The present disclosed technology relates to systems and methods for providing a personalized browsing experience.
Website providers often desire to personalize the appearance of their webpages to individual users. For example, online retailers may desire to display recommended items to a user on their homepage, and potentially to customize those products to a particular user. As another example, news websites may want to deliver a webpage customized to a user's interest. Conventional systems and methods for providing this type of personalization typically require the user to login to an account that contains personalization information, or to obtain personalization information and assign it to site-specific cookies. Rather than either directly collecting this information, websites can resort to other potentially intrusive methods. For example, a website may require a user to connect the website to one of their social media accounts to provide personal data. Users may not want to provide this connection because of the risk that irrelevant, and potentially confidential private information may be inadvertently shared with that website. Alternatively, websites could turn to tracking cookies, which are services that track a user from website to website by embedding a tracking cookie in the user's browser.
Thus, conventional approaches to personalized browsing thus suffer from numerous limitations felt by both the website provider and the user. For example, website providers must go to great lengths to collect this information from users, and once collected, websites frequently cannot or do not wish to share that information with other websites, leading to duplicated effort. Users can become frustrated with websites that require registration and a log-in prior to providing useful information. Further, many users are concerned that indirect information collection methods may invade their privacy or compromise their identity. Users can further prevent indirect information collection methods from functioning by refusing to connect their social media accounts, setting their browsers to include “Do Not Track” requests to websites, and directly blocking tracking cookies or connections to domains known to be used for tracking.
What is needed is a technique to allow for websites to provide a personalized browsing experience to each user without some or all of these limitations. Embodiments of the present disclosure include systems and methods to allow websites to provide personalized browsing experiences while providing users control over the personal information provided to websites.
Some embodiments of the present disclosed technology relate to a method for providing a personalized browsing experience, comprising receiving at a browser one or more items of personalization data from a user, receiving a request from a user for a web site from a web server, and appending the one or more items of personalization data to the request for a web site.
In some embodiments, the step of appending the one or more items of personalization data to the request includes appending a cookie to the request containing the one or more items of personalization data. In some embodiments, appending a cookie to the request is performed prior to receiving a response from the web server indicating that a cookie with the same key as the appended cookie should be set by the browser. In some embodiments, the one or more items of personalization data is selected as a subset of a list of stored personalization data for the user. In some embodiments, the one or more items of personalization data are selected from a profile selected from one or more profiles associated with the user. In some embodiments, one or more of the steps of receiving one or more items of personalization data, receiving a request from a user for a web site, and appending the one or more items of personalization data to the request is performed by a browser add-on. In some embodiments, the subset of a list of stored personalization data is selected from a database of types of personalization data accepted by the web site requested by the user. In some embodiments, the subset of a list of stored personalization data is selected based on a user preference applicable to the web site requested by the user.
Some embodiments of the present disclosed technology relate to a method for providing a personalized browsing experience, comprising receiving an outgoing request to a web server for a website at a browser, determining whether at least one kind of personalization data corresponding to a user of the browser can be sent to the web site, and appending the at least one kind of personalization data corresponding to a user of the browser to the outgoing request based on a positive determination that the personalization data can be sent to the web site, or refraining from appending the at least one kind of personalization data corresponding to a user of the browser to the outgoing request based on a negative determination that the personalization data can be sent to the web site.
In some embodiments, the determining whether at least one kind of personalization data corresponding to a user of the browser can be sent to the web site is based at least partially on a whitelist of allowed web sites. In some embodiments, the determining whether at least one kind of personalization data corresponding to a user of the browser can be sent to the web site is based at least partially on a blacklist of disallowed web sites. In some embodiments, the determining whether at least one kind of personalization data corresponding to a user of the browser can be sent to the web site is based at least partially on a user setting indicating that the web site is an allowed web site or a disallowed website. In some embodiments, the determining whether at least one kind of personalization data corresponding to a user of the browser can be sent to the web site is based on a list of allowed or responsive personalized data associated with the web site. In some embodiments, the at least one kind of personalization data is set by the user. In some embodiments, the at least one kind of personalization data is obtained from a profile of a plurality of profiles associated with a user.
Some embodiments of the present disclosed technology relate to a method for providing a personalized browsing experience, comprising: receiving a request for a resource from a computing device associated with a user at a web server, transmitting a response to the user containing the requested resource, wherein the response further comprises data indicating at least one kind of personalization data accepted by the web server for providing personalized responses to requests for resources.
