WO2011154742A1 - A method for uniquely identifying a personal computing device to prevent the abuse of trial periods in a digital media content service - Google Patents

A method for uniquely identifying a personal computing device to prevent the abuse of trial periods in a digital media content service Download PDF

Info

Publication number
WO2011154742A1
WO2011154742A1 PCT/GB2011/051081 GB2011051081W WO2011154742A1 WO 2011154742 A1 WO2011154742 A1 WO 2011154742A1 GB 2011051081 W GB2011051081 W GB 2011051081W WO 2011154742 A1 WO2011154742 A1 WO 2011154742A1
Authority
WO
WIPO (PCT)
Prior art keywords
unique identifier
digital media
computing device
service
cimv2
Prior art date
Application number
PCT/GB2011/051081
Other languages
French (fr)
Inventor
Philip Sant
Matt Tighe
Neal Hart
Original Assignee
Omnifone Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Priority claimed from GBGB1009646.9A external-priority patent/GB201009646D0/en
Priority claimed from GBGB1009648.5A external-priority patent/GB201009648D0/en
Priority claimed from GBGB1009650.1A external-priority patent/GB201009650D0/en
Priority claimed from GBGB1009655.0A external-priority patent/GB201009655D0/en
Application filed by Omnifone Ltd filed Critical Omnifone Ltd
Publication of WO2011154742A1 publication Critical patent/WO2011154742A1/en

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/10Protecting distributed programs or content, e.g. vending or licensing of copyrighted material ; Digital rights management [DRM]
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/70Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
    • G06F21/71Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information
    • G06F21/73Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information by creating or determining hardware identification, e.g. serial numbers
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2129Authenticate client device independently of the user

