As methods and devices for engaging in financial transactions have increased, old problems of protecting sensitive information persist. For example, one common source of fraud occurs when a hacker gains access to a data center and obtains sensitive information such as credit card numbers and other cardholder data. As another example, an employee entrusted to maintain sensitive information can provide a fraudster access to the cardholder data, either by voluntary act, trick, negligence, or accident.
To protect sensitive information from such fraud, a data center may encrypt the data it stores. For example, a merchant may wish to track financial transactions at one or more stores to gain insight on the purchasing tendencies of its customers. In this example, the merchant may store financial information (e.g., credit card numbers) associated with the purchases. However, because such information is sensitive and could be used to conduct fraudulent transactions, the merchant may secure the credit card numbers it collects by encrypting the credit numbers it stores in its data center.
A merchant processor that performs payment gateway services on behalf of a merchant is another example of a data center. For example, the merchant processor (as provided by CYBERSOURCE™, of Mountain View, CA), may receive payment information from a merchant computer, process the payment information into the format of an authorization request message, send the authorization request message to the appropriate payment processing network (as may be offered by VISA™), receive an authorization response message, and route the authorization response message back to the merchant computer so that the merchant can provide a good or service to a customer.
Other examples of data centers include acquirers and acquirer processors. An acquirer is typically a business entity (e.g., a commercial bank) that has a business relationship with a particular merchant. Acquirers may facilitate and manage financial transactions on behalf of merchants. An acquirer processor is typically a transaction processing entity that has a business relationship with a particular acquirer. Acquirer processors may provide merchants with transaction clearing, settlement, billing and reporting services.
In addition to the payment services described above, the acquirer or acquirer processor can also provide a variety of financial reports to the merchants registered for its services. For example, once a transaction has completed, the merchant may request information specifically for that transaction by sending a report request message to the acquirer or acquirer processor. The acquirer or acquirer processor may respond to the report request message by sending full payment information related to the specified transaction to the merchant.
To provide full payment information back to the merchant as part of these financial reports, the acquirer or acquirer processor may store the credit card numbers involved in the transactions. Accordingly, the acquirer or acquirer processor can be a form of a data center that stores cardholder information and other sensitive information. For the reasons described above, the acquirer or acquirer processor may protect the cardholder information against potential fraudsters. In one approach, the acquirer or acquirer processor may encrypt the credit card numbers that it receives. Further, to avoid collisions between the credit card numbers, the acquirer or acquirer processor may use an encryption key specific to each merchant when the acquirer or acquirer processor encrypts an account number, for example.
When a data center (e.g., a merchant processor, merchant, acquirer processor, or acquirer) maintains a database of sensitive information, the data center may have to comply with a number regulations. Such regulations attempt to increase controls around cardholder data to reduce credit card fraud via its exposure. For example, the Payment Card Industry Data Security Standard (PCI DSS) is an information security standard for organizations that handle cardholder information for the major debit, credit, prepaid, e-purse, ATM, and POS cards. As part of the PCI DSS, a data center that stores and/or processes cardholder information must ensure that the cardholder data is secured. Further, the data center must perform periodic compliance testing.
As described above, a data center may encrypt cardholder information to comply with the PCI DSS. There are many known methods of encryption. Comparatively secure encryption systems are typically expensive and may consume large portions of a computer system's processing bandwidth.
Embodiments of the invention address the above problems, and other problems, individually and collectively.
Embodiments of the present invention can be directed to systems, apparatuses, and methods for providing account tokens to external systems during the lifecycle of a payment transaction. As is explained below, an account token is a less sensitive form of an account identifier. Such account tokens can be sent to external entities, such as a merchant or a support computer, during the lifecycle of a transaction.
Some embodiments are directed to a method for providing an account token to a merchant computer. The method may involve a tokenization server receiving an authorization request message sent by a merchant computer. The authorization request message may request authorization for payment of a good or service and may include an account identifier and a merchant verification value. A token derivation key is then selected using the merchant verification value. The tokenization server then uses the token derivation key to generate the account token of the account identifier. The account token is inserted in an authorization response message that is then sent to the merchant computer.
Some embodiments are directed to a server that provides an account token to a merchant computer. The server receives an authorization request message sent by a merchant computer. The authorization request message includes an account identifier and a merchant verification value. The server then selects a token derivation key using the merchant verification value. The server then uses the token derivation key to generate the account token of the account identifier. The account token is inserted in an authorization response message that is then sent to the merchant computer.
Some embodiments are directed to a computer readable medium for performing a method of providing an account token to a merchant computer. The method may involve a tokenization server receiving an authorization request message sent by a merchant computer. The authorization request message includes an account identifier and a merchant verification value. A token derivation key is then selected using the merchant verification value. The tokenization server then uses the token derivation key to generate the account token of the account identifier. The account token is inserted in an authorization response message that is then sent to the merchant computer.
Some embodiments are directed to a method for providing an account token to an external entity. The method may involve receiving a payment message that is associated with an account identifier. Then a tokenization server generates an account token of the account identifier associated with the payment message. An external request message with the account token is then transmitted to an external entity. An example of an external entity is a support computer that provides a risk score for a transaction. An external response message is then received. An example of an external response message is a risk score that corresponds to the payment message. After the external response message is received, the account identifier is then determined from the account token.
Some embodiments are directed to a server that provides an account token to an external entity. The server may receive a payment message that is associated with an account identifier. The server then generates an account token of the account identifier associated with the payment message. An external request message with the account token is then transmitted by the server to an external entity. An example of an external entity is a support computer that provides a risk score for a transaction. An external response message is then received by the server. An example of an external response message is a risk score that corresponds to the payment message. After the external response message is received, the account identifier is then determined from the account token.
Some embodiments are directed to a computer readable medium that includes instructions that, when executed by a processor, performs a method for providing an account token to an external entity. The method may involve receiving a payment message that is associated with an account identifier. Then a tokenization server generates an account token of the account identifier associated with the payment message. An external request message with the account token is then transmitted to an external entity. An example of an external entity is a support computer that provides a risk score for a transaction. An external response message is then received. An example of an external response message is a risk score that corresponds to the payment message. After the external response message is received, the account identifier is then determined from the account token.
Embodiments of the invention relate to methods and systems for mitigating risks associated with transmitting and storing sensitive account identifiers. Particularly, example embodiments of the invention relate to generating an account token at a payment processing network as part of an authorization process involving a merchant computer, an acquirer computer, and/or a support computer.
However, prior to discussing the example embodiments of the invention, a further description of some terms can be provided for a better understanding of embodiments of the invention.
As used herein, an “account identifier” can refer to any information that identifies an account that holds value for a user. An account identifier can be represented as a sequence of characters or symbols. An account identifier is typically provided as part of a transaction, such as a payment transaction, that credits value to the account, debits value to the account, or performs any other suitable action on the account. Credit card numbers, checking and saving account numbers, prepaid account numbers, aliases and/or a passwords, phone numbers, and any other suitable identifier are all examples of account identifiers.
As used herein, an “account token” can refer to the result of transforming an account identifier into a form that is not considered sensitive in the context of the environment in which the account token resides. A “tokenization algorithm” can refer to the sequence of steps used to transform an account identifier into an account token. Still further, a “reverse tokenization algorithm” can refer to the sequence of steps used to transform the account token back to the account identifier. The tokenization algorithm may replace sensitive data, or portions thereof, with a value that is not considered sensitive.
As used herein, a “token derivation key” can refer to any piece of information that is used as a parameter of a tokenization algorithm. The token derivation key can be used to vary the output of a tokenization algorithm. In some embodiments, a token derivation key is symmetric as the same token derivation key is used for both tokenization and reverse tokenization. In other embodiments, a token derivation key is asymmetric as the token derivation key used to tokenize an account identifier is not used in the reverse tokenization algorithm. Instead, a second token derivation key is used in the reverse tokenization.
