This disclosure relates generally to electronic transfers, and more particularly relates to systems and methods for secure, instantaneous transfers.
Digital assets (e.g., cryptocurrencies, non-fungible tokens (NFTs), electronically held bank accounts, etc.) have become more prevalent in today's world as a means of exchange. While this increased prevalence has come with new advantages, it has also lead to a number of new problems. For example, owners of digital assets often expect that the transfers of such assets will happen in real time (e.g., instantaneously or almost instantaneously), but operators of digital asset sources (e.g., cryptocurrency exchanges, banks, NFT market operators, etc.) must ensure that these transfers are secure so that the chances of digital fraud are minimized. These two goals of real time transfers and secure transfers can be in competition with each other in prior systems for electronic transfers of digital assets because a faster transfer gives an operator less time to perform due diligence on the transfer. Therefore, there is a need for a system to securely and quickly transfer digital assets.
To facilitate further description of the embodiments, the following drawings are provided in which:
For simplicity and clarity of illustration, the drawing figures illustrate the general manner of construction, and descriptions and details of well-known features and techniques may be omitted to avoid unnecessarily obscuring the present disclosure. Additionally, elements in the drawing figures are not necessarily drawn to scale. For example, the dimensions of some of the elements in the figures may be exaggerated relative to other elements to help improve understanding of embodiments of the present disclosure. The same reference numerals in different figures denote the same elements.
The terms “first,” “second,” “third,” “fourth,” and the like in the description and in the claims, if any, are used for distinguishing between similar elements and not necessarily for describing a particular sequential or chronological order. It is to be understood that the terms so used are interchangeable under appropriate circumstances such that the embodiments described herein are, for example, capable of operation in sequences other than those illustrated or otherwise described herein. Furthermore, the terms “include,” and “have,” and any variations thereof, are intended to cover a non-exclusive inclusion, such that a process, method, system, article, device, or apparatus that comprises a list of elements is not necessarily limited to those elements, but may include other elements not expressly listed or inherent to such process, method, system, article, device, or apparatus.
The terms “left,” “right,” “front,” “back,” “top,” “bottom,” “over,” “under,” and the like in the description and in the claims, if any, are used for descriptive purposes and not necessarily for describing permanent relative positions. It is to be understood that the terms so used are interchangeable under appropriate circumstances such that the embodiments of the apparatus, methods, and/or articles of manufacture described herein are, for example, capable of operation in other orientations than those illustrated or otherwise described herein.
The terms “couple,” “coupled,” “couples,” “coupling,” and the like should be broadly understood and refer to connecting two or more elements mechanically and/or otherwise. Two or more electrical elements may be electrically coupled together, but not be mechanically or otherwise coupled together. Coupling may be for any length of time, e.g., permanent or semi-permanent or only for an instant. “Electrical coupling” and the like should be broadly understood and include electrical coupling of all types. The absence of the word “removably,” “removable,” and the like near the word “coupled,” and the like does not mean that the coupling, etc. in question is or is not removable.
As defined herein, two or more elements are “integral” if they are comprised of the same piece of material. As defined herein, two or more elements are “non-integral” if each is comprised of a different piece of material.
As defined herein, “real-time” can, in some embodiments, be defined with respect to operations carried out as soon as practically possible upon occurrence of a triggering event. A triggering event can include receipt of data necessary to execute a task or to otherwise process information. Because of delays inherent in transmission and/or in computing speeds, the term “real time” encompasses operations that occur in “near” real time or somewhat delayed from a triggering event. In a number of embodiments, “real time” can mean real time less a time delay for processing (e.g., determining) and/or transmitting data. The particular time delay can vary depending on the type and/or amount of the data, the processing speeds of the hardware, the transmission capability of the communication hardware, the transmission distance, etc. However, in many embodiments, the time delay can be less than approximately one second, two seconds, five seconds, or ten seconds.
As defined herein, “approximately” can, in some embodiments, mean within plus or minus ten percent of the stated value. In other embodiments, “approximately” can mean within plus or minus five percent of the stated value. In further embodiments, “approximately” can mean within plus or minus three percent of the stated value. In yet other embodiments, “approximately” can mean within plus or minus one percent of the stated value.
A number of embodiments can include a first system. The system can include one or more processors and one or more non-transitory computer-readable storage devices storing computing instructions. The computing instructions can be configured to run on the one or more processors and perform: receiving a request for a transfer from a user device of a user, the transfer being from a source of funds owned by the user to a destination account owned by a third-party; coordinating displaying, on the user device of the user, at least one transfer method of a plurality of transfer methods for the transfer; receiving, from the user device of the user, a selection of the at least one transfer method of the plurality of transfer methods; receiving a token from an operator of the source of funds owned by the user, the token being unique to the third-party; transferring the token to the third-party; after transferring the token to the third-party, receiving the token and transfer details of the transfer from the third-party; in response to receiving the token and the transfer details, determining a fraud risk score for the transfer; and when the fraud risk score satisfies a predetermined threshold, facilitating the transfer from the user to the third-party.
Various embodiments include a first method. The method can be implemented via execution of computing instructions configured to run at one or more processors and configured to be stored at non-transitory computer-readable media. The method can comprise receiving a request for a transfer from a user device of a user, the transfer being from a source of funds owned by the user to a destination account owned by a third-party; coordinating displaying, on the user device of the user, at least one transfer method of a plurality of transfer methods for the transfer; receiving, from the user device of the user, a selection of the at least one transfer method of the plurality of transfer methods; receiving a token from an operator of the source of funds owned by the user, the token being unique to the third-party; transferring the token to the third-party; after transferring the token to the third-party, receiving the token and transfer details of the transfer from the third-party; in response to receiving the token and the transfer details, determining a fraud risk score for the transfer; and when the fraud risk score satisfies a predetermined threshold, facilitating the transfer from the user to the third-party.
Various embodiments can include a second system. The system can include one or more processors and one or more non-transitory computer-readable media storing computing instructions. When executed on the one or more processors, the computing instructions can perform certain acts. In many embodiments, the acts can include receiving, from a payee system for a payee, a request for a transfer from a payor to the payee. In some embodiments, the acts further can include causing a payor device of the payor to display a plurality of candidate financial institutions for the payor to determine a payor financial institution of the plurality of candidate financial institutions for the transfer. The acts also can include causing the payor device to display an authorization user interface for the payor to authorize the payor financial institution to grant an access code to the system. In certain embodiments, the acts additionally can include validating that the access code is authentic. The authorization user interface additionally can be configured to allow the payor to log into a payor user account at the payor financial institution.
Meanwhile, the acts further can include, in response to the payor financial institution granting the access code, requesting, from the payor financial institution, one or more eligible payor accounts owned by the payor and maintained by the payor financial institution. The payor user account at the payor financial institution can be associated with the one or more eligible payor accounts. In a number of embodiments, the acts further can include causing the payor device to display the one or more eligible payor accounts for the payor to determine a selected payor account of the one or more eligible payor accounts for the transfer. The acts additionally can include determining a fraud risk score for the transfer. In some embodiments, the act of determining the fraud risk score for the transfer can include analyzing a transfer history of the payee. Moreover, the acts can include transmitting, to a payee financial institution for the payee, the fraud risk score. The payee financial institution can be configured to determine a transfer decision for the transfer based at least in part on: (a) the fraud risk score, and (b) information about a payee account for the transfer. The payee account can be owned by the payee and maintained by the payee financial institution. Further, the acts can include: when the transfer decision comprises an approval of the transfer by the payee financial institution, facilitating the transfer from the selected payor account to the payee account.
In a number of embodiments, the act of determining the fraud risk score further can include determining the fraud risk score by using a first risk model. The payee financial institution further can be configured to determine the transfer decision based at least in part on a second risk model to determine a second fraud risk score. In many embodiments, the act of facilitating the transfer from the selected payor account to the payee account further can include transmitting, to the payor financial institution, the fraud risk score for the payor financial institution to determine a second transfer decision based at least in part on the fraud risk score. In certain embodiments, the payor financial institution can be configured to perform certain approval processes before effectuating the transfer. The payor financial institution can be configured to determine the second transfer decision based at least in part on comparing a balance for the selected payor account with a transfer amount for the transfer. The payor financial institution further can be configured to determine the second transfer decision based at least in part on a third risk model to determine a third fraud risk score.
In some embodiments, the first risk model, the second risk model, and/or third risk model each can include any suitable hardware and/or software configured to implement one or more suitable fraud risk scoring algorithms based on pertinent information (e.g., information about the transfer, a transaction history of the payee and/or the payee account, etc.). Each of the first risk model, the second risk model, and/or third risk model can be similar or different from each other in that the hardware, software, algorithms, and/or information used for determining the respective fraud risk scores can be similar or different.
