Devices, systems, and methods for granting internet access

The use of a single page web application on user devices with local computing power and CDN content, along with cryptographically signed receipts, addresses scalability and privacy issues in internet access systems, achieving cost-effective and secure operations.

WO2026151859A1PCT designated stage Publication Date: 2026-07-16NOMADIX INC

Patent Information

Authority / Receiving Office
WO · WO
Patent Type
Applications
Current Assignee / Owner
NOMADIX INC
Filing Date
2026-01-08
Publication Date
2026-07-16

AI Technical Summary

Technical Problem

Existing internet access systems in public locations are difficult to scale and costly due to reliance on centralized servers, and they often require interaction with untrustworthy servers, posing privacy risks.

Method used

A single page web application (SPA) runs on user devices, leveraging local computing power and content from a Content Distribution Network (CDN), minimizing server interactions and using cryptographically signed receipts to authenticate and process payments in a distributed manner.

Benefits of technology

This approach enhances scalability and privacy while reducing costs by minimizing server requirements and enabling secure, distributed authentication and payment processing.

✦ Generated by Eureka AI based on patent content.

Smart Images

  • Figure US2026010586_16072026_PF_FP_ABST
    Figure US2026010586_16072026_PF_FP_ABST
Patent Text Reader

Abstract

Described herein are exemplary devices, apparatuses, systems, methods, non-transitory storage media, and computer programs for granting internet access.
Need to check novelty before this filing date? Find Prior Art

Description

Attorney Docket No. 504142001440DEVICES, SYSTEMS, AND METHODS FOR GRANTING INTERNET ACCESS CROSS REFERENCE TO RELATED APPLICATIONS

[0001] This application claims the benefit of U. S. Provisional Application No. 63 / 743,213, filed January 8, 2025, which is incorporated herein by reference in its entirety.TECHNICAL FIELD

[0002] This disclosure generally relates to devices, apparatuses, systems, methods, non-transitory storage media, and computer programs for granting internet access.BACKGROUND

[0003] To obtain internet access for a user device in a public location (e.g., a hotel, an event venue, a business), a user may be taken to a webpage (e.g., a captive portal provided by a server) that requests user inputs before full access to the internet is granted. Each user interaction with the webpage may require interaction with the server to load a next page or access additional data. Furthermore, personally identifiable information (PH) data may be communicated to the server, for example, to authenticate access or process payment for internet access. The server may not be trustworthy.

[0004] Additionally, such systems may be difficult to scale. For example, such a system may include a cloud server, a database system, a background job processor, transient queue storage, and other required resources to form a single “node.” Scaling horizontally would require scaling most of these resources, and cost would increase linearly as the scale of the load increases. At some point, the database may not cope with more nodes, and it may be necessary to partition the platform into regional clusters, which would further increase cost. It is advantageous to utilize an application that executes on the user device, rather than on the server, to assist with the process of granting internet access to the user. In embodiments, such as described herein, this can advantageously improve scalability and privacy, and reduce costs.SUMMARY

[0005] Described herein are exemplary devices, apparatuses, systems, methods, non- transitory storage media, and computer programs for granting internet access.

[0006] In some embodiments, a single page web application (SPA) is used to render a captive portal website on user devices (e.g., a device seeking internet access at a hotel, an event venue, or a business). In some embodiments, a SPA is an interactive web application or website in which a current web page is dynamically rewritten with data from a web server or in 1MF-364629458Attorney Docket No. 504142001440response to user inputs. In some embodiments, such a web application or website may comprise two or more pages of content.

[0007] Advantageously, the disclosed system uses computing power available on user devices, and content can be served from anywhere on the internet. In some embodiments, content is served from a Content Distribution Network (CDN), such as Amazon AWS CloudFront backed by static files (e.g., static configuration data) held in a cloud-based storage service such as Amazon S3 (Simple Storage Service). This would reduce costs and increase scalability, by reducing or eliminating the need for standard web servers.

[0008] Because the captive portal is loaded by the user device and runs within that computing platform, the SPA can be more self-sufficient, compared to other internet access granting systems. For example, it would not need to interact with a server on every user interaction to load the next page or access additional data. The SPA would be in control of the user journey and may only interact with another device to request a receipt, to authenticate or process payment, or to submit the receipt for internet access. In some embodiments, data needed to drive the user experience (e.g., static configuration data) may be bundled statically with the SPA, which may involve using a JSON and / or CSS file (or another suitable file type) distributed via the CDN. The JSON and / or CSS file may be published by a backend system along with any customizations, such as the look and feel of the SPA (e.g., content displayed on a user interface of the SPA), and uploaded to the CDN.

[0009] In some embodiments, the SP / X can be hosted by a capable infrastructure. Any suitable hosting infrastructure can be used. For example, a location of the internet access (e.g., hotels, event venues, businesses) can host the application in its own data centers, or the application may be hosted on flash storage within networking equipment, e.g., for smaller deployments such as retail outlets. In this way, hosting may be distributed and need not be constrained to a central service managed by a particular organization, which may be beneficial for some applications. However, a hosting infrastructure can be flexibly implemented and is not limited to any particular configuration.

[0010] In some embodiments, when the SPA needs to authenticate a user and / or take a payment, the user device would submit the necessary data (e.g., received via the SPA) to an authentication or payment cloud service (e.g., performed using a second device different from the user device) that validates the data and performs any necessary actions such as taking payment. In some embodiments, the service would then return one or more receipts, which are described in more detail herein. In some embodiments, this data is transmitted to different2MF-364629458Attorney Docket No. 504142001440services (e.g., corresponding to different devices) and these different services return respective receipt(s) to confirm validation, acceptance, or successful processing of the data.

[0011] In some embodiments, the receipt contains no PII data (e.g., none of a user name, user government identification information, user date of birth, user address, user biometrics, or user financial information), and indicates the outcome of the authentication, payment operation, or data validation. Limiting the inclusion of PII data in the receipt can be beneficial for privacy or data security reasons, or to comply with regulatory requirements. The receipt may be signed to prevent tampering and / or timestamped to prevent replay attacks, and can thus serve as proof that an authentication, payment, or data validation has taken place. The user device can submit these receipts to another cloud service (e.g., a service provided by a third device different from the second device) or to the same second device to prove that there has been authentication, payment, or data validation taken, without that other cloud service needing to know the details (e.g., without PII data). The service can validate the receipts and know they were issued by a trusted source (e.g., the second device is a trusted peer of the third device) and act on that basis.

[0012] This allows authentication and payment to be handled in a distributed manner, such that more steps may be more securely performed by the user’s device and processing performed by other devices may be reduced. Advantageously, this would allow the system to be more scalable because fewer resources need to be scaled, compared to existing systems. Further, this could reduce specific server requirements, allowing more types of infrastructure to be used. For example, a location of internet access (e.g., hotels, event venues, businesses) can integrate more easily and use its own trusted services. Thus, the disclosed system can lead to overall cost savings and better scalability. Minimal requirements (e.g., the issuance of compatible receipts) can reduce implementation costs and operational expenses, and improve accessibility.

[0013] In some embodiments, when the SPA reaches the end of the user journey (e.g., the end user has completed all required tasks), the final step is to provide the user device with internet access. To do this, the user device submits the one or more gathered receipts to a cloud service (e.g., a device different from a device providing the receipts) that processes these requests. In some embodiments, this cloud service does not require a traditional database to look up any data because all of the necessary data is presented to the service in the form of receipts or other signed materials (e.g., static configuration data) originating from a CDN. The receipts are validated and if the receipts are valid, the cloud service instructs the network at the user’s site to provide internet access. In this way, this cloud service requires fewer resources and allows reduced cloud infrastructure. Details on receipt validation are described herein.3MF-364629458Attorney Docket No. 504142001440

[0014] In some embodiments, a method of granting internet access comprises: receiving, at a device associated with a user, a request for internet access; in response to receiving the request for internet access, executing, at the device, a SPA; receiving, via the SPA, a user input associated with the request for internet access; in response to receiving the user input, transmitting a request for a receipt; receiving, at the device, the receipt; and in response to receiving the receipt, transmitting the receipt, wherein the internet access is provided to the device based on the transmitted receipt.

[0015] In some embodiments of the method, the user input associated with the request for internet access comprises information associated with the user, the transmitting the request for the receipt comprises transmitting the information, and the receipt is received in accordance with a determination that the user is authenticated according to the transmitted information.

[0016] In some embodiments of the method, the information comprises at least one identifier of the user.

[0017] In some embodiments of the method, the receipt does not comprise personally identifiable information of the user.

[0018] In some embodiments, the method further comprises: in response to receiving the receipt, presenting, via the SPA, options for internet access; and receiving, via the SPA, a selected option for internet access. One or more parameters associated with the internet access are based on the selected option.

[0019] In some embodiments, the method further comprises: in response to receiving the receipt, presenting, via the SPA, a request for payment for internet access; receiving, via the SPA, a second user input responding to the request for the payment; receiving a second receipt, wherein the second receipt is received in accordance with a determination, based on the second user input, that the request for payment is satisfied; and in response to receiving the second receipt, transmitting the second receipt, wherein the internet access is provided to the device further based on the transmitted second receipt.

[0020] In some embodiments of the method, the first receipt is received from a second device, and the second receipt is received from a third device different from the second device.

[0021] In some embodiments of the method, the request for the receipt is transmitted to a second device, the internet access is provided by a third device different from the second device, and the receipt is transmitted to the third device.

[0022] In some embodiments of the method, the second device and the third device are configured to access a pre-shared secret, the second device is configured to generate the receipt4MF-364629458Attorney Docket No. 504142001440based on the pre-shared secret, and the third device is configured to: validate the receipt based on the pre-shared secret, and provide internet access according to a determination that the receipt is valid.

[0023] In some embodiments of the method, the second device is configured to generate a signed receipt, and the third device is configured to provide internet access in accordance with a determination that the signed receipt is valid.

[0024] In some embodiments of the method, the receipt comprises a first portion and a signature portion. The first portion comprises data indicating an acceptance of the request for the receipt, and the signature portion is generated based on an application of a cryptographic signing algorithm to the first portion.

[0025] In some embodiments of the method, the internet access is provided to the device in accordance with a determination, by a device receiving the transmitted receipt, that the receipt is valid, and the determination that the receipt is valid comprises: identifying, from the receipt, the first portion and the signature portion, applying the cryptographic signing algorithm to the first portion yielding a computed signature, comparing the computed signature and the signature portion, and determining, based on the comparison, that the computed signature comprises a match of the signature portion.

[0026] In some embodiments of the method, in accordance with a determination that the receipt is not valid, the internet access is not provided to the device.

[0027] In some embodiments of the method, the receipt comprises a timestamp indicating an issuing time of the receipt, the internet access is provided to the device in accordance with a determination that the receipt is valid, and the determination that the receipt is valid comprises determining that the issuing time of the timestamp is within a threshold of a time of validation.

[0028] In some embodiments of the method, the executing the SPA comprises accessing static configuration data.

[0029] In some embodiments of the method, the static configuration data comprises a bundle identifier, one or more signed authentication methods, one or more signed internet policies, one or more URLs for API endpoints associated with services, or any combination thereof.

[0030] In some embodiments, the method further comprises: in response to receiving the receipt, transmitting an allowable signed authentication method and an allowable signed internet policy. The transmitted receipt corresponds to the allowable signed authentication5MF-364629458Attorney Docket No. 504142001440method, and one or more parameters associated with the internet access are based on the allowed signed internet policy.

[0031] In some embodiments, the method further comprises displaying, on a display of the device, content on a user interface of the SPA, wherein the content is determined based on the static configuration data.

[0032] In some embodiments of the method, the content comprises an advertisement.

[0033] In some embodiments of the method, the static configuration data comprises one or more rules for determining the content.

[0034] In some embodiments of the method, the one or more rules are associated with one or more of a location, a time, user information, and device information.

[0035] In some embodiments of the method, the static configuration data comprises media content for being displayed on the user interface of the SPA.

[0036] In some embodiments, the method further comprises receiving, from a remote device, media content for being displayed on the user interface of the SPA.

[0037] In some embodiments, the method further comprises: in accordance with a determination that the request for internet access comprises a first request type, displaying the content; and in accordance with a determination that the request for internet access comprises a second request type, forgoing displaying the content.

[0038] In some embodiments of the method, the user input associated with the request for internet access comprises information associated with a user selection of a payment option, the transmitting the request for the receipt comprises transmitting the information, and the receipt is received in accordance with a determination that a request associated with the payment option is satisfied.

[0039] In some embodiments, a system comprises: a device associated with a user; and one or more processors configured to perform a method of granting internet access, the method comprising: receiving, at the device, a request for internet access; in response to receiving the request for internet access, executing, at the device, an SPA; receiving, via the SPA, a user input associated with the request for internet access; in response to receiving the user input, transmitting a request for a receipt; receiving, at the device, the receipt; and in response to receiving the receipt, transmitting the receipt, wherein the internet access is provided to the device based on the transmitted receipt.

