| CPC G06Q 20/40145 (2013.01) [G06F 21/604 (2013.01); G06F 21/62 (2013.01); G06F 21/6254 (2013.01); G06Q 20/4093 (2013.01); G10L 17/22 (2013.01)] | 20 Claims |
|
1. A non-transitory computer-readable medium embodying a program executable in at least one computing device, wherein when executed the program causes the at least one computing device to at least:
receive a voice command from a client device associated with a shared account to perform an action using a third-party application, wherein the shared account is associated with a plurality of users, and the client device is authenticated for access to the shared account using a registration credential;
identify a user originating the voice command based at least in part on performing a voice recognition on the voice command;
generate a request, with an application programming interface (API), to determine that the third-party application uses personal data, wherein the personal data is stored in a data store;
communicate the request to an application provider of the third-party application;
obtain, in response to the request, application requirements regarding the personal data;
determine that the application requires specific profile information about the user;
verify that the application provider has permission to access the personal data for a person profile associated with the shared account based at least in part on a person identifier of a token being associated with the person profile;
render, using a speaker on the client device, a question via speech synthesis, wherein the question requests consent from the user to share the personal data with the third-party application;
receive the consent from the user by a voice confirmation;
generate the token that includes an account identifier and the person identifier in response to receiving the consent, the account identifier corresponding to the shared account of the plurality of users, the person identifier corresponding to a person profile for the user in the shared account, the person identifier of the token being configured for a provider of the application to use the person identifier to access the person profile associated with the shared account;
anonymize the account identifier and the person identifier;
encrypt the anonymized account identifier and the anonymized person identifier within the token;
send the token and an indication of the action to the provider of the third-party application for authorizing the provider to perform the action based at least in part on receiving the consent, the token comprising the anonymized account identifier and the anonymized person identifier; and
personalize a service provided by the third-party application by providing the token having the anonymized account identifier and the anonymized person identifier, wherein the personalizing comprises correlating actions with the anonymized account identifier and the anonymized person identifier.
|