In some embodiments, the data further comprises a validation criterion for the kind of personalization data accepted by the web server. In some embodiments, the data indicating at least one kind of personalization data accepted by the web server further comprises data indicating one of an acceptable list of values or an acceptable range of values for the at least one kind of personalization data accepted by the web server. In some embodiments, the data indicating at least one kind of personalization data accepted by the web server further comprises data indicating one of an acceptable range of values for the at least one kind of personalization data accepted by the web server. In some embodiments, the method further comprises receiving a request for a resource from a computing device associated with the user at a web server containing an item of personalization data associated with the user, and returning a response to the computing device associated with the user containing a personalized website based at least in part on the item of personalization data associated with the user.
Reference will now be made to the accompanying drawings, which are not necessarily drawn to scale, and which are incorporated into and constitute a portion of this disclosure, illustrate various implementations and aspects of the disclosed technology and, together with the description, serve to explain the principles of the disclosed technology. In the drawings:
Some implementations of the disclosed technology will be described more fully with reference to the accompanying drawings. This disclosed technology may, however, be embodied in many different forms and should not be construed as limited to the implementations set forth herein. The components described hereinafter as making up various elements of the disclosed technology are intended to be illustrative and not restrictive. Many suitable components that would perform the same or similar functions as components described herein are intended to be embraced within the scope of the disclosed electronic devices and methods. Such other components not described herein may include, but are not limited to, for example, components developed after development of the disclosed technology.
It is also to be understood that the mention of one or more method steps does not preclude the presence of additional method steps or intervening method steps between those steps expressly identified. Similarly, it is also to be understood that the mention of one or more components in a device or system does not preclude the presence of additional components or intervening components between those components expressly identified.
Reference will now be made in detail to exemplary embodiments of the disclosed technology, examples of which are illustrated in the accompanying drawings and disclosed herein. Wherever convenient, the same reference numbers will be used throughout the drawings to refer to the same or like parts.
In accordance with disclosed embodiments, a browsing system 100 may include a user device 110. A browsing system can further include one or more web servers 140 with processing units 142 and data storage 144 for providing one or more webpages 146, 148. User device 110 may be a mobile computing device (e.g., a smart phone, tablet computer, smart wearable device, portable laptop computer, voice command device, wearable augmented reality device, or other mobile computing device).
Web server 140 may be associated with an entity such as a business, corporation, individual, partnership, or any other entity that may be a seller of good and/or services such as a grocery store, a movie theater, a media outlet, a gas station, or the like. According to some embodiments, the organization may be associated with an entity such as a business, corporation, individual, partnership, or any other entity that may provide financial services or processing of financial transactions such as a bank, a credit card company or the like. According to some embodiments, the organization may be associated with an entity that provides goods and services.
Network 160 may be of any suitable type, including individual connections via the internet such as cellular or WiFi networks. In some embodiments, network 160 may connect terminals using direct connections such as radio-frequency identification (RFID), near-field communication (NFC), Bluetooth™, low-energy Bluetooth™ (BLE), WiFi™, ZigBee™, ambient backscatter communications (ABC) protocols, USB, Ethernet, or LAN. In some embodiments, data can be transmitted across the network in either an encrypted or un-encrypted format.
An exemplary embodiment of user device 110 is shown in more detail in
Processor 210 may be one or more known processing devices, such as a microprocessor from the Pentium’ family manufactured by Intel™ or the Turion™ family manufactured by AMD™. Processor 210 may constitute a single core or multiple core processor that executes parallel processes simultaneously. For example, processor 210 may be a single core processor that is configured with virtual processing technologies. In certain embodiments, processor 210 may use logical processors to simultaneously execute and control multiple processes. Processor 210 may implement virtual machine technologies, or other similar known technologies to provide the ability to execute, control, run, manipulate, store, etc. multiple software processes, applications, programs, etc. One of ordinary skill in the art would understand that other types of processor arrangements could be implemented that provide for the capabilities disclosed herein.
Memory 230 may include one or more memory devices that store data and instructions used to perform one or more features of the disclosed embodiments. Memory 230 may also include any combination of one or more databases controlled by memory controller devices (e.g., server(s), etc.) or software, such as document management systems, Microsoft® SQL databases, SharePoint® databases, Oracle® databases, Sybase™ databases, Postgres, MariaDB®, Couchbase™, Redis™, MongoDB® or other relational or non-relational databases. Memory 230 may include software components that, when executed by processor 210, perform one or more processes consistent with the disclosed embodiments.