[0040] In some embodiments, a system comprises: a device; and one or more processors configured to perform any of the above methods.6MF-364629458Attorney Docket No. 504142001440

[0041] In some embodiments, a non-transitory computer-readable medium stores instructions that, when executed by one or more processors, cause the one or more processors to perform a method of granting internet access, the method comprising: receiving, at a device associated with a user, a request for internet access; in response to receiving the request for internet access, executing, at the device, an SPA; receiving, via the SPA, a user input associated with the request for internet access; in response to receiving the user input, transmitting a request for a receipt; receiving, at the device, the receipt; and in response to receiving the receipt, transmitting the receipt, wherein the internet access is provided to the device based on the transmitted receipt.

[0042] In some embodiments, a non-transitory computer-readable medium stores instructions that, when executed by one or more processors, cause the one or more processors to perform any of the above methods.

[0043] In some embodiments, a computer program for granting internet access comprises computer program code which, when executed on a device, causes the device to: receive, at a device associated with a user, a request for internet access; in response to receiving the request for internet access, execute, at the device, a single page web application (SPA); receive via the SPA, a user input associated with the request for internet access; in response to receiving the user input, transmit a request for a receipt; receive, at the device, the receipt; and in response to receiving the receipt, transmit the receipt, wherein the internet access is provided to the device based on the transmitted receipt.

[0044] In some embodiments, a computer program for granting internet access comprises computer program code which, when executed on a device, causes the device to perform any of the above methods.

[0045] In some embodiments, a computer program product comprises any of the above computer programs and further comprises a computer readable means comprising non-transitory memory' in which the computer program is stored.

[0046] The embodiments disclosed are only examples, and the scope of this disclosure is not limited to them. Particular embodiments may include all, some, or none of the components, elements, features, functions, operations, or steps of the embodiments disclosed above.Embodiments according to the invention are in particular disclosed in the attached claims directed to a method, a storage medium, a system, and a computer program product, wherein any feature mentioned in one claim category, e.g., method, can be claimed in another claim category, e.g., system, as well. The dependencies or references back in the attached claims areMF-364629458Attorney Docket No. 504142001440chosen for formal reasons only. However, any subject matter resulting from a deliberate reference back to any previous claims (in particular multiple dependencies) can be claimed as well, so that any combination of claims and the features thereof are disclosed and can be claimed regardless of the dependencies chosen in the attached claims. The subject-matter which can be claimed comprises not only the combinations of features as set out in the attached claims but also any other combination of features in the claims, wherein each feature mentioned in the claims can be combined with any other feature or combination of other features in the claims. Furthermore, any of the embodiments and features described or depicted herein can be claimed in a separate claim and / or in any combination with any embodiment or feature described or depicted herein or with any of the features of the attached claims.

[0047] Additional advantages will be readily apparent to those skilled in the art from the following detailed description. The examples and descriptions herein are to be regarded as illustrative in nature and not restrictive. All publications, including patent documents, scientific articles, and databases, referred to in this application are incorporated by reference in their entirety for all purposes to the same extent as if each individual publication were individually- incorporated by reference.BRIEF DESCRIPTION OF THE DRAWINGS

[0048] Figures 1 A, IB, 2A, 2B, and 3 illustrate exemplary methods of granting internet access, in accordance with some embodiments.

[0049] Figure 4 illustrates an exemplary system, in accordance with some embodiments.DETAILED DESCRIPTION

[0050] In the following description of embodiments, reference is made to the accompanying drawings which form a part hereof, and in which it is shown by way of illustration specific embodiments which can be practiced. It is to be understood that other embodiments can be used, and structural changes can be made without departing from the scope of the disclosed embodiments.

[0051] Described herein are exemplary devices, apparatuses, systems, methods, non-transitory storage media, and computer programs for granting internet access.

[0052] In some embodiments, one or more SPAs are used to render a captive portal website on user devices (e.g., a device seeking internet access at a hotel, an event venue, or a business). In some embodiments, a SPA is an interactive web application or website in which a current web page is dynamically rewritten with data from a web server or in response to user inputs. In 8MF-364629458Attorney Docket No. 504142001440some embodiments, such a web application or website may comprise two or more pages of content. More details about the SPA and its content are described herein.

[0053] For instance, a user device may receive a request (e.g., from a user) for internet access. The user device may comprise a device such as a smartphone, a tablet computer, a laptop computer, a wearable computer, a computer-on-module (COM), system-on-module (SOM), a desktop computer, a notebook computer, an interactive kiosk, a mainframe, a mesh of computer systems, a personal digital assistant, a server, or any combination thereof. The device may comprise components of computer system 400.

[0054] In response to receiving the request for internet access, the device executes a SPA. The SPA may receive one or more inputs (e.g., one or more user inputs, one or more inputs to the SPA based on user inputs) associated with the request for internet access. These inputs may be information associated with the user, such as requested information for authentication or payment. More details about these inputs are described herein.

[0055] In response to receiving the one or more inputs via the SPA, the user device may transmit a request for one or more receipts (e.g., to one or more other devices corresponding to one or more sendees, such as authentication, payment, user information validation). With the request for the one or more receipts, the device may also transmit the one or more inputs (e.g., information associated with user) received via the SPA. The one or more inputs may be used (e.g., by one or more devices corresponding to the one or more services) to determine whether the one or more receipts should be generated and provided to the user device (e.g., the one or more inputs authenticate the user). If the one or more receipts are generated, the receipt(s) may be transmitted (e.g., by the respective one or more services via corresponding devices) and received by the user device. More details about receipt generation are described herein.

[0056] In response to receiving the receipt(s), the user device may transmit the receipt(s) for internet access. For instance, the user device may transmit the receipt(s) (e.g., to a device providing internet access, different from device(s) providing the receipts) for validation. In accordance with a determination that the receipt(s) are valid, internet access is granted to the user device. More details about receipt validation are described herein.

[0057] Advantageously, the system uses computing power available on user devices, and content can be served from anywhere on the internet. In some embodiments, content is served from a Content Distribution Network (CDN), such as Amazon AWS CloudFront backed by static files (e.g., static configuration data) held in cloud-based storage such as Amazon S3. While the user device executes the SPA, this static configuration data is accessed for9MF-364629458Attorney Docket No. 504142001440controlling the user’s journey to obtaining internet access. This would reduce costs and increase scalability, as standard web servers need not be required.

[0058] Because the captive portal is loaded by the user device and runs within that computing platform (e.g., using static configuration data), the SPA can be more self-sufficient, compared to other internet access granting systems. For example, it would not need to interact with a server on every user interaction to load the next page or access additional data. The SPA would be in control of the user journey and need only interact with another device to request a receipt, to authenticate or process payment, or to submit the receipt for internet access. In some embodiments, data needed to drive the user experience (e.g., static configuration data) may be bundled statically with the SPA, which may involve using one or more JSON files and / or CSS files (or another suitable file type) distributed via the CDN. These files may be published by a backend system along with any customizations, such as the look and feel of the SPA (e.g., content displayed on a user interface of the SPA), and uploaded to the CDN, which constitutes a published version of the “user journey.” While JSON and CSS are provided herein as example file types, the skilled artisan would appreciate that any suitable file type (e.g., XML) can be used.

[0059] In some embodiments, the SPA can be hosted by a capable infrastructure. Any suitable type of system can be used. For example, a location of internet access (e.g., hotels, event venues, businesses) can host the application in its own data centers, or the application may be hosted on flash storage within networking equipment, e.g., for smaller deployments such as retail outlets. In this way, hosting may be distributed and need not be constrained to a central service managed by a particular organization. Such hosting configuration may be beneficial, e.g., by improving data security or load management. However, the hosting configuration is flexible and any suitable hosting configuration can be used.

[0060] In some embodiments, when the SPA needs to authenticate a user, take a payment, or perform information validation, the user device would submit the necessary data (e.g., received via the SP / X) to an authentication, payment cloud, or information validation service (e.g., provided by a second device different from the user device) that validates the data and performs any necessary actions such as taking payment. In some embodiments, the service would then generate and return one or more receipts. In some embodiments, this data is transmitted to different services (e.g., corresponding to different devices) and these different services return respective receipt(s) to confirm validation, acceptance, or successful processing of the data.10MF-364629458Attorney Docket No. 504142001440

[0061] In some embodiments, a receipt (e.g., a receipt as described with respect to Figures 1 A, IB, 2A, 2B, 3) comprises data returned from a sendee in response to the request for the receipt (e.g., user device submitting data for authentication, payment, or information validation) and further in response to validation of data from the user device. In some embodiments, the receipt comprises data that is cryptographically signed to prevent tampering, such that a future observer of the receipt can detect tampering and trust that the content is intact. If the receipt can be shown to be intact (e.g., the data of the receipt is valid), it can be inferred that it was issued by a trusted source, and the receipt can be relied upon for further actions.

[0062] In some embodiments, a receipt comprises a first portion and a signature portion. For instance, the receipt can comprise a set of key-value pairs that can be encoded in any suitable format, such as JSON, CSS, XML or another suitable format. The first portion of the receipt may comprise data indicating acceptance of the receipt request (e.g., authentication after processing user-provided inputs). For instance, the first portion may comprise one or more of a type field, a timestamp, and a nonce field. A signature portion of the receipt may comprise a signature field. It should be appreciated that the first portion of the receipt may comprise other data, such as other key -value pairs.

[0063] In some embodiments, the type field is a string that indicates the type of payload the receipt carries. In some embodiments, the type field indicates one or more key-value pairs of the payload. For example, a payment receipt may store the string “payment” in the type field. As another example, a hotel reservation system may issue a receipt with type “pms-authentication.”

[0064] In some embodiments, the timestamp field comprises a representation of a date and time at which the receipt was issued (e.g., an issuing time of the receipt). In some cases, this field may be used to reject receipts that are too old. For example, this may be done to avoid replay attacks where a receipt is stolen and used again sometime later. At this later time, the timestamp field would be too old, and the receipt would fail validation; internet access would not be provided.

[0065] In some embodiments, the nonce field comprises a randomly generated string (e.g., during the request for internet access and the time is when the request occurred), which may be unique for each issued receipt. This field may help scramble the signature field, so receipts containing similar payloads do not result in similar signatures, potentially aiding an attacker in discovering the cryptographic secrets. A nonce may comprise a standard data element in cryptography.11MF-364629458Attorney Docket No. 504142001440

[0066] In some embodiments, the signature portion (e.g., signature field) comprises a cryptographic signature of the data values in the receipt (e.g., generated by applying a cryptographic signing algorithm to the first portion of the receipt), except for the signature field itself. The data values may comprise data indicating acceptance of the request for the receipt (e.g., authentication after processing user-provided inputs), such as the fields described here. In some embodiments, this field comprises a SHA256 hash, but any suitable cryptographic hashing or signing algorithm such as MD5, SHA1, or a public-key cryptographic digital signature may also be used.

[0067] For example, a receipt includes the following key-value pairs:Type: “payment”Success: “true”Reservation-id: “abc!23”Timestamp: 20241101T153427ZNonce: “xyz321”

[0068] This receipt can be signed using the following example processes. The receipt may be generated by a second device (e.g., a device providing one of the services validating information associated with the user), different from the user device, after receiving a request for a receipt and authenticating the user. A first step includes sorting the key -value pairs into alpha-numerical order by key. A second step includes extracting the value for each key. A third step includes concatenating values from the second step into a single string in the sort order from the first step.

[0069] A fourth step includes prepending a pre-shared secret (e.g., a string) known only to trusted peers. For example, the pre-shared secret is accessible to two or more different devices, where a first device uses the pre-shared secret to generate a receipt, and a second device uses the pre-shared secret to validate the receipt before providing internet access. Even if two entities have access to the data and the signing algorithm, the receipt cannot be generated or verified unless both entities access the same pre-shared secret. Thus, prepending the pre-shared secret, and requiring validation of the receipt before internet access is provided, can provide an additional measure of cryptographic security.

[0070] In some embodiments, the fourth step may be omitted. That is, in some embodiments, the pre-shared secret is prepended (e.g., the fourth step is performed); and in some embodiments, the pre-shared secret is not prepended (e.g., the fourth step is omitted).

[0071] A fifth step includes generating a signature portion, e.g., in accordance with an agreement between a receipt issuer and a receipt validator, establishing a trust relationship. For 12MF-364629458Attorney Docket No. 504142001440example, the step may involve applying a cryptographic signing algorithm to the result of the above steps (e.g., applying a cryptographic signing algorithm to the first portion of the receipt, computing the SHA256 hash to the first portion of the receipt, using another suitable method). In some embodiments, one or more non-symmetric encryption methodologies (e.g., public key cryptography) are used to generate the signature portion. For example, the signature portion may be generated using a private key, enabling a validator with a corresponding public key to verify the signature.

[0072] The sixth step includes adding the signature, obtained from the fifth step, to the receipt. This receipt may be transmitted to the user device, which transmits the receipt for requesting internet access.

[0073] Using the same example, following the first to third steps above, the following concatenation would be produced:xyz321 abcl23 true 20241101T153427Z payment

[0074] Assuming the pre-shared secret is “skyscraperl23,” the process would compute the SHA256 hash of the following string (fourth and fifth steps above):skyscraper123 xyz321 abc!23 true 20241101 T153427Z payment

[0075] From this, a signature key -value pair would be added to the receipt (sixth step).

