US20220292498A1 - Systems and methods for secure electronic transfers - Google Patents

Abstract

Systems and methods including one or more processors and one or more non-transitory storage devices storing computing instructions configured to run on the one or more processors and perform receiving, from a payee system for a payee, a request for a transfer from a payor to the payee, wherein the payor is associated with a payor user profile of the payee system; causing a payor device for the payor to display an authorization user interface for the payor to authorize a payor financial institution to grant an access code to the system; requesting, from the payor financial institution, one or more eligible payor accounts owned by the payor and maintained by the payor financial institution; causing the payor device to display the one or more eligible payor accounts for the payor to determine a selected payor account of the one or more eligible payor accounts for the transfer; determining a fraud risk score for the transfer; transmitting, to a payee financial institution for the payee, the fraud risk score, wherein: the payee financial institution is configured to determine a transfer decision for the transfer based at least in part on the fraud risk score and information about a payee account for the transfer; and the payee account is owned by the payee and maintained by the payee financial institution; when the transfer decision comprises an approval of the transfer by the payee financial institution, facilitating the transfer from the selected payor account to the payee account; generating a transfer token associated with the payor and the payee; storing transfer data for the transfer, the transfer data being associated with the transfer token; and transmitting the transfer token to the payee system, wherein the payee system stores the transfer token with the payor user profile. Other embodiments are disclosed herein.

