Abstract: A server comprises a communications module, a processor coupled to the communications module, and a memory coupled to the processor, the memory storing processor-executable instructions which, when executed, configure the processor to receive, via the communications module and from a monitoring application installed on a remote computing device, on-device application data, generate a risk profile for a user based at least on the on-device application data, configure a data sharing configuration option for sharing data associated with the user based on the risk profile for the user, and share the data based on the data sharing configuration option.

Abstract: There is provided a system and method to direct processing of orders to improve processing resource usage. QOS statistics relative to wait times and/or processing times or other measures of busyness may be maintained relative to physical office or branch locations where customers attend to have orders processed. QOS measures may be defined relative to these statistical measures of busyness that predict future busyness at respective locations. The QOS measures may be provided to a customer, such as in association with an order ahead application, to recommend to the customer to attend at a location that is less busy thereby distributing processing requests (orders) to less busy locations and better utilize resources.

Abstract: A processor-implemented method is disclosed. The method includes: launching, in an automated test environment, a test instance of a first application; determining a data access pattern for the first application of accessing the protected data resource based on detecting data retrieval operations of the test instance and determining application states of the first application associated with the detected data retrieval operations; and providing the data access pattern for the first application on a client device.

Abstract: The disclosed exemplary embodiments include computer-implemented systems, apparatuses, and processes that dynamically implement and manage hash-based consent and permissioning protocols. By way of example, an apparatus may obtain consent data that identifies one or more elements of data accessible to an application program executed by a device. The apparatus may generate a consent document for the application program based on at least a portion of the consent data, and may compute a consent hash value representative of the consent document. The apparatus may also generate and transmit permissioning data that includes at least the consent hash value to the device. The permissioning data may, for example, include information that instructs the executed application program to store the consent hash value within a local memory of the device and to associate the consent hash value with an access token of the executed application program.

Abstract: The disclosed embodiments include processes that manage a cryptographically secure generation and exchange of data between network-connected systems operating within a computing environment using a permissioned distributed ledger. For example, and based on secure interaction with a distributed smart contract maintained within ledger blocks of the permissioned distributed ledger, an apparatus and a counterparty system may generate local symmetric encryption keys that facilitate a secure communication session between the apparatus and the counterparty system. Using the symmetric encryption key, the apparatus may generate a cryptographically secure representation of generated or obtained data, which may be transmitted to the counterparty system across the secure communications channel.

Abstract: A method for evaluating security of third-party application is disclosed. The method includes: launching, in an automated test environment, a test instance of a first application; detecting at least one data retrieval operation by the first application of retrieving data from a protected data resource; for each of the at least one data retrieval operation, identifying an application state of the first application at a time of detecting the at least one data retrieval operation; determining a data access pattern for the first application of accessing the protected data resource based on the at least one data retrieval operation and application states of the first application associated with the at least one data retrieval operation; and presenting the data access pattern for the first application on a client device associated with a user.

Abstract: The disclosed exemplary embodiments include computer-implemented systems, apparatuses, and processes that dynamically manage consent, permissioning, and trust between computing systems and unrelated, third-party applications operating within a computing environment. By way of example, the apparatus may receive a request for an element of data that includes an access token and first credential data associated with an application program. When the first credential data corresponds to second credential data associated with the application program, may determine that the requested data element is accessible to the application program and perform operations that validate the access token. Further, and based on the validation of the access token, that apparatus may obtain and encrypt the requested data element, and may transmit the encrypted data element to a device via the communications interface.

Abstract: The disclosed exemplary embodiments include computer-implemented systems, apparatuses, and processes that dynamically implement and manage hash-based consent and permissioning protocols. By way of example, an apparatus may obtain consent data that identifies one or more elements of data accessible to an application program executed by a device. The apparatus may generate a consent document for the application program based on at least a portion of the consent data, and may compute a consent hash value representative of the consent document. The apparatus may also generate and transmit permissioning data that includes at least the consent hash value to the device. The permissioning data may, for example, include information that instructs the executed application program to store the consent hash value within a local memory of the device and to associate the consent hash value with an access token of the executed application program.

Abstract: A computer system for selectively enabling a data transfer method is disclosed. The computer system includes a processor, a communications module, and a memory. The memory stores instructions that, when executed by the processor, cause the computer system to: receive a signal from a remote electronic device via a network using the communications module, the received signal representing information including a context for a transfer of value between a database record associated with a data sender and a database record associated with a data receiver, the context including an identifier for the data receiver; obtain a condition to be satisfied in performing the transfer of value based on the identifier for the data receiver; determine that the condition is satisfied by performing the transfer of value using a particular data transfer method; and enable the transfer of value using the particular data transfer method.

Abstract: In an aspect a computer implemented method includes: obtaining apportionment data for a transfer, the apportionment data defining a plurality of parts of the transfer; and processing the transfer in accordance with the apportionment data, by: processing a pre-authorization for a total amount of the transfer using a first token; after processing the pre-authorization for the total amount of the transfer using the first token, processing one or more of the parts using associated tokens; and completing the transfer by processing a completion of the pre-authorization for an outstanding portion of the transfer, the outstanding portion of the transfer determined by adjusting the total amount of the transfer to account for any processed parts.