[0076] As mentioned above, the receipt may be transmitted to the user device, and the user device may transmit the receipt to another device for requesting internet access. The device receiving the receipt and request for internet access may validate the receipt and grant access according to a valid receipt.

[0077] In some embodiments, to validate a receipt that includes a signature portion, the signature portion is first removed, and the first to fifth steps from above are performed on the remaining key -value pairs (e.g., first portion of the receipt). In some embodiments, a pre-shared secret is not used for generating the receipt, and thus a pre-shared secret is not used for generating the first portion of the receipt for validation (e.g., the fourth step is omitted).

[0078] The result from the fifth step is compared to the value of the signature portion. If the values match, it is determined that the receipt is valid. That is, validating the receipt comprises identifying a first portion (e.g., data indicating acceptance of the receipt request from the user device) and the signature portion from the receipt, applying a cryptographic signing algorithm (e.g., the algorithm used for generating the receipt) to the first portion to yield a 13MF-364629458Attorney Docket No. 504142001440computed signature, comparing the computed signature with the signature portion, and determining the receipt is valid if the computed signature matches the signature portion.

[0079] In some embodiments, validating the receipt involves decryption using non-symmetric encryption methodology (e.g., public key cryptography). For example, the signature portion may be generated using a private key, enabling a validator with a corresponding public key to verify the signature. In some embodiments, more generally, the receipt issuer and receipt validator agree on a method of signing the receipt, establishing a trust relationship and using this agreed-upon method to generate and validate the receipt.

[0080] If the receipt is successfully validated as described above, the receipt may be further checked to ensure that the timestamp field is not too old. This may be done by comparing the timestamp value (e.g., an issuing time of the receipt) to a time of validation (e.g., the current date / time). If the timestamp value is within a threshold of the time of validation, meaning the time difference is not more than a certain amount of time, then the receipt is not expired and is valid. If the timestamp value is not within a threshold of the time of validation, meaning the time difference is more than a certain amount of time, the receipt is expired and no longer valid. In some embodiments, the threshold may be five minutes or 60 seconds, but any suitable interval length can be chosen depending on the tolerance for detecting possible replay attacks.

[0081] In some embodiments, if the receipt is determined to not be valid (e.g., computed signature does not match the signature portion of the receipt, timestamp is too old), then internet access is not provided. In response, the SPA may display an error message and may make another request for inputs.

[0082] In some embodiments, receipts can be issued by one or more parties or sendees (e.g., one or more second devices different from the user device corresponding to the one or more parties or sendees) and validated by a different party (e.g., a third device providing internet access, different from the second devices). The parties (e.g., issuing and validating) may not need to be aware of the details of issuance or how the data in the receipt may be used. This allows a clean separation of PII processing from using data that may result from such processing. In other words, in some embodiments, the validating party does not need access to the PII data used by the issuing party or parties. An issuing party may include only necessary payload data to enable the validating party to proceed with further actions.

[0083] A peer-trust relationship can exist between the issuing and validating parties (e.g., between a second device and a third device) in the form of the pre-shared secret. In some embodiments, the second and third devices are configured to access the pre-shared secret. The14MF-364629458Attorney Docket No. 504142001440second device may generate the receipt based on the pre-shared secret, for example, as described above. The third device may validate the receipt based on the pre-shared secret (e.g., as described above) and provide internet access in accordance with a determination that the receipt is valid. This can provide additional security, by requiring proof of the peer-trust relationship (e.g., proof of access to the pre-shared secret) before internet access is granted. As noted above, the pre-shared secret may be a string such as a password. It should be appreciated that other choices of signature algorithm or data format may be used, e.g., in accordance with an agreement between a receipt issuer and a receipt validator.

[0084] Alternatively, in some embodiments, receipts can be issued and validated by the same party or service (e.g., provided by a second device different from the user device).Alternatively, in some embodiments, one device may validate the receipt(s) and another device may provide internet access according to a determination that the receipt(s) are valid.

[0085] The disclosed receipt allows authentication and payment to be handled in a distributed manner, such that more steps may be more securely performed by the user’s device and processing performed by other devices may be reduced accordingly. Advantageously, this would allow the system to be more scalable because fewer resources need to be scaled, compared to existing systems. Further, a suitable server (e.g., without any specific requirements) can process these actions, so a location of internet access (e.g., hotels, event venues, businesses) can integrate more easily and use its own trusted services. Thus, the disclosed system can lead to overall cost savings and better scalability. Minimal requirements (e.g., the issuance of compatible receipts) can reduce implementation costs and operation expenses, and improve accessibility.

[0086] In some embodiments, when the SPA reaches the end of the user journey (e.g., the end user has completed all required tasks), the final step is to provide the user device with internet access. To do this, the user device submits the gathered receipts to a cloud service (e.g., provided by a third device different from a second device providing the receipts) that processes these requests. In some embodiments, this cloud sendee does not require a traditional database to look up any data because all of the necessary data is presented to the sendee in the form of receipts or other signed material originating from a CDN. The cloud sendee may validate the receipt. In accordance with a valid receipt, the cloud sendee instructs the network at the user’s site (e.g., the hotel, event venue, or business) to provide internet access. In this way, this cloud sendee requires fewer resources and reduced cloud infrastructure.15MF-364629458Attorney Docket No. 504142001440

[0087] Figures 1A and IB illustrate an exemplary method 100 of granting internet access, in accordance with some embodiments. In some embodiments, the method 100 illustrates an example of a user device seeking internet access (e.g., from a network of a hotel, an event venue, a business), where the requirement for access includes providing a “click to connect” input on the SPA.

[0088] It should be appreciated that steps described with respect to Figures 1 A and IB are exemplary. The method 100 may include fewer steps, additional steps, or different order of steps than described. In some embodiments, two or more steps of method 100 may be performed at the same time. Steps of method 100 may be performed with operations described with respect to Figure 2A, 2B, or 3. It is appreciated that the steps of method 100 leverage the features and advantages described with respect to other sections. It is also appreciated that features and advantages described with respect to method 100 may apply to elements and steps described with respect to other sections.

[0089] It should be appreciated that these steps may be performed by components of the user device different than described. In some embodiments, steps described with respect to the captive portal engine (CPE), Dynamo DB (DDB) (RADIUS database), NC-HSIA, NSE, and RADIUS elements of method 100 may be performed by one or more computing devices (e.g., associated with one or more cloud services or storage systems). In some embodiments, steps described with respect to the template element of method 100 are performed by the user device via the SPA.

[0090] The method 100 may start with the user device receiving a request for internet access. For example, the user device connects to a network of the user’s site (e.g., a hotel, an event venue, a business), which may involve providing a request for internet access to the user device. In response to receiving the receiving the request for internet access, the user device may execute a SPA.

[0091] In some embodiments, when the template (e.g., SPA) begins running on a user device, it has access to static configuration data (e.g., bundled static data), which may govern how the SPA behaves. In some embodiments, this data is stored in a JSON file and / or CSS file (or another suitable file type) bundled with the SPA. However, it may be stored in any suitable format, such that the SPA can load the data statically on start-up and use it to govern its behavior.

[0092] For example, the bundled data comprises a bundle identifier (e.g., a unique bundle identifier associated with a particular configuration), a set of authentication methods that should16MF-364629458Attorney Docket No. 504142001440be offered to the end user (e.g., one or more allowable signed authentication methods), a set of internet policies that the end user may be granted (e.g., one or more allowable signed internet policies), one or more of URLs for API endpoints for authentication, payment, or other services including the CPE, or any combination thereof.

[0093] In some embodiments, the bundle identifier is used to provide a unique reference for a particular published version of the SPA. In some embodiments, this may be a UUID. It may be used to tie issued receipts and other data together to prevent attacks, for example, where receipts or data from other SPA versions are stolen and an attempt is made to reuse the data from a different SPA version.

[0094] In some embodiments, the set of authentication methods controls the set of tasks that the end user would be required to complete. For example, the set may contain one “click-to- connect” method indicating that the SPA should ask the user to click a button to get online (e.g., as described with respect to Figures 1 A and IB). In some embodiments, the set may contain two different methods such as “PMS authentication” and “Social Media Login.” In some embodiments, the end user would be offered a choice of which method to use. As described in more detail herein, the receipt is generated according to one of the allowable authentication methods.

[0095] Since a goal is to provide the end user with internet access, in some embodiments, there is a set of one or more policies that control the quality and quantity of internet access provided. One or more parameters associated with the requested internet access may be based on one of the allowed internet policy. A policy may specify limits such as duration of access (e.g., 24 hours) and bandwidth limits (e.g., 10 Mbps download speed). In some cases, the end user is not provided with a choice of policies (e.g., there is only one), while in other cases there may be multiple policies from which the end user can choose (e.g., as described with respect to Figures 2A and 2B). Some policies may require payment whereas others may be free.

[0096] In some embodiments, data items are signed to prevent tampering. For example, each internet policy is signed so that the policy data can be submitted to the CPE as part of an internet connection request. In some embodiments, the authentication methods and policies are separately signed.

[0097] In some embodiments, the SPA can request information (e.g., requesting for inputs associated with the request for internet access). In response to the information request, the user provides the information to the user device. More details about this information are described herein. The information is sent to a server for validation. If the information is validated, a17MF-364629458Attorney Docket No. 504142001440receipt is generated and issued. If the information is not validated, then a receipt is not issued, and the user may be notified of the error and asked to provide additional information.

[0098] Returning to Figure 1 A, in some embodiments, as illustrated, a “click to connect” input (e.g., a user input associated with the request for internet access) is provided to the user device, e.g., via the SPA. In response to the provided input, the device transmits a request for a receipt (e.g., as described herein) from the CPE. In response to the request, the CPE provides the receipt, which is received by the user device. In some embodiments, the request for the receipt is transmitted to a different device than the device providing the receipt. Allowing different devices to handle authentication information and receipt issuance, as in this manner, can be beneficial for privacy and data security. Additional examples of the template, the receipt, generation of the receipt, and the CPE are described in more detail herein.

[0099] In some instances, the SPA may have no ability to issue signed data nor to validate signed data. It may possess signed data and transmit it to or from issuing or validating parties.

[0100] As illustrated, operations described with respect to elements above the dashed line may be referred to as the “authentication phase.” In response to receiving the receipt (e.g., at the end of the “authentication phase”), the device transmits the receipt and one or more allowed internet policies (e.g., which may be part of the static configuration data) to the CPE. The policies may include granted access duration and bandwidth. Examples of internet policies are described in more detail herein. In some embodiments, instead of sending the receipt and internet policies to the CPE, the device sends the receipt and internet policies to a device providing the internet access.

[0101] The CPE or the device providing internet access may receive and validate the receipt. In some embodiments, the receipt generation (e.g., by the CPE described above) and validation techniques use the same approach. For example, each signed data item is a set of key-value pairs and the same signing and validation algorithms (e.g., the receipt generation and validation algorithms described above) may be used.

[0102] When a SPA detects that the end user has successfully completed all required steps to gain access to the internet (e.g., after the receipt is validated by a validating device in any of Figures 1-3 and informs the user device about the receipt validation), it may send a connection request to the CPE (or another device providing internet access) to request that the end user’s device be granted access, for example, according to the one or more transmitted internet policies. In some embodiments, the payload for this request comprises a signed set of allowable authentication methods, one or more receipts obtained from authentication or18MF-364629458Attorney Docket No. 504142001440payment services (e.g., receipt(s) of methods 100, 200, 250, or 300), a signed internet policy object indicating the internet policy that should be granted to the end user, signed data originating from the captive portal network indicating details such as the user device’s MAC address or VLAN identifier on which they require access, or any combination thereof. The signed data originating from the captive portal network may indicate which physical device and which network hardware for which access is being requested. This data may be called “redirect parameters.”

[0103] In some embodiments, a SPA is configured to allow authentication as a hotel guest using a “PMS authentication” type. In embodiments, two or more internet policies can be configured: for example, a first policy A may be free while a second policy B requires a payment of an amount of money to be charged directly to the hotel’s property management system (PMS).

[0104] In this example configuration, the end user is expected to submit their name and room information for a particular hotel (e.g., user input associated with a request for internet access). This information may need to be validated by the hotel PMS (e.g., to ensure that the details match a reservation on file, thus confirming the end user is a current guest at the hotel). A payment may need to be charged to the end user’s room. In this way, a request to connect to the internet may be made.

[0105] In some embodiments, the algorithm to validate the submitted payload for the connection request (e.g., receipt validation flow described above, validation flow of methods 100, 200, 250, or 300) comprises validating the signed data objects to ensure authenticity and reject the request if tampering is detected, comparing the bundle identifier to the bundle identifier within each signed object to ensure no mismatch, rejecting the request if any mismatch is discovered (e.g., mismatch indicates unauthentic payload content), comparing the set of allowable authentication methods to the authentication method for generating the receipts, and identifying an allowable authentication method based on the one or more receipts. For example, if there is only one allowable method (e.g., PMS authentication), the algorithm would expect to find a receipt generated according to the “pms” authentication method. The algorithm may further comprise inspecting the internet policy object and determining whether payment is required. If so, the algorithm comprises ensuring that the receipt is associated with a “pms payment,”

[0106] In some embodiments, if above steps pass, then the flow is considered validated, and the user device is granted internet access. In some embodiments, this is handled by writing a19MF-364629458Attorney Docket No. 504142001440record to a RADIUS server database (e.g., DDB) containing the user device details and the internet policy details, as illustrated.