Description

CROSS-REFERENCE TO RELATED APPLICATIONS
• This application is continuation of Ser. No. 17/824,878, filed May 25, 2022, and also is a continuation-in-part of, and claims priority to U.S. patent application Ser. No. 17/191,358, filed Mar. 3, 2021. This application further claims the benefit of U.S. Provisional Application Ser. No. 63/281,855, filed Nov. 22, 2021. U.S. patent application Ser. No. 17/824,878 claims the benefit of U.S. Provisional Application Ser. No. 63/192,182, filed May 25, 2021. Provisional Application Ser. Nos. 63/192,182 and 63/281,855 and patent application Ser. Nos. 17/191,358 and 17/824,878 are herein incorporated by this reference in its entirety.
TECHNICAL FIELD
• This disclosure relates generally to electronic transfers, and more particularly relates to systems and methods for secure, instantaneous transfers.
BACKGROUND
• Digital assets (e.g., cryptocurrencies, non-fungible tokens (NFTs), electronically held bank accounts, etc.) have become more prevalent in today's world as a means of exchange. While this increased prevalence has come with new advantages, it has also lead to a number of new problems. For example, owners of digital assets often expect that the transfers of such assets will happen in real time (e.g., instantaneously or almost instantaneously), but operators of digital asset sources (e.g., cryptocurrency exchanges, banks, NFT market operators, etc.) must ensure that these transfers are secure so that the chances of digital fraud are minimized. These two goals of real time transfers and secure transfers can be in competition with each other in prior systems for electronic transfers of digital assets because a faster transfer gives an operator less time to perform due diligence on the transfer. Therefore, there is a need for a system to securely and quickly transfer digital assets.
BRIEF DESCRIPTION OF THE DRAWINGS
• To facilitate further description of the embodiments, the following drawings are provided in which:
• FIG. 1 illustrates a front elevational view of a computer system that is suitable for implementing various embodiments of the systems disclosed inFIGS. 3 and 5;
• FIG. 2 illustrates a representative block diagram of an example of the elements included in the circuit boards inside a chassis of the computer system ofFIG. 1;
• FIG. 3 illustrates a representative block diagram of a system, according to an embodiment;
• FIG. 4 illustrates a flowchart for a method, according to certain embodiments;
• FIG. 5 illustrates a representative block diagram of a system, according to an additional embodiment;
• FIG. 6 illustrates a representative block diagram of a system, according to an embodiment;
• FIG. 7 illustrates a flowchart for a method, according to an embodiment;
• FIG. 8 illustrates a flowchart for a method, according to an embodiment;
• FIG. 9 illustrates a flowchart for a method, according to an embodiment;
• FIG. 10 illustrates a flowchart for a method, according to an embodiment;
• FIG. 11 illustrates a flowchart for a method, according to an embodiment; and
• FIG. 12 illustrates a flowchart for a method, according to an embodiment.
• For simplicity and clarity of illustration, the drawing figures illustrate the general manner of construction, and descriptions and details of well-known features and techniques may be omitted to avoid unnecessarily obscuring the present disclosure. Additionally, elements in the drawing figures are not necessarily drawn to scale. For example, the dimensions of some of the elements in the figures may be exaggerated relative to other elements to help improve understanding of embodiments of the present disclosure. The same reference numerals in different figures denote the same elements.
• The terms “first,” “second,” “third,” “fourth,” and the like in the description and in the claims, if any, are used for distinguishing between similar elements and not necessarily for describing a particular sequential or chronological order. It is to be understood that the terms so used are interchangeable under appropriate circumstances such that the embodiments described herein are, for example, capable of operation in sequences other than those illustrated or otherwise described herein. Furthermore, the terms “include,” and “have,” and any variations thereof, are intended to cover a non-exclusive inclusion, such that a process, method, system, article, device, or apparatus that comprises a list of elements is not necessarily limited to those elements, but may include other elements not expressly listed or inherent to such process, method, system, article, device, or apparatus.
• The terms “left,” “right,” “front,” “back,” “top,” “bottom,” “over,” “under,” and the like in the description and in the claims, if any, are used for descriptive purposes and not necessarily for describing permanent relative positions. It is to be understood that the terms so used are interchangeable under appropriate circumstances such that the embodiments of the apparatus, methods, and/or articles of manufacture described herein are, for example, capable of operation in other orientations than those illustrated or otherwise described herein.
• The terms “couple,” “coupled,” “couples,” “coupling,” and the like should be broadly understood and refer to connecting two or more elements mechanically and/or otherwise. Two or more electrical elements may be electrically coupled together, but not be mechanically or otherwise coupled together. Coupling may be for any length of time, e.g., permanent or semi-permanent or only for an instant. “Electrical coupling” and the like should be broadly understood and include electrical coupling of all types. The absence of the word “removably,” “removable,” and the like near the word “coupled,” and the like does not mean that the coupling, etc. in question is or is not removable.
• As defined herein, two or more elements are “integral” if they are comprised of the same piece of material. As defined herein, two or more elements are “non-integral” if each is comprised of a different piece of material.
• As defined herein, “real-time” can, in some embodiments, be defined with respect to operations carried out as soon as practically possible upon occurrence of a triggering event. A triggering event can include receipt of data necessary to execute a task or to otherwise process information. Because of delays inherent in transmission and/or in computing speeds, the term “real time” encompasses operations that occur in “near” real time or somewhat delayed from a triggering event. In a number of embodiments, “real time” can mean real time less a time delay for processing (e.g., determining) and/or transmitting data. The particular time delay can vary depending on the type and/or amount of the data, the processing speeds of the hardware, the transmission capability of the communication hardware, the transmission distance, etc. However, in many embodiments, the time delay can be less than approximately one second, two seconds, five seconds, or ten seconds.
• As defined herein, “approximately” can, in some embodiments, mean within plus or minus ten percent of the stated value. In other embodiments, “approximately” can mean within plus or minus five percent of the stated value. In further embodiments, “approximately” can mean within plus or minus three percent of the stated value. In yet other embodiments, “approximately” can mean within plus or minus one percent of the stated value.
DESCRIPTION OF EXAMPLES OF EMBODIMENTS
• A number of embodiments can include a first system. The system can include one or more processors and one or more non-transitory computer-readable storage devices storing computing instructions. The computing instructions can be configured to run on the one or more processors and perform: receiving a request for a transfer from a user device of a user, the transfer being from a source of funds owned by the user to a destination account owned by a third-party; coordinating displaying, on the user device of the user, at least one transfer method of a plurality of transfer methods for the transfer; receiving, from the user device of the user, a selection of the at least one transfer method of the plurality of transfer methods; receiving a token from an operator of the source of funds owned by the user, the token being unique to the third-party; transferring the token to the third-party; after transferring the token to the third-party, receiving the token and transfer details of the transfer from the third-party; in response to receiving the token and the transfer details, determining a fraud risk score for the transfer; and when the fraud risk score satisfies a predetermined threshold, facilitating the transfer from the user to the third-party.
• Various embodiments include a first method. The method can be implemented via execution of computing instructions configured to run at one or more processors and configured to be stored at non-transitory computer-readable media. The method can comprise receiving a request for a transfer from a user device of a user, the transfer being from a source of funds owned by the user to a destination account owned by a third-party; coordinating displaying, on the user device of the user, at least one transfer method of a plurality of transfer methods for the transfer; receiving, from the user device of the user, a selection of the at least one transfer method of the plurality of transfer methods; receiving a token from an operator of the source of funds owned by the user, the token being unique to the third-party; transferring the token to the third-party; after transferring the token to the third-party, receiving the token and transfer details of the transfer from the third-party; in response to receiving the token and the transfer details, determining a fraud risk score for the transfer; and when the fraud risk score satisfies a predetermined threshold, facilitating the transfer from the user to the third-party.
• Various embodiments can include a second system. The system can include one or more processors and one or more non-transitory computer-readable media storing computing instructions. When executed on the one or more processors, the computing instructions can perform certain acts. In many embodiments, the acts can include receiving, from a payee system for a payee, a request for a transfer from a payor to the payee. In some embodiments, the acts further can include causing a payor device of the payor to display a plurality of candidate financial institutions for the payor to determine a payor financial institution of the plurality of candidate financial institutions for the transfer. The acts also can include causing the payor device to display an authorization user interface for the payor to authorize the payor financial institution to grant an access code to the system. In certain embodiments, the acts additionally can include validating that the access code is authentic. The authorization user interface additionally can be configured to allow the payor to log into a payor user account at the payor financial institution.
• Meanwhile, the acts further can include, in response to the payor financial institution granting the access code, requesting, from the payor financial institution, one or more eligible payor accounts owned by the payor and maintained by the payor financial institution. The payor user account at the payor financial institution can be associated with the one or more eligible payor accounts. In a number of embodiments, the acts further can include causing the payor device to display the one or more eligible payor accounts for the payor to determine a selected payor account of the one or more eligible payor accounts for the transfer. The acts additionally can include determining a fraud risk score for the transfer. In some embodiments, the act of determining the fraud risk score for the transfer can include analyzing a transfer history of the payee. Moreover, the acts can include transmitting, to a payee financial institution for the payee, the fraud risk score. The payee financial institution can be configured to determine a transfer decision for the transfer based at least in part on: (a) the fraud risk score, and (b) information about a payee account for the transfer. The payee account can be owned by the payee and maintained by the payee financial institution. Further, the acts can include: when the transfer decision comprises an approval of the transfer by the payee financial institution, facilitating the transfer from the selected payor account to the payee account.
• In a number of embodiments, the act of determining the fraud risk score further can include determining the fraud risk score by using a first risk model. The payee financial institution further can be configured to determine the transfer decision based at least in part on a second risk model to determine a second fraud risk score. In many embodiments, the act of facilitating the transfer from the selected payor account to the payee account further can include transmitting, to the payor financial institution, the fraud risk score for the payor financial institution to determine a second transfer decision based at least in part on the fraud risk score. In certain embodiments, the payor financial institution can be configured to perform certain approval processes before effectuating the transfer. The payor financial institution can be configured to determine the second transfer decision based at least in part on comparing a balance for the selected payor account with a transfer amount for the transfer. The payor financial institution further can be configured to determine the second transfer decision based at least in part on a third risk model to determine a third fraud risk score.
• In some embodiments, the first risk model, the second risk model, and/or third risk model each can include any suitable hardware and/or software configured to implement one or more suitable fraud risk scoring algorithms based on pertinent information (e.g., information about the transfer, a transaction history of the payee and/or the payee account, etc.). Each of the first risk model, the second risk model, and/or third risk model can be similar or different from each other in that the hardware, software, algorithms, and/or information used for determining the respective fraud risk scores can be similar or different.
• In a number of embodiments, the acts further can include a token-based authentication process for increased security. For example, the act of requesting the one or more eligible payor accounts further can include obtaining, from the payor financial institution, an access token associated with the payor. In certain embodiments, the access token can be similar or identical to the access token described above. The access token can be issued to the system by the payor financial institution after the system is granted the access code to communicate with the payor financial institution. The access token can be uniquely associated with the payor or the payor user account. The access token further can be configured to allow the system to perform certain tasks or access certain resources (e.g., requesting the one or more eligible payor accounts, or authorizing the transfer of funds, etc.) at the payor financial institution on behalf of the payor. In some embodiments, the access token can be used by not only the system but also any other devices, systems, and/or models that hold the access token. In similar or different embodiments, the access token further can include an expiration date and/or time, after which the access token becomes unusable. For an access token that can be used by any bearer of the access token, the access token including an expiration time can lower the risk of unauthorized access or leak of the payor's confidential information and/or protected resources.
• In several embodiments, the act of requesting the one or more eligible payor accounts further can include obtaining, from the payor financial institution, a refresh token associated with the access token. The refresh token can be configured to extend the time for the system to communicate with and/or access protected resources at the payor financial institution. For example, the act of requesting the one or more eligible payor accounts further can include when the refresh token is valid, requesting the payor financial institution to renew an expired access token associated with the refresh token without prompting the payor to re-log in and/or re-authorize access. The act of requesting the one or more eligible payor accounts also can include, when the refresh token and the access token are expired, causing the payor device of the payor to display the authorization user interface for the payor to authorize the payor financial institution to renew the access token and the refresh token. In many embodiments, the refresh token can be obtained from the payor financial institution at the same time when the system obtains a new access token. The refresh token further can include an expiration time (e.g., an hour, 24 hours, 3 days, a week, or a month) that is longer than that of the access token (e.g., 1 minute, 3 minutes, 5 minutes, or 30 minutes). In many embodiments, the acts performed by the computing instructions of the second system further can include one or more of the activities or acts of any of the embodiments described above.
• Various embodiments include a second method. The method can be implemented via execution of computing instructions configured to run at one or more processors and configured to be stored at non-transitory computer-readable media. In many embodiments, the method can include receiving, from a payee system for a payee, a request for a transfer from a payor to the payee. The method further can include causing the payor device to display an authorization user interface for the payor to authorize a payor financial institution to grant an access code to the system or the one or more processors performing the method. The method also can include, in response to the payor financial institution granting the access code, requesting, from the payor financial institution, one or more eligible payor accounts owned by the payor and maintained by the payor financial institution.
• In a number of embodiments, the method further can include causing the payor device to display the one or more eligible payor accounts for the payor to determine a selected payor account of the one or more eligible payor accounts for the transfer. The method additionally can include determining a fraud risk score for the transfer. Moreover, the method can include transmitting, to a payee financial institution for the payee, the fraud risk score. The payee financial institution can be configured to determine a transfer decision for the transfer based at least in part on: (a) the fraud risk score, and (b) information about a payee account for the transfer. The payee account can be owned by the payee and maintained by the payee financial institution. The method further can include, when the transfer decision comprises an approval of the transfer by the payee financial institution, facilitating the transfer from the selected payor account to the payee account. In many embodiments, the method further can include one or more of the activities or acts of any of the embodiments described above. In a number of embodiments, the method can be adopted to allow the payor who is not registered with the payee system to authorize a one-time transfer (e.g., a guest checkout) between the payor financial institution and the payee financial institution.
• Various embodiments can include a third system. The system can include one or more processors and one or more non-transitory computer-readable media storing computing instructions. When executed on the one or more processors, the computing instructions can perform certain acts. In many embodiments, the acts can include receiving, from a payee system for a payee, a request for a transfer from a payor to the payee. The payor can be associated with a payor user profile of the payee system. The payee system can be configured to transmit the request pursuant to an instruction by the payor. For example, the payee system can transmit the request for a transfer after the payor chooses a transfer method and authorize the transfer for a purchase at the payee system.
• In a number of embodiments, the acts further can include causing a payor device for the payor to display an authorization user interface for the payor to authorize a payor financial institution to grant an access code to the system. In embodiments where the transfer method acceptable to the payee system is associated with a plurality of candidate financial institutions, the acts further can include causing the payor device to display the plurality of candidate financial institutions for the payor to determine the payor financial institution of the plurality of candidate financial institutions for the transfer. In many embodiments, the authorization user interface also can be configured to allow the payor to log into a payor user account at the payor financial institution before authorizing the payor financial institution to grant the access code to the system. The access code can be transmitted to the system directly or indirectly. In some embodiments, the acts also can include validating that the access code is authentic to ensure that the access code is not counterfeited or re-used and that the access to any protected resources of the payor is authorized.
• In a number of embodiments, the acts additionally can include requesting, from the payor financial institution, one or more eligible payor accounts owned by the payor and maintained by the payor financial institution. The one or more eligible payor accounts can be associated with the payor user account. The acts further can include causing the payor device to display the one or more eligible payor accounts for the payor to determine a selected payor account of the one or more eligible payor accounts for the transfer. In some embodiments, the acts further can include determining a fraud risk score for the transfer. Determining the fraud risk score can be implemented by any suitable hardware, software, risk models, and/or risk data associated with the payee. In certain embodiments, the act of determining the fraud risk score can include analyzing a transfer history of the payee.
• In a number of embodiments, the acts further can include transmitting, to a payee financial institution for the payee, the fraud risk score. The payee financial institution can be configured to determine a transfer decision for the transfer based at least in part on the fraud risk score and information about a payee account for the transfer. The payee account can be owned by the payee and maintained by the payee financial institution. In certain embodiments, transmitting the fraud risk score to the payee financial institution can cause or accompany an instruction to cause the payee financial institution to determine the transfer decision. The acts further can include when the transfer decision comprises an approval of the transfer by the payee financial institution, facilitating the transfer from the selected payor account to the payee account.
• The acts further can include after facilitating the transfer, generating a transfer token associated with the payor and the payee. The transfer token can be associated with transfer data for the transfer. The transfer data can include information about the transfer that has been performed, such as information about the payor, the payee, the status of the transfer (e.g., “sent”, “failed”, “disapproved”, etc.), the payor financial institution, the payee financial institution, the selected payor account, the payor user profile of the payee system, and/or the payor user account with the payor financial institution, etc. In a number of embodiments, the acts also can include storing the transfer data for the transfer. The acts additionally can include transmitting the transfer token to the payee system. The payee system can store the transfer token with or into the payor user profile for future use.
• In a number of embodiments, determining the fraud risk score further can include determining the fraud risk score by using a first risk model. The payee financial institution further can be configured to determine the transfer decision based at least in part on a second risk model to determine a second fraud risk score. The first risk model can be similar or different from the second risk model. In certain embodiments, the risk data for the first risk model to determine the fraud risk score also can be similar or different from the risk data for the second risk model.
• In many embodiments, facilitating the transfer from the selected payor account to the payee account further can include transmitting, to the payor financial institution, the fraud risk score for the payor financial institution to determine a second transfer decision based at least in part on the fraud risk score. In some embodiments, the payor financial institution can be configured to determine the second transfer decision after receiving the fraud risk score and/or a transfer instruction. In certain embodiments, the fraud risk score transmitted to the payor financial institution can be accompanied by a request to cause the payor financial institution to determine the second transfer decision.
• In embodiments where the payor financial institution is configured to determine the second transfer decision, the payor financial institution can be further configured to determine the second transfer decision based at least in part on: (a) a third risk model to determine a third fraud risk score; and/or (b) comparing a balance for the selected payor account with a transfer amount for the transfer. The third risk model can be similar or different from the first risk model and/or second risk model described above. Further, the risk data for the third risk model to determine the third fraud risk score also can be similar or different from the risk data for the first risk model and/or second risk model. The risk data for the third risk model can include the fraud risk score. In many embodiments, after comparing, when the balance for the selected payor account is less than the transfer amount for the transfer, the second transfer decision can include a denial for the transfer.
