Secured data access from a mobile device executing a native mobile application and a headless browser

US 10,009,773 B2
Filed: 03/30/2017
Issued: 06/26/2018
Est. Priority Date: 03/31/2016
Status: Active Grant

First Claim

Patent Images

1. A mobile device comprising:

a wireless transceiver;

a processor;

a display device; and

a memory storing instructions executable by the processor to perform operations comprising;

receiving, at a native application, access credential data;

providing the access credential data from the native application to a headless browser, the headless browser comprising a web browser not having a corresponding displayed graphical user interface;

initiating a secured connection via the wireless transceiver from the headless browser to a remote server that hosts a website;

sending, by the headless browser via the secured connection, the access credential data to the remote server;

receiving first web page data of the website from the remote server via the secured connection;

parsing the first web page data to identify user-specific data;

sending the user-specific data to the native application for display in a graphical user interface at the display device, wherein the graphical user interface of the native application includes information based on virtual application programming interface (API) fingerprint data associated with the website, and wherein the virtual API fingerprint data indicates a change to the website subsequent to a previous connection to the website and that indicates service pathways associated with a log in, an authentication, an operation at the remote server, or a combination thereof;

receiving a user command via a user input device;

sending, by the headless browser via the secured connection, transaction data to the remote server to modify secured data based on the user command; and

receiving, by the headless browser via the secured connection, a confirmation of the modification of the secured data.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Systems, methods, and computer-readable storage devices to enable secured data access from a mobile device executing a native mobile application and a headless browser are disclosed. In a particular aspect, a mobile device includes a wireless transceiver, a processor, a display device, and a memory storing instructions executable by the processor to perform operations. The operations enable read and write access to secured data by the mobile device.

22 Citations

View as Search Results

18 Claims

1. A mobile device comprising:
- a wireless transceiver;
  
  a processor;
  
  a display device; and
  
  a memory storing instructions executable by the processor to perform operations comprising;
  
  receiving, at a native application, access credential data;
  
  providing the access credential data from the native application to a headless browser, the headless browser comprising a web browser not having a corresponding displayed graphical user interface;
  
  initiating a secured connection via the wireless transceiver from the headless browser to a remote server that hosts a website;
  
  sending, by the headless browser via the secured connection, the access credential data to the remote server;
  
  receiving first web page data of the website from the remote server via the secured connection;
  
  parsing the first web page data to identify user-specific data;
  
  sending the user-specific data to the native application for display in a graphical user interface at the display device, wherein the graphical user interface of the native application includes information based on virtual application programming interface (API) fingerprint data associated with the website, and wherein the virtual API fingerprint data indicates a change to the website subsequent to a previous connection to the website and that indicates service pathways associated with a log in, an authentication, an operation at the remote server, or a combination thereof;
  
  receiving a user command via a user input device;
  
  sending, by the headless browser via the secured connection, transaction data to the remote server to modify secured data based on the user command; and
  
  receiving, by the headless browser via the secured connection, a confirmation of the modification of the secured data.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13)
- - 2. The mobile device of claim 1, wherein the secured connection comprises a secure sockets layer (SSL) connection.
  - 3. The mobile device of claim 1, wherein the website includes content formatted for presentation on a desktop computer or a laptop computer.
  - 4. The mobile device of claim 1, wherein the website includes content formatted for presentation on mobile devices.
  - 5. The mobile device of claim 1, wherein sending the access credential data to the remote server emulates a request to login to the website from a non-headless browser.
  - 6. The mobile device of claim 1, further comprising a location device, the display device, and a user input device, and wherein the wireless transceiver includes or is coupled to radio frequency (RF) circuitry, a controller, an antenna, or any combination thereof.
  - 7. The mobile device of claim 1, wherein the native application enables, via the headless browser, a read operation with respect to secured data, a write operation with respect to secured data, or both.
  - 8. The mobile device of claim 7, wherein the native application enables access to peer-to-peer fund transfer services, contact-less automated teller machine (ATM) authentication, or both.
  - 9. The mobile device of claim 1, wherein code corresponding to the native application includes code corresponding to the headless browser.
  - 10. The mobile device of claim 1, wherein the native application is configured to access the headless browser via at least one web browsing software library.
  - 11. The mobile device of claim 1, wherein the native application is configured to access an instance of the headless browser via one or more application programming interface (API) calls to an operating system of the mobile device.
  - 12. The mobile device of claim 1, wherein the graphical user interface of the native application includes branding for a specific institution.
  - 13. The mobile device of claim 1, wherein the remote server is configured, without relying on an application programming interface, to support access to secure data on the remote server.

