Ensuring information security using one-time tokens
First Claim
1. A method, comprising:
- receiving, by a computing platform, a request to register a mobile device as a push notification recipient;
based on receiving the request to register the mobile device as the push notification recipient, storing, by the computing platform, device information for the mobile device to register the mobile device as a registered mobile device linked to a user account;
generating, by the computing platform, a certificate for the registered mobile device based on the device information stored for the mobile device and a private key maintained by the registered mobile device;
sending, by the computing platform, to the registered mobile device, the certificate generated by computing platform for the registered mobile device;
receiving, by the computing platform, and from a user computing device, a request to access an online banking portal using the user account, wherein the online banking portal comprises a customer-facing online banking website that is provided by a financial institution operating the computing platform, the customer-facing online banking website comprising a plurality of interactive user interfaces configured to allow one or more users of the customer-facing online banking website to access financial account information maintained by the financial institution operating the computing platform, transfer funds between financial accounts maintained by the financial institution operating the computing platform, and request and perform transactions using financial accounts maintained by the financial institution operating the computing platform;
based on receiving the request to access the online banking portal, generating, by the computing platform, a notification for the registered mobile device linked to the user account;
sending, by the computing platform, the notification to the registered mobile device;
after sending the notification to the registered mobile device, receiving, by the computing platform, from the registered mobile device, a message indicating that a user of the registered mobile device has been authenticated by a mobile banking application on the registered mobile device, wherein the mobile banking application on the registered mobile device authenticates the user of the registered mobile device based on biometric input received from the user of the registered mobile device;
generating, by the computing platform, a one-time token message that includes a prompt for authorizing the user computing device to access the online banking portal using the user account;
encrypting, by the computing platform, the one-time token message based on the certificate generated by computing platform for the registered mobile device;
sending, by the computing platform, the one-time token message to the registered mobile device;
receiving, by the computing platform, token response input from the registered mobile device;
if the token response input does not authorize the user computing device to access the online banking portal using the user account, preventing, by the computing platform, the user computing device from accessing the online banking portal using the user account;
if the token response input does authorize the user computing device to access the online banking portal using the user account, providing, by the computing platform, the user computing device with access to the online banking portal using the user account;
receiving, by the computing platform, via the online banking portal, and from the user computing device, a request to perform a transaction involving at least one financial account linked to the user account, the request to perform the transaction involving the at least one financial account linked to the user account being created on the online banking portal via at least one user interface of the customer-facing online banking web site that is provided by the financial institution operating the computing platform, wherein the request to perform the transaction involving the at least one financial account linked to the user account comprises a request to register a new device as a push notification recipient with the financial institution operating the computing platform;
based on receiving the request to perform the transaction, generating, by the computing platform, a second notification for the registered mobile device linked to the user account;
sending, by the computing platform, the second notification to the registered mobile device;
after sending the second notification to the registered mobile device, generating, by the computing platform, a second one-time token message that includes a prompt for authorizing the transaction;
encrypting, by the computing platform, the second one-time token message based on the certificate generated by computing platform for the registered mobile device;
sending, by the computing platform, the second one-time token message to the registered mobile device;
receiving, by the computing platform, second token response input from the registered mobile device;
if the second token response input does not authorize the transaction, canceling, by the computing platform, the request to perform the transaction; and
if the second token response input does authorize the transaction, causing, by the computing platform, the transaction to be performed,wherein the mobile banking application on the registered mobile device is configured to present the prompt included in the one-time token message to the user of the registered mobile device, the mobile banking application being associated with the financial institution operating the computing platform,wherein the mobile banking application on the registered mobile device is configured to present the prompt included in the second one-time token message to the user of the registered mobile device, andwherein the second notification deep links to a user interface of the mobile banking application that includes a list of pending one-time token requests.
1 Assignment
0 Petitions
Accused Products
Abstract
Methods, systems, and computer-readable media for ensuring information security using one-time tokens are presented. In one or more embodiments, a computing platform may receive, from a user device, a request to access an online banking portal using a user account. Based on the request, the computing platform may generate and send a notification to a registered mobile device linked to the user account. After sending the notification, the computing platform may generate a one-time token message that includes a prompt for authorizing the user device to access the online banking portal using the user account. The computing platform then may send the one-time token message to the mobile device and receive token response input from the mobile device. Based on the input, the computing platform may prevent the user device from accessing the online banking portal or, alternatively, may provide the user device with access to the online banking portal.
