User authentication using client-side browse history

US 9,712,520 B1
Filed: 06/23/2015
Issued: 07/18/2017
Est. Priority Date: 06/23/2015
Status: Expired due to Fees

First Claim

Patent Images

1. A computer-implemented method, comprising:

receiving, by a computer system, a request for a login web page of a web site, the request received from a computing device associated with a user account, the login web page configured to facilitate an authentication of the user account based at least in part on a username and a password;

inserting, by the computer system in the login web page, a universal resource locator (URL) of a second web page of the web site and code, the code configured to, upon execution at the computing device;

determine whether the URL and a cascading style sheets (CSS) attribute of the URL are present in a browser history stored at the computing device, anddetermine, based at least in part on presence of the URL and the CSS attribute in the browser history, that the second web page was accessed by the computing device prior to receiving the request for the login web page, the second web page accessed by the computing device prior to receiving the request based at least in part on a prior authentication of the user account via the login web page;

providing, by the computer system to the computing device and based at least in part on the request, the login web page comprising the URL of the second web page and the code;

receiving, by the computer system from the computing device, an indication that the second web page was accessed prior to receiving the request for the login web page, the indication received based at least in part on a determination by the code of the presence of the URL and the CSS attribute in the browser history upon an execution of the code at the computing device; and

authenticating, by the computer system, the user account based at least in part on the indication.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Techniques for authenticating a user may be described. In particular, a network-based document may be provided to a computing system of a user. The network-based document may include code and an identifier of another network-based document. The code may be configured to, upon execution, determine whether the other network-based document was accessed prior to providing the network-based document to the computing system. The other network-based document may be accessible to the user based on an identifier of the user. An indication that the other network-based document was accessed may be determined. For example, the indication may be received from the computing system based on an execution of the code at the computing system. The user may be authenticated based on the indication.

53 Citations

View as Search Results

18 Claims

1. A computer-implemented method, comprising:
- receiving, by a computer system, a request for a login web page of a web site, the request received from a computing device associated with a user account, the login web page configured to facilitate an authentication of the user account based at least in part on a username and a password;
  
  inserting, by the computer system in the login web page, a universal resource locator (URL) of a second web page of the web site and code, the code configured to, upon execution at the computing device;
  
  determine whether the URL and a cascading style sheets (CSS) attribute of the URL are present in a browser history stored at the computing device, anddetermine, based at least in part on presence of the URL and the CSS attribute in the browser history, that the second web page was accessed by the computing device prior to receiving the request for the login web page, the second web page accessed by the computing device prior to receiving the request based at least in part on a prior authentication of the user account via the login web page;
  
  providing, by the computer system to the computing device and based at least in part on the request, the login web page comprising the URL of the second web page and the code;
  
  receiving, by the computer system from the computing device, an indication that the second web page was accessed prior to receiving the request for the login web page, the indication received based at least in part on a determination by the code of the presence of the URL and the CSS attribute in the browser history upon an execution of the code at the computing device; and
  
  authenticating, by the computer system, the user account based at least in part on the indication.
- View Dependent Claims (2)
- - 2. The computer-implemented method of claim 1, wherein the authenticating further comprises receiving the username and the password from the computing device based at least in part on providing the login web page to the computing device.

3. One or more non-transitory computer-readable media comprising instructions that, when executed with one or more processors, cause a system to at least:
- provide, to a computing system associated with a user account, a first network-based document of a network-based resource, the first network-based document comprising code and an identifier of a second network-based document of the network-based resource, the identifier comprising a network address of the second network-based document, the code configured at least to, upon execution;
  
  determine whether the network address and a cascading style sheets (CSS) attribute of the network address are present in a history stored at the computing system, anddetermine, based at least in part on presence of the network address and the CSS attribute in the history, that the second network-based document was accessed prior to providing the first network-based document to the computing system, the second network-based document accessed based at least in part on an identifier of the user account;
  
  determine an indication that the second network-based document was accessed, the indication determined based at least in part on a determination of the presence of the network address and the CSS attribute in the history upon an execution of the code at the computing system; and
  