• In many embodiments, the act of requesting the one or more eligible payor accounts from the payor financial institution can include: (a) obtaining, from the payor financial institution, an access token associated with the payor; (b) obtaining, from the payor financial institution, a refresh token associated with the access token; (c) when the refresh token is valid, requesting the payor financial institution to renew the access token; and/or (d) when the refresh token and the access token are expired, causing the payor device for the payor to display the authorization user interface for the payor to authorize the payor financial institution to renew the access token and the refresh token. In a number of embodiments, the transfer data for the transfer further can include the access token and/or the refresh token for the transfer. In many embodiments, the acts performed by the computing instructions of the third system further can include one or more of the activities or acts of any of the embodiments described above.
• Various embodiments include a third method. The method can be implemented via execution of computing instructions configured to run at one or more processors and configured to be stored at non-transitory computer-readable media. In many embodiments, the method can include receiving, from a payee system for a payee, a request for a transfer from a payor to the payee. The payor can be associated with a payor user profile of the payee system. The method further can include causing a payor device for the payor to display an authorization user interface for the payor to authorize a payor financial institution to grant an access code to the one or more processors. In addition, the method can include requesting, from the payor financial institution, one or more eligible payor accounts owned by the payor and maintained by the payor financial institution. The method also can include causing the payor device to display the one or more eligible payor accounts for the payor to determine a selected payor account of the one or more eligible payor accounts for the transfer.
• In many embodiments, the method further can include determining a fraud risk score for the transfer. The method additionally can include transmitting, to a payee financial institution for the payee, the fraud risk score. In some embodiments, the payee financial institution can be configured to determine a transfer decision for the transfer based at least in part on the fraud risk score and information about a payee account for the transfer, and the payee account can be owned by the payee and maintained by the payee financial institution. The method further can include, when the transfer decision comprises an approval of the transfer by the payee financial institution, facilitating the transfer from the selected payor account to the payee account.
• Furthermore, the method also can include one or more post-transfer activities. For example, the method can include: (a) generating a transfer token associated with the payor and the payee; (b) storing transfer data for the transfer, the transfer data being associated with the transfer token; and/or (c) transmitting the transfer token to the payee system. The payee system can store the transfer token with or into the payor user profile. The transfer data can include any information related to the transfer, such as information about the access token, the refresh token, the payor, the payee, etc. In some embodiments, one or more of these post-transfer activities each can be performed when the transfer decision by the payee financial institution includes an approval or after the transfer is successful or completed. In many embodiments, the method further can include one or more of the activities or acts of any of the embodiments described above. In a number of embodiments, the method can be adopted to allow the payor who has a payor user profile of the payee system but has never used a transfer method between the payor financial institution and the payee financial institution to authorize the transfer and have the transfer data saved for future use, if any.
• Various embodiments can include a fourth system. The system can include one or more processors and one or more non-transitory computer-readable media storing computing instructions. When executed on the one or more processors, the computing instructions can perform certain acts. In many embodiments, the acts can include receiving, from a payee system for a payee, a request for a transfer from a payor to the payee. The request for the transfer can be generated and/or transmitted in response to a checkout command from the payor with a selected transfer method (e.g., a real-time fund transfer between bank accounts, etc.). The payor can be associated with a payor user profile of the payee system. The request can include a transfer token associated with the payor and the payee. The transfer token can be generated or updated after the previous transfer and stored with or in the payor user profile.
• In some embodiments, the acts further can include retrieving transfer data based on the transfer token. The transfer data can be associated with the transfer token, a payor financial institution for the payor, and/or a selected payor account owned by the payor and maintained by the payor financial institution. The transfer data can include an access token for the payor financial institution and the payor. When the access token is valid (e.g., not expired), the access token can be re-used for the system to re-connect with and to regain access to resources of the payor at the payor financial institution. In a number of embodiments, the acts also can include using the access token to access one or more eligible payor accounts owned by the payor and maintained by the payor financial institution. The one or more eligible payor accounts can include the selected payor account.
• In a number of embodiments, the acts further can include determining a fraud risk score for the transfer. The act of determining the fraud risk score can be similar or identical to the act of determining the fraud risk score in any of the embodiments described above. For example, determining the fraud risk score can include analyzing a transfer history of the payee. In some embodiments, the acts also can include transmitting, to a payee financial institution for the payee, the fraud risk score. The payee financial institution can be configured to determine a transfer decision for the transfer based at least in part on the fraud risk score and information about a payee account for the transfer. The payee account can be owned by the payee and maintained by the payee financial institution. The acts further can include when the transfer decision includes an approval of the transfer by the payee financial institution, facilitating the transfer from the selected payor account to the payee account.
• In many embodiments, the acts further can include one or more of: (a) causing a payor device for the payor to display a plurality of candidate financial institutions for the transfer, the plurality of candidate financial institutions comprising the payor financial institution, and receiving, from the payor device, a selection of the payor financial institution of the plurality of candidate financial institutions; (b) causing the payor device to display the one or more eligible payor accounts for the payor to determine the selected payor account of the one or more eligible payor accounts for the transfer; (c) validating that the transfer token is authentic; and/or (d) determining whether the access token is expired.
• In a number of embodiments, the acts additionally can include, in response to determining that the access token is expired, either (a) causing the payor device to display an authorization user interface for the payor to authorize the payor financial institution to renew the access token; or (b) determining whether a refresh token of the transfer data for the access token is expired, and when the refresh token is valid, causing the payor financial institution to renew the access token; and when the refresh token is expired, causing the payor device to display the authorization user interface for the payor to authorize the payor financial institution to renew the access token and the refresh token. In several embodiments, the authorization user interface for the payor to authorize the payor financial institution to renew the access token further can be configured to allow the payor to log into a payor user account with the payor financial institution. The payor user account can be associated with the one or more eligible payor accounts. In some embodiments, the acts further can include, in response to either (a) receiving the selection of the payor financial institution, or (b) the payor determining the selected payor account, updating the transfer data for the transfer.
• In many embodiments, the acts further can include one or more acts in the embodiments described above. For example, the respective risk models for the system, the payee financial institution, and/or the payor financial institution for determining the respective fraud risk scores can be similar or identical to any of the one or more risk models for the system, the payee financial institution, and/or the payor financial institution in the other embodiments. The payee financial institution, and/or the payor financial institution each can be configured to determine whether and how the fraud risk score transmitted from the system can be used to determine the respective transfer decision for the transfer. In many embodiments, the acts performed by the computing instructions of the fourth system further can include one or more of the activities or acts of any of the embodiments described above.
• Various embodiments include a fourth method. The method can be implemented via execution of computing instructions configured to run at one or more processors and configured to be stored at non-transitory computer-readable media. In many embodiments, the method can include receiving, from a payee system for a payee, a request for a transfer from a payor to the payee. The payor can be associated with a payor user profile of the payee system. The request can include a transfer token associated with the payor and the payee. The method further can include retrieving transfer data based on the transfer token. The transfer data can be associated with the transfer token, a payor financial institution for the payor, and a selected payor account owned by the payor and maintained by the payor financial institution. The transfer data can include an access token for the payor financial institution and the payor. In some embodiments, the acts further can include using the access token to access one or more eligible payor accounts owned by the payor and maintained by the payor financial institution. The one or more eligible payor accounts can include the selected payor account.
• In a number of embodiments, the method also can include determining a fraud risk score for the transfer. The method further can include transmitting, to a payee financial institution for the payee, the fraud risk score. The payee financial institution can be configured to determine a transfer decision for the transfer based at least in part on the fraud risk score and information about a payee account for the transfer. In addition, the payee account can be owned by the payee and maintained by the payee financial institution. Moreover, the method can include when the transfer decision comprises an approval of the transfer by the payee financial institution, facilitating the transfer from the selected payor account to the payee account. In many embodiments, the method further can include one or more of the activities or acts of any of the embodiments described above. For example, the method can include renewing the access token when a refresh token is valid and/or storing the transfer data after facilitating the transfer. In a number of embodiments, the method can be used by the payor (who has used a transfer method in the past) to skip the login process for a faster and smoother checkout experience.
• Various embodiments can include a fifth system. The system can include one or more processors and one or more non-transitory computer-readable media storing computing instructions. When executed on the one or more processors, the computing instructions can perform certain acts. In many embodiments, the acts can include receiving a request for a transfer from a selected payor account of a payor to a payee. The acts further can include determining a fraud risk score for the transfer. Determining the fraud risk score can be implemented in any suitable way, including analyzing a transfer history of the payee. The acts also can include transmitting, to a payee financial institution for the payee, the fraud risk score. In some embodiments, the payee financial institution can be configured to determine a transfer decision for the transfer based at least in part on the fraud risk score and information about a payee account for the transfer. The payee account can be owned by the payee and maintained by the payee financial institution.
• In many embodiments, the acts further can include when the transfer decision comprises an approval of the transfer by the payee financial institution, facilitating the transfer from the selected payor account to the payee account. The act of facilitating the transfer can include sending transfer information to a payor financial institution to cause the payor financial institution to send a request for payment through a real-time settlement network to the payee financial institution to authorize a real-time credit transfer from the selected payor account to the payee account. The real-time credit transfer can be settled in real-time through the real-time settlement network. The transfer information can include: (a) information to identify the payee financial institution and the payee account to the real-time settlement network; and/or (b) the fraud risk score. Further, in some embodiments, the transfer information does not include an account number of the payee account.
• In a number of embodiments, the act of determining the fraud risk score further can include determining the fraud risk score by using a first risk model. The payee financial institution further can be configured to determine the transfer decision based at least in part on a second risk model to determine a second fraud risk score. The first risk model can be similar to or different than the second risk model.
• In several embodiments, facilitating the transfer from the selected payor account to the payee account further can include transmitting, to the payor financial institution, the fraud risk score for the payor financial institution to determine a second transfer decision based at least in part on the fraud risk score. In similar or different embodiments, determining the fraud risk score further can include determining the fraud risk score by using a first risk model. The payor financial institution further can be configured to determine the second transfer decision based at least in part on: (a) a third risk model to determine a third fraud risk score; and/or (b) comparing a balance for the selected payor account with a transfer amount for the transfer. The third risk model can be similar to or different than the first risk model and/or the second risk model.
• In a number of embodiments, the acts further can include before determining the fraud risk score for the transfer: (a) facilitating an authorization for the payor to authorize the payor financial institution to grant an access code; (b) requesting, from the payor financial institution, one or more eligible payor accounts owed by the payor and maintained by the payor financial institution; and (c) causing a payor device of the payor to display the one or more eligible payor accounts for the payor to determine the selected payor account from among the one or more eligible payor accounts for the transfer. In many embodiments, the acts performed by the computing instructions of the fifth system further can include one or more of the activities or acts of any of the embodiments described above.
• Various embodiments include a fifth method. The method can be implemented via execution of computing instructions configured to run at one or more processors and configured to be stored at non-transitory computer-readable media. In many embodiments, the method can include receiving a request for a transfer from a selected payor account of a payor to a payee. The method further can include determining a fraud risk score for the transfer. The method additionally can include transmitting, to a payee financial institution for the payee, the fraud risk score, wherein the payee financial institution is configured to determine a transfer decision for the transfer based at least in part on the fraud risk score and information about a payee account for the transfer. The payee account can be owned by the payee and maintained by the payee financial institution.
• In a number of embodiments, the method further can include when the transfer decision comprises an approval of the transfer by the payee financial institution, facilitating the transfer from the selected payor account to the payee account. The act of facilitating the transfer can include: sending transfer information to a payor financial institution to cause the payor financial institution to send a request for payment through a real-time settlement network to the payee financial institution to authorize a real-time credit transfer from the selected payor account to the payee account, wherein the real-time credit transfer is settled in real-time through the real-time settlement network. In many embodiments, the method further can include one or more of the activities or acts of any of the embodiments described above.
• Various embodiments can include a sixth system. The system can include one or more processors and one or more non-transitory computer-readable media storing computing instructions. When executed on the one or more processors, the computing instructions can perform certain acts. In many embodiments, the acts can include receiving, from a payee system for a payee, a request for a transfer from a payor to the payee. The request can be sent by the payee without the payor selecting to use the system for the transfer. The payor can be associated with a payor user profile of the payee system. The request can include a transfer token associated with the payor and the payee.
• In some embodiments, the acts further can include retrieving transfer data based on the transfer token. The transfer data can be associated with the transfer token, a payor financial institution for the payor, and a selected payor account owned by the payor and maintained by the payor financial institution. The transfer data can include an access token for the payor financial institution and the payor. In a number of embodiments, the access token can be used to prevent unauthorized access of the payor's protected resources at the payor financial institution. For example, the access token can include an expiration date and/or time. In some embodiments, the acts further can include determining whether the access token is expired. The acts also can include determining whether a refresh token of the transfer data for the access token is expired. Further, the acts can include when the refresh token is valid, causing the payor financial institution to renew the access token.
• In a number of embodiments, the acts also can include determining a fraud risk score for the transfer. The act of determining the fraud risk score can include determining the fraud risk score by: (a) using a first risk model; and/or (b) analyzing a transfer history of the payee. In some embodiments, the acts further can include, before determining the fraud risk score for the transfer, determining the payor financial institution based on the transfer token.
• In many embodiments, the acts further can include transmitting, to a payee financial institution for the payee, the fraud risk score. The payee financial institution can be configured to determine a transfer decision for the transfer based at least in part on the fraud risk score and information about a payee account for the transfer. The payee account can be owned by the payee and maintained by the payee financial institution.
• In some embodiments, the acts further can include, when the transfer decision comprises an approval of the transfer by the payee financial institution, facilitating the transfer from the selected payor account to the payee account. The payee financial institution further can be configured to determine the transfer decision based at least in part on a second risk model to determine a second fraud risk score. The second risk model can be similar to or different than the first risk model for the system.
• In several embodiments, the act of facilitating the transfer from the selected payor account to the payee account further can include transmitting, to the payor financial institution, the fraud risk score for the payor financial institution to determine a second transfer decision based at least in part on the fraud risk score. The payor financial institution further can be configured to determine the second transfer decision based at least in part on a third risk model to determine a third fraud risk score. The third risk model can be similar to or different than any of the first risk model for the system or the second risk model for the payee financial institution. In certain embodiments, the payor financial institution further can be configured to determine the second transfer decision based at least in part on comparing a balance for the selected payor account with a transfer amount for the transfer. In many embodiments, the acts performed by the computing instructions of the sixth system further can include one or more of the activities or acts of any of the embodiments described above.
• Various embodiments include a sixth method. The method can be implemented via execution of computing instructions configured to run at one or more processors and configured to be stored at non-transitory computer-readable media. In many embodiments, the method can include receiving, at a system from a payee system for a payee, a request for a transfer from a payor to the payee. The request can be sent by the payee without the payor selecting to use the system for the transfer. The payor can be associated with a payor user profile of the payee system. The request can comprise a transfer token associated with the payor and the payee.
• In a number of embodiments, the method further can include retrieving transfer data based on the transfer token. The transfer data can be associated with the transfer token, a payor financial institution for the payor, and a selected payor account owned by the payor and maintained by the payor financial institution. The transfer data can include an access token for the payor financial institution and the payor.
• The method further can include determining a fraud risk score for the transfer. The method also can include transmitting, to a payee financial institution for the payee, the fraud risk score. The payee financial institution can be configured to determine a transfer decision for the transfer based at least in part on the fraud risk score and information about a payee account for the transfer. The payee account can be owned by the payee and maintained by the payee financial institution. In many embodiments, the method further can include when the transfer decision comprises an approval of the transfer by the payee financial institution, facilitating the transfer from the selected payor account to the payee account. In many embodiments, the method further can include one or more of the activities or acts of any of the embodiments described above. In a number of embodiments, the method can be used for automatic transfer from the payor to the payee in various transactions (e.g., installment payments or subscription billings).
• Turning to the drawings,FIG. 1 illustrates an exemplary embodiment of acomputer system100, all of which or a portion of which can be suitable for (i) implementing part or all of one or more embodiments of the techniques, methods, and systems and/or (ii) implementing and/or operating part or all of one or more embodiments of the memory storage modules described herein. As an example, a different or separate one of a chassis102 (and its internal components) can be suitable for implementing part or all of one or more embodiments of the techniques, methods, and/or systems described herein. Furthermore, one or more elements of computer system100 (e.g., amonitor106, akeyboard104, and/or amouse110, etc.) also can be appropriate for implementing part or all of one or more embodiments of the techniques, methods, and/or systems described herein.Computer system100 can comprise chassis102 containing one or more circuit boards (not shown), a Universal Serial Bus (USB)port112, a Compact Disc Read-Only Memory (CD-ROM) and/or Digital Video Disc (DVD) drive116, and ahard drive114. A representative block diagram of the elements included on the circuit boards inside chassis102 is shown inFIG. 2. A central processing unit (CPU)210 inFIG. 2 is coupled to asystem bus214 inFIG. 2. In various embodiments, the architecture ofCPU210 can be compliant with any of a variety of commercially distributed architecture families.
• Continuing withFIG. 2,system bus214 also is coupled to amemory storage unit208, wherememory storage unit208 can comprise (i) non-volatile memory, such as, for example, read only memory (ROM) and/or (ii) volatile memory, such as, for example, random access memory (RAM). The non-volatile memory can be removable and/or non-removable non-volatile memory. Meanwhile, RAM can include dynamic RAM (DRAM), static RAM (SRAM), etc. Further, ROM can include mask-programmed ROM, programmable ROM (PROM), one-time programmable ROM (OTP), erasable programmable read-only memory (EPROM), electrically erasable programmable ROM (EEPROM) (e.g., electrically alterable ROM (EAROM) and/or flash memory), etc. In these or other embodiments,memory storage unit208 can comprise (i) non-transitory memory and/or (ii) transitory memory.
