The U.S. Patent and Trademark Office on Thursday published an Apple patent application describing a system that thwarts spam mail by automatically generating and handling "disposable" email addresses, all while being transparent to the end user.
According to Apple's patent filing, suitably titled "Disposable email address generation and mapping to a regular email account," the integrated system would work at the server level to act as a screen for incoming spam mail.
Further, these generated email accounts can be intelligently tagged with contextual clues to help users track down the source responsible for handing off the address to a spam provider.
As noted in the document, email has become a ubiquitous form of communication. Just as physical mail has "junk mail" (advertisements, pamphlets, etc.), so too does email in the form of spam. Unlike snail mail, however, the level of spam can quickly become unmanageable. Not only are user addresses easily obtainable and transferable, but the costs associated with sending digital junk are comparatively miniscule.
To help combat the rising tide of spam, some users have turned to disposable email addresses that can be easily destroyed or deactivated once abused by a spammer. These accounts usually forward mail to a permanent email address without exposing said address to unwanted parties. This saves users from the hassles associated with changing a permanent email address, such as remembering and notifying important contacts.
As it stands, the disposable email system is cumbersome, says Apple, and may require obtaining accounts from sources other than their primary provider. The generated account names are usually easily recognizable and are sometimes not accepted by certain automated online services that block bots.
Apple proposes an automated system that in some embodiments automatically creates and handles a temporary email address, associating it with a permanent non-disposable address. If and when a disposable account is misused, the user can dump it and move on to a new one without ditching their permanent address.
In some cases, the system can assign context information when creating the disposable account. For example, if a user is giving their address to a vendor, context information associated with that vendor's name can be added as part of the address. If the user receives spam through that specific account, they will be able to examine the associated context information and use it to take action against the vendor for providing the address to an unauthorized party.
An important part of the application relies on the backend system's handling of incoming messages. With normal disposable address methods, emails are forwarded directly to users' permanent accounts. This may lead to accidental replies from a non-disposable address. Apple's system would automatically detect which account a reply is coming from and handle the transfer accordingly without exposing the user.
The temporary accounts would preferably be indistinguishable from a permanent address. For example, if email addresses associated with the server usually use the format "FirstName.LastName@domain.com," the system would create a similar disposable account for a user. Obviously, real names would not be used in such a scenario.
The remainder of the application details various implementations of the invention, such as browser plug-ins, email clients and server-level instruction sets. Also discussed are possible graphical user interfaces for both a dedicated app and Web clients.
Apple's disposable email patent application was first filed for in 2012 and credits Cameron J. Esfahani, Carl J. Norum, Daniel R. FletcherJames C. Murphy, Santo S. Sapienza, Shachar Ron and Stanley A. Rabu as its inventors.
69 Comments
"Further, these generated email accounts would be intelligently tagged with contextual clues that help users track down the source responsible for handing off the address to a spam provider." YES! 1000 times YES! Once they do that I'll be able to get my cyber hands around their cyber throats.
I wish that Apple at least started to do what Google does with Gmail: Cache all pictures and stuff on their own servers. Today most spam gets validation thru HTML mail. Having picture/links cached on local servers stops this. I understand that Google does this because THEY want to data mine the stuff instead. In Apples case: I trust them more, since they don't make their money from advertising/data mining.
This is so obvious that I'd expected it earlier. Still, great if they implement such a system. I used to create a gmail (sic) account if I ordered something online, and delete the account from Mail once delivered. As good as gmail is at getting rid of spam, I moved on, because, well, gmail is still Google after all.
Is the RFC process dead? Shouldn't the industry, through the RFC process deal with this problem?
Therein lies the difference between Apple & Google, one seeks ways to protect, one seeks ways to abuse privacy.