The following abbreviations are defined below as used in the remainder of the application:
AAA—A radius Authentication Authorization and Accounting server used in telecom networks as specified by RFC 2865.
ASP—Application Service Provider. Is a business that provides applications or content and media over the internet via http protocol. The ASP does not maintain the physical connectivity or broadband pipe to the end user. Examples of ASPs are Turner Broadcasting, Google, MSNBC.
ISP—Internet Service Provider provides the physical broadband connection used for delivering services. Examples of these include AT&T, Comcast, Earthlink, etc.
IPX—Internet Payment Exchange and Message Gateway. This element is responsible for the delivery of the message that carries the cookie/link to the telcom carrier network. IPX, a Telefonaktobolagit Ericsson acronym, is also known as Extended SMS Service system and typically has connectivity to many (over 100) telecom networks at a time.
Http—Hyper Text Transfer Protocol.
MSP—Multi Service Proxy—This element performs a gateway function enabling the policing of traffic at the edge of the network.
SAML—Security Assertion Markup Language
OTT—Over the Top, digital industry term describing third party services that are delivered across (i.e., “on top” of) a broadband network without affiliation with the broadband service provider
WAP—Wireless Application Protocol.
The present invention relates to communications networks. More particularly, and not by way of limitation, the present invention is directed to a system and method of providing identity correlation for an over the top service in a telecommunications network. Many service providers, such as media companies, content companies, and Application Service Providers (ASPs) have a need to be able to uniquely identify the users of their service for the purposes of opting into advertising, premium content, follow-up information delivered to the user, audience data monetization, and n-screens distribution (common data and personalization across different access types). In addition, compliance to legal privacy requirements often requires a unique correlation of the online presence to the physical individual. Furthermore, companies often desire to provide a single experience for consumers of their services across multiple access domains (i.e., over wireless and wireline modes of transmission).
Currently, content/media companies and ASPs (companies that do not provide the actual data connectivity) are required to either have agreements with individual Internet Service Providers (ISPs) and/or telecom operators to provide this information or require each user session to be uniquely “logged into”. For example, current systems utilize a Security Assertion Markup Language (SAML) which is an Extensible Markup Language (XML)-based standard for exchanging authentication and authorization data between security domains. In particular, data is exchanged between an identity provider (a producer of assertions) and a service provider (a consumer of assertions). SAML is a product of the OASIS Security Services Technical Committee.
However, current systems suffer several disadvantages in the mobile domain. One existing system for extending the solution to the mobile space includes requiring a user to login with a unique identifier each time a session is initiated. In the case of many feature phones (e.g., those lacking QWERTY keyboards and large format displays), this is extremely inconvenient as the user must use a multi-tap key stroke per letter or an additional application such as T9™. It is known that 50% of the users drop off a page click where a login is required. This obviously has a very negative impact on usage of a service and its financial value to an application service provider.
In an alternate solution for use with thin clients is the utilization of downloads to the mobile device. However, this solution suffers from several disadvantages. First, this solution requires a download of a unique client. The solution requires the development of unique clients for each class of device (if not per device). Additionally, technical support of the client over time is challenging. The number of handsets may be limited to those that are specifically tested.
In an alternate solution, an ASP may establish business relationships with an ISP to provide the requisite customer information. This would require the ASP to establish and maintain unique business relationships with a significant number of ISPs. For example, a global media company would likely require over 350 business relationships with telecom operators around the world.