[0107] In some embodiments, data required by the flow validation is supplied by the SPA. Advantageously, the flow validator may not require a database to lookup any details needed to validate the flow. Therefore, requests can be processed efficiently, in memory, and with low latency, leading to higher scalability and lower hosting costs.

[0108] In some embodiments, the requests are written to a RADIUS server database used by the RADIUS sub-system. This database may not be owned by the flow validator (CPE). The RADIUS sub-system may exist independently and have its own database.

[0109] In some embodiments, the record written to the RADIUS database or DDB represents the grant of internet access for the user device. It may or may not contain information from the receipts. In some embodiments, it contains the internet policy data because this may be needed by the consumer of this record (e.g., the RADIUS server) to provide the quality of internet service. Advantageously, as described in more detail herein, this information does not include PII and may only include the results of this process (e.g., access to internet granted for this user device), improving privacy and security and requiring less data processing compared to other systems.

[0110] In response to validating the receipt and receiving the one or more internet policies, the CPE causes execution of a background job corresponding to grant of internet access (according to the internet policies) and provides a connection ID to the user device.Accordingly, access to the internet is granted.

[0111] As illustrated, operations described with respect to elements below the dashed line (“connection phase”) may also be performed by methods of other examples, such as the examples of Figures 2, 2B, and 3. For brevity, these operations are not described below or with respect to other examples.

[0112] Figure 2A illustrates an exemplary method 200 of granting internet access, in accordance with some embodiments. In some embodiments, the method 200 illustrates an example of CPE proxies for authentication and payment services. It should be appreciated that elements of Figure 2A leverage operations and advantages of elements described with respect to Figures 1 A and IB, which may not be described here for brevity.

[0113] It should be appreciated that steps described with respect to Figure 2A are exemplary. The method 200 may include fewer steps, additional steps, or different order of steps than described. For example, the method may include steps relating to presenting options20MF-364629458Attorney Docket No. 504142001440for internet access and option selection but not steps relating to payment. As another example, the method may include steps relating to payment, but not steps relating to presenting and selecting options for internet access. As another example, the method may include steps relating to additional information validation, which involve requests for additional receipts and validation of the additional receipts. As another example, the user may not be authenticated before providing payment information for a selected payment option (e.g., a “pay-only” option).

[0114] In some embodiments, two or more steps of method 200 may be performed at the same time. Steps of method 200 may be performed with operations described with respect to Figure 1A, IB, 2B, or 3. It is appreciated that the steps of method 200 leverage the features and advantages described with respect to other sections. It is also appreciated that features and advantages described with respect to method 200 may apply to elements and steps described with respect to other sections.

[0115] In some embodiments, steps described with respect to the template element of method 200 are performed by the user device. In some embodiments, one or more of these steps are performed via the SPA. It should be appreciated that these steps may be performed by components of the user device different than those described. In some embodiments, steps described with respect to the PH Server, Payment Service, CPE, DDB, NC-HSIA, NSE, and RADIUS elements of method 200 may be performed by one or more computing devices (e.g., associated with one or more cloud services or storage systems).

[0116] The method 200 may start with the user device receiving a request for internet access. For example, the user device connects to a network of the user’s site (e.g., a hotel, an event venue, a business), which may involve providing a request for internet access to the user device. In response to receiving the receiving the request for internet access, the user device may execute a SPA.

[0117] In some embodiments, as illustrated, an input corresponding to a filled-in form (e.g., a user input associated with the request for internet access) is provided to the user device, e.g., via the SPA. In response to the provided input, the SPA provides the input (e.g., form data) to the CPE and issues a request for a receipt. In some embodiments, the input associated with the request for internet access comprises information associated with a user associated with the device. For example, information associated with the user may include hotel ID and voucher code. In some embodiments, the information comprises at least one identifier of the user (which can include information uniquely associated with the user, e.g., the name of the user,21MF-364629458Attorney Docket No. 504142001440room number of the user, user social media information, user loyalty information, user’s phone number, user birthdate, user address, or user email address). In some embodiments, the CPE sends the form data (e.g., the input associated with the request for internet access) to the PII Server.

[0118] In some embodiments, the PII Server determines whether the user is authenticated based on the form data and sends an indication of the result to the CPE. In accordance with the user device being authenticated, the results comprise an indication of a successful authentication. In accordance with the user device being unauthenticated, the results comprise an indication of an unsuccessful authentication.

[0119] In some embodiments, in response to receiving an indication of a successful authentication, the CPE sends a first receipt (e.g., as described herein) to the user device. In some embodiments, the request for the receipt is transmitted to a different device than the device providing the receipt, further separating devices handling authentication information and receipt issuance.

[0120] In response to receiving the first receipt indicating the user is authenticated, internet policies for internet access (e.g., options for internet access) may be presented (e.g., via the SPA). One or more parameters associated with the requested internet access may be based on the selected internet policy. The parameters may include duration (e.g., how long will the policy allow access for), bandwidth upload (e.g., how fast the upload speed will be configured), bandwidth download (e.g., how fast the download speed will be configured), length of stay (e.g., whether the policy should last until the guest checks out), price (e.g., how much this policy will charge the guest, free), or any combination thereof,

[0121] Additional examples of the template, the receipts, and the CPE are described in more detail herein. The first receipt may comprise information associated with this operation and may include an indicator of whether the authentication is successful, a membership tier of the user, a signature type (e.g., PMS), and reservation ID associated with the user.

[0122] An input selecting an internet access option is provided by the user (and received by the user device via the SPA) and transmitted to the CPE along with the first receipt.Alternatively, the first receipt may not be transmitted to the CPE. In response to receiving the user input and the receipt, the CPE sends a payment request (e.g., for fee associated with the selected option) to the Payment Service, according to the input.

[0123] In some embodiments, the Payment Service charges the user based on prestored payment information. In some embodiments, the Payment Service charges based on paymentMF-364629458Attorney Docket No. 504142001440information provided by the user. For example, in response to receiving the first receipt, the user device presents a request for payment on the user interface of the SPA. In response, the user may provide the payment information to the user device via the SPA.

[0124] The Payment Service then sends (e.g., via a device associated with the Payment Service) an indication of a result of the payment request (e.g., payment successful) to the CPE. In accordance with a determination that the payment is successful, the CPE sends a second receipt to the user device, indicating payment is successful. In some embodiments, a device (e.g., corresponding to the Payment Service) different from the CPE sends the second receipt to the user device, so the device receives different receipts from different devices associated with different authentications.

[0125] The second receipt may include information indicating payment success and type of payment. Advantageously, as described in more detail herein, the receipts need not include PII and need only include the results of this process (e.g., access to internet granted for this particular user device, payment successful), improving privacy and security, and allowing reduced data processing compared to other systems. It should be appreciated that the described receipts for indicating successful authentication and payment are exemplary. Instead of two receipts, other numbers of receipts (e.g., one) may be used to indicate both successful authentication and payment.

[0126] Not including PII may facilitate provision of global service, complying with increasingly stringent data protection and privacy laws in different jurisdictions. Furthermore, due to flexibility allowed by the distributed nature of the services, processing can occur within particular geographic locations, for example, to follow legal requirements in some jurisdictions.

[0127] In response to receiving the second receipt, the user device transmits a connection request and the first and second receipts, and the validate flow and subsequent steps are performed, as described with respect to “connection phase” of Figures 1 A, IB and 3. For brevity, these steps are not illustrated in or described with respect to Figure 2A again.

[0128] Figure 2B illustrates an exemplary method 250 of granting internet access, in accordance with some embodiments. In some embodiments, the method 250 illustrates an example of the user device directly communicating with authentication and payment services (e.g., without the CPE). It should be appreciated that elements of Figure 2B leverage operations and advantages of elements described with respect to Figures 1 A and IB, which may not be described here for brevity.23MF-364629458Attorney Docket No. 504142001440

[0129] It should be appreciated that steps described with respect to Figure 2B are exemplary. The method 250 may include fewer steps, additional steps, or different order of steps than described. For example, the method may include steps relating to presenting options for internet access and option selection but not steps relating to payment. As another example, the method may include steps relating to payment, but not steps relating to presenting and selecting options for internet access. As another example, the method may include steps relating to additional information validation, which involve requests for additional receipts and validation of the additional receipts. As another example, the user may not be authenticated before providing payment information for a selected payment option (e.g., a “pay-only” option).

[0130] In some embodiments, two or more steps of method 250 may be performed at the same time. Steps of method 250 may be performed with operations described with respect to Figure 1 A, IB, 2A, or 3. It is appreciated that the steps of method 250 leverage the features and advantages described with respect to other sections. It is also appreciated that features and advantages described with respect to method 250 may apply to elements and steps described with respect to other sections.

[0131] In some embodiments, steps described with respect to the template element of method 250 are performed by the user device. In some embodiments, these steps are performed via the SPA. It should be appreciated that these steps may be performed by components of the user device different than described. In some embodiments, steps described with respect to the PII Server, Payment Service, CPE, DDB, NC-HSIA, NSE, and RADIUS elements of method 250 may be performed by one or more computing devices (e.g., associated with one or more cloud services or storage systems).

[0132] The method 250 may start with the user device receiving a request for internet access. For example, the user device connects to a network of the user’s site (e.g., a hotel, an event venue, a business), which may involve providing a request for internet access to the user device. In response to receiving the receiving the request for internet access, the user device may execute a SPA.

[0133] In some embodiments, as illustrated, an input corresponding to a filled-in form (e.g., a user input associated with the request for internet access) is provided to the user device, e.g., via the SPA. In response to the provided input, the SPA provides the input (e.g., form data) to the PII Server and requests for a receipt. In some embodiments, the input associated with the request for internet access comprises information associated with a user associated with the24MF-364629458Attorney Docket No. 504142001440device. For example, information associated with the user may include hotel ID and voucher code. In some embodiments, the information comprises at least one identifier of the user (which may include information uniquely associated with the user, e.g., the name of the user, room number of the user, user social media information, user loyalty information, user’s phone number, user birthdate, user address, or user email address).

[0134] In some embodiments, the PII Server determines whether the user is authenticated based on the form data. For example, in accordance with the user device being authenticated, the PII Server sends a first receipt (e.g., as described herein) to the user device; and in accordance with the user device not being authenticated, the first receipt may not be generated or provided. In some embodiments, the request for the receipt is transmitted to a different device than the device providing the receipt, beneficially allowing different devices to handle authentication information and receipt issuance.

[0135] In response to receiving the first receipt indicating the user is authenticated, internet policies for internet access (e.g., options for internet access) may be presented (e.g., via the SPA). One or more parameters associated with the requested internet access may be based on the selected internet policy. The parameters may include duration (e.g., how long will the policy allow access for), bandwidth upload (e.g., how fast the upload speed will be configured), bandwidth download (e.g., how fast the download speed will be configured), length of stay (e.g., whether the policy should last until the guest checks out), price (e.g., how much this policy will charge the guest, free), or any combination thereof.

[0136] Additional examples about the template, the receipts, and the CPE are described in more detail herein. The first receipt may comprise information associated with this operation and may include an indicator of whether the authentication is successful, a membership tier of the user, a signature type (e.g., PMS), and reservation ID associated with the user.

[0137] An input selecting an internet access option is provided by the user (and received by the user device via the SPA) and transmitted to the Payment Service along with the first receipt. / Mtematively, the first receipt may not be transmitted to the Payment Service. In response to receiving the user input and the receipt, the Payment Service processes the payment request (e.g., for fee associated with the selected option) according to the input and receipt.

[0138] In some embodiments, the Payment Service charges the user based on prestored payment information. In some embodiments, the Payment Service charges based on payment information provided by the user. For example, in response to receiving the first receipt, the25MF-364629458Attorney Docket No. 504142001440user device presents a request for payment on the user interface of the SPA. In response, the user may provide the payment information to the user device via the SPA.

[0139] In accordance with a determination that the payment is successful, the Payment Service sends (e.g., via a device associated with the Payment Service) a second receipt to the user device, indicating payment is successful. The second receipt may include information indicating payment success and type of payment. Advantageously, as described in more detail herein, the receipts may not include P II and may only include the results of this process (e.g., access to internet granted for this particular user device, payment successful), improving privacy and security, and requiring less data processing compared to other systems.

[0140] In response to receiving the second receipt, the user device transmits a connection request and the first and second receipts, and the validate flow and subsequent steps are performed, as described with respect to “connection phase” of Figures 1A, IB, and 3. For brevity, these steps are not illustrated in or described with respect to Figure 2B again.

[0141] Although specific examples are described, it should be appreciated that different and / or additional steps may be performed to grant internet access. For example, more generally, different numbers and kinds of receipt may be used for granting internet access, depending on conditions required for authorizing access. For instance, instead of two receipts, other numbers of receipts (e.g., one) may be used to indicate both successful authentication and payment.

