Providing access to account information using authentication tokens

US 9,830,591 B2
Filed: 05/27/2015
Issued: 11/28/2017
Est. Priority Date: 05/27/2015
Status: Active Grant

First Claim

Patent Images

1. A system, comprising:

at least one processor;

a communication interface communicatively coupled to the at least one processor; and

memory storing computer-readable instructions that, when executed by the at least one processor, cause the system to;

receive, via the communication interface, and from a computing platform associated with a third-party financial account information aggregator, a request to register for access to an online banking account associated with a customer of a financial institution;

based on receiving the request to register for access to the online banking account associated with the customer of the financial institution, prompt the customer of the financial institution to authorize the third-party financial account information aggregator to access information associated with the online banking account associated with the customer of the financial institution;

if the customer of the financial institution authorizes the third-party financial account information aggregator to access the information associated with the online banking account associated with the customer of the financial institution, send, via the communication interface, and to the computing platform associated with the third-party financial account information aggregator, a refresh token;

after sending the refresh token to the computing platform associated with the third-party financial account information aggregator, receive, via the communication interface, and from the computing platform associated with the third-party financial account information aggregator, a request to access the online banking account associated with the customer of the financial institution;

validate the request to access the online banking account associated with the customer of the financial institution based on the refresh token; and

if the request to access the online banking account associated with the customer of the financial institution is valid, provide, to the computing platform associated with the third-party financial account information aggregator, financial account information associated with the online banking account associated with the customer of the financial institution via at least one web service.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Methods, systems, and computer-readable media for providing access to account information using authentication tokens are presented. In some embodiments, a customer of a financial institution may visit an account information aggregator site and request to add an account maintained by the financial institution to a collection of accounts for which the aggregator collects account information on behalf of the customer. Rather than providing their username, password, or other bank login credentials to the aggregator, the customer may be redirected to a page provided by the financial institution where the customer can enter the customer'"'"'s credentials and authenticate with the financial institution. After authenticating the customer, the financial institution may generate a token and provide the token to the aggregator. Subsequently, the aggregator may use the token to obtain read-only access to financial account information for one or more financial accounts that are maintained by the financial institution for the customer.

Citations

20 Claims

1. A system, comprising:
- at least one processor;
  
  a communication interface communicatively coupled to the at least one processor; and
  
  memory storing computer-readable instructions that, when executed by the at least one processor, cause the system to;
  
  receive, via the communication interface, and from a computing platform associated with a third-party financial account information aggregator, a request to register for access to an online banking account associated with a customer of a financial institution;
  
  based on receiving the request to register for access to the online banking account associated with the customer of the financial institution, prompt the customer of the financial institution to authorize the third-party financial account information aggregator to access information associated with the online banking account associated with the customer of the financial institution;
  
  if the customer of the financial institution authorizes the third-party financial account information aggregator to access the information associated with the online banking account associated with the customer of the financial institution, send, via the communication interface, and to the computing platform associated with the third-party financial account information aggregator, a refresh token;
  
  after sending the refresh token to the computing platform associated with the third-party financial account information aggregator, receive, via the communication interface, and from the computing platform associated with the third-party financial account information aggregator, a request to access the online banking account associated with the customer of the financial institution;
  
  validate the request to access the online banking account associated with the customer of the financial institution based on the refresh token; and
  
  if the request to access the online banking account associated with the customer of the financial institution is valid, provide, to the computing platform associated with the third-party financial account information aggregator, financial account information associated with the online banking account associated with the customer of the financial institution via at least one web service.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12)
- - 2. The system of claim 1, wherein the at least one web service implements a custom application programming interface that enables the computing platform associated with the third-party financial account information aggregator to access the financial account information associated with the online banking account associated with the customer of the financial institution.
  - 3. The system of claim 1,wherein the online banking account is associated with one or more financial accounts which are maintained for the customer by the financial institution, andwherein the system is operated by the financial institution.
  - 4. The system of claim 3, wherein the computing platform associated with the third-party financial account information aggregator is configured to collect information associated with the one or more financial accounts which are maintained for the customer by the financial institution and is further configured to collect information associated with one or more other financial accounts which are maintained for the customer by one or more other financial institutions different from the financial institution operating the system.
  - 5. The system of claim 1, wherein prompting the customer of the financial institution to authorize the third-party financial account information aggregator to access the information associated with the online banking account associated with the customer of the financial institution comprises:
    - sending, via the communication interface, and to a computing device associated with the customer of the financial institution, an authorization prompt message comprising a prompt for the customer of the financial institution to allow the third-party financial account information aggregator to access the information associated with the online banking account; and
      
