Methods, apparatus and computer program products for securely accessing account data
Abstract
Customer data is securely downloaded to a browser toolbar by performing a check to determine whether a request for customer data includes a request for personal identifiable information requiring encryption by a public encryption key generated by the browser toolbar. The customer is authenticated based on a set of a user credential and an account specific access credential. The account specific access credential is associated with the account of the customer. Requested personal identifiable information is encrypted using the public encryption key generated by the browser toolbar. Encrypted personal identifiable information is transmitted to the browser toolbar.
Claims
exact text as granted — not AI-modifiedWhat is claimed is:
1 . A method, comprising:
generating, at a browser, a cryptographic key usable to decrypt encrypted account information of an account holder, wherein the account information is usable to conduct a transaction with the account holder; detecting, by the browser, a first request to obtain the account information of the account holder; sending, by the browser, a second request for the account information to a secure datastore that stores the account information; using, by the browser, the cryptographic key to decrypt encrypted data received from the secure datastore, wherein the encrypted data includes the account information; securely storing, by the browser, the account information at the browser; and providing, by the browser, the account information to a web service in response to the first request.
2 . The method of claim 1 , wherein the cryptographic key is generated prior to detecting the first request.
3 . The method of claim 1 , wherein the cryptographic key is generated after detecting the first request.
4 . The method of claim 1 , wherein securely storing the account information at the browser comprises securely storing the account information at an e-wallet of the browser.
5 . The method of claim 1 , wherein the account information comprises at least one of a social security number, loan information, credit report information or a card account number.
6 . The method of claim 1 , wherein the cryptographic key comprises a private key from an asymmetric key pair that comprises a public key and the private key.
7 . The method of claim 6 , wherein the public key is used to generate the encrypted data.
8 . The method of claim 1 , further comprising closing the browser and deleting the account information from the browser in response to the closing of the browser.
9 . The method of claim 1 , further comprising deleting the account information from the browser in response to providing the account information to the web service.
10 . The method of claim 1 , further comprising, in response to detecting the first request, transmitting a third request requesting the account holder to provide credentials that are required to access the account information.
11 . A non-transitory computer-readable medium having stored thereon processor-executable instructions that, when executed by a processor, cause the processor to perform steps comprising:
generating, at a browser, a cryptographic key usable to decrypt encrypted account information of an account holder, wherein the account information is usable to conduct a transaction with the account holder; detecting, by the browser, a first request to obtain the account information of the account holder; sending, by the browser, a second request for the account information to a secure datastore that stores the account information; using, by the browser, the cryptographic key to decrypt encrypted data received from the secure datastore, wherein the encrypted data includes the account information; securely storing, by the browser, the account information at the browser; and providing, by the browser, the account information to a web service in response to the first request.
12 . The non-transitory computer-readable medium of claim 11 , wherein the cryptographic key is generated prior to detecting the first request.
13 . The non-transitory computer-readable medium of claim 11 , wherein the cryptographic key is generated after detecting the first request.
14 . The non-transitory computer-readable medium of claim 11 , wherein securely storing the account information at the browser comprises securely storing the account information at an e-wallet of the browser.
15 . The non-transitory computer-readable medium of claim 11 , wherein the account information comprises at least one of a social security number, loan information, credit report information or a card account number.
16 . The non-transitory computer-readable medium of claim 11 , wherein the cryptographic key comprises a private key from an asymmetric key pair that comprises a public key and the private key.
17 . The non-transitory computer-readable medium of claim 16 , wherein the public key is used to generate the encrypted data.
18 . The non-transitory computer-readable medium of claim 11 , further comprising instructions that cause the processor to close the browser and delete the account information from the browser in response to the closing of the browser.
19 . The non-transitory computer-readable medium of claim 11 , further comprising instructions that cause the processor to delete the account information from the browser in response to providing the account information to the web service.
20 . The non-transitory computer-readable medium of claim 11 , further comprising instructions that cause the processor to, in response to detecting the first request, transmit a third request requesting the account holder to provide credentials that are required to access the account information.Join the waitlist — get patent alerts
Track US2021192497A1 — get alerts on status changes and closely related new filings.
We store only your email — no account needed. See our privacy policy.