×

Secure permissioning of access to user accounts, including secure deauthorization of access to user accounts

  • US 10,104,059 B2
  • Filed: 09/07/2016
  • Issued: 10/16/2018
  • Est. Priority Date: 09/08/2015
  • Status: Active Grant
First Claim
Patent Images

1. A computer-implemented method of facilitating transactions while minimizing sharing of sensitive account information, the computer-implemented method comprising:

  • determining a plurality of computing devices including at least;

    a first computing device;

    a second computing device associated with an external application;

    a third computing device associated with an institution; and

    a fourth computing device,wherein;

    the first computing device is in two-way communication with all of the second, third, and fourth computing devices, andthe fourth computing device is in two-way communication with all of the first, third, and fourth computing devices;

    by the first computing device executing program instructions;

    receiving, from the second computing device, an authorization request including an indication of a user account;

    retrieving, from the third computing device associated with the institution, information associated with the user account held by the institution; and

    providing, to the fourth computing device, at least a portion of the information associated with the user account; and

    by the fourth computing device executing program instructions;

    receiving, from the first computing device, the information associated with the user account, wherein the information includes at least;

    account information associated with the user account that is associated with the institution, andan identifier associated with an external application;

    generating at least;

    an electronic record of the information, anda token associated with the electronic record;

    causing at least one of a unique identifier associated with the token or the token to be provided to the second computing device;

    receiving, from the second computing device, at least;

    the at least one of the unique identifier associated with the token or the token, anda request to cause a transaction related to the user account to be executed;

    verifying, based at least in part on the at least one of the unique identifier associated with the token or the token, authorization of the second computing device to cause the transaction to be executed;

    initiating the transaction via communication with the third computing device or another institution or transaction processor;

    receiving a request to deauthorize the second computing device from causing execution of transactions related to the user account; and

    in response to the request to deauthorize the second computing device, revoking the at least one of the unique identifier associated with the token or the token,whereby the second computing device is enabled to cause transactions related to the user account to be executed without sharing account information with the second computing device, andwhereby deauthorization of the second computing device from causing transactions to be executed is efficiently enabled by revocation of the at least one of the unique identifier associated with the token or the token.

View all claims
  • 3 Assignments
Timeline View
Assignment View
    ×
    ×