WEBSITE LOGIN METHOD AND APPARATUS

US 20200304501A1
Filed: 06/10/2020
Published: 09/24/2020
Est. Priority Date: 03/15/2016
Status: Active Grant

First Claim

Patent Images

1. A computer-implemented method, comprising:

identifying, using a web browser presenting a first website, a website jump trigger indication to jump from the first web site to a second web site;

in response to identifying the website jump trigger, obtaining a first token from a cookie store of the web browser, the first token associated with a website identifier of the second website and a device fingerprint indicating a running environment at a time when the password-free proxy login was previously set;

in response to determining that a current running environment corresponds to the running environment indicated by the device fingerprint, obtaining a second token corresponding to the first token, wherein the second token comprises an access token indicating that the second web site grants password-free login permissions;

sending, via the web browser, a password-free login request to the second website, the request comprising a third token corresponding to the website identifier of the second website, where the third token includes the second token; and

in response to the second website verifying the second token, logging into the second website without a password.

View all claims

3 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

The present application provides example website login methods and apparatuses. One example method includes identifying a website jump trigger indication to jump from a first website to a second website. A first token is then obtained from a cookie store of the web browser, the first token associated with a website identifier of the second website and a device fingerprint indicating a running environment at a time when the password-free proxy login was previously set. In response to determining that a current running environment corresponds to the device fingerprint, a second token corresponding to the first token is obtained, wherein the second token comprises an access token indicating that the second website grants password-free login permissions. A password-free login request is sent to the second website including the second token. In response to the second website verifying the second token, the second website is logged into without a password.

13 Citations

20 Claims

1. A computer-implemented method, comprising:
- identifying, using a web browser presenting a first website, a website jump trigger indication to jump from the first web site to a second web site;
  
  in response to identifying the website jump trigger, obtaining a first token from a cookie store of the web browser, the first token associated with a website identifier of the second website and a device fingerprint indicating a running environment at a time when the password-free proxy login was previously set;
  
  in response to determining that a current running environment corresponds to the running environment indicated by the device fingerprint, obtaining a second token corresponding to the first token, wherein the second token comprises an access token indicating that the second web site grants password-free login permissions;
  
  sending, via the web browser, a password-free login request to the second website, the request comprising a third token corresponding to the website identifier of the second website, where the third token includes the second token; and
  
  in response to the second website verifying the second token, logging into the second website without a password.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
- - 2. The computer-implemented method of claim 1, comprising, prior to identifying the website jump trigger indication:
    - receiving, by the first website, a password-free proxy login setting request sent by the second website, wherein the password-free proxy login setting request comprises the second token; and
      
      creating, by the first website, the first token comprising the device fingerprint;
      
      storing the first token in the cookie store of the web browser;
      
      storing a correspondence between the first token and the second token; and
      
      notifying the second website that password-free proxy login is successfully set.
  - 3. The computer-implemented method of claim 2, comprising:
    - storing the second token in a backend database separate from the cookie store of the web browser, and wherein obtaining the second token comprising obtaining the second token from the backend database.
  - 4. The computer-implemented method of claim 1, comprising:
    - after the second website is logged in to through the first website without a password, displaying a logged-in page of the second website in an embedded page associated with the first web site.
  - 5. The computer-implemented method of claim 4, where, when the cookie store stores a plurality of first tokens that separately correspond to different second websites, the method further comprises:
    - displaying, on the same page as the embedded page associated with the first website based on the website identifiers associated with the first tokens, at least one other second website that has enabled password-free proxy login through the first website.
  - 6. The computer-implemented method of claim 5, comprising, in response to a user selection associated with another second website:
    - sending, via the web browser, a second password-free login request to the another second website, the second password-free login request comprising a fourth token corresponding to the website identifier of the another second website, where the fourth token includes a second token corresponding to the another second website.
  - 7. The computer-implemented method of claim 1, where, when the cookie store stores a plurality of first tokens that separately correspond to different second websites, the method further comprises:
    - when identifying, using a web browser presenting a first website, the website jump trigger indication is identified, selecting one of the second websites, based on a predetermined selection rule, to perform password-free proxy login.
  - 8. The computer-implemented method of claim 1, comprising:
    - receiving a password-free proxy login cancellation request sent by the second website, wherein the password-free proxy login cancellation request comprises a fourth token, wherein the fourth token is an indication created by the second website for canceling password-free proxy login, and wherein the third token comprises the website identifier of the second website; and
      
      obtaining, based on the website identifier in the fourth token, the first token corresponding to the second website; and
      
      deleting the obtained first token and the second token that corresponds to the first token.
  - 9. The computer-implemented method of claim 1, wherein the first website is a shopping website and the second website is a payment website.

10. A non-transitory, computer-readable medium storing one or more instructions executable by a computer system to perform operations comprising:
- identifying, using a web browser presenting a first website, a website jump trigger indication to jump from the first web site to a second web site;
  
  in response to identifying the website jump trigger, obtaining a first token from a cookie store of the web browser, the first token associated with a website identifier of the second website and a device fingerprint indicating a running environment at a time when the password-free proxy login was previously set;
  
  in response to determining that a current running environment corresponds to the running environment indicated by the device fingerprint, obtaining a second token corresponding to the first token, wherein the second token comprises an access token indicating that the second web site grants password-free login permissions;
  
  sending, via the web browser, a password-free login request to the second website, the request comprising a third token corresponding to the website identifier of the second website, where the third token includes the second token; and
  