In a number of embodiments, the acts further can include a token-based authentication process for increased security. For example, the act of requesting the one or more eligible payor accounts further can include obtaining, from the payor financial institution, an access token associated with the payor. In certain embodiments, the access token can be similar or identical to the access token described above. The access token can be issued to the system by the payor financial institution after the system is granted the access code to communicate with the payor financial institution. The access token can be uniquely associated with the payor or the payor user account. The access token further can be configured to allow the system to perform certain tasks or access certain resources (e.g., requesting the one or more eligible payor accounts, or authorizing the transfer of funds, etc.) at the payor financial institution on behalf of the payor. In some embodiments, the access token can be used by not only the system but also any other devices, systems, and/or models that hold the access token. In similar or different embodiments, the access token further can include an expiration date and/or time, after which the access token becomes unusable. For an access token that can be used by any bearer of the access token, the access token including an expiration time can lower the risk of unauthorized access or leak of the payor's confidential information and/or protected resources.
In several embodiments, the act of requesting the one or more eligible payor accounts further can include obtaining, from the payor financial institution, a refresh token associated with the access token. The refresh token can be configured to extend the time for the system to communicate with and/or access protected resources at the payor financial institution. For example, the act of requesting the one or more eligible payor accounts further can include when the refresh token is valid, requesting the payor financial institution to renew an expired access token associated with the refresh token without prompting the payor to re-log in and/or re-authorize access. The act of requesting the one or more eligible payor accounts also can include, when the refresh token and the access token are expired, causing the payor device of the payor to display the authorization user interface for the payor to authorize the payor financial institution to renew the access token and the refresh token. In many embodiments, the refresh token can be obtained from the payor financial institution at the same time when the system obtains a new access token. The refresh token further can include an expiration time (e.g., an hour, 24 hours, 3 days, a week, or a month) that is longer than that of the access token (e.g., 1 minute, 3 minutes, 5 minutes, or 30 minutes). In many embodiments, the acts performed by the computing instructions of the second system further can include one or more of the activities or acts of any of the embodiments described above.
Various embodiments include a second method. The method can be implemented via execution of computing instructions configured to run at one or more processors and configured to be stored at non-transitory computer-readable media. In many embodiments, the method can include receiving, from a payee system for a payee, a request for a transfer from a payor to the payee. The method further can include causing the payor device to display an authorization user interface for the payor to authorize a payor financial institution to grant an access code to the system or the one or more processors performing the method. The method also can include, in response to the payor financial institution granting the access code, requesting, from the payor financial institution, one or more eligible payor accounts owned by the payor and maintained by the payor financial institution.
In a number of embodiments, the method further can include causing the payor device to display the one or more eligible payor accounts for the payor to determine a selected payor account of the one or more eligible payor accounts for the transfer. The method additionally can include determining a fraud risk score for the transfer. Moreover, the method can include transmitting, to a payee financial institution for the payee, the fraud risk score. The payee financial institution can be configured to determine a transfer decision for the transfer based at least in part on: (a) the fraud risk score, and (b) information about a payee account for the transfer. The payee account can be owned by the payee and maintained by the payee financial institution. The method further can include, when the transfer decision comprises an approval of the transfer by the payee financial institution, facilitating the transfer from the selected payor account to the payee account. In many embodiments, the method further can include one or more of the activities or acts of any of the embodiments described above. In a number of embodiments, the method can be adopted to allow the payor who is not registered with the payee system to authorize a one-time transfer (e.g., a guest checkout) between the payor financial institution and the payee financial institution.
Various embodiments can include a third system. The system can include one or more processors and one or more non-transitory computer-readable media storing computing instructions. When executed on the one or more processors, the computing instructions can perform certain acts. In many embodiments, the acts can include receiving, from a payee system for a payee, a request for a transfer from a payor to the payee. The payor can be associated with a payor user profile of the payee system. The payee system can be configured to transmit the request pursuant to an instruction by the payor. For example, the payee system can transmit the request for a transfer after the payor chooses a transfer method and authorize the transfer for a purchase at the payee system.
In a number of embodiments, the acts further can include causing a payor device for the payor to display an authorization user interface for the payor to authorize a payor financial institution to grant an access code to the system. In embodiments where the transfer method acceptable to the payee system is associated with a plurality of candidate financial institutions, the acts further can include causing the payor device to display the plurality of candidate financial institutions for the payor to determine the payor financial institution of the plurality of candidate financial institutions for the transfer. In many embodiments, the authorization user interface also can be configured to allow the payor to log into a payor user account at the payor financial institution before authorizing the payor financial institution to grant the access code to the system. The access code can be transmitted to the system directly or indirectly. In some embodiments, the acts also can include validating that the access code is authentic to ensure that the access code is not counterfeited or re-used and that the access to any protected resources of the payor is authorized.
In a number of embodiments, the acts additionally can include requesting, from the payor financial institution, one or more eligible payor accounts owned by the payor and maintained by the payor financial institution. The one or more eligible payor accounts can be associated with the payor user account. The acts further can include causing the payor device to display the one or more eligible payor accounts for the payor to determine a selected payor account of the one or more eligible payor accounts for the transfer. In some embodiments, the acts further can include determining a fraud risk score for the transfer. Determining the fraud risk score can be implemented by any suitable hardware, software, risk models, and/or risk data associated with the payee. In certain embodiments, the act of determining the fraud risk score can include analyzing a transfer history of the payee.
In a number of embodiments, the acts further can include transmitting, to a payee financial institution for the payee, the fraud risk score. The payee financial institution can be configured to determine a transfer decision for the transfer based at least in part on the fraud risk score and information about a payee account for the transfer. The payee account can be owned by the payee and maintained by the payee financial institution. In certain embodiments, transmitting the fraud risk score to the payee financial institution can cause or accompany an instruction to cause the payee financial institution to determine the transfer decision. The acts further can include when the transfer decision comprises an approval of the transfer by the payee financial institution, facilitating the transfer from the selected payor account to the payee account.
The acts further can include after facilitating the transfer, generating a transfer token associated with the payor and the payee. The transfer token can be associated with transfer data for the transfer. The transfer data can include information about the transfer that has been performed, such as information about the payor, the payee, the status of the transfer (e.g., “sent”, “failed”, “disapproved”, etc.), the payor financial institution, the payee financial institution, the selected payor account, the payor user profile of the payee system, and/or the payor user account with the payor financial institution, etc. In a number of embodiments, the acts also can include storing the transfer data for the transfer. The acts additionally can include transmitting the transfer token to the payee system. The payee system can store the transfer token with or into the payor user profile for future use.
In a number of embodiments, determining the fraud risk score further can include determining the fraud risk score by using a first risk model. The payee financial institution further can be configured to determine the transfer decision based at least in part on a second risk model to determine a second fraud risk score. The first risk model can be similar or different from the second risk model. In certain embodiments, the risk data for the first risk model to determine the fraud risk score also can be similar or different from the risk data for the second risk model.
In many embodiments, facilitating the transfer from the selected payor account to the payee account further can include transmitting, to the payor financial institution, the fraud risk score for the payor financial institution to determine a second transfer decision based at least in part on the fraud risk score. In some embodiments, the payor financial institution can be configured to determine the second transfer decision after receiving the fraud risk score and/or a transfer instruction. In certain embodiments, the fraud risk score transmitted to the payor financial institution can be accompanied by a request to cause the payor financial institution to determine the second transfer decision.
In embodiments where the payor financial institution is configured to determine the second transfer decision, the payor financial institution can be further configured to determine the second transfer decision based at least in part on: (a) a third risk model to determine a third fraud risk score; and/or (b) comparing a balance for the selected payor account with a transfer amount for the transfer. The third risk model can be similar or different from the first risk model and/or second risk model described above. Further, the risk data for the third risk model to determine the third fraud risk score also can be similar or different from the risk data for the first risk model and/or second risk model. The risk data for the third risk model can include the fraud risk score. In many embodiments, after comparing, when the balance for the selected payor account is less than the transfer amount for the transfer, the second transfer decision can include a denial for the transfer.
In many embodiments, the act of requesting the one or more eligible payor accounts from the payor financial institution can include: (a) obtaining, from the payor financial institution, an access token associated with the payor; (b) obtaining, from the payor financial institution, a refresh token associated with the access token; (c) when the refresh token is valid, requesting the payor financial institution to renew the access token; and/or (d) when the refresh token and the access token are expired, causing the payor device for the payor to display the authorization user interface for the payor to authorize the payor financial institution to renew the access token and the refresh token. In a number of embodiments, the transfer data for the transfer further can include the access token and/or the refresh token for the transfer. In many embodiments, the acts performed by the computing instructions of the third system further can include one or more of the activities or acts of any of the embodiments described above.
