Processing

Please wait...

Settings

Settings

Goto Application

1. WO2011026695 - CENTRALIZED AUTHENTICATION SYSTEM

Note: Text based on automatic Optical Character Recognition processes. Please use the PDF version for legal matters

[ EN ]

Centralized authentication system

Field of the invention

The present invention relates to the field of authentication of a user. It may be applied to any suitable application, for example authentication of a user in a communications network.

Background of the invention

The term Web 2.0 is commonly associated with web applications that facilitate interactive information sharing, interoperability, user-centered design and collaboration on the World Wide Web. A Web 2.0 site allows its users to interact with other users or to change website content, in contrast to non-interactive websites where users are limited to the passive viewing of information that is provided to them. Examples of Web 2.0 include web-based communities, web applications, social-networking sites, video-sharing sites, wikis and blogs.

Website users can cause serious problems on web 2.0 community websites, for example by making arguments, placing spam, slander or by other abuse. Currently, moderators can ban such visitors from a website, but they cannot prevent that the same visitors create additional accounts and continue causing trouble.

This is a serious problem for many web 2.0 community websites. There are cases of big community websites of hundreds of thousands of users that had to be shut down because they were not able to control the problem. Even for websites that succeed in controlling the problem, the moderation effort and cost of fighting recidivist misbehaving visitors is huge.

A plurality of technical solutions exists to help a website to identify a visitor. They can be grouped in three categories:

1. Based on data known to the visitor: e.g. a user account with a password, and/or a pin code, a national identification number, a bank account number. User accounts can be easily duplicated. Unfortunately, also for example fake national identification numbers or bank account numbers can be generated automatically. Furthermore, verifying e.g. national identification numbers or bank account numbers world-wide is neither easy nor cheap.

2. Based on the visitor's biometric identity data such as voice, retina, photo, a fingerprint, etc. It turns out that biometric techniques are unreliable, and require specific devices, such as camera, microphone, ... Furthermore, there can also be privacy issues with identity data. The few techniques that can be used globally suffer from accuracy problems (e.g. recognition of fingerprints).

3. Based on a physical device possessed by the visitor, like e.g. a dongle or a digipass. This is an effective means of authentication, but in most cases it is fairly expensive, and only affordable for

banks or commercial websites. Since a dedicated physical device cannot be delivered to the user immediately, it will keep away occasional users.

US-2009/187988 describes a reputation server which associates feedback from previous network transactions with an account of a user in a network. A reputation score for the user is calculated based on the feedback to indicate the probability the user will abuse the network. When an online service receives a request from the user to perform a transaction, the online service performs the transaction based on the user's reputation score. Additionally, a server generates a reputation packet including the reputation score for a user for use by an online service when the user requests the online service to perform a transaction. The online service may authenticate the reputation packet with the server and, if the reputation packet is authenticated, the online service performs the transaction based on the user's reputation score.

It is a disadvantage of the reputation service described in the above document that it depends on a user account which, as indicated above, can easily be circumvented by creating a new user account. Furthermore, the method described constitutes a big network load, as all information about any transaction of a user is sent to the reputation server.

Summary of the invention

It is an objective of embodiments of the present invention to provide a good method for authentication making use of a reputation server.

The above objective is accomplished by a method according to the present invention.

It is an advantage of embodiments of the present invention that the authentication method does not relate a reputation score of a user related to the user account used for registering with an online service.

Particular and preferred aspects of the invention are set out in the accompanying independent and dependent claims. Features from the dependent claims may be combined with features of the independent claims and with features of other dependent claims as appropriate and not merely as explicitly set out in the claims.

In one aspect, the present invention provides a method for centralized identity authentication of a user, for use in connection with a communications network, based on a network wide reputation for the user. The method comprises creating at least one online service account, e.g. a website account, for allowing the user to access at least one online service on the communications network, linking the at least one online service account of the user to a reputation account of that user, the reputation account storing a reputation score for the user based on administrated transactions where one or more of a plurality of online services on the communications network decided to block the user, and the at least one online service of the network granting or denying the user's creation of the at least one online service account based on the reputation score for the user. In accordance with embodiments of the present invention, linking the at least one online service account of the user to a reputation account of that user includes using a mobile physical authentication device with telephone functionality.

