Method and system for browser identity

US 9,887,965 B2
Filed: 07/20/2012
Issued: 02/06/2018
Est. Priority Date: 07/20/2012
Status: Active Grant

First Claim

Patent Images

1. A computer-implemented method comprising:

executing a browser at a client device;

receiving, at the browser, browser login information from a user;

in response to receiving the browser login information, logging the user into a browser login account associated with the browser executing on the client device;

in response to logging the user into the browser login account, receiving user-specific identity information from a server on behalf of the user;

storing, by the browser at the client device, the user-specific identity information;

installing a web application for execution by the browser, wherein installation of the web application grants, to the web application, permission to access the user-specific identity information provided to the browser and stored at the client device;

exposing, within the browser, an application programming interface (API) of the browser to the web application executing in the browser;

transmitting, within the browser and via the API of the browser, cryptographic information associated with the user to the web application, the web application verifying an identity of the user based on the cryptographic information; and

providing, based on the user-specific information provided to the browser and stored at the client device, user-specific content to the user through the web application after the web application verifies the identity of the user from the cryptographic information provided via the API of the browser.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A browser application programming interface is exposed to a web application to verify an identify of a user using user-specific identity information stored by the browser. Cryptographic information associated with the user is transmitted from the browser application programming interface to the web application. User-specific content is provided to the user through the web application if the web application verifies an identify of the user via the browser application programming interface using the cryptographic information.

Citations

17 Claims

1. A computer-implemented method comprising:
- executing a browser at a client device;
  
  receiving, at the browser, browser login information from a user;
  
  in response to receiving the browser login information, logging the user into a browser login account associated with the browser executing on the client device;
  
  in response to logging the user into the browser login account, receiving user-specific identity information from a server on behalf of the user;
  
  storing, by the browser at the client device, the user-specific identity information;
  
  installing a web application for execution by the browser, wherein installation of the web application grants, to the web application, permission to access the user-specific identity information provided to the browser and stored at the client device;
  
  exposing, within the browser, an application programming interface (API) of the browser to the web application executing in the browser;
  
  transmitting, within the browser and via the API of the browser, cryptographic information associated with the user to the web application, the web application verifying an identity of the user based on the cryptographic information; and
  
  providing, based on the user-specific information provided to the browser and stored at the client device, user-specific content to the user through the web application after the web application verifies the identity of the user from the cryptographic information provided via the API of the browser.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15)
- - 2. The method of claim 1, wherein the cryptographic information includes a unique message and a public key associated with the user.
  - 3. The method of claim 2, wherein the unique message is not shared with other web applications that are executed by the browser.
  - 4. The method of claim 1, wherein the user-specific identity information includes a user name and email address.
  - 5. The method of claim 1, wherein the server stores the user-specific identity information and is remote from the client device executing the browser, and wherein the user-specific identity information is provided to the browser upon the user logging into an account.
  - 6. The method of claim 1, further comprising:
    - providing login information for the user, including a username, to an online account associated with the user from a first client device;
      
      associating the user'"'"'s installation of the web application with the online account;
      
      providing login information for the user, including the username, to the online account associated with the user from a second client device controlled by the user;
      
      upon providing the login information, automatically installing the web application within a browser executing on the second client device, wherein installing the web application includes granting permission to the web application to access the user-specific identity information, wherein the user-specific identity information is stored, at the second client device, by the browser executing on the second client device;
      
      launching the web application in the browser executing on the second client device;
      
      automatically providing at least a portion of the user-specific identity information from the browser executing on the second client device to the web application based on the user'"'"'s launching of the web application; and
      
      providing user-specific content to the user through the web application launched in the browser executing on the second client device, wherein the user-specific content is based on the portion of the user-specific identity information that is provided to the web application.
  - 7. The method of claim 1, further comprising:
    - upon approval by the user, receiving a request, within the browser, from the web application for stored user-specific identity information via an API call from the web application to the browser.
  - 8. The method of claim 1, wherein the web application includes a manifest file and at least a portion of a web site.
  - 9. The method of claim 8, wherein the web application was packaged as an installable entity.
  - 10. The method of claim 9, wherein the web application is self contained and operates offline.
  - 11. The method of claim 1, wherein the cryptographic information persists within the browser after the user logs out of another web application or another website while using the browser.
  - 12. The method of claim 1, further comprising:
    - upon installation of the web application within the browser, automatically providing a pop-up window to notify the user that the web application will have access to at least a portion of the user-specific identity information.
  - 13. The method of claim 1, wherein the user-specific identity information includes account information.
  - 14. The method of claim 13, wherein the account information includes private identifiers for multiple credit cards.
  - 15. The method of claim 1, wherein the browser operates as an operating system of the client device.

16. A non-transitory computer readable medium containing instructions executable by a processor of a computing device, that when executed by the processor cause the computing device to:
- execute a browser;
  
  receive, at the browser, browser login information from a user;
  
  in response to receiving the browser login information, log the user into a browser login account associated with the browser;
  
  in response to logging the user into the browser login account, receive user-specific identity information from a computer different from the computing device on behalf of the user;
  
  store, by the browser at the computing device, the user-specific identity information;
  
  install a web application for execution by the browser, wherein installation of the web application grants, to the web application, permission to access the user-specific identity information provided to the browser and stored at the computing device;
  
  expose, within the browser, an application programming interface (API) of the browser to the web application executing in the browser;
  
  transmit, within the browser and via the API of the browser, cryptographic information associated with the user to the web application, the web application verifying an identity of the user based on the cryptographic information; and
  
  provide, based on the user-specific information provided to the browser and stored at the computing device, user-specific content to the user through the web application after the web application verifies the identity of the user from the cryptographic information provided via the API of the browser.

17. A system including:
- a memory; and
  
  a processor operably coupled to the memory and configured to execute code to;
  
  execute a browser;
  
  receive, at the browser, browser login information from a user;
  
  in response to receiving the browser login information, log the user into a browser login account associated with the browser;
  
  in response to logging the user into the browser login account, receive user-specific identity information from a computer different from the system on behalf of the user;
  
  store, by the browser at the system, the user-specific identity information;
  
  install a web application within the browser, wherein the installation grants, to the web application, permission to access the user-specific identity information provided to the browser and stored at the system;
  
  expose, within the browser, an application programming interface (API) of the browser to the web application executing in the browser;
  
  transmit, within the browser and via the API of the browser, cryptographic information associated with the user to the web application, the web application verifying an identity of the user based on the cryptographic information; and
  
  provide, based on the user-specific information provided to the browser and stored at the system, user-specific content to the user through the web application after the web application verifies the identity of the user from the cryptographic information provided via the API of the browser.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Google LLC (Alphabet Inc.)
Original Assignee
Google LLC (Alphabet Inc.)
Inventors
Kay, Erik, Boodman, Aaron S., Barth, Adam
Primary Examiner(s)
Lewis, Lisa

Application Number

US13/554,492
Publication Number

US 20140025949A1
Time in Patent Office

2,027 Days
Field of Search

713168
US Class Current
CPC Class Codes

G06F 21/31   User authentication

G06F 21/44   Program or device authentic...

G06F 21/6245   Protecting personal data, e...

G06F 21/6254   by anonymising data, e.g. d...

H04L 63/0428   wherein the data content is...

Method and system for browser identity

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

Citations

17 Claims

Specification

Solutions

Use Cases

Quick Links

Method and system for browser identity

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

17 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links