摘要 |
Methods, systems, and computer-readable media for providing access to account information using authentication tokens are presented. In some embodiments, a customer of a financial institution may visit an account information aggregator site and request to add an account maintained by the financial institution to a collection of accounts for which the aggregator may collect account information on behalf of the customer. Rather than providing their username, password, and/or other bank login credentials to the aggregator, the customer may be redirected to a page provided by the financial institution where the customer can enter their credentials and authenticate with the financial institution. After authenticating the customer, the financial institution may generate a token and provide the token to the aggregator. Subsequently, the aggregator may use the token to obtain read-only access to financial account information for one or more financial accounts that are maintained by the financial institution for the customer. |
主权项 |
1. A system, comprising:
at least one processor; a communication interface communicatively coupled to the at least one processor; and memory storing computer-readable instructions that, when executed by the at least one processor, cause the system to:
receive, via the communication interface, and from a computing platform associated with a third-party financial account information aggregator, a request to register for access to an online banking account associated with a customer of a financial institution;based on receiving the request to register for access to the online banking account associated with the customer of the financial institution, prompt the customer of the financial institution to authorize the third-party financial account information aggregator to access information associated with the online banking account associated with the customer of the financial institution;if the customer of the financial institution authorizes the third-party financial account information aggregator to access the information associated with the online banking account associated with the customer of the financial institution, send, via the communication interface, and to the computing platform associated with the third-party financial account information aggregator, a refresh token;after sending the refresh token to the computing platform associated with the third-party financial account information aggregator, receive, via the communication interface, and from the computing platform associated with the third-party financial account information aggregator, a request to access the online banking account associated with the customer of the financial institution;validate the request to access the online banking account associated with the customer of the financial institution based on the refresh token; andif the request to access the online banking account associated with the customer of the financial institution is valid, provide, to the computing platform associated with the third-party financial account information aggregator, an online banking user interface that includes financial account information associated with the online banking account associated with the customer of the financial institution. |