14. A method of operation at a mobile device, the method comprising:
- during execution of a native application at the mobile device;
  
  receiving, at the native application, access credential data;
  
  providing the access credential data from the native application to a headless browser, the headless browser comprising a web browser not having a corresponding displayed graphical user interface;
  
  initiating a secured connection from the headless browser to a remote server that hosts a website;
  
  sending, by the headless browser via the secured connection, the access credential data to the remote server;
  
  receiving first web page data of the website from the remote server via the secured connection;
  
  parsing the first web page data to identify user-specific data;
  
  displaying the user-specific data in a graphical user interface of the native application, wherein the graphical user interface of the native application includes information based on virtual application programming interface (API) fingerprint data associated with the website, and wherein the virtual API fingerprint data indicates a change to the website subsequent to a previous connection to the website and that indicates service pathways associated with a log in, an authentication, an operation at the remote server, or a combination thereof;
  
  receiving a user command via a user input device;
  
  sending, by the headless browser via the secured connection, transaction data to the remote server to modify secured data based on the user command; and
  
  receiving, by the headless browser via the secured connection, a confirmation of the modification of the secured data.
- View Dependent Claims (15, 16)
- - 15. The method of claim 14, wherein identifying the user-specific data comprises accessing a mapping between the native application and the website.
  - 16. The method of claim 15, wherein the mapping is determined based on a scraping operation performed on the website, through javascript injection, or both.

17. A method of operation at a mobile device having connectivity to a remote server, the remote server configured, without relying on an application programming interface, to support access to secure data on the remote server, the method comprising:
- during execution of a native application at the mobile device;
  
  initiating a secured connection from a headless browser to the remote server that hosts a website, the headless browser comprising a web browser without a display of a graphical user interface;
  
  receiving, at the native application, access credential data;
  
  providing the access credential data from the native application to the headless browser;
  
  sending, by the headless browser via the secured connection, the access credential data to the remote server;
  
  receiving first web page data of the website from the remote server via the secured connection;
  
  parsing the first web page data to identify user-specific data;
  
  displaying the user-specific data in a graphical user interface of the native application, wherein the graphical user interface of the native application includes information based on virtual application programming interface (API) fingerprint data associated with the website, and wherein the virtual API fingerprint data indicates a change to the website subsequent to a previous connection to the website and that indicates service pathways associated with a log in, an authentication, an operation at the remote server, or a combination thereof;
  
  receiving a user command via a user input device;
  
  sending, by the headless browser via the secured connection, transaction data to the remote server to modify secured data based on the user command; and
  
  receiving, by the headless browser via the secured connection, a confirmation of the modification of the secured data.

18. A computer-readable storage device storing instructions that, when executed by a processor, cause the processor to perform operations comprising:
- receiving, at a native application, access credential data;
  
  providing the access credential data from the native application to a headless browser, the headless browser comprising a web browser not having a corresponding displayed graphical user interface;
  
  initiating a secured connection from the headless browser to a remote server that hosts a website;
  
  sending, by the headless browser via the secured connection, the access credential data to the remote server;
  
  receiving first web page data of the website from the remote server via the secured connection;
  
  parsing the first web page data to identify user-specific data;
  
  displaying the user-specific data in a graphical user interface of the native application, wherein the graphical user interface of the native application includes information based on virtual application programming interface (API) fingerprint data associated with the website, and wherein the virtual API fingerprint data indicates a change to the website subsequent to a previous connection to the website and that indicates service pathways associated with a log in, an authentication, an operation at the remote server, or a combination thereof;
  
  receiving a user command via a user input device;
  
  sending, by the headless browser via the secured connection, transaction data to the remote server to modify secured data based on the user command; and
  
  receiving, by the headless browser via the secured connection, a confirmation of the modification of the secured data.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
AppBrilliance, Inc.
Original Assignee
AppBrilliance, Inc.
Inventors
Smith, Charles Eric, Dutrow, Chris, Ayestaran, Sergio
Primary Examiner(s)
Shiferaw, Eleni A
Assistant Examiner(s)
Huang, Cheng-Feng

Application Number

US15/474,981
Publication Number

US 20170289809A1
Time in Patent Office

453 Days
Field of Search
US Class Current
CPC Class Codes

G06Q 40/02   Banking, e.g. interest calc...

H04B 1/3827   Portable transceivers

H04L 63/168   above the transport layer

H04L 67/02   based on web technology, e....

H04W 12/068   using credential vaults, e....

H04W 12/08   Access security

H04W 12/086   using security domains

Secured data access from a mobile device executing a native mobile application and a headless browser

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

22 Citations

18 Claims

Specification

Solutions

Use Cases

Quick Links

Secured data access from a mobile device executing a native mobile application and a headless browser

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

22 Citations

18 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links