It is an advantage of embodiments of the present invention that the reputation account is decoupled from the online service accounts. Hence the system can be used between different online services that do not have any way of working in common. The different online services do not need to change or streamline their account systems.

In a method according to embodiments of the present invention, storing a reputation score may comprise storing a multi-dimensional reputation score. The multi-dimensional reputation score may comprise different scores for different types of abuse. Such multi-dimensional reputation score is advantageous because a user which is blocked on one site because of a first type of abuse, e.g. he or she makes discriminating statements on forums, may well be allowed on another site where the first type of abuse is not important, e.g. a site where devices are sold.

A method according to embodiments of the present invention may furthermore comprise reevaluating the reputation score of the reputation account. This is advantageous because a user, once blocked, may be allowed for a login later on again. This way a user is not blocked eternally.

A method according to embodiments of the present invention may furthermore comprise creating a reputation account, wherein creating a reputation account comprises storing a value related to a unique characteristic of the mobile physical authentication device with telephone functionality or an account thereof, e.g. caller ID of the user, for example a mobile telephone number of the user or a function, e.g. a hashed value thereof.

A method according to embodiments of the present invention may furthermore comprise anonimising the reputation account, optionally per online service. This may be done for example by not storing identity details of the user, but for example unique characteristic of his or her mobile physical authentication device with telephone functionality or an account thereof, e.g. the caller ID, or a function thereof. An advantage thereof is that a person hacking the reputation server would not immediately find data about a user, e.g. a user identity, linked to reputation score.

In a method according to embodiments of the present invention, the online services may furthermore share data relevant to the user via the reputation account. The data relevant to the user may comprise any information online services might wish to share with one another, e.g. age of the user. If on one online service the user indicates he or she is 18+, and on another site he or she says to be minor, a warning could be raised or the user could be blocked for lying about his or her age. For other online services the age might not be an issue and the user could be granted access nevertheless.

In a method according to embodiments of the present invention, creating at least one online service account may comprise creating a plurality of online service accounts for accessing a plurality of online services on the network, wherein at least one of the online service accounts differs from at least one other online service account. A method according to embodiments of the present invention functions for different accounts, hence for different online services which do not need to change nor streamline their account policy.

For purposes of summarizing the invention and the advantages achieved over the prior art, certain objects and advantages of the invention have been described herein above. Of course, it is to be understood that not necessarily all such objects or advantages may be achieved in accordance with any particular embodiment of the invention. Thus, for example, those skilled in the art will recognize that the invention may be embodied or carried out in a manner that achieves or optimizes one advantage or group of advantages as taught herein without necessarily achieving other objects or advantages as may be taught or suggested herein.

Brief description of the drawings

FIG. 1 is a flow chart illustrating basic steps of a method according to embodiments of the present invention.

FIG. 2 schematically illustrates a first registration of a user to a first online service in accordance with embodiments of the present invention.

FIG. 3 schematically illustrates a second registration of a user to a second online service, and a ban of the user, in accordance with embodiments of the present invention.

FIG. 4 is a sequence diagram of an online service when a user registers, in accordance with embodiments of the present invention.

FIG. 5 is a sequence diagram of an online service when it is notified of a ban, in accordance with embodiments of the present invention.

The drawings are only schematic and are non-limiting. In the drawings, the size of some of the elements may be exaggerated and not drawn on scale for illustrative purposes.

Any reference signs in the claims shall not be construed as limiting the scope.

In the different drawings, the same reference signs refer to the same or analogous elements.

Detailed description of illustrative embodiments

Aspects of the present invention implement a method for centralized identity authentication of a user for use in connection with a communications network. The authentication in accordance with embodiments of the present invention is combined with a reputation assessment, based on a network wide reputation for the user.

A user may perform a variety of transactions through online services on a communications network, including for example, but not limited thereto, making use of interactive services such as web 2.0 community websites, social networking sites, user reactions, e.g. to articles on news or video sites, chat, forums, blogs; sending emails; sending and receiving instant messages; sharing photos or video; voting. Abuse of such networks is commonplace, for example by teasing, bullying, name calling, but also fraud, stalking, slander or hacking may occur. It is only a limited group of people which abuse the network, but which can spoil the atmosphere for all other users. Consequently, banning users which abuse the communications network is critical to the user experience of other users making use of the same online service.