Various embodiments include a third method. The method can be implemented via execution of computing instructions configured to run at one or more processors and configured to be stored at non-transitory computer-readable media. In many embodiments, the method can include receiving, from a payee system for a payee, a request for a transfer from a payor to the payee. The payor can be associated with a payor user profile of the payee system. The method further can include causing a payor device for the payor to display an authorization user interface for the payor to authorize a payor financial institution to grant an access code to the one or more processors. In addition, the method can include requesting, from the payor financial institution, one or more eligible payor accounts owned by the payor and maintained by the payor financial institution. The method also can include causing the payor device to display the one or more eligible payor accounts for the payor to determine a selected payor account of the one or more eligible payor accounts for the transfer.
In many embodiments, the method further can include determining a fraud risk score for the transfer. The method additionally can include transmitting, to a payee financial institution for the payee, the fraud risk score. In some embodiments, the payee financial institution can be configured to determine a transfer decision for the transfer based at least in part on the fraud risk score and information about a payee account for the transfer, and the payee account can be owned by the payee and maintained by the payee financial institution. The method further can include, when the transfer decision comprises an approval of the transfer by the payee financial institution, facilitating the transfer from the selected payor account to the payee account.
Furthermore, the method also can include one or more post-transfer activities. For example, the method can include: (a) generating a transfer token associated with the payor and the payee; (b) storing transfer data for the transfer, the transfer data being associated with the transfer token; and/or (c) transmitting the transfer token to the payee system. The payee system can store the transfer token with or into the payor user profile. The transfer data can include any information related to the transfer, such as information about the access token, the refresh token, the payor, the payee, etc. In some embodiments, one or more of these post-transfer activities each can be performed when the transfer decision by the payee financial institution includes an approval or after the transfer is successful or completed. In many embodiments, the method further can include one or more of the activities or acts of any of the embodiments described above. In a number of embodiments, the method can be adopted to allow the payor who has a payor user profile of the payee system but has never used a transfer method between the payor financial institution and the payee financial institution to authorize the transfer and have the transfer data saved for future use, if any.
Various embodiments can include a fourth system. The system can include one or more processors and one or more non-transitory computer-readable media storing computing instructions. When executed on the one or more processors, the computing instructions can perform certain acts. In many embodiments, the acts can include receiving, from a payee system for a payee, a request for a transfer from a payor to the payee. The request for the transfer can be generated and/or transmitted in response to a checkout command from the payor with a selected transfer method (e.g., a real-time fund transfer between bank accounts, etc.). The payor can be associated with a payor user profile of the payee system. The request can include a transfer token associated with the payor and the payee. The transfer token can be generated or updated after the previous transfer and stored with or in the payor user profile.
In some embodiments, the acts further can include retrieving transfer data based on the transfer token. The transfer data can be associated with the transfer token, a payor financial institution for the payor, and/or a selected payor account owned by the payor and maintained by the payor financial institution. The transfer data can include an access token for the payor financial institution and the payor. When the access token is valid (e.g., not expired), the access token can be re-used for the system to re-connect with and to regain access to resources of the payor at the payor financial institution. In a number of embodiments, the acts also can include using the access token to access one or more eligible payor accounts owned by the payor and maintained by the payor financial institution. The one or more eligible payor accounts can include the selected payor account.
In a number of embodiments, the acts further can include determining a fraud risk score for the transfer. The act of determining the fraud risk score can be similar or identical to the act of determining the fraud risk score in any of the embodiments described above. For example, determining the fraud risk score can include analyzing a transfer history of the payee. In some embodiments, the acts also can include transmitting, to a payee financial institution for the payee, the fraud risk score. The payee financial institution can be configured to determine a transfer decision for the transfer based at least in part on the fraud risk score and information about a payee account for the transfer. The payee account can be owned by the payee and maintained by the payee financial institution. The acts further can include when the transfer decision includes an approval of the transfer by the payee financial institution, facilitating the transfer from the selected payor account to the payee account.
In many embodiments, the acts further can include one or more of: (a) causing a payor device for the payor to display a plurality of candidate financial institutions for the transfer, the plurality of candidate financial institutions comprising the payor financial institution, and receiving, from the payor device, a selection of the payor financial institution of the plurality of candidate financial institutions; (b) causing the payor device to display the one or more eligible payor accounts for the payor to determine the selected payor account of the one or more eligible payor accounts for the transfer; (c) validating that the transfer token is authentic; and/or (d) determining whether the access token is expired.
In a number of embodiments, the acts additionally can include, in response to determining that the access token is expired, either (a) causing the payor device to display an authorization user interface for the payor to authorize the payor financial institution to renew the access token; or (b) determining whether a refresh token of the transfer data for the access token is expired, and when the refresh token is valid, causing the payor financial institution to renew the access token; and when the refresh token is expired, causing the payor device to display the authorization user interface for the payor to authorize the payor financial institution to renew the access token and the refresh token. In several embodiments, the authorization user interface for the payor to authorize the payor financial institution to renew the access token further can be configured to allow the payor to log into a payor user account with the payor financial institution. The payor user account can be associated with the one or more eligible payor accounts. In some embodiments, the acts further can include, in response to either (a) receiving the selection of the payor financial institution, or (b) the payor determining the selected payor account, updating the transfer data for the transfer.
In many embodiments, the acts further can include one or more acts in the embodiments described above. For example, the respective risk models for the system, the payee financial institution, and/or the payor financial institution for determining the respective fraud risk scores can be similar or identical to any of the one or more risk models for the system, the payee financial institution, and/or the payor financial institution in the other embodiments. The payee financial institution, and/or the payor financial institution each can be configured to determine whether and how the fraud risk score transmitted from the system can be used to determine the respective transfer decision for the transfer. In many embodiments, the acts performed by the computing instructions of the fourth system further can include one or more of the activities or acts of any of the embodiments described above.
Various embodiments include a fourth method. The method can be implemented via execution of computing instructions configured to run at one or more processors and configured to be stored at non-transitory computer-readable media. In many embodiments, the method can include receiving, from a payee system for a payee, a request for a transfer from a payor to the payee. The payor can be associated with a payor user profile of the payee system. The request can include a transfer token associated with the payor and the payee. The method further can include retrieving transfer data based on the transfer token. The transfer data can be associated with the transfer token, a payor financial institution for the payor, and a selected payor account owned by the payor and maintained by the payor financial institution. The transfer data can include an access token for the payor financial institution and the payor. In some embodiments, the acts further can include using the access token to access one or more eligible payor accounts owned by the payor and maintained by the payor financial institution. The one or more eligible payor accounts can include the selected payor account.
In a number of embodiments, the method also can include determining a fraud risk score for the transfer. The method further can include transmitting, to a payee financial institution for the payee, the fraud risk score. The payee financial institution can be configured to determine a transfer decision for the transfer based at least in part on the fraud risk score and information about a payee account for the transfer. In addition, the payee account can be owned by the payee and maintained by the payee financial institution. Moreover, the method can include when the transfer decision comprises an approval of the transfer by the payee financial institution, facilitating the transfer from the selected payor account to the payee account. In many embodiments, the method further can include one or more of the activities or acts of any of the embodiments described above. For example, the method can include renewing the access token when a refresh token is valid and/or storing the transfer data after facilitating the transfer. In a number of embodiments, the method can be used by the payor (who has used a transfer method in the past) to skip the login process for a faster and smoother checkout experience.
Various embodiments can include a fifth system. The system can include one or more processors and one or more non-transitory computer-readable media storing computing instructions. When executed on the one or more processors, the computing instructions can perform certain acts. In many embodiments, the acts can include receiving a request for a transfer from a selected payor account of a payor to a payee. The acts further can include determining a fraud risk score for the transfer. Determining the fraud risk score can be implemented in any suitable way, including analyzing a transfer history of the payee. The acts also can include transmitting, to a payee financial institution for the payee, the fraud risk score. In some embodiments, the payee financial institution can be configured to determine a transfer decision for the transfer based at least in part on the fraud risk score and information about a payee account for the transfer. The payee account can be owned by the payee and maintained by the payee financial institution.
In many embodiments, the acts further can include when the transfer decision comprises an approval of the transfer by the payee financial institution, facilitating the transfer from the selected payor account to the payee account. The act of facilitating the transfer can include sending transfer information to a payor financial institution to cause the payor financial institution to send a request for payment through a real-time settlement network to the payee financial institution to authorize a real-time credit transfer from the selected payor account to the payee account. The real-time credit transfer can be settled in real-time through the real-time settlement network. The transfer information can include: (a) information to identify the payee financial institution and the payee account to the real-time settlement network; and/or (b) the fraud risk score. Further, in some embodiments, the transfer information does not include an account number of the payee account.