-
Citations
15 Claims
-
1. A method, comprising:
-
receiving, by a computing platform, a request to register a mobile device as a push notification recipient; based on receiving the request to register the mobile device as the push notification recipient, storing, by the computing platform, device information for the mobile device to register the mobile device as a registered mobile device linked to a user account; generating, by the computing platform, a certificate for the registered mobile device based on the device information stored for the mobile device and a private key maintained by the registered mobile device; sending, by the computing platform, to the registered mobile device, the certificate generated by computing platform for the registered mobile device; receiving, by the computing platform, and from a user computing device, a request to access an online banking portal using the user account, wherein the online banking portal comprises a customer-facing online banking website that is provided by a financial institution operating the computing platform, the customer-facing online banking website comprising a plurality of interactive user interfaces configured to allow one or more users of the customer-facing online banking website to access financial account information maintained by the financial institution operating the computing platform, transfer funds between financial accounts maintained by the financial institution operating the computing platform, and request and perform transactions using financial accounts maintained by the financial institution operating the computing platform; based on receiving the request to access the online banking portal, generating, by the computing platform, a notification for the registered mobile device linked to the user account; sending, by the computing platform, the notification to the registered mobile device; after sending the notification to the registered mobile device, receiving, by the computing platform, from the registered mobile device, a message indicating that a user of the registered mobile device has been authenticated by a mobile banking application on the registered mobile device, wherein the mobile banking application on the registered mobile device authenticates the user of the registered mobile device based on biometric input received from the user of the registered mobile device; generating, by the computing platform, a one-time token message that includes a prompt for authorizing the user computing device to access the online banking portal using the user account; encrypting, by the computing platform, the one-time token message based on the certificate generated by computing platform for the registered mobile device; sending, by the computing platform, the one-time token message to the registered mobile device; receiving, by the computing platform, token response input from the registered mobile device; if the token response input does not authorize the user computing device to access the online banking portal using the user account, preventing, by the computing platform, the user computing device from accessing the online banking portal using the user account; if the token response input does authorize the user computing device to access the online banking portal using the user account, providing, by the computing platform, the user computing device with access to the online banking portal using the user account; receiving, by the computing platform, via the online banking portal, and from the user computing device, a request to perform a transaction involving at least one financial account linked to the user account, the request to perform the transaction involving the at least one financial account linked to the user account being created on the online banking portal via at least one user interface of the customer-facing online banking web site that is provided by the financial institution operating the computing platform, wherein the request to perform the transaction involving the at least one financial account linked to the user account comprises a request to register a new device as a push notification recipient with the financial institution operating the computing platform; based on receiving the request to perform the transaction, generating, by the computing platform, a second notification for the registered mobile device linked to the user account; sending, by the computing platform, the second notification to the registered mobile device; after sending the second notification to the registered mobile device, generating, by the computing platform, a second one-time token message that includes a prompt for authorizing the transaction; encrypting, by the computing platform, the second one-time token message based on the certificate generated by computing platform for the registered mobile device; sending, by the computing platform, the second one-time token message to the registered mobile device; receiving, by the computing platform, second token response input from the registered mobile device; if the second token response input does not authorize the transaction, canceling, by the computing platform, the request to perform the transaction; and if the second token response input does authorize the transaction, causing, by the computing platform, the transaction to be performed, wherein the mobile banking application on the registered mobile device is configured to present the prompt included in the one-time token message to the user of the registered mobile device, the mobile banking application being associated with the financial institution operating the computing platform, wherein the mobile banking application on the registered mobile device is configured to present the prompt included in the second one-time token message to the user of the registered mobile device, and wherein the second notification deep links to a user interface of the mobile banking application that includes a list of pending one-time token requests. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13)
-
-
14. A computing platform, comprising:
-
at least one processor; and memory storing computer-readable instructions that, when executed by the at least one processor, cause the computing platform to; receive a request to register a mobile device as a push notification recipient; based on receiving the request to register the mobile device as the push notification recipient, store device information for the mobile device to register the mobile device as a registered mobile device linked to a user account; generate a certificate for the registered mobile device based on the device information stored for the mobile device and a private key maintained by the registered mobile device; send, to the registered mobile device, the certificate generated by computing platform for the registered mobile device; receive, from a user computing device, a request to access an online banking portal using the user account, wherein the online banking portal comprises a customer-facing online banking website that is provided by a financial institution operating the computing platform, the customer-facing online banking website comprising a plurality of interactive user interfaces configured to allow one or more users of the customer-facing online banking website to access financial account information maintained by the financial institution operating the computing platform, transfer funds between financial accounts maintained by the financial institution operating the computing platform, and request and perform transactions using financial accounts maintained by the financial institution operating the computing platform; based on receiving the request to access the online banking portal, generate a notification for the registered mobile device linked to the user account; send the notification to the registered mobile device; after sending the notification to the registered mobile device, receive, from the registered mobile device, a message indicating that a user of the registered mobile device has been authenticated by a mobile banking application on the registered mobile device, wherein the mobile banking application on the registered mobile device authenticates the user of the registered mobile device based on biometric input received from the user of the registered mobile device; generate a one-time token message that includes a prompt for authorizing the user computing device to access the online banking portal using