An “authorization request message” can refer to a message, or sequence of messages, that requests an issuer of the payment card to authorize a transaction. An authorization request message according to an embodiment of the invention may comply with ISO (International Organization for Standardization) 8583, which is a standard for systems that exchange electronic transactions made by cardholders using payment cards. An authorization request message according to other embodiments may comply with other suitable standards.
An “authorization response message” can refer to a message, or sequence of messages, that responds to a merchant's and/or acquirer's request to authorize a transaction. An authorization response message according to an embodiment of the invention may comply with ISO 8583, which, as described above, is a standard for systems that exchange electronic transactions made by cardholders using payment cards. An authorization response message according to other embodiments may comply with other suitable standards.
A “merchant verification value” may refer to any information that identifies a merchant as a participant in a service or program. As an example, a merchant verification value may be assigned to a business, person, or organization that has agreed to accept payment cards when properly presented by the cardholder. A merchant verification value can be any combination of characters and/or symbols. Further, a merchant verification value can be transmitted to a payment processing network as part of an authorization request message.
A “support system verification value” may refer to any information that identifies a support system as a provider of a service or program. As an example, a support system verification value may be assigned to a web service that provides a fraud score for a transaction. As another example, a support system verification value can be assigned to an alert web service that sends a message to a consumer's communication device (e.g., mobile phone) when one or more conditions applied. Such a message can be for a coupon or an alert that a transaction or activity has occurred with regard to a particular account. A support system verification value can be any combination of characters and/or symbols. Further, in some embodiments, a support system verification value can be transmitted to a payment processing network as part of an authorization request message.
A “verification value,” as used herein, can refer to a merchant verification value, a support system verification value, or some combination thereof.
Generally, embodiments relate to apparatuses, systems, and methods of securing sensitive data. In particular, some embodiments improve security of a data center that stores, for example, account identifiers by communicating account tokens from a tokenization server to external entities (e.g., merchant computers or a support computers). Further, in some embodiments, the account tokens communicated to the external entity is generated specific for the external entity. For example, when a merchant is enrolled with a tokenization service, the merchant is assigned a merchant verification value and token derivation key. Thereafter, subsequent communications between a merchant computer and a tokenization server may cause the tokenization server to generate an account token specific to the merchant by using the assigned token derivation key.
To illustrate, when a consumer swipes a credit card at a merchant's store to purchase an item, a bank associated with the merchant may send an authorization request message with a particular account identifier and the merchant verification value assigned to the merchant to the payment processing network. In generating an authorization response message, a tokenization server associated with the payment processing network may select the token derivation key assigned to the merchant (as may be determined by matching a merchant verification value included in the authorization request message to a previously assigned token derivation key) and then generate an account token of the account identifier using the token derivation key. The account token is then inserted in the authorization response message, which is then sent back to the merchant via the bank.
A similar technique can be used to communicate account tokens to support systems, as is further described below.
By communicating an account token to the merchant, example embodiments can provide comparatively secure communication and comparatively secure storage for sensitive information, such as the cardholder data (e.g., credit card number) and other financial information. For example, if a fraudster hacks into the merchant's systems, the account tokens of the account identifiers stored by the merchant will not be useful to the fraudster because the account tokens can not be used alone to conduct financial transactions. That is, the fraudster will be unable to use the account tokens to perform financial transactions.
In some embodiments, a merchant and/or support system does not have access to the reverse token derivation keys needed to transform the account tokens to the corresponding account identifers. Instead, a tokenization server stores the reverse token derivation keys. Therefore, the risk of compromised cardholder data is further limited in that a fraudster may have to breach the merchant and/or support system to obtain the account tokens and may also have to breach the tokenization server to obtain the reverse token derivation keys. Furthermore, even if the account tokens are compromised for a particular merchant and/or support system (e.g., if the fraudster obtains both the account tokens and reverse token derivation keys), the account tokens for other merchants and/or support systems may remain inaccessible to the fraudster.
Still further, because an account token is received in the authorization response message in addition to or in lieu of the actual account identifier, the apparatuses, methods, and systems described herein also reduce merchant post-processing efforts needed to support encryption or hashing of the account numbers after the authorization response message is received.
As a further advantage, the merchant can use the tokenized account identifier to conduct customer analytics in lieu of the original card identifier. Once the card account numbers are removed from the merchant's systems (often during or after the daily batch sales draft clearing process), the merchant can retain the tokenized account identifier for future analytics and customer tracking, while simultaneously complying with security standards (such as Payment Card Industry Data Security Standard (PCI DSS)) and reducing risk of damaging data breaches. For example, in order to maximize sales, merchants often have the need to perform customer activity tracking and segmentation/spend analyses using sales history. However, using the account identifier to identify customers requires long-term storage of cardholder account identifiers, potentially leading to increased data breach risk and security standards non-compliance. Embodiments of the invention provide a method to tokenize the account identifier so that it can be used in lieu of the actual account identifier to perform merchant customer analytics.
In another example, embodiments of the invention may facilitate customer analytics that allow merchants to measure velocity of purchases (e.g., if five transactions occur within a relatively short time period over a disperse geographic area). Based on an application observing the account tokens, the merchant may deny selected transactions if the merchant detects a suspicious velocity pattern, even if the transaction is authorized by the payment processing network.
In another example, embodiments of the invention may facilitate customer analytics that allow merchants to measure the velocity of purchases to provide various customer loyalty services. For example, based on an application observing the account tokens, the merchant may provide a benefit to repeat customers (e.g., if a customer purchases the same product on five occasions, the merchant can provide the customer with an additional product at no cost).
I. Exemplary Payment System
Example embodiments are typically implemented in the context of a payment transaction. Therefore, prior to further discussing the use of a tokenization server configured to provide account tokens, a brief description of standard consumer purchases will be presented.
An exemplary system 100 for embodiments of the invention can be seen in
The consumer 110 may be an individual, or an organization such as a business that is capable of purchasing goods or services.
The portable consumer device 115 may be in any suitable form. For example, suitable portable consumer devices can be hand-held and compact so that they can fit into a consumer's wallet and/or pocket (e.g., pocket-sized). The portable consumer device 115 can include a processor, and memory, input devices, and output devices, operatively coupled to the processor. Specific examples of portable consumer devices include cellular or wireless phones, personal digital assistants (PDAs), pagers, portable computers, smart cards, and the like. The portable consumer devices can also be debit devices (e.g., a debit card), credit devices (e.g., a credit card), or stored value devices (e.g., a pre-paid or stored value card).
The payment processing network 140 may include data processing subsystems, networks, and operations used to support and deliver authorization services, exception file services, and clearing and settlement services. An exemplary payment processing network may include VisaNet™. Payment processing networks such as VisaNet™ are able to process credit card transactions, debit card transactions, and other types of commercial transactions. VisaNe™, in particular, includes a VIP system (Visa Integrated Payments system) which processes authorization request messages and in some instances also performs clearing services, and a Base II system which performs clearing services in instances when it is not performed by the VIP system.
The payment processing network 140 may include a server computer. A server computer is typically a powerful computer or cluster of computers. For example, the server computer can be a large mainframe, a minicomputer cluster, or a group of servers functioning as a unit. In one example, the server computer may be a database server coupled to a Web server. The payment processing network 140 may use any suitable wired or wireless network, including the Internet.
The merchant computer 120 may also have, or may receive communications from, an access device 125 that can interact with the portable consumer device 115. The access devices 125 according to embodiments of the invention can be in any suitable form. Examples of access devices include point of sale (POS) devices, cellular phones, PDAs, personal computers (PCs), tablet PCs, handheld specialized readers, set-top boxes, electronic cash registers, automated teller machines (ATMs), virtual cash registers, kiosks, security systems, access systems, and the like.
If the access device 125 is a point of sale terminal, any suitable point of sale terminal may be used including card or phone readers. The card or phone readers may include any suitable contact or contactless mode of operation. For example, exemplary readers can include RF (radio frequency) antennas, magnetic stripe readers, etc. to interact with the portable consumer devices 115.