However, at present such banning does not lead to satisfactory results, and banned people can easily come back to and get allowed by the online services.

FIG. 1 is a flow chart illustrating in general basic steps of a method according to embodiments of the present invention, which overcomes the above problems. A method according to embodiments of the present invention comprises:

creating - step 10 - at least one online service account, for example a web account, for allowing the user to access at least one online service on the communications network,

linking - step 11 - the at least one online service account of the user to a reputation account of that user stored on a reputation server, the reputation account storing reputation score, e.g. a multidimensional reputation score, for the user based on administrated transactions where one or more of a plurality of online services on the communications network decided to block the user, and the at least one online service of the network granting or denying - step 12 - the user's creation of the at least one online service account based on the reputation score for the user.

In accordance with embodiments of the present invention, linking the at least one online service account of the user to a reputation account of that user includes using a physical authentication device with telephone functionality, e.g. based on a SIM card, preferably a mobile physical authentication device, such as for example a mobile telephone device, the term mobile telephone device including any electronic device having a telephone function, such as for example iPad and other tablet PCs.

Hence embodiments of the present invention make use of a physical authentication device; however, not a dedicated authentication device to be sent out to the user by the authenticating party, but a physical authentication device which most internet users have, namely a mobile authentication device with telephone functionality. As an example, the mobile phone is a physical device, most people do not have access to a large number of mobile phones and acquiring an extra one incurs an additional cost. Finally, the mobile phone is highly standardized, so a method according to embodiments of the present invention can be used globally. Hence if a mobile phone can be uniquely identified, that identification can be used to identify its owner. The unique identification can be provided by a unique characteristic of the mobile physical authentication device with telephone functionality, or an account thereof, for example IMEI (International Mobile Equipment Identity) number, SIM (Subscriber Identity Module)-card number, device ID, ESN (Electronic Serial Number), IMSI (International Mobile Subscriber Identity. It turns out that for example the caller ID is a good way of identifying the mobile phone. For explanatory purposes, in the following the caller ID is taken as the unique characteristic of the mobile physical authentication device with telephone functionality or an account thereof, the present invention, however, not being limited thereto.

If using a mobile physical authentication device with telephone functionality, e.g. a mobile phone is required for authenticating, the security cannot easily be circumvented by a user. Obtaining another unique characteristic of the mobile physical authentication device with telephone functionality, e.g. a new caller ID, incurs costs (e.g. 10 euro or more, possibly much more), it is not easily feasible to obtain a large number of new caller IDs, and often a new caller ID needs to be activated, which takes some time. Hence there is not only a financial bar, but also timing plays a role. Obtaining and activating a new caller ID burns time and energy, and prevents people from reregistering on a online service over and over again with different IDs.

The authentication procedure in accordance with embodiments of the present invention may be based on a simple call with a mobile physical authentication device with telephone functionality, e.g. a mobile phone call. It is advantageous to limit to a mobile physical authentication device with telephone functionality, e.g. a mobile phone, over a fixed phone, because lots of public telephones are available, and the use of such public telephone could undermine the rationale behind the system according to embodiments of the present invention.

Making a call with a mobile physical authentication device with telephone functionality, e.g. a mobile phone call, is very simple, and not expensive for the user given that in particular embodiments the system can be implemented such that the user can call a local number or even a toll-free number.

Furthermore, making use of a mobile physical authentication device with telephone functionality, e.g. a mobile phone, can be implemented internationally and on large scale.

A schematic representation of a first registration of a user 20 to a first online service 21 in accordance with embodiments of the present invention is illustrated in FIG. 2. The registration method is described step by step below. In the embodiments described below, the mobile physical authentication device with telephone functionality is a mobile phone; the present invention, however, not being limited thereto.

A system onto which the method is applied comprises one or more online services 21 and a reputation server 22. The reputation server 22 is a web service which in principle can be called from any online service 21, but in practice can be called only from online services 21 subscribing to it. It is an advantage of embodiments of the present invention that a single reputation server 22 can be used for a plurality online services 21.

