CONFIRMING THE IDENTITY OF INTEGRATOR APPLICATIONS

US 20150082407A1
Filed: 09/19/2013
Published: 03/19/2015
Est. Priority Date: 09/19/2013
Status: Active Grant

First Claim

Patent Images

1. A computer-implemented method for verifying identities of services making service requests, comprising:

receiving, by one or more computing devices and from a merchant service system, service program code, wherein the service program code comprises identifying information that enables the one or more computing devices to verify a service request made by a computing device operated by a user;

extracting, by the one or more computing devices, the identifying information from the service program code received from the merchant service system;

distributing, by the one or more computing devices, the service program code for operation on the computing device operated by the user, wherein the service program code comprises computer-readable instructions executable by the computing device operated by the user to perform a service;

receiving, by the one or more computing devices and from the computing device operated by the user, an access request, wherein the access request comprises a request for an access token and identifying information, and wherein the computing device operated by the user extracts the identifying information from the service program code resident on the computing device operated by the user;

producing, by the one or more computing devices, an access token, wherein the access token comprises the identifying information received from the computing device operated by the user;

transmitting, by the one or more computing devices, the access token to the computing device operated by the user;

receiving, by the one or more computing devices and from the computing device operated by the user, a service request, wherein the service request comprises a request by the service to perform an action via the one or more computing devices and the access token;

determining, by the one or more computing devices, whether to allow or deny the service request by comparing the identifying information from the access token received from the computing device operated by the user to the extracted identifying information from the service program code received from the merchant service system.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

An application service system receives, from a merchant service system, an application program code comprising identifying information. The identifying information is extracted and the application is distributed for operation on a user device. A user interacts with the application, creating an access request that is transmitted to the application service system along with the extracted identifying information. The application service system transmits an access token to the user device comprising the received identifying information. The user device transmits the access token with a service request to the application service system. The application service system compares the identifying information from the access token to the identifying information extracted from the application program code received from the merchant services system. If the identifying information matches, the service request is processed. If the identifying information does not match, the service request is denied and an error message is transmitted to the user device.

Citations

20 Claims

1. A computer-implemented method for verifying identities of services making service requests, comprising:
- receiving, by one or more computing devices and from a merchant service system, service program code, wherein the service program code comprises identifying information that enables the one or more computing devices to verify a service request made by a computing device operated by a user;
  
  extracting, by the one or more computing devices, the identifying information from the service program code received from the merchant service system;
  
  distributing, by the one or more computing devices, the service program code for operation on the computing device operated by the user, wherein the service program code comprises computer-readable instructions executable by the computing device operated by the user to perform a service;
  
  receiving, by the one or more computing devices and from the computing device operated by the user, an access request, wherein the access request comprises a request for an access token and identifying information, and wherein the computing device operated by the user extracts the identifying information from the service program code resident on the computing device operated by the user;
  
  producing, by the one or more computing devices, an access token, wherein the access token comprises the identifying information received from the computing device operated by the user;
  
  transmitting, by the one or more computing devices, the access token to the computing device operated by the user;
  
  receiving, by the one or more computing devices and from the computing device operated by the user, a service request, wherein the service request comprises a request by the service to perform an action via the one or more computing devices and the access token;
  
  determining, by the one or more computing devices, whether to allow or deny the service request by comparing the identifying information from the access token received from the computing device operated by the user to the extracted identifying information from the service program code received from the merchant service system.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
- - 2. The method of claim 1, further comprising:
    - in response to comparing the identifying information from the access token received from the computing device operated by the user to the extracted identifying information from the service program code received from the merchant service system, detecting, by the one or more computing devices, a match between the identifying information from the access token and the extracted identifying information; and
      
      allowing, by the one or more computing devices, the service request to be processed in response to detecting the match.
  - 3. The method of claim 1, further comprising:
    - in response to comparing the received identifying information from the access token received from the computing device operated by the user to the extracted identifying information from the service program code received from the merchant service system, not detecting, by the one or more computing devices, a match between the identifying information from the access token and the extracted identifying information;
      
      denying, by the one or more computing devices, the service request in response to not detecting the match; and
      
      transmitting, by the one or more computing devices, an error message to the computing device operated by the user, wherein the error message is displayed by the computing device operated by the user.
  - 4. The method of claim 1, wherein the identifying information is required for distribution of the service program code by the one or more computing devices.
  - 5. The method of claim 1, wherein the identifying information comprises one or more of an application identifier, a package name, and a digital signature.
  - 6. The method of claim 1, wherein the service comprises a merchant service application, a merchant service website, or a merchant shipping service.
  - 7. The method of claim 1, wherein the service request comprises a request for the processing of a financial transaction by the service, a request for shipping information, a request for information from an account of the user maintained by the one or more computing devices, or a request for offers or coupons to be redeemed.
  - 8. The method of claim 1, wherein extracting the identifying information from the service program code received from the merchant service system comprises executing, by the one or more computing devices, a search algorithm that locates and extracts the identifying information from the service program code.
  - 9. The method of claim 1, wherein extracting the identifying information from the service program code received from the merchant service system comprises identifying, by the one or more computing devices, a predetermined location in the service program code and extracting the identifying information from the predetermined location.
  - 10. The method of claim 1, wherein an access request algorithm on the computing device operated by the user is activated in response to a service request being initiated on the computing device operated by the user, wherein the access request algorithm identifies and extracts the identifying information from the service program code on the computing device operated by the user and transmits the identifying information along with an access request to the one or more computing devices.

