System and method to facilitate compliance with COPPA for website registration
First Claim
Patent Images
1. A method, comprising:
- receiving from a site coupled to a network a request sent via the network to authorize a user seeking access to the site, the request being received at a service coupled to the network and remote from the site and the user;
determining whether the user has previously registered with the service;
if the user is determined to have been previously registered with the service, the service identifying an authorizing agent associated with the user from a database coupled to the service; and
sending a message to the identified authorizing agent that requests that the authorizing agent authorize the user to access the site;
if the user is determined not to have been previously registered with the service, the service checking the database to determine whether at least one authorizing agent is associated with the user in the database;
displaying, via the network, to the user a list of one or more authorizing agents that are determined to be associated with the user;
permitting the user to select one of the authorizing agents from the list; and
sending a message to the selected authorizing agent that requests that the authorizing agent authorize the user to access the site;
if the user does not select any authorizing agent from the list, the service querying the user, via the network for a name of the user, address information associated with an authorizing agent that is authorized to authorize the user to access the site, and for an answer to a security question;
querying the authorizing agent to confirm that the user is associated with the authorizing agent and to provide an answer to the security question;
obtaining credit card information of the authorizing agent;
determining whether the answer provided by the authorizing agent matches the answer provided by the user; and
determining whether the credit card information corresponds to at least a portion of the address information provided by the user;
receiving an authorizing message from the authorizing agent indicating whether the authorizing agent authorizes the user to access the site;
storing a record in the database indicating whether the authorizing agent authorized the user to access the site; and
sending the site, via the network, a message indicating whether the authorizing agent authorized the user to access the site.
5 Assignments
0 Petitions
Accused Products
Abstract
Embodiments of the present invention provide a third-party system that allows parents or authorized guardians to continually grant permissions to several websites and online services and provides a one-time-authentication process of the parent-child relationship. Through this system, the need to re-authenticate the parent-child relationship or for each online company to build their own authentication system and COPPA record keeping mechanisms can be reduced or eliminated. In addition, the embodiments provided herein may afford a service for managing COPPA compliance that is relatively easy for online companies to integrate into their online services and websites.
-
Citations
20 Claims
-
1. A method, comprising:
-
receiving from a site coupled to a network a request sent via the network to authorize a user seeking access to the site, the request being received at a service coupled to the network and remote from the site and the user; determining whether the user has previously registered with the service; if the user is determined to have been previously registered with the service, the service identifying an authorizing agent associated with the user from a database coupled to the service; and
sending a message to the identified authorizing agent that requests that the authorizing agent authorize the user to access the site;if the user is determined not to have been previously registered with the service, the service checking the database to determine whether at least one authorizing agent is associated with the user in the database;
displaying, via the network, to the user a list of one or more authorizing agents that are determined to be associated with the user;
permitting the user to select one of the authorizing agents from the list; and
sending a message to the selected authorizing agent that requests that the authorizing agent authorize the user to access the site;if the user does not select any authorizing agent from the list, the service querying the user, via the network for a name of the user, address information associated with an authorizing agent that is authorized to authorize the user to access the site, and for an answer to a security question; querying the authorizing agent to confirm that the user is associated with the authorizing agent and to provide an answer to the security question;
obtaining credit card information of the authorizing agent;
determining whether the answer provided by the authorizing agent matches the answer provided by the user; and
determining whether the credit card information corresponds to at least a portion of the address information provided by the user;receiving an authorizing message from the authorizing agent indicating whether the authorizing agent authorizes the user to access the site; storing a record in the database indicating whether the authorizing agent authorized the user to access the site; and sending the site, via the network, a message indicating whether the authorizing agent authorized the user to access the site. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
-
-
11. A computer program product embodied on a tangible, non-transitory computer readable medium for causing a computer to perform a method, the method comprising:
-
receiving from a site coupled to a network a request sent via the network to authorize a user seeking access to the site, the request being received at a service coupled to the network and remote from the site; determining whether the user has previously registered with the service; if the user is determined to have been previously registered with the service, identifying an authorizing agent associated with the user from a database coupled to the service; and
sending a message to the identified authorizing agent that requests that the authorizing agent authorize the user to access the site;if the user is determined not to have been previously registered with the service, checking the database to determine whether at least one authorizing agent is associated with the user in the database;
displaying, via the network, to the user a list of one or more authorizing agents that are determined to be associated with the user;
permitting the user to select one of the authorizing agents from the list; and
sending a message to the selected authorizing agent that requests that the authorizing agent authorize the user to access the site;if the user does not select any authorizing agent from the list, querying the user, via the network for a name of the user, address information associated with an authorizing agent that is authorized to authorize the user to access the site, and for an answer to a security question; querying the authorizing agent to confirm that the user is associated with the authorizing agent and to provide an answer to the security question;
obtaining credit card information of the authorizing agent;
determining whether the answer provided by the authorizing agent matches the answer provided by the user; and
determining whether the credit card information corresponds to at least a portion of the address information provided by the user;receiving an authorizing message from the authorizing agent indicating whether the authorizing agent authorizes the user to access the site; storing a record in the database indicating whether the authorizing agent authorized the user to access the site; and sending the site, via the network, a message indicating whether authorizing agent authorized the user to access the site.
-
-
12. A system, comprising:
-
a service coupled to the network; the service having an interface for receiving from a site coupled to a network a request sent via the network to authorize a user seeking access to the site, wherein the service is remote from the site and the user; the service having a database, wherein the service querying the database to determine whether the user has previously registered with the service; if the user is determined to have been previously registered with the service, the service having logic for identifying an authorizing agent associated with the user from a database coupled to the service; and
sending a message to the identified authorizing agent that requests that the authorizing agent authorize the user to access the site;if the user is determined not to have been previously registered with the service, the service having logic for checking the database to determine whether at least one authorizing agent is associated with the user in the database;
displaying, via the network, to the user a list of one or more authorizing agents that are determined to be associated with the user;
permitting the user to select one of the authorizing agents from the list; and
sending a message to the selected authorizing agent that requests that the authorizing agent authorize the user to access the site;if the user does not select any authorizing agent from the list, the service having logic for querying the user, via the network for a name of the user, address information associated with an authorizing agent that is authorized to authorize the user to access the site, and for an answer to a security question; the service having logic for querying the authorizing agent to confirm that the user is associated with the authorizing agent and to provide an answer to the security question;
obtaining credit card information of the authorizing agent;
determining whether the answer provided by the authorizing agent matches the answer provided by the user; and
determining whether the credit card information corresponds to at least a portion of the address information provided by the user;the interface of the service being adapted to receive an authorizing message from the authorizing agent indicating whether the authorizing agent authorizes the user to access the site; the service having logic for storing a record in the database indicating whether the authorizing agent authorized the user to access the site; and the service having logic for sending the site, via the network, a message indicating whether the authorizing agent authorized the user to access the site. - View Dependent Claims (13, 14, 15, 16, 17, 18, 19, 20)
-
Specification