  in response to the second website verifying the second token, logging into the second website without a password.
- View Dependent Claims (11, 12, 13, 14, 15, 16, 17, 18)
- - 11. The non-transitory, computer-readable medium of claim 10, comprising, prior to identifying the website jump trigger indication:
    - receiving, by the first website, a password-free proxy login setting request sent by the second website, wherein the password-free proxy login setting request comprises the second token; and
      
      creating, by the first website, the first token comprising the device fingerprint;
      
      storing the first token in the cookie store of the web browser;
      
      storing a correspondence between the first token and the second token; and
      
      notifying the second website that password-free proxy login is successfully set.
  - 12. The non-transitory, computer-readable medium of claim 11, comprising:
    - storing the second token in a backend database separate from the cookie store of the web browser, and wherein obtaining the second token comprising obtaining the second token from the backend database.
  - 13. The non-transitory, computer-readable medium of claim 10, comprising:
    - after the second website is logged in to through the first website without a password, displaying a logged-in page of the second website in an embedded page associated with the first web site.
  - 14. The non-transitory, computer-readable medium of claim 13, where, when the cookie store stores a plurality of first tokens that separately correspond to different second websites, the method further comprises:
    - displaying, on the same page as the embedded page associated with the first website based on the website identifiers associated with the first tokens, at least one other second website that has enabled password-free proxy login through the first website.
  - 15. The non-transitory, computer-readable medium of claim 14, comprising, in response to a user selection associated with another second website:
    - sending, via the web browser, a second password-free login request to the another second website, the second password-free login request comprising a fourth token corresponding to the web site identifier of the another second web site, where the fourth token includes a second token corresponding to the another second website.
  - 16. The non-transitory, computer-readable medium of claim 10, where, when the cookie store stores a plurality of first tokens that separately correspond to different second websites, the method further comprises:
    - when identifying, using a web browser presenting a first web site, the web site jump trigger indication is identified, selecting one of the second websites, based on a predetermined selection rule, to perform password-free proxy login.
  - 17. The non-transitory, computer-readable medium of claim 10, comprising:
    - receiving a password-free proxy login cancellation request sent by the second website, wherein the password-free proxy login cancellation request comprises a fourth token, wherein the fourth token is an indication created by the second website for canceling password-free proxy login, and wherein the third token comprises the website identifier of the second website; and
      
      obtaining, based on the website identifier in the fourth token, the first token corresponding to the second web site; and
      
      deleting the obtained first token and the second token that corresponds to the first token.
  - 18. The non-transitory, computer-readable medium of claim 10, wherein the first website is a shopping website and the second website is a payment website.

19. A computer-implemented system, comprising:
- one or more computers; and
  
  one or more computer memory devices interoperably coupled with the one or more computers and having tangible, non-transitory, machine-readable media storing one or more instructions that, when executed by the one or more computers, perform one or more operations comprising;
  
  identifying, using a web browser presenting a first web site, a web site jump trigger indication to jump from the first web site to a second web site;
  
  in response to identifying the website jump trigger, obtaining a first token from a cookie store of the web browser, the first token associated with a website identifier of the second website and a device fingerprint indicating a running environment at a time when the password-free proxy login was previously set;
  
  in response to determining that a current running environment corresponds to the running environment indicated by the device fingerprint, obtaining a second token corresponding to the first token, wherein the second token comprises an access token indicating that the second website grants password-free login permissions;
  
  sending, via the web browser, a password-free login request to the second website, the request comprising a third token corresponding to the website identifier of the second website, where the third token includes the second token; and
  
  in response to the second website verifying the second token, logging into the second website without a password.
- View Dependent Claims (20)
- - 20. The computer-implemented system of claim 19, comprising, prior to identifying the website jump trigger indication:
    - receiving, by the first website, a password-free proxy login setting request sent by the second website, wherein the password-free proxy login setting request comprises the second token; and
      
      creating, by the first website, the first token comprising the device fingerprint;
      
      storing the first token in the cookie store of the web browser;
      
      storing a correspondence between the first token and the second token; and
      
      notifying the second website that password-free proxy login is successfully set.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Advanced New Technologies Company Limited (Ant Group Co., Ltd.)
Original Assignee
Alibaba Group Holding Ltd.
Inventors
Fan, Xiaofeng

Granted Patent

US 10,868,813 B2
Time in Patent Office

Days
Field of Search
US Class Current
CPC Class Codes

G06F 16/22   Indexing; Data structures t...

G06F 16/957   Browsing optimisation, e.g....

G06F 21/31   User authentication

G06F 21/41   where a single sign-on prov...

G06F 21/44   Program or device authentic...

G06F 21/6263   during internet communicati...

G06Q 20/12   specially adapted for elect...

G06Q 20/40   Authorisation, e.g. identif...

G06Q 30/0601   Electronic shopping [e-shop...

G06Q 30/0609   Buyer or seller confidence ...

G06Q 30/0637   Approvals

H04L 2209/76   Proxy, i.e. using intermedi...

H04L 63/0815   providing single-sign-on or...

H04L 63/0823   using certificates cryptogr...

H04L 63/0853   using an additional device,...

H04L 63/0876   based on the identity of th...

H04L 67/02   based on web technology, e....

H04L 9/3213   using tickets or tokens, e....

H04L 9/3247   involving digital signatures

WEBSITE LOGIN METHOD AND APPARATUS

First Claim

3 Assignments

0 Petitions

Accused Products

Abstract

13 Citations

20 Claims

Specification

Use Cases

Quick Links

Others

WEBSITE LOGIN METHOD AND APPARATUS

First Claim

3 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

13 Citations

20 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others