communication content is configured to be changed in real time by the sender of the communication content.
4. The authorization system for data verification and approval in a communication platform according to claim 3, wherein, The modified communication content is configured to be displayed on the communication platform of the client device when the authenticated intended user decrypts the authentication image.
5. The authorization system for data verification and approval in a communication platform according to claim 1, wherein, The authentication image is a visual representation of the encrypted communication content.
6. The authorization system for data verification and approval in a communication platform according to claim 1, wherein, The electronic device has a camera configured to capture an authentication image of the client device's display.
7. The authorization system for data verification and approval in a communication platform according to claim 1, wherein, The authentication image displayed on the client device is uploaded to the electronic device.
8. The authorization system for data verification and approval in a communication platform according to claim 1, wherein, The client identifier is at least one of a username, email address, phone number, or user name.
9. The authorization system for data verification and approval in a communication platform according to claim 1, wherein, The electronic device has an input sensor disposed on the display of the electronic device, the input sensor being configured to sense external input in order to submit authorization to the workflow engine for access to the communication content.
10. The authorization system for data verification and approval in a communication platform according to claim 1, wherein, When the client identifier of the electronic device matches the client identifier associated with the communication content of the workflow engine, authorization to access the communication content is transmitted to the workflow engine.
11. The authorization system for data verification and approval in a communication platform according to claim 1, wherein, The authenticated decrypted communication content is configured to be modified by the authenticated intended user.
12. The authorization system for data verification and approval in a communication platform according to claim 1, wherein, The authenticated decrypted communication content is configured to be authorized sequentially by one or more authenticated intended users.
13. The authorization system for data verification and approval in a communication platform according to claim 1, wherein, The authenticated decrypted communication content is configured to be authorized in parallel by one or more authenticated intended users.
14. The authorization system for data verification and approval in a communication platform according to claim 1 further includes a financial transaction system that communicates with the workflow engine and the authenticated decrypted communication content, wherein the authenticated decrypted communication content is a payment request.
15. The authorization system for data verification and approval in a communication platform according to claim 14, wherein, The authenticated decrypted communication content is configured to be modified by the authenticated intended user.
16. An authorization system for data verification and approval in a communication platform, comprising: Workflow engines, including: One or more processors; and At least one storage element configured to store instructions for controlling the one or more processors, the at least one storage element retaining one or more client identifiers associated with communication content; and An electronic device that communicates with the workflow engine via a network, the electronic device comprising: One or more processors; At least one storage element, the at least one storage element being configured to store instructions for controlling the one or more processors; Displays; and A communication platform with a user interface, wherein the communication platform of the client device is configured to receive the communication content via a computer system having a client identifier among one or more client identifiers for identifying the intended user who created the communication content, the communication content being configured to be generated by the computer system and encrypted by the workflow engine, and wherein... In response to encryption, the encrypted communication content is visually encoded into an authentication image, which is displayed within the communication platform of the electronic device; and An authentication identifier reader, configured to decrypt the client identifier from the authentication image when the authentication identifier reader recognizes the authentication image, and wherein... In response to decryption, the decrypted client identifier is configured to be verified by the workflow engine to authenticate the intended user, and wherein... The authenticated decrypted communication content is configured to be displayed on the display of the electronic device to an authenticated intended user, and Authorization for accessing communication content on the communication platform is configured to be transmitted from the electronic device to the workflow engine.
17. A method for data verification and approval in a communication platform, comprising: The computer system generates communication content with a client identifier used to identify the intended user; The communication content is encrypted by the workflow engine; In response to encryption, encrypted communication content is visually encoded as an authentication image; The authentication image is displayed on the communication platform using the display of an electronic device; When the authentication identifier reader recognizes the authentication image, it uses the authentication identifier reader to decrypt the client identifier from the authentication image. In response to decryption, the workflow engine verifies the decrypted client identifier to authenticate the intended user. The authenticated decrypted communication content is displayed on the display of the electronic device to an authenticated intended user; as well as The electronic device transmits authorization for accessing the communication content of the communication platform to the workflow engine.
18. The method for data verification and approval in a communication platform according to claim 17, further comprising having the authenticated decrypted communication content modified by the authenticated intended user.
19. The method for data verification and approval in a communication platform according to claim 17, further comprising real-time modification of the communication content by the sender of the communication content, and wherein... When the authenticated intended user decrypts the authentication image, the modified communication content is displayed on the communication platform of the electronic device.
20. The method for data verification and approval in a communication platform according to claim 17, further comprising transmitting authorization for access to the communication content to the workflow engine when the client identifier of the electronic device matches a client identifier associated with the communication content of the workflow engine.