Click to initiate secure network service
First Claim
1. A method of providing a network service to a user via a third-party computer site, the method comprising:
- (a) providing, to a user computer, access to a page from the third-party computer site without a login;
(b) sending a first request from the user computer to the third-party computer site in response to a user-initiated action made using the page;
(c) receiving, by the third-party computer site, the first request;
(d) generating a first redirect message based on the first request, the first redirect message to redirect the user computer to a server, the first redirect message encoding information that comprises a time stamp, the first redirect message further encoding a digital signature generated based on the information;
(e) sending the redirect message from the third-party computer site to the user computer;
(f) receiving, by the server from the user computer, a second request caused by the first redirect message; and
(g) based on the second request;
(g1) determining that the user computer has an active session with the server;
(g2) determining that the information encoded in the second request is valid based on the digital signature; and
(g3) directing a service element to initiate the network service based on (g1) and (g2).
1 Assignment
0 Petitions
Accused Products
Abstract
A computer is provided access to a page from a computer site without a login. The computer sends a first request to the computer site in response to a user-initiated action made using the page. The computer site generates a first redirect message based on the first request to redirect the computer to a server. The first redirect message encodes information that comprises a time stamp, and encodes a digital signature generated based on the information. The computer site sends the redirect message to the computer, which causes a second request to be sent to the server. Based on the second request, the server directs a service element to initiate the network service if the computer has an active session with the server and the information encoded in the second request is valid based on the digital signature.
-
Citations
22 Claims
-
1. A method of providing a network service to a user via a third-party computer site, the method comprising:
-
(a) providing, to a user computer, access to a page from the third-party computer site without a login;
(b) sending a first request from the user computer to the third-party computer site in response to a user-initiated action made using the page;
(c) receiving, by the third-party computer site, the first request;
(d) generating a first redirect message based on the first request, the first redirect message to redirect the user computer to a server, the first redirect message encoding information that comprises a time stamp, the first redirect message further encoding a digital signature generated based on the information;
(e) sending the redirect message from the third-party computer site to the user computer;
(f) receiving, by the server from the user computer, a second request caused by the first redirect message; and
(g) based on the second request;
(g1) determining that the user computer has an active session with the server;
(g2) determining that the information encoded in the second request is valid based on the digital signature; and
(g3) directing a service element to initiate the network service based on (g1) and (g2). - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20)
-
-
21. A method of initiating a telephone call for a user via a computer site, the method comprising:
-
(a) providing, to a user computer, access to a page from the computer site;
(b) sending a first request from the user computer to the computer site in response to a user-initiated action made using the page;
(c) receiving, by the computer site, the first request;
(d) generating a first redirect message based on the first request, the first redirect message to redirect the user computer to a server, the first redirect message encoding information that comprises a time stamp, the first redirect message further encoding a digital signature generated based on the information;
(e) sending the redirect message from the computer site to the user computer;
(f) receiving, by the server from the user computer, a second request caused by the first redirect message; and
(g) based on the second request;
(g1) determining that the user computer has an active session with the server;
(g2) determining that a difference between the time stamp and a current time is acceptable;
(g3) determining that the information encoded in the second request is valid based on the digital signature; and
(g4) directing a service element to initiate the telephone call for the user based on (g1), (g2) and (g3). - View Dependent Claims (22)
-
Specification