Abstract: A processor-implemented method is disclosed. The method includes: obtaining account data for a first resource account; determining candidate values for at least one account attribute based on the account data for the first resource account; determining, for each candidate value, a numerical indicator representing a degree of truth of the at least one account attribute having the candidate value; selectively identifying services associated with the first resource account based on the numerical indicators; and generating notifications of the identified services for presenting to an accountholder of the first resource account.

Abstract: A computer system and method for managing a data request interface. The system includes a memory associated with the data request interface and coupled to a processor. The memory includes processor-executable instructions of the method for managing the data request interface. The method includes: receiving, from a first client device, a first signal including a primary authorization credential associated with a data record and a second signal including a request to generate an alternate authorization credential for use by a software module. The alternate authorization credential is associated with data retrieval constraints. The method includes generating the alternate authorization credential and configuring the data request interface to impose the data retrieval constraints for constraining data operations on the data record upon receipt of the alternate authorization credential.

Abstract: The present disclosure involves systems, software, and computer implemented methods for providing user interface (UI)-based modifications to adjust and interact with data exchange splits. An example client device can include can identify a data exchange (DE) associated with at least three entities, the DE associated with a total value. A visualization representing the DE can be presented via a UI and can include a chart comprising the total value of the DE exchange divided into value areas that are each associated with a particular entity. In response to a detection of input associated with a selection of an edge between a first and second value area, the combined value area associated with the first and second value areas can be locked. In response to detected movement input associated with the edge, the relative values of the first and second inside the combined value area can be adjusted in the visualization.

Abstract: The disclosed exemplary embodiments include computer-implemented systems, apparatuses, and processes that monitor and reconcile indirectly initiated exchanges of data between network-connected devices and computing systems using a permissioned distributed ledger. For example, an apparatus may obtain and transmit first transaction information characterizing a data exchange to a first computing system. The first computing system may submit a portion of the first transaction information to a second computing system through a programmatic interface inaccessible to the apparatus, and the second computing system may execute the data exchange in accordance with at least the portion of the first transaction information.

Abstract: An electronic device is disclosed. The electronic device includes a memory, a camera module, a communications module, and a processor that is configured to: receive, from the camera module, image data associated with a machine-readable optical label, the optical label encoding transaction details of a transfer of data to a recipient account, wherein the transaction details do not indicate an identity of the recipient account; receive a user input indicating authorization to initiate a transfer of data, via a protected resource, from an account associated with the user to the recipient account; and in response to receiving the user input, generate a request for initiating the transfer of data based on the transaction details, the request including an access token for use in authenticating the user on requests to access the protected resource.

Abstract: A computing system, comprises a processor; a communications module coupled to the processor; and a memory coupled to the processor, the memory storing instructions that, when executed, configure the processor to authenticate a session associated with a data record; receive, via the communications module and from a server, a first message object; analyze metadata of the first message object to identify one or more display rules associated with the first message object; determine, based on one or more elements displayed on a user interface associated with the authenticated session, that the one or more elements satisfy the one or more display rules; and responsive to determining that the one or more elements satisfy the one or more display rules, display the first message object on the user interface associated with the authenticated session.

Abstract: The disclosed exemplary embodiments include computer-implemented systems, apparatuses, and processes that manage cryptographically secure exchanges of data using a permissioned distributed ledger. For example, an apparatus may obtain parameter data and additional content associated with a data exchange. The apparatus may generate first data that includes at least a portion of the additional content accessible to a first computing system, and may generate second data that includes at least a portion of the parameter data. The apparatus may provide the first data to a peer computing system, which records encrypted information associated with the first data within an element of a distributed ledger accessible at the first computing system. The apparatus may also provide the second data to a second computing system, which executes the data exchange in accordance with at least the portion of the parameter data.

Abstract: A system, device and method for enforcing privacy during a communication session with a voice assistant are disclosed. In response to a determination that an environment of a first voice assistant device is not private, a first secure communication session between the first voice assistant device and an application server is suspended. In response a determination that one or more other voice assistant devices have been authorized for communication with the application server is made and input to transfer the first secure communication session, a second secure communication session between a second voice assistant device and the application server is initiated. The first secure communication session between the first voice assistant device and the application server is terminated in response to successful initiation of the second secure communication session.

Abstract: A processor-implemented method is disclosed. The method includes: launching, in an automated test environment, a test instance of a first application; determining a data access pattern for the first application of accessing the protected data resource based on detecting data retrieval operations of the test instance and determining application states of the first application associated with the detected data retrieval operations; and providing the data access pattern for the first application on a client device.

Abstract: The disclosed exemplary embodiments include computer-implemented systems, apparatuses, and processes that dynamically implement and manage hash-based consent and permissioning protocols. By way of example, an apparatus may obtain consent data that identifies one or more elements of data accessible to an application program executed by a device. The apparatus may generate a consent document for the application program based on at least a portion of the consent data, and may compute a consent hash value representative of the consent document. The apparatus may also generate and transmit permissioning data that includes at least the consent hash value to the device. The permissioning data may, for example, include information that instructs the executed application program to store the consent hash value within a local memory of the device and to associate the consent hash value with an access token of the executed application program.

