Authentication of web content

US 9,648,496 B2
Filed: 02/13/2015
Issued: 05/09/2017
Est. Priority Date: 02/13/2015
Status: Active Grant

First Claim

Patent Images

1. A method of authenticating content offered by a content source to a local device for displaying content, the method comprising:

establishing a communication session between the content source and a browser executing at the local device;

transmitting from the content source to the browser a validation page comprising a content authentication token which is a randomly generated one-time use only credential bound to the content source;

capturing the content authentication token from the browser by a verification application;

transmitting the authentication token to a validation service which determines whether the token is bound to a valid source of content; and

causing the content to be displayed on the local device if the token is bound to a valid source of content;

wherein causing the content to be displayed comprises transmitting a content source receipt from the validation service to the local device or a mobile device, wherein the content source receipt comprises a link identifying a memory location from which a data item relating to the valid source of content is accessible, thereby indicating the data item.

View all claims

4 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

The disclosure relates to a method of authenticating content offered by a content source to a local device for displaying content. The method includes establishing a communication session between the content source and a browser executing at the local device, transmitting from the content source to the browser a validation page comprising a content authentication token which is a randomly generated one-time use only credential bound to the content source, and capturing the content authentication token from the browser by a verification application. The method also includes transmitting the authentication token to a validation service which determines whether the token is bound to a valid source of content and causing the content to be displayed on the local device if the token is bound to a valid source of content.

61 Citations

View as Search Results

24 Claims

1. A method of authenticating content offered by a content source to a local device for displaying content, the method comprising:
- establishing a communication session between the content source and a browser executing at the local device;
  
  transmitting from the content source to the browser a validation page comprising a content authentication token which is a randomly generated one-time use only credential bound to the content source;
  
  capturing the content authentication token from the browser by a verification application;
  
  transmitting the authentication token to a validation service which determines whether the token is bound to a valid source of content; and
  
  causing the content to be displayed on the local device if the token is bound to a valid source of content;
  
  wherein causing the content to be displayed comprises transmitting a content source receipt from the validation service to the local device or a mobile device, wherein the content source receipt comprises a link identifying a memory location from which a data item relating to the valid source of content is accessible, thereby indicating the data item.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20)
- - 2. The method of claim 1, wherein the data item is accessed from a digital profile of the content source identified by the credential.
  - 3. The method of claim 2 wherein the profile is published by storing a version of it to an addressable memory location, and the link identifies the addressable memory location, thereby indicating the data item.
  - 4. The method of claim 1, wherein the verification application is executed on the mobile device which captures the content authentication token displayed on the validation page by one of:
    - digital image capture;
      
      scanning, near field communications and Bluetooth.
  - 5. The method of claim 1, wherein the content authentication token is received by a local browser of the local device and transferred to the verification application which is executed in the local device.
  - 6. The method of claim 1, wherein the token identifies an address of the source of content, the method comprising transmitting the address to an address verification service to confirm the address is a valid address.
  - 7. The method of claim 1, wherein the data item is displayed at the mobile device.
  - 8. The method of claim 7, wherein the data item is details of a server hosting the content.
  - 9. The method of claim 7, wherein the data item comprises details of a virtual device hosting the content and/or a physical device on which the virtual device is running.
  - 10. The method of claim 1, further comprising the steps of transmitting from the mobile device a device authentication token which is a randomly generated one-time use only credential bound to the mobile device to the verification service with the content authentication token.
  - 11. The method of claim 10, wherein the validation service uses the device authentication token to access a digital identity profile using the credential.
  - 12. The method of claim 11, wherein the validation service generates a device identification receipt comprising or indicating a data item accessed from the digital identity profile and transmits the receipt to the content source.
  - 13. The method of claim 12, wherein the content source determines whether or not to release content based on the data item in the device identification receipt.
  - 14. The method of claim 12, further comprising transmitting in the device identification receipt a fresh device authentication token.
  - 15. The method of claim 1, further comprising sending a fresh content authentication token to the content source.
  - 16. The method of claim 12, wherein the device identification receipt and the content source receipt share a common transaction identifier.
  - 17. The method of claim 1, further comprising transmitting from the local device an authentication token which is a randomly generated one-time use only credential bound to the local device to the verification service with the content authentication token.
  - 18. The method of claim 1, wherein the source of content comprises a server, and the token is bound to the server.
  - 19. The method of claim 1, wherein the content source comprises a server, and wherein the content authentication token is bound to a transient virtual device created by the server in a session establishment procedure instigated by the local device.
  - 20. The method of claim 7 wherein a confidence value is associated with the data item and displayed with the data item.

21. A computer program product comprising computer readable instructions stored on a non-transitory computer readable storage medium and, when executed, configured to implement a method comprising:
- establishing a communication session between the content source and a browser executing at the local device;
  
  transmitting from the content source to the browser a validation page comprising a content authentication token which is a randomly generated one-time use only credential bound to the content source;
  
  capturing the content authentication token from the browser by a verification application;
  
  transmitting the authentication token to a validation service which determines whether the token is bound to a valid source of content; and
  
  causing the content to be displayed on the local device if the token is bound to a valid source of content;
  
  wherein causing the content to be displayed comprises transmitting a content source receipt from the validation service to the local device or a mobile device, wherein the content source receipt comprises a link identifying a memory location from which a data item relating to the valid source of content is accessible, thereby indicating the data item.

22. A computer system comprising:
- a digital identity system configured to implement a validation service; and
  
  a local device comprising a network interface and a processor configured to execute a browser which operates to;
  
  establish a communication session between a content source and the browser via the network interface, andreceive from the content source a validation page comprising a content authentication token which is a randomly generated one-time use only credential bound to the content source,wherein a verification application captures the content authentication token from the browser and transmits the authentication token to a validation service which determines whether the token is bound to a valid source of content;
  
  wherein the validation service causes the content to be displayed on the local device if the token is bound to a valid source of content; and
  
  wherein causing the content to be displayed comprises transmitting a content source receipt from the validation service to the local device or a mobile device, wherein the content source receipt comprises a link identifying a memory location from which a data item relating to the valid source of content is accessible, thereby indicating the data item.
- View Dependent Claims (23, 24)
- - 23. The computer system of claim 22, wherein the verification application is executed on the local computing device.
  - 24. The computer system of claim 22, further comprising the mobile device, wherein the mobile device comprises a processor and a network interface, and wherein the verification application is executed on the processor of the mobile device.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Yoti Holding Ltd
Original Assignee
Yoti Ltd (Yoti Holding Ltd)
Inventors
Loughlin-McHugh, Eleanor Simone Frederika, Szczesniak, Roman Edward, Rodriguez, Francisco Angel Garcia
Primary Examiner(s)
PERUNGAVOOR, VENKATANARAY

Application Number

US14/622,740
Publication Number

US 20160241532A1
Time in Patent Office

816 Days
Field of Search
US Class Current
CPC Class Codes

H04L 63/0838   using one-time-passwords

H04L 63/0869   for achieving mutual authen...

H04L 63/0876   based on the identity of th...

H04W 12/06   Authentication

H04W 12/068   using credential vaults, e....

Authentication of web content

First Claim

4 Assignments

0 Petitions

Accused Products

Abstract

61 Citations

24 Claims

Specification

Solutions

Use Cases

Quick Links

Authentication of web content

First Claim

4 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

61 Citations

24 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links