In a number of embodiments, the act of determining the fraud risk score further can include determining the fraud risk score by using a first risk model. The payee financial institution further can be configured to determine the transfer decision based at least in part on a second risk model to determine a second fraud risk score. The first risk model can be similar to or different than the second risk model.
In several embodiments, facilitating the transfer from the selected payor account to the payee account further can include transmitting, to the payor financial institution, the fraud risk score for the payor financial institution to determine a second transfer decision based at least in part on the fraud risk score. In similar or different embodiments, determining the fraud risk score further can include determining the fraud risk score by using a first risk model. The payor financial institution further can be configured to determine the second transfer decision based at least in part on: (a) a third risk model to determine a third fraud risk score; and/or (b) comparing a balance for the selected payor account with a transfer amount for the transfer. The third risk model can be similar to or different than the first risk model and/or the second risk model.
In a number of embodiments, the acts further can include before determining the fraud risk score for the transfer: (a) facilitating an authorization for the payor to authorize the payor financial institution to grant an access code; (b) requesting, from the payor financial institution, one or more eligible payor accounts owed by the payor and maintained by the payor financial institution; and (c) causing a payor device of the payor to display the one or more eligible payor accounts for the payor to determine the selected payor account from among the one or more eligible payor accounts for the transfer. In many embodiments, the acts performed by the computing instructions of the fifth system further can include one or more of the activities or acts of any of the embodiments described above.
Various embodiments include a fifth method. The method can be implemented via execution of computing instructions configured to run at one or more processors and configured to be stored at non-transitory computer-readable media. In many embodiments, the method can include receiving a request for a transfer from a selected payor account of a payor to a payee. The method further can include determining a fraud risk score for the transfer. The method additionally can include transmitting, to a payee financial institution for the payee, the fraud risk score, wherein the payee financial institution is configured to determine a transfer decision for the transfer based at least in part on the fraud risk score and information about a payee account for the transfer. The payee account can be owned by the payee and maintained by the payee financial institution.
In a number of embodiments, the method further can include when the transfer decision comprises an approval of the transfer by the payee financial institution, facilitating the transfer from the selected payor account to the payee account. The act of facilitating the transfer can include: sending transfer information to a payor financial institution to cause the payor financial institution to send a request for payment through a real-time settlement network to the payee financial institution to authorize a real-time credit transfer from the selected payor account to the payee account, wherein the real-time credit transfer is settled in real-time through the real-time settlement network. In many embodiments, the method further can include one or more of the activities or acts of any of the embodiments described above.
Various embodiments can include a sixth system. The system can include one or more processors and one or more non-transitory computer-readable media storing computing instructions. When executed on the one or more processors, the computing instructions can perform certain acts. In many embodiments, the acts can include receiving, from a payee system for a payee, a request for a transfer from a payor to the payee. The request can be sent by the payee without the payor selecting to use the system for the transfer. The payor can be associated with a payor user profile of the payee system. The request can include a transfer token associated with the payor and the payee.
In some embodiments, the acts further can include retrieving transfer data based on the transfer token. The transfer data can be associated with the transfer token, a payor financial institution for the payor, and a selected payor account owned by the payor and maintained by the payor financial institution. The transfer data can include an access token for the payor financial institution and the payor. In a number of embodiments, the access token can be used to prevent unauthorized access of the payor's protected resources at the payor financial institution. For example, the access token can include an expiration date and/or time. In some embodiments, the acts further can include determining whether the access token is expired. The acts also can include determining whether a refresh token of the transfer data for the access token is expired. Further, the acts can include when the refresh token is valid, causing the payor financial institution to renew the access token.
In a number of embodiments, the acts also can include determining a fraud risk score for the transfer. The act of determining the fraud risk score can include determining the fraud risk score by: (a) using a first risk model; and/or (b) analyzing a transfer history of the payee. In some embodiments, the acts further can include, before determining the fraud risk score for the transfer, determining the payor financial institution based on the transfer token.
In many embodiments, the acts further can include transmitting, to a payee financial institution for the payee, the fraud risk score. The payee financial institution can be configured to determine a transfer decision for the transfer based at least in part on the fraud risk score and information about a payee account for the transfer. The payee account can be owned by the payee and maintained by the payee financial institution.
In some embodiments, the acts further can include, when the transfer decision comprises an approval of the transfer by the payee financial institution, facilitating the transfer from the selected payor account to the payee account. The payee financial institution further can be configured to determine the transfer decision based at least in part on a second risk model to determine a second fraud risk score. The second risk model can be similar to or different than the first risk model for the system.
In several embodiments, the act of facilitating the transfer from the selected payor account to the payee account further can include transmitting, to the payor financial institution, the fraud risk score for the payor financial institution to determine a second transfer decision based at least in part on the fraud risk score. The payor financial institution further can be configured to determine the second transfer decision based at least in part on a third risk model to determine a third fraud risk score. The third risk model can be similar to or different than any of the first risk model for the system or the second risk model for the payee financial institution. In certain embodiments, the payor financial institution further can be configured to determine the second transfer decision based at least in part on comparing a balance for the selected payor account with a transfer amount for the transfer. In many embodiments, the acts performed by the computing instructions of the sixth system further can include one or more of the activities or acts of any of the embodiments described above.
Various embodiments include a sixth method. The method can be implemented via execution of computing instructions configured to run at one or more processors and configured to be stored at non-transitory computer-readable media. In many embodiments, the method can include receiving, at a system from a payee system for a payee, a request for a transfer from a payor to the payee. The request can be sent by the payee without the payor selecting to use the system for the transfer. The payor can be associated with a payor user profile of the payee system. The request can comprise a transfer token associated with the payor and the payee.
In a number of embodiments, the method further can include retrieving transfer data based on the transfer token. The transfer data can be associated with the transfer token, a payor financial institution for the payor, and a selected payor account owned by the payor and maintained by the payor financial institution. The transfer data can include an access token for the payor financial institution and the payor.
The method further can include determining a fraud risk score for the transfer. The method also can include transmitting, to a payee financial institution for the payee, the fraud risk score. The payee financial institution can be configured to determine a transfer decision for the transfer based at least in part on the fraud risk score and information about a payee account for the transfer. The payee account can be owned by the payee and maintained by the payee financial institution. In many embodiments, the method further can include when the transfer decision comprises an approval of the transfer by the payee financial institution, facilitating the transfer from the selected payor account to the payee account. In many embodiments, the method further can include one or more of the activities or acts of any of the embodiments described above. In a number of embodiments, the method can be used for automatic transfer from the payor to the payee in various transactions (e.g., installment payments or subscription billings).
Turning to the drawings,
Continuing with
In many embodiments, all or a portion of memory storage unit 208 can be referred to as memory storage module(s) and/or memory storage device(s). In various examples, portions of the memory storage module(s) of the various embodiments disclosed herein (e.g., portions of the non-volatile memory storage module(s)) can be encoded with a boot code sequence suitable for restoring computer system 100 (
As used herein, “processor” and/or “processing module” means any type of computational circuit, such as but not limited to a microprocessor, a microcontroller, a controller, a complex instruction set computing (CISC) microprocessor, a reduced instruction set computing (RISC) microprocessor, a very long instruction word (VLIW) microprocessor, a graphics processor, a digital signal processor, or any other type of processor or processing circuit capable of performing the desired functions. In some examples, the one or more processing modules of the various embodiments disclosed herein can comprise CPU 210.
Alternatively, or in addition to, the systems and procedures described herein can be implemented in hardware, or a combination of hardware, software, and/or firmware. For example, one or more application specific integrated circuits (ASICs) can be programmed to carry out one or more of the systems and procedures described herein. For example, one or more of the programs and/or executable program components described herein can be implemented in one or more ASICs. In many embodiments, an application specific integrated circuit (ASIC) can comprise one or more processors or microprocessors and/or memory blocks or memory storage.
In the depicted embodiment of
Network adapter 220 can be suitable to connect computer system 100 (
Returning now to
Meanwhile, when computer system 100 is running, program instructions (e.g., computer instructions) stored on one or more of the memory storage module(s) of the various embodiments disclosed herein can be executed by CPU 210 (
Further, although computer system 100 is illustrated as a desktop computer in
Turning ahead in the drawings,
Generally, therefore, system 300 can be implemented with hardware and/or software, as described herein. In some embodiments, part or all of the hardware and/or software can be conventional, while in these or other embodiments, part or all of the hardware and/or software can be customized (e.g., optimized) for implementing part or all of the functionality of system 300 described herein.