• In many embodiments, all or a portion ofmemory storage unit208 can be referred to as memory storage module(s) and/or memory storage device(s). In various examples, portions of the memory storage module(s) of the various embodiments disclosed herein (e.g., portions of the non-volatile memory storage module(s)) can be encoded with a boot code sequence suitable for restoring computer system100 (FIG. 1) to a functional state after a system reset. In addition, portions of the memory storage module(s) of the various embodiments disclosed herein (e.g., portions of the non-volatile memory storage module(s)) can comprise microcode such as a Basic Input-Output System (BIOS) operable with computer system100 (FIG. 1). In the same or different examples, portions of the memory storage module(s) of the various embodiments disclosed herein (e.g., portions of the non-volatile memory storage module(s)) can comprise an operating system, which can be a software program that manages the hardware and software resources of a computer and/or a computer network. The BIOS can initialize and test components of computer system100 (FIG. 1) and load the operating system.
• Meanwhile, the operating system can perform basic tasks such as, for example, controlling and allocating memory, prioritizing the processing of instructions, controlling input and output devices, facilitating networking, and managing files. Exemplary operating systems can comprise one of the following: (i) Microsoft® Windows® operating system (OS) by Microsoft Corp. of Redmond, Wash., United States of America, (ii) Mac® OS X by Apple Inc. of Cupertino, Calif., United States of America, (iii) UNIX® OS, and (iv) Linux® OS. Further exemplary operating systems can comprise one of the following: (i) the iOS® operating system by Apple Inc. of Cupertino, Calif., United States of America, (ii) the Blackberry® operating system by Research In Motion (RIM) of Waterloo, Ontario, Canada, (iii) the WebOS operating system by LG Electronics of Seoul, South Korea, (iv) the Android™ operating system developed by Google, of Mountain View, Calif., United States of America, (v) the Windows Mobile™ operating system by Microsoft Corp. of Redmond, Wash., United States of America, or (vi) the Symbian™ operating system by Accenture PLC of Dublin, Ireland.
• As used herein, “processor” and/or “processing module” means any type of computational circuit, such as but not limited to a microprocessor, a microcontroller, a controller, a complex instruction set computing (CISC) microprocessor, a reduced instruction set computing (RISC) microprocessor, a very long instruction word (VLIW) microprocessor, a graphics processor, a digital signal processor, or any other type of processor or processing circuit capable of performing the desired functions. In some examples, the one or more processing modules of the various embodiments disclosed herein can compriseCPU210.
• Alternatively, or in addition to, the systems and procedures described herein can be implemented in hardware, or a combination of hardware, software, and/or firmware. For example, one or more application specific integrated circuits (ASICs) can be programmed to carry out one or more of the systems and procedures described herein. For example, one or more of the programs and/or executable program components described herein can be implemented in one or more ASICs. In many embodiments, an application specific integrated circuit (ASIC) can comprise one or more processors or microprocessors and/or memory blocks or memory storage.
• In the depicted embodiment ofFIG. 2, various I/O devices such as adisk controller204, agraphics adapter224, avideo controller202, akeyboard adapter226, amouse adapter206, anetwork adapter220, and other I/O devices222 can be coupled tosystem bus214.Keyboard adapter226 andmouse adapter206 are coupled to keyboard104 (FIGS. 1-2) and mouse110 (FIGS. 1-2), respectively, of computer system100 (FIG. 1). Whilegraphics adapter224 andvideo controller202 are indicated as distinct units inFIG. 2,video controller202 can be integrated intographics adapter224, or vice versa in other embodiments.Video controller202 is suitable for monitor106 (FIGS. 1-2) to display images on a screen108 (FIG. 1) of computer system100 (FIG. 1).Disk controller204 can control hard drive114 (FIGS. 1-2), USB port112 (FIGS. 1-2), and CD-ROM drive116 (FIGS. 1-2). In other embodiments, distinct units can be used to control each of these devices separately.
• Network adapter220 can be suitable to connect computer system100 (FIG. 1) to a computer network by wired communication (e.g., a wired network adapter) and/or wireless communication (e.g., a wireless network adapter). In some embodiments,network adapter220 can be plugged or coupled to an expansion port (not shown) in computer system100 (FIG. 1). In other embodiments,network adapter220 can be built into computer system100 (FIG. 1). For example,network adapter220 can be built into computer system100 (FIG. 1) by being integrated into the motherboard chipset (not shown), or implemented via one or more dedicated communication chips (not shown), connected through a PCI (peripheral component interconnector) or a PCI express bus of computer system100 (FIG. 1) or USB port112 (FIG. 1).
• Returning now toFIG. 1, although many other components ofcomputer system100 are not shown, such components and their interconnection are well known to those of ordinary skill in the art. Accordingly, further details concerning the construction and composition ofcomputer system100 and the circuit boards inside chassis102 are not discussed herein.
• Meanwhile, whencomputer system100 is running, program instructions (e.g., computer instructions) stored on one or more of the memory storage module(s) of the various embodiments disclosed herein can be executed by CPU210 (FIG. 2). At least a portion of the program instructions, stored on these devices, can be suitable for carrying out at least part of the techniques and methods described herein.
• Further, althoughcomputer system100 is illustrated as a desktop computer inFIG. 1, there can be examples wherecomputer system100 may take a different form factor while still having functional elements similar to those described forcomputer system100. In some embodiments,computer system100 may comprise a single computer, a single server, or a cluster or collection of computers or servers, or a cloud of computers or servers. Typically, a cluster or collection of servers can be used when the demand oncomputer system100 exceeds the reasonable capability of a single server or computer. In certain embodiments,computer system100 may comprise a portable computer, such as a laptop computer. In certain other embodiments,computer system100 may comprise a mobile electronic device, such as a smartphone. In certain additional embodiments,computer system100 may comprise an embedded system.
• Turning ahead in the drawings,FIG. 3 illustrates a block diagram of asystem300 that can be employed for secure electronic transfers, as described in greater detail below.System300 is merely exemplary and embodiments of the system are not limited to the embodiments presented herein.System300 can be employed in many different embodiments or examples not specifically depicted or described herein. In some embodiments, certain elements or modules ofsystem300 can perform various procedures, processes, and/or activities. In these or other embodiments, the procedures, processes, and/or activities can be performed by other suitable elements or modules ofsystem300.
• Generally, therefore,system300 can be implemented with hardware and/or software, as described herein. In some embodiments, part or all of the hardware and/or software can be conventional, while in these or other embodiments, part or all of the hardware and/or software can be customized (e.g., optimized) for implementing part or all of the functionality ofsystem300 described herein.
• In some embodiments,system300 can include one or more of asystem server310, afirst operator server320, asecond operator server330, a user device340, and/or athird party device350. In various embodiments,system server310,first operator server320,second operator server330, user device340, and/orthird party device350 can each be a computer system, such as computer system100 (FIG. 1), as described above, and can each be a single computer, a single server, or a cluster or collection of computers or servers, or a cloud of computers or servers. In another embodiment, a single computer system can host each of two or more ofsystem server310,first operator server320,second operator server330, user device340, and/orthird party device350. Additional details regardingsystem server310,first operator server320,second operator server330, user device340, and/orthird party device350 are described herein.
• In many embodiments,third party device350 can comprise a register or some other type of transaction processing machine. In some embodiments, user device340 and/orthird party device350 can be mobile devices. A mobile electronic device can refer to a portable electronic device (e.g., an electronic device easily conveyable by hand by a person of average size) with the capability to present audio and/or visual data (e.g., text, images, videos, music, etc.). For example, a mobile electronic device can comprise at least one of a digital media player, a cellular telephone (e.g., a smartphone), a personal digital assistant, a handheld digital computer device (e.g., a tablet personal computer device), a laptop computer device (e.g., a notebook computer device, a netbook computer device), a wearable user computer device, or another portable computer device with the capability to present audio and/or visual data (e.g., images, videos, music, etc.). Thus, in many examples, a mobile electronic device can comprise a volume and/or weight sufficiently small as to permit the mobile electronic device to be easily conveyable by hand. For examples, in some embodiments, a mobile electronic device can occupy a volume of less than or equal to approximately 1790 cubic centimeters, 2434 cubic centimeters, 2876 cubic centimeters, 4056 cubic centimeters, and/or 5752 cubic centimeters. Further, in these embodiments, a mobile electronic device can weigh less than or equal to 15.6 Newtons, 17.8 Newtons, 22.3 Newtons, 31.2 Newtons, and/or 44.5 Newtons.
• Exemplary mobile electronic devices can comprise (i) an iPod®, iPhone®, iTouch®, iPad®, MacBook® or similar product by Apple Inc. of Cupertino, Calif., United States of America, (ii) a Blackberry® or similar product by Research in Motion (RIM) of Waterloo, Ontario, Canada, (iii) a Lumia® or similar product by the Nokia Corporation of Keilaniemi, Espoo, Finland, and/or (iv) a Galaxy™ or similar product by the Samsung Group of Samsung Town, Seoul, South Korea. Further, in the same or different embodiments, a mobile electronic device can comprise an electronic device configured to implement one or more of (i) the iPhone® operating system by Apple Inc. of Cupertino, Calif., United States of America, (ii) the Blackberry® operating system by Research In Motion (RIM) of Waterloo, Ontario, Canada, (iii) the Palm® operating system by Palm, Inc. of Sunnyvale, Calif., United States, (iv) the Android™ operating system developed by the Open Handset Alliance, (v) the Windows Mobile™ operating system by Microsoft Corp. of Redmond, Wash., United States of America, or (vi) the Symbian™ operating system by Nokia Corp. of Keilaniemi, Espoo, Finland.
• Further still, the term “wearable user computer device” as used herein can refer to an electronic device with the capability to present audio and/or visual data (e.g., text, images, videos, music, etc.) that is configured to be worn by a user and/or mountable (e.g., fixed) on the user of the wearable user computer device (e.g., sometimes under or over clothing; and/or sometimes integrated with and/or as clothing and/or another accessory, such as, for example, a hat, eyeglasses, a wrist watch, shoes, etc.). In many examples, a wearable user computer device can comprise a mobile electronic device, and vice versa. However, a wearable user computer device does not necessarily comprise a mobile electronic device, and vice versa.
• In specific examples, a wearable user computer device can comprise a head mountable wearable user computer device (e.g., one or more head mountable displays, one or more eyeglasses, one or more contact lenses, one or more retinal displays, etc.) or a limb mountable wearable user computer device (e.g., a smart watch). In these examples, a head mountable wearable user computer device can be mountable in close proximity to one or both eyes of a user of the head mountable wearable user computer device and/or vectored in alignment with a field of view of the user.
• In more specific examples, a head mountable wearable user computer device can comprise (i) Google Glass™ product or a similar product by Google Inc. of Menlo Park, Calif., United States of America; (ii) the Eye Tap™ product, the Laser Eye Tap™ product, or a similar product by ePI Lab of Toronto, Ontario, Canada, and/or (iii) the Raptyr™ product, the STAR1200™ product, the Vuzix Smart Glasses M100™ product, or a similar product by Vuzix Corporation of Rochester, N.Y., United States of America. In other specific examples, a head mountable wearable user computer device can comprise the Virtual Retinal Display™ product, or similar product by the University of Washington of Seattle, Wash., United States of America.
• Meanwhile, in further specific examples, a limb mountable wearable user computer device can comprise the iWatch™ product, or similar product by Apple Inc. of Cupertino, Calif., United States of America, the Galaxy Gear or similar product of Samsung Group of Samsung Town, Seoul, South Korea, theMoto 360 product or similar product of Motorola of Schaumburg, Ill., United States of America, and/or the Zip™ product, One™ product, Flex™ product, Charge™ product, Surge™ product, or similar product by Fitbit Inc. of San Francisco, Calif., United States of America.
• In many embodiments,system300 can comprise graphical user interfaces (“GUI”)360,361. In the same or different embodiments,GUI360 can be part of and/or displayed by user device340, whileGUI361 can be part of and/or displayed bythird party device350. In these embodiments,GUI360 can be different thanGUI361. For example,GUI360 can comprise a transfer offering GUI whileGUI361 can comprise a transfer accepting GUI. In some embodiments,GUI360,361 can comprise text and/or graphics (image) based user interfaces. In the same or different embodiments,GUI360,361 can comprise a heads up display (“HUD”). WhenGUI360,361 comprises a HUD,GUI360,361 can be projected onto glass or plastic, displayed in midair as a hologram, or displayed on monitor106 (FIG. 1). In various embodiments,GUI360,361 can be color or black and white. In many embodiments,GUI360,361 can comprise an application running on a computer system, such ascomputer system100, user device340, and/orthird party device350. In the same or different embodiments,GUI360,361 can comprise a website accessed throughinternet370. In some embodiments,GUI360,361 can comprise an eCommerce website. In these or other embodiments,GUI361 can comprise an administrative (e.g., back end) GUI allowing an administrator to modify and/or change one or more settings insystem300. In the same or different embodiments,GUI360,361 can be displayed as or on a virtual reality (VR) and/or augmented reality (AR) system or display. In some embodiments, an interaction with a GUI can comprise a click, a look, a selection, a grab, a view, a purchase, a bid, a swipe, a pinch, a reverse pinch, etc.
• In many embodiments,system server310,first operator server320,second operator server330, user device340, and/orthird party device350 can each comprise one or more input devices (e.g., one or more keyboards, one or more keypads, one or more pointing devices such as a computer mouse or computer mice, one or more touchscreen displays, a microphone, etc.), and/or can each comprise one or more display devices (e.g., one or more monitors, one or more touch screen displays, projectors, etc.). In these or other embodiments, one or more of the input device(s) can be similar or identical to keyboard104 (FIG. 1) and/or a mouse110 (FIG. 1). Further, one or more of the display device(s) can be similar or identical to monitor106 (FIG. 1) and/or screen108 (FIG. 1). The input device(s) and the display device(s) can be coupled to the processing module(s) and/or the memory storage module(s) ofsystem server310,first operator server320,second operator server330, user device340, and/orthird party device350 in a wired manner and/or a wireless manner, and the coupling can be direct and/or indirect, as well as locally and/or remotely. As an example of an indirect manner (which may or may not also be a remote manner), a keyboard-video-mouse (KVM) switch can be used to couple the input device(s) and the display device(s) to the processing module(s) and/or the memory storage module(s). In some embodiments, the KVM switch also can be part ofsystem server310,first operator server320,second operator server330, user device340, and/orthird party device350. In a similar manner, the processing module(s) and the memory storage module(s) can be local and/or remote to each other.
• In many embodiments,system server310,first operator server320,second operator server330, user device340, and/orthird party device350 can be configured to communicate with one another. In some embodiments,system server310,first operator server320,second operator server330, user device340, and/orthird party device350 can communicate or interface (e.g., interact) with each other through a network orinternet370.Internet370 can be an intranet that is not open to the public. In further embodiments,Internet370 can be a mesh network of individual systems. In various embodiments,Internet370 can comprise a real time payment (RTP) network. For example,Internet370 can comprise The Clearing House RTP network and/or the Zelle® network. Accordingly, in many embodiments,system server310,first operator server320,second operator server330, and/or third party device350 (and/or the software used by such systems) can refer to a back end ofsystem300 operated by an operator and/or administrator ofsystem300, and user device340 (and/or the software used by such systems) can refer to a front end ofsystem300 used by one or more users380. In some embodiments, user380 can also be referred to as a customer, in which case, user device340 can be referred to as a customer device. In these or other embodiments, the operator and/or administrator ofsystem300 can managesystem300, the processing module(s) ofsystem300, and/or the memory storage module(s) ofsystem300 using the input device(s) and/or display device(s) ofsystem300. In various embodiments,first operator server320 andsecond operator server330 can communicate directly with each other without usinginternet370.
• In many embodiments,first operator server320,second operator server330, and/orthird party device350 can host one or more websites. For example,third party device350 can host an eCommerce website that allows users to browse and/or search for products, to add products to an electronic shopping cart, and/or to purchase products, in addition to other suitable activities.
• Meanwhile, in many embodiments,system server310,first operator server320,second operator server330, user device340, and/orthird party device350 can also be configured to communicate with one or more databases. In various embodiments, one or more databases can comprise a product database that contains information about products, items, or SKUs (stock keeping units) sold by a retailer. In various embodiments, one or more databases can be stored on one or more memory storage modules (e.g., non-transitory memory storage module(s)), which can be similar or identical to the one or more memory storage module(s) (e.g., non-transitory memory storage module(s)) described above with respect to computer system100 (FIG. 1). Also, in some embodiments, for any particular database of the one or more databases, that particular database can be stored on a single memory storage module of the memory storage module(s), and/or the non-transitory memory storage module(s) storing the one or more databases or the contents of that particular database can be spread across multiple ones of the memory storage module(s) and/or non-transitory memory storage module(s) storing the one or more databases, depending on the size of the particular database and/or the storage capacity of the memory storage module(s) and/or non-transitory memory storage module(s).
• The one or more databases can each comprise a structured (e.g., indexed) collection of data and can be managed by any suitable database management systems configured to define, create, query, organize, update, and manage database(s). Exemplary database management systems can include MySQL (Structured Query Language) Database, PostgreSQL Database, Microsoft SQL Server Database, Oracle Database, SAP (Systems, Applications, & Products) Database, IBM DB2 Database, and/or NoSQL Database.
• Meanwhile, communication betweensystem server310,first operator server320,second operator server330, user device340,third party device350, and/or the one or more databases can be implemented using any suitable manner of wired and/or wireless communication. Accordingly,system300 can comprise any software and/or hardware components configured to implement the wired and/or wireless communication.
• Further, the wired and/or wireless communication can be implemented using any one or any combination of wired and/or wireless communication network topologies (e.g., ring, line, tree, bus, mesh, star, daisy chain, hybrid, etc.) and/or protocols (e.g., personal area network (PAN) protocol(s), local area network (LAN) protocol(s), wide area network (WAN) protocol(s), cellular network protocol(s), powerline network protocol(s), etc.). Exemplary PAN protocol(s) can comprise Bluetooth, Zigbee, Wireless Universal Serial Bus (USB), Z-Wave, etc.; exemplary LAN and/or WAN protocol(s) can comprise Institute of Electrical and Electronic Engineers (IEEE) 802.3 (also known as Ethernet), IEEE 802.11 (also known as WiFi), etc.; and exemplary wireless cellular network protocol(s) can comprise Global System for Mobile Communications (GSM), General Packet Radio Service (GPRS), Code Division Multiple Access (CDMA), Evolution-Data Optimized (EV-DO), Enhanced Data Rates for GSM Evolution (EDGE), Universal Mobile Telecommunications System (UMTS), Digital Enhanced Cordless Telecommunications (DECT), Digital AMPS (IS-136/Time Division Multiple Access (TDMA)), Integrated Digital Enhanced Network (iDEN), Evolved High-Speed Packet Access (HSPA+), Long-Term Evolution (LTE), WiMAX, etc. The specific communication software and/or hardware implemented can depend on the network topologies and/or protocols implemented, and vice versa. In many embodiments, exemplary communication hardware can comprise wired communication hardware including, for example, one or more data buses, such as, for example, universal serial bus(es), one or more networking cables, such as, for example, coaxial cable(s), optical fiber cable(s), and/or twisted pair cable(s), any other suitable data cable, etc. Further exemplary communication hardware can comprise wireless communication hardware including, for example, one or more radio transceivers, one or more infrared transceivers, etc. Additional exemplary communication hardware can comprise one or more networking components (e.g., modulator-demodulator components, gateway components, etc.).
• In many embodiments, one or more offirst operator server320 and/orsecond operator server330 can host one or more of a source of funds account321 and/or a destination account331, respectively. Source account321 and destination account331 can each comprise one or more of a bank account, a cryptocurrency wallet, an NFT wallet, or some other electronic mechanism for storing an item of data to be transferred. While source account321 and destination account331 are depicted inFIG. 3 as being stored on different servers, it will be understood by a person having ordinary skill in the art that this configuration is not always the case. For example, when source account321 and destination account331 are stored at the same institution (e.g., at the same bank), source account321 and destination account331 can be stored on the same server.
• In many embodiments, the techniques described herein can provide a practical application and several technological improvements. In some embodiments, the techniques described herein can provide for a more secure and private transfer. These techniques described herein can provide a significant improvement over conventional approaches of electronic transfers, such as credit and/or debit cards.
• In a number of embodiments, the techniques described herein can solve a technical problem that arises only within the realm of computer networks, as electronic transfers do not exist outside of computer networks.
• Turning ahead in the drawings,FIG. 4 illustrates a flow chart for amethod400, according to an embodiment.Method400 is merely exemplary and is not limited to the embodiments presented herein.Method400 can be employed in many different embodiments or examples not specifically depicted or described herein. In some embodiments, the activities ofmethod400 can be performed in the order presented. In other embodiments, the activities ofmethod400 can be performed in any suitable order. In still other embodiments, one or more of the activities ofmethod400 can be combined or skipped. In many embodiments, system300 (FIG. 3) can be suitable to performmethod400 and/or one or more of the activities ofmethod400. In these or other embodiments, one or more of the activities ofmethod400 can be implemented as one or more computer instructions configured to run at one or more processing modules and configured to be stored at one or more non-transitory memory storage modules. Such non-transitory memory storage modules can be part of a computer system such assystem server310,first operator server320,second operator server330, user device340, and/or third party device350 (FIG. 3). The processing module(s) can be similar or identical to the processing module(s) described above with respect to computer system100 (FIG. 1).