[0142] In some embodiments, in response to receiving the receipt, the user device determines, via the SPA, if all conditions for granting internet access have been met. If the conditions have not been met, additional iteration of receipt generation may be required based on additional information from the user, as described above. If the conditions have been met, the SP A requests internet access by submitting the one or more gathered receipts from all iterations (and other required data, as described above). Then, a server validates the receipts and grants access if the receipts are valid. The number of iterations may depend on the conditions required for authorizing access. In some embodiments, the device receives different receipts from different devices, where each device is associated with a different authentication for each iteration.

[0143] In some embodiments, a display of the user device displays content (e.g., advertisement) on the user interface of the SPA. For instance, content is displayed on the user interface while the user provides requested input for internet access, as described above. Static configuration data (e.g., accessed while the SPA is executed during the process for obtaining26MF-364629458Attorney Docket No. 504142001440internet access) comprise data for determining and generating the content. Using static configuration data for determining and generating the content displayed on the SPA user interface would reduce the need to continuously receive data from a remote device for the content, further taking advantage of user device resources and improving system scalability and eliminating the need for a content server (e.g., advertisement server).

[0144] For example, the static configuration data comprise one or more rules for determining the content. The rules may be associated with one or more of a location (e.g., train station, hotel, coffee shop, shopping mall, a section of a shopping mall, restaurant), a time (e.g., time of day, holidays, day of the week), user information (e.g., user’s language, user’s age, user’s gender), and device information (e.g., mobile OS).

[0145] For example, the user may request for internet access Friday afternoon at a hotel. The user’s device may display, on the SPA user interface, an advertisement for Friday afternoon happy hour specials at a restaurant in the hotel. As another example, the user may request for internet access during the winter holidays at a shopping mall. The user’s device may display, on the SPA user interface, an advertisement for Christmas gifts at a department store near the user’s location in the shopping mall. The location of the user may be determined based on a zone (described in more detail below) associated with the internet access or determined by the user’s device.

[0146] The static configuration data comprise media content (e.g., images, videos) for being displayed on the SPA user interface. Additionally, or alternatively, the media content, such as new content (e.g., latest advertisements, current announcements), for being displayed on the SPA user interface may be provided by a remote device to the user device. For example, the user device can make an API call out to a third-party server for dynamic factor data.

[0147] In some embodiments, the content is displayed based on the type of internet access request. In accordance with a determination that the request for internet access comprise a first request type, the content may be displayed on the SPA user interface. In accordance with a determination that the request for internet access comprise a second request type, the content display may be forgone. For example, if the first request type is a request for internet access that does not involve payment, an advertisement is displayed. If the second request type is a request for internet access that involves a payment, an advertisement is not displayed.

[0148] Additional examples of SPA user interface (e.g., template) configuration are described below.27MF-364629458Attorney Docket No. 504142001440

[0149] Figure 3 illustrates an exemplary method 300 of granting internet access, in accordance with some embodiments. In some embodiments, the steps of method 300 are performed by one or more components described with respect to Figures 1 A-2B, components of the user device, and / or components of system 400 (e.g., a device and / or one or more processors of these components). In some embodiments, a non-transitory computer-readable medium stores instructions that, when executed by one or more processors, cause one or more processors of these components to perform the steps of method 300. In some embodiments, a computer program comprises computer program code which, when executed on a device (e.g., the user device described herein, computer system 400) causes the device to perform the steps of method 300.

[0150] It should be appreciated that steps described with respect to Figure 3 are exemplary. The method 300 may include fewer steps (e.g., by omitting options for internet access or request for payment), additional steps, or a different order of steps, than described. In some embodiments, two or more steps of method 300 may be performed at the same time (e.g., two or more receipts may be received at a same step, two or more receipts may be transmitted at a same step). Steps of method 300 may be performed with operations described with respect to Figure 1 A, IB, 2A, or 2B. It is appreciated that the steps of method 300 leverage the features and advantages described with respect to other sections. It is also appreciated that features and advantages described with respect to method 300 may apply to elements and steps described with respect to other sections.

[0151] In some embodiments, the method 300 comprises receiving a request for internet access (step 302). The request may be received at a device, such as a device associated with a user (e.g., a user device) described herein. For example, as described with respect to any of Figures 1 A-2B, the user device requests for internet access by connecting to a network at the user’s site (e.g., a hotel, an event venue, a business). The user device may comprise a device such as a smartphone, a tablet computer, a laptop computer, a wearable computer, a computer-on-module (COM), system-on-module (SOM), a desktop computer, a notebook computer, an interactive kiosk, a mainframe, a mesh of computer systems, a personal digital assistant, a server, or any combination thereof. The device may comprise components of computer system 400.

[0152] In some embodiments, the method 300 comprises executing a SPA (step 304). The SPA may be executed at the device in response to receiving the request for internet access (e.g., from step 302), The SPA (or template) may be any of the SPA described herein,28MF-364629458Attorney Docket No. 504142001440

[0153] In some embodiments, the method 300 comprises receiving an input associated with the request for internet access (step 306). The input (e.g., one or more user inputs, one or more inputs to the SPA based on user inputs) associated with the request for internet access may be received via the SPA, For example, as described with respect to Figures 1 -2B, the input may comprise a “click-to-connecf ’ input provided by the user and requested information associated with the user for authentication,

[0154] In some embodiments, the input associated with the request for internet access comprises information associated with a user associated with the device. For example, the information associated with the user may include hotel ID, voucher code, or any combination thereof. In some embodiments, the information comprises at least one identifier of the user. For example, the information may include name of the user, room number of the user, user social media information, user loyalty information, or any combination thereof.

[0155] In some embodiments, the method 300 comprises transmitting a request for a receipt (step 308). The device may transmit the request for the receipt in response to receiving the input associated with the request for internet access (e.g., from step 306), for example, as described with respect to Figures 1 A-2B.

[0156] In some embodiments, transmitting the request for the receipt comprises transmitting the information associated with the user associated with the device. For example, as described with respect to Figures 1 A-2B, information associated with the user is transmitted for authentication, and if the information is authenticated, a receipt would be provided. In some embodiments, the request for the receipt is transmitted to a second device (e.g., a second device different from the user device and different from a third device validating the receipt providing internet access).

[0157] In some embodiments, the method 300 comprises receiving the receipt (step 310). The device may receive the receipt. In some embodiments, the receipt indicates a user is authenticated according to the input and transmitted request for the receipt (e.g., from previous steps, as described), and the user is associated with the device. For example, as described with respect to Figures 1 A-2B, if the information associated with the user is authenticated, then the user device receives one or more receipts confirming the authentication. For instance, a second device (e.g., a device receiving and validating information associated with the user) receives a request for a receipt and determines that the user is authenticated according to the request transmitted from the user device (e.g., information associated with the user transmitted from the user device).29MF-364629458Attorney Docket No. 504142001440

[0158] As another example, the receipt is received in accordance with a determination that a request associated with a payment option is satisfied. In this example, the user input associated with the request for internet access (e.g., from step 306) comprises information associated with a user selection of a payment option, and the transmitting the request for the receipt (e.g., step 308) comprises transmitting this information. For instance, this receipt is received a “pay-only” option without user authentication.

[0159] In some embodiments, the receipt comprises a first portion and a signature portion. In some embodiments, the first portion of the receipt comprises data indicating an acceptance of the request for the receipt, and the signature portion of the receipt is generated based on an application of a cryptographic signing algorithm to the first portion. For example, the first portion of the receipt may comprise data indicating an acceptance of the receipt request (e.g., authentication after processing user-provided inputs). For instance, the first portion may comprise one or more of a type field, a timestamp, and a nonce field. A signature portion of the receipt may comprise a signature field. The signature portion may be generated by applying a cryptographic signing algorithm (or another suitable method, as described herein) to the first portion of the receipt.

[0160] In some embodiments, the receipt is received in accordance with a determination that the user is authenticated according to the transmitted information. For example, as described with respect to Figures 1 A-2B, if the information is authenticated, a receipt would be provided.

[0161] In some embodiments, the receipt does not comprise personally identifiable information of the user. Further, the receipt may indicate the outcome of the authentication, payment operation, or data validation. The user device can submit the receipt(s) to prove that there has been authentication, payment, or data validation taken, without the receiving device (e.g., a third device for providing internet access) needing to know the details (e.g., without PII data). The receiving device can validate the receipts and know they were issued by a trusted source (e.g., the second device is a trusted peer of the third device) and act on that basis.

[0162] In some embodiments, the method 300 comprises in response to receiving the receipt, presenting, via the SPA, options for internet access (step 312). A selected option for internet access may be received via the SPA (step 314). One or more parameters associated with the internet access may be based on the selected option. For example, as described with respect to Figures 2A and 2B, internet access options are presented to the user via the SPA, and internet connection parameters are dictated by the selected option.30MF-364629458Attorney Docket No. 504142001440

[0163] In some embodiments, additional receipts (e.g., confirming payment success) may be received. In some embodiments, the method 300 comprises in response to receiving the receipt, presenting, via the SPA, a request for payment for internet access (Step 316). A second input (e.g., one or more second user inputs, one or more second inputs to the SPA based on second user inputs) responding to the request for the payment may be received via the SPA (Step 318). A second receipt may be received in accordance with a determination that the request for payment is satisfied, which may be based on the second input. For example, as described with respect to Figures 2A and 2B, the SPA requests the user for payment, and after the payment request is satisfied, the user device receives a second receipt confirming that the payment request is satisfied.

[0164] In some embodiments, the user device receives the first receipt from a second device and receives the second receipt from a third device different from the second device. For example, a first service authenticates (e.g., using a second device) information associated with the user and a second service determines (e.g., using a third device) whether payment request is satisfied. The two services correspond to different devices, and each device issues a different receipt corresponding to the different authentications.

[0165] In some embodiments, the method 300 comprises transmitting one or more receipts (step 320). The device may transmit the one or more receipts in response to receiving one or more receipts (e.g., from step 310, from successful payment). For example, as described with respect to Figures 1 A and IB, the user device transmits the receipt (and other signed data) for validation and internet access (e.g., to a third device, different form a second device issuing the receipt, validating the receipt and providing internet access).

[0166] In some embodiments, the user device receives two or more receipts (e.g., the request for payment is satisfied). For example, in response to receiving the second receipt, the second receipt may be transmitted (e.g., by the user device) together with the first receipt or separately. The internet access may be provided further based on the transmitted second receipt (e.g., both the first and second receipts need to be valid before internet access is provided). For example, as described with respect to Figures 2A and 2B, two receipts (one for user information authentication, one for confirming payment) are transmitted for validation and internet access.

[0167] In some embodiments, the method 300 comprises in response to receiving the receipt, transmitting an allowable signed authentication method (e.g., part of a set of one or more allowable signed authentication methods) and an allowable signed internet policy (e.g., an31MF-364629458Attorney Docket No. 504142001440available internet policy corresponding to an internet access option offered to the user). The transmitted receipt may correspond to an allowable signed authentication method of the set of one or more allowable authentication methods (e.g., a set of allowable authentication methods available to authenticate the end user). One or more parameters associated with the internet access may be based on the allowed signed internet policy. For example, as described with respect to Figures 1 A-2B, the validation device determines whether the receipt was generated according to an allowable signed authentication method, and internet connection parameters are dictated by the signed internet policy (e.g., corresponding to a selected internet option, corresponding to a default internet option) provided by the user device.

[0168] In some embodiments, the internet access is provided to the device in accordance with a determination (e.g., by a device receiving the transmitted receipt and validating the receipt) that the receipt is valid (Step 322). Determining that the receipt is valid may comprise identifying, from the receipt, a first portion of the receipt and a signature portion of the receipt, applying a cryptographic signing algorithm to the first portion yielding a computed signature, comparing the computed signature and the signature portion, and determining, based on the comparison, that the computed signature comprises a match of the signature portion. For example, the receipt may be validated according to the receipt validation algorithm described above.

[0169] The receipt may comprise a timestamp indicating an issuing time of the receipt. Determining that the receipt is valid may comprise determining that the issuing time of the timestamp is within a threshold of a time of validation. In some cases, this timestamp may be used to reject receipts that are too old. For example, this may be done to avoid replay attacks where a receipt is stolen and used again sometime later.

[0170] In some embodiments, in accordance with a determination (e.g., by a device receiving the transmitted receipt and validating the receipt) that the receipt is not valid, internet access is not provided. For example, if the computed signature does not match the signature portion of the receipt or the timestamp is too old, then internet access is not provided. In response, the SPA may display an error message and may make another request for inputs.

[0171] In some embodiments, the method 300 comprises providing internet access (step 324). Internet access may be provided to the device based on the transmitted one or more receipts (e.g., from step 322). For example, as described with respect to Figures 1 A-2B, internet access is provided (e.g., according to “connection phase”) in accordance with a determination that the receipt(s) are valid.MF-364629458Attorney Docket No. 504142001440

[0172] In some embodiments, the internet access is provided by a third device different from a second device. For example, as described with respect to Figures 1 A-2B, devices performing the “authentication phase” may be different than devices performing the “connection phase.”

[0173] In some embodiments, the second device (e.g., a device receiving the request for the receipt) and the third device (e.g., a device for providing the internet access) are configured to access a pre-shared secret. Advantageously, the pre-shared secret establishes a trust relationship between the second device and the third device, so the third device can validate the receipts and know they were issued by a trusted source (e.g., the second device) without PII data.