      receiving, via the communication interface, and from the computing device associated with the customer of the financial institution, an authorization response message comprising a response to the prompt included in the authorization prompt message.
  - 6. The system of claim 1, wherein the memory stores additional computer-readable instructions that, when executed by the at least one processor, further cause the system to:
    - if the customer of the financial institution does not authorize the third-party financial account information aggregator to access the information associated with the online banking account associated with the customer of the financial institution, send, via the communication interface, and to the computing platform associated with the third-party financial account information aggregator, an error message.
  - 7. The system of claim 1, wherein the request to access the online banking account associated with the customer of the financial institution comprises a copy of the refresh token.
  - 8. The system of claim 7, wherein validating the request to access the online banking account associated with the customer of the financial institution based on the refresh token comprises validating the copy of the refresh token included in the request to access the online banking account associated with the customer of the financial institution.
  - 9. The system of claim 8,prior to providing the financial account information associated with the online banking account associated with the customer of the financial institution via at least one web service:
    - send, via the communication interface, and to the computing platform associated with the third-party financial account information aggregator, an access token, based on validating the copy of the refresh token included in the request to access the online banking account associated with the customer of the financial institution,wherein the access token is configured to enable the computing platform associated with the third-party financial account information aggregator to authenticate with and obtain information from the at least one web service.
  - 10. The system of claim 8, wherein validating the copy of the refresh token included in the request to access the online banking account associated with the customer of the financial institution comprises determining that the request to access the online banking account associated with the customer of the financial institution is not valid based on revocation information indicating that the customer has revoked the third-party financial account information aggregator'"'"'s authorization to access the information associated with the online banking account associated with the customer of the financial institution.
  - 11. The system of claim 10, wherein the customer revoked the third-party financial account information aggregator'"'"'s authorization to access the information associated with the online banking account associated with the customer of the financial institution via an online banking user interface.
  - 12. The system of claim 1, wherein the memory stores additional computer-readable instructions that, when executed by the at least one processor, further cause the system to:
    - if the request to access the online banking account associated with the customer of the financial institution is not valid, send, via the communication interface, and to the computing platform associated with the third-party financial account information aggregator, an error message.

13. A method, comprising:
- at a first computing platform comprising at least one processor, memory, and a communication interface;
  
  receiving, by the at least one processor, via the communication interface, and from a second computing platform associated with a third-party financial account information aggregator, a request to register for access to an online banking account associated with a customer of a financial institution;
  
  based on receiving the request to register for access to the online banking account associated with the customer of the financial institution, prompting, by the at least one processor, the customer of the financial institution to authorize the third-party financial account information aggregator to access information associated with the online banking account associated with the customer of the financial institution;
  
  if the customer of the financial institution authorizes the third-party financial account information aggregator to access the information associated with the online banking account associated with the customer of the financial institution, sending, by the at least one processor, via the communication interface, and to the second computing platform associated with the third-party financial account information aggregator, a refresh token;
  
  after sending the refresh token to the second computing platform associated with the third-party financial account information aggregator, receiving, by the at least one processor, via the communication interface, and from the second computing platform associated with the third-party financial account information aggregator, a request to access the online banking account associated with the customer of the financial institution;
  
  validating, by the at least one processor, the request to access the online banking account associated with the customer of the financial institution based on the refresh token; and
  