• In many embodiments,method400 can comprise anactivity401 of receiving a request for a transfer. In some embodiments, a request for a transfer can comprise an initiation of a purchase sequence for one or more goods and/or services. For example, a request for a transfer can comprise a start of a checkout process for a purchase of an item on an eCommerce website. In these or other embodiments, a transfer request can be received from a user device (e.g., user device340 (FIG. 3)). For example, a transfer request can be received from a user device when a user makes a purchase on an eCommerce website. In further embodiments, a request for a transfer can be received from a third party device (e.g., third party device350 (FIG. 3)). For example, a request for a transfer can comprise a start request transmitted by the third party device. In these embodiments, the start request can be configured to initiate a transfer application programming interface (API) hosted on a system server (e.g., system server310 (FIG. 3)). In many embodiments, a start request can be triggered by actions performed by a user on a user device (e.g., user device340 (FIG. 3)). For example, a start request can be initiated by a user beginning a check-out process on an application or a website of a third party displayed on a user device. In many embodiments, a transfer request can be received from a third party device (e.g., third party device350 (FIG. 3)). For example, a transfer request can be received from a third party device (e.g., a register) when a user makes a purchase in-person. In many embodiments, a transfer can be from a first source to a destination. For example, a transfer can be between one or more of a bank account, a cryptocurrency wallet, an NFT wallet, etc. In some embodiments, a first source can be different from a destination, and/or the first source can be owned by a different entity than the destination. For example, a first source can comprise a bank account owned by a user while a destination can comprise a merchant account owned by a merchant.
• In many embodiments,method400 can comprise anactivity402 of coordinating displaying at least one transfer method. In some embodiments, a plurality of transfer methods can be displayed on a GUI displayed on an electronic device (e.g., GUI360 (FIG. 3) or GUI361 (FIG. 3). For example, when the transfer comprises a transaction, the plurality of transfer methods can comprise different ways of paying for the transaction (e.g., credit card, debit card, and/or a real time payment (RTP) system). In further embodiments, a transfer method can be configured to transfer a digital asset from a source to a destination. For example, a transfer method can be configured to transfer an NFT from one wallet to another wallet. In many embodiments, each transfer method can be associated with one or more sources. For example, when a transfer method comprises a RTP system, one or more source accounts (e.g., a deposit account) connected to the RTP system can be displayed. As another example, when a transfer method comprises a credit card, one or more credit accounts can be displayed. In various embodiments, only eligible accounts can be shown. For example, only accounts registered with an RTP system are shown.
• In many embodiments,method400 can comprise anactivity403 of receiving a selection of at least one transfer method. In various embodiments, a selection can be made by a user on a user device (e.g., user device340 (FIG. 3)) and/or a third party device (e.g., third party device350 (FIG. 3)) via a GUI (e.g., GUI360 (FIG. 3) or GUI361 (FIG. 3)). In various embodiments, a selection can comprise an interaction with a GUI, as described with reference toFIG. 3.Activity403 can continue in a number of ways after a selection is received. In many embodiments, when a user is interacting with a third party application installed on an electronic device, a transfer API can search the electronic device for a selected source account application installed on the electronic device. If this source account application is found, it can be run and permissions can be granted for a transfer. For example, when a user is performing a transfer using a merchant application, the transfer API can search for financial institution applications installed on the electronic device and open the financial institution application to obtain permission for the transfer. In these or other embodiments, when a user is interacting with a third party web site, a web browsing program can forward the user to a web site providing access to a selected source account. For example, when the transfer comprises a transaction on an eCommerce website, the web browsing program can forward the user to a website for the user's bank. In some embodiments, a user is not initially entitled to access the source account after its selection. For example, a user may need to log into the source account before it can be accessed by a transfer API or some other transfer algorithm. In these embodiments, a user can be prompted for credentials (e.g., login and password, biometric information, etc.) before being granted access to the source account. In many embodiments, access to a source account can be denied (e.g., by a user and/or in response to incorrect credentials). In these embodiments, in response to being denied access to a source account, a transfer can be canceled or alternative transfer methods can be displayed on an electronic device (e.g., user device340 (FIG. 3) or third party device350 (FIG. 3).
• In many embodiments,method400 can comprise anactivity404 of receiving a token from an operator. In many embodiments, an operator can comprise an individual and/or an entity that holds and/or manages a source of a transfer and/or a destination of the transfer. For example, an operator can be a bank, a cryptocurrency exchange, or an NFT market. In many environments, a token received inactivity404 can be saved and/or copied by a system server (e.g., system server310 (FIG. 3)). A number of different tokens can be received inactivity404. Generally speaking, a token can be a piece of data carrying enough information to facilitate a process of determining a user's identity and/or authorizing a user to perform an action. In some embodiments, in response to at least a portion ofactivity403, an access token can be issued by an operator server (e.g., first operator server320 (FIG. 3)) and then sent to a server running a transfer API (e.g., system server310 (FIG. 3)). Generally speaking, an access token can be configured to enable a system server to signal to an operator server that it has received authorization from a user to perform certain tasks or access certain resources (e.g., a source or destination account). In many embodiments, a token can be unique to a specific user and/or a specific account. In many embodiments, an access token can have an expiration date and/or time after which it is no longer usable to provide authentication. Therefore, in various embodiments, a refresh token can be received with an access token. Generally speaking, a refresh token can allow a system server to obtain a renewed access token from an operator server. In many embodiments, a refresh token can enable a server system to successfully request new access tokens until the refresh token is expired. In various embodiments, when one or more of an access token or a refresh token are no longer valid, a user can be prompted to re-login, which is explained in further detail below. One downside to using only an access token is that an access token is a bearer token. In other words, those who hold the access token can use it. The access token then acts as a credential artifact to access protected resources rather than an identification artifact. Malicious users could theoretically compromise a system and steal access tokens, which they in turn could use to access protected resources by presenting those tokens directly to the server. Therefore, a more secure system for transfers can be created by using other security measures in addition to or in place of an access token.
• In many embodiments, a payment token can be generated for the transaction. Generally speaking, a payment token can be used to prevent a third party device (e.g., third party device350 (FIG. 3)) and/or a second operator server (e.g., operator server330 (FIG. 3)) from gaining a globally useable token. In this way, incidences of fraud, identity theft, and other electronic crimes can be reduced or eliminated. In various embodiments, a payment token can be single use. Once it has been used, the single use token can be discarded (e.g., deleted, caused to be expire, blacklisted, etc.). In various embodiments, a payment token can comprise a payment instrument (e.g., an account number, wallet number, and/or a payment profile ID). For example, an account number associated with source account321 (FIG. 3) can be used as a payment token. In many embodiments, a payment instrument can be encrypted to create all or a portion of a payment token. In further embodiments, a payment token can be created by and/or received from an operator of a source of a transfer (e.g., operator server320 (FIG. 3)). In various embodiments, a payment token can be used for transactions with only one third party (e.g., scoped to the third party). Generally speaking, a payment token can be scoped to a third party when I can only be used by the third party. For example, a payment token can be scoped to a third party by assigning a unique identifier (e.g., a user name, account name, etc.) to the third party upon registration. This unique identifier can then be encrypted using a key. In many embodiments, one or more temporary (e.g., short lived, disposable, etc.) token can be replaced by and/or changed into a longstanding (e.g., longer lasting or permanent) token. In various embodiments, this replacement and/or change can occur after a selection by a user. For example, if a user wants to continually make transfers to a third party, then can instruct a system server to generate or convert a token into a long standing token to effectuate a faster transfer. In this way, a scoped payment token can prevent other systems from using the payment token to effectuate transfers from a source.
• Additional tokens can be used inactivity404 or other activities ofmethod400. For example, a token described in U.S. Provisional Application Ser. No. 63/192,182, which is incorporated herein by this reference in its entirety, describes a system and method using a suitable token.
• In many embodiments,method400 can comprise anactivity405 of transferring a token to a third party. In many embodiments, activity can be performed by a system server (e.g., system server310 (FIG. 3)). In these or other embodiments, third party device350 (FIG. 3) can receive a token. A number of things can occur after and/or in response to and/or as a part ofactivity405. For example, when a transaction is being performed via a website, a device displaying the website (e.g., user device340 (FIG. 3) and/or third party device350 (FIG. 3)) can be forwarded to a transfer details website. As another example, when a transaction is being performed via an application, a device displaying the application's GUI (e.g., user device340 (FIG. 3) and/or third party device350 (FIG. 3)) can be forwarded to a transfer details GUI. Once the transfer details are displayed, a user and/or the third party can review and confirm these details on a website or via an application's GUI.
• In many embodiments,method400 can comprise anactivity406 of receiving a token and transfer details from a third party. In various embodiments, a third party server (e.g., third party device350 (FIG. 3)) can transmit a transfer token and/or transfer details to a system server (e.g., system server310 (FIG. 3)). In many embodiments,activity406 can be performed via a system server API installed on one or more of a third party device and/or a user device. In these or other embodiments, security data about a third party, a user, a user device, and/or a third party device can be collected and transmitted inactivity406. In various embodiments, the security data can be captured by a system server API installed on the respective device. In further embodiments, security data can comprise a transaction history, a fraudulent activity history, and many other data points. In many embodiments, the received token can be compared to a previously saved token. If these tokens match, a transfer can proceed, but if they are different, the transfer can be cancelled.
• In many embodiments,method400 can comprise anactivity407 of determining a fraud risk score. In various embodiments, a fraud risk score can be determined using security data collected as a part ofactivity406. A number of risk score algorithms and systems can be used inactivity407. For example, a risk score system and method described in U.S. Provisional Application Ser. No. 63/192,979, which is incorporated herein by this reference in its entirety, describes a system and method using a suitable fraud risk scoring algorithm.
• In many embodiments,method400 can comprise anactivity408 of facilitating a transfer. In various embodiments, a transfer can be facilitated in response to a fraud risk score being above, below, or equal to a predetermined value. In some embodiments, a transfer can be completed in real-time after a fraud risk score is determined to be above, below, or equal to a predetermined value. In further embodiments, a transfer can be made from a source (e.g., source of funds321 (FIG. 3)) to a destination account (e.g., destination account331 (FIG. 3)). Facilitating a transfer can incorporate all or a portion of one or more optional activities, as described in further detail below.
• In some embodiments,method400 can optionally compriseactivity409 of transmitting transaction details and a fraud risk score. In various embodiments,activity409 can be performed as a part of or entirely separate fromactivity408. In further embodiments, previously collected security data can also be transmitted in place of or in addition to a fraud risk score. In some embodiments, transaction details and/or a fraud risk score can be transmitted to one or more operator servers (e.g.,operator servers320,330 (FIG. 3)). In this way, one or more operator servers can perform their own due diligence and/or security checks on a transfer. For example, operator server320 (FIG. 3) can ingest the transferred data and perform its own risk analysis, validate that a source account is capable of completing the transfer (e.g., is the source account open, does it have sufficient funds, etc.), and/or apply any exceptions that allow the transfer to be completed (e.g., applying overdraft protection to facilitate the transfer, applying a credit to the source account to facilitate the transfer, etc.).
• In some embodiments,method400 can optionally compriseactivity410 of receiving a request for a re-login. In many embodiments, a request for a re-login can be received when a source account fails one or more due diligence and/or security checks performed by an operator server (e.g.,operator servers320,330 (FIG. 3)). Generally speaking, a request for a re-login can function much like or comprise an out of bound authentication for a user device. For example, a one-time password can be created for a user account hosted by one or more of a system server (e.g., system server310 (FIG. 3)) and/or an operator server (e.g.,operator servers320,330 (FIG. 3)). As another example, a user can be forced to reset a password created for a user account hosted by one or more of a system server (e.g., system server310 (FIG. 3)) and/or an operator server (e.g.,operator servers320,330 (FIG. 3)).
• In some embodiments,method400 can optionally compriseactivity411 of receiving a re-login. In many embodiments, a re-login can be received from a user device (e.g., user device340 (FIG. 3)). For example, a re-login can be received from a user device when a transfer is being completed via an application installed on the user device and/or a website of a third party displayed on the user device. In these or other embodiments, a re-login can be received from a third party device (e.g., third party device350 (FIG. 3)). For example, when a user is performing a transfer in person, they can re-login via a third party device.
• In some embodiments,method400 can optionally compriseactivity412 of invoking a transfer API. In many embodiments,activity412 can be performed as a part of one or more ofactivities401 and/or408. A number of different transfer APIs can be invoked inmethod400. For example, a transfer API of a system server can be invoked. Generally speaking, a system server transfer API can be configured to initiate aspects of a transfer performed by a system server (e.g., system server310 (FIG. 3)). This system server transfer API can be stored in a number of different systems. For example, a system server transfer API can be stored as a part of a software application and/or stored on a system server (e.g., system server310 (FIG. 3)). When a system server transfer API is stored on a system server, it can be invoked via transmissions over a network (e.g., internet370 (FIG. 3)) from one or more other devices (e.g., user device340 (FIG. 3) and/or third party device350 (FIG. 3)). In many embodiments, a transfer API can comprise an operator transfer API. In various embodiments, an operator transfer API can be configured to initiate aspects of a transfer performed by an operator server (e.g.,operator server320,330 (FIG. 3)). In many embodiments, a transfer can be facilitated using electronic transmission over an RTP network (e.g., the Zelle® RTP network, Zelle® cleared through FedNow). In these embodiments, a transfer API can access a directory shared between a system server (e.g., system server310 (FIG. 3)) and an operator server (e.g.,operator servers320,330 (FIG. 3)).
• Generally speaking, a server hosing a shared directory (e.g., system server310) can be configured to act as an intermediary between one or more operator servers (e.g.,operator server320,330 (FIG. 3)). In various embodiments, a shared directory can be used to act as an intermediary without its host accessing or hosting a source and/or a destination. In many embodiments, a shared directory can comprise one or more databases containing one or more elements of one or more tokens described herein. In various embodiments, the shared directory can associate the one or tokens with one or more unique identifiers. For example, one or more elements of a payment token can be stored in a shared directory. In various embodiments, an operator server hosting a source (e.g., operator server320 (FIG. 3)) can initiate a transfer by transmitting one or more transaction details and/or one or more portions of a token to a server hosting the shared directory (e.g., system server310 (FIG. 3)). The host of the shared directory can then verify that the one or more portions of the token are authentic. In further embodiments, after a token has been authenticated, transaction details committed to a shared directory can be pushed by a system server (e.g., system server310 (FIG. 3)) to an operator server hosting a destination account (e.g., operator server330 (FIG. 3)). In further embodiments, an operator server hosting a destination account can confirm with a system server that a transfer has been completed or not completed. This completion status can then be shared by the system server with one or more of a user device (e.g., user device340 (FIG. 3)) and/or an operator server hosting a source (e.g., operator server320 (FIG. 3)).
• In some embodiments,method400 can optionally compriseactivity413 of coordinating displaying a transfer completion message. In various embodiments,activity413 can be performed as a part of or afteractivity408. A number of different entities and/or devices can display a transfer completion message. For example, a transaction completion message can be displayed on one or more of a user device (e.g., user device340 (FIG. 3)) and/or a third party device (e.g., third party device350 (FIG. 3)). In various embodiments, a system server (e.g., system server310 (FIG. 3)) can forward a transaction completion message to an intermediary server for display on a different device. For example, a system server can forward a transfer completion message to an operator server ((e.g.,operator servers320,330 (FIG. 3)), which can then forward the transfer completion message to a display device (e.g., user device340 (FIG. 3) or (e.g., third party device350 (FIG. 3)). In many embodiments, a transfer completion message can be displayed on a display device via a website and/or a software application installed on a display device.
• Turning ahead in the drawings,FIG. 5 illustrates a block diagram of asystem500 that can be employed for behavior based messaging.System500 is merely exemplary and embodiments of the system are not limited to the embodiments presented herein.System500 can be employed in many different embodiments or examples not specifically depicted or described herein. In some embodiments, certain elements or modules ofsystem500 can perform various procedures, processes, and/or activities. In these or other embodiments, the procedures, processes, and/or activities can be performed by other suitable elements or modules ofsystem500.
• Generally, therefore,system500 can be implemented with hardware and/or software, as described herein. In some embodiments, part or all of the hardware and/or software can be conventional, while in these or other embodiments, part or all of the hardware and/or software can be customized (e.g., optimized) for implementing part or all of the functionality ofsystem500 described herein.
• In many embodiments,system500 can comprise non-transitory memory storage module501. Memory storage module501 can be referred to as request receiving module501. In many embodiments, request receiving module501 can store computing instructions configured to run on one or more processing modules and perform one or more acts of method400 (FIG. 4) (e.g., activity401 (FIG. 4)).
• In many embodiments,system500 can comprise non-transitorymemory storage module502.Memory storage module502 can be referred to as transfermethod displaying module502. In many embodiments, transfermethod displaying module502 can store computing instructions configured to run on one or more processing modules and perform one or more acts of method400 (FIG. 4) (e.g., activity402 (FIG. 4)).
• In many embodiments,system500 can comprise non-transitorymemory storage module503.Memory storage module503 can be referred to asselection receiving module503. In many embodiments,selection receiving module503 can store computing instructions configured to run on one or more processing modules and perform one or more acts of method400 (FIG. 4) (e.g., activity403 (FIG. 4)).
• In many embodiments,system500 can comprise non-transitorymemory storage module504.Memory storage module504 can be referred to as operatortoken receiving module504. In many embodiments, operatortoken receiving module504 can store computing instructions configured to run on one or more processing modules and perform one or more acts of method400 (FIG. 4) (e.g., activity404 (FIG. 4)).
• In many embodiments,system500 can comprise non-transitorymemory storage module505.Memory storage module505 can be referred to as thirdparty transferring module505. In many embodiments, thirdparty transferring module505 can store computing instructions configured to run on one or more processing modules and perform one or more acts of method400 (FIG. 4) (e.g., activity405 (FIG. 4)).
• In many embodiments,system500 can comprise non-transitorymemory storage module506.Memory storage module506 can be referred to as thirdparty receiving module506. In many embodiments, thirdparty receiving module506 can store computing instructions configured to run on one or more processing modules and perform one or more acts of method400 (FIG. 4) (e.g., activity406 (FIG. 4)).
• In many embodiments,system500 can comprise non-transitorymemory storage module507.Memory storage module507 can be referred to as fraud risk score determiningmodule507. In many embodiments, fraud risk score determiningmodule507 can store computing instructions configured to run on one or more processing modules and perform one or more acts of method400 (FIG. 4) (e.g., activity405 (FIG. 4)).
• In many embodiments,system500 can comprise non-transitorymemory storage module508.Memory storage module508 can be referred to astransfer facilitating module508. In many embodiments,transfer facilitating module508 can store computing instructions configured to run on one or more processing modules and perform one or more acts of method400 (FIG. 4) (e.g., activity408 (FIG. 4)).
• In many embodiments,system500 can comprise non-transitorymemory storage module509.Memory storage module509 can be referred to as transferdetails transmitting module509. In many embodiments, transferdetails transmitting module509 can store computing instructions configured to run on one or more processing modules and perform one or more acts of method400 (FIG. 4) (e.g., activity409 (FIG. 4)).
• In many embodiments,system500 can comprise non-transitorymemory storage module510.Memory storage module510 can be referred to as re-loginrequest receiving module510. In many embodiments, re-loginrequest receiving module510 can store computing instructions configured to run on one or more processing modules and perform one or more acts of method400 (FIG. 4) (e.g., activity410 (FIG. 4)).
• In many embodiments,system500 can comprise non-transitorymemory storage module511.Memory storage module511 can be referred to asre-login receiving module511. In many embodiments,re-login receiving module511 can store computing instructions configured to run on one or more processing modules and perform one or more acts of method400 (FIG. 4) (e.g., activity411 (FIG. 4)).
• In many embodiments,system500 can comprise non-transitorymemory storage module512.Memory storage module512 can be referred to as transferAPI invoking module512. In many embodiments, transferAPI invoking module512 can store computing instructions configured to run on one or more processing modules and perform one or more acts of method400 (FIG. 4) (e.g., activity412 (FIG. 4)).
• In many embodiments,system500 can comprise non-transitorymemory storage module513.Memory storage module513 can be referred to as transfer completionmessage displaying module513. In many embodiments, transfer completionmessage displaying module513 can store computing instructions configured to run on one or more processing modules and perform one or more acts of method400 (FIG. 4) (e.g., activity413 (FIG. 4)).
• Turning ahead in the drawings,FIG. 6 illustrates a block diagram of asystem600 that can be employed for secure electronic transfers, as described in greater detail below.System600 is merely exemplary and embodiments of the system are not limited to the embodiments presented herein.System600 can be employed in many different embodiments or examples not specifically depicted or described herein. In some embodiments, certain elements or modules ofsystem600 can perform various procedures, processes, and/or activities. In these or other embodiments, the procedures, processes, and/or activities can be performed by other suitable elements or modules ofsystem600.