  authenticate the user account based at least in part on the indication.
- View Dependent Claims (4, 5, 6, 7, 8, 9, 10)
- - 4. The one or more non-transitory computer-readable media of claim 3, wherein the first network-based document and the second network-based document are associated with an electronic marketplace, wherein the first network-based document comprises a login web page configured to facilitate an authentication of the user account based at least in part on a username and password, wherein the second network-based document comprises a second web page accessed based at least in part on the authentication of the user account.
  - 5. The one or more non-transitory computer-readable media of claim 3, wherein the history is associated with an application of the computing system, the history comprising the identifier of the second network-based document based at least in part on an access of the application to the second network-based document prior to the providing of the first network-based document.
  - 6. The one or more non-transitory computer-readable media of claim 4, wherein the network address comprises a link, wherein the CSS attribute of the network address comprises a style attribute of the link, wherein the code comprises statements of a programmatic scripting language in accordance with an ECMAScript standard, and wherein the statements are configured to generate the indication based at least in part on a state and the style attribute of the link from the history.
  - 7. The one or more non-transitory computer-readable media of claim 3, wherein the identifier of the second network-based document is inserted in the first network-based document based at least in part on a selection of the second network-based document, wherein the selection is based at least in part on an identifier of the user account.
  - 8. The one or more non-transitory computer-readable media of claim 3, wherein the first network-based document is provided to the computing system based at least in part on a request of the computing system for the first network-based document, wherein the request is associated with the identifier of the user account, and wherein authenticating the user account comprises validating the identifier of the user based at least in part on the indication.
  - 9. The one or more non-transitory computer-readable media of claim 8, wherein validating the identifier of the user account comprises determining that the second network-based resource was accessed based at least in part on the identifier of the user account.
  - 10. The one or more non-transitory computer-readable media of claim 3, wherein the identifier of the second network-based document is inserted in the first network-based document such that, upon rendering the first network-based document at the computing system, the identifier and the second network-based document are not rendered to the user account.

11. A system comprising:
- one or more processors;
  
  one or more non-transitory computer-readable media comprising instructions that, when executed with the one or more processors, cause the system to at least;
  
  add, to a first network-based document from a network-based resource of a provider, an identifier of a second network-based document from the network-based resource and code based at least in part on a request for the first network-based document, the identifier comprising a network address of the second network-based document, the request received from a computing system of a user, the code configured at least to, upon execution;
  
  determine whether the network address and a cascading style sheets (CSS) attribute of the network address are present in a history stored at the computing system, anddetermine, based at least in part on presence of the network address and the CSS attribute in the history, that the second network-based document was accessed, the second network-based document accessed based at least in part on an identifier of the user;
  
  provide the first network-based document to the computing system based at least in part on the request;
  
  receive, from the computing system, an indication that the second network-based document was accessed prior to providing the first network-based document to the computing system, the indication received based at least in part on a determination of the presence of the network address and the CSS attribute in the history upon an execution of the code at the computing system; and
  
  authenticate the user based at least in part on the indication.
- View Dependent Claims (12, 13, 14, 15, 16, 17, 18)
- - 12. The system of claim 11, wherein the second network-based document was accessed based at least in part on a prior authentication of the user.
  - 13. The system of claim 11, wherein the second network-based document is unique to the identifier of the user, wherein the network address is a URL of the second network-based document, and wherein the identifier of the second network-based document further comprises information about the identifier of the user.
  - 14. The system of claim 13, wherein the information about the identifier of the user comprises a hash of the identifier of the user, and wherein the hash is appended to the URL.
  - 15. The system of claim 11, wherein the second network-based document comprises content unique to the identifier of the user, wherein the identifier of the second network-based document comprises a hash of the content, and wherein the hash is appended to the URL.
  - 16. The system of claim 11, wherein the second network-based document comprises a web page unique to the identifier of the user, wherein the second network-based document was accessed based at least in part on a rendering of the web page in an invisible frame at a browser of the computing system.
  - 17. The system of claim 11, wherein if the second network-based document was not accessed prior to providing the first network-based document to the computing system, the user is authenticated by at least:
    - determining an account of the user based at least in part on the identifier of the user;
      
      determining a time associated with the account; and
      
      authenticating the user based at least in part on the time.
  - 18. The system of claim 11, wherein the history is associated with an application of the computing system, wherein if the second network-based document was not accessed prior to providing the first network-based document to the computing system, the user is authenticated by at least:
    - determining an amount of the history based at least in part on the execution of the code; and
      
      authenticating the user based at least in part on the amount of the history being less than a threshold.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Amazon Technologies, Inc. (Amazon.com, Inc.)
Original Assignee
Amazon Technologies, Inc. (Amazon.com, Inc.)
Inventors
Strand, William Alexander, Canavor, Darren Ernest
Primary Examiner(s)
Pham, Luu
Assistant Examiner(s)
Baum, Ronald

Application Number

US14/747,919
Time in Patent Office

756 Days
Field of Search

726 7
US Class Current
CPC Class Codes

G06Q 30/0609   Buyer or seller confidence ...

H04L 63/083   using passwords cryptograph...

H04L 63/102   Entity profiles

H04L 67/02   based on web technology, e....

H04L 67/14   Session management for real...

H04L 67/306   User profiles

H04L 67/535   Tracking the activity of th...

User authentication using client-side browse history

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

53 Citations

18 Claims

Specification

Solutions

Use Cases

Quick Links

User authentication using client-side browse history

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

53 Citations

18 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links