In a first step 1, a user 20 starts a registration procedure for creating an online service account for allowing the user to access an online service 21 such as an application accessible via a website, e.g. forum, chat, voting, photo sharing, video sharing, audio sharing, peer-to-peer network sharing, sending of e-cards, gaming (with accounts to allow users to play and/or to keep track of scores), blogs, social networking accounts, instant messages, account content paid for, downloading of software, support accounts, hosting, online auction accounts, online shopping accounts, electronic governmental accounts, etc. The registration procedure may be dependent on the online service. In embodiments of the present invention, the registration procedure may gather information from the user, like for example name, age and address details. The user may be requested to provide a username and a password. Alternatively, the system may provide a username and a password to the user, or a username may be provided by the user and a password by the system, or vice versa.

In a second step 2, the online service 21 sends a request to a reputation server 22 for a unique authentication code. Optionally, the online service 21 also sends, besides the request, also one or more authentication parameters. As an example, the request may be encrypted, or a public key may be sent with the request for encryption of the authentication code.

In a second step 3, the online service 21 receives the unique authentication code from the reputation server, for example 1234, the present invention not being bound by the format of the authentication code which can take on any suitable form. Optionally, the received authentication code may be in coded form, and may be decoded or decrypted by the online service 21.

In a fourth step 4, the online service 21 passes the unique authentication code to the user 20, together with a telephone number at the reputation server 22 to which the user 20 is asked to make a phone call with his or her mobile telephone and to enter the unique authentication code. The telephone number may be tailored to the user, for example it may be a local telephone number. This

may be obtained by the online service 21 requesting country, postal code, IP-address or similar data in order to provide a tailored telephone number.

In a fifth step, the user 20 calls the telephone number presented to him during step 4, and is in direct contact with the reputation server 22. The reputation server 22 stores reputation accounts for multiple users, each reputation account including at least a caller ID and a reputation score, for example a multidimensional reputation score. Depending on the set-up, the reputation score can have different formats. As an example, in case of a multidimensional reputation score, per reputation account, the reputation server may keep track of several reputation values: for example for spamming, for bullying, for creating offending messages, for lying about age or gender, etc. The values can be of any suitable type (Boolean, enumerations, integer, floating point, ...). Upon reception of a call, the reputation server 22 fetches the unique characteristic of the device with which the call is made or an account thereof, e.g. the caller ID (mobile telephone number). The user enters the unique authentication code which was presented to him or her during step 4. If the reputation server can read the unique characteristic and if the code has been entered correctly, the reputation server 22 first looks into the stored list of reputation accounts for the unique characteristic of the device or an account thereof, e.g. the caller ID. Two possibilities exist: either the unique characteristic, e.g. caller ID, or a function thereof, e.g. a hash value, is already stored there, with a corresponding reputation score; or the unique characteristic, e.g. caller ID, or a function thereof is not yet stored. If the unique characteristic, e.g. caller ID, or a function thereof is not yet stored, the reputation server 22 now stores this new unique characteristic, e.g. caller ID (mobile telephone number), and optionally provides it with standard values, e.g. 0 values for a reputation score.

If the unique characteristic, e.g. caller ID, is already stored in the list kept by the reputation server 22, the corresponding reputation score is retrieved.

The reputation server 22 knows to which online service 21 it has issued the particular unique authentication code just entered by the user 20 for authenticating, and based on this unique authentication code, in a sixth step, the reputation server 22 contacts the relevant online service 21 to inform it that the user 20 has registered correctly. The reputation server 22 sends to the online service 21 the following information:

An activation from the user 20 to which the online service 21 has presented the particular unique authentication code has been received.

The user 20 with that particular unique authentication code is attributed a unique reputation account ID as generated by the reputation server 22. In embodiments of the present invention the unique reputation account ID may for example be a function such as a hash value of the unique characteristic, e.g. caller ID (mobile telephone number). In alternative embodiments of

the present invention, the unique reputation account ID may for example be a random ID, such as a e.g. random number. The online service 21 may locally store the reputation account ID for future use, this reputation account ID being linked to the local online service account. Different reputation account ID's related to a single user, e.g. different hash values of the caller ID, may be generated for different online services, so that the online services cannot share amongst them information about particular users.

The reputation score attributed to the user 20 with this unique reputation account ID.

