System and method for facilitating programmatic verification of transactions

US 9,595,023 B1
Filed: 07/02/2015
Issued: 03/14/2017
Est. Priority Date: 05/21/2014
Status: Active Grant

First Claim

Patent Images

1. A computer system comprising:

one or more computer readable storage devices configured to store a plurality of computer executable instructions; and

one or more hardware computer processors in communication with the one or more computer readable storage devices and configured to execute the plurality of computer executable instructions in order to cause the computer system to;

execute an Application Programming Interface (API) of the computer system, the API of the computer system configured to receive and provide responses to requests from a developer computing device according to a normalized format of the API of the computer system;

receive, via the API and according to the normalized format, a request from the developer computing device for transaction data associated with a user, the request including at least;

a username associated with the user,a password associated with the user, andan external institution identifier;

determine, based on the external institution identifier, an external institution associated with the request;

in response to the request, instantiate a virtualized instance of a mobile device application associated with the external institution, wherein;

the virtualized instance of the mobile device application is uniquely configured to interface with an external computing device of the external institution via a non-public API of the external computing device of the external institution,the non-public API of the external computing device of the external institution is configured to interact with the mobile device application, andthe virtualized instance of the mobile device application is generated based on an analysis of an actual instance of a mobile device application associated with the external institution and interactions between the actual instance of the mobile device application and the external computing device of the external institution;

authenticate the virtualized instance of the mobile device application with the external computing device of the external institution based on at least one of;

an mobile device identifier code,an mobile device authentication token, ora mobile device Media Access Control (MAC) address;

request, by the virtualized instance of the mobile device application and via the non-public API of the external computing device of the external institution, the transaction data associated with the user from the external computing device of the external institution by;

providing the username associated with the user and the password associated with the user to the external computing device of the external institution;

requesting the transaction data from the external computing device of the external institution; and

receiving the transaction data associated with the user from the external computing device of the external institution;

provide, via the API of the computer system and in the normalized format, the transaction data to the developer computing device; and

persist, in the one or more computer readable storage devices of the computer system, the virtualized instance of the mobile device application such that future requests for transaction data associated with the user may be obtained via the virtualized instance of the mobile device application.

View all claims

4 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Systems and methods for programmatic access of a financial institution system. A normalized API request provided by an application system specifies user information corresponding to at least one account endpoint of an external financial institution system. Responsive to the request, at least one application proxy instance associated with the normalized API request is used to collect transaction information from a corresponding financial institution system by providing the financial institution system with a proprietary API request that specifies at least account credentials associated with the user information. The transaction information is included in at least one proprietary API response provided by the financial institution system. A normalized API response is generated based on the collected transaction information and provided to the application system. Each application proxy instance is constructed to simulate an application of the corresponding financial institution system on behalf of a user associated with the application proxy instance.

205 Citations

12 Claims

1. A computer system comprising:
- one or more computer readable storage devices configured to store a plurality of computer executable instructions; and
  
  one or more hardware computer processors in communication with the one or more computer readable storage devices and configured to execute the plurality of computer executable instructions in order to cause the computer system to;
  
  execute an Application Programming Interface (API) of the computer system, the API of the computer system configured to receive and provide responses to requests from a developer computing device according to a normalized format of the API of the computer system;
  
  receive, via the API and according to the normalized format, a request from the developer computing device for transaction data associated with a user, the request including at least;
  
  a username associated with the user,a password associated with the user, andan external institution identifier;
  
  determine, based on the external institution identifier, an external institution associated with the request;
  
  in response to the request, instantiate a virtualized instance of a mobile device application associated with the external institution, wherein;
  
  the virtualized instance of the mobile device application is uniquely configured to interface with an external computing device of the external institution via a non-public API of the external computing device of the external institution,the non-public API of the external computing device of the external institution is configured to interact with the mobile device application, andthe virtualized instance of the mobile device application is generated based on an analysis of an actual instance of a mobile device application associated with the external institution and interactions between the actual instance of the mobile device application and the external computing device of the external institution;
  
  authenticate the virtualized instance of the mobile device application with the external computing device of the external institution based on at least one of;
  
  an mobile device identifier code,an mobile device authentication token, ora mobile device Media Access Control (MAC) address;
  
  request, by the virtualized instance of the mobile device application and via the non-public API of the external computing device of the external institution, the transaction data associated with the user from the external computing device of the external institution by;
  
  providing the username associated with the user and the password associated with the user to the external computing device of the external institution;
  
  requesting the transaction data from the external computing device of the external institution; and
  