Network 160 can comprise a mobile network interface that provides access to a cellular network, the Internet, or another wide-area network. In some embodiments, a mobile network interface may include hardware, firmware, and/or software that allows processor(s) 210 to communicate with other devices via wired or wireless networks, whether local or wide area, private or public, as known in the art. A power source may be configured to provide an appropriate alternating current (AC) or direct current (DC) to power components.
As described above, user device 120 may be configured to remotely communicate with one or more other devices, such as web server 140. Processor 210 may include one or more of a microprocessor, microcontroller, digital signal processor, co-processor or the like or combinations thereof capable of executing stored instructions and operating upon stored data. Memory 230 may include, in some implementations, one or more suitable types of memory (e.g. such as volatile or non-volatile memory, random access memory (RAM), read only memory (ROM), programmable read-only memory (PROM), erasable programmable read-only memory (EPROM), electrically erasable programmable read-only memory (EEPROM), magnetic disks, optical disks, floppy disks, hard disks, removable cartridges, flash memory, a redundant array of independent disks (RAID), and the like), for storing files including an operating system, application programs (including, for example, a web browser application, a widget or gadget engine, and or other applications, as necessary), executable instructions and data. In one embodiment, the processing techniques described herein are implemented as a combination of executable instructions and data within the memory 230.
In some embodiments of the disclosed technology, a method is provided for transmitting personalization data to websites. In some embodiments, personalization data can be transmitted using cookies. Cookies are fragments of information that a web server can set on particular browsers, and that are transmitted to the server with each request.
In some embodiments, cookies can be cookies as defined by the Internet Engineering Task Force RFC 6265—HTTP State Management Mechanism. Cookies are a mechanism that allow web servers to determine some information about who is requesting certain data. Requests for webpages on the internet are typically sent as HTTP requests, which are ordinarily “stateless.” That is, each request is processed by a web server without any additional context. Cookies allow a server to correlate requests to a specific user to provide more personalized content.
If the same user sends a subsequent request 420, the browser will send the same resource request 422 and headers 424, but will automatically append an additional header field containing the key-value pairs for the cookies 426 corresponding to that domain. In this example, request 420 is for article number 1. Because the request is for www.foo.com, and the path to the article is a sub-path of “/”, both cookies are sent to the server. The server can then send a response 430 that is valid 432 that contains the requested content 436, and a personalized message to the user 434. While the example response 430 depicts a response body that comprises HTML, as would be understood by a person of ordinary skill in the art, the response can be of any appropriate type. For example, the response can comprise plain text, Javascript Object Notation (JSON) data, Extensible Markup Language (XML) data, binary content, or any other content type.
Because cookies can expose user data to websites, modern browsers can place several constraints on how cookies can be set and interpreted. For example, many browsers implement a “Same Origin” policy, meaning that cookies cannot be set by a server for paths or domains outside the current request. That is, a response from foo.com cannot set a cookie for bar.com, nor can a request to foo.com/users set a cookie to foo.com/posts. Further, modern web development conventions avoid placing personally identifiable information in cookies. Instead, websites can set a cookie with a cryptographically secure random value to identify a user, and then store that random value in a database that connects it to a user. For example, when user1234 is successfully authenticated for a website, the website can send a “Set-Cookie” field for “user_auth=5653787690,” and store in a local database that authentication number 5653787690 corresponds to user1234. When it receives a request with the authentication number, it correlates the number to a user, and then delivers a personalized webpage based on data known to the server about that user.
Embodiments of the present disclosed technology enable users to provide personalization data to websites though cookies by altering the normal functionality of cookies. While a typical cookie requires that a web server first expressly set the value, embodiments of the present technology allow a user to indicate items of personalization data to be sent as cookies without being set by the server. Examples of such personalization data may include clothing sizes, gender, media preferences, or any other item of data that would allow a website to customize its appearance to a user. Embodiments of the present invention additionally can comprise user interfaces and security policies to provide users the ability to control what information is provided to what website.
In some embodiments, these cookies can be set by intercepting outgoing HTTP requests, and appending cookies to the request that contain personalization data. In some embodiments, cookies can be appended by the browser itself. In some embodiments, cookies can be appended to outgoing requests by an add-on or extension to the browser.