In some embodiments, system 300 can include one or more of a system server 310, a first operator server 320, a second operator server 330, a user device 340, and/or a third party device 350. In various embodiments, system server 310, first operator server 320, second operator server 330, user device 340, and/or third party device 350 can each be a computer system, such as computer system 100 (
In many embodiments, third party device 350 can comprise a register or some other type of transaction processing machine. In some embodiments, user device 340 and/or third party device 350 can be mobile devices. A mobile electronic device can refer to a portable electronic device (e.g., an electronic device easily conveyable by hand by a person of average size) with the capability to present audio and/or visual data (e.g., text, images, videos, music, etc.). For example, a mobile electronic device can comprise at least one of a digital media player, a cellular telephone (e.g., a smartphone), a personal digital assistant, a handheld digital computer device (e.g., a tablet personal computer device), a laptop computer device (e.g., a notebook computer device, a netbook computer device), a wearable user computer device, or another portable computer device with the capability to present audio and/or visual data (e.g., images, videos, music, etc.). Thus, in many examples, a mobile electronic device can comprise a volume and/or weight sufficiently small as to permit the mobile electronic device to be easily conveyable by hand. For examples, in some embodiments, a mobile electronic device can occupy a volume of less than or equal to approximately 1790 cubic centimeters, 2434 cubic centimeters, 2876 cubic centimeters, 4056 cubic centimeters, and/or 5752 cubic centimeters. Further, in these embodiments, a mobile electronic device can weigh less than or equal to 15.6 Newtons, 17.8 Newtons, 22.3 Newtons, 31.2 Newtons, and/or 44.5 Newtons.
Exemplary mobile electronic devices can comprise (i) an iPod®, iPhone®, iTouch®, iPad®, MacBook® or similar product by Apple Inc. of Cupertino, Calif., United States of America, (ii) a Blackberry® or similar product by Research in Motion (RIM) of Waterloo, Ontario, Canada, (iii) a Lumia® or similar product by the Nokia Corporation of Keilaniemi, Espoo, Finland, and/or (iv) a Galaxy™ or similar product by the Samsung Group of Samsung Town, Seoul, South Korea. Further, in the same or different embodiments, a mobile electronic device can comprise an electronic device configured to implement one or more of (i) the iPhone® operating system by Apple Inc. of Cupertino, Calif., United States of America, (ii) the Blackberry® operating system by Research In Motion (RIM) of Waterloo, Ontario, Canada, (iii) the Palm® operating system by Palm, Inc. of Sunnyvale, Calif., United States, (iv) the Android™ operating system developed by the Open Handset Alliance, (v) the Windows Mobile™ operating system by Microsoft Corp. of Redmond, Wash., United States of America, or (vi) the Symbian™ operating system by Nokia Corp. of Keilaniemi, Espoo, Finland.
Further still, the term “wearable user computer device” as used herein can refer to an electronic device with the capability to present audio and/or visual data (e.g., text, images, videos, music, etc.) that is configured to be worn by a user and/or mountable (e.g., fixed) on the user of the wearable user computer device (e.g., sometimes under or over clothing; and/or sometimes integrated with and/or as clothing and/or another accessory, such as, for example, a hat, eyeglasses, a wrist watch, shoes, etc.). In many examples, a wearable user computer device can comprise a mobile electronic device, and vice versa. However, a wearable user computer device does not necessarily comprise a mobile electronic device, and vice versa.
In specific examples, a wearable user computer device can comprise a head mountable wearable user computer device (e.g., one or more head mountable displays, one or more eyeglasses, one or more contact lenses, one or more retinal displays, etc.) or a limb mountable wearable user computer device (e.g., a smart watch). In these examples, a head mountable wearable user computer device can be mountable in close proximity to one or both eyes of a user of the head mountable wearable user computer device and/or vectored in alignment with a field of view of the user.
In more specific examples, a head mountable wearable user computer device can comprise (i) Google Glass™ product or a similar product by Google Inc. of Menlo Park, Calif., United States of America; (ii) the Eye Tap™ product, the Laser Eye Tap™ product, or a similar product by ePI Lab of Toronto, Ontario, Canada, and/or (iii) the Raptyr™ product, the STAR1200™ product, the Vuzix Smart Glasses M100™ product, or a similar product by Vuzix Corporation of Rochester, N.Y., United States of America. In other specific examples, a head mountable wearable user computer device can comprise the Virtual Retinal Display™ product, or similar product by the University of Washington of Seattle, Wash., United States of America.
Meanwhile, in further specific examples, a limb mountable wearable user computer device can comprise the iWatch™ product, or similar product by Apple Inc. of Cupertino, Calif., United States of America, the Galaxy Gear or similar product of Samsung Group of Samsung Town, Seoul, South Korea, the Moto 360 product or similar product of Motorola of Schaumburg, Ill., United States of America, and/or the Zip™ product, One™ product, Flex™ product, Charge™ product, Surge™ product, or similar product by Fitbit Inc. of San Francisco, Calif., United States of America.
In many embodiments, system 300 can comprise graphical user interfaces (“GUI”) 360, 361. In the same or different embodiments, GUI 360 can be part of and/or displayed by user device 340, while GUI 361 can be part of and/or displayed by third party device 350. In these embodiments, GUI 360 can be different than GUI 361. For example, GUI 360 can comprise a transfer offering GUI while GUI 361 can comprise a transfer accepting GUI. In some embodiments, GUI 360, 361 can comprise text and/or graphics (image) based user interfaces. In the same or different embodiments, GUI 360, 361 can comprise a heads up display (“HUD”). When GUI 360, 361 comprises a HUD, GUI 360, 361 can be projected onto glass or plastic, displayed in midair as a hologram, or displayed on monitor 106 (
In many embodiments, system server 310, first operator server 320, second operator server 330, user device 340, and/or third party device 350 can each comprise one or more input devices (e.g., one or more keyboards, one or more keypads, one or more pointing devices such as a computer mouse or computer mice, one or more touchscreen displays, a microphone, etc.), and/or can each comprise one or more display devices (e.g., one or more monitors, one or more touch screen displays, projectors, etc.). In these or other embodiments, one or more of the input device(s) can be similar or identical to keyboard 104 (
In many embodiments, system server 310, first operator server 320, second operator server 330, user device 340, and/or third party device 350 can be configured to communicate with one another. In some embodiments, system server 310, first operator server 320, second operator server 330, user device 340, and/or third party device 350 can communicate or interface (e.g., interact) with each other through a network or internet 370. Internet 370 can be an intranet that is not open to the public. In further embodiments, Internet 370 can be a mesh network of individual systems. In various embodiments, Internet 370 can comprise a real time payment (RTP) network. For example, Internet 370 can comprise The Clearing House RTP network and/or the Zelle® network. Accordingly, in many embodiments, system server 310, first operator server 320, second operator server 330, and/or third party device 350 (and/or the software used by such systems) can refer to a back end of system 300 operated by an operator and/or administrator of system 300, and user device 340 (and/or the software used by such systems) can refer to a front end of system 300 used by one or more users 380. In some embodiments, user 380 can also be referred to as a customer, in which case, user device 340 can be referred to as a customer device. In these or other embodiments, the operator and/or administrator of system 300 can manage system 300, the processing module(s) of system 300, and/or the memory storage module(s) of system 300 using the input device(s) and/or display device(s) of system 300. In various embodiments, first operator server 320 and second operator server 330 can communicate directly with each other without using internet 370.
In many embodiments, first operator server 320, second operator server 330, and/or third party device 350 can host one or more websites. For example, third party device 350 can host an eCommerce website that allows users to browse and/or search for products, to add products to an electronic shopping cart, and/or to purchase products, in addition to other suitable activities.
Meanwhile, in many embodiments, system server 310, first operator server 320, second operator server 330, user device 340, and/or third party device 350 can also be configured to communicate with one or more databases. In various embodiments, one or more databases can comprise a product database that contains information about products, items, or SKUs (stock keeping units) sold by a retailer. In various embodiments, one or more databases can be stored on one or more memory storage modules (e.g., non-transitory memory storage module(s)), which can be similar or identical to the one or more memory storage module(s) (e.g., non-transitory memory storage module(s)) described above with respect to computer system 100 (
The one or more databases can each comprise a structured (e.g., indexed) collection of data and can be managed by any suitable database management systems configured to define, create, query, organize, update, and manage database(s). Exemplary database management systems can include MySQL (Structured Query Language) Database, PostgreSQL Database, Microsoft SQL Server Database, Oracle Database, SAP (Systems, Applications, & Products) Database, IBM DB2 Database, and/or NoSQL Database.