[0174] The second device may be configured to generate the receipt based on the pre-shared secret. The third device may be configured to validate the receipt based on the pre-shared secret and provide internet access according to a determination that the receipt is valid. An example is described with respect to the receipt issuance and validation algorithms above.

[0175] In some embodiments, the second device (e.g., a device receiving the request for the receipt) is configured to generate a signed receipt. The third device may be configured to provide internet access according to a determination that the signed receipt is valid. Examples are described with respect to the receipt issuance and validation algorithms above and the authentication and validation flows of Figures 1A-2B.

[0176] In some embodiments, executing the SPA comprises accessing static configuration data. For example, when the SPA is executing, static configuration data (as described herein) is accessed for dictating the user’s journey to obtain internet access.

[0177] In some embodiments, the static configuration data comprises a bundle identifier, one or more signed authentication methods, one or more signed internet policies, one or more URLs for API endpoints associated with services, or any combination thereof. For example, the static configuration data comprises a unique bundle identifier associated with a particular SPA configuration, a set of authentication methods that should be offered to the end user (e.g., one or more allowable signed authentication methods), a set of internet policies that the end user may be granted (e.g., one or more allowable signed internet policies), one or more of URLs for API endpoints for authentication, payment, or other services including the CPE, or any combination thereof.33MF-364629458Attorney Docket No. 504142001440

[0178] In some embodiments, the method 300 comprises displaying, on a display of the device, content on a user interface of the SPA. For example, the content comprises an advertisement.

[0179] The content may be determined based on the static configuration data. For example, the static configuration data comprises one or more rules for determining the content. The rules may be associated with one or more of location (e.g., train station, hotel, coffee shop, shopping mall, a section of a shopping mall, restaurant), a time (e.g., time of day, holidays, day of the week), user information (e.g., user’s language, user’s age, user’s gender), and device information (e.g., mobile OS). Examples of application of these rules are described above.

[0180] In some embodiments, the static configuration data comprises media content, such as images or videos, for being displayed on the user interface of the SPA. In some embodiments, the method 300 comprises receiving, from a remote device, media content for being displayed on the user interface of the SPA. For example, new content (e.g., l atest advertisements, current announcements) for being displayed on the SPA user interface may be provided by a remote device to the user device. The user device may make an API call out to a third party server for dynamic factor data.

[0181] In some embodiments, the method 300 comprises in accordance with a determination that the request for internet access comprises a first request type, displaying the content on the user interface of the SPA. The method 300 may further comprise in accordance with a determination that the request for internet access comprises a second request type, forgoing displaying the content on the user interface of the SPA. For example, if the first request type is a request for internet access that does not involve payment, an advertisement is displayed. If the second request type is a request for internet access that involves a payment, an advertisement is not displayed.

[0182] Additional and alternative features are described here. It should be appreciated that the features described below may be used in any of methods 100, 200, 250, and 300.

[0183] In some embodiments, internet access methods include one or more of: Click-To-Connect, OSU, Voucher, Social Media, Credit Card, and PMS. The internet access journeys described with respect to Figures 1-3 may use one or more of these access methods.

[0184] In some embodiments, Click-To-Connect is an access method that does not collect any data and only requires the user to click a button to complete the workflow (e.g., as described with respect to Figures 1 A-1B). In some embodiments, the user may need to check a box to agree to terms. Some sites may not have a checkbox and may state that clicking the34MF-364629458Attorney Docket No. 504142001440button indicates consent to terms. In some embodiments, this access method needs one policy to determine what type of internet access the user would receive.

[0185] In some embodiments, OSU is an access method that indicates that a template should offer Passpoint Sign-up options. It may be configured when a site offers a Passpoint network that the user could connect to if he or she has a profile. In the case of a hotel, there may be two to three different sign-up methods, and these may be subject to configuration. In some embodiments, there are no policies associated with the OSU access method. However, the Passpoint product may configured policies for authorized users. Assigned bandwidth can be specified in RADIUS responses.

[0186] In some embodiments, PMS is an access method that requires the user to authenticate with a PMS system, for example, by entering their last name and room number and is used to validate that the person is a guest. The access method can be associated with one or more policies from which the guest can choose to shape their online experience. One policy would mean that the guest would not need to choose and simply completing the form successfully would constitute choosing that single policy and getting online. More than one policy would lead to a policy selection form after a successful guest validation, for example, a free and a paid option, or possibly two different tiers of paid option. The maximum number of policies supported may be declared by the template configuration slot because these policies are rendered in a layout.

[0187] With PMS, once authenticated, it is possible to charge for access. Therefore, this access method enables payments to be accepted because guest is known and can be charged. The guest’s loyalty status, which can be used to filter available policies by loyalty tier to offer different packages depending on status, may also be known. The guest’s intended departure date, which can be used to offer packages corresponding to the guest’s remaining length of stay (e.g., as opposed to a fixed duration like 24 hours), may also be known. This information may be obtained via the PMS (e.g., PMS supports live status updates). In some embodiments, this information is obtained following a PMS authentication. Acquiring this information may involve configuring policies associated with PMS access method to include policies that apply to different loyalty tiers.

[0188] In some embodiments, one or more internet policies determine the type of internet access provided after completing the captive portal workflow (e.g., as described with respect to Figures 1-3). The policies may dictate parameters such as duration (e.g., how long will the policy allow access for), bandwidth upload (e.g., how fast the upload speed will be configured),35MF-364629458Attorney Docket No. 504142001440bandwidth download (e.g., how fast the download speed will be configured), length of stay (e.g., whether the policy should last until the guest checks out), price (e.g., how much this policy will charge the guest, free), or any combination thereof.

[0189] In some embodiments, duration may be set if length of stay is not enabled. In some embodiments, length of stay may not be granted unless the length of the guest’s stay is known. In some embodiments, the duration specifies when the policy ends if other information is not available.

[0190] A price field may be applicable to the PMS access method because this method enables payments. This may include options for adding payment methods (e.g., credit card, PayPal) to obtain payment.

[0191] Example template configuration (e.g., SPA user interface configuration) is described here. In some embodiments, based on access methods supportable by a template, whether they are optional, and how many policies can be accommodated, a device (e.g., a device for configuring templates) can direct a user to begin configuring the template by presenting a layout that allows them to fill configuration slots. For example, a template declares that it can support a mandatory Click-To-Connect access method. The device might present a template configuration screen that requires the user to click a button to begin filling the slot. This might open a form where the user fills in the policy details relevant for a Click-To-Connect access method. Once the form is complete, the slot is configured. Since there is only one slot, the template access methods are completely configured. This data may constitute the template configuration such that it could be used to assign to a zone.

[0192] A template may also declare that it offers other optional configurations for layout and styling. For example, it may be possible to configure logos, colors, wording, and translations. In some embodiments, these options include rules for determining content to be displayed on a user interface of the SPA while it is executing, as described above. These rules may be associated with one or more of location, a time, user information, and device information. The user may also include media content (e.g., image files, video files) for being displayed on the user interface of the SPA when the SPA is executing.

[0193] Therefore, an optional aspect of configuring a template may specify changes for any of these options. Once the layout and styling have been configured or defaults have been accepted, the full template configuration can be compiled into ISON and / or CSS format (or another suitable file type) and published by writing one or more files into S3. Some of the data may also be compiled in a CSS file (or another suitable file), for example, for layout and styling36MF-364629458Attorney Docket No. 504142001440options. When this occurs, a bundle identifier that uniquely identifies the configuration is created and used to instruct the template runtime which data files to load when rendering the template. In some embodiments, a configured template is a set of template configuration data (e.g., static configuration data) that has been published to S3 (e.g., ready for use) and has a bundle identifier.

[0194] Turning to the concept of template workflow, to validate that a user has completed the workflow that a template requires, an engine (e.g., a device for validating receipts and providing internet access) may be configured to understand what the workflow requires. For example, if the engine is presented with a set of signed receipts proving that some workflow has been completed, the engine may be configured to verify that the receipts are relevant, and that the workflow has been completed.

[0195] For paid plan selection, the submitted form (e.g., user input) may include a selection directly to the engine. The engine would charge and can return a result token (e.g., a receipt) to prove that that part of the flow has completed successfully.

[0196] For a loyalty-based flow, there may be a two-step process. First, the system establishes the user’s loyalty tier. This may involve a PMS authentication, a loyalty authentication, and a third party PII handler. After receiving a successful signed result, the plans associated with the user’s tier may be displayed.

[0197] The tier query form may return a tier level in the signed response. This may be submitted to the engine, which may return the plans or let the user online because the tier grants free access.

[0198] In some embodiments, the engine tracks workflows. A flow may start with a redirect containing a plurality of parameters (injected by a gateway) including the device MAC, VLAN, and gateway identity. This data may be an initial flow state. The redirect may take the user’s browser to the engine where the system examines the VLAN and gateway and decide which template to use. The system may redirect again into a template CDN providing a signed set of redirect parameters. The template may pick up these parameters and act accordingly.

[0199] The template may gather this proof (to determine a flow is complete) by submitting forms and getting signed responses. For a given type of workflow, the proof required to get online may vary. For a PII form such as an email form, the proof may be a receipt showing the form was accepted. For a loyalty-based flow with plan selection, the system provides proof of tier plus a selected plan. Thus, in some embodiments, the engine compares the workflow used by the template to the proof required and the evidence submitted. If it is sufficient to determine37MF-364629458Attorney Docket No. 504142001440a flow is complete, the gateway is opened. Otherwise, the request for internet access may be denied, and the SPA can render to show this.

[0200] In some embodiments, an engine backend configuration involves configuring a template, which infers the workflow. A workflow may be a defined concept that templates would follow and that the engine would validate. Templates may therefore define their workflow when added to the platform. Workflows may place requirements on what data must be configured to support them, for example, voucher code pools, paid plan selections.

[0201] In some embodiments, the workflows include none (no captive portal page appears), Click-to-Connect, PII Collect Form, PI I / Authentication Form (e.g., PMS / loyalty), Social / oauth, Paid Plans, Voucher, and Multi -Authentication. Loyalty-based flows may be a two-step multiauthentication, where the two steps may be in sequence rather than options during a single step. Example workflows are described with respect to Figures 1-3.

[0202] In some embodiments, social media sites perform an oauth. The template would load the social oauth and be redirected to the engine with the authentication code. The engine may obtain the authentication token from the social site along with the social PII. In response, a receipt may be generated to confirm authentication, instead of submitting the token, which may contain PII.

[0203] In some embodiments, the system can make content changes to the portal pages for customization, without needing a developer. The system may have a content editor tool, which may allow for change of colors, logos, wording, positioning (within limits), and adding additional elements to a screen (e.g., extra text box for some messaging).

[0204] These customizations may be made by developers and persisted in a git repository. With a content editing tool, customizations may need to be persisted server-side so that they can be recalled for further changes and served when the portal pages are used.

[0205] Meeting these requirements may involve statically-served template files (e.g., static configuration data), which load corresponding customized content and data driving their workflow from a backend system. This may include React and VueJS, or other client-side single-page-application technologies.

[0206] Templates may declare their capabilities so developers can build them as desired, and the management portal can understand what a template supports. This may address a classic source of errors in traditional captive portal platforms, where the management portal assumes capabilities that a template does not support, resulting in invalid configurations38MF-364629458Attorney Docket No. 504142001440difficult to trace and resolve. Therefore, the declarative nature of templates may be a guiding principle of the design.

[0207] In some embodiments, a template declares capabilities via a file (e.g., a spec.yml file) and includes settings from the workflow and design aspects of the customization. The template may declare the types and possible combinations of access methods supported along with translation strings and styling customizations that are possible. The file would provide the management portal with complete knowledge of how the template can be configured, so the user journey customizer can offer the correct options, making invalid configurations impossible.

[0208] Figure 4 illustrates an example computer system 400. In some embodiments, a disclosed system compri ses the computer system 400. For example, one or more of devices of method 100, 200, or 250 comprise the computer system 400. As another example, one or more devices performing the operations described herein comprise the computer system 400, In particular embodiments, one or more computer systems 400 perform one or more steps of one or more methods described or illustrated herein. In particular embodiments, one or more computer systems 400 provide functionality described or illustrated herein. In particular embodiments, software running on one or more computer systems 400 performs one or more steps of one or more methods described or illustrated herein or provides functionality described or illustrated herein. Particular embodiments include one or more portions of one or more computer systems 400. Herein, reference to a computer system may encompass a computing device, and vice versa, where appropriate. Moreover, reference to a computer system may encompass one or more computer systems, where appropriate.

[0209] This disclosure contemplates any suitable number of computer systems 400. This disclosure contemplates computer system 400 taking any suitable physical form. As example and not by way of limitation, computer system 400 may be an embedded computer system, a system-on-chip (SOC), a single-board computer system (SBC) (such as, for example, a computer-on-module (COM) or system-on-module (SOM)), a desktop computer system, a laptop or notebook computer system, an interactive kiosk, a mainframe, a mesh of computer systems, a mobile telephone, a personal digital assistant (PDA), a server, a tablet computer system, or a combination of two or more of these. Where appropriate, computer system 400 may include one or more computer systems 400; be unitary or distributed; span multiple locations; span multiple machines; span multiple data centers; or reside in a cloud, which may include one or more cloud components in one or more networks. Where appropriate, one or39MF-364629458Attorney Docket No. 504142001440more computer systems 400 may perform without substantial spatial or temporal limitation one or more steps of one or more methods described or illustrated herein. As an example and not by way of limitation, one or more computer systems 400 may perform in real time or in batch mode one or more steps of one or more methods described or illustrated herein. One or more computer systems 400 may perform at different times or at different locations one or more steps of one or more methods described or illustrated herein, where appropriate.

