| CPC G06Q 20/047 (2020.05) [H04L 9/3213 (2013.01); G06Q 20/363 (2013.01); G06Q 20/3674 (2013.01); G06Q 20/3821 (2013.01); G06Q 20/385 (2013.01); H04L 9/3234 (2013.01); H04L 9/3247 (2013.01); H04L 63/0807 (2013.01)] | 20 Claims |
|
1. A method, comprising:
receiving, by an account server, a registration request from a service provider;
communicating, by the account server to the service provider, authorization token validation information, the authorization token validation information including an authorization token validation uniform resource locator (URL) for communicating with the account server to determine authorization for user devices to access data stored on the service provider;
communicating, by the account server to an application of a user device, a first data subset of order information that corresponds to a transaction, the first data subset of the order information accessible to the account server and to be displayed in a first receipt format;
receiving, by the account server and from the application, a request for authorization, of the application, to access a second data subset of the order information that corresponds to the transaction, the second data subset of the order information being inaccessible to the account server;
generating, by the account server, a first authorization token based at least in part on the request for authorization;
storing, by the account server, the first authorization token in a memory of the account server;
communicating, by the account server, at least the first authorization token to the application of the user device;
receiving, by the account server from the service provider via the authorization token validation URL, a verification request comprising a second authorization token;
retrieving, by the account server from the memory, the first authorization token;
determining, by the account server, whether the first authorization token matches the second authorization token; and
communicating, by the account server to the service provider, an indication of whether the service provider is to provide the second data subset of the order information that corresponds to the transaction to the application of the user device based at least in part on whether the first authorization token matches the second authorization token, the second data subset of the order information to be displayed in a second receipt format with at least a portion of the first data subset of the order information.
|