Definitions

  • This invention relates to a method for uniquely identifying a personal computing device to prevent the abuse of trial periods in a digital media content service.
  • trial periods are used as a method of encouraging users to experience the service at low or no cost for a short to medium term period followed by a transitioning of such consumer into a paying and satisfied long term subscriber.
  • gaming consoles may have such a fixed devicelD embedded into them, the far more commonplace personal computer often does not.
  • the present invention provides a method to overcome this deficiency by disclosing a mechanism for uniquely identifying a personal computing device in order to determine whether that device is entitled to a trial period in a digital media content service.
  • the present invention provides a method for uniquely identifying a personal computing device in order to determine whether that device is, for example, entitled to a trial period in a digital media content service.
  • the invention is a method for uniquely identifying a computing device, comprising the steps of: using a tool to read or construct a unique identifier for the device, the tool being a browser plug-in that is programmed to read or construct the unique identifier from one or more Microsoft WindowsTM management instrumentation sources and is programmed to provide that unique identifier to a remote digital media service.
  • FIG. 1 Other aspects of the invention are a computing device uniquely identified using the above method and a system comprising a digital media service and multiple computing devices, each uniquely identified using the above method a.
  • the method comprises steps which— taken in combination— result in a robust unique identifier for the computing device on which those steps are performed.
  • Figure 1 is a flowchart illustrating the operation of the invention.
  • Figure 2 is a screen shot that shows that multiple attempts to enable a trial period are denied.
  • music and “media content” in this document are to be taken to encompass all “media content” which is in digital form or which it is possible to convert to digital form - including but not limited to books, magazines, newspapers and other periodicals, video in the form of digital video, motion pictures, television shows (as series, as seasons and as individual episodes), computer games and other interactive media, images (photographic or otherwise) and music.
  • track indicates a specific item of media content, whether that be a song, a television show, an eBook or portion thereof, a computer game or any other discreet item of media content.
  • playlist and "album” are used interchangeably to indicate collections of “tracks” which have been conjoined together such that they may be treated as a single entity for the purposes of analysis or recommendation.
  • digital media catalogue digital music catalogue
  • media catalogue media catalogue
  • catalog catalogs
  • the terms “digital media catalogue”, “digital music catalogue”, “media catalogue” and “catalogue” are used interchangeably to indicate a collection of tracks and/ or albums to which a user may be allowed access for listening purposes.
  • the digital media catalogue may aggregate both digital media files and their associated metadata or, in another example embodiment, the digital media and metadata may be delivered from multiple such catalogues. There is no implication that only one such catalogue exists, and the term encompasses access to multiple separate catalogues simultaneously, whether consecutively, concurrently or by aggregation.
  • the actual catalogue utilised by any given operation may be fixed or may vary over time and/ or according to the location or access rights of a particular device or end-user.
  • DRM Digital Rights Management
  • the verbs "to listen”, “to view” and “to play” are to be taken as encompassing any interaction between a human and media content, whether that be listening to audio content, watching video or image content, reading books or other textual content, playing a computer game, interacting with interactive media content or some combination of such activities.
  • device and “media player” are used interchangeably to refer to any computational device which is capable of playing digital media content, including but not limited to MP3 players, television sets, home entertainment system, home computer systems, mobile computing devices, games consoles, handheld games consoles, IVEs or other vehicular-based media players or any other applicable device or software media player on such a device. Something essentially capable of playback of media. Where applicable, “device” may refer to the device alone or to the combination of the device and the CloudStick.
  • the intention of the present invention is to produce a unique identifier for a computing device which does not have such an identifier built into it at the manufacturing stage.
  • it is intended for application on personal computers rather than on devices, such as games consoles, which provide a unique and unchangeably identifier which can be readily checked.
