| CPC H04L 63/0876 (2013.01) [G06F 21/34 (2013.01); G06F 21/43 (2013.01); G06F 21/6272 (2013.01); G06Q 20/227 (2013.01); G06Q 20/385 (2013.01); G06Q 20/425 (2013.01); G06Q 50/265 (2013.01)] | 19 Claims |
|
1. An electronic data protection (EDP) computing device for protecting a protected data object of a user during a current computer interaction in progress between a user computing device associated with the user and a business entity computing device associated with a business entity, wherein transmission of the protected data object to an authorized party maintaining sensitive information of the user is required to complete the current computer interaction, the EDP computing device in communication with the user computing device and the business entity computing device, the EDP computing device comprising at least one processor communicatively coupled to a memory device comprising a non-transitory computer readable medium including computer-executable instructions, wherein when executed by the at least one processor, the computer-executable instructions cause the at least one processor to:
receive interaction data for the current computer interaction from the business entity computing device, the interaction data including an interaction identifier identifying the current computer interaction for which account data is requested, a business entity identifier identifying the business entity computing device, and a user identifier associated with the user, the user identifier corresponding to an unprotected data object including non-sensitive sharable information associated with the user;
generate, using at least in part the user identifier, a token request message including the interaction identifier, the business entity identifier, and a request token;
transmit, prior to performing a lookup in the memory device for the protected data object, the token request message to the user computing device;
cause, using the token request message, the user computing device to activate a user application on the user computing device, wherein activating the user application includes i) displaying, on the user computing device, the interaction identifier, ii) prompting the user to select one of one or more user accounts stored on the user computing device, and iii) causing a secure communication channel to be established between the EDP computing device and the activated user application by requesting the user to confirm the user is a legitimate user allowed to initiate the current computer interaction;
establish, using the request token, the secure communication channel between the EDP computing device and the activated user application by receiving, by the at least one processor via the secure communication channel from the activated user application executing on the user computing device, a token response message including a confirmation indicating that the user is the legitimate user and initiated the current computer interaction identified by the interaction identifier, the token response message including a response token generated by the activated user application, the response token identifying the selected user account without including the protected data object;
in response to receiving the token response message, perform the lookup in the memory device, using the selected user account, for the protected data object associated with the selected user account, the protected data object including at least a portion of the sensitive information associated with the user and the selected user account, the protected data object stored within the memory device;
receive, from the user computing device, a unique key identifier confirming that the user agrees to complete the current computer interaction, the unique key identifier previously transmitted by the EDP computing device to the user computing device; and
in response to receiving the unique key identifier, complete the current computer interaction by transmitting i) the protected data object to an authorized party computing device different from the user computing device and the business entity computing device, the authorized party computing device associated with the authorized party, and ii) a confirmation that the current computer interaction has been completed to the business entity computing device and the user computing device.
|