GB2507562A - A method for facilitating completion of a form - Google Patents

A method for facilitating completion of a form Download PDF

Info

Publication number
GB2507562A
GB2507562A GB1219868.5A GB201219868A GB2507562A GB 2507562 A GB2507562 A GB 2507562A GB 201219868 A GB201219868 A GB 201219868A GB 2507562 A GB2507562 A GB 2507562A
Authority
GB
United Kingdom
Prior art keywords
user
data
provider
transaction
processing system
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Withdrawn
Application number
GB1219868.5A
Other versions
GB201219868D0 (en
Inventor
James Marshall
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
FORMISTO Ltd
Original Assignee
FORMISTO Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by FORMISTO Ltd filed Critical FORMISTO Ltd
Priority to GB1219868.5A priority Critical patent/GB2507562A/en
Publication of GB201219868D0 publication Critical patent/GB201219868D0/en
Publication of GB2507562A publication Critical patent/GB2507562A/en
Withdrawn legal-status Critical Current

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F40/00Handling natural language data
    • G06F40/10Text processing
    • G06F40/166Editing, e.g. inserting or deleting
    • G06F40/174Form filling; Merging

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Health & Medical Sciences (AREA)
  • Artificial Intelligence (AREA)
  • Audiology, Speech & Language Pathology (AREA)
  • Computational Linguistics (AREA)
  • General Health & Medical Sciences (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Information Transfer Between Computers (AREA)

Abstract

A form provider 110 receives information enabling identification of a transaction, from a form processing system 140, and adds a visual annotation to the form which annotation represents an identification of the transaction. A device of the user 130, which device has access to at least one item of data associated with the user, processes the annotation to identify the transaction, and uses the identification of the transaction to retrieve a form definition from the form processing system 140, which definition comprises information about at least one data field of the form. Further, based on the form definition, the device of the user matches the at least one data field with at least one item of data associated with the user, and provides the matched item of data to the form processing system 140 for access by the form provider 110.