In one embodiment, a user can indicate to a browser that they would like websites to know that they are male and wear size 12 shoes. Such an indication can be made at a user interface provided by the browser, such as a settings page, for example. When a user visits a webpage for a shoe retailer, the browser will then send a cookie to the webpage indicating the user's shoe size, such as “shoeSize=12M.” The website can then respond to the cookie by showing shoes in stock in a size 12, or only showing shoes for men, for example.
In some embodiments, a browser can respond to the indication that a website accepts a value by displaying a dialog box indicating that a particular item of personalization data is accepted by the website, such as the owner's game console. In some embodiments, the dialog box 604 can provide the option to enter the item of personalization data. In some embodiments, the advertisement can be text displayed within the webpage. In some embodiments, the advertisement can be provided by the browser when it detects that the website responds to a cookie. In some embodiments, a browser can prompt a user to set one or more items of personalization data in response to the webpage's advertisement.
In some embodiments, personalization data can be set in key-value pairs that correspond to a field convention. For example, the key for each cookie of personalization data may contain a prefix or suffix to indicate that it is personalization data. For example, the prefix “user” can be used in key values such as “userShoeSize,” “userMusicGenre.” Suffixes could be used according to an embodiment, such as “Preference,” (e.g. “shirtSizePreference”, “videoGamePreference”). In some embodiments, a global list of possible personalization data values can be provided, such as by the provider of the web browser or a third party.
In some embodiments, the value of personalization data can conform to a predetermined schema. For example, a shoe size could have the schema of <country><size><gender><width>. In this schema, the value of a shoe size could be US12M.D, indicating that the user has a male size 12 shoe size, with a width of D according to the US sizing system. In other embodiments, the value of personalization data can comprise JSON or XML data. For example, the same shoe size could be represented in JSON as:
Alternatively, the same information could be represented as XML in the form:
Embodiments of the present invention can encode personalization information in any machine-readable manner, according to any machine-readable schema, including encrypted or binary data. In some embodiments, the encoding of personalization information can include percent-encoding (e.g. URL encoding) cookie keys or values to encode otherwise disallowed characters. In some embodiments, percent-encoding can be performed as described in IETF RFC 3986—URI Generic Syntax, at § 2.1. For example, if the personalization information was “shopping for my 16-year-old son,” that value can be encoded as “shopping%20for%20my%2016-year-old%20son”.
In some embodiments, the browser can filter what websites receive the personalization data based on either a whitelist or a blacklist. For example, a browser may have a whitelist of trusted websites to which it provides personalization data according to an embodiment. When the browser visits such a website, it can provide the personalization data to the whitelisted website. In another embodiment, the browser may have a blacklist of untrusted websites that personalization data should not be sent to. When a user visits a blacklisted website, the browser will refrain from sending the cookie with the request.
As would be understood by a person of ordinary skill in the art, other combinations of whitelists and blacklists could be used. For example, according to an embodiment, a browser may only have a whitelist of allowed websites, and refuse to send personalization data to any site not on the whitelist. In another embodiment, a browser may only have a blacklist of prohibited websites, and send personalization data to any website not on the blacklist.
Alternatively, an embodiment may use both a blacklist of prohibited websites and a whitelist of allowed websites, and by default either refuse to send personalization data, or send personalization data to any website not on either the whitelist or blacklist. In an embodiment, a whitelist and/or blacklist can be included with the browser software, or downloaded from a predetermined server. In some embodiments, the whitelist and/or blacklist can be updated over the internet, such as periodically, or at a user's request. In yet another embodiment, a user can set or modify a whitelist or blacklist to select which websites should receive personalization data.
In some embodiments, the browser can filter what kind of personalization data is received by a website based on a list of allowed or responsive personalization data. For example, if a user visits a clothing retailer that does not sell shoes, the browser can send personalization data about the user's preferred shirt style or pant size, but not shoe size. In some embodiments, the list of allowed or responsive personalization data can be provided by a centralized server to the browser.
While some embodiments of the present disclosed technology are discussed in terms of cookies, other methods can be used within the scope of the present disclosure. In some embodiments, personalization data can be sent in custom header fields, such as a “Personalization-Data” field. In some embodiments, personalization data can be sent as an HTTP request body. In some embodiments, personalization data can be encoded in a data exchange format, such as XML or JSON data. In some embodiments, a server can respond to a request with an indication that certain personalization data fields are accepted. In response, the browser can send a separate request containing personalization data.
The following exemplary use cases describe examples of possible implementations of the disclosed technology. They are intended solely for explanatory purposes and not in limitation.
