US 11,922,398 B2
Delegated administration of permissions using a contactless card
Jeffrey Rule, Chevy Chase, MD (US); and Walter A. Miller, Glen Allen, VA (US)
Assigned to Capital One Services, LLC, McLean, VA (US)
Filed by Capital One Services, LLC, McLean, VA (US)
Filed on Feb. 25, 2021, as Appl. No. 17/184,963.
Application 17/184,963 is a continuation of application No. 16/360,149, filed on Mar. 21, 2019, granted, now 10,970,712.
Prior Publication US 2021/0182834 A1, Jun. 17, 2021
Int. Cl. G06Q 20/34 (2012.01); G06Q 20/38 (2012.01); G06Q 20/40 (2012.01); H04L 9/32 (2006.01)
CPC G06Q 20/352 (2013.01) [G06Q 20/3829 (2013.01); G06Q 20/405 (2013.01); H04L 9/3234 (2013.01); G06Q 2220/00 (2013.01)] 17 Claims
OG exemplary drawing
 
1. A system, comprising:
a processor circuit; and
a memory storing instructions that when executed by the processor circuit, cause the processor circuit to perform the steps of:
receiving a first request to perform a first computing operation from a first account of an application;
receiving a cryptogram from a contactless card to authenticate the first account;
transmitting the cryptogram to an authentication server;
receiving, from the authentication server, a result that the authentication server decrypted the cryptogram;
receiving, from the authentication server, a permissions vector of the first account, the permissions vector comprising a plurality of entries;
determining, based on the permissions vector of the first account, that the first account is permitted access to the first computing operation via the application;
performing the first computing operation by granting the first account access to the first computing operation based on the result that the authentication server decrypted the cryptogram and the permissions vector of the first account;
disabling a first feature of the application based on a first entry of the plurality of entries of the permissions vector for the first account;
enabling a second feature of the application based on a second entry of the plurality of entries of the permissions vector for the first account;
receiving a second request to perform the second feature comprising a second computing operation, the second request received from the first account via the application;
receiving, from the contactless card, a second cryptogram;
transmitting the second cryptogram to the authentication server;
receiving, from the authentication server, a second result that the authentication server decrypted the second cryptogram;
performing the second computing operation by granting, based on the second result that the authentication server decrypted the second cryptogram and on the granting of access to the application to the first account and the second entry of the permissions vector for the first account, the first account access to perform the second computing operation associated with the second feature of the application; and
processing, based on the granting of the first account access to perform the second computing operation associated with the second feature of the application, the second computing operation based on input received via the second feature of the application.