Description

FACILITATING COMPLETION OF A FORM
The invention relates to facilitating completion of a form, which form corresponds to a transaction between a user and a provider of the form.
BACKGROUND
Forms are typically used to capture information relating to a user, for later use by an entity such as, for example, a merchant or a government organisation.
The information may relate to, for example, name, address and/or date of birth of the user: Such forms may, for example, be presented in a paper format, or in an electronic format such as a form presented on a page displayed in a web browser application. A plurality of different entities may wish to collect information about a particular user, and each entity may use a form to collect that information. Thus, an entity may become a "Form Provider" by virtue of providing a form to the user, who may be referred to as a "Form Consumer". Such an arrangement whereby the user completes a form provided by the Form Provider may constitute, or be part of, a transaction between the user and the Form Provider.
A problem with the above arrangement is that the user may be required to complete several forms, each form provided by one of several different entities, which can be tedious and time consuming for the user. The user may therefore find it inconvenient and impractical to complete transactions, and may thus be deterred from using such an arrangement. As a result, an undesirably high proportion of potential transactions are aborted by the user before completion of the form, and the user's needs can go unfulfilled.
Some websites provide the ability for a user to store their information (such as name, address, date of birth, etc) the first time the user visits the website, and for the fields of forms on that website to be automatically completed using the stored information if a user subsequently re-visits the website.
However, this does not address the problem of users being asked for information by a plurality of other websites.
More recently, some web browsers have been provided with the functionality of being able to store the user's information where it is accessible to the web browser, such that the web browser automatically completes online forms using the stored information. However, this approach suffers from accuracy and efficiency problems due to the browser typically evaluating the online form using a heuristic algorithm. There are cases where the browser cannot determine the type of field using such an algorithm, and in such cases the user may be asked to manually complete the form, leading to a loss of efficiency and a decrease in user satisfaction. In cases where the algorithm incorrectly determines the type of field, the wrong information may be used by the browser to complete the form field, leading to an accuracy problem, which in turn causes a further lack of efficiency and loss of user-satisfaction, due to the user having to thoroughly check the completed form.
An additional drawback of existing web browser based approaches is that a plug-in add-on software module typically needs to be installed on the user's computer. This is inconvenient, and presents a barrier to entry for such a web browser plug-in-based approach, due at least in part to increased user effort associated with installing the software. Furthermore, such plug-in software modules are frequently the target of malware attacks, which presents a security risk to the user's information.
SUMMARY
It would be desirable to provide a method by which a form can be automatically completed with a users information, in a secure, convenient and accurate manner.
An object of the present invention is to at least address the above-identified problems.
Various aspects of the invention are defined in the appended claims.
--
In a first aspect there is provided a computer-implemented method for facihtating the completion of a form, the form corresponding to a transaction between a user and a Form Provider, the method comprising: at the Form Provider receiving information from a Form Processing System, which information enables identification of the transaction; adding a visual annotation to the form, the annotation representing an identification of the transaction; and providing the annotated form to the user; and at a Device of the User, which device has access to at least one item of data associated with the user: processing the annotation to identify the transaction; using the identification of the transaction to retrieve a form definition from the Form Processing System, which form definition comprises information about at least one data field of the form; matching the at least one data field with at least one item of data associated with the user, based on the form definition; and providing the matched item of data to the Form Processing System for access by the Form Provider.
In a second aspect there is provided a computer-implemented method for a device of a user to facilitate the compietion of a form, the form corresponding to a transaction between the user and a Form Provider, the device having access to at least one item of data associated with the user, the method comprising: processing a visual annotation which is associated with the form to identify the transaction, which annotation represents an identification of the transaction; using the identification of the transaction to retrieve a form definition from the Form Processing System, which form definition comprises information about at least one data field of the form; matching the at least one data field with at least one item of data associated with the user, based on the form definition, and providing the matched data to the Form Processing System for access by a Form Provider.
In a third aspect there is provided computer-implemented method for facilitating the completion of a form, the form corresponding to a transaction between a user and a Form Provider, the method comprising the Form Processing System: sending information to the Form Provider, the information enabling identification of the transaction; responsive to a request from a Device of the User, which request includes an identification of the transaction, providing a form definition to the Device of the User, the form definition comprising information about at
least one data field of the form;
receiving at least one item of data associated with the user, which item of data has been matched with the at least one data field using the form definition; and providing the at least one item of data associated with the user to the Form Provider.
In a fourth aspect there is provided a computer-implemented method for facilitating the completion of a form, the form corresponding to a transaction between a user and a Form Provider, the method comprising the Form Provider: receiving information from a Form Processing System, which information enables identification of the transaction; adding a visual annotation to the form, the annotation representing an identification of the transaction; providing the annotated form to the user; and receiving at least one data item associated with a user from the Form Processing System, which data item has been matched with a data field of the form by a device arranged to carry out the method of the second aspect.
Optionally, the method of the fourth aspect further comprises updating the form with the at least one data item associated with the user, and providing the updated form for viewing by the user.
In a fifth aspect there is provided a computer-implemented method for facilitating the completion of a form, the form corresponding to a transaction between a user and a Form Provider, the method comprising: receiving the form from a Form Provider arranged to carry out the method of the fourth aspect; and operating a device arranged to carry out the method of the second aspect.
Optionally, the method of the fifth aspect further comprises, responsive to receiving from the device a suggested match between: at least one item of data associated with the user; and at least one data field of the form, providing a confirmation to the device that the suggested match is accepted by the user.
Optionally, the method of the fifth aspect further comprises: responsive to the providing the confirmation, receiving an authorisation code from the device; and providing the authorisation code to the Form Provider, such that the Form Provider is authorised to receive the matched data from the Form Processing System.
Further optional features of the above aspects will now be described.
Optionally, the method further comprises, prior to receiving the information, the Form Provider sending a request to the Form Processing System, and responsive to receiving the request the Form Processing System sending the information to the Form Provider.
Optionally, the information is an address from where the identification of the transaction can be obtained.
Optionally, the annotation is machine readable. Optionally, the annotation is a OR code.
Optionally, the identification of the transaction is encrypted.
Optionally, the form is provided to the user over a network.
Optionally, the form definition identifies one or more attributes of the form, each attribute selected from a set of field types, the set of field types defined in a field library. Optionally, the set of field types comprises at least one of: name; maximum length; and security sensitivity.
Optionally, the form definition includes a regular expression which can be used for validation of an item of data against its matched data field, and the method further comprises the Device of the User validating at least one item of data based on such a regular expression.
io Optionally, the form definition comprises an encrypted JSON data structure encapsulating the information about at least one data field of the form.
Optionally, the method further comprises the Form Provider registering the form definition with the Form Processing System.
Optionally, the method further comprises registering the Device of the User with the Form Processing System.
Optionally, the step of matching comprises determining that a plurality of items of data match the at least one data field, and prompting the user to select one of the plurality of items of data.
Optionally, the step of matching comprises determining that a plurality of items of data match the at least one data field, and the Device of the User preferentially offering to the user one of the plurality of items of data.
Optionally, the method further comprises the Device of the User displaying an authorisation code to the user, and the Form Processing System, responsive to receiving the authorisation code from the user, providing the matched data to the Form Provider. Optionally, the method further comprises, the Form Processing System: responsive to a request from the Form Provider, sending a cookie to the Form Provider for forwarding to a web browser of the user; upon receiving the authorisation code from the user, verifying the authorisation code using the cookie; and upon successfully verifying, providing the matched data to the Form Provider.
Optionally, the Device of the User is a mobile device. Optionally the mobile device is the user's mobile phone.
In a sixth aspect there is provided a device arranged to carry out a method according to any of the first to fifth aspects.
In a seventh aspect there is provided a computer-readable medium storing instructions which, when executed by a processor, cause the processor to carry out a method according to any of the first to fifth aspects.
It will be appreciated that certain features of certain aspects, along with other optional features described herein, can be advantageously combined with certain other aspects, as would be understood by a skilled person. The above aspects are not intended to limit the invention which is instead defined by the appended claims.
The detailed description of embodiments below should not be interpreted as meaning that all described method steps and/or system elements are essential. Instead, certain method steps and/or system elements may be understood by a skilled person to be optional, even where those steps/elements are not explicitly described as being optional. The appended claims define the essential features of the invention.
DESCRIPTION OF FIGURES
