摘要 |
A process for authentication that gives users a warning against malicious web applications is disclosed. The disclosed process gives the user an audiovisual when viewing the correct web application. The audiovisual is known as a “totem” in this document. The totem can be an image that is shown to the user, audio that is played to the user, or a video or animation (with or without audio) that is played to the user. The user selects their totem as part of the disclosed process. The totem is stored locally using web storage in the user's browser. The totem can only be accessed by the correct web application, and thus cannot be presented to the user by a malicious web application seeking to impersonate the correct web application. The disclosed process thus gives the user, even one not “computer savvy”, a strong warning indication about a malicious web applications. |
主权项 |
1. A method of authenticating a device with the publisher of a web application, the method comprising the steps of:
selecting, upon the first use of a web application from the publisher on the device, a piece of multimedia content as security information that the user will recognize, where the piece of multimedia content is:
an image without audio, a video without audio, an animation without audio, an image with audio, a video with audio, an animation with audio, or pure audio; storing the selected piece of multimedia content on the device such that it associates the device with the publisher of the web application and is not accessible by another publisher; and presenting the selected piece of multimedia content to the user as security information upon each subsequent use on the device of a web application from the publisher with which the selected piece of multimedia content is associated with.
|