Financial account authentication

US 10,489,852 B2
Filed: 07/02/2013
Issued: 11/26/2019
Est. Priority Date: 07/02/2013
Status: Active Grant

First Claim

Patent Images

1. A computer-implemented method, comprising:

receiving, from a user device at a server computer system of a first entity, a request to include financial data describing a financial account in an interface of the server computer system, the financial account being associated with a financial institution that is a second entity different from the first entity;

identifying, by the server computer system, one or more metadata attributes associated with the financial account of the financial institution;

obtaining, by the server computer system, a public digital key associated with the financial institution;

providing, by the server computer system to the user device, data describing the one or more metadata attributes and the public digital key associated with the financial institution;

receiving, at the server computer system from the user device, respective values for the one or more metadata attributes, the corresponding values having been encrypted by the user device using the public digital key;

providing, by the server computer system to a computer system of the financial institution, the encrypted values for the one or more metadata attributes to one or more login webpages associated with the financial institution;

in response to providing the encrypted values for the one or more metadata attributes to one or more login webpages associated with the financial institution, receiving, by the server computer system from the computer system of the financial institution, an OAuth token for accessing financial data of the financial account associated with the financial institution, the OAuth token providing alternative credentials other than login credentials for the financial account;

storing, at the server computer system, the OAuth token to access and aggregate financial data describing the financial account associated with the financial institution;

accessing, by the server computer system, the computer system of the financial institution using the OAuth token to aggregate financial data describing the financial account associated with the financial institution;

determining, by the server computer system, that the public digital key associated with the financial institution has expired; and

in response to determining, by the server computer system, that the public digital key associated with the financial institution has expired, deleting, by the server computer system, the stored encrypted values for the one or more metadata attributes.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Methods, systems, and apparatus, including computer programs encoded on computer storage media, for receiving, from a user device, a request to include financial data describing a financial account in an interface, the financial account being associated with a particular financial institution; identifying one or more metadata attributes for accessing the financial account associated with the particular financial institution; obtaining a public digital key associated with the financial institution; providing, to the user device, data describing the one or more metadata attributes and the public digital key associated with the financial institution; receiving, from the user device, respective values for the one or more metadata attributes, the corresponding values having been encrypted by the user device using the public digital key; and storing the encrypted values for the one or more metadata attributes for use in accessing and aggregating financial data describing the financial account.

74 Citations

View as Search Results

15 Claims

1. A computer-implemented method, comprising:
- receiving, from a user device at a server computer system of a first entity, a request to include financial data describing a financial account in an interface of the server computer system, the financial account being associated with a financial institution that is a second entity different from the first entity;
  
  identifying, by the server computer system, one or more metadata attributes associated with the financial account of the financial institution;
  
  obtaining, by the server computer system, a public digital key associated with the financial institution;
  
  providing, by the server computer system to the user device, data describing the one or more metadata attributes and the public digital key associated with the financial institution;
  
  receiving, at the server computer system from the user device, respective values for the one or more metadata attributes, the corresponding values having been encrypted by the user device using the public digital key;
  
  providing, by the server computer system to a computer system of the financial institution, the encrypted values for the one or more metadata attributes to one or more login webpages associated with the financial institution;
  
  in response to providing the encrypted values for the one or more metadata attributes to one or more login webpages associated with the financial institution, receiving, by the server computer system from the computer system of the financial institution, an OAuth token for accessing financial data of the financial account associated with the financial institution, the OAuth token providing alternative credentials other than login credentials for the financial account;
  
  storing, at the server computer system, the OAuth token to access and aggregate financial data describing the financial account associated with the financial institution;
  
  accessing, by the server computer system, the computer system of the financial institution using the OAuth token to aggregate financial data describing the financial account associated with the financial institution;
  
  determining, by the server computer system, that the public digital key associated with the financial institution has expired; and
  
  in response to determining, by the server computer system, that the public digital key associated with the financial institution has expired, deleting, by the server computer system, the stored encrypted values for the one or more metadata attributes.
- View Dependent Claims (2, 3, 4, 5)
- - 2. The method of claim 1, wherein access to the financial account associated with the financial institution is restricted to read-only access based on the respective values for the one or more metadata attributes being encrypted.
  - 3. The method of claim 1, wherein the public digital key and a private digital key that corresponds to the public digital key are both generated by the financial institution.
  - 4. The method of claim 1, wherein obtaining, by the server computer system, a public digital key associated with the financial institution comprises obtaining, by the server computer system, the public digital key from the financial institution.
  - 5. The method of claim 1, wherein the one or more metadata attributes include a login, password, and one or more multi-factor authentication questions associated with the user device.