11. A computer program product, comprising:
- a non-transitory computer-readable medium having computer-readable program instructions embodied therein that when executed by a computer cause the computer to verify identities of services making service requests, the computer-readable program instructions comprising;
  
  computer-readable program instructions for receiving service program code from a merchant service system, wherein the service program code comprises identifying information that enables one or more computing devices to verify a service request made by a computing device operated by a user;
  
  computer-readable program instructions for receiving an access request from a computing device operated by a user, wherein the access request comprises a request for an access token and identifying information, and wherein the computing device operated by the user extracts the identifying information from service program code resident on the computing device operated by the user;
  
  computer-readable program instructions for transmitting an access token to the computing device operated by the user, wherein the access token comprises the identifying information received from the computing device operated by the user;
  
  computer-readable program instructions for receiving from the computing device operated by the user, a service request, wherein the service request comprises a request by the service to perform an action via the one or more computing devices and the access token; and
  
  computer-readable program instructions for determining whether to allow or deny the service request by comparing the identifying information from the access token received from the computing device operated by the user to the identifying information from the service program code received from the merchant service system.
- View Dependent Claims (12, 13, 14)
- - 12. The computer program product of claim 11, further comprising computer-readable program instructions for extracting the identifying information from the service program code received from the merchant service system.
  - 13. The computer program product of claim 12, wherein extracting the identifying information from the service program code received from the merchant service system comprises computer-readable program instructions for executing a search algorithm that locates and extracts the identifying information from the service program code.
  - 14. The computer program product of claim 11, further comprising:
    - in response to comparing the identifying information from the access token to the identifying information from the service program code, computer-readable program instructions for detecting a match between the identifying information received from the computing device operated by the user and the identifying information received from the merchant service system; and
      
      in response to detecting the match, computer-readable program instructions for allowing the service request to be processed.

15. A system for verifying identities of services making service requests, the system comprising:
- a storage medium; and
  
  a processor communicatively coupled to the storage medium, wherein the processor executes application code instructions that are stored in the storage medium and that cause the system to;
  
  receive an access request from a computing device operated by a user, wherein the access request comprises a request for an access token and identifying information, and wherein the computing device operated by the user extracts the identifying information from the service program code resident on the computing device operated by the user;
  
  transmit the access token to the computing device operated by the user, wherein the access token comprises the identifying information received from the computing device operated by the user;
  
  receive a service request from the computing device operated by the user, wherein the service request comprises a request by the service to perform an action via the one or more computing devices and the access token; and
  
  determine whether to allow or deny the merchant service request by comparing the identifying information received from the service program code on the computing device operated by the user to identifying information in service program code received from the merchant service system.
- View Dependent Claims (16, 17, 18, 19, 20)
- - 16. The system of claim 15, wherein the processor is further configured to execute computer-executable instructions stored in the storage medium to cause the system to extract the identifying information from the service program code received from the merchant service system.
  - 17. The system of claim 16, wherein extracting the identifying information from the service program code received from the merchant service system comprises processing computer-executable instructions for executing a search algorithm that locates and extracts the identifying information from the service program code.
  - 18. The system of claim 16, wherein extracting the identifying information from the service program code received from the merchant service system comprises processing computer-executable instructions for identifying predetermined location in the service program code and extracting the identifying information from the predetermined location.
  - 19. The system of claim 15, wherein the processor is further configured to execute computer-executable instructions stored in the storage medium to cause the system to:
    - in response to comparing the received identifying information from the access token received from the computing device operated by the user to the identifying information from the service program code received from the merchant service system, detect a match between the identifying information received from the computing device operated by the user and the extracted identifying information; and
      
      allow the service request to be processed in response to detecting the match.
  - 20. The system of claim 15, wherein the processor is further configured to execute computer-executable instructions stored in the storage medium to cause the system to:
    - in response to comparing the received identifying information from the access token received from the computing device operated by the user to the identifying information from the service program code received from the merchant service system, not detect a match between the identifying information received from the computing device operated by the user and the extracted identifying information;
      
      deny the service request in response to not detecting the match; and
      
      transmit an error message to the computing device operated by the user, wherein the error message is displayed by the computing device operated by the user.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Google LLC (Alphabet Inc.)
Original Assignee
Google Inc. (Alphabet Inc.)
Inventors
Atwood, Scott Roy, Hamilton, Jeffrey William, Galpin, Michael David, Boekenoogen, Jon Christian

Granted Patent

US 9,531,718 B2
Time in Patent Office

Days
Field of Search
US Class Current

726/9
CPC Class Codes

G06F 21/44   Program or device authentic...

G06Q 30/0635   Processing of requisition o...

H04L 2209/56   Financial cryptography, e.g...

H04L 63/0807   using tickets, e.g. Kerbero...

H04L 63/0876   based on the identity of th...

H04L 63/10   for controlling access to d...

H04L 67/34   involving the movement of s...

H04L 67/60   Scheduling or organising th...

H04L 9/3213   using tickets or tokens, e....

CONFIRMING THE IDENTITY OF INTEGRATOR APPLICATIONS

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

CONFIRMING THE IDENTITY OF INTEGRATOR APPLICATIONS

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links