SECURE PERMISSIONING OF ACCESS TO USER ACCOUNTS, INCLUDING SECURE DEAUTHORIZATION OF ACCESS TO USER ACCOUNTS
First Claim
1. A computer-implemented method of providing user account data, the computer-implemented method comprising:
- by one or more hardware processors executing program instructions;
receiving, from a first computing device, information associated with an authorization request, wherein the information includes at least;
account credentials associated with one or more user accounts;
generating at least;
an electronic record of the information, anda token associated with the electronic record;
providing the token to the first computing device;
receiving, from a second computing device, at least;
the token, anda request for user account data associated with at least one of the one or more user accounts; and
providing, to the second computing device and based on the account credentials, user account data associated with the at least one of the one or more user accounts.
3 Assignments
0 Petitions
Accused Products
Abstract
A permissions management system is disclosed for enabling a user to securely authorize a third-party system to access user account data and initiate transactions related to a user account, without disclosing to the third-party system account credentials. The system enables the user to also securely de-authorize the third-party system. For example, records may be automatically generated that securely store account information, including one or more permissions related to the account and/or the third-party. A token associated with a record may be shared with the third-party system, but neither the record itself, nor the user account credentials, may be shared with the third-party. Accordingly, the third-party may request user account data and/or initiate transactions by providing the token, but does not itself know, e.g., the user account credentials. Further, the user may set various permissions related to the token, and may also revoke the token (e.g., de-authorize the third-party), thus providing increased security to the user'"'"'s account.
70 Citations
29 Claims
-
1. A computer-implemented method of providing user account data, the computer-implemented method comprising:
by one or more hardware processors executing program instructions; receiving, from a first computing device, information associated with an authorization request, wherein the information includes at least; account credentials associated with one or more user accounts; generating at least; an electronic record of the information, and a token associated with the electronic record; providing the token to the first computing device; receiving, from a second computing device, at least; the token, and a request for user account data associated with at least one of the one or more user accounts; and providing, to the second computing device and based on the account credentials, user account data associated with the at least one of the one or more user accounts. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
-
12. A computer-implemented method of providing user account data, the computer-implemented method comprising:
by one or more hardware processors executing program instructions; receiving, from a first computing device, a token associated with an authorization request, wherein the token is further associated with an institution, an external application, and a user account held by the institution; receiving a request for user account data from a second computing device, wherein the second computing device is associated with the external application; providing, to a computing device associated with the institution; the token, and a request for user account data associated with the user account; and receiving user account data from a computing device associated with the institution. - View Dependent Claims (13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24)
-
25. A computer-implemented method of authorizing access to user account data, the computer-implemented method comprising:
by one or more hardware processors executing program instructions; providing, to a first computing device associated with an institution, information associated with an authorization request, wherein the information includes at least; account credentials associated with one or more user accounts; receiving, from the first computing device, a request for additional information, wherein the additional information includes at least one of;
multi-factor authentication information, a selection of a user account of a plurality of user accounts, or an indication of agreement to a document;receiving, from a computing device associated with the institution, a token associated with the institution, an external application, and at least one of the one or more user accounts; and providing the token to a second computing device. - View Dependent Claims (26, 27, 28, 29)
Specification