Abstract: Disclosed herein are systems and methods for a system for authorizing proxy number token requests. The system may comprise a memory storing instructions and at least one processor configured to execute instructions to perform operations. These operations may comprise receiving a first request to use a proxy number token to complete a first action associated with a first entity; authorizing the first request; receiving a second request to use the proxy number token to complete a second action associated with a second entity; determining a modifiable relationship data binding associated with the first and second entities, the modifiable relationship data binding comprising multiple parameters; determining that the second request satisfies the parameters; and authorizing the second request based on a determination that the second request satisfies the parameters.

Abstract: A system may receive, via a web browser plugin on a user device, a first timestamp associated with first click data at a website associated with a merchant, a referring uniform resource location (URL), a current URL, and first user identification data. The system may also receive transaction data including a second timestamp, second user identification data, and a first merchant name associated with a transaction with the merchant. The system may determine whether the first timestamp is within a predetermined period of the second timestamp and determine whether the first user identification data corresponds with the second user identification data. When the system determines that the first timestamp is within the predetermined period of the second timestamp and the first user identification data corresponds with the second user identification data, the system may store the referring URL and the current URL with the first merchant name in a database.

Abstract: In some implementations, a device may obtain first location data associated with one or more exchanges, where the first location data is associated with a first level of granularity. The device may determine second location data associated with the one or more exchanges based on records associated with the one or more exchanges, where the second location data is associated with a second level of granularity that is higher than the first level of granularity. The device may detect an authentication event associated with an access attempt to the account. The device may provide, based on detecting the authentication event, one or more authentication queries that are based on the second location data. The device may authenticate the access attempt to the account based on one or more responses to the one or more authentication queries.

Abstract: In some implementations, a credential system may create a virtual credential bound to a physical location associated with a transacting entity based on a request from a user device. The credential system may send information to a transaction terminal at the physical location bound to the virtual credential to register the virtual credential and identify a user that owns an account associated with the virtual credential. The credential system may provide, to the user device, tokenized information related to the virtual credential. The credential system may receive the tokenized information from a transaction terminal requesting authorization for the transaction. The credential system may send, to the transaction terminal requesting the authorization for the transaction, an authorization decision associated with the transaction based on whether the transaction terminal is present at the physical location bound to the virtual credential.

Abstract: Systems and methods for adaptive token verification are disclosed. For example, a system may include at least one memory storing instructions and one or more processors configured to execute the instructions to perform operations. The operations may include training a verification model to verify tokenized requests based on system identifiers. The operations may include receiving a tokenized request from an external system, the request comprising a system identifier of the external system. The operations may include generating output of the verification model based on the system identifier, and, based on the output, performing one of granting the request or blocking the request.

Abstract: Disclosed embodiments may include a system for detecting fraudulent activity. The system may determine that a user has navigated to a website associated with an entity, and may receive click data associated with the website. The system may receive a request to complete a transaction, and may retrieve transaction data associated with the transaction. The system may determine a probability of fraud associated with the entity, and may determine whether the probability exceeds a predetermined threshold. Responsive to determining the probability exceeds the predetermined threshold, the system may transmit a notification comprising selectable user input object(s) to the user device, and may cause the user device to display the notification via a GUI. Responsive to receiving a first selection of a first user input object of the selectable user input object(s), the system may decline the transaction and update the GUI to indicate the transaction is declined.

Abstract: In some implementations, an authorization device generate a decision to reject an authorization request that includes a credential associated with a user based on one or more inconsistencies between entity information provided in the authorization request and authorized entity information associated with the credential. The authorization device may transmit, to a biometric-enabled device associated with the user, a message that causes the biometric-enabled device to display a prompt indicating the one or more inconsistencies between the entity information provided in the authorization request and the authorized entity information associated with the credential. In some implementations, the prompt may further enable the user to provide a biometric input to authorize the entity information provided in the authorization request.

Abstract: A system may receive, via a web browser plugin on a user device, a first timestamp associated with first click data at a website associated with a merchant, a referring uniform resource location (URL), a current URL, and first user identification data. The system may also receive transaction data including a second timestamp, second user identification data, and a first merchant name associated with a transaction with the merchant. The system may determine whether the first timestamp is within a predetermined period of the second timestamp and determine whether the first user identification data corresponds with the second user identification data. When the system determines that the first timestamp is within the predetermined period of the second timestamp and the first user identification data corresponds with the second user identification data, the system may store the referring URL and the current URL with the first merchant name in a database.

Abstract: In some embodiments, an item-restricted access token may be bound to one or more items. In some embodiments, a first item that is accessible via a first website accessed by a user may be detected. Based on the detection and an authentication of a user, an item-restricted access token may be activated for accessing an item that corresponds to the first item. After the activation of the item-restricted token, a request may be obtained for an action related to a candidate item. The action related to the candidate item may be validated based on the item-restricted access token, where the validation indicates that the action related to the candidate item is valid based on a determination that the candidate item corresponds to the first item.

Abstract: In some embodiments, validation of a network operation based on screenshot-derived uniform resource locator (URL) data may be facilitated. In some embodiments, in connection with use by a user of a first token associated with a first entity, user activity data associated with the user may be stored in a database in association with the first token. In some embodiments, the first user activity data may comprise first URL data and first timestamps associated with the first URL data. After the storage of the first user activity data, a first action request for a first action involving use of the first token may be obtained. A validation process may be performed on the first action by performing a first query of the database for user activity data based on the first action request.