[0210] In particular embodiments, computer system 400 includes a processor 402, memory 404, storage 406, an input / output (I / O) interface 408, a communication interface 410, and a bus 412. Although this disclosure describes and illustrates a particular computer system having a particular number of particular components in a particular arrangement, this disclosure contemplates any suitable computer system having any suitable number of any suitable components in any suitable arrangement.

[0211] In particular embodiments, processor 402 includes hardware for executing instructions, such as those making up a computer program. As an example and not by way of limitation, to execute instructions, processor 402 may retrieve (or fetch) the instructions from an internal register, an internal cache, memory 404, or storage 406; decode and execute them; and then write one or more results to an internal register, an internal cache, memory 404, or storage 406. In particular embodiments, processor 402 may include one or more internal caches for data, instructions, or addresses. This disclosure contemplates processor 402 including any suitable number of any suitable internal caches, where appropriate. As an example and not by way of limitation, processor 402 may include one or more instruction caches, one or more data caches, and one or more translation lookaside buffers (TLBs). Instructions in the instruction caches may be copies of instructions in memory 404 or storage 406, and the instruction caches may speed up retrieval of those instructions by processor 402. Data in the data caches may be copies of data in memory 404 or storage 406 for instructions executing at processor 402 to operate on; the results of previous instructions executed at processor 402 for access by subsequent instructions executing at processor 402 or for writing to memory 404 or storage 406; or other suitable data. The data caches may speed up read or write operations by processor 402. The TLBs may speed up virtual-address translation for processor 402. In particular embodiments, processor 402 may include one or more internal registers for data, instructions, or addresses. This disclosure contemplates processor 402 including any suitable number of any suitable internal registers, where appropriate. Where appropriate, processor 402 may include one or more arithmetic logic units (ALUs); be a multi-core processor; or include one or more40MF-364629458Attorney Docket No. 504142001440processors 402. Although this disclosure describes and illustrates a particular processor, this disclosure contemplates any suitable processor.

[0212] In particular embodiments, memory 404 includes main memory for storing instructions for processor 402 to execute or data for processor 402 to operate on. As an example and not by way of limitation, computer system 400 may load instructions from storage 406 or another source (such as, for example, another computer system 400) to memory 404. Processor 402 may then load the instructions from memory 404 to an internal register or internal cache. To execute the instructions, processor 402 may retrieve the instructions from the internal register or internal cache and decode them. During or after execution of the instructions, processor 402 may write one or more results (which may be intermediate or final results) to the internal register or internal cache. Processor 402 may then write one or more of those results to memory' 404. In particular embodiments, processor 402 executes only instructions in one or more internal registers or internal caches or in memory 404 (as opposed to storage 406 or elsewhere) and operates only on data in one or more internal registers or internal caches or in memory' 404 (as opposed to storage 406 or elsewhere). One or more memory buses (which may each include an address bus and a data bus) may couple processor 402 to memory 404. Bus 412 may include one or more memory buses, as described below. In particular embodiments, one or more memory management units (MMUs) reside between processor 402 and memory 404 and facilitate accesses to memory 404 requested by processor 402. In particular embodiments, memory 404 includes random access memory (RAM). This RAM may be volatile memory, where appropriate, this RAM may be dynamic RAM (DRAM) or static RAM (SRAM). Moreover, where appropriate, this RAM may be single-ported or multi-ported RAM. This disclosure contemplates any suitable RAM. Memory' 404 may include one or more memories 404, where appropriate. Although this disclosure describes and illustrates particular memory, this disclosure contemplates any suitable memory.

[0213] In particular embodiments, storage 406 includes mass storage for data or instructions. As an example and not by way of limitation, storage 406 may include a hard disk drive (HDD), a floppy disk drive, flash memory', an optical disc, a magneto-optical disc, magnetic tape, or a Universal Serial Bus (USB) drive or a combination of two or more of these. Storage 406 may include removable or non-removable (or fixed) media, where appropriate. Storage 406 may be internal or external to computer system 400, where appropriate. In particular embodiments, storage 406 is non-volatile, solid-state memory. In particular embodiments, storage 406 includes read-only memory (ROM), Where appropriate, this ROM41MF-364629458Attorney Docket No. 504142001440may be mask-programmed ROM, programmable ROM (PROM), erasable PROM (EPROM), electrically erasable PROM (EEPROM), electrically alterable ROM (EAROM), or flash memory or a combination of two or more of these. This disclosure contemplates mass storage 406 taking any suitable physical form. Storage 406 may include one or more storage control units facilitating communication between processor 402 and storage 406, where appropriate. Where appropriate, storage 406 ay include one or more storages 406. Although this disclosure describes and illustrates particular storage, this disclosure contemplates any suitable storage.

[0214] In particular embodiments, I / O interface 408 includes hardware, software, or both, providing one or more interfaces for communication between computer system 400 and one or more I / O devices. Computer system 400 may include one or more of these I / O devices, where appropriate. One or more of these VO devices may enable communication between a person and computer system 400. As an example and not by way of limitation, an I / O devi ce may include a keyboard, keypad, microphone, monitor, display, mouse, printer, scanner, speaker, still camera, stylus, tablet, touch screen, trackball, video camera, sensors, magnetic detectors, another suitable VO device or a combination of two or more of these. An VO device may include one or more sensors. This disclosure contemplates any suitable VO devices and any suitable I / O interfaces 408 for them. Where appropriate, I / O interface 408 may include one or more device or software drivers enabling processor 402 to drive one or more of these VO devices. VO interface 408 may include one or more I / O interfaces 408, where appropriate. Although this disclosure describes and illustrates a particular VO interface, this disclosure contemplates any suitable I / O interface. The one or more I / O devices may be configured to display a graphical user interface for selection of available visit times.

[0215] In particular embodiments, communication interface 410 includes hardware, software, or both providing one or more interfaces for communication (such as, for example, packet-based communication) between computer system 400 and one or more other computer systems 400 or one or more networks. As an example and not by way of limitation, communication interface 410 may include a network interface controller (NIC) or network adapter for communicating with an Ethernet or other wire-based network or a wireless NIC (WNIC) or wireless adapter for communicating with a wireless network, such as a WI-FI network. This disclosure contemplates any suitable network and any suitable communication interface 410 for it. As an example and not by way of limitation, computer system 400 may communicate with an ad hoc network, a personal area network (PAN), a local area network42MF-364629458Attorney Docket No. 504142001440(LAN), a wide area network (WAN), a metropolitan area network (MAN), or one or more portions of the Internet or a combination of two or more of these. One or more portions of one or more of these networks may be wired or wireless. As an example, computer system 400 may communicate with a wireless PAN (WPAN) (such as, for example, a BLUETOOTH WPAN), a WI-FI network, a WI-MAX network, a cellular telephone network (such as, for example, a Global System for Mobile Communications (GSM) network), or other suitable wireless network or a combination of two or more of these. Computer system 400 may include any suitable communication interface 410 for any of these networks, where appropriate.Communication interface 410 may include one or more communication interfaces 410, where appropriate. Although this disclosure describes and illustrates a particular communication interface, this disclosure contemplates any suitable communication interface.

[0216] In particular embodiments, bus 412 includes hardware, software, or both coupling components of computer system 400 to each other. As an example and not by way of limitation, bus 412 may include an Accelerated Graphics Port (AGP) or other graphics bus, an Enhanced Industry Standard Architecture (EISA) bus, a front-side bus (FSB), a HYPERTRANSPORT (HT) interconnect, an Industry Standard Architecture (ISA) bus, an INFINIBAND interconnect, a low-pin-count (LPC) bus, a memory bus, a Micro Channel Architecture (MCA) bus, a Peripheral Component Interconnect (PCI) bus, a PCI-Express (PCIe) bus, a serial advanced technology attachment (SATA) bus, a Video Electronics Standards Association local (VLB) bus, or another suitable bus or a combination of two or more of these. Bus 412 may include one or more buses 412, where appropriate. Although this disclosure describes and illustrates a particular bus, this disclosure contemplates any suitable bus or interconnect.

[0217] Herein, a computer-readable n on-transitory storage medium or media may include one or more semiconductor-based or other integrated circuits (ICs) (such, as for example, field- programmable gate arrays (FPGAs) or application-specific ICs (ASICs)), hard disk drives (HDDs), hybrid hard drives (HHDs), optical discs, optical disc drives (ODDs), magneto-optical discs, magneto-optical drives, floppy diskettes, floppy disk drives (FDDs), magnetic tapes, solid-state drives (SSDs), RAM-drives, SECURE DIGITAL cards or drives, any other suitable computer-readable non-transitory storage media, or any suitable combination of two or more of these, where appropriate. A computer-readable non-transitory storage medium may be volatile, non-volatile, or a combination of volatile and non-volatile, where appropriate.43MF-364629458Attorney Docket No. 504142001440

[0218] In some embodiments, a non-transitory computer readable storage medium stores one or more programs, and the one or more programs includes instructions. When the instructions are executed by an electronic device or a system (e.g., computer system 400, the user device) with one or more processors and memory, the instructions cause the electronic device or the system to perform the methods described with respect to Figures 1-3 and the operations described herein.

[0219] In some embodiments, a computer program comprises computer program code which, when executed on a device or a system (e.g., computer system 400, the user device) causes the device or system to perform the methods described with respect to Figures 1-3 and the operations described herein.

[0220] In one aspect, a method of granting internet access comprises: receiving, at a device associated with a user, a request for internet access; in response to receiving the request for internet access, executing, at the device, a SPA; receiving, via the SPA, a user input associated with the request for internet access; in response to receiving the user input, transmitting a request for a receipt; receiving, at the device, the receipt; and in response to receiving the receipt, transmitting the receipt, wherein the internet access is provided to the device based on the transmitted receipt.

[0221] In some aspects of the above method, the user input associated with the request for internet access comprises information associated with the user, the transmitting the request for the receipt comprises transmitting the information, and the receipt is received in accordance with a determination that the user is authenticated according to the transmitted information.

[0222] In some aspects of each of the above methods, the information comprises at least one identifier of the user.

[0223] In some aspects of each of the above methods, the receipt does not comprise personally identifiable information of the user.

[0224] In some aspects of each of the above methods, the method further comprises: in response to receiving the receipt, presenting, via the SPA, options for internet access; and receiving, via the SPA, a selected option for internet access. One or more parameters associated with the internet access are based on the selected option.

[0225] In some aspects of each of the above methods, the method further comprises: in response to receiving the receipt, presenting, via the SPA, a request for payment for internet access; receiving, via the SPA, a second user input responding to the request for the payment; receiving a second receipt, wherein the second receipt is received in accordance with a44MF-364629458Attorney Docket No. 504142001440determination, based on the second user input, that the request for payment is satisfied; and in response to receiving the second receipt, transmitting the second receipt, wherein the internet access is provided to the device further based on the transmitted second receipt.

[0226] In some aspects of each of the above methods, the first receipt is recei ved from a second device, and the second receipt is received from a third device different from the second device.

[0227] In some aspects of each of the above methods, the request for the receipt is transmitted to a second device, the internet access is provided by a third device different from the second device, and the receipt is transmitted to the third device.

[0228] In some aspects of each of the above method s, the second device and the third device are configured to access a pre-shared secret, the second device is configured to generate the receipt based on the pre-shared secret, and the third device is configured to: validate the receipt based on the pre-shared secret, and provide internet access according to a determination that the receipt is valid.

[0229] In some aspects of each of the above method s, the second device is configured to generate a signed receipt, and the third device is configured to provide internet access in accordance with a determination that the signed receipt is valid.

[0230] In some aspects of each of the above methods, the receipt comprises a first portion and a signature portion. The first portion comprises data indicating an acceptance of the request for the receipt, and the signature portion is generated based on an application of a cryptographic signing algorithm to the first portion.

[0231] In some aspects of each of the above methods, the internet access is provided to the device in accordance with a determination, by a device receiving the transmitted receipt, that the receipt is valid, and the determination that the receipt is valid comprises: identifying, from the receipt, the first portion and the signature portion, applying the cryptographic signing algorithm to the first portion yielding a computed signature, comparing the computed signature and the signature portion, and determining, based on the comparison, that the computed signature comprises a match of the signature portion.

[0232] In some aspects of each of the above methods, in accordance with a determination that the receipt is not valid, the internet access is not provided to the device.

[0233] In some aspects of each of the above methods, the receipt comprises a timestamp indicating an issuing time of the receipt, the internet access is provided to the device in accordance with a determination that the receipt is valid, and the determination that the receipt45MF-364629458Attorney Docket No. 504142001440is valid comprises determining that the issuing time of the timestamp is within a threshold of a time of validation.

[0234] In some aspects of each of the above methods, the executing the SPA comprises accessing static configuration data.