  receiving the transaction data associated with the user from the external computing device of the external institution;
  
  provide, via the API of the computer system and in the normalized format, the transaction data to the developer computing device; and
  
  persist, in the one or more computer readable storage devices of the computer system, the virtualized instance of the mobile device application such that future requests for transaction data associated with the user may be obtained via the virtualized instance of the mobile device application.
- View Dependent Claims (2, 3, 4, 5, 6)
- - 2. The computer system of claim 1, wherein the non-public API is a private API of the external computing device of the external institution, and wherein the non-public API is different from a web browser interface.
  - 3. The computer system of claim 1, wherein the virtualized instance of the mobile device application is further generated based on at least one of:
    - parsing source code of the actual instance of the mobile device application, or parsing communication between the actual instance of the mobile device application and the external computing device of the external institution.
  - 4. The computer system of claim 3, wherein the virtualized instance of the mobile device application defines headers of messages sent to the external computing device of the external institution, and wherein the non-public API is different from a web browser interface.
  - 5. The computer system of claim 1, wherein the one or more hardware computer processors are configured to execute the plurality of computer executable instructions in order to further cause the computer system to:
    - further request, by the virtualized instance of the mobile device application and via the non-public API of the external computing device of the external institution, the transaction data associated with the user from the external computing device of the external institution by;
      
      receiving a request for second factor authentication information from the external computing device of the external institution;
      
      requesting, via the API of the computer system, the second factor authentication information from the developer computing device;
      
      receiving, via the API of the computer system, the second factor authentication information from the developer computing device;
      
      providing the second factor authentication information to the external computing device of the external institution; and
      
      receiving, from the external computing device of the external institution, a response indicating acceptance of the second factor authentication information.
  - 6. The computer system of claim 1, wherein the one or more hardware computer processors are configured to execute the plurality of computer executable instructions in order to further cause the computer system to:
    - enhance the transaction data associated with the user by;
      
      augmenting, based on an analysis of the transaction data, a plurality of transaction data items of the transaction data with respective category labels;
      
      augmenting, based on a further analysis of the transaction data, the plurality of transaction data items of the transaction data with respective geolocation information; and
      
      standardizing a format of the transaction data such that the transaction data may be provided by the computer system in the normalized format.

7. A computer-implemented method comprising:
- by a computer system having one or more hardware computer processors executing a plurality of computer executable instructions;
  
  executing an Application Programming Interface (API) of the computer system, the API of the computer system configured to receive and provide responses to requests from a developer computing device according to a normalized format of the API of the computer system;
  
  receiving, via the API and according to the normalized format, a request from the developer computing device for transaction data associated with a user, the request including at least;
  
  a username associated with the user,a password associated with the user, andan external institution identifier;
  
  determining, based on the external institution identifier, an external institution associated with the request;
  
  in response to the request, instantiating a virtualized instance of a mobile device application associated with the external institution, wherein;
  
  the virtualized instance of the mobile device application is uniquely configured to interface with an external computing device of the external institution via a non-public API of the external computing device of the external institution,the non-public API of the external computing device of the external institution is configured to interact with the mobile device application, andthe virtualized instance of the mobile device application is generated based on an analysis of an actual instance of a mobile device application associated with the external institution and interactions between the actual instance of the mobile device application and the external computing device of the external institution;
  
  authenticating the virtualized instance of the mobile device application with the external computing device of the external institution based on at least one of;
  
  an mobile device identifier code,an mobile device authentication token, ora mobile device Media Access Control (MAC) address;
  
  requesting, by the virtualized instance of the mobile device application and via the non-public API of the external computing device of the external institution, the transaction data associated with the user from the external computing device of the external institution by;
  
  providing the username associated with the user and the password associated with the user to the external computing device of the external institution;
  
  requesting the transaction data from the external computing device of the external institution; and
  
  receiving the transaction data associated with the user from the external computing device of the external institution;
  
  providing, via the API of the computer system and in the normalized format, the transaction data to the developer computing device; and
  
  persisting, in one or more computer readable storage devices of the computer system, the virtualized instance of the mobile device application such that future requests for transaction data associated with the user may be obtained via the virtualized instance of the mobile device application.
- View Dependent Claims (8, 9)
- - 8. The computer-implemented method of claim 7 further comprising:
    - by the one or more hardware computer processors executing the plurality of computer executable instructions;
      
      in response to receiving a request for second factor authentication information from the external computing device of the external institution;
      
      providing the second factor authentication information to the external computing device of the external institution; and
      
      receiving, from the external computing device of the external institution, a response indicating acceptance of the second factor authentication information.
  - 9. The computer-implemented method of claim 7 further comprising:
    - by the one or more hardware computer processors executing the plurality of computer executable instructions;
      
      enhancing the transaction data associated with the user by;
      
      augmenting, based on an analysis of the transaction data, a plurality of transaction data items of the transaction data with respective category labels;
      
      augmenting, based on a further analysis of the transaction data, the plurality of transaction data items of the transaction data with respective geolocation information; and
      
      standardizing a format of the transaction data such that the transaction data may be provided by the computer system in the normalized format.

