Abstract: The disclosed exemplary embodiments include computer-implemented systems, apparatuses, and processes that dynamically manage consent, permissioning, and trust between computing systems that maintain confidential data and unrelated third-party applications. By way of example, an apparatus may obtain interaction data that identifies an interaction between an application program executed at a first computing system and a programmatic interface of a second computing system. Based on the interaction data, the apparatus may generate outcome data characterizing a probability that the requested access to the data element is inconsistent with an access permission granted to the executed application program, and may modify the access permission in accordance with the outcome data. The apparatus may also perform that generate permissioning data indicative of the modified access permission and that store the permissioning data within a locally accessible or cloud-based repository.

Abstract: Computing devices, systems, and methods for automatically prompting a foreign currency transaction by detecting a trip end condition associated with a registered user with respect to travel to a foreign location associated with a foreign currency. The methods and system may further determine that the registered user has a remaining foreign currency balance, and, as a result, may identify and send to the registered user's mobile device at least one option for using the remaining foreign currency balance. The at least one option may be a merchant offer from a merchant located in the area of the mobile device or may include an option to exchange the foreign currency for another currency. The trip end condition may be detected by determining that the registered user and/or user's mobile device is at an international departure location. The currency exchange may be with another registered user.

Abstract: Methods and computer systems for configuring recurring data transfers. Receiving, from a first computing system, a request to configure a recurring data transfer to a recipient, the request provided as a request for an immediate data transfer, the request for the immediate data transfer indicating a requested transfer amount and an intended transferor, the intended transferor indicated using an alias. Receiving user input from a computing device engaged using the alias, the user input including an indication of authorization of the immediate data transfer, the indication further including an indication of consent to pre-authorization of the recurring data transfer. In response to receiving the user input, transmitting a message to a system associated with the recipient, the message transferring data indicating the requested transfer amount, and wherein the message further includes an indication to the system associated with the recipient of consent to pre-authorization of the recurring data transfer.

Abstract: A data management device, communication system and methods for tagging data in a data table and triggering automated action. A data management device receives from a first data provider one or more records of a data table, each record comprising a plurality of fields. The data table is associated with an account having one or more authorized users. The plurality of fields each has a value set by the first data provider. The data manger determines one or more tags for the one or more records in accordance with a plurality of autotagging rules. The data manger appends the one or more records to include one or more tag fields corresponding to the one or more tags for the one or more records. The appended records are stored in a database. One or more automated actions may be triggered based on one or more tag fields of one or more of the plurality of records.

Abstract: A processor-implemented method is disclosed. The method includes: generating a secure data object associated with a request for transfer of resources, the secure data object indicating one or more resource transfer parameters including account information for a transferee account at a resource account management system, wherein the secure data object includes a first hash computed based on the one or more resource transfer parameters; signing the secure data object using a private key associated with the resource account management system; and sending the secure data object to a messaging address associated with a transferor of the requested resources.

Abstract: A method for controlling third-party access of a protected data resource is disclosed. The method includes: receiving an access token associated with a first application, the access token indicating access permissions for the first application to access a user account at a protected data resource; receiving a first request to perform a first access operation of accessing the user account using the access token; determining whether the first access operation is permitted based on the access permissions; in response to determining that the first access operation is not permitted: modifying the first request to obtain a second request for performing a second access operation of accessing the user account using the access token, the second access operation complying with the access permissions for the first application; transmitting the second request to a server associated with the protected data resource.

Abstract: A method for controlling third-party access of a protected resource is disclosed.

Abstract: In an aspect, the present application may describe a method that comprises monitoring a risk parameter associated with a third party server to detect a change in the risk parameter, and responsive to detecting the change in the risk parameter, sending, to a remote computing device and via the communications module, a notification that includes a first selectable option to modify data sharing associated with the third party server and a second selectable option to replace the third party server with an alternative third party server.

Abstract: A server comprises a communications module; a processor coupled with the communications module; and a memory coupled to the processor and storing processor-executable instructions which, when executed by the processor, configure the processor to receive, via the communications module and from a first computing device, a signal representing a data transfer request, the data transfer request including at least a transfer amount and a transfer address; send, via the communications module and to the transfer address, a signal including an electronic message, the electronic message including the transfer amount and at least one selectable option defining a transfer method, the at least one selectable option including a first selectable option defining a first transfer method that includes an additional requirement not required by a second transfer method; receive, via the communications module and from a second computing device, a signal indicating a selection of the at first selectable option defining the first t

Abstract: A method for evaluating security of third-party application is disclosed. The method includes: receiving, from a first application, a request to obtain first account data for a user account associated with a protected data resource; generating fake data for at least a portion of the requested first account data; providing, to the first application, a first data set in response to the request, the first data set including at least the generated fake data; monitoring use of the first data set by the first application; detecting a trigger condition indicating misuse of account data based on monitoring use of the first data set by the first application; in response to detecting the trigger condition, generating a notification identifying the misuse of account data; and transmitting the notification to a computing device associated with an application user.

Abstract: The disclosed exemplary embodiments include computer-implemented apparatuses and methods that validate confidential data based privacy-preserving homomorphic computations involving encrypted data. For example, an apparatus may receive, from a first computing system, encrypted data that includes a first encrypted value representative of at least one of first account data or an element of cryptographic data. Based on the first encrypted value and on second encrypted values, the apparatus may generate encrypted residual values representative of second account data associated with one or more reference accounts, and the apparatus may request and receive a decrypted residual value associated with each of the encrypted residual values from a second computing system. The apparatus may transmit the decrypted residual values to the first computing system, which may validate the first account data based on at least the decrypted residual values and perform operations associated with the validated first account data.