In order that the invention may be more readily understood, preferred embodiments will now be described, by way of example only, with reference to the accompanying Figures, in which: Figure 1 is a block diagram of a system comprising: a Form Provider; a Form Consumer; a Form Processing System; and a Device of the User; in accordance with the method and system described herein.
Figure 2a is a flow diagram showing steps of a setup phase of a method as described herein, carried out by the elements shown in Figure 1.
Figure 2b is a flow diagram showing steps of an in-use phase of a method as described herein, carried out by the elements shown in Figure 1.
Figure 3 is a diagram showing information which is passed between the Form Provider, the Form Processing System, and the Device of the User, when the methods described with reference to Figures 2a and 2b are carried out.
Figure 4 is a flow diagram showing method steps carried out by a Form Consumer according to the described method.
Figure 5 is a flow diagram showing method steps carried out by a Form Provider according to the described method.
Figure 6 is a flow diagram showing method steps carried out by a Form Processing System according to the described method.
Figure 7 is a flow diagram showing method steps carried out by a Device of the User, the device according to the described method.
Figure 8 is a schematic illustration of an example system according to an embodiment of the invention.
Figure 9 is a schematic illustration of a computer system which may be comprised in one or more of the elements shown in Figure 8.
DETAILED DESCRIPTION
In general, there is provided a computer-implemented method of facilitating completion of a form, which form relates to a transaction between a user (also referred to as a "Form Consumer") and a Form Provider. The invention provides secure automation of the completion of forms, optionally using a mobile device.
In response to a request for a form from the Form Consumer, a Form Provider requests and receives information enabling identification of the transaction, from a Form Processing System, and using the received information adds a visual annotation (e.g. a "QR Code", also known as a Quick Response Code) to the form, which annotation represents an identification of the transaction. In other words, the annotation comprises a representation of a transaction identifier.
A device to which the Form Consumer has access (referred to as a "Device of the User", e.g the Form Consumer's mobile phone), which device has access to one or more stored items of data associated with the user, processes (e.g. scans) the annotation to obtain an identification of the transaction (e.g. a transaction identifier which uniquely identifies the transaction). The identification of the transaction allows the particular form to be identified, and thus a corresponding "Form Definition" can be retrieved. The Device of the User uses the identification of the transaction to retrieve the "Form Definition" from the Form Processing System, which definition corresponds to the form associated with the identified transaction, and which definition comprises information about at least
one data field of the form.
For each data field of the form, the Form Definition contains information about the type and attributes (such as length, name, meaning etc.) of the field, which information is sufficient to allow a device to automatically complete that field using stored data. Based on the information in the Form Definition, the Device of the User is thus able to more effectively and efficiently match the at least one data field with at least one of the stored items of data associated with the Form Consumer (compared with previous approaches which use algorithms, e.g. heuristic or rule-based algorithms, to evaluate and compare an online form with stored data relating to a user). Thus, the Device of the User is enabled to at least partially automatically complete the form with data associated with the Form Consumer, and so the Form Consumer need only input and pre-store their personal information once, into the Device of the User. Thus, among other advantageous effects, user effort is reduced.
The Device of the User then provides the completed form (optionally in a secure way, e.g. using existing encryption and/or validation techniques), including the data associated with the Form Consumer, to the Form Processing System for access by the Form Provider. The optional provision of a library component by the Form Provider to the Form Processing System allows the Form Processing System to transparently complete the form at the Form Provider, after the completed form has been returned to the Form Processing System by the Device of the User. Thus, it appears to the Form Provider as if the Form Consumer manually completed the form, and minimal modifications to existing Form Provider websites and website infrastructure are required. Further, the Form -10 -Consumer is able to manipulate and verify form entries within the context of the form at the Form Provider's website, which may be convenient. Furthermore, plug-in software is not required to be installed on the Form Consumer's web browser, thus avoiding potential security attacks by plug-ins (which may be infected with viruses, Trojan-horses or other malware).
The use of a visual annotation, which is added to the form so as to allow identification of the transaction associated with the form, is particularly convenient. This is because the visual annotation can be read and processed by a device to which the Form Consumer has access, such as a mobile device, e.g. a mobile telephone having a built-in camera. This effect is enhanced when the visual annotation has features which render it especially machine-readable. In one example, the visual annotation is a OR code", which is a machine-readable visual annotation. In that example, the QR code has a payload containing the identification of the transaction, and the payload is encrypted with a pre-shared key (which is shared during a registration/setup phase) such that only a device having access to the key is able to obtain the identification of the transaction.
This enhances system security. In another example, the visual annotation is a barcode, capable of being read by a barcode scanner.
The above-described advantages, and other advantages of the invention will be apparent to a skilled person from the description and drawings.
Referring to Figure 1, a method and system is provided by which forms can be more easily completed with data relating to a user, in a secure, convenient and accurate manner.
As shown in Figure 1, a Form Provider 110 is an entity which provides a form, which form is desired to be completed by the filling in of various data fields of the form with personal information relating to a user. In an embodiment, the Form Provider 110 provides an electronic representation of the form 150, such as a web page. The Form Provider 110 can be implemented using a computing device as described below with reference to Figures 8 and 9.
With reference to Figure 1, the user is otherwise termed a "Form Consumer" 120. In embodiments, the Form Consumer 120 is typically an -11 -individual, is provided with the form 150 either in response to making a request for the form or without requesting the form, and is, for example, the user to which the personal information relates. In an embodiment, the Form Consumer 120 has access to a web browser application, which web browser application executes on a computing device as described with reference to Figures 8 and 9 (such as a personal computer or a mobile telephone having internet browsing capability), and which web browser has access to the form.
The Form Consumer 120 has access to a device 130 which is used to process a visual annotation 160 on the form 150, which annotation 160 represents an identification of a transaction between the Form Provider 110 and the Form Consumer 120. In an embodiment, the annotation comprises a data payload which contains information enabling identification of the transaction.
Examples of a "transaction" include: a data gathering session such as a consumer survey; and a purchasing session such as an online purchase. The device 130 is referred to hereafter as a "Device of the User" 130. In a preferred embodiment, the device 130 is a mobile computing device (as described below with reference to Figures 8 and 9) such as a mobile phone. In certain embodiments, the computing device on which the web browser application executes is the mobile computing device 130, but in other embodiments the computing device on which the web browser application executes may be a separate computing device.
An entity referred to as a Form Processing System 140 is also provided, which interacts with the Form Provider 110, the Form Consumer 120 and the Device of the User 130, as further described below, so as to deliver the advantageous effects of the present disclosure. The Form Processing System can be implemented as a computing device (as will be further described below with reference to Figures 8 and 9).
The Form Provider 110, Form Processing System 140, Device of the User 130, and the computing device on which the web browser application executes are communicatively linked as shown in Figure 1. In an embodiment, at least some of the communication links are provided by virtue of a network (as described below with reference to Figure 8), for example the internet. In -12 -embodiments, the communication links are implemented using one or more of wired and wireless technologies.
As shown in Figure 1, in one example, the form 150 contains a number of data fields including "Name", "Date of birth", "Mobile telephone number", "Title", "Password", "Credit card number", "Card type" and "Expiry date". Such data fields are provided here as examples and should not be taken to be at all limiting.
Figure 1 also shows the form 150 including a visual annotation 160, which annotation contains information enabling an identification of the transaction between the Form Provider 110 and the Form Consumer 120 to be determined.
In the shown embodiment, the annotation 160 is in the form of a "QR code". The QR code has visual features which make it machine-readable (e.g. corner locators and synchronisation bits), and comprises a data payload. In some embodiments, the payload can be encrypted.
Also shown in Figure 1, in certain embodiments, a text entry box 170 is displayed with the form 150, for a user to be able to enter an authorisation code, which code is for example a 4 digit PIN code. The authorisation code, if included, can be used by the Form Consumer 120 for authorising the Form Provider 110 to obtain the data relating to the user from the Form Processing System 140. The way in which elements shown in Figure 1 interact, when in operation, will be further described below with reference to Figures 2a and 2b.
The elements shown in Figure 1 cooperate to enable the form to be at least partially automatically completed with stored personal information of the user, in a secure, convenient and accurate manner.
Referring to Figure 2a, in a setup phase, the Form Provider 110, Form Consumer 120, and the Device of the User 130, are registered with the Form Processing System 140 as follows.
The Form Provider 110 registers 201 the structure and other information of a form (e.g. the number and type of data fields within the form, the length of each field, the name of each field, whether each field is security-sensitive, etc.) with the Form Processing System 140. In response, the Form Processing System 140 optionally responds with an acknowledgement 202.
-13 -The Form Consumer 120 registers 251 with the Form Processing System 140. In embodiments, this is optionally done 250 via the Device of the User 130, e.g. using an on-line form presented on a web page by the Device of the User (e.g. using an application program executing on that device), or by some other means. In a particular embodiment, a username and a password are selected by the Form Consumer 120 and provided to the Form Processing System 140. Upon registration, the Form Processing System 140 optionally creates a cryptographic key which is uniquely associated with the Form Consumer 120.
When the Device of the User 130 is used for the first time by the Form Consumer 120, it registers 261 with the Form Processing system 140 and a security check is made by the Form Processing System 140. In the above particular embodiment, as part of the security check, the username and password are requested by the Device of the User 130, and are sent by the Device of the User 130 to the Form Processing System 140 for verification. In some optional embodiments, further security data is sent (such as a hash calculation based on the username and password, and on a cryptographic key which is known to both the Device of the User 130 and the Form Processing System 140) which allows the Form Processing System 140 to authenticate the Device of the User 130.