  if the request to access the online banking account associated with the customer of the financial institution is valid, providing, by the at least one processor, to the second computing platform associated with the third-party financial account information aggregator, financial account information associated with the online banking account associated with the customer of the financial institution via at least one web service.
- View Dependent Claims (14, 15, 16, 17, 18, 19)
- - 14. The method of claim 13, wherein the at least one web service implements a custom application programming interface that enables the second computing platform associated with the third-party financial account information aggregator to access the financial account information associated with the online banking account associated with the customer of the financial institution.
  - 15. The method of claim 13,wherein the online banking account is associated with one or more financial accounts which are maintained for the customer by the financial institution, andwherein the first computing platform is operated by the financial institution.
  - 16. The method of claim 15, wherein the second computing platform associated with the third-party financial account information aggregator is configured to collect information associated with the one or more financial accounts which are maintained for the customer by the financial institution and is further configured to collect information associated with one or more other financial accounts which are maintained for the customer by one or more other financial institutions different from the financial institution operating the first computing platform.
  - 17. The method of claim 13, wherein prompting the customer of the financial institution to authorize the third-party financial account information aggregator to access the information associated with the online banking account associated with the customer of the financial institution comprises:
    - sending, via the communication interface, and to a computing device associated with the customer of the financial institution, an authorization prompt message comprising a prompt for the customer of the financial institution to allow the third-party financial account information aggregator to access the information associated with the online banking account; and
      
      receiving, via the communication interface, and from the computing device associated with the customer of the financial institution, an authorization response message comprising a response to the prompt included in the authorization prompt message.
  - 18. The method of claim 13, further comprising:
    - if the customer of the financial institution does not authorize the third-party financial account information aggregator to access the information associated with the online banking account associated with the customer of the financial institution, sending, by the at least one processor, via the communication interface, and to the second computing platform associated with the third-party financial account information aggregator, an error message.
  - 19. The method of claim 13, wherein the request to access the online banking account associated with the customer of the financial institution comprises a copy of the refresh token.

20. One or more non-transitory computer-readable media storing instructions that, when executed by a computer system comprising at least one processor, memory, and a communication interface, cause the computer system to:
- receive, via the communication interface, and from a computing platform associated with a third-party financial account information aggregator, a request to register for access to an online banking account associated with a customer of a financial institution;
  
  based on receiving the request to register for access to the online banking account associated with the customer of the financial institution, prompt the customer of the financial institution to authorize the third-party financial account information aggregator to access information associated with the online banking account associated with the customer of the financial institution;
  
  if the customer of the financial institution authorizes the third-party financial account information aggregator to access the information associated with the online banking account associated with the customer of the financial institution, send, via the communication interface, and to the computing platform associated with the third-party financial account information aggregator, a refresh token;
  
  after sending the refresh token to the computing platform associated with the third-party financial account information aggregator, receive, via the communication interface, and from the computing platform associated with the third-party financial account information aggregator, a request to access the online banking account associated with the customer of the financial institution;
  
  validate the request to access the online banking account associated with the customer of the financial institution based on the refresh token; and
  
  if the request to access the online banking account associated with the customer of the financial institution is valid, provide, to the computing platform associated with the third-party financial account information aggregator, financial account information associated with the online banking account associated with the customer of the financial institution via at least one web service.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Bank of America Corp.
Original Assignee
Bank of America Corp.
Inventors
Pruthi, Kapil, Meng, Wenhui, Ponnapalli, Harigopal K., Arora, Ashish, Aguiar, Kenneth C., Keys, Andrew T., Frankel, Yair
Primary Examiner(s)
Franklin, Jamara

Application Number

US14/722,849
Publication Number

US 20160350748A1
Time in Patent Office

916 Days
Field of Search

235375, 235379, 235380, 235382, 705 35, 705 39, 705 44
US Class Current
CPC Class Codes

G06Q 20/3672   initialising or reloading t...

G06Q 20/3674   involving authentication

G06Q 20/382   insuring higher security of...

G06Q 20/38215   Use of certificates or encr...

H04L 63/061   for key exchange, e.g. in p...

Providing access to account information using authentication tokens

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

Providing access to account information using authentication tokens

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links