The presentation of the personalized website is facilitated according to embodiments of the disclosed technology. Here, the user has previously indicated to the browser that their favorite band is Artist A, and that they have a mobile device from Brand X. When the user types “www.music.com” into their browser, their browser sends a request 1100 for the main page 1102 (index). The request contains a header field 1104 that contains a cookie for the user's favorite band and the user's mobile device brand. The value of these cookies were not previously provided to the browser by a server using a “Set-Cookie” header. In response, the server responds with a webpage for Music.com 1112 displayed by browser 1110. Because the server knew the user's favorite band, the webpage 1112 is customized to show an album from the user's favorite band 1114 for purchase. Further, the webpage can further display other related artists, such as Artist B, that the user might also like based on their favorite band. Additionally, because the server knows the brand of the user's mobile device, it can provide a download button 1118 to download the album from Artist A on the music store corresponding to that mobile device brand. In addition to providing relevant information to a user, this allows the webpage to minimize visual clutter by not displaying buttons linking to downloads on other music stores.
The presentation of the personalized sports news website is facilitated according to embodiments of the disclosed technology. In this example, a user sends a request 1200 for the main page for a sports news website 1202 without any personalization data. The web server sends back a response 1204 that includes a Set-Cookie header 1206 for “userFavoriteTeam” without a value. The browser 1208 displays a generic and non-personalized version of the web page 1212. Further, the browser interprets the Set-Cookie header as a request for personalization data from the user, and displays a dialog box 1210 to the user. The user then enters the personalization data in a text box, for example. If the user sends another request for the index page 1214, the browser will include a cookie 1216 indicating that the user's favorite team is the Tigers Baseball team. The server will then return a personalized page 1218 to be displayed by browser 1220 that includes personalized information, such as recent scores and upcoming schedules for the team 1222, and news items of particular interest regarding the user's favorite team 1224.
The presentation of personalized shopping information is facilitated according to embodiments of the disclosed technology. In this example, a user sends a request 1300 to an online retailer, such as rainforest.com 1302. The request contains a number of items of personalization data, indicating that this user is a 41 year old female who enjoys running and cooking. The user has also provided a cookie 1306 indicating that the reason for browsing is to locate a gift for her 16 year old son. In response to the request, the web server realizes that the user is not shopping for herself, and is looking for items for a 16 year old boy. As a result, it returns a personalized web page 1312 to browser 1310 with content that would not be personalized to a 41 year old female interested in running and cooking, but is appropriate to her reason for browsing. This can include item recommendations 1314, such as a video game, skateboard, or headphones, or articles and gift guides 1316 with ideas for possible purchases.
Certain implementations of the disclosed technology are described above with reference to block and flow diagrams of systems and methods and/or computer program products according to example implementations of the disclosed technology. It will be understood that one or more blocks of the block diagrams and flow diagrams, and combinations of blocks in the block diagrams and flow diagrams, respectively, can be implemented by computer-executable program instructions. Likewise, some blocks of the block diagrams and flow diagrams may not necessarily need to be performed at all, according to some implementations of the disclosed technology.
These computer-executable program instructions may be loaded onto a general-purpose computer, a special-purpose computer, a processor, or other programmable data processing apparatus to produce a particular machine, such that the instructions that execute on the computer, processor, or other programmable data processing apparatus create means for implementing one or more functions specified in the flow diagram block or blocks. These computer program instructions may also be stored in a computer-readable memory that can direct a computer or other programmable data processing apparatus to function in a particular manner, such that the instructions stored in the computer-readable memory produce an article of manufacture including instruction means that implement one or more functions specified in the flow diagram block or blocks. As an example, implementations of the disclosed technology may provide for a computer program product, including a computer-usable medium having a computer-readable program code or program instructions embodied therein, said computer-readable program code adapted to be executed to implement one or more functions specified in the flow diagram block or blocks. Likewise, the computer program instructions may be loaded onto a computer or other programmable data processing apparatus to cause a series of operational elements or steps to be performed on the computer or other programmable apparatus to produce a computer-implemented process such that the instructions that execute on the computer or other programmable apparatus provide elements or steps for implementing the functions specified in the flow diagram block or blocks.
As used herein, unless otherwise specified the use of the ordinal adjectives “first,” “second,” “third,” etc., to describe a common object, merely indicate that different instances of like objects are being referred to, and are not intended to imply that the objects so described must be in a given sequence, either temporally, spatially, in ranking, or in any other manner.