  • Figure 1 is a flowchart illustrating the operation of an implementation of the invention.
  • a DevicelD detecting Browser Plug-in For new Microsoft WindowsTM PCs, a DevicelD detecting Browser Plug-in, 'DevicelD ⁇ , may be pre-installed in all browsers delivered with all new Computers. This solution delivers the maximum DevicelD recognition capabilities and requires no painful user authorization process to use. For legacy PCs, that plug-in may still be utilized but users may opt not to install it, in which case other methods - as disclosed below - are to be used.
  • the DevicelD BPI retrieves unique information from potentially many Windows Management Instrumentation sources, including logic such as:
  • this value is then hashed using SHA256 to obfuscate it.
  • the DevicelD BPI is not itself trying to determine if this device is entitled to a trial period, it is merely a device identification mechanism. It is the digital media service back-end (with the assistance of the client's own network platform, where applicable) which is determining if a trial period can be delivered to the device. It should also be noted that if BPIs are not acceptable for reasons other than those related to their install process, then the Web DevicelD mechanism can be used for new PCs.
  • the DevicelD BPI is very hard to circumvent and really only would be achievable by experienced hackers. This falls well within the major labels criteria for 'doesn't easily allow abuse'. In fact the DevicelD BPI route is very hard to abuse.
  • Web DevicelD mechanism is used which is a combination of three components available in all target web browsers which allow storage of persistent information.
  • the primary of these mechanisms is achieved using Flash, where it is present on the target device.
  • Flash SharedObjects in the preferred embodiment, as a primary prevention mechanism and both cookies and browser local storage as secondary prevention mechanisms.
  • the service 'CustomerClientGUID' is stored and persisted on the device. That 'CustomerClientGUID' is a non-personal unique user/device identifier which is generated by the service's back-end and stored against the user's user record.
  • the user's user record is itself related to an network account ID, where the service is linked with a network account on which user's have uniquely identifiable records.
  • the service's web application on the device sends the CustomerClientGUID to the service platform.
  • the service platform first checks if the client's network believes that this user (the network account related to this CustomerCUentGUID) is entitled to another trial period.
  • the service platform confirms that this CustomerCUentGUID has no record of being given a trial period before. It should be noted that unless a user goes through the difficult circumvention mechanism described below then they wiU not be given another trial period even if they have gone to the trouble of creating another network account.
  • Flash SharedObjects provide the abiUty for a Flash application (in this example the service web appUcation flash component) to persist local data.
  • Data stored in Flash SharedObjects is stored independently of particular browsers and so provides a cross- browser solution.
  • the Web DevicelD mechanism uses a Flash SharedObject to store the ClientCustomerGUID. This is normally possible without any user interaction or approval because the default setting for Flash is to aUow new sites to use Flash SharedObjects.
  • the user is notified that in order to proceed they need to enable Flash SharedObjects.
  • the UI will display an adequate on screen explanation of how to do this - that said the user should actually only be in this situation because they have previously used this control to change from the default setting and therefore they know what they are doing.
  • the service web application will store the user's CustomerCUentGUID using this mechanism. If the DevicelD check finds there is no CustomerCUentGUID stored as a Flash SharedObject, then the cookies will be checked for same and the CustomerCUentGUID sent to the service platform if found. In these situations users wiU be told that they have used their trial period and offered a paid-for proposition.
  • All target browsers offer (in one way or another - see fig.3) a browser based local storage mechanism which the Music web application, if aUowed, wiU use to store the user's CustomerCUentGUID .
  • the service web appUcation wiU check local browser storage methods (based on browser type).
  • the CustomerCUentGUID is sent to the digital media services platform if found. In these situations users will be told that they have used their trial period and offered a paid- for proposition.
  • Flash SharedObjects must be available to access trial periods.
  • the Web DevicelD mechanism falls well within the major labels criteria for 'doesn't easily allow abuse'. This is especially so given that this process needs to be performed on expiry of each trial period (a period likely to be once every month). The major labels believe that people willing to go to these lengths every month will already be determined P2P files sharers.

