| 摘要 |
An application service system receives, from a merchant service system, an application program code comprising identifying information. The identifying information is extracted and the application is distributed for operation on a user device. A user interacts with the application, creating an access request that is transmitted to the application service system along with the extracted identifying information. The application service system transmits an access token to the user device comprising the received identifying information. The user device transmits the access token with a service request to the application service system. The application service system compares the identifying information from the access token to the identifying information extracted from the application program code received from the merchant services system. If the identifying information matches, the service request is processed. If the identifying information does not match, the service request is denied and an error message is transmitted to the user device. |
| 主权项 |
1. A computer-implemented method to verify identities of services making service requests, comprising:
receiving, by one or more computing devices and from a computing device operated by a user, an access request, wherein the access request comprises a request for an access token and identifying information, and wherein the computing device operated by the user extracts the identifying information from a service program code associated with a merchant service system, the service program code being resident on the computing device operated by the user, wherein the service program code comprises computer-readable instructions executable by the computing device operated by the user to perform a service, and wherein the identifying information enables the one or more computing devices to verify a service request made by the computing device operated by the user; producing, by the one or more computing devices, an access token, wherein the access token comprises the identifying information received from the computing device operated by the user; transmitting, by the one or more computing devices, the access token to the computing device operated by the user; receiving, by the one or more computing devices and from the computing device operated by the user, the access token and a service request, wherein the service request comprises a request by the service to perform an action via the one or more computing devices; and determining, by the one or more computing devices, whether to allow or deny the service request by comparing the identifying information from the access token received from the computing device operated by the user to identifying information associated with the service program code associated with the merchant service system. |
