Adobe Inc.
Protocol to Initiate Session With Partner Site

Abstract:

A protocol to initiate a session with a partner site in a digital medium environment is described. Systems that initiate partner-site sessions according to this improved protocol reduce exposure of sensitive information in relation to conventional systems that leverage conventional protocols. According to the improved protocol, a system initiating a partner-site session--to obtain functionality from a respective service provider system--creates a hidden storage area (e.g., an iframe) in a local security context. The system then uses this hidden storage area to store session information--which may include sensitive, personally identifying information--rather than using storage of the respective service provider system. By avoiding communication of sensitive information for storage by the service provider system, the system does not expose the sensitive information. Due to this, the system reduces a number of opportunities for maliciously acquiring that information.