Abstract: A method may include: causing a point-of-sale terminal processing a transaction to display a machine-readable code, the machine-readable code encoding a web address; receiving a request from a device that scanned the machine-readable code, the request received at the web address; in response to receiving the request, causing the device that scanned the machine-readable code to output an interface; receiving, through the interface, an input of an indication to separate the transaction into multiple transaction parts and one or more parameters indicating how the transaction is to be separated; and sending, to the point-of-sale terminal, a message that configures the point-of-sale terminal to separate the transaction in accordance with the one or more parameters.

Abstract: In an aspect a computer-implemented method is described. The method may include: causing a point-of-sale terminal processing a transaction to display a machine-readable code, the machine-readable code encoding a web address; receiving a request from a device that scanned the machine-readable code, the request received at the web address and the request including data; determining, based on data encoded in the machine-readable code and data included in the request, that the transaction may be processed using a value-added service; and in response to determining that the transaction may be processed using the value-added service, enabling completion of the transaction using the value-added service.

Abstract: A server comprises a communications module; a processor coupled to the communications module; and a memory coupled to the processor, the memory storing processor-executable instructions which, when executed, configure the processor to receive, via the communications module and from a remote computing device, user input indicating a response to one or more prompts; generate an aspirational profile for a user based at least on the received user input; receive, via the communications module and from a monitoring application installed on the remote computing device, monitoring data; generate a behavior profile for the user based at least on the monitoring data; and when the behavior profile is misaligned with the aspirational profile, send, via the communications module and to the remote computing device, a notification indicating that the behavior profile is misaligned with the aspirational profile.

Abstract: The disclosed exemplary embodiments include computer-implemented systems, apparatuses, and processes that dynamically manage consent, permissioning, and trust between computing systems and unrelated, third-party applications operating within a computing environment. By way of example, the apparatus may receive a request for an element of data that includes an access token and first credential data associated with an application program. When the first credential data corresponds to second credential data associated with the application program, may determine that the requested data element is accessible to the application program and perform operations that validate the access token. Further, and based on the validation of the access token, that apparatus may obtain and encrypt the requested data element, and may transmit the encrypted data element to a device via the communications interface.

Abstract: The disclosed exemplary embodiments include computer-implemented systems, apparatuses, and processes that dynamically manage consent, permissioning, and trust between computing systems that maintain confidential data and unrelated third-party applications. By way of example, an apparatus may obtain interaction data that identifies an interaction between an application program executed at a first computing system and a programmatic interface of a second computing system. Based on the interaction data, the apparatus may generate outcome data characterizing a probability that the requested access to the data element is inconsistent with an access permission granted to the executed application program, and may modify the access permission in accordance with the outcome data. The apparatus may also perform that generate permissioning data indicative of the modified access permission and that store the permissioning data within a locally accessible or cloud-based repository.

Abstract: In an aspect, the present application may describe a method that comprises monitoring a risk parameter associated with a third party server to detect a change in the risk parameter, and responsive to detecting the change in the risk parameter, sending, to a remote computing device and via the communications module, a notification that includes a first selectable option to modify data sharing associated with the third party server and a second selectable option to replace the third party server with an alternative third party server.

Abstract: A method for evaluating security of third-party application is disclosed. The method includes: receiving, from a first application, a request to obtain first account data for a user account associated with a protected data resource; generating fake data for at least a portion of the requested first account data; providing, to the first application, a first data set in response to the request, the first data set including at least the generated fake data; monitoring use of the first data set by the first application; detecting a trigger condition indicating misuse of account data based on monitoring use of the first data set by the first application; in response to detecting the trigger condition, generating a notification identifying the misuse of account data; and transmitting the notification to a computing device associated with an application user.

Abstract: A computer server includes a processor that is configured to receive an incoming authorization request that includes an original numeric value and an identification number, and locate a profile that is associated with the identification number. The located profile includes at least one adjustment criterion. The processor is configured to determine a primary numeric value and a secondary numeric value from the original numeric value and the adjustment criterion, confirm that the secondary numeric value is not greater than a balance value in a loyalty points account associated with the identification number, and reduce the balance value in the loyalty points account by the secondary numeric value. The processor is configured to, after confirming the secondary numeric value, generate a revised authorization request and transmit the revised authorization request to an authorization server. The revised authorization request includes the identification number and the primary numeric value.

Abstract: The disclosed exemplary embodiments include computer-implemented systems, apparatuses, and processes that dynamically manage consent, permissioning, and trust between computing systems that maintain confidential data and unrelated third-party applications. By way of example, an apparatus may obtain interaction data that identifies an interaction between an application program executed at a first computing system and a programmatic interface of a second computing system. Based on the interaction data, the apparatus may generate outcome data characterizing a probability that the requested access to the data element is inconsistent with an access permission granted to the executed application program, and may modify the access permission in accordance with the outcome data. The apparatus may also perform that generate permissioning data indicative of the modified access permission and that store the permissioning data within a locally accessible or cloud-based repository.

Abstract: In some implementations, a method of providing contactless payments at a point of sale terminal includes: causing a point-of-sale terminal processing a transaction to display a machine-readable code, the machine-readable code encoding a web address; receiving a request from a device that scanned the machine-readable code, the request received at the web address; in response to receiving the request, causing the device that scanned the machine-readable code to output an interface that includes a prompt for input required to complete the transaction; receiving a response to the prompt; and sending an indication of the response to the prompt to the point-of-sale terminal to allow for completion of the transaction based on the response at the point-of-sale terminal through use of a physical token at the point-of-sale terminal.