MICHEL FLOYD - REDWOOD CITY CA,
CAY S. HORSTMANN - CUPERTINO CA,
RON E. LUNDE - PORTLAND OR,
The present invention, generally speaking, provides a flexible mechanism for effecting a payment/unlock transaction for deliver-then-pay content distribution. Instead of interacting with a local client interface, purchase is effected by interacting with a commerce Web site. The content is unlocked by delivering to the client a certificate, which serves as proof of purchase. The certificate is rendered secure so that it cannot simply be replicated to gain additional unauthorized access. In a preferred embodiment, a local application (e.g., a stand-alone application or a browser plug-in) is present on the end-user's machine and is registered with the local operating system and browser to handle files of a particular type used for certificates. Downloading and processing of the certificate may therefore be done transparently, without user-intervention. Piracy is prevented by “individuation” of the certificate. If the certificate simply unlocked the product, then nothing would prevent that certificate from simply being moved to any number of other machines or used by multiple unauthorized users. To prevent this, certificate individuation is performed. Preferably, the certificate is generated in a unique manner when it is first provided to the consumer. Alternatively, the first time a certificate is processed on an end-user machine, the certificate together with unique local machine information (such as the hard drive ID) and/or unique user information (e.g., biometric information such as fingerprint information, information from a smart card, etc.) is then presented back to the server (either the original server or a separate reference server) for validation. The server can therefore control how many times a certificate is used.