The Toronto-Dominion Bank
SYSTEMS AND METHODS FOR DETECTING CHANGES IN DATA ACCESS PATTERN OF THIRD-PARTY APPLICATIONS

Abstract:

A method for evaluating security of third-party application is disclosed. The method includes: in an automated test environment: launching a test instance of a first application; and obtaining a data access signature of the first application based on identifying at least one application state of the first application and account data retrieved by the first application from a user account at a protected data resource in the at least one application state; receiving, from a client device associated with the user account, an indication of access permissions for the first application to access the user account for retrieving account data; detecting a change in the data access signature of the first application; and in response to detecting the change in the data access signature of the first application, notifying the user of the detected change.