In a typical purchase transaction, the consumer 110 purchases a good or service at the merchant associated with the merchant computer 120 using the portable consumer device 115 such as a credit card or mobile phone. The consumer's portable consumer device 115 can interact with an access device 125 such as a POS (point of sale) terminal communicatively coupled to the merchant computer 120. For example, the consumer 110 may swipe the credit card through a POS terminal or, in another embodiment, may take a wireless phone and may pass it near a contactless reader in a POS terminal.
An authorization request message may then forwarded by the merchant computer 120 to the acquirer computer 130. After receiving the authorization request message, the authorization request message may then be sent to the payment processing network 140. The payment processing network 140 may then forward the authorization request message to the issuer computer 160 associated with the portable consumer device 115.
As shown in
After the issuer computer 160 receives the authorization request message, the issuer computer 160 may send an authorization response message back to the payment processing network 140 to indicate whether or not the current transaction is authorized (or not authorized). The transaction processing system 140 may then forward the authorization response message back to the acquirer computer 130. The acquirer computer 130 may then send the response message back to the merchant computer 120.
After the merchant computer 120 receives the authorization response message, the access device 125 communicatively connected to the merchant computer 120 may then provide the authorization response message for the consumer 110. The authorization response message may be displayed by the POS terminal, or may be printed out on a receipt.
During the lifecycle of a transaction, the payment processing network 140 may generate account tokens of the account identifiers sent in the authorization request message. In some embodiments, an account token 128 can be generated and sent to the merchant computer 120 and/or the acquirer computer 130. The merchant computer 120 and/or acquirer computer 130 can store the account token 128 in account token database 126. In other embodiments, an account token 158 can be generated and sent to a support computer 150. The support computer 150 can store the account token 158 in account token database 156.
At the end of the day, a normal clearing and settlement process can be conducted by the payment processing network 140. A clearing process is a process of exchanging financial details between and acquirer and an issuer to facilitate posting to a consumer's account and reconciliation of the consumer's settlement position. During the clearing process, the acquirer computer 130 can send the account token 128 to the payment processing network 140. The payment processing network 140 may then use the reverse token derivation key for the particular merchant to retrieve the corresponding account identifier. The payment processing network 140 can send the account identifier to the issuer computer 160 to perform clearing and settlement. In some embodiments, clearing and settlement can occur simultaneously.
Once clearing and settlement are performed, the merchant computer 120 may remove the account identifiers stored in their systems. In other embodiments of the invention, as described herein, the merchant computer 120 can receive account tokens in lieu of account identifiers, thus eliminating the need to remove account identifiers stored in the merchant's systems. As an advantage of embodiments of the invention, the merchant computer 120 may retain the account tokens, thereby allowing customer analytics, as described above.
II. Tokenization Server
The tokenization server 220 may include an enrollment module 222, an authorization response module 224, a tokenization module 226, a normalization module 228, and an authorization request module 230.
The enrollment module 222 may receive requests for enrolling external entities, such as merchants and support systems, in the tokenization service provided by the payment processing network 140. In some embodiments, the enrollment module 222 may assign an identifier to an external entity that is successfully enrolled in the tokenization service. For example, a merchant may be assigned a merchant verification value which is sent in subsequent authorization request messages sent to the payment processing network. The merchant verification values assigned to merchants can be stored in MVV database 242. Alternatively, a support system may be assigned a support system verification value that uniquely identifies the support system. The support system verification values assigned to support systems can be stored in support system database 246.
The authorization response module 224 performs a number of functions related to inserting account tokens into messages communicated between the payment processing network 140 and merchants, issuers, and acquirers. For example, according to one embodiment, the payment processing network 140 receives an authorization response messages from an issuer, processes the received authorization response message, and sends the processed authorization response message to the appropriate merchant and/or acquirer. Inserting an account token into the authorization response message by the authorization response module 224 is an example of one type of processing the payment processing network 140 performs. The authorization response module 224 can receive account tokens from the tokenization module 226.
The tokenization module 226 may generate the account tokens that are used in the embodiments described herein. In one embodiment, the tokenization module 226 generates account tokens based on an merchant verification value received in an authorization request message. For example, the tokenization module 226 may use the merchant verification value as an index into a token derivation key database (as is discussed below) to obtain a token derivation key assigned to the merchant. Once the token derivation key is obtained, the tokenization module 226 can then generate the account token by applying the account identifier to an encryption or hash function, with the merchant's token derivation key as a parameter. This and other techniques are described in greater detail below.
The normalization module 228 may provide facilities that allow the payment processing network 140 to transform an account token from a first account token form to a second account token form. Such may be an advantage for comparing the account tokens received by two or more merchants. This is because the account tokens generated by the tokenization module 226 are merchant specific. As explained below, the normalization module 228 may provide a scheme for generating an account token common to one or more merchants to provide for comprehensive analytics and services, as may be provided by merchant support systems.
The authorization request module 230 may perform a number of functions related to receiving and forwarding authorization request messages. As part of receiving an authorization request message, the authorization request module 230 may forward the authorization request message to the issuer computer 160 or to the support computer 150. Alternatively, the payment processing network 140 can forward the authorization request message to the issuer computer 160 or to the support computer 150 without using the authorization request module 230.
Further, the tokenization server 220 may have access to one or more databases of information. As shown in
The TDK database 244 may store the token derivation keys that are assigned to merchants enrolled in the tokenization services. As described above, a token derivation key can be in any number of suitable forms using, for example, symmetrical or asymmetrical key algorithms. Further, as described above, in some embodiments, the tokenization server 220 can update the token derivation key assigned to a merchant at various points in time. For example, the tokenization server 220 may update a merchant's token derivation key if a fraudster compromises the account token data stored at a merchant. To provide such dynamic updates, the TDK database 244 can associate a token derivation key index with the assigned token derivation key.
The support system database 246 may store information regarding the support systems communicatively coupled to the payment processing network. For example, each support system may be assigned a unique support system verification value at the time that the support system is deployed or, in some embodiments, the support system may perform an enrollment process. Additionally, the support system database 246 may store information on whether the support system is capable of receiving account tokens rather than the account identifiers. In this way, the process of connecting support systems to the payment processing network can be achieved dynamically. Such dynamic connections can be implemented according to various system architectures, such as a directory service, event based systems, or any other scalable architecture.
III. Provisioning Account Tokens to External Parties
As described above, some embodiments of the present invention relate to a tokenization server that generates account tokens of account identifiers for merchants. Other embodiments of the present invention relate to a tokenization server that generates account tokens of account identifiers for support systems of a payment processing network. Further, there are still other embodiments where the tokenization server provides facilities for providing account tokens to a support system of one or more merchants. These various embodiments are described separately below. In particular, Section IV describes various embodiments for generating and sending account tokens to merchants, Section V describes various embodiments for generating and sending account tokens to support systems of the payment processing network, and Section VI describes various embodiments for generating and sending account tokens to merchant support systems.
IV. Provisioning Account Tokens to Merchants
A. Merchant Registration
In some embodiments, the merchant computer 120 may transmit a registration request message M302 to the tokenization server 220. This is shown as step S701 of
Responsive to receiving the registration request message M302, the payment processing network 140 may assign the merchant a merchant verification value (MVV), if a MVV is not already assigned. With respect to
In addition to assigning the MVV, the payment processing network 140 may generate a token derivation key (TDK) corresponding to the merchant and/or the MVV (message M304). With regard to
By assigning the TDK to the MVV, the payment processing network 140 provides an additional layer of security to the tokenization algorithm. To illustrate, in the event that a fraudster is able obtain the TDK assigned to merchant 120, the account token databases maintained by other merchants will be secure. Such is the case because the TDK of one merchant can not be used to reverse tokenize the account tokens generated for other merchants.
