A method, performed at a mobile device, for accessing a service, comprises: determining, from payment card information stored on or obtained at the mobile device, a list of services that are available in relation to the payment card; receiving a selection of one of the services; determining at least one corresponding communication channel by which the selected service is accessible; and opening the at least one corresponding communication channel to thereby access the service.

Systems, methods, and apparatuses for providing a customer a central location to manage permissions provided to third-parties and devices to access and use customer information maintained by a financial institution are described. The central location serves as a central portal where a customer of the financial institution can manage all access to account information and personal information stored at the financial institution. Accordingly, the customer does not need to log into each individual third-party system or customer device to manage previously provided access to the customer information or to provision new access to the customer information.

The present disclosure describes techniques that facilitate a Secure Data Processing (SDP) Network that is configured isolating sensitive data from exposure to a client workstation and a connected web server and application server. Specifically, a secure communications server of the SDP network is described that can interact with a secure input device or a secure plug-in component at the client workstation to receive a set of data associated with the sensitive data. The set of data may correspond to devalued data received via a secure input device or the set of data may be received as sensitive data via a hosted webpage invoked by the secure communications server. The secure communications server may establish a secure communications path with a tokenization server for receipt of a token that represents the sensitive data. The token may then be used by at least the application server to initiate the transaction.

The subject disclosure provides systems and methods for companion device authentication. A user of a first device may not have access to a service that can be provided by the first device. The service may be a streaming service, a cloud-based service, or the like. Companion device authentication can allow the user, or another user, to authorize access to the service at the first device, using a companion device to the first device. The first device and the companion device may exchange communications to nominate the companion device prior to notifying a user of the companion device of a companion device authentication request for the first device.

A permissions management system is disclosed for enabling a user to securely authorize a third-party system to access user account data and initiate transactions related to a user account, without disclosing to the third-party system account credentials. The system enables the user to also securely de-authorize the third-party system. For example, records may be automatically generated that securely store account information, including one or more permissions related to the account and/or the third-party. A token associated with a record may be shared with the third-party system, but neither the record itself, nor the user account credentials, may be shared with the third-party. Accordingly, the third-party may request user account data and/or initiate transactions by providing the token, but does not itself know, e.g., the user account credentials. Further, the user may set various permissions related to the token, and may also revoke the token (e.g., de-authorize the third-party), thus providing increased security to the user's account.

Methods, computer-readable media, software, and apparatuses may assist a consumer in keeping track of a consumer's accounts in order to prevent unauthorized access or use of the consumer's identified subscriptions and financial accounts. The identified subscriptions and financial accounts may be displayed to the consumer along with recommendations and assistance for closing unused or unwanted financial accounts and subscriptions to prevent unauthorized access or use.

Methods and devices for provisioning a secure application on an electronic device with first issuer data for a first issuer are described. In an embodiment, the provisioning system receives and stores first issuer records. The example provisioning system receives a provisioning request to provision the secure application with the first issuer data. The provisioning request includes identifying information. The example provisioning system evaluates the provisioning request based on at least one of the first issuer evaluation criteria, the first issuer records and the identifying information in the provisioning request. When the provisioning request satisfies the first issuer evaluation criteria, the example provisioning system generates a signal using the communication module to provide the first issuer data to the electronic device to provision the secure application on the electronic device.

A message processing server includes a message processor and a database of multi-layer tokens. Each token in the database includes a plurality of encrypted data layers. The first layer includes a first data pointer. A primary layer includes the first layer and identifies a reference data value. The message processor receives from a communications device an authentication request identifying a first data value, validates the authentication request from the first data value and the reference data value configured in one of the multi-layer tokens, receives a first authorization message including a first cryptographic key, derives a first decrypted data layer from the first cryptographic key and the first encrypted data layer of the one multi-layer token, and validates the first data pointer by receiving confirmation of the first data pointer pointing to a database entry comprising a second data value less than the reference data value.

A disclosed method an analysis computer determining a rolling window associated with interaction data for interactions that occur over time. The analysis computer can retrieve interaction data for interactions occurring in the rolling window. The analysis computer can then generate pseudo interaction data based upon historical interaction data. The analysis computer can optionally embed the interaction data for the interactions occurring within the rolling window and the pseudo interaction data to form interaction data matrices. The analysis computer can then form a neural network model using the interaction data matrices, which is derived from the interaction data in the rolling window and the pseudo interaction data.

Provided is a system, method, and apparatus for aggregated authentication in an online, open loop payment network. The method includes receiving a single authentication request message to conduct a plurality of transactions with a plurality of merchants, the single authentication request message comprising an aggregation identifier, detecting the aggregation identifier in the single authentication request message, in response to detecting the aggregation identifier, generating a single authentication response message comprising a plurality of authentication codes, each authentication code of the plurality of authentication codes corresponding to a merchant of the plurality of merchants, and communicating the single authentication response message to the merchant system, the single authentication response message configured to cause the merchant system to separately process each transaction of the plurality of transactions.