Abstract: A computer server includes a processor that is configured to receive an incoming authorization request that includes an original numeric value and an identification number, and locate a profile that is associated with the identification number. The located profile includes at least one adjustment criterion. The processor is configured to determine a primary numeric value and a secondary numeric value from the original numeric value and the adjustment criterion, confirm that the secondary numeric value is not greater than a balance value in a loyalty points account associated with the identification number, and reduce the balance value in the loyalty points account by the secondary numeric value. The processor is configured to, after confirming the secondary numeric value, generate a revised authorization request and transmit the revised authorization request to an authorization server. The revised authorization request includes the identification number and the primary numeric value.

Abstract: The disclosed exemplary embodiments include computer-implemented systems, apparatuses, and processes that dynamically manage consent, permissioning, and trust between computing systems that maintain confidential data and unrelated third-party applications. By way of example, an apparatus may obtain interaction data that identifies an interaction between an application program executed at a first computing system and a programmatic interface of a second computing system. Based on the interaction data, the apparatus may generate outcome data characterizing a probability that the requested access to the data element is inconsistent with an access permission granted to the executed application program, and may modify the access permission in accordance with the outcome data. The apparatus may also perform that generate permissioning data indicative of the modified access permission and that store the permissioning data within a locally accessible or cloud-based repository.

Abstract: In some implementations, a method of providing contactless payments at a point of sale terminal includes: causing a point-of-sale terminal processing a transaction to display a machine-readable code, the machine-readable code encoding a web address; receiving a request from a device that scanned the machine-readable code, the request received at the web address; in response to receiving the request, causing the device that scanned the machine-readable code to output an interface that includes a prompt for input required to complete the transaction; receiving a response to the prompt; and sending an indication of the response to the prompt to the point-of-sale terminal to allow for completion of the transaction based on the response at the point-of-sale terminal through use of a physical token at the point-of-sale terminal.

Abstract: A method for evaluating security of third-party application is disclosed. The method includes: receiving, from a first application, a request to obtain first account data for a user account associated with a protected data resource; generating fake data for at least a portion of the requested first account data; providing, to the first application, a first data set in response to the request, the first data set including at least the generated fake data; monitoring use of the first data set by the first application; detecting a trigger condition indicating misuse of account data based on monitoring use of the first data set by the first application; in response to detecting the trigger condition, generating a notification identifying the misuse of account data; and transmitting the notification to a computing device associated with an application user.

Abstract: A processor-implemented method is disclosed. The method includes: receiving, via a terminal device, input of a first password during a card session that begins when a value transfer card is inserted into the terminal device, the value transfer card being associated with a plurality of passwords; verifying that the first password is a valid password associated with the value transfer card; identifying at least one card control setting associated with the first password, the at least one card control setting being a setting that is not associated with another one of the plurality of passwords; and processing a transaction initiated at the terminal device based on the identified at least one card control setting.

Abstract: The disclosed exemplary embodiments include computer-implemented systems, devices, apparatuses, and processes that maintain data confidentiality in communications involving voice-enabled devices in a distributed computing environment using homomorphic encryption. By way of example, an apparatus may receive encrypted command data from a computing system, decrypt the encrypted command data using a homomorphic private key, and perform operations that associate the decrypted command data with a request for an element of data. Using a public cryptographic key associated with a device, the apparatus generate an encrypted response that includes the requested data element, and transmit the encrypted response to the device. The device may decrypt the encrypted response using a private cryptographic key and to perform operations that present first audio content representative of the requested data element through an acoustic interface.

Abstract: In an aspect, the present application may describe a method including: receiving, from a remote computing device and at a server, an indication of consent for an authenticated entity to share data with a third party server; in response to receiving the indication of consent, issuing an access token to the third party server, the access token for accessing data associated with the authenticated entity; monitoring a risk parameter associated with one or both of the third party server and the authenticated entity to detect a change in the risk parameter; determining, based on input received from the authenticated entity, that data sharing with the third party server is to be modified based on the change in risk parameter; and modifying the sharing of data for the authenticated entity with the third party server by revoking the access token or modifying an access permission associated with the access token.

Abstract: A processor-implemented method is disclosed. The method includes: configuring a value transfer card to be associated with a plurality of accounts, the plurality of accounts including a default currency account and one or more foreign currency accounts; receiving input from an authorized entity associated with the plurality of accounts, the input indicating a selection of at least one of the foreign currency accounts and a card control setting to be applied for the value transfer card in connection with transactions associated with the selected at least one foreign currency account; and enabling the card control setting for the value transfer card only in connection with the selected at least one foreign currency account.

Abstract: A server comprises a communications module; a processor coupled with the communications module; and a memory coupled to the processor and storing processor-executable instructions which, when executed by the processor, configure the processor to receive, via the communications module and from a computing device, a signal representing a request to add an authorized user to an account of an entity hosted by a first institution associated with the server; send, via the communications module and to a second server associated with a second institution hosting an account of the authorized user, a signal that includes a unique key and an identifier of the entity, the signal causing the second server to store the unique key and the identifier in memory and associating the unique key and the identifier with the account of the authorized user; receive a signal representing a request to perform an operation for the entity; in response to receiving the request to perform the operation, send, via the communications module