Upon successful completion of the security check, the Form Processing System optionally sends the cryptographic key which is uniquely associated with the Form Consumer 120 to the Device of the User 130. The Device of the User 130 then stores that cryptographic key, if received, for later use. This concludes the setup phase.
Referring to Figure 2b, in an In-use" phase, after the setup phase, the following actions are performed.
The Form Consumer 120 requests 203 the form 150 from the Form Provider 110. For example, this request corresponds to a web browser (to which the Form Consumer 120 has access) sending an HTTP request to a website of the Form Provider 110, requesting to view the form 150.
-14 -Upon receiving the request 203 to view the form 150, the Form Provider requests 204 that: the Form Processing System 140 records a new transaction between the Form Consumer 120 and the Form Provider 110; and the Form Processing System 140 supplies information to the Form Provider 110 which enables identification of the transaction. The request made to the Form Processing System 140 by the Form Provider 110 comprises at least information enabling the Form Provider 110 to be identified, and information enabling the particular form 150 being viewed to be identified. By way of example, the following information is included in the request (as shown in Figure 3 and Table 1 below):
Information item Description
Form Provider ID Identification of the Form Provider Form Provider Key FPSK, a cryptographic key pre-assigned to the Form Provider by the Form Processing System during the setup phase.
User Agent String Information identifying the web browser used by the Form Consumer which requested the fomi.
Browser IP address The IP address of the web browser requesting the form.
Requester IP The IP address of the Form Provider.
address Form ID An identification of the Form being requested Remote IJRL Reserved for future use Timestamp Time stamp when the request is sent.
I-lash A hash calculation of the above fields,
calculated using the "Private Key" of the Form Provider, FPPK, which is a cryptographic key pre-assigned to the -15 -Form Provider by the Form Processing System in the setup phase. Optional.
Table 1: Information in the request for a new transaction It is to be noted that although Table 1 shows an example of fields which can be included in the request for a new transaction, the actual request in a particular embodiment may comprise a different number and/or type of fields, as will be understood from the desctlption as a whole.
Upon receiving the request 204 from the Form Provider 110, the Form Processing System 140 creates a record of a new transaction, which transaction is associated with the form. The record of the transaction at the Form Processing System 140 comprises a corresponding transaction identifier which is uniquely associated with the transaction. The Form Processing System 140 then returns 205 information to the Form Provider 110, which information enables the transaction to be identified, that is to say that the transaction identifier can be determined by using the information.
In an advantageous embodiment, the information comprises a URL (i.e. an internet address) which is uniquely associated with the transaction, the URL pointing to where a visual annotation 160 may be downloaded. The visual annotation 160 comprises a representation of the transaction identifier in such a format that the transaction identifier can be determined by processing the visual annotation 160 (e.g. by scanning the annotation using a camera, and subsequently extracting data from the scanned image). The visual annotation thus represents an identification of the transaction. The visual annotation is previously generated according to the transaction identifier, by the Form Processing System 140 (or by another entity to which the Form Processing System 140 provides the transaction identifier), and made available for downloading from the address pointed to by the URL. In embodiments, the Form Processing System 140 hosts a web page at the address pointed to by the URL, although in other embodiments that web page can be hosted by another entity.
-16 -In other embodiments, rather than the information comprising a URL, the information can instead comprise data representing the generated visual annotation 160 (e.g. a GIF or JPEG image file), or alternatively the information can comprise the transaction identifier directly, e.g. in the form of a character string, or in numeric, binary, alphanumeric or ASCII form (in which case the Form Provider 110 would be enabled to generate the visual annotation 160, based on the transaction identifier), and is optionally encrypted.
In an advantageous embodiment, shown in Figure 1, the visual annotation is a "OR code" (as will be familiar to the skilled person) having a data payload which includes the transaction identifier. In a yet further advantageous embodiment, the information (or at least the transaction identifier) comprised in the visual annotation 160 is encrypted, for example the QR code is an "encrypted OR code" wherein the payload of the OR code is encrypted. The encrypted payload is encrypted in such a way as to be decryptable by the Device of the User 130 using a cryptographic key which is pre-shared with the Device of the User 130 (or with the Form Consumer 120 who then supplies the key to the Device of the User 130) by the Form Processing System 140. In a still further advantageous embodiment, when returning 205 the information to the Form Provider 110, the Form Processing System 140 also sends a web browser cookie to the Form Provider 110, for forwarding to the web browser being used by the Form Consumer 120. The cookie is used to enhance security, as will be further described below.
After receiving the information enabling identification of the transaction (and, if necessary, downloading the visual annotation 160 if the information is a URL, or generating the visual annotation 160 if the information comprises the transaction identifier directly), the Form Provider 110 annotates 206 the form 150 with the visual annotation 160. The visual annotation 160 is then displayed 207 with the form 150 so as to be associated with the form 150 by the Form Consumer 120. By way of example, the form 150 is displayed as a "virtual form" on a web page viewed in the Form Consumer's web browser, and optionally the cookie is passed to the web browser for storage by the web browser.
-17 -In some embodiments the Form Provider 110 optionally makes a software library component available to the Form Processing System 140, for later use by the Form Processing System 140 to enable the Form Processing System 140 to automatically complete the form 150 at the Form Provider 110 with one or more items of data associated with the Form Consumer 120.
Upon receiving the form 150 with the visual annotation 160, the Form Consumer 120 causes 208 (e.g. actuates or commands) the Device of the User to process 209 the visual annotation 160 so as to obtain the transaction identifier and thus to identify the transaction.
In an advantageous embodiment, the Form Consumer 120 causes 208 the Device of the User 130 to scan 209 and decode the visual annotation 160, which in this embodiment is a OR code, so as to obtain the transaction identifier from the payload of the QR code. This is especially advantageous when the Device of the User 130 is a mobile phone having a built-in camera or scanner module (such as a barcode scanner module).
Optionally, in a further advantageous embodiment, the payload of the OR code is encrypted, and the Device of the User 130 uses the pre-shared key which was mentioned with respect to step 205 to decrypt 210 the encrypted payload of the OR code. The encrypted payload was previously encrypted by the Form Processing System 140 in such a way as to be decryptable using that pre-shared key.
Having obtained the transaction identifier, the Device of the User 130 uses the transaction identifier to request 211 details of the form 150 from the Form Processing System 140. The request 211 comprises a payload containing a number of items of information (see Figure 3 and Table 2 below), including at least an identification of the Form Consumer 120 and an identification of the transaction.
Information item Description
Form Consumer ID Identification of the Form Consumer Security Key FCsk, a cryptographic key pre-assigned to the Form Consumer! -18 -Device of the User, by the Form Processing System during the setup phase.
Session ID Identification of the transaction (transaction = session).
Timestamp Time stamp when the request is sent Hash A hash calculation of the above
fields, calculated using the "Private
Key" of the Form Consumer, FCPK, which is a cryptographic key pre-assigned to the Form Consumer! Device of the User by the Form Processing System in the setup phase.
Table 2: Information contained in request for a Form Definition It is to be noted that although Table 2 shows an example of fields which can be included in the request for a Form Definition, the actual request in a particular embodiment may comprise a different number and!or type of fields, as will be understood from the description as a whole.
It should be noted that although Figure 2a shows registration step 261 as being carried out separately in a setup phase, the registration step 261 of the Device of the User 130 can be combined with step 211 where the Device of the User 130 requests the Form Definition from the Form Processing System 140.
The optional "Hash' field in the request 211 for details of the form, is a hash calculation calculated, based on the request payload, using a "Private Key" of the Form Consumer 120, which is a cryptographic key pre-assigned to the Form Consumer 120 and Device of the User 130 by the Form Processing System (e.g. it is a key generated by the Form Processing System 140 at step 252 in the setup phase, and sent to the Device of the User 130 at step 262). The Hash field can thus be validated by the Form Processing System 140 to verify that the -19 -request originated from the Device of the User 130. This prevents third parties and/or other devices from pretending to be the Form Consumer 120 and/or Device of the User 130.
Upon receiving the request for the form details, the Form Processing System 140 optionally validates the request using the contents of the Hash field.
The Form Processing System 140 then uses the transaction identifier to identify the corresponding form 150, retrieves the corresponding details of the form 150 (i.e. the corresponding Form Definition for that form), and returns 212 the Form Definition to the Device of the User 130.
The Device of the User 130 then uses the Form Definition to match at least one item of data associated with the Form Consumer 120 (e.g. personal data, such as name, address etc.), which the Form Consumer 120 has previously stored on the Device of the User 130, with at least one data field of the form 150.
As mentioned, the Form Definition describes each data field of the form 150, and thus enables the Device of the User 130 to more easily match the at least one item of data with the at least one data field. The Device of the User 130 then attempts to automatically complete 213 the at least one data field with the at least one item of data.
If only one item of data matches the particular data field, the Device of the User 130 automatically completes the data field with the particular item of data. If more than one item of data matches the particular data field, the Device of the User 130 carries out a pre-defined policy in order to complete the data field with one of the matching items of data. In a first example policy, the Device of the User 130 prompts the Form Consumer 120 for a choice as to which item of data should be used to complete the particular data field, for example using a selection box or drop-down list.
In an advantageous embodiment, the Device of the User 130 has a stored flag which is associated with a particular stored item of data, which flag indicates that the particular stored item of data should be considered as a default choice.