In a next step, not illustrated in FIG. 2, the online service 21 can grant or deny the user's creation of his or her online service account, based on the retrieved reputation score.

It is an advantage of the above method for centralized identity authentication that one single service, the reputation server, provides the technical infrastructure. The one single service may optionally physically be distributed over a plurality of servers, datacenters and/or geographically distributed locations. Online services wishing to make use of this service only have to subscribe to the service, and do not need to provide themselves technical infrastructure. Communication between the reputation server 22 and the online services 21 can take place by means of standard scripts. Hence costs are limited for the online services.

Furthermore, also for the user 20 the costs are limited: the phone call usually takes less than a minute. In accordance with embodiments of the present invention it is even possible to use a toll-free number. In accordance with alternative embodiments of the present invention, the user may have to call a paid number. In this latter case, the user pays for the telephone call, the service receives the money and can optionally transfer this amount or a part thereof to the online service provider.

It is a further advantage of a method according to embodiments of the present invention that privacy of the user may be kept protected. In accordance with embodiments of the present invention, the reputation server 22 does not need to store the identity of the user 20; it is sufficient if it only stores a value related to the caller ID (one or more reputation account IDs). The reputation server 22 may for example store the mobile telephone number or a function, e.g. a hashed value, thereof. Furthermore, the reputation server 22 does not share the caller ID of the user 20 with the online service 21, but only shares a unique reputation account ID (optionally a reputation account ID unique to that particular online service 21) generated at the side of the reputation server 22, e.g. in the form of a unique hash value of the caller ID. The online service 21 might keep information about its users (name, age, gender, ...) but it does not need to share this information with the reputation server 22. The reputation server 22 has information about the caller ID of the mobile phone used to authenticate, but it does not need to share this information with the online service 21. Hence, the reputation server 22 may keep information about users not knowing the real identity of the users. Since the reputation server 22 uses the user reputation account ID of the online service 21 to exchange information, and this reputation account ID can be different for different online services 21, online services can be set up so that they cannot directly exchange reputation information, but they can only do so through the reputation server 22.

The process when a same user registers for another online service is illustrated in FIG. 3. In this figure, arrows 7 to 12 correspond to arrows 1 to 6, but arrows 1 to 6 are for registration/authentication to a first online service 21, while arrows 7 to 12 are for registration/authentication to a second online service 31.

Every time a user 20 calls the reputation server 22 from the same mobile physical authentication device with telephone functionality, e.g. mobile phone, the online service 21, 31 will get back from the reputation server 22 a unique reputation account ID referring to the same user, and the corresponding reputation score. Hence the reputation server 22 effectively identifies the caller ID (mobile phone number), and hence also the user 21 provided that he or she always calls from the mobile physical authentication device with telephone functionality, e.g. mobile phone, with the same unique characteristic, e.g. caller ID, no matter how the user registered himself or herself at the online services, e.g. with same or different email address, with same or different user name, with same or different IP-address, etc. or from which country he or she is calling - hence independent from the online service account created.

By decoupling the online service account from the reputation account on two different platforms (online service account stored on the online service; reputation account stored on the reputation server), or thus by centralizing the reputation account on the reputation server 22, different online services can share information with each other, for example information about abuse. This way, a community where different online services 21 make use of the service of one and the same reputation server 22 can for example easily deal with people abusing the network. Online services 21 can report to the reputation server 22 which users 20 are abusing the network, which allows other online services 21 to for example ban these users 20 even before these other online services 21 get negative experiences with these particular users. This way, a combination is made of authentication and reputation. There does not need to be any link whatsoever between the different online services.

In accordance with embodiments of the present invention, such community feedback may be introduced once one of the online services, e.g. online service 31, blocks user 20 for a particular reason, for example for spamming. The online service 31 sends the unique identity code of the blocked user to the reputation server 22 (arrow 13 in FIG. 3), optionally together with the reason (for example spam). The reputation server 22 may then generate an updated reputation score. Hence in accordance with embodiments of the present invention, an updated reputation score is only generated based on administrated transactions, and not based on all transactions of a user. In accordance with embodiments of the present invention, in principle no reporting of transactions of a user is sent to the reputation server; only if the user misbehaves and gets banned from an online service a message is sent to the reputation server.

