Most websites and purchasing kiosks require a user to register and log-in in order to use the websites and to conduct transactions, change account information, or the like. Many websites attempt to profile visitors so as to either identify them or their demographic, thereby being able to tailor a displayed message accordingly.
Several methods of identifying users are known, such methods falling generally into either indirect or direct methods. Indirect methods include, for example, writing and reading cookies, tracking Internet Protocol (IP) address, and the like. Such indirect methods are relatively non-invasive but are much less accurate than direct methods.
Direct methods of identifying a user require a specific active recognition of the user that involves two steps: identification and authentication. Identification is a recognition step that essentially answers the question, “Who are you?” The user wanting to access an online system such as an e-commerce site, for example, must be able to either register as a new user or login as an existing user, typically by submitting a unique personal identifier such as an email address, user ID, membership number, or the like.
Authentication is a verification step that essentially answers the question, “How can you demonstrate you are really who you say you are?” Typically websites request a password, PIN code, or the like, ostensibly only known by the user and the website. Advanced authentication methods utilize biometric data such as fingerprints, iris characteristics, or the like.
Such systems traditionally rely on the authentication information to be kept as a secret and being difficult to guess. Further, users are frequently told not to use the same password on multiple websites. However, such requirements are difficult to enforce, and hence many people out of laziness will use the same easy-to-guess password on multiple sites, rendering their information less secure on all such sites.
Some of the drawbacks to such typical identification and authorization systems include the following:                1) Such websites (target websites for the user), such as e-commerce websites for example, herein referred to as recipient systems, must protect the user's personal information with adequate security measures. Storehouses of such information are often targets of hacking attacks for the purposes of fraudulently obtaining large sets of personal information such as names, addresses, credit card numbers, and the like.        2) Users must generate, carefully store and periodically update passwords for any such recipient systems, preferably always having unique passwords for each site that he wishes to access. This requires either an excellent and secure filing system or an extraordinary memory.        3) The user, in order to initially register at such websites and recipient systems, must transmit enough of his personal information to conduct his desired business at the website. For example, an e-commerce site user who desires to purchase an item and have it delivered to his home address, must communicate all of his generic information, such as name, address, phone number, email address, credit card information, and the like. Such data must be re-entered for every site, which is time consuming and prone to typing errors.        4) In the event that the user's information changes, such as his address or email address, the user must update such information on every website he wishes to conduct future business with. This is time consuming, and often the user will not remember if he has updated the information on a particular website, such as his shipping address for example. This can result in a user's shipment being mistakenly delivered to an old address.        5) Recipient systems that have stored personal information of many users often have the challenge that their information on many of their users is obsolete, making bulk mailings or email campaigns less efficient and effective.        
One partial solution to some of these drawbacks is a so-called “single sign-on” method, which is based on a unique user account at a principal system, for example a social network platform such as Facebook, Linked-In, Twitter, or the like. In such a single sign-on system, to log into a recipient system for transacting some sort of business, for example, the user must first log-in to the principal system through the recipient system. Once the user has been identified and authenticated by the principle system, the principle system shares certain data with the recipient system and the recipient system establishes a user session with the user.
However, such single sign-on systems also have certain disadvantages, such as:                1) the principal system must be informed of the user's personal information, and the user may not desire such a principal system to have such personal information;        2) the principal system learns about all of the recipient systems that the user visits and transacts business with;        3) the recipient system must have a trust relationship with the principal system;        4) the user must trust both the principal system and the recipient system that proper sharing of the user's personal data is taking place;        5) the principal system, typically being a social network platform, learns about the recipient systems that the users' friends or contacts frequent as well, which raises additional privacy and trust issues between all of the principal system's users; and        6) the login ID and passwords of users on the recipient systems become more valuable, and hence a more attractive hacking target, with every recipient system the user accesses through the principal system, requiring increased security and resulting in greater risk if such login credentials are compromised.        7) by bolting on to the principal system the user creates a single point of failure. If the login data for the principal system are lost or compromised then the login ID's for all the recipient systems associated to the login ID of the principal system are also lost or compromised.        
Similar problems occur for authentication applications in which a mere transaction confirmation is required such as in financial operations, the access to buildings, machines or vehicles, the rental of vehicles or of any equipment, or the like.
Therefore, there is a need for a system that reduces the burden of securing user information at recipient sites, thereby lowering their overhead costs for such recipient systems.