Providing access to account information using authentication tokens
First Claim
1. A system, comprising:
- at least one processor;
a communication interface communicatively coupled to the at least one processor; and
memory storing computer-readable instructions that, when executed by the at least one processor, cause the system to;
receive, via the communication interface, and from a computing platform associated with a third-party financial account information aggregator, a request to register for access to an online banking account associated with a customer of a financial institution;
based on receiving the request to register for access to the online banking account associated with the customer of the financial institution, prompt the customer of the financial institution to authorize the third-party financial account information aggregator to access information associated with the online banking account associated with the customer of the financial institution;
if the customer of the financial institution authorizes the third-party financial account information aggregator to access the information associated with the online banking account associated with the customer of the financial institution, send, via the communication interface, and to the computing platform associated with the third-party financial account information aggregator, a refresh token;
after sending the refresh token to the computing platform associated with the third-party financial account information aggregator, receive, via the communication interface, and from the computing platform associated with the third-party financial account information aggregator, a request to access the online banking account associated with the customer of the financial institution;
validate the request to access the online banking account associated with the customer of the financial institution based on the refresh token; and
if the request to access the online banking account associated with the customer of the financial institution is valid, provide, to the computing platform associated with the third-party financial account information aggregator, financial account information associated with the online banking account associated with the customer of the financial institution via at least one web service.
2 Assignments
0 Petitions
Accused Products
Abstract
Methods, systems, and computer-readable media for providing access to account information using authentication tokens are presented. In some embodiments, a customer of a financial institution may visit an account information aggregator site and request to add an account maintained by the financial institution to a collection of accounts for which the aggregator collects account information on behalf of the customer. Rather than providing their username, password, or other bank login credentials to the aggregator, the customer may be redirected to a page provided by the financial institution where the customer can enter the customer'"'"'s credentials and authenticate with the financial institution. After authenticating the customer, the financial institution may generate a token and provide the token to the aggregator. Subsequently, the aggregator may use the token to obtain read-only access to financial account information for one or more financial accounts that are maintained by the financial institution for the customer.
-
Citations
20 Claims
-
1. A system, comprising:
-
at least one processor; a communication interface communicatively coupled to the at least one processor; and memory storing computer-readable instructions that, when executed by the at least one processor, cause the system to; receive, via the communication interface, and from a computing platform associated with a third-party financial account information aggregator, a request to register for access to an online banking account associated with a customer of a financial institution; based on receiving the request to register for access to the online banking account associated with the customer of the financial institution, prompt the customer of the financial institution to authorize the third-party financial account information aggregator to access information associated with the online banking account associated with the customer of the financial institution; if the customer of the financial institution authorizes the third-party financial account information aggregator to access the information associated with the online banking account associated with the customer of the financial institution, send, via the communication interface, and to the computing platform associated with the third-party financial account information aggregator, a refresh token; after sending the refresh token to the computing platform associated with the third-party financial account information aggregator, receive, via the communication interface, and from the computing platform associated with the third-party financial account information aggregator, a request to access the online banking account associated with the customer of the financial institution; validate the request to access the online banking account associated with the customer of the financial institution based on the refresh token; and if the request to access the online banking account associated with the customer of the financial institution is valid, provide, to the computing platform associated with the third-party financial account information aggregator, financial account information associated with the online banking account associated with the customer of the financial institution via at least one web service. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12)
-
-
13. A method, comprising:
at a first computing platform comprising at least one processor, memory, and a communication interface; receiving, by the at least one processor, via the communication interface, and from a second computing platform associated with a third-party financial account information aggregator, a request to register for access to an online banking account associated with a customer of a financial institution; based on receiving the request to register for access to the online banking account associated with the customer of the financial institution, prompting, by the at least one processor, the customer of the financial institution to authorize the third-party financial account information aggregator to access information associated with the online banking account associated with the customer of the financial institution; if the customer of the financial institution authorizes the third-party financial account information aggregator to access the information associated with the online banking account associated with the customer of the financial institution, sending, by the at least one processor, via the communication interface, and to the second computing platform associated with the third-party financial account information aggregator, a refresh token; after sending the refresh token to the second computing platform associated with the third-party financial account information aggregator, receiving, by the at least one processor, via the communication interface, and from the second computing platform associated with the third-party financial account information aggregator, a request to access the online banking account associated with the customer of the financial institution; validating, by the at least one processor, the request to access the online banking account associated with the customer of the financial institution based on the refresh token; and if the request to access the online banking account associated with the customer of the financial institution is valid, providing, by the at least one processor, to the second computing platform associated with the third-party financial account information aggregator, financial account information associated with the online banking account associated with the customer of the financial institution via at least one web service. - View Dependent Claims (14, 15, 16, 17, 18, 19)
-
20. One or more non-transitory computer-readable media storing instructions that, when executed by a computer system comprising at least one processor, memory, and a communication interface, cause the computer system to:
-
receive, via the communication interface, and from a computing platform associated with a third-party financial account information aggregator, a request to register for access to an online banking account associated with a customer of a financial institution; based on receiving the request to register for access to the online banking account associated with the customer of the financial institution, prompt the customer of the financial institution to authorize the third-party financial account information aggregator to access information associated with the online banking account associated with the customer of the financial institution; if the customer of the financial institution authorizes the third-party financial account information aggregator to access the information associated with the online banking account associated with the customer of the financial institution, send, via the communication interface, and to the computing platform associated with the third-party financial account information aggregator, a refresh token; after sending the refresh token to the computing platform associated with the third-party financial account information aggregator, receive, via the communication interface, and from the computing platform associated with the third-party financial account information aggregator, a request to access the online banking account associated with the customer of the financial institution; validate the request to access the online banking account associated with the customer of the financial institution based on the refresh token; and if the request to access the online banking account associated with the customer of the financial institution is valid, provide, to the computing platform associated with the third-party financial account information aggregator, financial account information associated with the online banking account associated with the customer of the financial institution via at least one web service.
-
Specification