For example, a Form Consumer 120 may have stored a home address and a business address in the Device of the User 130, and may have indicated that the -20 -business address should be considered to be the default choice. In such an embodiment, the Device of the User 130 can carry out a second example policy wherein the Device of the User 130 automatically completes the particular data field with the default choice, and optionally prompts the Form Consumer 120 to confirm that default choice, or to select another choice, e.g. by use of a menu system.
Optionally, the Device of the User 130 also at least partially renders the form 150 and displays the form 150 to the Form Consumer 120 during the time that the form 150 is being completed.
At step 214, the Form Consumer 120 makes any selections which are prompted for by the Device of the User 130, and the Form Consumer 120 is optionally also enabled to add any additional details which are needed for completing any data fields of the form 150 which were not automatically completed (for example if no stored data existed on the Device of the User 130 which matched those uncompleted data fields). Further, the Form Consumer 120 is optionally given the opportunity to enter additional details even where a particular data field of the form has been automatically completed. Thus, the Form Consumer 120 can override an automatic choice if, for example, the Form Consumer 120 judges that none of the stored addresses are suitable for the current transaction and the Form Consumer 120 therefore wishes to enter a new address. Optionally, if such additional details were entered, the Form Consumer is given the opportunity to store those additional details in the Device of the User 130 for later use.
Upon completion of the form 150, the Device of the User 130 sends 215 the completed form 150 to the Form Processing System 140. As part of this step, the Device of the User 130 forms a data payload containing the one or more data items which correspond to the data fields of the form, and also the information shown in Figure 3 and Table 3 (including at least an identification of the Form Consumer 120 and an identification of the transaction).
-21 -
Information item Description
Form Consumer ID Identification of the Form Consumer Security Key FCsk, a cryptographic key pre-assigned to the Form Consumer! Device of the User, by the Form Processing System during the setup phase.
Timestamp Time stamp when the data is sent Session Session ID (Identification of the transaction), and the completed form including the items of data with which the form has been completed.
Hash A hash calculation of the above
fields, calculated using the "Private
Key' of the Form Consumer, FCFK, which is a cryptographic key pre-assigned to the Form Consumer! Device of the User by the Form Processing System in the setup phase.
Table 3: Information contained in the submission of the completed form It is to be noted that although Table 3 shows an example of fields which can be included in the submission of the completed form, the actual submission in a particular embodiment may comprise a different number and!or type of fields, as will be understood from the description as a whole.
The optional "Hash" field sent with the completed form, is a hash calculation calculated, based on the data payload, using a "Private Key" of the Form Consumer 120, which is a cryptographic key pre-assigned to the Form Consumer 120 and Device of the User 130 by the Form Processing System 140 (e.g. it is a key generated by the Form Processing System 140 at step 252 in the -22 -setup phase, and sent to the Device of the User 130 at step 262). The Hash field can thus be validated by the Form Processing System 140 to verify that the completed form originated from the Device of the User 130. This prevents third parties and/or other devices from pretending to be the Form Consumer 120 and/or Device of the User 130.
The Form Processing System 140, upon receipt of the completed form 150, optionally validates the completed form. The Form Processing System 140 then stores the items of data comprised in the completed form, and optionally provides an acknowledgement 216 to the Device of the User 130 that the completed form 150 has been received.
Optionally, an authorisation code is then displayed 217 to the Form Consumer 120 by the Device of the User 130. This code is an N-digit character string, for example a 4-digit PIN code, although other codes would be suitable, provided that a user can remember the code for the time it takes to entering the code on an input device, and provided that the code allows for a reasonably large number of permutations such that the code is reasonably secure against being broken by trial and error (for example, a 4-digit numeric code allows for approximately 10000 combinations, which at the rate of 1 permutation per second would take about 3 hours to be sure of finding the correct code by trial and error).
In such embodiments where an authorisation code is displayed, the Form Provider 110 provides a data entry field (e.g. a text entry box) which is displayed with the form 150 on the web page so as to be associated with the form 150 by the Form Consumer 120. The Form Consumer 120 can enter 218 the authorisation code into that data entry field, which serves as an indication that the Form Provider 110 is authorised to receive the completed form 150 (including the one or more items of data associated with the user which were matched with the one or more data fields of the form) from the Form Processing System 140.
Upon receipt of the authorisation code (via the data entry field), the Form Provider 110 requests 219 the completed form 150 from the Form Processing System 140. The request for the completed form includes a payload, the payload including an identification of the Form Provider 110, and optionally the authorisation code. Optionally, the cookie which was received in step 205 from -23 -the Form Provider 110 is also included in the payload. The optional use of a cookie implements what is known as iwo factor authentication", i.e. authentication based upon two factors: something which an entity knows (the authentication code) and something which the entity has (the cookie). In other embodiments where security is of lesser importance, the Form Consumer 120 can indicate the authorisation in another way, such as clicking on an item on the web page in which the form 150 is displayed.
The Form Processing System 140, responsive to the request 219 from the Form Provider 110, optionally performs a validation check. The validation check checks the authorisation code, if provided, and in embodiments may check other characteristics of the request.
Optionally, where the payload of the request includes a copy of the cookie, the validation check further includes a check on the cookie (i.e. that the received cookie matches the cookie which was sent in step 205). This provides further security by ensuring that the web browser which was originally used by the Form Consumer 120 to view the visual annotation 160 for processing by the Device of the User 130, is the same web browser that is being used when the Form Provider 110 requests the completed form. Alternatively, in embodiments where security is of lower importance, the Form Provider 110 and Form Processing System 140 may be arranged such that the Form Provider 110 is assumed to be authorised to receive the completed form 150.
Upon successfully completing any of the above validation checks which are applicable, the Form Processing System 140 returns 220 the items of data comprised in the completed form to the Form Provider 110. Optionally, the Form Processing System 140 automatically populates the form 150 at the Form Provider 110 using the software library component which was earlier provided to the Form Processing System 140 by the Form Provider 110. In other optional embodiments, the Form Processing System 140 sends the completed form 150 (otherwise termed rsession data") to the web browser, which automatically populates the displayed form 150 with the session data. In some embodiments, the Form Processing System 140 may be arranged to simply skip to step 220, wherein the items of data comprised in the completed form 150 are sent to the -24 -Form Provider 110, directly after receiving the submission of the completed form from the Device of the User 130. Thus, steps 216 to 219 inclusive are optional.
Finally, the completed form 150 is optionally displayed 221 to the Form Consumer 120, who is thus able to validate the contents of the form before optionally approving the completed form 150 for processing by the Form Provider 110. In some embodiments, the completed form 150 is simply considered to be approved for processing, without further consulting the Form Consumer 120, thus these steps are also optional.
Figure 4 shows steps carried out by the Form Consumer 120, according to the method described above. Steps 451, 403, 407, 408, 413, 414,415,417,418, 419, 420 and 421 of Figure 4 respectively correspond to steps 251, 203, 207, 208, 213, 214, 215, 217, 218, 219, 220 and 221 as described with reference to Figures 2a and 2b.
Figure 5 shows steps carried out by the Form Provider 110, according to the method described above. Steps 501, 502, 503, 504, 505, 506, 507, 518, 519, 520 and 521 of Figure 5 respectively correspond to steps 201, 202, 203, 204, 205, 206, 207, 218, 219, 220 and 221 as described with reference to Figures 2a and 2b. In step 506a, the Form Provider 110 optionally provides the software library component to the Form Processing System 140, which the Form Processing System 140 can later use to remotely complete the form 150 at the Form Provider 110.
Figure 6 shows steps carried out by the Form Processing System 140, according to the method described above. Steps 601, (601a and 602), 651, 652, 661, 662, 604, 605, 606, 611, 612, 615, 616, 619 and 620 of Figure 6 respectively correspond to steps 201, 202, 251, 252, 261, 262, 204, 205, 206, 211, 212, 215, 216, 219 and 220 as described with reference to Figures 2a and 2b.
-25 -Figure 7 shows steps carried out by the Device of the User 130, according to the method described above. Steps 761, 762, 708, 709, (710 and 710a), 711, 712, 713, 714, 715, 716 and 717 of Figure 7 respectively correspond to steps 261, 262, 208, 209, 210, 211, 212, 213, 214, 215, 216 and 217 as described with reference to Figures 2a and 2b.
Further details of the Form Definition, in the form of a data model according to one embodiment, will now be described.
The Form Definition comprises a number of Form_item entries, each Form_item entry corresponding to a data field of the form 150. Each Form_item inherits some characteristics, each of which are defined in a Field_library in the Form Definition. For example, each Form_item includes characteristics which may include: a "friendly_name" (e.g. "Mobile phone number"); a "maximum length" (e.g. 15 characters); an "isSerisitive" flag (e.g. true for passwords, indicating that the password should be displayed only as dots on-screen, not as characters), and a "custom validation string" (which is a regular expression which can be used for validating the contents of the data field).
A "Field_library_grouping" can also be included in the Form Definition, so as to define groups of data fields which are associated with each other, e.g. those data fields corresponding to the first and second lines of an address, the house number and the postcode.
A "Field enum" entry in the Form Definition can be associated with a particular data field. This allows for particular data values which are possible for that field to be enumerated, for example {"Mr", "Mrs", "Ms", "Sir"}. When the Device of the User 130 processes the Form Definition, it can render such choices as a drop-down list which is displayed to the Form Consumer 120.
The Form Definition is optionally an encrypted JSON data structure (as will be understood by a skilled person) which is a direct encapsulation of the data model described above.
A tool which is useful for a Form Provider 110 will now be described.