Meanwhile, communication between system server 310, first operator server 320, second operator server 330, user device 340, third party device 350, and/or the one or more databases can be implemented using any suitable manner of wired and/or wireless communication. Accordingly, system 300 can comprise any software and/or hardware components configured to implement the wired and/or wireless communication. Further, the wired and/or wireless communication can be implemented using any one or any combination of wired and/or wireless communication network topologies (e.g., ring, line, tree, bus, mesh, star, daisy chain, hybrid, etc.) and/or protocols (e.g., personal area network (PAN) protocol(s), local area network (LAN) protocol(s), wide area network (WAN) protocol(s), cellular network protocol(s), powerline network protocol(s), etc.). Exemplary PAN protocol(s) can comprise Bluetooth, Zigbee, Wireless Universal Serial Bus (USB), Z-Wave, etc.; exemplary LAN and/or WAN protocol(s) can comprise Institute of Electrical and Electronic Engineers (IEEE) 802.3 (also known as Ethernet), IEEE 802.11 (also known as WiFi), etc.; and exemplary wireless cellular network protocol(s) can comprise Global System for Mobile Communications (GSM), General Packet Radio Service (GPRS), Code Division Multiple Access (CDMA), Evolution-Data Optimized (EV-DO), Enhanced Data Rates for GSM Evolution (EDGE), Universal Mobile Telecommunications System (UMTS), Digital Enhanced Cordless Telecommunications (DECT), Digital AMPS (IS-136/Time Division Multiple Access (TDMA)), Integrated Digital Enhanced Network (iDEN), Evolved High-Speed Packet Access (HSPA+), Long-Term Evolution (LTE), WiMAX, etc. The specific communication software and/or hardware implemented can depend on the network topologies and/or protocols implemented, and vice versa. In many embodiments, exemplary communication hardware can comprise wired communication hardware including, for example, one or more data buses, such as, for example, universal serial bus(es), one or more networking cables, such as, for example, coaxial cable(s), optical fiber cable(s), and/or twisted pair cable(s), any other suitable data cable, etc. Further exemplary communication hardware can comprise wireless communication hardware including, for example, one or more radio transceivers, one or more infrared transceivers, etc. Additional exemplary communication hardware can comprise one or more networking components (e.g., modulator-demodulator components, gateway components, etc.).
In many embodiments, one or more of first operator server 320 and/or second operator server 330 can host one or more of a source of funds account 321 and/or a destination account 331, respectively. Source account 321 and destination account 331 can each comprise one or more of a bank account, a cryptocurrency wallet, an NFT wallet, or some other electronic mechanism for storing an item of data to be transferred. While source account 321 and destination account 331 are depicted in
In many embodiments, the techniques described herein can provide a practical application and several technological improvements. In some embodiments, the techniques described herein can provide for a more secure and private transfer. These techniques described herein can provide a significant improvement over conventional approaches of electronic transfers, such as credit and/or debit cards.
In a number of embodiments, the techniques described herein can solve a technical problem that arises only within the realm of computer networks, as electronic transfers do not exist outside of computer networks.
Turning ahead in the drawings,
In many embodiments, method 400 can comprise an activity 401 of receiving a request for a transfer. In some embodiments, a request for a transfer can comprise an initiation of a purchase sequence for one or more goods and/or services. For example, a request for a transfer can comprise a start of a checkout process for a purchase of an item on an eCommerce website. In these or other embodiments, a transfer request can be received from a user device (e.g., user device 340 (
In many embodiments, method 400 can comprise an activity 402 of coordinating displaying at least one transfer method. In some embodiments, a plurality of transfer methods can be displayed on a GUI displayed on an electronic device (e.g., GUI 360 (
In many embodiments, method 400 can comprise an activity 403 of receiving a selection of at least one transfer method. In various embodiments, a selection can be made by a user on a user device (e.g., user device 340 (
In many embodiments, method 400 can comprise an activity 404 of receiving a token from an operator. In many embodiments, an operator can comprise an individual and/or an entity that holds and/or manages a source of a transfer and/or a destination of the transfer. For example, an operator can be a bank, a cryptocurrency exchange, or an NFT market. In many environments, a token received in activity 404 can be saved and/or copied by a system server (e.g., system server 310 (
In many embodiments, a payment token can be generated for the transaction. Generally speaking, a payment token can be used to prevent a third party device (e.g., third party device 350 (
Additional tokens can be used in activity 404 or other activities of method 400. For example, a token described in U.S. Provisional Application Ser. No. 63/192,182, which is incorporated herein by this reference in its entirety, describes a system and method using a suitable token.
In many embodiments, method 400 can comprise an activity 405 of transferring a token to a third party. In many embodiments, activity can be performed by a system server (e.g., system server 310 (
In many embodiments, method 400 can comprise an activity 406 of receiving a token and transfer details from a third party. In various embodiments, a third party server (e.g., third party device 350 (
In many embodiments, method 400 can comprise an activity 407 of determining a fraud risk score. In various embodiments, a fraud risk score can be determined using security data collected as a part of activity 406. A number of risk score algorithms and systems can be used in activity 407. For example, a risk score system and method described in U.S. Provisional Application Ser. No. 63/192,979, which is incorporated herein by this reference in its entirety, describes a system and method using a suitable fraud risk scoring algorithm.
In many embodiments, method 400 can comprise an activity 408 of facilitating a transfer. In various embodiments, a transfer can be facilitated in response to a fraud risk score being above, below, or equal to a predetermined value. In some embodiments, a transfer can be completed in real-time after a fraud risk score is determined to be above, below, or equal to a predetermined value. In further embodiments, a transfer can be made from a source (e.g., source of funds 321 (
In some embodiments, method 400 can optionally comprise activity 409 of transmitting transaction details and a fraud risk score. In various embodiments, activity 409 can be performed as a part of or entirely separate from activity 408. In further embodiments, previously collected security data can also be transmitted in place of or in addition to a fraud risk score. In some embodiments, transaction details and/or a fraud risk score can be transmitted to one or more operator servers (e.g., operator servers 320, 330 (
In some embodiments, method 400 can optionally comprise activity 410 of receiving a request for a re-login. In many embodiments, a request for a re-login can be received when a source account fails one or more due diligence and/or security checks performed by an operator server (e.g., operator servers 320, 330 (
In some embodiments, method 400 can optionally comprise activity 411 of receiving a re-login. In many embodiments, a re-login can be received from a user device (e.g., user device 340 (
In some embodiments, method 400 can optionally comprise activity 412 of invoking a transfer API. In many embodiments, activity 412 can be performed as a part of one or more of activities 401 and/or 408. A number of different transfer APIs can be invoked in method 400. For example, a transfer API of a system server can be invoked. Generally speaking, a system server transfer API can be configured to initiate aspects of a transfer performed by a system server (e.g., system server 310 (
Generally speaking, a server hosing a shared directory (e.g., system server 310) can be configured to act as an intermediary between one or more operator servers (e.g., operator server 320, 330 (
In some embodiments, method 400 can optionally comprise activity 413 of coordinating displaying a transfer completion message. In various embodiments, activity 413 can be performed as a part of or after activity 408. A number of different entities and/or devices can display a transfer completion message. For example, a transaction completion message can be displayed on one or more of a user device (e.g., user device 340 (
Turning ahead in the drawings,
Generally, therefore, system 500 can be implemented with hardware and/or software, as described herein. In some embodiments, part or all of the hardware and/or software can be conventional, while in these or other embodiments, part or all of the hardware and/or software can be customized (e.g., optimized) for implementing part or all of the functionality of system 500 described herein.