Abstract

The present invention provides a method for uniquely identifying a personal computing device in order to determine whether that device is, for example, entitled to a trial period in a digital media content service. The invention is a method for uniquely identifying a computing device, comprising the steps of: using a tool to read or construct a unique identifier for the device, the tool being a browser plug-in that is programmed to read or construct the unique identifier from one or more Microsoft Windowsª management instrumentation sources and is programmed to provide that unique identifier to a remote digital media service.

Description

A METHOD FOR UNIQUELY IDENTIFYING A PERSONAL COMPUTING DEVICE TO PREVENT THE ABUSE OF TRIAL PERIODS IN A DIGITAL MEDIA CONTENT SERVICE.
BACKGROUND OF THE INVENTION
1. Field of the Invention
This invention relates to a method for uniquely identifying a personal computing device to prevent the abuse of trial periods in a digital media content service.
2. Description of the Prior Art
Historically, digital media content services have been reluctant to offer trial periods - periods during which access to the digital media content is free or is provided at a reduced rate - to users because of the great potential for abuse of such periods.
For example, suppose that a given digital content service wishes to deliver either a free 30 day or ultra-discounted three month period ('trial period') service proposition to the service's users. Such trial periods are used as a method of encouraging users to experience the service at low or no cost for a short to medium term period followed by a transitioning of such consumer into a paying and satisfied long term subscriber.
Such free and ultra-discounted periods are perceived by the rights owners as an effective way to encourage up-sell to a paid-for service and therefore a source of recurring digital music revenues. Understandably, however, the rights holders require parties utilizing such trial periods to have reasonable mechanisms in place that effectively stop trial periods being easily abused, e.g. a consumer using 30 day free trials every month, and so receiving a fully paid-for service at no cost on an ongoing basis.
This has historically been achieved using the unique embedded device identifier information (DevicelD) built into the device at manufacture time. These DevicelDs are unique and can be presented up to the service in exchange for a trial period entitlement and the 'back-end' can record the fact that this DevicelD has received it's one-time trial period and therefore that same device will not be offered a trial period again as the entidement has been consumed. This mechanism restricts a consumer to be able to take up a trial period only once on each device.
However, such capability is not necessarily available for valid technical reasons. For example, while gaming consoles may have such a fixed devicelD embedded into them, the far more commonplace personal computer often does not.
The present invention provides a method to overcome this deficiency by disclosing a mechanism for uniquely identifying a personal computing device in order to determine whether that device is entitled to a trial period in a digital media content service.
SUMMARY OF THE INVENTION
The present invention provides a method for uniquely identifying a personal computing device in order to determine whether that device is, for example, entitled to a trial period in a digital media content service. The invention is a method for uniquely identifying a computing device, comprising the steps of: using a tool to read or construct a unique identifier for the device, the tool being a browser plug-in that is programmed to read or construct the unique identifier from one or more Microsoft Windows™ management instrumentation sources and is programmed to provide that unique identifier to a remote digital media service.
Other aspects of the invention are a computing device uniquely identified using the above method and a system comprising a digital media service and multiple computing devices, each uniquely identified using the above method a.
The method comprises steps which— taken in combination— result in a robust unique identifier for the computing device on which those steps are performed.
The Rights Holders of digital media content - such as the four major music labels, who are the key parties that must sign-off such abuse prevention measures - tend to take a pragmatic approach to these free trial abuse situations.
That is, they are well aware that in many such instances total prevention of abuse is not realistic and demanding such would deny them a revenue stream. In this particular situation the labels share an opinion that solution providers should take reasonable steps to make abuse difficult. They are firmly of the belief that those users who would invest the time to take multiple steps so as to benefit from an additional trial period are likely to be the same users who currently easily steal all their music already - i.e. no net loss, but potential significant gain from users who are currently not engaged in digital music at all. BRIEF DESCRIPTION OF THE DRAWING
Figure 1 is a flowchart illustrating the operation of the invention.; Figure 2 is a screen shot that shows that multiple attempts to enable a trial period are denied.
DETAILED DESCRIPTION
Definitions
For convenience, and to avoid needless repetition, the terms "music" and "media content" in this document are to be taken to encompass all "media content" which is in digital form or which it is possible to convert to digital form - including but not limited to books, magazines, newspapers and other periodicals, video in the form of digital video, motion pictures, television shows (as series, as seasons and as individual episodes), computer games and other interactive media, images (photographic or otherwise) and music.
Similarly, the term "track" indicates a specific item of media content, whether that be a song, a television show, an eBook or portion thereof, a computer game or any other discreet item of media content.
The terms "playlist" and "album" are used interchangeably to indicate collections of "tracks" which have been conjoined together such that they may be treated as a single entity for the purposes of analysis or recommendation.