• Generally, therefore,system600 can be implemented with hardware and/or software, as described herein. In some embodiments, part or all of the hardware and/or software can be conventional, while in these or other embodiments, part or all of the hardware and/or software can be customized (e.g., optimized) for implementing part or all of the functionality ofsystem600 described herein. In many embodiments,system600 can be similar, or identical, to system300 (FIG. 3), and part or all of the hardware and/or software ofsystem600 can be similar, or identical, to the hardware and/or software of system300 (FIG. 3).
• In a number of embodiments,system600 can include one or more of asystem610, a payorfinancial institution system620, a payee financial institution system630, apayor device640, and/or apayee system660.System610 can be similar, or identical, to third system server310 (FIG. 3). Payorfinancial institution system620 can be similar, or identical, to first operator server320 (FIG. 3). Payee financial institution system630 can be similar, or identical, to second operator server330 (FIG. 3).Payor device640 can be similar, or identical, to user device340 (FIG. 3).Payee system660 can be similar, or identical, to third party device350 (FIG. 3).
• In various embodiments,system610, payorfinancial institution system620, payee financial institution system630,payor device640, and/orpayee system660 can each be a computer system, such as computer system100 (FIG. 1), as described above, and can each be a single computer, a single server, or a cluster or collection of computers or servers, or a cloud of computers or servers. For example,payee system660 can comprise a register or some other type of transaction processing machine, such as an eCommerce website or an online retailer server.Payor device640 can include a mobile device or a personal computer. In some embodiments, a single computer system can host each of two or more ofsystem610, payorfinancial institution system620, payee financial institution system630,payor device640, and/orpayee system660. Additionaldetails regarding system610, payorfinancial institution system620, payee financial institution system630,payor device640, and/orpayee system660 are described herein.
• In many embodiments,system600 can comprise one or more user interfaces. In some embodiments,payor device640 can include and/or be configured to display a user interface641 that can be similar, or identical to GUI360 (FIG. 3). A user interface (e.g., user interface641) can be displayed on a user device (e.g., payor device640) and be configured to allow a user (e.g.,payor650 or a customer) to perform various activities, such as to log into a server (e.g., payorfinancial institution system620,payee system660, etc.), to manage, to transfer funds in or out of, and/or to pay bills from one or more of the user's accounts maintained at the server (e.g., payor account(s)621 ofpayor650 at payorfinancial institution system620, payee account631 at payee system660), and/or to browse and/or search for products, to add products to an electronic shopping cart, and/or to purchase products, in addition to other suitable activities at the server (e.g., payee system660).
• In many embodiments,system610, payorfinancial institution system620, payee financial institution system630,payor device640, and/orpayee system660 can each comprise one or more input devices and/or one or more display devices. The one or more input devices and/or one or more display devices can each be similar or identical to any one of the input devices and/or display devices described herein.
• In many embodiments,system610, payorfinancial institution system620, payee financial institution system630,payor device640, and/orpayee system660 can be configured to communicate with one another. In some embodiments,system610, payorfinancial institution system620, payee financial institution system630,payor device640, and/orpayee system660 can communicate or interface (e.g., interact) with each other through a network orinternet680.Internet680 can be similar, or identical to, internet370 (FIG. 3).Internet680 can be an intranet that is not open to the public.Internet680 also can be a mesh network of individual systems.Internet680 further can comprise a real time payment (RTP) network, such as The Clearing House RTP network and/or the Zelle® network.
• In a number of embodiments,system610, payorfinancial institution system620, payee financial institution system630,payor device640, and/orpayee system660 can each communicate with one or more databases. The one or more databases can include a product database that contains information about products, items, or SKUs sold by a retailer (e.g., payee system660), or a user database that contains information about customers, including identity, transfer or payment methods, and/or transaction or order history, etc.
• In many embodiments, payorfinancial institution system620 and/or payee financial institution system630 can each host one or more accounts (e.g., payor account(s)621, or payee account631). Payor account(s)621 can be similar or identical to source account321 (FIG. 3). Payee account631 can be similar or identical to destination account331 (FIG. 3). For example, payor account(s)621 and/or can include one or more check accounts, saving accounts, brokerage accounts, cryptocurrency accounts, etc.
• Turning ahead in the drawings,FIG. 7 illustrates a flow chart for amethod700, according to an embodiment.Method700 is merely exemplary and is not limited to the embodiments presented herein.Method700 can be employed in many different embodiments or examples not specifically depicted or described herein. In some embodiments, the activities ofmethod700 can be performed in the order presented. In other embodiments, the activities ofmethod700 can be performed in any suitable order. In still other embodiments, one or more of the activities ofmethod700 can be combined or skipped. In many embodiments, system300 (FIG. 3), system500 (FIG. 5), and/or system600 (FIG. 6) can be suitable to performmethod700 and/or one or more of the activities ofmethod700. In a number of embodiments, some or all of the activities ofmethod700 can be similar or identical to one or more activities of method400 (FIG. 4).
• In many embodiments,method700 can comprise anactivity710 of receiving, from a payee system (e.g., payee system600 (FIG. 6)) for a payee (e.g., payee670 (FIG. 6)), a request for a transfer from a payor (e.g., payor650 (FIG. 6)) to the payee. In some embodiments, the request for the transfer can be part of a purchase sequence for one or more goods and/or services. For example, a request for a transfer can initiate an electronic fund transfer in a checkout process for a purchase of an item on an eCommerce website (e.g., payee system600 (FIG. 6)). The request can be generated or forwarded by the payee system (e.g., payee system600 (FIG. 6)). The request can be generated after a consumer chooses a payment method (e.g., a real-time electronic fund transfer, or a Zelle® payment) and authorizes the transfer via a consumer device of the consumer (e.g., payor device640 (FIG. 6) of payor650 (FIG. 6)). In some embodiments,activity710 can include one or more activities similar or identical to any ofactivities401,402, and/or403 (FIG. 4) for the consumer to choose the payment method before receiving the request for the transfer from the payee system. The consumer can choose this checkout process with or without registering with, and/or logging into any user account of, the payee system or thesystem performing method700. For example, the checkout process can include the payor checking out as a guest for the payee system.
• In some embodiments,method700 further can include an activity720 of causing the payor device (e.g., payor device640 (FIG. 6)) of the payor (e.g., payor650 (FIG. 6)) to display a plurality of candidate financial institutions (e.g., system payor financial institution system620 (FIG. 6)) for the payor to determine a payor financial institution of the plurality of candidate financial institutions for the transfer. The payor device can display the plurality of candidate financial institution on a user interface (e.g., user interface641 (FIG. 6)) executed on the payor device. For example, the plurality of candidate financial institutions can be the banks that support the payment method chosen atactivity710. In certain embodiments, activity720 further can include determining where there is no more than one candidate financial institution for the payment method for the payee, and then selecting the payor financial institution for the transfer without causing the payor device to display the candidate financial institution.
• In a number of embodiments,method700 further can include an activity730 of causing a payor device (e.g., payor device640 (FIG. 6)) to display an authorization user interface (e.g., user interface621 (FIG. 6)) for the payor (e.g., payor650 (FIG. 6)) to authorize the payor financial institution (e.g., system payor financial institution system620 (FIG. 6)) to grant an access code to the system performing method700 (e.g., system600 (FIG. 6)). In many embodiments, activity720 further can include, before authorizing the granting of the access code, causing the payor device to display the authorization user interface or another user interface to prompt the payor to log into a payor user account of the payor financial institution. In some embodiments, the access code can be issued by the payor financial institution and transmitted directly or indirectly to the system formethod700. For example, the access code can be transmitted to the system formethod700 directly from the payor financial institution. The access code also can be transmitted to the payor device for the payor device to forward the access code to the system. The access code further can be stored, by the payor financial institution or the payor device, in a shared directory for the system formethod700 to access. The shared directory can be similar or identical to the shared directory described above. Furthermore, the access code can have an expiration date and/or time and/or be uniquely associated with the system formethod700 in order to ensure security of the checkout or transfer process. In some embodiments, activity730 further can include an activity731 (as a subpart of activity730 or as a subsequent activity to activity730) of validating that the access code is authentic.
• In some embodiments,method700 further can include anactivity740 of requesting, from the payor financial institution (e.g., payor financial institution system620 (FIG. 6)), one or more eligible payor accounts (e.g., payor account(s)621 (FIG. 6)) owned by the payor (e.g., payor650 (FIG. 6)) and maintained by the payor financial institution. The one or more eligible payor accounts can be pre-authorized by the payor for the transfer. For example, a payor can register one or more accounts at the payor financial institution (e.g., one or more checking accounts) with the Zelle® payment network, via the payor financial institution or directly with a Zelle® server, before the payor can check out at a payee system (e.g., an eCommerce website, or payee financial institution system630 (FIG. 6)) using the Zelle® payment as a payment method.Activity740 further can include obtaining information (e.g., an account type, an account nickname, an account number or a part thereof, and/or a balance, etc.) of each of the one or more eligible payor accounts.
• In some embodiments,method700 further can include an activity750 of causing the payor device (e.g., payor device640 (FIG. 6)) to display the one or more eligible payor accounts (e.g., payor account(s)621 (FIG. 6)) for the payor (e.g.650 (FIG. 6)) to determine a selected payor account of the one or more eligible payor accounts for the transfer. The payor device can include a user interface (e.g., user interface641 (FIG. 6)) that is similar or identical to the authorization user interface for displaying the one or more eligible payor accounts. In certain embodiments, the payor device further can display information (e.g., an account type, an account number or a part thereof, and/or a balance, etc.) of each of the one or more eligible payor accounts. In certain embodiments, activity750 further can include determining where there is only one eligible payor account at the payor financial institution for the payor, and then selecting the payor account at the payor financial institution for the transfer without displaying the one or more eligible payor accounts and also without receiving a selected payor account.
• In some embodiments,method700 further can include anactivity760 of determining a fraud risk score for the transfer.Activity760 can include any suitable algorithms or techniques and/or use any suitable hardware or software for determining the fraud risk score. For example,activity760 further can include anactivity761 of analyzing a transfer history of the payee (e.g., payee670 (FIG. 6)).Activity761 can be a subpart of activity730 or a subsequent activity to activity730. The transfer history of the payee can include one or more prior transfers to or from the payee, the Internet Protocol (“IP”) address or any identifier of the device(s) (e.g., payee system660 (FIG. 6)) used by the payee for each prior transfer, the amount of each prior transfer, any claims against the payee for the prior transfers, etc. (e.g., payee670 (FIG. 6)). In several embodiments,activity760 further can include determining the fraud risk score for the transfer based at least in part on risk data and/or risk scores obtained from one or more external sources (e.g., credit bureaus, fraud bureaus, public or private databases for criminal records, etc.).
• In some embodiments,method700 further can include anactivity770 of transmitting to a payee financial institution (e.g., payee financial institution system630 (FIG. 6)) for the payee (e.g., payee670 (FIG. 6)), the fraud risk score. In a number of embodiments, the payee financial institution can be configured to determine a transfer decision for the transfer based at least in part on the fraud risk score and information about a payee account (e.g.,631 (FIG. 6)) for the transfer. The payee account can be owned by the payee and maintained by the payee financial institution. The transfer decision can include an approval and/or denial of the transfer.Activity770 further can include transmitting additional information to the payee financial institution. For example, the additional information can include the risk data (e.g., abnormalities in the transaction history of the payee and/or complaints against the payee) and/or the algorithm(s) or risk model(s) used atactivity760 to determine the fraud risk score. In several embodiments, the payee financial institution can adopt any suitable rules to determine whether and how to use the fraud risk score to make the transfer decision. For example, the payee financial institution can be configured to determine that the transfer decision includes an approval for the transfer when the fraud risk score determined atactivity760 is above a threshold and thus acceptable. The fraud risk score can be a factor or not be part of any factor(s) for determining the transfer decision. In certain embodiments, the payee financial institution can either rely solely on the fraud risk score received fromactivity770 or ignore the fraud risk score entirely for determining the transfer decision.
• In many embodiments, the payee financial institution further can use any suitable algorithms, techniques, risk models, and/or risk data to determine a second risk score for the transfer. The algorithm(s), technique(s), risk model(s), and/or risk data used by the payee financial institution can be similar to or different than the algorithm(s), technique(s), risk model(s), and/or risk data used atactivity760.
• In some embodiments,method700 further can include anactivity780 of when the transfer decision, as determined atactivity770, comprises an approval of the transfer by the payee financial institution (e.g., payee financial institution system630 (FIG. 6)), facilitating the transfer from the selected payor account (e.g., payor account(s)621 (FIG. 6)) to the payee account (e.g., payee account631 (FIG. 6)).Activity780 can be configured to facilitate the transfer only when the transfer decision by the payee financial institution (e.g., payee financial institution system630 (FIG. 6)) atactivity770 includes an approval of the transfer. In a number of embodiments,activity780 further can include anactivity781 of transmitting, to the payor financial institution (e.g., payor financial institution system620 (FIG. 6)), the fraud risk score for the payor financial institution to determine a second transfer decision before the payor financial institution debits the fund for the transfer from the selected payor account.Activity781 can be a subpart ofactivity780 or a subsequent activity toactivity780. The payor financial institution can determine the second transfer decision in any suitable ways, including using or not using any suitable hardware, software, algorithms, and/or techniques, and/or based or not based on any suitable fraud risk score(s) and/or risk data, including the fraud risk data transmitted atactivity781.
• Turning ahead in the drawings,FIG. 8 illustrates a flow chart for amethod800, according to an embodiment.Method800 is merely exemplary and is not limited to the embodiments presented herein.Method800 can be employed in many different embodiments or examples not specifically depicted or described herein. In some embodiments, the activities ofmethod800 can be performed in the order presented. In other embodiments, the activities ofmethod800 can be performed in any suitable order. In still other embodiments, one or more of the activities ofmethod800 can be combined or skipped. In many embodiments, system300 (FIG. 3), system500 (FIG. 5), and/or system600 (FIG. 6) can be suitable to performmethod800 and/or one or more of the activities ofmethod800. In a number of embodiments, some or all of the activities ofmethod800 can be similar or identical to one or more activities of method700 (FIG. 7).
• In many embodiments,method800 can comprise anactivity810 of obtaining, from the payor financial institution (e.g., payor financial institution system620 (FIG. 6)), an access token associated with the payor (e.g., payor650 (FIG. 6)) and a refresh token associated with the access token.Activity810 further can include before obtaining the access token and refresh token, causing a payor device (e.g., payor device640 (FIG. 6)) to display an authorization user interface (e.g., user interface641 (FIG. 6)) for the payor to log into a payor user account at the payor financial institution and/or to authorize the payor financial institution to grant an access code. In some embodiments,activity810 additionally can include at least one of: (a) verifying, by the payor financial institution, the access code before issuing, by the payor financial institution, the access token and/or the refresh token; or (b) issuing, by the payor financial institution, the access token and/or the refresh token based on the access code.
• In many embodiments, the access token and/or the refresh token here can be similar or identical to the access token and/or the refresh token described above. The access token and/or the refresh token each can include a respective expiration date and/or time. The access token and the refresh token can be valid when they are first issued by the payor financial institution. When the respective expiration date and/or time is up, the access token and/or the refresh token can become invalid. The access token, if valid, can be configured to enable the access of protected resources of the payor at the payor financial institution. The refresh token can enable the renewal of the access token, until the expiration date and/or time of the refresh token occurs.
• In a number of embodiments,method800 further can include anactivity820 of determining whether the access token is expired.Activity820 can be implemented by the payor financial institution (e.g., payor financial institution system620 (FIG. 6)) and/or the system performing method800 (e.g., system610 (FIG. 6)). In many embodiments, whenactivity820 determines that the access token is not expired,method800 can include performing one or more other activities that are related or unrelated to the access of the payor's protected resources at the payor financial institution (e.g.,activities740,750,760,761,770,780, and/or781 (FIG. 7)). Whenactivity820 determines that the access token is already expired, any activities ofmethod800 that are related to the access of the payor's protected resources at the payor financial institution cannot continue until the access token is renewed or reissued.
• In a number of embodiments,method800 further can include anactivity830 of determining whether the refresh token is expired.Activity830 be implemented by the payor financial institution (e.g., payor financial institution system620 (FIG. 6)) and/or the system performing method800 (e.g., system610 (FIG. 6)). In some embodiments, when the access token, as determined atactivity820, is expired and whenactivity830 determines that the refresh token is not expired,method800 can determine that the access token is still renewable. Whenactivity830 determines that the refresh token is expired,method800 can determine that the access token is no longer renewable. In several embodiments,activity830 further can include before determining whether the refresh token is expired, validating that the refresh token is authentic. Validating the refresh token can be implemented by thesystem performing method800 or a host of a shared directory for storing the refresh token as described above, whenever the refresh token is accessed.
• In a number of embodiments,method800 further can include anactivity840 of requesting the payor financial institution (e.g., payor financial institution system620 (FIG. 6)) to renew the access token.Activity840 can be performed when the access token, as determined atactivity820, is expired and when the refresh token, as determined atactivity830, is not expired and thus still valid.Activity840 can be performed without requiring the payor to authorize the payor financial institution to renew the access token.
• In a number of embodiments,method800 further can include an activity850 of causing the payor device (e.g. payor device640 (FIG. 6)) of the payor (e.g., payor650 (FIG. 6)) to display the authorization user interface (e.g., user interface641 (FIG. 6)) for the payor to authorize the payor financial institution (e.g., payor financial institution system620 (FIG. 6)) to renew the access token and (optionally) the refresh token. Activity850 can be performed when both the access token, as determined atactivity820, and the refresh token, as determined atactivity830, are expired. In several embodiments, activity850 further can include, before the payor authorizes the payor financial institution to renew the access token and the refresh token, causing the payor device to display the authorization user interface or any other user interface to prompt the payor to re-log into the payor user account of the payor financial institution.
• Turning ahead in the drawings,FIG. 9 illustrates a flow chart for amethod900, according to an embodiment.Method900 is merely exemplary and is not limited to the embodiments presented herein.Method900 can be employed in many different embodiments or examples not specifically depicted or described herein. In some embodiments, the activities ofmethod900 can be performed in the order presented. In other embodiments, the activities ofmethod900 can be performed in any suitable order. In still other embodiments, one or more of the activities ofmethod900 can be combined or skipped. In many embodiments, system300 (FIG. 3), system500 (FIG. 5), and/or system600 (FIG. 6) can be suitable to performmethod900 and/or one or more of the activities ofmethod900. In a number of embodiments, some or all of the activities ofmethod900 can be similar or identical to one or more activities of method700 (FIG. 7) and/or method800 (FIG. 8).
• In many embodiments,method900 can comprise anactivity910 of receiving, from a payee system (e.g., payee system660 (FIG. 6)) for a payee (e.g., payee670 (FIG. 6)), a request for a transfer from a payor (e.g., payor650 (FIG. 6)) to the payee.Activity910 can be similar or identical to, or include similar or identical sub-activities of, activity710 (FIG. 7). The payor can be associated with a payor user profile of the payee system. In some embodiments, the request for the transfer can be transmitted from the payee system after the payor chooses a transfer method and authorizes a checkout at the payee system (e.g., an eCommerce website). The payor can log into the payee system before authorizing the checkout so that the payor's information, settings, and/or preferences (e.g., the shipping or billing address, the transfer or payment method, the user name, etc.) can be pre-populated in the transfer.
• In a number of embodiment,method900 further can include an activity920 of causing the payor device (e.g., payor device640 (FIG. 6)) to display a plurality of candidate financial institutions for the payor (e.g., payor650 (FIG. 6)) to determine a payor financial institution (e.g., payor financial institution system620 (FIG. 6)) of the plurality of candidate financial institutions for the transfer. Activity920 can be similar or identical to720 (FIG. 7). The plurality of candidate financial institutions can be determined by the payee. In certain embodiments, the payee can be associated with a single candidate financial institution, and activity920 can be skipped.
• In a number of embodiment,method900 further can include an activity930 of causing a payor device (e.g., payor device640 (FIG. 6)) of the payor (e.g., payor650 (FIG. 6)) to display an authorization user interface (e.g., user interface641 (FIG. 6)) for the payor to authorize the payor financial institution (e.g., payor financial institution system620 (FIG. 6)) to grant an access code to the system or one or moreprocessors performing method900 and/or activity930 (e.g., system610 (FIG. 6)). Activity930 can be similar or identical to730 (FIG. 7). Activity930 further can include one or more of: (a) causing the payer device to display the authorization user interface to allow the payor to log into a payor user account at the payor financial institution before authorizing the payor financial institution to grant the access code; and/or (b) validating that the access code is authentic (see, e.g., an activity731 (FIG. 7)).