the user account; encrypt the one-time token message based on the certificate generated by computing platform for the registered mobile device; send the one-time token message to the registered mobile device; receive token response input from the registered mobile device; if the token response input does not authorize the user computing device to access the online banking portal using the user account, prevent the user computing device from accessing the online banking portal using the user account; if the token response input does authorize the user computing device to access the online banking portal using the user account, provide the user computing device with access to the online banking portal using the user account; receive, via the online banking portal, and from the user computing device, a request to perform a transaction involving at least one financial account linked to the user account, the request to perform the transaction involving the at least one financial account linked to the user account being created on the online banking portal via at least one user interface of the customer-facing online banking web site that is provided by the financial institution operating the computing platform, wherein the request to perform the transaction involving the at least one financial account linked to the user account comprises a request to register a new device as a push notification recipient with the financial institution operating the computing platform; based on receiving the request to perform the transaction, generate a second notification for the registered mobile device linked to the user account; send the second notification to the registered mobile device; after sending the second notification to the registered mobile device, generate a second one-time token message that includes a prompt for authorizing the transaction; encrypt the second one-time token message based on the certificate generated by computing platform for the registered mobile device; send the second one-time token message to the registered mobile device; receive second token response input from the registered mobile device; if the second token response input does not authorize the transaction, cancel the request to perform the transaction; and if the second token response input does authorize the transaction, cause the transaction to be performed, wherein the mobile banking application on the registered mobile device is configured to present the prompt included in the one-time token message to the user of the registered mobile device, the mobile banking application being associated with the financial institution operating the computing platform, wherein the mobile banking application on the registered mobile device is configured to present the prompt included in the second one-time token message to the user of the registered mobile device, and wherein the second notification deep links to a user interface of the mobile banking application that includes a list of pending one-time token requests.
-
-
15. One or more non-transitory computer-readable media storing instructions that, when executed by a computing platform comprising at least one processor and memory, cause the computing platform to:
-
receive a request to register a mobile device as a push notification recipient; based on receiving the request to register the mobile device as the push notification recipient, store device information for the mobile device to register the mobile device as a registered mobile device linked to a user account; generate a certificate for the registered mobile device based on the device information stored for the mobile device and a private key maintained by the registered mobile device; send, to the registered mobile device, the certificate generated by computing platform for the registered mobile device; receive, from a user computing device, a request to access an online banking portal using the user account, wherein the online banking portal comprises a customer-facing online banking website that is provided by a financial institution operating the computing platform, the customer-facing online banking website comprising a plurality of interactive user interfaces configured to allow one or more users of the customer-facing online banking website to access financial account information maintained by the financial institution operating the computing platform, transfer funds between financial accounts maintained by the financial institution operating the computing platform, and request and perform transactions using financial accounts maintained by the financial institution operating the computing platform; based on receiving the request to access the online banking portal, generate a notification for the registered mobile device linked to the user account; send the notification to the registered mobile device; after sending the notification to the registered mobile device, receive, from the registered mobile device, a message indicating that a user of the registered mobile device has been authenticated by a mobile banking application on the registered mobile device, wherein the mobile banking application on the registered mobile device authenticates the user of the registered mobile device based on biometric input received from the user of the registered mobile device; generate a one-time token message that includes a prompt for authorizing the user computing device to access the online banking portal using the user account; encrypt the one-time token message based on the certificate generated by computing platform for the registered mobile device; send the one-time token message to the registered mobile device; receive token response input from the registered mobile device; if the token response input does not authorize the user computing device to access the online banking portal using the user account, prevent the user computing device from accessing the online banking portal using the user account; if the token response input does authorize the user computing device to access the online banking portal using the user account, provide the user computing device with access to the online banking portal using the user account; receive, via the online banking portal, and from the user computing device, a request to perform a transaction involving at least one financial account linked to the user account, the request to perform the transaction involving the at least one financial account linked to the user account being created on the online banking portal via at least one user interface of the customer-facing online banking website that is provided by the financial institution operating the computing platform, wherein the request to perform the transaction involving the at least one financial account linked to the user account comprises a request to register a new device as a push notification recipient with the financial institution operating the computing platform; based on receiving the request to perform the transaction, generate a second notification for the registered mobile device linked to the user account; send the second notification to the registered mobile device; after sending the second notification to the registered mobile device, generate a second one-time token message that includes a prompt for authorizing the transaction; encrypt the second one-time token message based on the certificate generated by computing platform for the registered mobile device; send the second one-time token message to the registered mobile device; receive second token response input from the registered mobile device; if the second token response input does not authorize the transaction, cancel the request to perform the transaction; and if the second token response input does authorize the transaction, cause the transaction to be performed, wherein the mobile banking application on the registered mobile device is configured to present the prompt included in the one-time token message to the user of the registered mobile device, the mobile banking application being associated with the financial institution operating the computing platform, wherein the mobile banking application on the registered mobile device is configured to present the prompt included in the second one-time token message to the user of the registered mobile device, and wherein the second notification deep links to a user interface of the mobile banking application that includes a list of pending one-time token requests.
-
Specification