The terms "digital media catalogue", "digital music catalogue", "media catalogue" and "catalogue" are used interchangeably to indicate a collection of tracks and/ or albums to which a user may be allowed access for listening purposes. The digital media catalogue may aggregate both digital media files and their associated metadata or, in another example embodiment, the digital media and metadata may be delivered from multiple such catalogues. There is no implication that only one such catalogue exists, and the term encompasses access to multiple separate catalogues simultaneously, whether consecutively, concurrently or by aggregation. The actual catalogue utilised by any given operation may be fixed or may vary over time and/ or according to the location or access rights of a particular device or end-user.
The abbreviation "DRM" is used to refer to a "Digital Rights Management" system or mechanism used to grant access rights to a digital media file.
The verbs "to listen", "to view" and "to play" are to be taken as encompassing any interaction between a human and media content, whether that be listening to audio content, watching video or image content, reading books or other textual content, playing a computer game, interacting with interactive media content or some combination of such activities.
The terms "user", "consumer", "end user" and "individual" are used interchangeably to refer to the person, or group of people making use of the facilities provided by the CloudStick. In all cases, the masculine includes the feminine and vice versa.
The terms "device" and "media player" are used interchangeably to refer to any computational device which is capable of playing digital media content, including but not limited to MP3 players, television sets, home entertainment system, home computer systems, mobile computing devices, games consoles, handheld games consoles, IVEs or other vehicular-based media players or any other applicable device or software media player on such a device. Something essentially capable of playback of media. Where applicable, "device" may refer to the device alone or to the combination of the device and the CloudStick.
Anti Abuse Solution
The intention of the present invention is to produce a unique identifier for a computing device which does not have such an identifier built into it at the manufacturing stage. Thus, it is intended for application on personal computers rather than on devices, such as games consoles, which provide a unique and unchangeably identifier which can be readily checked.
Once the identifier is obtained, it may then be used, in the preferred embodiment, to verify whether or not that device has previously taken part in a trial period for a digital media subscription service, and therefore used to determine whether or not such a trial period may be granted. Figure 1 is a flowchart illustrating the operation of an implementation of the invention.
The DevicelD Browser Plug-In
For new Microsoft Windows™ PCs, a DevicelD detecting Browser Plug-in, 'DevicelD ΒΡΓ, may be pre-installed in all browsers delivered with all new Computers. This solution delivers the maximum DevicelD recognition capabilities and requires no painful user authorization process to use. For legacy PCs, that plug-in may still be utilized but users may opt not to install it, in which case other methods - as disclosed below - are to be used.
Similarly, for non-Microsoft Windows™ computing devices, the other methods disclosed below are to be used.
Where it can be installed, the DevicelD BPI retrieves unique information from potentially many Windows Management Instrumentation sources, including logic such as:
First check availability of:
root\CIMV2\Win32_ComputerSystemProduct.UUID
If not present (or an 'empty' UUID) use:
root\CIMV2\Win32_ComputerSystemProduct.IdentifyingNumber If not present use:
root\CIMV2\Win32_BaseBoard.Product PLUS
root\CIMV2\Win32_BaseBoard.SerialNumber PLUS
root\CIMV2\Win32_BaseBoard.Version
If all three of the above aren't present use:
root\CIMV2\Win32_DiskDrive.DeviceID
...where its corresponding DevicelD is contained within an entry in:
root\CIMV2\Win32_DiskDriveToDiskPartition
which is selected by finding the entry in:
root\CIMV2\Win32_LogicalDiskToPartition
...that contains the root (e.g C:\ or D:\ or K:) of the directory contained in:
root\CIMV2\Win32_OperatingSystem.WindowsDirectory
In the preferred embodiment, this value is then hashed using SHA256 to obfuscate it.
It is important to note that the DevicelD BPI is not itself trying to determine if this device is entitled to a trial period, it is merely a device identification mechanism. It is the digital media service back-end (with the assistance of the client's own network platform, where applicable) which is determining if a trial period can be delivered to the device. It should also be noted that if BPIs are not acceptable for reasons other than those related to their install process, then the Web DevicelD mechanism can be used for new PCs.
How to abuse the DevicelD BPI Solution
The DevicelD BPI is very hard to circumvent and really only would be achievable by experienced hackers. This falls well within the major labels criteria for 'doesn't easily allow abuse'. In fact the DevicelD BPI route is very hard to abuse.
If the DevicelD BPI is uninstalled then the system will fall back to the Web DevicelD solution (see below) for making trial period abuse not easily achievable.
Where The DevicelD BPI Is Not Available
There are many circumstances where the DecidelD BPI approach disclosed above is not applicable. For example, where a company wishes to offer users trial periods to Music on PCs which are not new devices shipped by that client and can therefore not benefit from a preinstalled DevicelD BPI solution, where the user declined to install the browser plug- in or where the service is to operate on a non-Microsoft Windows™ computing device.
In these situations the Web DevicelD mechanism is used which is a combination of three components available in all target web browsers which allow storage of persistent information. The primary of these mechanisms is achieved using Flash, where it is present on the target device.
To make trial period circumvention difficult the Web DevicelD solution utilizes Flash SharedObjects, in the preferred embodiment, as a primary prevention mechanism and both cookies and browser local storage as secondary prevention mechanisms.