-26 -When the Form Provider 110 registers a form with the Form Processing System 140 for the first time, a web-based or API-based program is optionally provided for use by the Form Provider 110 for assisting generation of the Form Definition according to the above-described data model. That program can parse an HTML representation of the Form Provider's web page (including the form to be registered), and perform matching of the "ID" element of each field within the HTML form, using an existing "fuzzy logic" matching algorithm which compares: the ID element; with the friendly name entry of each of the Field_library items which the Form Processing System 140 knows about (i.e. a standard set of Field_library items accessible to the Form Processing System 140). If the compared ID element and one of the respective friendly_name entries are determined to be similar, the algorithm suggests an appropriate Field_library to the Form Provider 110. This reduces the effort required by a Form Provider 110 when registering a form with the Form Processing System 140.
Figure 8 schematically illustrates an example system 800 according to an embodiment of the invention, in which the described methods may be deployed.
The Form Provider 110, Form Processing System 140 and Device of the User 130 may be arranged to communicate over a network 810. A device on which the web browser application is executed (which web browser application is used by the Form Consumer 120 to view the form 150) may also be so arranged to communicate with other devices over the network 810. The device on which the web browser application is executed may be the same as the Device of the User 130, or may be a separate device (not shown in Figure 8). The network 810 may be any kind of network suitable for transmitting or communicating data. For example, the network 810 could comprise one or more of a local area network, a wide area network, a metropolitan area network, the internet, a wireless communications network, a cable network, a digital broadcast network, a satellite communication network, a telephone network, etc. The Form Provider 110, Form Processing System 140, Device of the User 130, and the device on which the web browser application is run, may be arranged to communicate over the network 810 using any suitable communication mechanism/protocol in order to -27 -communicate data. It will be further appreciated that other communication scenarios are possible. For example, the Form Provider 110 may provide the form 150 or other data via a physical medium (such as a CD, DVD, BluRay disc, etc.), in which case all or part of the network 810 may be omitted. In a similar manner, any of the devices shown in Figure 8 may provide or receive data using physical media instead of via the network 810, in which case a corresponding part of the network 810 may be omitted.
The Form Provider 110, Form Processing System 140, Device of the User 130, and the device on which the web browser application is run, may each comprise one or more computer systems 900. Figure 9 schematically illustrates an example of such a computer system 900. The computer system 900 comprises a computer 902. The computer 902 comprises: a storage medium 904, a memory 906, a processor 908, a storage medium interface 910, a user output interface 912, a user input interlace 914 and a network interface 916, which are all linked together over one or more communication buses 918.
The storage medium 904 may be any form of non-volatile data storage device such as one or more of a hard disk drive, a magnetic disc, an optical disc, a ROM, etc. The storage medium 904 may store an operating system for the processor 908 to execute in order for the computer 902 to function. The storage medium 904 may also store one or more computer programs (or software or instructions or code) that form part of an embodiment of the invention.
The memory 906 may be any random access memory (storage unit or volatile storage medium) suitable for storing data and/or computer programs (or software or instructions or code).
The processor 908 may be any data processing unit suitable for executing one or more computer programs (such as those stored on the storage medium 904 and/or in the memory 906), some of which may be computer programs according to embodiments of the invention or computer programs that, when executed by the processor 908, cause the processor 908 to carry out a method according to an embodiment of the invention and configure the system 900 to be a system according to an embodiment of the invention. The processor 908 may -28 -comprise a single data processing unit or multiple data processing units operating in parallel or in cooperation with each other. The processor 908, in carrying out data processing operations for embodiments of the invention, may store data to and/or read data from the storage medium 904 and/or the memory 906.
The storage medium interface 910 may be any unit for providing an interface to a data storage device 922 external to, or removable from, the computer 902. The data storage device 922 may be, for example, one or more of an optical disc, a magnetic disc, a solid-state-storage device, etc. The storage medium interface 910 may therefore read data from, or write data to, the data storage device 922 in accordance with one or more commands that it receives from the processor 908.
The user input interface 914 is arranged to receive input from a user, or operator, of the system 900. The user may provide this input via one or more input devices of the system 900, such as a mouse (or other pointing device) 926 and/or a keyboard 924, that are connected to, or in communication with, the user input interface 914. However, it will be appreciated that the user may provide input to the computer 902 via one or more additional or alternative input devices (such as a touch screen). The computer 902 may store the input received from the input devices via the user input interface 914 in the memory 906 for the processor 908 to subsequently access and process, or may pass it straight to the processor 908, so that the processor 908 can respond to the user input accordingly.
The user output interface 912 is arranged to provide a graphical/visual and/or audio output to a user, or operator, of the system 900. As such, the processor 908 may be arranged to instruct the user output interface 912 to form an image/video signal representing a desired graphical output, and to provide this signal to a monitor (or screen or display unit) 920 of the system 900 that is connected to the user output interface 912. Additionally or alternatively, the processor 908 may be arranged to instruct the user output interface 912 to form an audio signal representing a desired audio output, and to provide this signal to one or more speakers 921 of the system 900 that is connected to the user output interface 912.
-29 -Finally, the network interface 916 provides functionality for the computer 902 to download data from and/or upload data to one or more data communication networks (such as the network 810 of figure 8).
It will be appreciated that the architecture of the computer system 900 illustrated in figure 9 and described above is merely exemplary and that other computer systems 900 with different architectures (for example with fewer components than shown in figure 9 or with additional and/or alternative components than shown in figure 9) may be used in embodiments of the invention. It will also be appreciated that the Form Provider 110, Form Processing System 140, Device of the User 130, and the device upon which the web browser application is run, may use different kinds of computer system 900.
As examples: the or each computer system 900 for the Form Provider 110 may be a personal computer or a server computer; the computer system 200 for the Form Processing System 140 may be a personal computer ora server computer; and the or each computer system 200 for the Device of the User 130 and/or the device on which the web browser application is run may be one or more of a mobile telephone, a tablet, a laptop, a television set, a set top box, a games console, a personal computer, a server computer, other mobile devices or consumer electronics devices, etc. It should be noted that the device on which the web browser application is run, and the Device of the User 130, may in some embodiments be integrated in the same device. Also, in some embodiments, the Form Provider 110 and the Form Processing System 140 may be a single integrated system. In such integrated embodiments, the separation of functionality and processing between the described elements is purely conceptual and is presented herein merely for ease of explanation.
It will be appreciated that the methods described have been shown as individual steps carried out in a specific order. However, the skilled person will appreciate that these steps may be combined or carried out in a different order whilst still achieving the desired result.
-30 -It will be appreciated that embodiments of the invention may be implemented using a variety of different information processing systems. In particular, although the figures and the discussion thereof provide an exemplary computing system and methods, these are presented merely to provide a useful reference in discussing various aspects of the invention. Embodiments of the invention may be carried out on any suitable data processing device, such as a personal computer, laptop, personal digital assistant, mobile telephone, set top box, television, server computer, etc. Of course, the description of the systems and methods has been simplified for purposes of discussion, and they are just one of many different types of system and method that may be used for embodiments of the invention. It will be appreciated that the boundaries between logic blocks are merely illustrative and that alternative embodiments may merge logic blocks or elements, or may impose an alternate decomposition of functionality upon various logic blocks or elements.
Although examples have been described which use a web browser to display and complete an on-line form, the disclosure of the application can also be applied to physical (e.g. paper) forms. In such cases: step 203 would correspond to an interaction (e.g. a telephone call, or a visit to a store) between the Form Consumer 120 and Form Provider 110, which interaction resulted in a need for the Form Provider 110 to capture information from the Form Consumer 120; step 207 would correspond to sending the physical form by physical delivery means to the Form Consumer 120; step 220 would involve the Form Processing System 140 sending the completed form in physical format to the Form Provider 110; and optional step 221 could be omitted, or a copy of the completed form sent to the Form Consumer 120 for validation.
It will be appreciated that the above-mentioned functionality may be implemented as one or more corresponding modules as hardware and/or software. For example, the above-mentioned functionality may be implemented as one or more software components for execution by a processor of the system.
Alternatively, the above-mentioned functionality may be implemented as hardware, such as on one or more field-programmable-gate-arrays (FPGAs), and/or one or more application-specific-integrated-circuits (ASIC5), and/or one or -31 -more digital-signal-processors (DSPs), and/or other hardware arrangements.
Method steps implemented in flowcharts contained herein, or as described above, may each be implemented by corresponding respective modules; multiple method steps implemented in flowcharts contained herein, or as described above, may together be implemented by a single module.
It will be appreciated that, insofar as embodiments of the invention are implemented by a computer program, then a storage medium and a transmission medium carrying the computer program form aspects of the invention. The computer program may have one or more program instructions, or program code, which, when executed by a computer carries out an embodiment of the invention.
The term "program," as used herein, may be a sequence of instructions designed for execution on a computer system, and may include a subroutine, a function, a procedure, a module, an object method, an object implementation, an executable application, an applet, a servlet, source code, object code, a shared library, a dynamic linked library, and/or other sequences of instructions designed for execution on a computer system. The storage medium may be a magnetic disc (such as a hard drive or a floppy disc), an optical disc (such as a CD-ROM, a DVD-ROM or a BluRay disc), or a memory (such as a ROM, a RAM, EEPROM, EPROM, Flash memory or a portable/removable memory device), etc. The transmission medium may be a communications signal, a data broadcast, a communications link between two or more computers, etc.