In many embodiments, system 500 can comprise non-transitory memory storage module 501. Memory storage module 501 can be referred to as request receiving module 501. In many embodiments, request receiving module 501 can store computing instructions configured to run on one or more processing modules and perform one or more acts of method 400 (
In many embodiments, system 500 can comprise non-transitory memory storage module 502. Memory storage module 502 can be referred to as transfer method displaying module 502. In many embodiments, transfer method displaying module 502 can store computing instructions configured to run on one or more processing modules and perform one or more acts of method 400 (
In many embodiments, system 500 can comprise non-transitory memory storage module 503. Memory storage module 503 can be referred to as selection receiving module 503. In many embodiments, selection receiving module 503 can store computing instructions configured to run on one or more processing modules and perform one or more acts of method 400 (
In many embodiments, system 500 can comprise non-transitory memory storage module 504. Memory storage module 504 can be referred to as operator token receiving module 504. In many embodiments, operator token receiving module 504 can store computing instructions configured to run on one or more processing modules and perform one or more acts of method 400 (
In many embodiments, system 500 can comprise non-transitory memory storage module 505. Memory storage module 505 can be referred to as third party transferring module 505. In many embodiments, third party transferring module 505 can store computing instructions configured to run on one or more processing modules and perform one or more acts of method 400 (
In many embodiments, system 500 can comprise non-transitory memory storage module 506. Memory storage module 506 can be referred to as third party receiving module 506. In many embodiments, third party receiving module 506 can store computing instructions configured to run on one or more processing modules and perform one or more acts of method 400 (
In many embodiments, system 500 can comprise non-transitory memory storage module 507. Memory storage module 507 can be referred to as fraud risk score determining module 507. In many embodiments, fraud risk score determining module 507 can store computing instructions configured to run on one or more processing modules and perform one or more acts of method 400 (
In many embodiments, system 500 can comprise non-transitory memory storage module 508. Memory storage module 508 can be referred to as transfer facilitating module 508. In many embodiments, transfer facilitating module 508 can store computing instructions configured to run on one or more processing modules and perform one or more acts of method 400 (
In many embodiments, system 500 can comprise non-transitory memory storage module 509. Memory storage module 509 can be referred to as transfer details transmitting module 509. In many embodiments, transfer details transmitting module 509 can store computing instructions configured to run on one or more processing modules and perform one or more acts of method 400 (
In many embodiments, system 500 can comprise non-transitory memory storage module 510. Memory storage module 510 can be referred to as re-login request receiving module 510. In many embodiments, re-login request receiving module 510 can store computing instructions configured to run on one or more processing modules and perform one or more acts of method 400 (
In many embodiments, system 500 can comprise non-transitory memory storage module 511. Memory storage module 511 can be referred to as re-login receiving module 511. In many embodiments, re-login receiving module 511 can store computing instructions configured to run on one or more processing modules and perform one or more acts of method 400 (
In many embodiments, system 500 can comprise non-transitory memory storage module 512. Memory storage module 512 can be referred to as transfer API invoking module 512. In many embodiments, transfer API invoking module 512 can store computing instructions configured to run on one or more processing modules and perform one or more acts of method 400 (
In many embodiments, system 500 can comprise non-transitory memory storage module 513. Memory storage module 513 can be referred to as transfer completion message displaying module 513. In many embodiments, transfer completion message displaying module 513 can store computing instructions configured to run on one or more processing modules and perform one or more acts of method 400 (
Turning ahead in the drawings,
Generally, therefore, system 600 can be implemented with hardware and/or software, as described herein. In some embodiments, part or all of the hardware and/or software can be conventional, while in these or other embodiments, part or all of the hardware and/or software can be customized (e.g., optimized) for implementing part or all of the functionality of system 600 described herein. In many embodiments, system 600 can be similar, or identical, to system 300 (
In a number of embodiments, system 600 can include one or more of a system 610, a payor financial institution system 620, a payee financial institution system 630, a payor device 640, and/or a payee system 660. System 610 can be similar, or identical, to third system server 310 (
In various embodiments, system 610, payor financial institution system 620, payee financial institution system 630, payor device 640, and/or payee system 660 can each be a computer system, such as computer system 100 (
In many embodiments, system 600 can comprise one or more user interfaces. In some embodiments, payor device 640 can include and/or be configured to display a user interface 641 that can be similar, or identical to GUI 360 (
In many embodiments, system 610, payor financial institution system 620, payee financial institution system 630, payor device 640, and/or payee system 660 can each comprise one or more input devices and/or one or more display devices. The one or more input devices and/or one or more display devices can each be similar or identical to any one of the input devices and/or display devices described herein.
In many embodiments, system 610, payor financial institution system 620, payee financial institution system 630, payor device 640, and/or payee system 660 can be configured to communicate with one another. In some embodiments, system 610, payor financial institution system 620, payee financial institution system 630, payor device 640, and/or payee system 660 can communicate or interface (e.g., interact) with each other through a network or internet 680. Internet 680 can be similar, or identical to, internet 370 (
In a number of embodiments, system 610, payor financial institution system 620, payee financial institution system 630, payor device 640, and/or payee system 660 can each communicate with one or more databases. The one or more databases can include a product database that contains information about products, items, or SKUs sold by a retailer (e.g., payee system 660), or a user database that contains information about customers, including identity, transfer or payment methods, and/or transaction or order history, etc.
In many embodiments, payor financial institution system 620 and/or payee financial institution system 630 can each host one or more accounts (e.g., payor account(s) 621, or payee account 631). Payor account(s) 621 can be similar or identical to source account 321 (
Turning ahead in the drawings,
In many embodiments, method 700 can comprise an activity 710 of receiving, from a payee system (e.g., payee system 600 (
In some embodiments, method 700 further can include an activity 720 of causing the payor device (e.g., payor device 640 (
In a number of embodiments, method 700 further can include an activity 730 of causing a payor device (e.g., payor device 640 (
In some embodiments, method 700 further can include an activity 740 of requesting, from the payor financial institution (e.g., payor financial institution system 620 (
In some embodiments, method 700 further can include an activity 750 of causing the payor device (e.g., payor device 640 (
In some embodiments, method 700 further can include an activity 760 of determining a fraud risk score for the transfer. Activity 760 can include any suitable algorithms or techniques and/or use any suitable hardware or software for determining the fraud risk score. For example, activity 760 further can include an activity 761 of analyzing a transfer history of the payee (e.g., payee 670 (
In some embodiments, method 700 further can include an activity 770 of transmitting to a payee financial institution (e.g., payee financial institution system 630 (
In many embodiments, the payee financial institution further can use any suitable algorithms, techniques, risk models, and/or risk data to determine a second risk score for the transfer. The algorithm(s), technique(s), risk model(s), and/or risk data used by the payee financial institution can be similar to or different than the algorithm(s), technique(s), risk model(s), and/or risk data used at activity 760.
In some embodiments, method 700 further can include an activity 780 of when the transfer decision, as determined at activity 770, comprises an approval of the transfer by the payee financial institution (e.g., payee financial institution system 630 (
Turning ahead in the drawings,
In many embodiments, method 800 can comprise an activity 810 of obtaining, from the payor financial institution (e.g., payor financial institution system 620 (
In many embodiments, the access token and/or the refresh token here can be similar or identical to the access token and/or the refresh token described above. The access token and/or the refresh token each can include a respective expiration date and/or time. The access token and the refresh token can be valid when they are first issued by the payor financial institution. When the respective expiration date and/or time is up, the access token and/or the refresh token can become invalid. The access token, if valid, can be configured to enable the access of protected resources of the payor at the payor financial institution. The refresh token can enable the renewal of the access token, until the expiration date and/or time of the refresh token occurs.
