A method implemented by one or more computer servers associated with a financial services platform includes receiving a request to provision a secondary user account for financial capabilities through sponsorship by a primary user account. The secondary user account can be provisioned only upon creation of the primary user account. In response to receiving a confirmation to provision the secondary user account, the method includes provisioning the primary user account and then the secondary user account. The method includes generating a credit account for the primary and secondary user accounts, and generating a deposit account for the primary user account. The primary user owns the deposit account, which holds funds to secure repayment of balances of the credit accounts. The method includes generating one virtual spending card for each of the credit accounts, in which the virtual spending cards service transactions with respect to the primary and secondary user accounts.

According to one embodiment of the invention, a subtoken corresponding to a primary token is generated. The primary token corresponds to a credential. The credential may be, for example, a primary account number (PAN) corresponding to a payment account. The subtoken may be a temporary, one-time use subtoken based on a primary token associated with the credential that allows a user to conduct a transaction from his or her account, while still providing security for the user's sensitive data. The subtoken may contain a header and an obfuscated portion. The header of the subtoken routes the subtoken to the entity issuing the subtoken for translation into the primary token. The obfuscated portion acts as a pointer to the primary token and data associated with the primary token. A same check digit may be included in the subtoken, the primary token, and the credential, in order to ensure that the transaction is not improperly denied.

Particular embodiments provide, by a payment service system, a payment application to a first user device associated with a primary user and a second user device associated with a secondary user. The payment service system is configured to process financial transactions for users utilizing respective accounts based on interactions within the payment application. The payment service system establishes a secondary account for the secondary user. The payment service system receives a request for a payment instrument to be associated with the secondary account. The payment service system receives an identifier associated with the primary user. The payment service system uses the identifier to send a message that includes a mechanism that when actuated enables the primary user to configure a primary user account for the primary user via the payment application. The payment service system controls access to the payment instrument via the secondary account with a set of features.

A system and method for third-party food and dining ordering control, comprising at least one device capable of accessing the internet which may be a mobile device or personal computing device such as a laptop or desktop, a web application, and a point-of-sale system at a restaurant or retailer, wherein users of the web application may deposit funds into an account and set regulations on what they may purchase with the deposited funds, or have an administrator set up an account for them such as a parent setting up an account for a child or a doctor setting up an account for a patient, allowing the parent or doctor or other administrator to regulate what the sub-user such as the child or patient may purchase, in keeping with budget, diet, and lifestyle restrictions, and which may utilize zero-step authentication to allow for seamless use of the service at certain establishments.

A safe, secure, short-term repository of transactional information collected across financial institutions and stored in a single place, specifically allowing safeguards to be created and executed across accounts is described so as to protect the financial accounts of a vulnerable user. A mobile device application facilitates near-real-time alerts, approvals, and potential geo-notifications available for instant action by Guard users. The system allows geographically distant loved ones the ability to Guard the financial transactions of a user from afar. Multi-account withdrawal and transaction safeguards may be implemented, treating multiple financial accounts as a single account as it pertains to an established and imposed multi-account withdrawal limit.

A method for the processing, by a transaction-processing server, of a transaction at least partially initiated from a communications terminal connectable to the server by using a communications network. This method includes: creating a secured communications channel with the communications terminal; instantiation, within an execution server on the communications network, of a virtual payment terminal capable of exchanging information with the communications terminal by using the secured communications channel; and processing a transaction between the communications terminal and the virtual payment terminal implementing at least one secure element of the communications terminal, the secure element being configured to exchange an identifier of the type of service.

A system and method for third-party food and dining ordering control, comprising at least one device capable of accessing the internet which may be a mobile device or personal computing device such as a laptop or desktop, a web application, and a point-of-sale system at a restaurant or retailer, wherein users of the web application may deposit funds into an account and set regulations on what they may purchase with the deposited funds, or have an administrator set up an account for them such as a parent setting up an account for a child or a doctor setting up an account for a patient, allowing the parent or doctor or other administrator to regulate what the sub-user such as the child or patient may purchase, in keeping with budget, diet, and lifestyle restrictions, and which may utilize zero-step authentication to allow for seamless use of the service at certain establishments.

The electronic device may invoke a host application. The device may display a first host user interface on the display, the first host user interface including a first host user interface component associated with a child application. In response, the device may invoke, using the host application, the child application executed at the electronic device. The device may transmit, using the host application, a request for data associated with a child user interface component to the child application. The device may transmit, using the child application, the request for data associated with the child user interface component to a child application server, wherein the data associated with the child user interface component is inaccessible by the host application. The device may receive, using the child application, the data associated with the child user interface component from the child application server. The device may display the child user interface component.

A computerized authorization system configured to authorize electronically-made requests to an electronic entity. The computerized authorization system comprises a store configured to store an indication of at least one predetermined electronic authorization device configured to authorize each electronically-made request. The computerized authorization system is further configured such that: in response to receiving an electronically-made request to the electronic entity, an indication of the request is output to the at least one predetermined electronic authorization device configured to authorize the request as indicated in the store; and in response to receiving an indication of authorization from the at least one predetermined electronic authorization device, an indication of authorization of the request is output to the electronic entity.

An information processing systems includes: a first terminal including a first processor including hardware; a second terminal including a second processor including hardware; and a server including a third processor including hardware, and a storage device, wherein the first processor is configured to transmit, to the server, information regarding payment processing using electronic money deposited into an electronic wallet, the third processor is configured to transmit, when receiving the information regarding the payment processing, an approval request for the payment processing to the second terminal associated with an approver for a user of the electronic wallet, and perform the payment processing when receiving information indicating approval for the approval request from the second terminal, and the second processor is configured to transmit, when the information indicating approval is input for the approval request received from the server, the information to the server.