Confirming the identity of integrator applications
First Claim
1. A computer-implemented method to verify identities of services making service requests, comprising:
- receiving, by one or more computing devices and from a computing device operated by a user, an access request, wherein the access request comprises a request for an access token and identifying information, and wherein the computing device operated by the user extracts the identifying information from a service program code associated with a merchant service system, the service program code being resident on the computing device operated by the user, wherein the service program code comprises computer-readable instructions executable by the computing device operated by the user to perform a service, and wherein the identifying information enables the one or more computing devices to verify a service request made by the computing device operated by the user;
producing, by the one or more computing devices, an access token, wherein the access token comprises the identifying information received from the computing device operated by the user;
transmitting, by the one or more computing devices, the access token to the computing device operated by the user;
receiving, by the one or more computing devices and from the computing device operated by the user, the access token and a service request, wherein the service request comprises a request by the service to perform an action via the one or more computing devices; and
determining, by the one or more computing devices, whether to allow or deny the service request by comparing the identifying information from the access token received from the computing device operated by the user to identifying information associated with the service program code associated with the merchant service system.
2 Assignments
0 Petitions
Accused Products
Abstract
An application service system receives, from a merchant service system, an application program code comprising identifying information. The identifying information is extracted and the application is distributed for operation on a user device. A user interacts with the application, creating an access request that is transmitted to the application service system along with the extracted identifying information. The application service system transmits an access token to the user device comprising the received identifying information. The user device transmits the access token with a service request to the application service system. The application service system compares the identifying information from the access token to the identifying information extracted from the application program code received from the merchant services system. If the identifying information matches, the service request is processed. If the identifying information does not match, the service request is denied and an error message is transmitted to the user device.
17 Citations
19 Claims
-
1. A computer-implemented method to verify identities of services making service requests, comprising:
-
receiving, by one or more computing devices and from a computing device operated by a user, an access request, wherein the access request comprises a request for an access token and identifying information, and wherein the computing device operated by the user extracts the identifying information from a service program code associated with a merchant service system, the service program code being resident on the computing device operated by the user, wherein the service program code comprises computer-readable instructions executable by the computing device operated by the user to perform a service, and wherein the identifying information enables the one or more computing devices to verify a service request made by the computing device operated by the user; producing, by the one or more computing devices, an access token, wherein the access token comprises the identifying information received from the computing device operated by the user; transmitting, by the one or more computing devices, the access token to the computing device operated by the user; receiving, by the one or more computing devices and from the computing device operated by the user, the access token and a service request, wherein the service request comprises a request by the service to perform an action via the one or more computing devices; and determining, by the one or more computing devices, whether to allow or deny the service request by comparing the identifying information from the access token received from the computing device operated by the user to identifying information associated with the service program code associated with the merchant service system. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
-
-
11. A computer program product, comprising:
a non-transitory computer-readable medium having computer-executable program instructions embodied thereon that when executed by a computer cause the computer to verify identities of services making service requests, the computer-executable program instructions comprising; computer-executable program instructions to receive service program code from a merchant service system, wherein the service program code comprises identifying information that enables one or more computing devices to verify a service request made by a computing device operated by a user; computer-executable program instructions to extract the identifying information from the service program code received from the merchant service system; computer-executable program instructions to receive an access request from a computing device operated by a user, wherein the access request comprises a request for an access token and identifying information, and wherein the computing device operated by the user extracts the identifying information from service program code resident on the computing device operated by the user; computer-executable program instructions to transmit an access token to the computing device operated by the user, wherein the access token comprises the identifying information received form the computing device operated by the user; computer-executable program instructions to receive from the computing device operated by the user, a service request, wherein the service request comprises a request by the service to perform an action via the one or more computing devices and the access token; and computer-executable program instructions to determine whether to allow or deny the service request by comparing the identifying information from the access token received from the computing device operated by the user to the identifying information from the service program code received from the merchant service system. - View Dependent Claims (12, 13, 14)
-
15. A system for verifying identities of services making service requests, comprising:
-
a non-transitory storage medium; and a processor communicatively coupled to the storage medium, wherein the processor executes application code instructions that are stored in the storage medium to cause the system to; receive, from a merchant system, service program code, wherein the service program code comprises identifying information that enables the system to verify a service request made by a computing device operated by a user; extract the identifying information from the service program code received from the merchant service system; distribute the service program code for operation on the computing device operated by the user, wherein the service program code comprises computer-readable instructions executable by the computing device operated by the user to perform a service; receive an access request from the computing device operated by the user, wherein the access request comprises a request for an access token and identifying information, and wherein the computing device operated by the user extracts the identifying information from the service program code resident on the computing device operated by the user; transmit the access token to the computing device operated by the user, wherein the access token comprises the identifying information received from the computing device operated by the user; receive a service request from the computing device operated by the user, wherein the service request comprises a request by the service to perform an action via the one or more computing devices and the access token; and determine whether to allow or deny the merchant service request by comparing the identifying information received from the service program code on the computing device operated by the user to identifying information in service program code received from the merchant system. - View Dependent Claims (16, 17, 18, 19)
-
Specification