Abstract: Systems and methods for adaptive token verification are disclosed. For example, a system may include at least one memory storing instructions and one or more processors configured to execute the instructions to perform operations. The operations may include training a verification model to verify tokenized requests based on system identifiers. The operations may include receiving a tokenized request from an external system, the request comprising a system identifier of the external system. The operations may include generating output of the verification model based on the system identifier, and, based on the output, performing one of granting the request or blocking the request.

Abstract: A method, system and computer program product for generating and managing a time-bound virtual payment card are disclosed. A primary account holder requests a virtual payment card linked to their account to share spending with a third party while maintaining the security of their account. In the request, the account holder specifies a recipient and conditions for use of the virtual payment card including recurring temporal parameters. A service managed by the card issuing financial institution receives the request and generates a virtual card configured to the parameters specified. Thereafter, the service sends the virtual card to the specified recipient. After activating the virtual payment card, the recipient attempts a purchase at a merchant. Upon checkout, the service receives a request from the merchant and based on the transaction information in the request, determines whether the transaction meets the conditions for use and approves or denies the transaction accordingly.

Abstract: In some embodiments, Uniform Resource Locator (URL) parameters may be used to bind access tokens to authorize web-browser-initiated network operations. In some embodiments, a user input at a data exchange gateway associated with a first website to perform a first network operation (e.g., a request to access resources associated with the first website) may be detected. In response to the detected user input, an access token may be generated based on user specific information associated with the user, where the access token is associated with one or more network operation parameters. In response to a use of the access token for authorizing the first network operation and successful authorization of the first network operation, the access token may be configured to be bound to a first URL identifier parameter associated with the first website.

Abstract: In some implementations, an authentication device may receive information related to website browsing activity at a client device. The information related to the website browsing activity may include information associated with a web address for a current website where information associated with a virtual credential was entered. The authentication device may identify one or more valid web addresses associated with the virtual credential, which may be valid only for an entity associated with the one or more valid web addresses. The authentication device may transmit, to the client device, information to indicate whether the website browsing activity is authenticated based on a comparison of the web address for the current website where the information associated with the virtual credential was entered and the one or more valid web addresses associated with the virtual credential.

Abstract: In some implementations, a device may receive, from one or more data sources, information indicating a plurality of data sets, where the plurality of data sets indicate information associated with respective physical locations or online locations. The device may identify a data set, from the plurality of data sets, that indicates information associated with an online location, where the information includes at least one of an entity name, an address, a phone number, a uniform resource locator, an entity identifier, or metadata. The device may parse the data set to identify information for a set of features. The device may analyze the information for the set of features to determine a brand associated with the online location. The device may pair the online location with the brand in the database such that the online location is linked with a first physical location of the brand in the database.

Abstract: In some embodiments, Uniform Resource Locator (URL) parameters may be used to bind access tokens to authorize web-browser-initiated network operations. In some embodiments, a user input at a data exchange gateway associated with a first website to perform a first network operation (e.g., a request to access resources associated with the first website) may be detected. In response to the detected user input, an access token may be generated based on user specific information associated with the user, where the access token is associated with one or more network operation parameters. In response to a use of the access token for authorizing the first network operation and successful authorization of the first network operation, the access token may be configured to be bound to a first URL identifier parameter associated with the first website.

Abstract: In certain embodiments, location-based activation of card identifiers may be facilitated. In some embodiments, an electrophoretic display card may store a set of location-specific card identifiers, where each card identifier of the set is associated with (i) an account of a user and (ii) creation location information indicating a device location of the user at a creation time of the card identifier. In response to being powered by a user device, the card may initiate wireless communication with the user device. The card may determine a device location of the user device, select a card identifier from the set of card identifiers that matches the device location, and switch a state of the card identifier to an active state to enable transaction processing for the card identifier. In some embodiments, the card may cause the active card identifier to be presented on an electrophoretic display of the card.

Abstract: Methods and systems describe linking mobile applications to website providers using an intermediary database that is populated based on mobile application metadata in order to provide secure communication of user data encrypted specifically for given website providers. The methods and systems accomplish this by receiving, at an intermediary database, a first communication from a background application implemented on a mobile device, wherein the first communication comprises a first access point address and is generated based on a request, by a first access point, for first user information for use by a first provider, wherein the first provider provides the first access point. However, as opposed to simply generating a random alternative content for the first communication, the system performs an additional step to ensure that the alternative content is specific to the provider and may be used across all access points for the provider.

Abstract: The disclosed embodiments provide systems and methods for providing real-time warnings to merchants for data breaches. For example, the system may include one or more memory devices storing instructions and one or more processors configured to perform operations consistent with this disclosure. The operations may include collecting and storing transaction authorization requests from one or more merchants. The transaction authorization requests may include a virtual account number associated with an account, the virtual account number being previously bound to a merchant and reusable only for the bound merchant. The operations may further include detecting an event at the bound merchant based on, for example, a transaction authorization request having a mismatch between a transacting merchant and the bound merchant. The operations my further include communicating notification of the event through a communication interface with the bound merchant.

Abstract: Aspects provided may allow for the determination that a consumer has changed an address based on the consumer's online transactions. By obtaining corresponding data for a consumer for each online transaction and providing location data to a machine-learning model, which is configured to evaluate the likelihood that a consumer has changed addresses based on location data records associated with consumer online activity, the model may generate a prediction that a consumer has changed their address. Based on this prediction, a change of address process for the consumer may be initiated. Further aspects provide methods of obtaining the location information, methods of generating supplemental location data based on a consumer's in-person transactions, and training a machine-learning model.