Claims (26)

  1. -32 -CLAIMS1. A computer-implemented method for facilitating the completion of a form, the form corresponding to a transaction between a user and a Form Provider, the method comprising: at the Form Provider: receiving information from a Form Processing System, which information enables identification of the transaction; adding a visual annotation to the form, the annotation representing an identification of the transaction; and providing the annotated form to the user; and at a Device of the User, which device has access to at least one item of data associated with the user: processing the annotation to identify the transaction; using the identification of the transaction to retrieve a form definition from the Form Processing System, which form definition comprises information about at least one data field of the form; matching the at least one data field with at least one item of data associated with the user, based on the form definition; and providing the matched item of data to the Form Processing System for access by the Form Provider.
  2. 2. A computer-implemented method for a device of a user to facilitate the completion of a form, the form corresponding to a transaction between the user and a Form Provider, the device having access to at least one item of data associated with the user, the method comprising the Device of the User processing a visual annotation which is associated with the form to identify the transaction, which annotation represents an identification of the transaction; using the identification of the transaction to retrieve a form definition from the Form Processing System, which form definition comprises information about at least one data field of the form; -33 -matching the at least one data field with at least one item of data associated with the user, based on the form definition, and providing the matched data to the Form Processing System for access by a Form Provider.
  3. 3. A computer-implemented method for facilitating the completion of a form, the form corresponding to a transaction between a user and a Form Provider, the method comprising the Form Processing System: sending information to the Form Provider, the information enabling identification of the transaction; responsive to a request from a Device of the User, which request includes an identification of the transaction, providing a form definition to the Device of the User, the form definition comprising information about atleast one data field of the form;receiving at least one item of data associated with the user, which item of data has been matched with the at least one data field using the form definition; and providing the at least one item of data associated with the user to the Form Provider.
  4. 4. A computer-implemented method for facilitating the completion of a form, the form corresponding to a transaction between a user and a Form Provider, the method comprising the Form Provider receiving information from a Form Processing System, which information enables identification of the transaction; adding a visual annotation to the form, the annotation representing an identification of the transaction; providing the annotated form to the user; and receiving at least one data item associated with a user from the Form Processing System, which data item has been matched with a data field of the form by a device arranged to carry out the method of claim 2.
    -34 -
  5. 5. The method of claim 4 further comprising the Form Provider updating the form with the at least one data item associated with the user, and providing the updated form for viewing by the user.
  6. 6. A computer-implemented method for facilitating the completion of a form, the form corresponding to a transaction between a user and a Form Provider, the method comprising: receiving the form from a Form Provider arranged to carry out the method of claim 4; and operating a device arranged to carry out the method of claim 2.
  7. 7. The method of claim 6, wherein the method further comprises, responsive to receiving from the device a suggested match between: at least one item of data associated with the user; and at least one data field of the form; providing a confirmation to the device that the suggested match is accepted by the user.
  8. 8. The method of claim 7 further comprising: responsive to the providing the confirmation, receiving an authorisation code from the device; and providing the authorisation code to the Form Provider, such that the Form Provider is authorised to receive the matched data from the Form Processing System.
  9. 9. The method of claim I or claim 4 further comprising, prior to receiving the information, the Form Provider sending a request to the Form Processing System, and responsive to receiving the request the Form Processing System sending the information to the Form Provider.
  10. 10. The method of any one of claims 1, 3 and 4, wherein the information is an address from where the identification of the transaction can be obtained.
    -35 -
  11. 11. The method of any one of claims 1, 2 and 4, wherein the annotation is machine readable.
  12. 12. The method of claim 11, wherein the annotation is a OR code.
  13. 13. The method of claim 11, wherein the annotation representing an identification of the transaction is encrypted.
  14. 14. The method of any preceding claim wherein the form is provided to the user over a network.
  15. 15. The method of any preceding claim, wherein the form definition identifies one or more attributes of the form, each attribute selected from a set of field types, the set of field types defined in a field library;
  16. 16. The method of claim 15, wherein the set of field types comprises at least one of: name; maximum length; and security sensitivity.
  17. 17. The method of any preceding claim, wherein the form definition includes a 23 regular expression which can be used for validation of an item of data against its matched data field, and the method further comprises the Device of the User validating at least one item of data based on such a regular expression.
  18. 18. The method of any preceding claim, wherein the form definition comprises an encrypted JSON data structure encapsulating the information about at leastone data field of the form.
  19. 19. The method any preceding claim, further comprising the Form Provider registering the form definition with the Form Processing System.
  20. 20. The method of any preceding claim, further comprising registering the Device of the User with the Form Processing System.-36 -
  21. 21. The method of any preceding claim, wherein matching comprises determining that a plurality of items of data match the at least one data field, and prompting the user to select one of the plurality of items of data.
  22. 22. The method of any preceding claim, wherein matching comprises: determining that a plurality of items of data match the at least onedata field; andthe Device of the User preferentially offering to the user one of the plurality of items of data.
  23. 23. The method of any preceding claim, further comprising the Device of the User displaying an authorisation code to the user, and the Form Processing System, responsive to receiving the authorisation code from the user, providing the matched data to the Form Provider.
  24. 24. The method of claim 23 further comprising, the Form Processing System: responsive to a request from the Form Provider, sending a cookie to the Form Provider for forwarding to a web browser of the user; upon receiving the authorisation code from the user, verifying the authorisation code using the cookie; and upon successfully verifying, providing the matched data to the Form Provider.
  25. 25. A device arranged to carry out a method according to any preceding claim.
  26. 26. A computer-readable medium storing instructions which, when executed by a processor, cause the processor to carry out a method according to any one of claims 1 to 25.
GB1219868.5A 2012-11-05 2012-11-05 A method for facilitating completion of a form Withdrawn GB2507562A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
GB1219868.5A GB2507562A (en) 2012-11-05 2012-11-05 A method for facilitating completion of a form