Using a combination of at least the primary mechanism with the addition of all available secondary mechanisms the service 'CustomerClientGUID' is stored and persisted on the device. That 'CustomerClientGUID' is a non-personal unique user/device identifier which is generated by the service's back-end and stored against the user's user record. In one example embodiment, the user's user record is itself related to an network account ID, where the service is linked with a network account on which user's have uniquely identifiable records.
When the user requests access to a proposition that includes a trial period, the service's web application on the device sends the CustomerClientGUID to the service platform. The service platform first checks if the client's network believes that this user (the network account related to this CustomerCUentGUID) is entitled to another trial period.
Additionally the service platform confirms that this CustomerCUentGUID has no record of being given a trial period before. It should be noted that unless a user goes through the difficult circumvention mechanism described below then they wiU not be given another trial period even if they have gone to the trouble of creating another network account.
Primary Prevention Mechanism: Flash SharedObject
Flash SharedObjects provide the abiUty for a Flash application (in this example the service web appUcation flash component) to persist local data. Data stored in Flash SharedObjects is stored independently of particular browsers and so provides a cross- browser solution.
The Web DevicelD mechanism uses a Flash SharedObject to store the ClientCustomerGUID. This is normally possible without any user interaction or approval because the default setting for Flash is to aUow new sites to use Flash SharedObjects.
In the exceptional condition where the user has disabled the use of Flash SharedObjects this is detected at the point where the user has requested entitlement to a proposition containing a trial period. There are then two UI flows which are available:
1. The user is notified that in order to proceed they need to enable Flash SharedObjects. The UI will display an adequate on screen explanation of how to do this - that said the user should actually only be in this situation because they have previously used this control to change from the default setting and therefore they know what they are doing.
2. The system only offers the user a paid-for proposition, not a trial period. Users in this situation wiU be a small minority of users so this may be a more acceptable user experience.
The Web DevicelD logic makes it difficult to achieve repeated trial periods even if the user creates a new network account. The majority of users in this situation would see the message in FIGURE 2 with a Unk to paid-for service; Multiple attempts to enable a trial period are denied. Second Prevention Mechanisms
In addition to the primary prevention mechanism in Web DevicelD two other techniques are used: cookies and other browser based local storage mechanisms. In and of themselves these two techniques do not present a huge barrier to abuse given that two cache clear actions or one clear entire cache action can circumvent them. That said they are used in Web DevicelD to include an extra step (or two based on browser type) that the user must take in order to try and circumvent the abuse prevention mechanism.
Browser Cookies
Where cookies are available the service web application will store the user's CustomerCUentGUID using this mechanism. If the DevicelD check finds there is no CustomerCUentGUID stored as a Flash SharedObject, then the cookies will be checked for same and the CustomerCUentGUID sent to the service platform if found. In these situations users wiU be told that they have used their trial period and offered a paid-for proposition.
Browser Local Storage Solutions
All target browsers offer (in one way or another - see fig.3) a browser based local storage mechanism which the Music web application, if aUowed, wiU use to store the user's CustomerCUentGUID .
If the DevicelD check finds there is no CustomerCUentGUID stored as a Flash SharedObject and that there is no CustomerCUentGUID stored in a cookie then the service web appUcation wiU check local browser storage methods (based on browser type).
The CustomerCUentGUID is sent to the digital media services platform if found. In these situations users will be told that they have used their trial period and offered a paid- for proposition.
TABLE 1 provides an overview of the storage location mechanism used in various browsers. Browser Storage Location
Internet Explorer IE6: userData persistence
IE7: userData persistence
IE8: HTML5 localStorage
Firefox FF2: Gecko DOM Storage
FF3: Gecko DOM Storage
FF3.5: HTML5 localStorage
Safari 3.1: HTML5 DB storage
3.2: HTML5 DB storage
4: HTML5 localStorage
Chrome Gears DB
Opera Opera 10.5: HTML5 localStorage
TABLE 1: Methods available to provide non-cookie local storage in various web browsers.
How to abuse the Web DevicelD Solution
In order to circumvent the Web DevicelD anti trial period abuse solution the user will need to perform the following complicated series of actions (not necessarily in this order):
1. Create or sign -in to a network platform account, where such a network platform account is utilized by the digital media service. This account, in the preferred embodiment, will have had a credit card entered and a confirmed email address.
2. Discover, be offered and consume a trial period.
3. Create a new email address.
4. Create a new network account.
5. Confirm email address.
6. Enter credit card details in the network account.
7. Clear browser cookie and local storage cache or clear entire cache. 8. Locate Flash SharedObject storage manager, identify and delete service Flash SharedObjects.
9. Restart browser and login (with new network account details, where applicable) In the preferred embodiment, Flash SharedObjects must be available to access trial periods.
The Web DevicelD mechanism falls well within the major labels criteria for 'doesn't easily allow abuse'. This is especially so given that this process needs to be performed on expiry of each trial period (a period likely to be once every month). The major labels believe that people willing to go to these lengths every month will already be determined P2P files sharers.

