Abstract

This invention provides security controls against exposing Confidential Information that is required to purchase goods and services from Internet Entity 56 offered on a home page site. The Confidential Information is input to a data base 52 which is part of a tracking and authentication module 50. Including in the tracking and authentication module 50 is a certification server 54, and authentication server 53 and the data base 52. A series of look-up tables, 200, 300 and 400 are provided in the data base 52 and the data entries in the tables, including the Confidential Information, is tied to a first data set which typically includes a user's ID/password and a second data set comprising a framed IP address issued for use only during each log-in - log-out session. It can be any form of alpha-numerical designation. The Confidential Information contained in table 400, if misappropriated, could be used to make purchases chargeable to the user. The purchases can be made without the Confidential Information leaving the data base 52 (table 400). The second data set is used to query the module 50 for validation of the user's creditworthiness and transaction completed by the data base sending a message to the issuer of the credit card to charge the user's account or alternatively noticing the Internet Entity to directly bill user. An additional security measure is provided by the system assigning a third data set consisting of the destination address of each and every Internet Entity that the user contacts during a log-in - log-out session which is tracked by being entered into any one of the tables 200, 300 or 400. It provides another level of validation against the first and second data sets.