In addition to generating the TDK, some example embodiments may generate a TDK index associated with the TDK. The TDK index may allow identification of a particular TDK for those embodiments that may generate multiple or subsequent TDKs for a given MVV. The TDK index and supporting multiple TDKs per merchant are described further below.
A merchant may only need to register once, and after completion of the registration process, subsequent communications with the merchant and or the acquirer of the merchant may include the account token rather than the less secure account identifier, as will be further described below.
B. Authorization
Once a merchant is registered in the tokenization service, a payment processing network may transmit an account token in communications exchanged with the merchant and/or acquirer. One situation that the payment processing network may transmit the account token to the merchant and/or acquirer is in the authorization process, for example, when a consumer's credit card is swiped at a POS terminal located at the merchant site. When the consumer's credit card is swiped, the acquirer computer 130 may transmit an authorization request message M306 to the payment processing network 140. This is shown as step S703 of
Once the authorization request message is received by the payment processing network 140 (step S708 of
In example embodiments, the TDK assigned to merchant computer 120 is securely housed in the payment processing network 140, and is not communicated or otherwise known to external parties. However, if the TDK is somehow compromised for a specific merchant (e.g., the merchant associated with merchant computer 120), the payment processing network 140 may generate a new TDK for the specific merchant and link the generated TDK with a TDK index. In an example embodiment of the invention, the first generated TDK may be linked with a beginning index (e.g., zero or one) and each successive TDK index generated by the payment processing network may be incremented by a determinable number, such as one. Thus, the TDK index linked to the merchant's original TDK may have the value of zero, the second TDK may be linked with a TDK index with a value of one, the third TDK may be linked with a TDK index with a value of two, and so on.
In other embodiments of the invention, the TDK index is a hidden index. Examples of hidden indexes are numbers produced by a random number function or indexes that are otherwise hidden. For example, the payment processing network 140 may apply such incremental indices described above to a hash function or decryption algorithm. An advantage of using a hidden index is that it provides an additional level of separation to the tokenization scheme. This is because hidden indices hide the relationship between prior and later indices. To illustrate, in an incrementing scheme without hidden indices, a fraudster may observe that two frequently occurring account tokens may represent the same underlying account identifier if the ending of occurrences of one of the account tokens coincides with the beginning of occurrences of the other and if the TDK indices for the two account tokens are one off from each other.
The payment processing network 140 may log the TDK index for every transaction. In this way, for each transaction, the payment processing network 140 may determine the token derivation key used to generate the account token regardless of subsequent token derivation key changes. As shown in
Message M314 is an authorization request message that is sent to an issuer computer 160. With reference to
When an authorization response message is received from the issuer computer 160 (step S714), the tokenization server 220 may embed the account token and the optional token derivation key index in the authorization response message M310. This embedding is shown as message M310.
If authorized, the payment processing network 140 may return the account token and the TDK index (if utilized by the payment processing network 140) to the acquirer computer 130 and/or merchant computer 120 in specified fields of the authorization response message M312. This is shown in
After the acquirer computer 130 receives the authorization response message M312, the acquirer computer 130 may then send the authorization response message M312 to the merchant computer 120 to be stored in token database 126. This is shown in
The payment processing network optionally provides the ability for the merchant computer 120 to use the account tokens to request the account identifiers to be sent back to the merchant computer 120. Via a mechanism (e.g., batch, online, remote web interfaces, etc.) the merchant computer 120 can submit the MVV, TDK index, and associated account token(s). The payment processing network 140 can then recover the original card account identifiers for secure transmission back to the merchant if the payment processing network 140 logged the transaction information.
An additional advantage of the embodiments is that it allows a comparatively efficient method and system to provide merchants and/merchant acquirers account tokens. In particular, once a merchant is registered, embodiments do not require separate or additional requests for tokenization. Instead, the payment processing network automatically provides an account token as part of the authorization process. Further, because the payment processing network utilizes the MVV and account identifier stored in the authentication request message (e.g., as stored in field 2 and field 62.20, respectively), embodiments may result in little, if any, changes to how authentication request messages are presently generated.
C. Multiple Merchants
As described above, the tokenization process communicates account tokens between the merchants and the payment processing network 140 as part of an authorization request and response.
In particular,
In some embodiments, authorization request message M402 can be in the form of an ISO (International Organization for Standardization) 8583 message. In other embodiments, authorization request message M402 can take the form of a web based call to a web service offered by the tokenization server 220. For example, the authorization request message M402 can be in the form of an XML message.
Once the tokenization server 220 receives the authorization request message M402, the authorization request module 230 can validate the authorization request message M402 and then can route the authorization request message M402 to the issuer computer 160 in the form of authorization request message M404.
In addition to verifying the authorization request message M402 and routing authorization request message M404 to issuer computer 160, the tokenization server 220 can also generate an account token for the account identifier associated with the authorization request message M402. The steps for generating the account token for the account identifier associated with the authorization request message M402 can begin before the tokenization server 220 receives an authorization response message M406.
After the tokenization module 226 retrieves the token derivation key associated with the MVV, the tokenization module 226 can generate the account token for the account identifier of the authorization request message M402. As described above, the tokenization module 226 can use a variety of methods for generating account tokens. In one embodiment, the tokenization module 226 applies a symmetric encryption algorithm to the account identifier. The token derivation key associated with the MVV can be used as the key for the symmetric encryption algorithm.
The generated account token is then sent to and received by the authorization response module. This is shown as message M403.
Upon receiving the authorization request message M404, the issuer computer 160 can analyze the authorization request message M404 and make a determination on whether the transaction should be authorized or not. If the issuer 160 verifies that the transaction can proceed, the issuer 160 can send an authorization response message to the payment processing network 140. This is shown as authorization response message M406.
Authorization response message M408 can be in any form. In some embodiments, authorization response message M408 generally takes the form of an ISO 8583 message with account token embedded in the fields. The authorization response message M408 may include a header M408(a) that indicates that the message is an authorization response message and a response code M408(c) to indicate whether the authorization request is authorized or denied. As described above, these are fields generally provided by the authorization response message M406 sent by the issuer computer 160. It should be noted that the indication that the message is an authorization request message or an authorization response message need not be included in headers 402(a) and 408(a), respectively. For example, as described below with respect to
As is described in greater detail below, with reference to
After the authorization response module 224 sends the authorization response message M408, the authorization response message M408 can be received by the merchant computer 120. Although not shown in
If at some later point in time, the consumer 110 makes another purchase at merchant 120 with the portable consumer device 115, the tokenization server 220 may generate an account token with the same value as the sent in authorization response message M408. That is, the merchant 120 may receive another account token with the value ABCDE.
However, if at some later point in time, the consumer 110 makes another purchase with the portable consumer device 115 at a different merchant, the tokenization server 220 may generate an account token with a different value. For example,
In comparison to the payment transaction processed in
D. Authorization Response Message Formats
As described above, an authorization response message can include an account token that is generated based on an account identifier and a merchant verification value. As is further described above, the account token can be embedded in the authorization response message in any number of ways. For example,
The message header field 602 can contain basic message identifiers and routing information along with message processing control codes and flags.
The message type field 604 can specify the message class and the category of function. For example, a message type field 604 value of ‘0110’ can indicate an authorization response message.
The bit map field 606 can specify which data fields are in an authorization response message. For example, a first bit in the bit map field 606 may indicate if a first type of data field is present in the data fields 608, a second bit in the bit map field 606 may indicate if a second type of data field is present in the data fields 608, and a nth bit in the bit map field 606 may indicate if a nth type of data field is present in the data fields 608. A bit map field can be of any size. In example embodiments, a bit map field is a 64-bit field.
The data fields 608 can include any number fields used to process a message. For example, some fields may indicate a response code (e.g., whether a payment request is authorized or rejected). In particular, the data fields 608 can include an account token field 610. The account token field 610 can store the account token corresponding to an account identifier sent via a corresponding authorization request message. It is to be noted that when an account token field is present in the authorization response message, an appropriate bit in the bit map field 606 can be set.