• In a number of embodiment,method900 further can include anactivity940 of requesting, from the payor financial institution (e.g., payor financial institution system620 (FIG. 6)), one or more eligible payor accounts (e.g., payor account(s)621 (FIG. 6)).Activity940 can be similar or identical to, or include similar or identical sub-activities of, activity740 (FIG. 7). The one or more eligible payor accounts can be associated with the payor user account at the payor financial institution. In some embodiments, the payor user account further can be associated with ineligible payor accounts (e.g., brokerage accounts, employer-sponsored pension accounts, etc.).
• In a number of embodiment,method900 further can include an activity950 of causing the payor device (e.g., payor device640 (FIG. 6)) to display the one or more eligible payor accounts, and their respective information, for the payor (e.g., payor650 (FIG. 6)) to determine a selected payor account of the one or more eligible payor accounts (e.g., payor account(s)621 (FIG. 6)). Activity950 can be similar or identical to, or include similar or identical sub-activities of, activity750 (FIG. 7). In certain embodiments, the payor can be associated with a single candidate account at the selected payor financial institution, and activity950 can be skipped.
• In a number of embodiment,method900 further can include anactivity960 of determining a fraud risk score for the transfer.Activity960 can be similar or identical to, or include similar or identical sub-activities of, activity760 (FIG. 7).Activity960 further can include determining the fraud risk score based at least in part on any suitable risk model(s), including the associated hardware and/or software, and/or by analyzing a transfer history of the payee (e.g., payee670 (FIG. 6)). For example,activity960 further can include determining the fraud risk score by using a first risk model.
• In a number of embodiment,method900 further can include anactivity970 of transmitting, to a payee financial institution (e.g., payee financial institution system630 (FIG. 6)) for the payee (e.g., payee670 (FIG. 6)), the fraud risk score. The payee financial institution can be configured to determine a transfer decision for the transfer based at least in part on the fraud risk score and information about a payee account (e.g., payee account631 (FIG. 6)) for the transfer. The payee account can owned by the payee and maintained by the payee financial institution.Activity970 can be similar or identical to, or include similar or identical sub-activities of, activity770 (FIG. 7). In some embodiments,activity970 further can include determining, by the payee financial institution, the transfer decision based at least in part on a second risk model to determine a second fraud risk score. The second risk model can be similar to or different than the first risk model used inactivity960.
• In a number of embodiment,method900 further can include anactivity980 of, when the transfer decision comprises an approval of the transfer by the payee financial institution, facilitating the transfer from the selected payor account to the payee account.Activity980 can be similar or identical to, or include similar or identical sub-activities of, activity780 (FIG. 7). In several embodiments,activity980 further can include transmitting, to the payor financial institution (e.g., payor financial institution system620 (FIG. 6)), the fraud risk score for the payor financial institution to determine a second transfer decision based at least in part on the fraud risk score. The payor financial institution further can be configured to determine the second transfer decision based at least in part on: (a) a third risk model to determine a third fraud risk score; and/or (b) comparing a balance for the selected payor account with a transfer amount for the transfer. The third risk model can be similar to or different than the first risk model used inactivity960 and/or the second risk model used inactivity970.
• In a number of embodiment,method900 further can include anactivity990 of performing one or more post-transfer activities. For example, in some embodiment,activity990 further can include anactivity991 of generating a transfer token associated with the payor and the payee.Activity990 also can include anactivity992 of storing transfer data for the transfer at any suitable databases, non-transitory memory storage modules, and/or servers. In many embodiment,activity990 further can include anactivity993 of transmitting the transfer token to the payee system (e.g., payee system660 (FIG. 6)). In certain embodiments, one or more ofactivity991,activity992, and/oractivity993 can be performed when a status of the transfer is among a group of various statuses (e.g., “approved”, “sent”, or “successful”).
• In many embodiments,method900 further can include one or more token-based authentication activities each similar or identical to one or more activities of method800 (FIG. 8). The one or more token-based authentication activities can be performed whenmethod900 interacts with the payor financial institution (e.g., the payor financial institution system620 (FIG. 6)) and/or the payee financial institution (e.g., the payor financial institution system630 (FIG. 6)). For example,activity940 can include one or more of: (a) obtaining, from the payor financial institution, an access token associated with the payor (e.g., activity810 (FIG. 8)); (b) obtaining, from the payor financial institution, a refresh token associated with the access token (e.g., activity810 (FIG. 8)); (c) when the refresh token is valid, requesting the payor financial institution to renew the access token (e.g., activity840 (FIG. 8)); and/or (d) when the refresh token and the access token are expired, causing the payor device for the payor to display the authorization user interface for the payor to authorize the payor financial institution to renew the access token and the refresh token (e.g., activity850 (FIG. 8)).
• Turning ahead in the drawings,FIG. 10 illustrates a flow chart for amethod1000, according to an embodiment.Method1000 is merely exemplary and is not limited to the embodiments presented herein.Method1000 can be employed in many different embodiments or examples not specifically depicted or described herein. In some embodiments, the activities ofmethod1000 can be performed in the order presented. In other embodiments, the activities ofmethod1000 can be performed in any suitable order. In still other embodiments, one or more of the activities ofmethod1000 can be combined or skipped. In many embodiments, system300 (FIG. 3), system500 (FIG. 5), and/or system600 (FIG. 6) can be suitable to performmethod1000 and/or one or more of the activities ofmethod1000. In a number of embodiments, some or all of the activities ofmethod1000 can be similar or identical to one or more activities of methods700 (FIG. 7),800 (FIG. 8), and/or900 (FIG. 9).
• In many embodiments,method1000 can comprise anactivity1010 of receiving, from a payee system (e.g., payee system660 (FIG. 6)) for a payee (e.g., payee670 (FIG. 6)), a request for a transfer from a payor (e.g., payor650 (FIG. 6)) to the payee. The payor can be associated with a payor user profile of the payee system. The request can include a transfer token associated with the payor and the payee.
• In a number of embodiments,method1000 further can include anactivity1020 of retrieving transfer data based on the transfer token. The transfer data can be associated with the transfer token, a payor financial institution (e.g., payor financial institution system620 (FIG. 6)) for the payor (e.g., payor650 (FIG. 6)), and a selected payor account (e.g., payor account(s)621 (FIG. 6)) owned by the payor and maintained by the payor financial institution. The transfer data further can include data about one or more prior transfers from the payor to the payee, such as information about the payor financial institution and/or the selected payor account for a prior transfer, an access token for the payor financial institution and the payor, and/or a refresh token for the access token, etc.
• In a number of embodiments,method1000 further can include an activity1030 of using the access token of the transfer data to access one or more eligible payor accounts (e.g., payor account(s)621 (FIG. 6)) owned by the payor (e.g., payor650 (FIG. 6)) and maintained by the payor financial institution (e.g., payor financial institution system620 (FIG. 6)).Activity1040 can be similar or identical to, or include similar or identical sub-activities of, activity740 (FIG. 7) and/or activity940 (FIG. 9). In several embodiments, activity1030 further can include one or more additional activities for the payor to re-select the payor financial institution and/or the selected payor account for the transfer. For example, activity1030 further can include: (a) causing a payor device for the payor to display a plurality of candidate financial institutions for the transfer, and receiving, from the payor device, a selection of the payor financial institution of the plurality of candidate financial institutions; and/or (b) causing the payor device to display the one or more eligible payor accounts for the payor to determine the selected payor account of the one or more eligible payor accounts for the transfer. Activity1030 can include automatically prompting or causing the payor to re-select the payor financial institution and/or the selected payor account when encountering certain anomalies. For example, when the payor financial institution is not responding, and/or when the transfer of funds fails because of insufficient funds in the selected payor account.
• In many embodiments,method1000 and/or activity1030 further can include one or more additional activities for token-based authorization (see, e.g.,activity810,820,830,840, and/or850 (FIG. 8)). For example, activity1030 further can include anactivity1031 of determining whether the access token is expired. In some embodiments, activity1030 also can include obtaining, validating, and/or renewing the access token, etc.
• In a number of embodiments,method1000 further can include anactivity1040 of determining a fraud risk score for the transfer.Activity1040 can be similar or identical to, or include similar or identical sub-activities of, activity760 (FIG. 7) and/or activity960 (FIG. 9). For example,activity1040 can includingactivity1041 of analyzing a transfer history of the payee.
• In a number of embodiments,method1000 further can include anactivity1050 of transmitting, to the payee financial institution (e.g., for the payee), the fraud risk score. The payee financial institution (e.g., payee financial institution system630 (FIG. 6)) can be configured to determine a transfer decision for the transfer based at least in part on the fraud risk score and information about the selected payee account for the transfer. The payee account can be owned by the payee and maintained by the payee financial institution.Activity1050 can be similar or identical to, or include similar or identical sub-activities of, activity770 (FIG. 7) and/or activity970 (FIG. 9).
• In a number of embodiments,method1000 further can include anactivity1060 of, when a transfer decision determined by the payee financial institution (e.g., payee financial institution system630 (FIG. 6)) to comprises an approval of the transfer, facilitating the transfer from the selected payor account (e.g., payor account(s)621 (FIG. 6)) to the payee account (e.g., payee account631 (FIG. 6)).Activity1060 can be similar or identical to, or include similar or identical sub-activities of, activity780 (FIG. 7) and/or activity980 (FIG. 9). For example,activity1060 further can include anactivity1061 of transmitting, to the payor financial institution (e.g., payor financial institution system620 (FIG. 6)), the fraud risk score for the payor financial institution to determine a second transfer decision before the payor financial institution debits the fund for the transfer from the selected payor account.
• In some embodiments,method1000 further can include performing post-transfer activities (e.g.,activity990, sub-activity991, sub-activity992, and/or sub-activity993 (FIG. 9)), such as updating the transfer data (e.g., the selected payor account and/or the access token) after facilitating the transfer.
• Turning ahead in the drawings,FIG. 11 illustrates a flow chart for amethod1100, according to an embodiment.Method1100 is merely exemplary and is not limited to the embodiments presented herein.Method1100 can be employed in many different embodiments or examples not specifically depicted or described herein. In some embodiments, the activities ofmethod1100 can be performed in the order presented. In other embodiments, the activities ofmethod1100 can be performed in any suitable order. In still other embodiments, one or more of the activities ofmethod1100 can be combined or skipped. In many embodiments, system300 (FIG. 3), system500 (FIG. 5), and/or system600 (FIG. 6) can be suitable to performmethod1100 and/or one or more of the activities ofmethod1100. In a number of embodiments, some or all of the activities ofmethod1100 can be similar or identical to one or more activities of method700 (FIG. 7),800 (FIG. 8),900 (FIG. 9), and/or1000 (FIG. 10).
• In many embodiments,method1100 can comprise anactivity1110 of receiving a request for a transfer from a selected payor account (e.g., payor account(s)621 (FIG. 6)) of a payor (e.g., payor650 (FIG. 6)) to a payee (e.g., payee670 (FIG. 6)).Activity1110 can be similar or identical to, or include similar or identical sub-activities of, activity710 (FIG. 7), activity910 (FIG. 9), and/or activity1010 (FIG. 10). In some embodiments, the payor can log into the payee system (e.g., payee system660 (FIG. 6)) before authorizing the transfer and causing the payee system to transmit the request. In similar or different embodiments, the payor can have no payor user account at the payee system or choose not to log in before checking out. The request can include or not include a transfer token that is associated with the payor and the payee.
• In a number of embodiments,method1100 further can include anactivity1120 of determining a fraud risk score for the transfer. The payee financial institution can be configured to determine a transfer decision for the transfer based at least in part on the fraud risk score and information about a payee account for the transfer. The payee account can be owned by the payee and maintained by the payee financial institution. Determining the fraud risk score can include: (a) analyzing a transfer history of the payee; and/or (b) determining the fraud risk score by using a first risk model.Activity1120 can be similar or identical to, or include similar or identical sub-activities of, activity760 (FIG. 7), activity960 (FIG. 9), and/or activity1040 (FIG. 10).
• In a number of embodiments,method1100 further can include anactivity1130 of transmitting, to a payee financial institution (e.g., payee financial institution system630 (FIG. 6)) for the payee (e.g., payee670 (FIG. 6)), the fraud risk score.Activity1130 can be similar or identical to, or include similar or identical sub-activities of, activity770 (FIG. 7), activity970 (FIG. 9), and/or activity1050 (FIG. 10). The payee financial institution further can be configured to determine the transfer decision based at least in part on a second risk model to determine a second fraud risk score, and the second risk model can be similar to or different than the first risk model.
• In a number of embodiments,method1100 further can include anactivity1140 of, when a transfer decision by the payee financial institution (e.g., payee financial institution system630 (FIG. 6)) comprises an approval of the transfer, facilitating the transfer from the selected payor account (e.g., payor account(s)621 (FIG. 6)) to the payee account (e.g., payee account631 (FIG. 6)).Activity1140 can be similar or identical to, or include similar or identical sub-activities of, activity780 (FIG. 7), activity980 (FIG. 9), and/or activity1060 (FIG. 10).
• In a number of embodiments,method1100 and/oractivity1140 further can include anactivity1141 of transmitting, to the payor financial institution, the fraud risk score for the payor financial institution to determine a second transfer decision. The payor financial institution can be further configured to determine the second transfer decision based at least in part on (a) a third risk model to determine a third fraud risk score; and/or (b) comparing a balance for the selected payor account with a transfer amount for the transfer.
• In a number of embodiments,method1100 and/oractivity1140 further can include an activity1142 of sending transfer information to a payor financial institution (e.g., payor financial institution system620 (FIG. 6)) to cause the payor financial institution to send a request for payment through a real-time settlement network to the payee financial institution (e.g., payee financial institution system630 (FIG. 6)) to authorize a real-time credit transfer from the selected payor account (e.g., payor account(s)621 (FIG. 6)) to the payee account (e.g., payee account631 (FIG. 6)). The real-time credit transfer can be settled in real-time through the real-time settlement network. The transfer information can include information to identify the payee financial institution and the payee account to the real-time settlement network. The transfer information further can include the fraud risk score. In some embodiments, the transfer information does not include any account number of the payee account.
• In many embodiments,method1100 further can include one or more additional activities. For example,method1100 can include facilitating an authorization for the payor to authorize the payor financial institution to grant an access code.Method1100 further can include requesting, from the payor financial institution, one or more eligible payor accounts owed by the payor and maintained by the payor financial institution.Method1100 also can include causing a payor device of the payor to display the one or more eligible payor accounts for the payor to determine the selected payor account from among the one or more eligible payor accounts for the transfer.
• In some embodiments, the one or more additional activities can include token-based authorization (see, e.g.,activity810,820,830,840, and/or850 (FIG. 8)). For example,method1100 further can include obtaining, validating, and/or renewing an access token and/or a refresh token, and/or determining whether the access token and/or the refresh token are expired.
• Turning ahead in the drawings,FIG. 12 illustrates a flow chart for amethod1200, according to an embodiment.Method1200 is merely exemplary and is not limited to the embodiments presented herein.Method1200 can be employed in many different embodiments or examples not specifically depicted or described herein. In some embodiments, the activities ofmethod1200 can be performed in the order presented. In other embodiments, the activities ofmethod1200 can be performed in any suitable order. In still other embodiments, one or more of the activities ofmethod1200 can be combined or skipped. In many embodiments, system300 (FIG. 3), system500 (FIG. 5), and/or system600 (FIG. 6) can be suitable to performmethod1200 and/or one or more of the activities ofmethod1200. In a number of embodiments, some or all of the activities ofmethod1200 can be similar or identical to one or more activities of method700 (FIG. 7),800 (FIG. 8),900 (FIG. 9),1000 (FIG. 10), and/or1100 (FIG. 11).
• In many embodiments,method1200 can comprise anactivity1210 of receiving, from a payee system (e.g., payee system660 (FIG. 6)) for a payee (e.g., payee670 (FIG. 6)), a request for a transfer from a payor (e.g., payor650 (FIG. 6)) to the payee. The request can be sent by the payee without the payor selecting to use the system for the transfer. The payor can be associated with a payor user profile of the payee system. The request can include a transfer token associated with the payor and the payee.
• In a number of embodiments,method1200 further can include anactivity1220 of retrieving transfer data based on the transfer token. The transfer data can be associated with the transfer token, a payor financial institution for the payor, and a selected payor account owned by the payor and maintained by the payor financial institution. The transfer data can include an access token for the payor financial institution and the payor. In some embodiments,method1200 also can include determining the payor financial institution based on the transfer token.
• In a number of embodiments,method1200 further can include anactivity1230 of determining a fraud risk score for the transfer.Activity1230 further can include anactivity1231 of analyzing a transfer history of the payee.Activity1230 can be similar or identical to, or include similar or identical sub-activities of, activity760 (FIG. 7), activity960 (FIG. 9), activity1040 (FIG. 10), and/or activity1120 (FIG. 11).
• In a number of embodiments,method1200 further can include anactivity1240 of transmitting, to a payee financial institution (e.g., payee financial institution system630 (FIG. 6)) for the payee (e.g., payee670 (FIG. 6)), the fraud risk score. The payee financial institution can be configured to determine a transfer decision for the transfer based at least in part on the fraud risk score and information about a payee account for the transfer. The payee account can be owned by the payee and maintained by the payee financial institution.Activity1240 can be similar or identical to, or include similar or identical sub-activities of, activity770 (FIG. 7), activity970 (FIG. 9), activity1050 (FIG. 10), and/or activity1130 (FIG. 11).
• In a number of embodiments,method1200 further can include anactivity1250 of, when the transfer decision comprises an approval of the transfer by the payee financial institution, facilitating the transfer from the selected payor account to the payee account.Activity1250 can be similar or identical to, or include similar or identical sub-activities of, activity780 (FIG. 7), activity980 (FIG. 9), activity1060 (FIG. 10), and/or1140 (FIG. 11).
• In many of embodiments,method1200 further can include one or more additional activities. In some embodiments, the one or more additional activities can include token-based authorization (see, e.g.,activity810,820,830,840, and/or850 (FIG. 8)). For example,method1100 further can include obtaining, validating, and/or renewing an access token and/or a refresh token, and/or determining whether the access token and/or the refresh token are expired.
• In many embodiments, the techniques described herein can provide a practical application and several technological improvements. In some embodiments, the techniques described herein can provide for secure real-time electronic transfer. In several embodiments, the techniques described herein can provide for electronic billing with real-time payment settlement. In a number of embodiments, the techniques described herein can provide for electronic billing with one or more fraud detection processes. These techniques described herein can provide a significant improvement over conventional approaches of electronic transfers, such as credit and/or debit card payments.
• In a number of embodiments, the techniques described herein can solve a technical problem that arises only within the realm of computer networks, as electronic transfers do not exist outside of computer networks.
• In many embodiments, the techniques described herein can be used continuously at a scale that cannot be handled using manual techniques. For example, the techniques can be applied to millions of transactions daily.
• In a number of embodiments, the techniques described herein can solve a technical problem that arises only within the realm of computer networks, as online payment does not exist outside the realm of computer networks. Moreover, the techniques described herein can solve a technical problem that cannot be solved outside the context of computer networks. Specifically, the techniques described herein cannot be used outside the context of computer networks, in view of a lack of ability to settle funds in real-time.
• Although systems and methods for secure electronic transfers have been described with reference to specific embodiments, it will be understood by those skilled in the art that various changes may be made without departing from the spirit or scope of the disclosure. Accordingly, the disclosure of embodiments is intended to be illustrative of the scope of the disclosure and is not intended to be limiting. It is intended that the scope of the disclosure shall be limited only to the extent required by the appended claims. For example, to one of ordinary skill in the art, it will be readily apparent that any element ofFIGS. 1-12 may be modified, and that the foregoing discussion of certain of these embodiments does not necessarily represent a complete description of all possible embodiments. For example, one or more of the procedures, processes, or activities ofFIGS. 4 and 7-12 may include different procedures, processes, and/or activities and be performed by many different modules, in many different orders.
• All elements claimed in any particular claim are essential to the embodiment claimed in that particular claim. Consequently, replacement of one or more claimed elements constitutes reconstruction and not repair. Additionally, benefits, other advantages, and solutions to problems have been described with regard to specific embodiments. The benefits, advantages, solutions to problems, and any element or elements that may cause any benefit, advantage, or solution to occur or become more pronounced, however, are not to be construed as critical, required, or essential features or elements of any or all of the claims, unless such benefits, advantages, solutions, or elements are stated in such claim.
• Moreover, embodiments and limitations disclosed herein are not dedicated to the public under the doctrine of dedication if the embodiments and/or limitations: (1) are not expressly claimed in the claims; and (2) are or are potentially equivalents of express elements and/or limitations in the claims under the doctrine of equivalents.