In particular embodiments, the reputation server 22 may then look for other online services 21 onto which the user 20 registered. Each of these online services 21 may receive an update of the reputation score associated with the unique reputation account ID of the blocked user, e.g. in the form of a rating (arrow 14 in FIG. 3). Arrows 14 to 18 return the updated reputation score to other online services. If the update of the reputation score is in the form of a rating, it may be such that the higher the number, the worse the reputation. It is up to the individual online services to decide whether or not to block user 21 based on this updated reputation score.

Also if user 20 registers to a new online service, this online service receives from the reputation server 22 the reputation score, e.g. rating, of the user 20, and can decide, based thereon to either block or allow the user, and/or to have moderators keep an eye on that user 20. Hence a bad reputation score may have significant impact for a user on a plurality of online services.

In embodiments of the present invention, the reputation score of the user 20 may be a multidimensional reputation score, storing different scores for different types of abuse. Where the reputation of a user 20 is expressed as a rating, this rating may be represented by a list of a plurality of numbers, one per abuse category. Regular users start at zero for every abuse category, and bad behavior will increase the value of one or more particular categories, wherein the increase of the value of one or more particular categories may optionally be depending on one or more gravity factors such as for example the type of abuse, the history of the user, the trustworthiness of the online service signaling the abuse, etc. It may be useful to distinguish between several abuse categories because not all categories are relevant for all online services. Examples of abuse categories are spam, slander, pedophilia, pornography, insulting, wrangler, placing negative reactions to tear down other users, collecting email addresses to contact people privately, libeling, vulgar behavior or language used, threatening, posting illegal content (viruses, intellectual property protected content), lying about gender or age or race, stalking.

When an online service reports a banned user to the reputation server, it may also give for example the abuse category and/or the severity on a scale, of for example 10, within that category. For practical reasons, the plurality of ratings may also be summarized in one global rating, for

example as a weighted average, different weights being attributed to different abuse categories and/or to different severities.

In accordance with particular embodiments of the present invention, the user may be notified by the reputation server, for example by SMS, of a changed reputation score, for example an increased reputation score after reception by the reputation server of a ban of one of the online services.

In accordance with embodiments of the present invention, the ratings may not be everlasting.

The ratings may be decreased over time, e.g. weekly, and eventually they may become zero again.

The rate of decrease may depend on the abuse category. Furthermore, in accordance with embodiments of the present invention, an online service which erroneously bans a user may be provided with tools for substantially instantaneously remove the ban on that user, for example by resenting the ratings. Also other online services can review their sanctions with respect to that user, based on the reset rating of the reputation score.

By centralizing all authentication requests at the reputation server, and by allowing online services to give feedback on their users, it is possible to collect user profile information across online services. This profile information may then be shared among the participating online services. The online services can ask for profile information about their existing or new users, for example age or gender, and they can base their admission policy on that information.

As an example, a user looking for opportunities to spread spam messages on online services will quickly find out that over time it is getting increasingly difficult to create new accounts at online services, even at online services he or she never used before.

An important advantage of the reputation server according to embodiments of the present invention is the protection of the privacy of the users. Keeping track of personal data is regulated by the privacy laws in most countries. As an example, in Belgium the individual is very well protected by the privacy law. Because of this law, the user must be granted at any time the right to consult the data the reputation server keeps about him or her. Fortunately, the reputation server in accordance with embodiments of the present invention does not keep information about persons, but about caller IDs.

It is an advantage of a reputation management system according to embodiments of the present invention that it is scalable. The reputation servers can be replicated and installed all over the world, creating the potential of tens of thousands of simultaneous authentications. By using multiple datacenters, almost 100% of uptime is possible.

The use of local phone numbers in different countries allows for a localized service per country or per region. All these phone calls can easily be rerouted to a restricted number of data centers, reducing the operational cost of the service.

The methods according to embodiments of the present invention are cheap, easy to use, not bound to a particular geographical region, and almost instantaneous for the user.