Alternatively, an authorization response message can include a token derivation key index associated with the token derivation key used to generate the account token. As described above, providing a token derivation key index to the merchant computer allows the merchant computer to request the tokenization server 220 to return back the account identifier associated with the account token.
V. Account Identifier Substitution for Support Systems
Section IV describes techniques for communicating account tokens to a merchant computer. Such account tokens can be sent to the merchant computer during the authorization of a payment request, for example, in an authorization response message sent from the tokenization server to the merchant computer via an acquirer computer. In addition to communicating account tokens to a merchant, a tokenization server may also communicate with a number of support systems. Such support systems, as described above, may perform primary and auxiliary functions involved with authorizing, settling, and clearing transactions. The support systems may reside within a payment processing network or as an external partner that is in operative communication with the payment processing network. This section now describes methods, systems, and apparatuses for communicating an account token to these support systems.
A. System for Providing Account Tokens to a Support System
In embodiments of the invention, the payment processing network 140 may be in further operative communication with a support computer 150. The support computer 150 may perform supporting functions for the payment processing network 140 via support modules 22 and 24. An example of a supporting function is scoring a transaction for fraud.
As an illustration of the interaction between the payment processing network 140 and the support computer 150, a payment transaction is initiated by the acquirer computer 130 when a consumer 110 conducts a transaction with a merchant associated with merchant computer 120 via the access device 125. As described above, the acquirer computer 130, for example, may be operated by a banking institution that oversees an account associated with the merchant. The acquirer computer 130 may transmit an authorization request message to the payment processing network 140 and the authorization request message may be received by the tokenization server 220. In turn, the tokenization server 220 may transmit at least some portion of the authorization request message to other systems. For example, the tokenization server 220 may transmit the account identifier to supporting module 16. Further, the account identifier may be communicated to the support module 24 of the support computer 150.
Although the payment processing network 140 may need the account identifier for any number of reasons, such as moving money, checking status, and reporting, some of the support computers may not. For example, a support computer may only use the account identifier as an identifier or unique index. Exacerbating security risks associated with the use of account identifiers, these support computers may store the account identifier in various databases, problem logs, dump logs, core dumps, and other similar memory storages and data structures. Thus not only is the account identifier potentially exposed to fraudsters when the account identifier is transmitted between different systems but there is also a risk that a fraudster may obtain the account identifiers by hacking into these support computer, even long after the transaction has been conducted. Accordingly, the payment processing network 140 may improve security of an account identifier by communicating account tokens rather than account identifier, where possible.
As shown in
Once the tokenization server 220 generates or identifies the account token associated with the primary account number 912, the tokenization server 220 may communicate the account token to the support modules that do not require the account identifier (e.g., primary account number 912).
As part of the process of determining whether a support system requires an account identifier, the tokenization server 220 may query support system database 246 (see
Alternatively, whether or not a support module requires an account identifier or can instead accept an account token may be determined by manual configuration (e.g., input received by an administrator of the payment processing network 140) or via an application programming interface (API) of the support computer 150 that may allow the tokenization server 220 to interrogate the various support modules 22, 24 as to their requirements as it relates to receiving an account identifier or an account token.
Embodiments of the invention provide numerous advantages in the development of secure data centers. In particular, embodiments of the invention enable the development of comparatively more secure transactions that transmit an account identifier. Embodiments of the invention can provide such results because they utilize an account token rather than sensitive data, such as the account identifier. Specifically, embodiments of the invention generate account token data that is associated with a account identifier and then communicate the account token data rather than the account identifier to the various support systems. Use of the account token data reduces the risks of communicating the account identifier to various support systems as well as storing sensitive data within such systems.
B. Method for Providing Account Tokens to a Support System
The method 1000 may begin by enrolling a support module with the tokenization server 220. This is shown as step S1002. A support module may be running within the payment processing network 140 (e.g., support modules 16, 18) or within a support computer 150 that operates external and independent of the payment processing network 140 (e.g., support modules 22, 24). Enrolling a support module can involve, in some embodiments, communicatively connecting the support module to the tokenization server. For example, the support computer may offer the support module as a web service. In such cases, the tokenization server 220 (or the payment processing network 140 in general) and the support computer 150 may communicate using an APIs defined by each entity. Alternatively, the support modules may be deployed by the system administrator of the payment processing network 140. In such cases, the support module may be deployed wholly within the payment processing network 140, external to the payment processing network 140, or some combination thereof. The enrollment process, whether offered as a web service or as a deployed system, may indicate whether the support module is to receive an account identifier or an account token in later communications. Such information may be stored in the support system database 246 (see
Once enrolled, the tokenization server 220 may receive a payment message. This is shown as step S1004. As used herein, a “payment message” can refer to either an authorization request message or an authorization response message, which are described above.
After receiving the payment message, the tokenization server 220 may determine if a support module can receive an account token. This is shown as step S1006. The tokenization server 220 can determine if the support module can receive an account token using the information received when the support module was enrolled with the tokenization server 220. For example, the tokenization server 220 may access support system database 246 to determine whether a specific support module can receive an account token.
Step S1008 is a decision point on whether the support module can receive an account token, as is determined in step S1006. If yes, step S1010 is then performed. Otherwise, step S1014 is performed.
Step S1010 involves generating an account token from the account identifier included in the payment message (see step S1004). The tokenization server 220 may generate an account token for the account identifier using any of the methods or techniques described above. For example, the tokenization server 220 may encrypt the account identifier using any suitable encryption method. In some embodiments, a single token derivation key is used for tokenizing account identifiers for all support modules. In other embodiments, each support module, or a group of support modules, is assigned a specific token derivation key that is used to generate the account token. As described above, assigning different token derivation keys to different support modules can add an additional level of security among the different support modules.
After the account token is generated, the tokenization server 220 can then transmit an external request message to the support module, wherein the external request message includes the account token. This is shown as step S1012. As used herein, an “external request message” can refer to a message that is sent to the support module that causes the support module to provide its supporting function. In some embodiments, the external request message is sent according to an API provided by the support module. For example, the support module can provide a SOAP (Simple Object Access Protocol) procedure that can be used to receive and transmit information from and to the tokenization server 220. The SOAP procedure may then provide an implementation of a web service provided by the support module. XML can be used to define the message formats for the messages sent between the support module and the tokenization server 220. Again, examples of such procedures may relate to scoring a transaction for fraud, generating alerts to a customer or merchant, reporting, etc.
As described above, if the support module can not receive an account token based on decision step S1008, step S1014 is then performed. According to step S1014, the tokenization server 220 transmits an external request message to the support module with the account identifier. Such an external request message can be sent according the techniques described above, as it relates to step S1012.
After the external request message is sent to the support module, the tokenization server 220 can receive an external response message from the support module. This is shown as step S1016. As used herein, an “external response message” can refer to a message that is sent back to the tokenization server 220 from the support module in response to processing the external request message. In some embodiments, the external response message is a response message sent according to a SOAP procedure call. XML can be used to define the message format of the external response message. The external response message can include an indication of the web service initiated by the external request message. For example, the external response message can include a field that indicates whether the support function completed successfully or can include specific information, such as the fraud score of a transaction.
After receiving the external response message, the tokenization server 220 can send a payment message. This is shown as step S1018. As described above, a payment message can be an authorization request message. For example, the tokenization server 220 may have sent the external request message to a fraud scoring system in step S1012. In response to receiving the fraud score in the external response message in step S1016, the tokenization server 220 can forward an authorization request message with the fraud score to the issuer computer 160. The issuer computer 160 can then process the authorization request message and use the fraud score to determine whether the transaction is authorized.