Claims

1. A method for uniquely identifying a computing device, comprising the steps of: using a tool to read or construct a unique identifier for the device, the tool being a browser plug-in that is programmed to read or construct the unique identifier from one or more Microsoft Windows management instrumentation sources and is programmed to provide that unique identifier to a remote digital media service.
2. The method of claim 1 where the tool reads or constructs the unique identifier for the device using the values from one or more of the files:
root\CIMV2\Win32_ComputerSystemProduct.UUID,
root\CIMV2\Win32_ComputerSystemProduct.IdentifyingNumber,
root\CIMV2\Win32_BaseBoard.Product PLUS,
root\CIMV2\Win32_BaseBoard.SerialNumber PLUS,
root\CIMV2\Win32_BaseBoard.Version,
root\CIMV2\Win32_DiskDrive.DeviceID,
root\CIMV2\Win32_DiskDriveToDiskPartition,
root\CIMV2\Win32_LogicalDiskToPartition,
root\CIMV2\Win32_OperatingSystem.WindowsDirectory or any other files which contain identifiers for the computing device.
3. The method of Claim 1 or 2 in which the unique identifier is (i) stored in the device and also (ii) stored in a server for the digital media service against a record associated with the device.
4. The method of any preceding Claim including the step of storing a further unique identifier in a web browser or browser plug-in, that further unique identifier being generated by the remote digital media service.
5. The method of Claim 4 in which the further unique identifier is stored on the device as a Flash SharedObject.
6. The method of Claim 4 or 5 in which a further unique identifier is stored on the device as a web browser cookie.
7. The method of claim 4— 6 in which a further unique identifier is stored on the device in web browser local storage.
8. The method of any preceding Claim 4— 7 in which the further unique identifier is provided to the remote digital media service.
9. The method of any preceding Claim 4— 8 in which the browser plug-in tool is not used to read or construct or send the unique identifier from the Microsoft Windows management instrumentation sources, and instead only the further unique identifier, generated by the remote digital media service, is stored on the device.
10. A method for uniquely identifying a computing device, comprising the steps of storing a further unique identifier in a web browser or browser plug-in, that further unique identifier being generated by a remote digital media service, and the device sending that further unique identifier to a (or the said) remote digital media service, where the further unique identifier is used to determine whether or not a trial period for a service has been utilized on the computing device.
11. The method of Claim 10 in which the further unique identifier is stored on the device as a Flash SharedObject.
12. The method of Claim 10 or 11 in which a further unique identifier is stored on the device as a web browser cookie.
13. The method of claim 10 - 12 in which a further unique identifier is stored on the device in web browser local storage.
14. The method of any preceding claim where the unique identifier or the further unique identifier for the computing device is not imprinted into that device at the time of manufacture.
15. The method of any preceding claim 1— 10 where the unique identifier or the further unique identifier for the computing device is imprinted into that device at the time of manufacture.
16. The method of any preceding claim where the unique identifier or the further unique identifier is obfuscated or encrypted using SHA256 or any other hashing or encryption mechanism.
17. The method of any preceding claim where the unique identifier or the further unique identifier is assigned by one or more remote servers and retrieved by a client application running on the device via one or more requests to that/ those remote server(s).
18. The method of any preceding claim where the unique identifier or the further unique identifier is linked to the identifying value read or constructed by the tool.
19. The method of any preceding claim where the unique identifier or the further unique identifier is used to determine whether or not a trial period for a service has been utilized on the computing device.
20. The method of Claim 19 where a server at the remote digital media service determines whether or not the trial period for a service has been utilized on the computing device.
21. The method of Claim 19or 20 including the further step of granting or denying the trial period for the service.
22. The method of any preceding claim where the service is a digital media content service.
23. The method of any preceding claim where the computing device is a personal computer, games console, mobile phone, smartphone, handset, tablet device, In- Vehicular Entertainment system or any other computing device.
24. A computing device uniquely identified using a method of any preceding claim 1 - 23.
25. A system comprising a digital media service and multiple computing devices as defined in Claim 24.
PCT/GB2011/051081 2010-06-09 2011-06-09 A method for uniquely identifying a personal computing device to prevent the abuse of trial periods in a digital media content service WO2011154742A1 (en)