10. A non-transitory computer-readable medium storing software instructions that, in response to execution by one or more hardware computer processors of a computer system, configure the one or more hardware computer processors to perform operations comprising:
- executing an Application Programming Interface (API) of the computer system, the API of the computer system configured to receive and provide responses to requests from a developer computing device according to a normalized format of the API of the computer system;
  
  receiving, via the API and according to the normalized format, a request from the developer computing device for transaction data associated with a user, the request including at least;
  
  a username associated with the user,a password associated with the user, andan external institution identifier;
  
  determining, based on the external institution identifier, an external institution associated with the request;
  
  in response to the request, instantiating a virtualized instance of a mobile device application associated with the external institution, wherein;
  
  the virtualized instance of the mobile device application is uniquely configured to interface with an external computing device of the external institution via a non-public API of the external computing device of the external institution,the non-public API of the external computing device of the external institution is configured to interact with the mobile device application, andthe virtualized instance of the mobile device application is generated based on an analysis of an actual instance of a mobile device application associated with the external institution and interactions between the actual instance of the mobile device application and the external computing device of the external institution;
  
  authenticating the virtualized instance of the mobile device application with the external computing device of the external institution based on at least one of;
  
  an mobile device identifier code,an mobile device authentication token, ora mobile device Media Access Control (MAC) address;
  
  requesting, by the virtualized instance of the mobile device application and via the non-public API of the external computing device of the external institution, the transaction data associated with the user from the external computing device of the external institution by;
  
  providing the username associated with the user and the password associated with the user to the external computing device of the external institution;
  
  requesting the transaction data from the external computing device of the external institution; and
  
  receiving the transaction data associated with the user from the external computing device of the external institution;
  
  providing, via the API of the computer system and in the normalized format, the transaction data to the developer computing device; and
  
  persisting, in the non-transitory computer-readable medium of the computer system, the virtualized instance of the mobile device application such that future requests for transaction data associated with the user may be obtained via the virtualized instance of the mobile device application.
- View Dependent Claims (11, 12)
- - 11. The non-transitory computer-readable medium of claim 10, wherein further in response to execution by one or more hardware computer processors, the software instructions configure the one or more hardware computer processors to perform operations comprising:
    - in response to receiving a request for second factor authentication information from the external computing device of the external institution;
      
      providing the second factor authentication information to the external computing device of the external institution; and
      
      receiving, from the external computing device of the external institution, a response indicating acceptance of the second factor authentication information.
  - 12. The non-transitory computer-readable medium of claim 10, wherein further in response to execution by one or more hardware computer processors, the software instructions configure the one or more hardware computer processors to perform operations comprising:
    - enhancing the transaction data associated with the user by;
      
      augmenting, based on an analysis of the transaction data, a plurality of transaction data items of the transaction data with respective category labels;
      
      augmenting, based on a further analysis of the transaction data, the plurality of transaction data items of the transaction data with respective geolocation information; and
      
      standardizing a format of the transaction data such that the transaction data may be provided by the computer system in the normalized format.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Plaid Inc.
Original Assignee
Plaid Technologies Incorporated (Plaid Inc.)
Inventors
Hockey, William, Perret, Zach, Li, Charles
Primary Examiner(s)
Vyas, Abhishek
Assistant Examiner(s)
Nguyen, Liz P

Application Number

US14/790,897
Time in Patent Office

621 Days
Field of Search
US Class Current

1/1
CPC Class Codes

G06Q 20/023   the neutral party being a c...

G06Q 20/3223   Realising banking transacti...

G06Q 20/4014   Identity check for transact...

System and method for facilitating programmatic verification of transactions

First Claim

4 Assignments

0 Petitions

Accused Products

Abstract

205 Citations

12 Claims

Specification

Solutions

Use Cases

Quick Links

System and method for facilitating programmatic verification of transactions

First Claim

4 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

205 Citations

12 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links