Alternatively, also described above, a payment message can be an authorization response message. For example, the tokenization server 220 may have sent the external request message to a reporting system that can generate reports of transaction histories based on a number of categories. Because the reporting system is not used by the issuer computer 160 as it relates to determining whether a transaction is authorized, the tokenization server 220 can send the external request message after the tokenization server 220 receives the authorization response (e.g., in step S1004). Accordingly, the payment message involved in step S1018 is an authorization response message that may be sent back to the acquirer computer.
Whether the payment message is an authorization request message or an authorization response message, the payment message may include external system data. As used herein, “external system data” can refer to any information obtained from the support module that is to be communicated to an external entity, such as a merchant computer or an issuer computer. For example, external system data can refer to an offer or reward that a consumer obtains after a predetermined number of purchases at a store. As another example, external system data can refer to a risk score that is sent to an issuer so that the issuer can determine whether to authorize the payment request.
Step S1018 can also include determining the account identifier from the account token stored in the external system data. This step may allow the tokenization server 220 to route the payment message to the appropriate merchant computer, for example.
It is to be noted that the timing of when the various steps of the method 1000 are performed may vary according to example embodiments. For example, in some embodiments the authorization process operates independent of the function performed by the support module. In such cases, steps S1016 and S1018 can be performed in any order. Such may be the case where the support module merely logs transactions, for example.
VI. Provisioning Account Tokens for Merchant Support Systems
Although not yet discussed, a merchant may wish to communicate its merchant specific account tokens to a support system. To illustrate, a merchant computer can use a third-party to provide risk analysis services. Accordingly, when a merchant receives an authorization response message with an account token from a payment processing network, the merchant can then send the authorization response message, or portions thereof, to the third-party service provider for further processing. Communicating the account token to the third-party service provider is comparatively secure because the account token can not be used to conduct a transaction. When the third-party service provider receives the account token, it can, for example, compare the account token against a database that stores high risk account tokens and report a risk score back to the merchant.
In order to provide improved risk analysis, it may be desirable for the third-party service provider to compare account tokens it receives from one merchant against account tokens it receives from another merchant. However, as described above, the account tokens that the payment processing network sends to the merchants are specific to that merchant. That is, for a given account identifier, the account token generated for one merchant is going to be different than the account token generated for another merchant. As a result, the third-party service provider will be unable to determine if a first account token from a first merchant and a second account token from a second merchant are associated with the same underlying account identifier. This example illustrates the difficulty of analyzing account tokens across different merchants.
To begin,
To enable the merchant support server 1102 to analyze the merchant specific account tokens 126(a), the merchants 120 may send message M1110A to the merchant support server 1102. Message M1110A can include the merchant verification value associated with merchant computer 120, one or more of the merchant specific account tokens 126(a), and any other transaction data. Message M1110A can be sent to the merchant support server 1102 in response to receiving an authorization response message from the payment processing network 140. Such may be the case when the merchant support server 1102 is involved in the authorization process. Alternatively, the merchant computer 120 may send message M1110A as part of a batch processes that runs periodically or at set times.
Similarly, merchant 121 can send message M1110B to the merchant support server 1102 to communicate its merchant specific account tokens 127(a) to the merchant support server 1102.
When the merchant support server 1102 receives messages M1110A and/or M1110B, the merchant support server 1102 may send a normalization request message M1112 to the tokenization server 220.
Once the tokenization server 220 receives the normalization request message M1112, the tokenization server 220 can authorize the request to normalize the account token. In one embodiment, prior to sending message M1110A, merchant 120 can register the merchant support server 1102 as a trusted support system. In this case, the tokenization server 220 can store this relationship in the support system database 246. Accordingly, in one embodiment, the tokenization server 220 can search the support system database 246 using the merchant verification value assigned to the merchant to determine whether the merchant previously registered the merchant support server 1102 as a trusted support system. Alternatively, in another embodiment, the tokenization server 220 can search the support system database 246 using the verification value of the merchant support server 1102 to determine whether the merchant previously registered the merchant support server as a trusted support system.
After the tokenization server 220 determines that the merchant support server 1102 is authorized to normalize the account token data, the tokenization server 220 can reverse tokenize the merchant specific account tokens to obtain the account identifier. In an example embodiment, the normalization module 228 (see
The above described approach can be used with respect to any other merchant, such as merchant 121, and the other merchant's account tokens.
Once the normalization module 228 transforms the account tokens back to the underlying account identifiers, the normalization module 228 then searches the TDK database 244 for the token derivation key assigned to the merchant support system 1102. With the token derivation key assigned to the merchant support system 1102, the normalization module 228 can then generate new account tokens of the account identifiers. This new set of account tokens can be referred to as normalized account tokens.
After the normalization module 228 generates the normalized account tokens, the tokenization server 220 then sends the normalized account tokens to the merchant support server 1102. This is shown as message M1114, as a normalization response message. The merchant support server 1102 can store the normalized account tokens in the normalized account token database 1104. As shown in
As
The normalization approach described above provides a number of additional advantages. For example, because systems external to the payment processing network store account tokens rather than account identifiers, these systems do not have to provide costly safety systems to ensure they comply with various security standards. In particular, the merchant support server 1102 can be completely shielded from receiving or even communicating account identifiers.
The approach described with respect to
In some embodiments, before the tokenization server 220 can provide a normalized account token for account identifiers involved in transactions with merchant 120, merchant 120 may enroll the merchant support server 1102 as a support system of merchant 120. This is shown as message M1210A. Message M1210A can include the merchant verification value of the merchant 120 and a support system verification value for the merchant support server 1102. For example, merchant 120 may be assigned the merchant verification value ‘MVV1’ and the third party support system 1102 can be assigned the support system verification value ‘SSVV’. When a merchant enrolls a merchant support server as a service system of the merchant, the tokenization server 220 creates an association between the verification value of the merchant and the verification value of the merchant support server 1102. As shown in
The record 1205 may include various information used to transform the account identifiers into a normalized account token. For example, the support system verification value (e.g., SSVV) can be linked to a token derivation key (e.g., Key C) that is used to tokenize account identifiers in a format specific to the merchant support server 1102. Records 1204, 1205 can be indexed by any suitable field, such as merchant or support system verification value.
Although
Merchant 121 can enroll the merchant support server 1102 as a support system in a similar manner.
Once the merchant support server 1102 is enrolled as a support system for the merchants, merchant 120 can send an authorization request message to the tokenization server 220 in the typical fashion, as may occur when a consumer swipes their credit card at a POS terminal. This is shown as message M1212A. The authorization request message can include information shown in
Additionally, the tokenization module 220 can use the merchant verification value to determine that the merchant support server 1102 is enrolled as a support system for the merchant 120. For example, the normalization module 228 can use the merchant verification value sent in the authorization request message to search database 1207 for a record associated with the merchant. For example, record 1204 can be indexed by the merchant verification value, in which case the normalization module would match record 1204 with the merchant verification value ‘MVV1’ sent in the authorization request message. The normalization module 228 can then search record 1204 for an indication that the merchant has enrolled merchant support server 1102 as a support system.
After determining that the merchant support server 1102 is a support system for merchant computer 120, the tokenization module 226 can generate an additional account token using the token derivation key assigned to the merchant support server. This can be done by passing the support system verification value assigned to the merchant support server 1102 and the account identifier sent in the authorization request message to the tokenization module 226. When the tokenization module 226 receives the account identifier and the support system verification value ‘SSVV’, it can search normalization database 1207 for the token derivation key assigned to the merchant support server 1102. For example, the tokenization module 226 can obtain the token derivation key assigned to the support system by matching record 1205 with the support system verification value stored in record 1204 (i.e., ‘SSVV’), for example. After the tokenization module 226 locates the record associated with the merchant support server 1102, the tokenization module 226 can generate a second account token of the account identifier sent in the authorization request message using the token derivation key assigned to the merchant support server 1104.