In a number of embodiments, method 800 further can include an activity 820 of determining whether the access token is expired. Activity 820 can be implemented by the payor financial institution (e.g., payor financial institution system 620 (
In a number of embodiments, method 800 further can include an activity 830 of determining whether the refresh token is expired. Activity 830 be implemented by the payor financial institution (e.g., payor financial institution system 620 (
In a number of embodiments, method 800 further can include an activity 840 of requesting the payor financial institution (e.g., payor financial institution system 620 (
In a number of embodiments, method 800 further can include an activity 850 of causing the payor device (e.g. payor device 640 (
Turning ahead in the drawings,
In many embodiments, method 900 can comprise an activity 910 of receiving, from a payee system (e.g., payee system 660 (
In a number of embodiment, method 900 further can include an activity 920 of causing the payor device (e.g., payor device 640 (
In a number of embodiment, method 900 further can include an activity 930 of causing a payor device (e.g., payor device 640 (
In a number of embodiment, method 900 further can include an activity 940 of requesting, from the payor financial institution (e.g., payor financial institution system 620 (
In a number of embodiment, method 900 further can include an activity 950 of causing the payor device (e.g., payor device 640 (
In a number of embodiment, method 900 further can include an activity 960 of determining a fraud risk score for the transfer. Activity 960 can be similar or identical to, or include similar or identical sub-activities of, activity 760 (
In a number of embodiment, method 900 further can include an activity 970 of transmitting, to a payee financial institution (e.g., payee financial institution system 630 (
In a number of embodiment, method 900 further can include an activity 980 of, when the transfer decision comprises an approval of the transfer by the payee financial institution, facilitating the transfer from the selected payor account to the payee account. Activity 980 can be similar or identical to, or include similar or identical sub-activities of, activity 780 (
In a number of embodiment, method 900 further can include an activity 990 of performing one or more post-transfer activities. For example, in some embodiment, activity 990 further can include an activity 991 of generating a transfer token associated with the payor and the payee. Activity 990 also can include an activity 992 of storing transfer data for the transfer at any suitable databases, non-transitory memory storage modules, and/or servers. In many embodiment, activity 990 further can include an activity 993 of transmitting the transfer token to the payee system (e.g., payee system 660 (
In many embodiments, method 900 further can include one or more token-based authentication activities each similar or identical to one or more activities of method 800 (
Turning ahead in the drawings,
In many embodiments, method 1000 can comprise an activity 1010 of receiving, from a payee system (e.g., payee system 660 (
In a number of embodiments, method 1000 further can include an activity 1020 of retrieving transfer data based on the transfer token. The transfer data can be associated with the transfer token, a payor financial institution (e.g., payor financial institution system 620 (
In a number of embodiments, method 1000 further can include an activity 1030 of using the access token of the transfer data to access one or more eligible payor accounts (e.g., payor account(s) 621 (
In many embodiments, method 1000 and/or activity 1030 further can include one or more additional activities for token-based authorization (see, e.g., activity 810, 820, 830, 840, and/or 850 (
In a number of embodiments, method 1000 further can include an activity 1040 of determining a fraud risk score for the transfer. Activity 1040 can be similar or identical to, or include similar or identical sub-activities of, activity 760 (
In a number of embodiments, method 1000 further can include an activity 1050 of transmitting, to the payee financial institution (e.g., for the payee), the fraud risk score. The payee financial institution (e.g., payee financial institution system 630 (
In a number of embodiments, method 1000 further can include an activity 1060 of, when a transfer decision determined by the payee financial institution (e.g., payee financial institution system 630 (
In some embodiments, method 1000 further can include performing post-transfer activities (e.g., activity 990, sub-activity 991, sub-activity 992, and/or sub-activity 993 (
Turning ahead in the drawings,
In many embodiments, method 1100 can comprise an activity 1110 of receiving a request for a transfer from a selected payor account (e.g., payor account(s) 621 (
In a number of embodiments, method 1100 further can include an activity 1120 of determining a fraud risk score for the transfer. The payee financial institution can be configured to determine a transfer decision for the transfer based at least in part on the fraud risk score and information about a payee account for the transfer. The payee account can be owned by the payee and maintained by the payee financial institution. Determining the fraud risk score can include: (a) analyzing a transfer history of the payee; and/or (b) determining the fraud risk score by using a first risk model. Activity 1120 can be similar or identical to, or include similar or identical sub-activities of, activity 760 (
In a number of embodiments, method 1100 further can include an activity 1130 of transmitting, to a payee financial institution (e.g., payee financial institution system 630 (
In a number of embodiments, method 1100 further can include an activity 1140 of, when a transfer decision by the payee financial institution (e.g., payee financial institution system 630 (
In a number of embodiments, method 1100 and/or activity 1140 further can include an activity 1141 of transmitting, to the payor financial institution, the fraud risk score for the payor financial institution to determine a second transfer decision. The payor financial institution can be further configured to determine the second transfer decision based at least in part on (a) a third risk model to determine a third fraud risk score; and/or (b) comparing a balance for the selected payor account with a transfer amount for the transfer.
In a number of embodiments, method 1100 and/or activity 1140 further can include an activity 1142 of sending transfer information to a payor financial institution (e.g., payor financial institution system 620 (
In many embodiments, method 1100 further can include one or more additional activities. For example, method 1100 can include facilitating an authorization for the payor to authorize the payor financial institution to grant an access code. Method 1100 further can include requesting, from the payor financial institution, one or more eligible payor accounts owed by the payor and maintained by the payor financial institution. Method 1100 also can include causing a payor device of the payor to display the one or more eligible payor accounts for the payor to determine the selected payor account from among the one or more eligible payor accounts for the transfer.
In some embodiments, the one or more additional activities can include token-based authorization (see, e.g., activity 810, 820, 830, 840, and/or 850 (
Turning ahead in the drawings,
In many embodiments, method 1200 can comprise an activity 1210 of receiving, from a payee system (e.g., payee system 660 (
In a number of embodiments, method 1200 further can include an activity 1220 of retrieving transfer data based on the transfer token. The transfer data can be associated with the transfer token, a payor financial institution for the payor, and a selected payor account owned by the payor and maintained by the payor financial institution. The transfer data can include an access token for the payor financial institution and the payor. In some embodiments, method 1200 also can include determining the payor financial institution based on the transfer token.
In a number of embodiments, method 1200 further can include an activity 1230 of determining a fraud risk score for the transfer. Activity 1230 further can include an activity 1231 of analyzing a transfer history of the payee. Activity 1230 can be similar or identical to, or include similar or identical sub-activities of, activity 760 (
In a number of embodiments, method 1200 further can include an activity 1240 of transmitting, to a payee financial institution (e.g., payee financial institution system 630 (
In a number of embodiments, method 1200 further can include an activity 1250 of, when the transfer decision comprises an approval of the transfer by the payee financial institution, facilitating the transfer from the selected payor account to the payee account. Activity 1250 can be similar or identical to, or include similar or identical sub-activities of, activity 780 (
In many of embodiments, method 1200 further can include one or more additional activities. In some embodiments, the one or more additional activities can include token-based authorization (see, e.g., activity 810, 820, 830, 840, and/or 850 (
In many embodiments, the techniques described herein can provide a practical application and several technological improvements. In some embodiments, the techniques described herein can provide for secure real-time electronic transfer. In several embodiments, the techniques described herein can provide for electronic billing with real-time payment settlement. In a number of embodiments, the techniques described herein can provide for electronic billing with one or more fraud detection processes. These techniques described herein can provide a significant improvement over conventional approaches of electronic transfers, such as credit and/or debit card payments.
In a number of embodiments, the techniques described herein can solve a technical problem that arises only within the realm of computer networks, as electronic transfers do not exist outside of computer networks.
In many embodiments, the techniques described herein can be used continuously at a scale that cannot be handled using manual techniques. For example, the techniques can be applied to millions of transactions daily.
In a number of embodiments, the techniques described herein can solve a technical problem that arises only within the realm of computer networks, as online payment does not exist outside the realm of computer networks. Moreover, the techniques described herein can solve a technical problem that cannot be solved outside the context of computer networks. Specifically, the techniques described herein cannot be used outside the context of computer networks, in view of a lack of ability to settle funds in real-time.
Although systems and methods for secure electronic transfers have been described with reference to specific embodiments, it will be understood by those skilled in the art that various changes may be made without departing from the spirit or scope of the disclosure. Accordingly, the disclosure of embodiments is intended to be illustrative of the scope of the disclosure and is not intended to be limiting. It is intended that the scope of the disclosure shall be limited only to the extent required by the appended claims. For example, to one of ordinary skill in the art, it will be readily apparent that any element of
All elements claimed in any particular claim are essential to the embodiment claimed in that particular claim. Consequently, replacement of one or more claimed elements constitutes reconstruction and not repair. Additionally, benefits, other advantages, and solutions to problems have been described with regard to specific embodiments. The benefits, advantages, solutions to problems, and any element or elements that may cause any benefit, advantage, or solution to occur or become more pronounced, however, are not to be construed as critical, required, or essential features or elements of any or all of the claims, unless such benefits, advantages, solutions, or elements are stated in such claim.
Moreover, embodiments and limitations disclosed herein are not dedicated to the public under the doctrine of dedication if the embodiments and/or limitations: (1) are not expressly claimed in the claims; and (2) are or are potentially equivalents of express elements and/or limitations in the claims under the doctrine of equivalents.
This application is continuation of Ser. No. 17/824,878, filed May 25, 2022, and also is a continuation-in-part of, and claims priority to U.S. patent application Ser. No. 17/191,358, filed Mar. 3, 2021. This application further claims the benefit of U.S. Provisional Application Ser. No. 63/281,855, filed Nov. 22, 2021. U.S. patent application Ser. No. 17/824,878 claims the benefit of U.S. Provisional Application Ser. No. 63/192,182, filed May 25, 2021. Provisional Application Serial Numbers 63/192,182 and 63/281,855 and patent application Ser. Nos. 17/191,358 and 17/824,878 are herein incorporated by this reference in its entirety.
Number | Date | Country | |
---|---|---|---|
63281855 | Nov 2021 | US | |
63192182 | May 2021 | US |
Number | Date | Country | |
---|---|---|---|
Parent | 17824878 | May 2022 | US |
Child | 17829115 | US |
Number | Date | Country | |
---|---|---|---|
Parent | 17191358 | Mar 2021 | US |
Child | 17824878 | US |