Identifying the computer used to place an order

Cookies

As a trusted site you can run ipconfig and get the internal IP address.

If there is a cookie (sent with the initial request) that id's the box

Send back a challenge that is based on  a "hidden" value which is stored only at the box and never sent to the web site.

In the browser at the box, combine the challenge mathimatically with the hidden value and return the result with the order.

In the web server, combine the challenge with what we think the hidden value is and compare that to the result send with the order.

Note success or failure.

else

Send back an ID cookie

In the browser at the box, set the hidden value and store it in a special cookie that is never sent to the web server.

At the web server, guess the value of the hidden variable on the remote box.

See also:

• http://msdn.microsoft.com/ieupdate/activexchanges.asp Default Handling of ActiveX Controls by Internet Explorer