After the tokenization module 226 generates the account token based on the token derivation key assigned to the merchant 120 and the account token based on the token derivation key assigned to the merchant support server, the tokenization server 220 can send the account tokens to the merchant 120. This is shown as message M1214A. For example, as explained above, the account token based on the merchant's 120 token derivation key can be inserted in an authorization response message. Further, the account token based on the token derivation key assigned to the merchant support server 1104 can similarly be inserted in the authorization response message.
When the merchant 120 receives the authorization response message M1214A, the merchant can then store the account token based on the token derivation key assigned to the merchant in token database 126.
The techniques described above can be used by the merchant 121. For example, merchant 121 can: register the merchant support server 1104 as a support system (M1210B); send an authorization request message (M1212B), receive an authorization response message that includes an account token based on the token derivation key assigned to merchant 121 and a key based on the token derivation key assigned to the merchant support server (M1214B), store the account token based on the token derivation key assigned to the merchant 121 (as shown by the merchant specific account tokens 127(a) stored in account token database 127), and send the account token based on the token derivation key assigned to the merchant support server 1104 (M1216B).
Further, the technique of generating account tokens in response to authorization request messages and sending the account tokens in authorization response messages can be repeated for one or more transactions. For example, as
However, unlike the embodiments described with reference to
VII. Exemplary Computer Apparatuses
Any of the elements in figures described herein can use any suitable number of subsystems to facilitate the functions described herein. System 800 in
For example, the computer may be a desktop, portable, rack-mounted or tablet configuration. Additionally, the computer may be a series of networked computers. Further, the use of other micro processors are contemplated, such as Xeon™, Pentium™ or Core™ microprocessors; Turion™ 64, Opteron™ or Athlon™ microprocessors from Advanced Micro Devices, Inc; and the like. Further, other types of operating systems are contemplated, such as Windows®, WindowsXP®, WindowsNT®, or the like from Microsoft Corporation, Solaris from Sun Microsystems, LINUX, UNIX, and the like. In still other embodiments, the techniques described above may be implemented upon a chip or an auxiliary processing board. Various embodiments may be based upon systems provided by daVinci, Pandora, Silicon Color, or other vendors.
In one embodiment, computer system 800 typically includes a monitor 810, computer 820, a keyboard 830, a user input device 845, network interface 850, and the like. In various embodiments, monitor 810 may be embodied as a CRT display, an LCD display, a plasma display, a direct-projection or rear-projection DLP, a microdisplay, or the like. In various embodiments, display 810 may be used to display user interfaces and rendered images.
In various embodiments, user input device 845 is typically embodied as a computer mouse, a trackball, a track pad, a joystick, wireless remote, drawing tablet, voice command system, and the like. User input device 845 typically allows a user to select objects, icons, text and the like that appear on the display 810 via a command such as a click of a button or the like. An additional specialized user input device 845, such a magnetic stripe, RFID transceiver or smart card reader may also be provided in various embodiments. In other embodiments, user input device 845 include additional computer system displays (e.g. multiple monitors). Further user input device 845 may be implemented as one or more graphical user interfaces on such a display.
Embodiments of network interface 850 typically include an Ethernet card, a modem (telephone, satellite, cable, ISDN), (asynchronous) digital subscriber line (DSL) unit, FireWire interface, USB interface, and the like. For example, network interface 850 may be coupled to a computer network, to a FireWire bus, or the like. In other embodiments, network interface 850 may be physically integrated on the motherboard of computer, may be a software program, such as soft DSL, or the like.
RAM 870 and disk drive 880 are examples of computer-readable tangible media configured to store data such user, account and transaction level data, calculated aggregated data, super keys, sub keys and other executable computer code, human readable code, or the like. Other types of tangible media include magnetic storage media such as floppy disks, networked hard disks, or removable hard disks; optical storage media such as CD-ROMS, DVDs, holographic memories, or bar codes; semiconductor media such as flash memories, read-only-memories (ROMS); battery-backed volatile memories; networked storage devices, and the like.
In the present embodiment, computer system 800 may also include software that enables communications over a network such as the HTTP, TCP/IP, RTP/RTSP protocols, and the like. In alternative embodiments of the present invention, other communications software and transfer protocols may also be used, for example IPX, UDP or the like.
In various embodiments, computer 820 typically includes familiar computer components such as a processor 860, and memory storage devices, such as a random access memory (RAM) 870, disk drive 880, and system bus 890 interconnecting the above components.
In some embodiments, computer 820 includes one or more Xeon™ microprocessors from Intel Corporation. Further, in the present embodiment, computer 820 may include a UNIX-based operating system.
It should be understood that embodiments of the present invention as described above can be implemented in the form of control logic using computer software in a modular or integrated manner. Based on the disclosure and teachings provided herein, a person of ordinary skill in the art will know and appreciate other ways and/or methods to implement the present invention using hardware and a combination of hardware and software
Any of the software components or functions described in this application, may be implemented as software code to be executed by a processor using any suitable computer language such as, for example, Java, C++ or Perl using, for example, conventional or object-oriented techniques. The software code may be stored as a series of instructions, or commands on a non-transitory computer readable medium, such as a random access memory (RAM), a read only memory (ROM), a magnetic medium such as a hard-drive or a floppy disk, or an optical medium such as a CD-ROM. Any such non-transitory computer readable medium may reside on or within a single computational apparatus, and may be present on or within different computational apparatuses within a system or network.
The above descriptions are illustrative and are not restrictive. Many variations of the invention will become apparent to those skilled in the art upon review of the disclosure. The scope of the invention should, therefore, be determined not with reference to the above description, but instead should be determined with reference to the pending claims along with their full scope or equivalents.
One or more features from any embodiment may be combined with one or more features of any other embodiment without departing from the scope of the invention. For example, any of the above described analytics may be combined with any other suitable analytics in any suitable manner in methods or systems according to embodiments of the invention. Thus, although specific features are separately described in this application, they may be combined in certain embodiments of the invention.
A recitation of “a”, “an” or “the” is intended to mean “one or more” unless specifically indicated to the contrary.
This application is a continuation application of U.S. application Ser. No. 15/095,984, filed Apr. 11, 2016, which is a divisional application of U.S. application Ser. No. 13/208,733, filed Aug. 12, 2011 and claims the benefit of U.S. Provisional Application No. 61/373,163, filed Aug. 12, 2010, entitled “SECURING SECONDARY SYSTEMS WITH TOKEN PAN SUBSTITUTION,” and U.S. Provisional Application No. 61/381,322, filed Sep. 9, 2010, entitled “ACCOUNT NUMBER TOKENIZATION,” which are herein incorporated by reference in their entirety for all purposes.