Abstract: An apparatus for use in a digital messaging system includes a storage device and a processor coupled to the storage device. The storage device storing software instructions for controlling the processor that when executed by the processor configured the processor to: generate a first message comprising a payload portion; encrypt the payload portion of the message; derive a first session key from a domain-specific key; and sign the message using the first session key.

Abstract: The disclosed embodiments include processes that manage a cryptographically secure generation and exchange of data between network-connected systems operating within a computing environment using a permissioned distributed ledger. For example, and based on secure interaction with a distributed smart contract maintained within ledger blocks of the permissioned distributed ledger, an apparatus and a counterparty system may generate local symmetric encryption keys that facilitate a secure communication session between the apparatus and the counterparty system. Using the symmetric encryption key, the apparatus may generate a cryptographically secure representation of generated or obtained data, which may be transmitted to the counterparty system across the secure communications channel.

Abstract: A system, device and method for enforcing privacy during a communication session with a voice assistant are disclosed. In response to a determination that an environment of a first voice assistant device is not private, a first secure communication session between the first voice assistant device and an application server is suspended. In response a determination that one or more other voice assistant devices have been authorized for communication with the application server is made and input to transfer the first secure communication session, a second secure communication session between a second voice assistant device and the application server is initiated. The first secure communication session between the first voice assistant device and the application server is terminated in response to successful initiation of the second secure communication session.

Abstract: In an aspect, the present application describes a method including: obtaining account data associated with an account; passing at least some of the account data through a non-sufficient funds classifier, the non-sufficient funds classifier being a machine learning classifier configured to classify the account as either likely to have a non-sufficient funds event or unlikely to have a non-sufficient funds event, the machine learning classifier configured to evaluate a plurality of parameters associated with the account data; in response to determining that the account is likely to have a non-sufficient funds event, forecasting a balance for the account, wherein forecasting the balance for the account includes; and providing, to a client device associated with the account, a notification based on a forecasted balance.

Abstract: A method for evaluating security of third-party application is disclosed. The method includes: launching, in an automated test environment, a test instance of a first application; detecting at least one data retrieval operation by the first application of retrieving data from a protected data resource; for each of the at least one data retrieval operation, identifying an application state of the first application at a time of detecting the at least one data retrieval operation; determining a data access pattern for the first application of accessing the protected data resource based on the at least one data retrieval operation and application states of the first application associated with the at least one data retrieval operation; and presenting the data access pattern for the first application on a client device associated with a user.

Abstract: The disclosed exemplary embodiments include computer-implemented systems, apparatuses, and processes that dynamically manage consent, permissioning, and trust between computing systems and unrelated, third-party applications operating within a computing environment. By way of example, the apparatus may receive a request for an element of data that includes an access token and first credential data associated with an application program. When the first credential data corresponds to second credential data associated with the application program, may determine that the requested data element is accessible to the application program and perform operations that validate the access token. Further, and based on the validation of the access token, that apparatus may obtain and encrypt the requested data element, and may transmit the encrypted data element to a device via the communications interface.

Abstract: A computer-implemented method is disclosed.

Abstract: The disclosed exemplary embodiments include computer-implemented systems, apparatuses, and processes that dynamically implement and manage hash-based consent and permissioning protocols. By way of example, an apparatus may obtain consent data that identifies one or more elements of data accessible to an application program executed by a device. The apparatus may generate a consent document for the application program based on at least a portion of the consent data, and may compute a consent hash value representative of the consent document. The apparatus may also generate and transmit permissioning data that includes at least the consent hash value to the device. The permissioning data may, for example, include information that instructs the executed application program to store the consent hash value within a local memory of the device and to associate the consent hash value with an access token of the executed application program.

Abstract: In an aspect, the present application describes a method including: obtaining account data associated with an account; passing at least some of the account data through a non-sufficient funds classifier, the non-sufficient funds classifier being a machine learning classifier configured to classify the account as either likely to have a non-sufficient funds event or unlikely to have a non-sufficient funds event, the machine learning classifier configured to evaluate a plurality of parameters associated with the account data; in response to determining that the account is likely to have a non-sufficient funds event, forecasting a balance for the account, wherein forecasting the balance for the account includes; and providing, to a client device associated with the account, a notification based on a forecasted balance.

Abstract: A computer system for selectively enabling a data transfer method is disclosed. The computer system includes a processor, a communications module, and a memory. The memory stores instructions that, when executed by the processor, cause the computer system to: receive a signal from a remote electronic device via a network using the communications module, the received signal representing information including a context for a transfer of value between a database record associated with a data sender and a database record associated with a data receiver, the context including an identifier for the data receiver; obtain a condition to be satisfied in performing the transfer of value based on the identifier for the data receiver; determine that the condition is satisfied by performing the transfer of value using a particular data transfer method; and enable the transfer of value using the particular data transfer method.