Claims (20)

What is claimed is:

1. A system comprising:

one or more processors; and

one or more non-transitory computer-readable media storing computing instructions that, when executed on the one or more processors, perform:

receiving, from a payee system for a payee, a request for a transfer from a payor to the payee, wherein the payor is associated with a payor user profile of the payee system;

causing a payor device for the payor to display an authorization user interface for the payor to authorize a payor financial institution to grant an access code to the system;

requesting, from the payor financial institution, one or more eligible payor accounts owned by the payor and maintained by the payor financial institution;

causing the payor device to display the one or more eligible payor accounts for the payor to determine a selected payor account of the one or more eligible payor accounts for the transfer;

determining a fraud risk score for the transfer;

transmitting, to a payee financial institution for the payee, the fraud risk score, wherein:

the payee financial institution is configured to determine a transfer decision for the transfer based at least in part on the fraud risk score and information about a payee account for the transfer; and

the payee account is owned by the payee and maintained by the payee financial institution;

when the transfer decision comprises an approval of the transfer by the payee financial institution, facilitating the transfer from the selected payor account to the payee account;

generating a transfer token associated with the payor and the payee;

storing transfer data for the transfer, the transfer data being associated with the transfer token; and

transmitting the transfer token to the payee system, wherein the payee system stores the transfer token with the payor user profile.

2. The system ofclaim 1, wherein the computing instructions, when executed on the one or more processors, are further configured to perform:

causing the payor device to display a plurality of candidate financial institutions for the payor to determine the payor financial institution of the plurality of candidate financial institutions for the transfer.

3. The system ofclaim 1, wherein determining the fraud risk score for the transfer comprises:

analyzing a transfer history of the payee.

4. The system ofclaim 1, wherein the computing instructions, when executed on the one or more processors, are further configured to perform:

validating that the access code is authentic.

5. The system ofclaim 1, wherein:

determining the fraud risk score further comprises:

determining the fraud risk score by using a first risk model; and

the payee financial institution is further configured to determine the transfer decision based at least in part on a second risk model to determine a second fraud risk score.

6. The system ofclaim 1, wherein facilitating the transfer from the selected payor account to the payee account further comprises:

transmitting, to the payor financial institution, the fraud risk score for the payor financial institution to determine a second transfer decision based at least in part on the fraud risk score.

7. The system ofclaim 6, wherein:

determining the fraud risk score further comprises:

determining the fraud risk score by using a first risk model; and

the payor financial institution is further configured to determine the second transfer decision based at least in part on a third risk model to determine a third fraud risk score.

8. The system ofclaim 6, wherein:

the payor financial institution is further configured to determine the second transfer decision based at least in part on comparing a balance for the selected payor account with a transfer amount for the transfer.

9. The system ofclaim 1, wherein the authorization user interface is further configured to allow the payor to log into a payor user account at the payor financial institution, the payor user account being associated with the one or more eligible payor accounts.

10. The system ofclaim 1, wherein:

requesting the one or more eligible payor accounts further comprises one or more of:

obtaining, from the payor financial institution, an access token associated with the payor;

obtaining, from the payor financial institution, a refresh token associated with the access token;

when the refresh token is valid, requesting the payor financial institution to renew the access token; or

when the refresh token and the access token expire, causing the payor device for the payor to display the authorization user interface for the payor to authorize the payor financial institution to renew the access token and the refresh token; and

the transfer data further comprises the access token or the refresh token.

11. A method implemented via execution of computing instructions configured to run at one or more processors and configured to be stored at non-transitory computer-readable media, the method comprising:

receiving, from a payee system for a payee, a request for a transfer from a payor to the payee, wherein the payor is associated with a payor user profile of the payee system;

causing a payor device for the payor to display an authorization user interface for the payor to authorize a payor financial institution to grant an access code to the one or more processors;

requesting, from the payor financial institution, one or more eligible payor accounts owned by the payor and maintained by the payor financial institution;

causing the payor device to display the one or more eligible payor accounts for the payor to determine a selected payor account of the one or more eligible payor accounts for the transfer;

determining a fraud risk score for the transfer;

transmitting, to a payee financial institution for the payee, the fraud risk score, wherein:

the payee financial institution is configured to determine a transfer decision for the transfer based at least in part on the fraud risk score and information about a payee account for the transfer; and

the payee account is owned by the payee and maintained by the payee financial institution;

when the transfer decision comprises an approval of the transfer by the payee financial institution, facilitating the transfer from the selected payor account to the payee account;

generating a transfer token associated with the payor and the payee;

storing transfer data for the transfer, the transfer data being associated with the transfer token; and

transmitting the transfer token to the payee system, wherein the payee system stores the transfer token with the payor user profile.

12. The method ofclaim 11 further comprising:

causing the payor device to display a plurality of candidate financial institutions for the payor to determine the payor financial institution of the plurality of candidate financial institutions for the transfer.

13. The method ofclaim 11, wherein determining the fraud risk score for the transfer comprises:

analyzing a transfer history of the payee.

14. The method ofclaim 11 further comprising:

validating that the access code is authentic.

15. The method ofclaim 11, wherein:

determining the fraud risk score further comprises:

determining the fraud risk score by using a first risk model; and

the payee financial institution is further configured to determine the transfer decision based at least in part on a second risk model to determine a second fraud risk score.

16. The method ofclaim 11, wherein facilitating the transfer from the selected payor account to the payee account further comprises:

transmitting, to the payor financial institution, the fraud risk score for the payor financial institution to determine a second transfer decision based at least in part on the fraud risk score.

17. The method ofclaim 16, wherein:

determining the fraud risk score further comprises:

determining the fraud risk score by using a first risk model; and

the payor financial institution is further configured to determine the second transfer decision based at least in part on a third risk model to determine a third fraud risk score.

18. The method ofclaim 16, wherein:

the payor financial institution is further configured to determine the second transfer decision based at least in part on comparing a balance for the selected payor account with a transfer amount for the transfer.

19. The method ofclaim 11, wherein the authorization user interface is further configured to allow the payor to log into a payor user account at the payor financial institution, the payor user account being associated with the one or more eligible payor accounts.

20. The method ofclaim 11, wherein:

requesting the one or more eligible payor accounts further comprises one or more of:

obtaining, from the payor financial institution, an access token associated with the payor;

obtaining, from the payor financial institution, a refresh token associated with the access token;

when the refresh token is valid, requesting the payor financial institution to renew the access token; or

when the refresh token and the access token expire, causing the payor device for the payor to display the authorization user interface for the payor to authorize the payor financial institution to renew the access token and the refresh token; and

the transfer data further comprises the access token or the refresh token.

Images