Applications Claiming Priority (8)

Application Number Priority Date Filing Date Title
GB1009650.1 2010-06-09
GB1009648.5 2010-06-09
GBGB1009646.9A GB201009646D0 (en) 2010-06-09 2010-06-09 Digital media subscription service subscription and lifecycle management
GBGB1009648.5A GB201009648D0 (en) 2010-06-09 2010-06-09 Digital media service trial period abuse prevention
GBGB1009650.1A GB201009650D0 (en) 2010-06-09 2010-06-09 Multi-device digital media subscription service
GB1009646.9 2010-06-09
GB1009655.0 2010-06-09
GBGB1009655.0A GB201009655D0 (en) 2010-06-09 2010-06-09 Patent dump

Publications (1)

Publication Number Publication Date
WO2011154742A1 true WO2011154742A1 (en) 2011-12-15

Family

ID=44310271

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/GB2011/051081 WO2011154742A1 (en) 2010-06-09 2011-06-09 A method for uniquely identifying a personal computing device to prevent the abuse of trial periods in a digital media content service

Country Status (2)

Country Link
GB (1) GB2481133A (en)
WO (1) WO2011154742A1 (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US10652365B2 (en) 2016-01-06 2020-05-12 Adobe Inc. Robust computing device identification framework

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20020106081A1 (en) * 2000-12-28 2002-08-08 Ta-Kuang Yang Multiple registration system and method of using the same account for registering different device to a DRC server
US7272628B1 (en) * 2000-07-25 2007-09-18 Adobe Systems Incorporated Communicating data using an HTTP client
US20090089420A1 (en) * 2007-10-01 2009-04-02 Michael Caruso Flash tracking system and method

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7272628B1 (en) * 2000-07-25 2007-09-18 Adobe Systems Incorporated Communicating data using an HTTP client
US20020106081A1 (en) * 2000-12-28 2002-08-08 Ta-Kuang Yang Multiple registration system and method of using the same account for registering different device to a DRC server
US20090089420A1 (en) * 2007-10-01 2009-04-02 Michael Caruso Flash tracking system and method

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
"HTTP Cookie", 3 February 2010 (2010-02-03), XP002656203, Retrieved from the Internet <URL:http://web.archive.org/web/20100203123514/http://en.wikipedia.org/wiki/HTTP_cookie> [retrieved on 20110805] *

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US10652365B2 (en) 2016-01-06 2020-05-12 Adobe Inc. Robust computing device identification framework
US11418570B2 (en) 2016-01-06 2022-08-16 Adobe Inc. Robust computing device identification framework

Also Published As

Publication number Publication date
GB2481133A (en) 2011-12-14
GB201109666D0 (en) 2011-07-27

Similar Documents

Publication Publication Date Title
US11775355B2 (en) Systems and methods for controlling a local application through a web page
US11409891B2 (en) Method and system for providing digital media rental
US11190822B2 (en) Digital audio-video content mobile library
US8539233B2 (en) Binding content licenses to portable storage devices
US8105165B2 (en) Controlling interaction between protected media
US20160205113A1 (en) Method For Sharing A Media Collection In A Network Environment
US20080109910A1 (en) Content borrowing system and method
US20090260067A1 (en) Method and system for legitimate lending and sharing of digital copyrighted content items over a data network
US8752187B2 (en) Portable license server
JP2009535735A (en) Content management system and method
US20090006261A1 (en) Portable device for carrying licenses
US20080148349A1 (en) Authorization to use content
JP2007510985A (en) Different permissions for control points in media provider entities
WO2011154742A1 (en) A method for uniquely identifying a personal computing device to prevent the abuse of trial periods in a digital media content service
US11641359B2 (en) System for connecting computing devices
KR20040038456A (en) A drm apparatus and method for sharing the digital contents in the home server
CN101084497A (en) Managing unprotected and protected content in private networks

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 11726935

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 11726935

Country of ref document: EP

Kind code of ref document: A1