	US 12,067,147 B1
	Control tower restrictions on third party platforms
Lila Fakhraie, Belmont, CA (US); Brian M. Pearce, Pleasanton, CA (US); Steven Pulido, San Francisco, CA (US); Benjamin Soccorsy, Larkspur, CA (US); Mojdeh Tomsich, San Francisco, CA (US); and James Stahley, San Francisco, CA (US)
Assigned to Wells Fargo Bank, N.A., San Francisco, CA (US)
Filed by Wells Fargo Bank, N.A., San Francisco, CA (US)
Filed on Aug. 29, 2022, as Appl. No. 17/897,938.
Application 17/897,938 is a continuation of application No. 16/211,391, filed on Dec. 6, 2018, granted, now 11,429,742.
Application 16/211,391 is a continuation of application No. 16/204,831, filed on Nov. 29, 2018, granted, now 11,386,223.
Application 16/204,831 is a continuation in part of application No. 15/723,078, filed on Oct. 2, 2017, granted, now 10,992,679.
Application 15/723,078 is a continuation in part of application No. 15/629,423, filed on Jun. 21, 2017, granted, now 11,615,402.
Claims priority of provisional application 62/766,400, filed on Oct. 16, 2018.
Claims priority of provisional application 62/529,360, filed on Jul. 6, 2017.
Claims priority of provisional application 62/403,396, filed on Oct. 3, 2016.
Claims priority of provisional application 62/357,737, filed on Jul. 1, 2016.
Int. Cl. G06F 21/62 (2013.01); G06F 3/04817 (2022.01); G06F 3/0482 (2013.01); G06F 9/54 (2006.01); G06Q 20/36 (2012.01); H04L 9/40 (2022.01); G06F 16/215 (2019.01)

CPC G06F 21/6245 (2013.01) [G06F 3/04817 (2013.01); G06F 3/0482 (2013.01); G06F 9/547 (2013.01); G06Q 20/3674 (2013.01); H04L 63/10 (2013.01); G06F 16/215 (2019.01); G06F 21/6263 (2013.01)]

18 Claims

1. A service provider computing system comprising:

a network interface configured to communicate via a telecommunications network; and

a processor and a memory having stored thereon instructions which, when executed by the processor, cause the processor to:

maintain a listing of one or more applications installed on a user device and an indicator for each respective application to indicate whether the respective application has been granted access to data corresponding to a user account;

receive, via the network interface, an access request from an application of the one or more applications, the access request identifying the user account and data corresponding to the user account, wherein the listing further identifies one or more computing devices which have been granted access to the data corresponding to the user account;

verify, based on the listing, that a user of the user account has granted the application access to the data;

in response to verifying that the user has granted access, use the network interface to transmit the data to the application;

receive, from the user device of the user, a first request that identifies a computing device of the one or more computing devices, the first request indicating the user of the user account has denied the computing device access to the data corresponding to the user account;

modify, responsive to receiving the first request, the listing to indicate that the user of the user account has denied the computing device access to the data corresponding to the user account;

receive, from the user device of the user, a second request to delete the user account for which the data was provided to the application;

generate, responsive to receiving the second request, a command that requests deletion of the user account and the data from the application; and

use the network interface to transmit the command to the application to have the application, consistent with the second request from the user device, delete the user account and the data received from the service provider computing system.