The course of internal processing at high level of a method according to embodiments of the present invention is illustrated in FIG. 4. This embodiment is only an example, meant to illustrate embodiments of the present invention, but not intended to limit the invention in any way. A user calls (message 40) the reputation server 22 with his or her mobile physical authentication device with telephone functionality, e.g. mobile phone. He or she enters the authentication code, and authentication code and unique characteristic of the device or an account thereof, e.g. caller ID, are provided (message 41) to a control unit of the reputation server. The control unit seeks out the online service requesting the authentication code, based on the authentication code in a database storing pending requests (message 42). Message 43 notifies to the control unit which one of the online services corresponds to the online service having been given the authentication code which it has presented to the user.

With the caller ID, a reputation score of the user can be fetched from a rating database (messages 44 and 45). The information in this rating database can be updated with feedback information (messages 46 and 47) from a feedback database storing events from the past of the user. The events may include transactions and/or feedback.

If no reputation account ID of the user is known yet, a reputation account ID is generated, for example in the embodiment illustrated in FIG. 4 by generating a hash value of the caller ID, and this reputation account ID is stored in the feedback database (messages 48 and 49). The reputation account ID is returned to the control unit (message 50).

This information is combined by the control unit, and sent to the interface to the external sites (message 51) where the user whishes to activate a user account. The interface receives the information in a suitable format such as e.g. XML, and converts it into usable information or commands internal to the software according to embodiments of the present invention. Once the software has performed its task and retrieved the information it needs, the interface then converts this information into a format suitable for sending the information to the online service (message 52), that receives this information and uses it for creation of an account.

The course of internal processing at high level when an online service reports a ban is illustrated in FIG. 5.

The feedback with respect to a user is reported by an online service to the control unit of the reputation server, by providing the reputation account and a feedback message (messages 60 and 61). This information is processed by the control unit and sent to the rating database (message 62), the rating database sends an update to the feedback database (message 63) which generates a new reputation score to be stored in the rating database (message 64).

Subsequently, a search is performed for online services which have registered this user corresponding to the ban (message 65). This information is sent back to the control unit (messages 66 and 67), which contacts each of the online services to provide the new reputation score of the user (messages 68, 69, 70, 71, 72 and 73).

One application of embodiments of the present invention is, as mentioned above, account creation and optionally user blocking.

Another application might be fast activation of an account. If a user wants to create an account with a hosting provider, he or she has to wait until payment of a corresponding amount has been received by the provider before the provider activates the account. With a method according to embodiments of the present invention, the provider might activate the user's account substantially immediately, provided the user makes the telephone call. The user's reputation (paid previously with other service providers as well) might be taken into account. Alternatively, the user's telephone might be used for paying the corresponding fee directly to the online service provider or to the reputation server.

Embodiments of the present invention can also be used for implementing a voting system. In this case, the different users allowed to vote should first be registered with the unique characteristic of their physical authentication device with telephone functionality or an account thereof, for example their mobile telephone number. Based on these unique characteristics, the reputation server generates all the necessary reputation accounts. In this embodiment, no extra accounts can be generated by a user making the call to the reputation server. Thereafter, the user can vote at a suitable moment in time, from any place in the world, by accessing a voting server (online service). In accordance with embodiments of the present invention, the users authenticate at the reputation server, and vote at the voting server. Because the reputation server keeps a list of the unique characteristics, it can be made sure that no double voting takes place. The online service receiving the votes, however, does not know the unique characteristics, but only receives the unique reputation ID from the reputation server, hence the voting remains anonymous. Optionally, later on the reputation server can be questioned as to whom has voted - without there being any link, however, to the vote itself.

While the invention has been illustrated and described in detail in the drawings and foregoing description, such illustration and description are to be considered illustrative or exemplary and not restrictive. The invention is not limited to the disclosed embodiments.

Other variations to the disclosed embodiments can be understood and effected by those skilled in the art in practicing the claimed invention, from a study of the drawings, the disclosure and the appended claims. In the claims, the word "comprising" does not exclude other elements or steps, and the indefinite article "a" or "an" does not exclude a plurality. The mere fact that certain measures are recited in mutually different dependent claims does not indicate that a combination of these measures cannot be used to advantage.

The foregoing description details certain embodiments of the invention. It will be appreciated, however, that no matter how detailed the foregoing appears in text, the invention may be practiced in many ways. It should be noted that the use of particular terminology when describing certain features or aspects of the invention should not be taken to imply that the terminology is being re-defined herein to be restricted to include any specific characteristics of the features or aspects of the invention with which that terminology is associated.