1. Technical Field
This invention relates generally to cross domain authentication technology. More particularly, the invention relates to a method and system for automatically displaying a Web user's authentication status across an Internet based network of participating Web sites.
2. Description of the Prior Art
To request a service or conduct other electronic transactions in an Internet based network, a user is usually required to go through an authentication process. In other words, the user is required to provide the seller or service provider with some credential information, such as his personal identification, contact information, or even financial information. The authentication process may take from several seconds to several minutes. Because each seller or service provider usually maintains its own authentication server and database, millions of sellers and service providers might share thousands or millions of consumers or users. Some of the consumers or users might be required to go through the same or substantially similar authentication process again and again if they have transactions with many sellers or service providers. This repetitive authentication not only wastes the consumers' time, but also burdens the sellers or service providers because they have to expand their databases to keep detailed authentication information for a growing number of users. This situation brings forth a technical need to create a universal, unified, single-login infrastructure wherein a specific user may be authenticated once for all and the authentication result is widely recognized by a large number of sellers or service providers.
In responding to that need, several approaches have been developed. For example, Microsoft Corporation has introduced a “.NET Passport” single sign-in system. With “.NET Passport,” a user does not need to register a member name and password at each affiliated site he visits. The user may simply use his e-mail address and password that registered as his “.NET Passport” to sign in to any participating site of the network. The information the user registers with “.NET Passport” is stored online, securely, in the “.NET Passport” database as the user's “.NET Passport profile.” When the user signs in to a “.NET Passport” participating site by typing his e-mail address and password in the “.NET Passport” sign-in box, “.NET Passport” confirms that (1) the e-mail address he entered is registered with “.NET Passport”, and (2) the password he entered is correct. “.NET Passport” then notifies the site that the user has provided valid “sign-in credentials,”and thus he is given access to the participating site. Once the user signs in to one “.NET Passport” participating site during an Internet session, he can sign in to any other site simply by clicking the “.NET Passport” sign-in button available at the site.
Another example is America Online Incorporated (AOL)'s “Screen Name Service” system, which provides a free service allowing anyone with a “Screen Name” to register easily and securely at a variety of Web sites. The “Screen Name Service” eliminates a user's need to remember multiple names and passwords for all the places he visits on the Web. With the “Screen Name Service” system, each user has a “My Profile”, which stores the user's personal credentials used to make registration at sites across the Web simple and secure. When the user registers at a participating site using the service, he has the opportunity to choose which fields of information stored by AOL, if any, he would like to share with that site. No information is shared with any site without the user's explicit permission. When the user agrees to share certain information with a participating site, that information is conveyed to the site at which he is registering. Another feature is that the user is provided with a “My Site List”, which is an effective way to manage personal information because it shows the user with which sites he has registered using the service. The user can view the privacy policy of a site to see how it uses information it knows about the user. The user can also decide if he would like to be signed into the site without being prompted and if the site should be updated with information when “My Profile” changes.
In these distributed single login networks, cross domain status toolbars or indicators are static and do not display a personalized greeting across multiple domains. For example, when the user with a screen name “ljewpt9” logs in the MSN e-mail service, his full e-mail address ljewpt9@hotmail.com is displayed in the upper-left corner of every mail service pages such as the “inbox,” “sent,” “trash,” etc. When the user switches to other pages hosted by MSN, such as “search,” “music,” “sports,” neither the user's e-mail address, nor his screen name, nor his first name or last name associated with his account is displayed. There is only a small bar “sign Out.net” embedding in the pages. Without a close look, the user is not certain whether he is still logged-in or who is currently logged-in on the page. Similarly, when the user switches from an MSN page to any other affiliated website with “.NET Passport”, the user's logged-in status or personalized greeting is not expressly displayed in the targeted pages.
Websites, such as yahoo.com and amazon.com, display personalized greetings on their sites, but only on pages under the same domain from which they originally authenticated. For example, a user, with a screen name “ljewpt9”, who is authenticated to yahoo.com can only be identified on Web pages hosted on yahoo.com. When the user logs in the yahoo e-mail service, his full e-mail address ljewpt9@yahoo.com is displayed in the upper-right corner of every mail service pages such as the pages for “inbox”, “draft”, “sent”, “trash”, and “bulk”, etc. When the user switches to “Yahoo! Travel” or “Weather”, a greeting like “Welcome, Ljewpt9” is displayed on the page. However, the user's login status cannot be displayed on any other Web pages which are not hosted by yahoo.com.
What is desired is a mechanism to automatically display a user's logged-in status across an Internet based network of affiliated Web sites so that the user is certain about his logged-in status when he stays with one or switches from one to another affiliated Web site.