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
GB1219868.5A GB2507562A (en) 2012-11-05 2012-11-05 A method for facilitating completion of a form

Publications (2)

Publication Number Publication Date
GB201219868D0 GB201219868D0 (en) 2012-12-19
GB2507562A true GB2507562A (en) 2014-05-07

Family

ID=47429161

Family Applications (1)

Application Number Title Priority Date Filing Date
GB1219868.5A Withdrawn GB2507562A (en) 2012-11-05 2012-11-05 A method for facilitating completion of a form

Country Status (1)

Country Link
GB (1) GB2507562A (en)

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2008049096A2 (en) * 2006-10-20 2008-04-24 Intelli-Check, Inc. Automatic document reader and form population system and method
US20110271173A1 (en) * 2010-05-03 2011-11-03 Xerox Corporation Method and apparatus for automatic filling of forms with data

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2008049096A2 (en) * 2006-10-20 2008-04-24 Intelli-Check, Inc. Automatic document reader and form population system and method
US20110271173A1 (en) * 2010-05-03 2011-11-03 Xerox Corporation Method and apparatus for automatic filling of forms with data

Also Published As

Publication number Publication date
GB201219868D0 (en) 2012-12-19

Similar Documents

Publication Publication Date Title
US10146948B2 (en) Secure network access
US11341464B2 (en) Purchase transaction system with encrypted payment card data
US20210319091A1 (en) Multiple device credential sharing
US9378345B2 (en) Authentication using device ID
KR101851686B1 (en) Abstracted and randomized one-time passwords for transactional authentication
EP2385679B1 (en) Locally stored phishing countermeasure
US9015820B1 (en) Cross site request forgery mitigation in multi-domain integrations
KR102433089B1 (en) System and method for third party application activity data collection
US8689345B1 (en) Mitigating forgery of electronic submissions
CN106716918B (en) User authentication method and system
US9003540B1 (en) Mitigating forgery for active content
TR201810238T4 (en) The appropriate authentication method and apparatus for the user using a mobile authentication application.
US20140214671A1 (en) Server side mobile payment processing and authentication
US20170053139A1 (en) Method, device and software for securing web application data through tokenization
US20160103988A1 (en) Secure automatic authorized access to any application through a third party
CN111177735A (en) Identity authentication method, device, system and equipment and storage medium
US20210168140A1 (en) System and Method for Automatically Registering a Verified Identity in an On-Line Environment
US9210155B2 (en) System and method of extending a host website
CN112154636A (en) Deep link authentication
US20240089249A1 (en) Method and system for verification of identify of a user
US20230259565A1 (en) System and method for facilitating presentation modification of a user interface
JP6178112B2 (en) Authentication server, authentication system and program
GB2507562A (en) A method for facilitating completion of a form
JP6532505B2 (en) Authentication server, authentication system and program
JP2007065789A (en) Authentication system and method

Legal Events

Date Code Title Description
WAP Application withdrawn, taken to be withdrawn or refused ** after publication under section 16(1)