6. A non-transitory computer storage medium encoded with a computer program, the program comprising instructions that when executed by data processing apparatus cause the data processing apparatus to perform operations comprising:
- receiving, at a server computer system of a first entity from a user device, a request to include financial data describing a financial account in an interface, the financial account being associated with a financial institution that is a second entity different from the first entity;
  
  identifying, by the server computer system, one or more metadata attributes associated with the financial account of the financial institution;
  
  obtaining, by the server computer system, a public digital key associated with the financial institution;
  
  providing, by the server computer system to the user device, data describing the one or more metadata attributes and the public digital key associated with the financial institution;
  
  receiving, at the server computer system from the user device, respective values for the one or more metadata attributes, the corresponding values having been encrypted by the user device using the public digital key;
  
  providing, by the server computer system to a computer system of the financial institution, the encrypted values for the one or more metadata attributes to one or more login webpages associated with the financial institution;
  
  in response to providing the encrypted values for the one or more metadata attributes to one or more login webpages associated with the financial institution, receiving, by the server computer system from the computer system of the financial institution, an OAuth token for accessing financial data describing the financial account associated with the financial institution, the OAuth token providing alternative credentials other than login credentials for the financial account;
  
  storing, at the server computer system, the OAuth token to access and aggregate financial data describing the financial account associated with the financial institution;
  
  accessing, by the server computer system, the computer system of the financial institution using the OAuth token to aggregate financial data describing the financial account associated with the financial institution;
  
  determining, by the server computer system, that the public digital key associated with the financial institution has expired; and
  
  in response to determining, by the server computer system, that the public digital key associated with the financial institution has expired, deleting, by the server computer system, the stored encrypted values for the one or more metadata attributes.
- View Dependent Claims (7, 8, 9, 10)
- - 7. The non-transitory computer storage medium of claim 6, wherein access to the financial account associated with the financial institution is restricted to read-only access based on the respective values for the one or more metadata attributes being encrypted.
  - 8. The non-transitory computer storage medium of claim 6, wherein the public digital key and a private digital key that corresponds to the public digital key are both generated by the financial institution.
  - 9. The non-transitory computer storage medium of claim 6, wherein obtaining, by the server computer system, a public digital key associated with the financial institution comprises obtaining, by the server computer system, the public digital key from the financial institution.
  - 10. The non-transitory computer storage medium of claim 6, wherein the one or more metadata attributes include a login, password, and one or more multi-factor authentication questions associated with the user device.

11. A server computer system comprising one or more computers programmed to perform operations comprising:
- receiving, at the server computer system of a first entity, from a user device, a request to include financial data describing a financial account in an interface, the financial account being associated with a financial institution that is a second entity different from the first entity;
  
  identifying, by the server computer system, one or more metadata attributes associated with the financial account of the financial institution;
  
  obtaining, by the server computer system, a public digital key associated with the financial institution;
  
  providing, by the server computer system to the user device, data describing the one or more metadata attributes and the public digital key associated with the financial institution;
  
  receiving, at the server computer system from the user device, respective values for the one or more metadata attributes, the corresponding values having been encrypted by the user device using the public digital key;
  
  providing, by the server computer system to a computer system of the financial institution, the encrypted values for the one or more metadata attributes to one or more login webpages associated with the financial institution;
  
  in response to providing the encrypted values for the one or more metadata attributes to one or more login webpages associated with the financial institution, receiving, by the server computer system from the computer system of the financial institution, an OAuth token for accessing financial data of the financial account associated with the financial institution, the OAuth token providing alternative credentials other than login credentials for the financial account;
  
  storing, at the server computer system, the OAuth token to access and aggregate financial data describing the financial account associated with the financial institution;
  
  accessing, by the server computer system, the computer system of the financial institution using the OAuth token to aggregate financial data describing the financial account associated with the financial institution;
  
  determining, by the server computer system, that the public digital key associated with the financial institution has expired; and
  
  in response to determining, by the server computer system, that the public digital key associated with the financial institution has expired, deleting, by the server computer system, the stored encrypted values for the one or more metadata attributes.
- View Dependent Claims (12, 13, 14, 15)
- - 12. The system of claim 11, wherein access to the financial account associated with the financial institution is restricted to read-only access based on the respective values for the one or more metadata attributes being encrypted.
  - 13. The system of claim 11, wherein the public digital key and a private digital key that corresponds to the public digital key are both generated by the financial institution.
  - 14. The system of claim 11, wherein obtaining, by the server computer system, a public digital key associated with the financial institution comprises obtaining, by the server computer system, the public digital key from the financial institution.
  - 15. The system of claim 11, wherein the one or more metadata attributes include a login, password, and one or more multi-factor authentication questions associated with the user device.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Yodlee Incorporated (Envestnet Incorporated)
Original Assignee
Yodlee Incorporated (Envestnet Incorporated)
Inventors
Bhat, Dheeraj, Shetty, Sachinraj, Makam, Venkata Naga Saran Kumar
Primary Examiner(s)
Obeid, Mamon

Application Number

US13/934,173
Publication Number

US 20150012443A1
Time in Patent Office

2,338 Days
Field of Search

None
US Class Current
CPC Class Codes

G06F 21/57   Certifying or maintaining t...

G06F 9/451   Execution arrangements for ...

G06Q 20/108   Remote banking, e.g. home b...

G06Q 20/3829   involving key management

G06Q 30/0601   Electronic shopping [e-shop...

G06Q 40/00   Finance; Insurance; Tax str...

G06Q 40/02   Banking, e.g. interest calc...

Financial account authentication

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

74 Citations

15 Claims

Specification

Use Cases

Quick Links

Others

Financial account authentication

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

74 Citations

15 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others