[0235] In some aspects of each of the above methods, the static configuration data comprises a bundle identifier, one or more signed authentication methods, one or more signed internet policies, one or more URLs for API endpoints associated with services, or any combination thereof.

[0236] In some aspects of each of the above methods, the method further comprises: in response to receiving the receipt, transmitting an allowable signed authentication method and an allowable signed internet policy. The transmitted receipt corresponds to the allowable signed authentication method, and one or more parameters associated with the internet access are based on the allowed signed internet policy.

[0237] In some aspects of each of the above methods, the method further comprises displaying, on a display of the device, content on a user interface of the SPA, wherein the content is determined based on the static configuration data.

[0238] In some aspects of each of the above methods, the content comprises an advertisement.

[0239] In some aspects of each of the above method s, the static configuration data comprises one or more rules for determining the content.

[0240] In some aspects of each of the above methods, the one or more rules are associated with one or more of a location, a time, user information, and device information.

[0241] In some aspects of each of the above methods, the static configuration data comprises media content for being displayed on the user interface of the SPA.

[0242] In some aspects of each of the above methods, the method further comprises receiving, from a remote device, media content for being displayed on the user interface of the SPA.

[0243] In some aspects of each of the above methods, the method further comprises: in accordance with a determination that the request for internet access comprises a first request type, displaying the content; and in accordance with a determination that the request for internet access comprises a second request type, forgoing displaying the content.

[0244] In some aspects of each of the above methods, the user input associated with the request for internet access comprises information associated with a user selection of a payment46MF-364629458Attorney Docket No. 504142001440option, the transmitting the request for the receipt comprises transmitting the information, and the receipt is received in accordance with a determination that a request associated with the payment option is satisfied.

[0245] In one aspect, a system comprises: a device associated with a user; and one or more processors configured to perform a method of granting internet access, the method comprising: receiving, at the device, a request for internet access; in response to receiving the request for internet access, executing, at the device, an SPA; receiving, via the SPA, a user input associated with the request for internet access; in response to receiving the user input, transmitting a request for a receipt; receiving, at the device, the receipt; and in response to receiving the receipt, transmitting the receipt, wherein the internet access is provided to the device based on the transmitted receipt.

[0246] In one aspect, a system comprises: a device; and one or more processors configured to perform any of the above methods.

[0247] In one aspect, a non-transitory computer-readable medium stores instructions that, when executed by one or more processors, cause the one or more processors to perform a method of granting internet access, the method comprising: receiving, at a device associated with a user, a request for internet access; in response to receiving the request for internet access, executing, at the device, an SPA; receiving, via the SPA, a user input associated with the request for internet access; in response to receiving the user input, transmitting a request for a receipt; receiving, at the device, the receipt; and in response to receiving the receipt, transmitting the receipt, wherein the internet access is provided to the device based on the transmitted receipt.

[0248] In one aspect, a non-transitory computer-readable medium stores instructions that, when executed by one or more processors, cause the one or more processors to perform any of the above methods.

[0249] In one aspect, a computer program for granting internet access comprises computer program code which, when executed on a device, causes the device to: receive, at a device associated with a user, a request for internet access; in response to receiving the request for internet access, execute, at the device, a single page web application (SPA); receive via the SPA, a user input associated with the request for internet access; in response to receiving the user input, transmit a request for a receipt; receive, at the device, the receipt; and in response to receiving the receipt, transmit the receipt, wherein the internet access is provided to the device based on the transmitted receipt.47MF-364629458Attorney Docket No. 504142001440

[0250] In one aspect, a computer program for granting internet access comprises computer program code which, when executed on a device, causes the device to perform any of the above methods.

[0251] In one aspect, a computer program product comprises any of the above computer programs and further comprises a computer readable means comprising non-transitory memory in which the computer program is stored.

[0252] Those skilled in the art will recognize that the systems and methods described herein are representative, and deviations from the explicitly disclosed embodiments are within the scope of the disclosure.

[0253] Although the disclosed embodiments have been fully described with reference to the accompanying drawings, it is to be noted that various changes and modifications will become apparent to those skilled in the art. Such changes and modifications are to be understood as being included within the scope of the disclosed embodiments as defined by the appended claims.

[0254] The terminology used in the description of the various described embodiments herein is for the purpose of describing particular embodiments only and is not intended to be limiting. As used in the description of the various described embodiments and the appended claims, the singular forms “a”, “an,” and “the” are intended to include the plural forms as well, unless the context clearly indicates otherwise. It will also be understood that the term “and / or” as used herein refers to and encompasses any and all possible combinations of one or more of the associated listed items. It will be further understood that the terms “includes,” “including,” “comprises,” and / or “comprising,” when used in this specification, specify the presence of stated features, integers, steps, operations, elements, and / or components, but do not preclude the presence or addition of one or more other features, integers, steps, operations, elements, components, and / or groups thereof.

[0255] It is understood that embodiments described herein can include “consisting” and / or “consisting essentially of’ embodiments. For all methods, systems, products, assemblies, etc. described herein, the methods, systems, products, assemblies, etc. can either comprise the listed components or steps, or can “consist of’ or “consist essentially of’ the listed components or steps. When a system, product, assembly, etc. is described as “consisting essentially of’ the listed components, the system, product, assembly, etc. contain the components listed, and may contain other components which do not substantially affect the performance of the system, product, assembly, etc., but either do not contain any other components which substantially48MF-364629458Attorney Docket No. 504142001440affect the performance of the system, product, assembly, etc. other than those components expressly listed; or do not contain a sufficient concentration or amount of the extra components to substantially affect the performance of the system, product, assembly, etc. When a method is described as “consisting essentially of” the listed steps, the method contains the steps listed, and may contain other steps that do not substantially affect the outcome of the method, but the method does not contain any other steps which substantially affect the outcome of the method other than those steps expressly listed.

[0256] This application discloses several numerical ranges in the text and figures. The numerical ranges disclosed inherently support any range or value within the disclosed numerical ranges, including the endpoints, even though a precise range limitation is not stated verbatim in the specification because this disclosure can be practiced throughout the disclosed numerical ranges.49MF-364629458

Claims

Attorney Docket No. 504142001440CLAIMS1. A method of granting internet access, comprising:receiving, at a device associated with a user, a request for internet access;in response to receiving the request for internet access, executing, at the device, a single page web application (SPA);receiving, via the SPA, a user input associated with the request for internet access; in response to receiving the user input, transmitting a request for a receipt; receiving, at the device, the receipt; andin response to receiving the receipt, transmitting the receipt, wherein the internet access is provided to the device based on the transmitted receipt.

2. The method of claim 1, wherein:the user input associated with the request for internet access comprises information associated with the user,the transmitting the request for the receipt comprises transmitting the information, and the receipt is received in accordance with a determination that the user is authenticated according to the transmitted information.

3. The method of claim 2, wherein the information comprises at least one identifier of the user.

4. The method of any one of the preceding claims, wherein the receipt does not comprise personally identifiable information of the user.

5. The method of any one of the preceding claims, further comprising:in response to receiving the receipt, presenting, via the SPA, options for internet access; andreceiving, via the SPA, a selected option for internet access, wherein:one or more parameters associated with the internet access are based on the selected option.

6. The method of any one of the preceding claims, further comprising:50MF-364629458Attorney Docket No. 504142001440in response to receiving the receipt, presenting, via the SPA, a request for payment for internet access;receiving, via the SPA, a second user input responding to the request for the payment; receiving a second receipt, wherein the second receipt is received in accordance with a determination, based on the second user input, that the request for payment is satisfied; and in response to receiving the second receipt, transmitting the second receipt, wherein the internet access is provided to the device further based on the transmitted second receipt.

7. The method of claim 6, wherein:the first receipt is received from a second device, andthe second receipt is received from a third device different from the second device.

8. The method of any one of the preceding claims, wherein:the request for the receipt is transmitted to a second device,the internet access is provided by a third device different from the second device, and the receipt is transmitted to the third device.

9. The method of claim 8, wherein:the second device and the third device are configured to access a pre-shared secret, the second device is configured to generate the receipt based on the pre-shared secret, andthe third device is configured to:validate the receipt based on the pre-shared secret, andprovide internet access according to a determination that the receipt is valid.

10. The method of claim 8, wherein:the second device is configured to generate a signed receipt, andthe third device is configured to provide internet access in accordance with a determination that the signed receipt is valid.

11. The method of any one of the preceding claims, wherei n the receipt comprises a first portion and a signature portion, wherein:the first portion comprises data indicating an acceptance of the request for the receipt, and51MF-364629458Attorney Docket No. 504142001440the signature portion is generated based on an application of a cryptographic signing algorithm to the first portion.

12. The method of claim 11, wherein:the internet access is provided to the device in accordance with a determination, by a device receiving the transmitted receipt, that the receipt is valid, andthe determination that the receipt is valid comprises:identifying, from the receipt, the first portion and the signature portion, applying the cryptographic signing algorithm to the first portion yielding a computed signature,comparing the computed signature and the signature portion, and determining, based on the comparison, that the computed signature comprises a match of the signature portion.

13. The method of claim 12, wherein: in accordance with a determination that the receipt is not valid, the internet access is not provided to the device.

14. The method of any one of the preceding claims, wherein:the receipt comprises a timestamp indicating an issuing time of the receipt, the internet access is provided to the device in accordance with a determination that the receipt is valid, andthe determination that the receipt is valid comprises determining that the issuing time of the timestamp is within a threshold of a time of validation.

15. The method of any one of the preceding claims, wherein the executing the SPA comprises accessing static configuration data.

16. The method of claim 15, wherein the static configuration data comprises a bundle identifier, one or more signed authentication methods, one or more signed internet policies, one or more URLs for API endpoints associated with services, or any combination thereof.

17. The method of any one of the preceding claims, further comprising:52MF-364629458Attorney Docket No. 504142001440in response to receiving the receipt, transmitting an allowable signed authentication method and an allowable signed internet policy, wherein:the transmitted receipt corresponds to the allowable signed authentication method, andone or more parameters associated with the internet access are based on the allowed signed internet policy.

18. The method of claim 15, further comprising displaying, on a display of the device, content on a user interface of the SPA, wherein the content is determined based on the static configuration data.

19. The method of claim 18, wherein the content comprises an advertisement.

20. The method of claim 18 or 19, wherein the static configuration data comprises one or more rules for determining the content.

21. The method of claim 20, wherein the one or more rules are associated with one or more of a location, a time, user information, and device information.

22. The method of any one of claims 18 to 21, wherein the static configuration data comprises media content for being displayed on the user interface of the SPA.

23. The method of any one of claims 18 to 22, further comprising receiving, from a remote device, media content for being displayed on the user interface of the SPA.

24. The method of any one of claims 18 to 23, further comprising:in accordance with a determination that the request for internet access comprises a first request type, displaying the content; andin accordance with a determination that the request for internet access comprises a second request type, forgoing displaying the content.

25. The method of any one of claims 1 to 24, wherein:the user input associated with the request for internet access comprises information associated with a user selection of a payment option,the transmitting the request for the receipt comprises transmitting the information, and53MF-364629458Attorney Docket No. 504142001440the receipt is received in accordance with a determination that a request associated with the payment option is satisfied.

26. A system, comprising:a device associated with a user; andone or more processors configured to perform a method of granting internet access, the method comprising:receiving, at the device, a request for internet access;in response to receiving the request for internet access, executing, at the device, an SPA;receiving, via the SPA, a user input associated with the request for internet access;in response to receiving the user input, transmitting a request for a receipt; receiving, at the device, the receipt; andin response to receiving the receipt, transmitting the receipt, wherein the internet access is provided to the device based on the transmitted receipt.

27. A system, comprising:a device; andone or more processors configured to perform the method of any of claims 1-25.

28. A non-transitory computer-readable medium storing instructions that, when executed by one or more processors, cause the one or more processors to perform a method of granting internet access, the method comprising:receiving, at a device associated with a user, a request for internet access; in response to receiving the request for internet access, executing, at the device, an SPA;receiving, via the SPA, a user input associated with the request for internet access;in response to receiving the user input, transmitting a request for a receipt; receiving, at the device, the receipt; andin response to receiving the receipt, transmitting the receipt, wherein the internet access is provided to the device based on the transmitted receipt.54MF-364629458Attorney Docket No. 50414200144029. A non-transitory computer-readable medium storing instructions that, when executed by one or more processors, cause the one or more processors to perform the method of any of claims 1-25.

30. A computer program for granting internet access, the computer program comprising computer program code which, when executed on a device, causes the device to: receive, at a device associated with a user, a request for internet access;in response to receiving the request for internet access, execute, at the device, a single page web application (SPA);receive via the SPA, a user input associated with the request for internet access; in response to receiving the user input, transmit a request for a receipt; receive, at the device, the receipt; andin response to receiving the receipt, transmit the receipt, wherein the internet access is provided to the device based on the transmitted receipt.

31. A computer program for granting internet access, the computer program comprising computer program code which, when executed on a device, causes the device to perform the method of any of claims 1-25.

32. A computer program product comprising a computer program according to claim 30 or 31 and further comprising a computer readable means comprising non-transitory memory in which the computer program is stored.55MF-364629458