Number | Name | Date | Kind |
---|---|---|---|
5613012 | Hoffman et al. | Mar 1997 | A |
5781438 | Lee et al. | Jul 1998 | A |
5819226 | Gopinathan et al. | Oct 1998 | A |
5883810 | Franklin | Mar 1999 | A |
5903652 | Mital | May 1999 | A |
5903880 | Biffar | May 1999 | A |
5953426 | Windel | Sep 1999 | A |
5953710 | Fleming | Sep 1999 | A |
5956699 | Wong et al. | Sep 1999 | A |
6000832 | Franklin et al. | Dec 1999 | A |
6005945 | Whitehouse | Dec 1999 | A |
6014635 | Harris et al. | Jan 2000 | A |
6044360 | Picciallo | Mar 2000 | A |
6119103 | Basch et al. | Sep 2000 | A |
6163771 | Walker et al. | Dec 2000 | A |
6182894 | Hackett et al. | Feb 2001 | B1 |
6227447 | Campisano | May 2001 | B1 |
6236981 | Hill | May 2001 | B1 |
6267292 | Walker et al. | Jul 2001 | B1 |
6327578 | Linehan | Dec 2001 | B1 |
6341724 | Campisano | Jan 2002 | B2 |
6385596 | Wiser et al. | May 2002 | B1 |
6422462 | Cohen | Jul 2002 | B1 |
6425523 | Shem-Ur et al. | Jul 2002 | B1 |
6592044 | Wong et al. | Jul 2003 | B1 |
6636833 | Flitcroft et al. | Oct 2003 | B1 |
6658393 | Basch et al. | Dec 2003 | B1 |
6745936 | Movalli et al. | Jun 2004 | B1 |
6748367 | Lee | Jun 2004 | B1 |
6805287 | Bishop et al. | Oct 2004 | B2 |
6879965 | Fung et al. | Apr 2005 | B2 |
6891953 | DeMello et al. | May 2005 | B1 |
6901387 | Wells et al. | May 2005 | B2 |
6931382 | Laage et al. | Aug 2005 | B2 |
6938019 | Uzo | Aug 2005 | B1 |
6941285 | Sarcanin | Sep 2005 | B2 |
6961858 | Fransdonk | Nov 2005 | B2 |
6980670 | Hoffman et al. | Dec 2005 | B1 |
6990470 | Hogan et al. | Jan 2006 | B2 |
6991157 | Bishop et al. | Jan 2006 | B2 |
7020635 | Hamilton et al. | Mar 2006 | B2 |
7032168 | Gerace et al. | Apr 2006 | B1 |
7051929 | Li | May 2006 | B2 |
7069249 | Stolfo et al. | Jun 2006 | B2 |
7080049 | Truitt et al. | Jul 2006 | B2 |
7090128 | Farley et al. | Aug 2006 | B2 |
7103576 | Mann, III et al. | Sep 2006 | B2 |
7107462 | Fransdonk | Sep 2006 | B2 |
7113930 | Eccles et al. | Sep 2006 | B2 |
7136835 | Flitcroft et al. | Nov 2006 | B1 |
7150045 | Koelle et al. | Dec 2006 | B2 |
7177835 | Walker et al. | Feb 2007 | B1 |
7177848 | Hogan et al. | Feb 2007 | B2 |
7194437 | Britto et al. | Mar 2007 | B1 |
7209561 | Shankar et al. | Apr 2007 | B1 |
7264154 | Harris | Sep 2007 | B2 |
7287692 | Patel et al. | Oct 2007 | B1 |
7292999 | Hobson et al. | Nov 2007 | B2 |
7350230 | Forrest | Mar 2008 | B2 |
7353382 | Labrou et al. | Apr 2008 | B2 |
7379919 | Hogan et al. | May 2008 | B2 |
RE40444 | Linehan | Jul 2008 | E |
7403922 | Lewis et al. | Jul 2008 | B1 |
7415443 | Hobson et al. | Aug 2008 | B2 |
7444676 | Asghari-Kamrani et al. | Oct 2008 | B1 |
7469151 | Khan et al. | Dec 2008 | B2 |
7548889 | Bhambri et al. | Jun 2009 | B2 |
7567934 | Flitcroft et al. | Jul 2009 | B2 |
7567936 | Peckover et al. | Jul 2009 | B1 |
7571139 | Giordano et al. | Aug 2009 | B1 |
7571142 | Flitcroft et al. | Aug 2009 | B1 |
7580898 | Brown et al. | Aug 2009 | B2 |
7584153 | Brown et al. | Sep 2009 | B2 |
7593896 | Flitcroft et al. | Sep 2009 | B1 |
7603382 | Halt, Jr. | Oct 2009 | B2 |
7606560 | Labrou et al. | Oct 2009 | B2 |
7620606 | Gentry et al. | Nov 2009 | B2 |
7627531 | Breck et al. | Dec 2009 | B2 |
7627895 | Gifford et al. | Dec 2009 | B2 |
7650314 | Saunders | Jan 2010 | B1 |
7664701 | Phillips et al. | Feb 2010 | B2 |
7685037 | Reiners et al. | Mar 2010 | B2 |
7685067 | Britto et al. | Mar 2010 | B1 |
7702578 | Fung et al. | Apr 2010 | B2 |
7707120 | Dominguez et al. | Apr 2010 | B2 |
7712655 | Wong | May 2010 | B2 |
7734527 | Uzo | Jun 2010 | B2 |
7753265 | Harris | Jul 2010 | B2 |
7757298 | Shuster | Jul 2010 | B2 |
7770789 | Oder, II et al. | Aug 2010 | B2 |
7784685 | Hopkins, III | Aug 2010 | B1 |
7793851 | Mullen | Sep 2010 | B2 |
7801826 | Labrou et al. | Sep 2010 | B2 |
7805376 | Smith | Sep 2010 | B2 |
7805378 | Berardi et al. | Sep 2010 | B2 |
7818264 | Hammad | Oct 2010 | B2 |
7828220 | Mullen | Nov 2010 | B2 |
7835960 | Breck et al. | Nov 2010 | B2 |
7841523 | Oder, II et al. | Nov 2010 | B2 |
7841539 | Hewton | Nov 2010 | B2 |
7844550 | Walker et al. | Nov 2010 | B2 |
7848980 | Carlson | Dec 2010 | B2 |
7849020 | Johnson | Dec 2010 | B2 |
7853529 | Walker et al. | Dec 2010 | B1 |
7853995 | Chow et al. | Dec 2010 | B2 |
7865414 | Fung et al. | Jan 2011 | B2 |
7873579 | Hobson et al. | Jan 2011 | B2 |
7873580 | Hobson et al. | Jan 2011 | B2 |
7890393 | Talbert et al. | Feb 2011 | B2 |
7891563 | Oder, II et al. | Feb 2011 | B2 |
7896238 | Fein et al. | Mar 2011 | B2 |
7908216 | Davis et al. | Mar 2011 | B1 |
7922082 | Muscato | Apr 2011 | B2 |
7931195 | Mullen | Apr 2011 | B2 |
7937324 | Patterson | May 2011 | B2 |
7938318 | Fein et al. | May 2011 | B2 |
7941370 | Paulsen et al. | May 2011 | B2 |
7954705 | Mullen | Jun 2011 | B2 |
7959076 | Hopkins, III | Jun 2011 | B1 |
7996288 | Stolfo | Aug 2011 | B1 |
8025223 | Saunders et al. | Sep 2011 | B2 |
8046256 | Chien et al. | Oct 2011 | B2 |
8060448 | Jones | Nov 2011 | B2 |
8060449 | Zhu | Nov 2011 | B1 |
8074877 | Mullen et al. | Dec 2011 | B2 |
8074879 | Harris | Dec 2011 | B2 |
8082210 | Hansen et al. | Dec 2011 | B2 |
8083137 | Tannenbaum | Dec 2011 | B2 |
8095113 | Kean et al. | Jan 2012 | B2 |
8104679 | Brown | Jan 2012 | B2 |
RE43157 | Bishop et al. | Feb 2012 | E |
8109436 | Hopkins, III | Feb 2012 | B1 |
8121942 | Carlson et al. | Feb 2012 | B2 |
8121956 | Carlson et al. | Feb 2012 | B2 |
8126449 | Beenau et al. | Feb 2012 | B2 |
8170922 | Cavagnaro | May 2012 | B2 |
8171525 | Pelly et al. | May 2012 | B1 |
8175973 | Davis et al. | May 2012 | B2 |
8190523 | Patterson | May 2012 | B2 |
8196813 | Vadhri | Jun 2012 | B2 |
8205791 | Randazza et al. | Jun 2012 | B2 |
8219489 | Patterson | Jul 2012 | B2 |
8224702 | Mengerink et al. | Jul 2012 | B2 |
8225385 | Chow et al. | Jul 2012 | B2 |
8229852 | Carlson | Jul 2012 | B2 |
8265993 | Chien et al. | Sep 2012 | B2 |
8280777 | Mengerink et al. | Oct 2012 | B2 |
8281991 | Wentker et al. | Oct 2012 | B2 |
8328095 | Oder, II et al. | Dec 2012 | B2 |
8336088 | Raj et al. | Dec 2012 | B2 |
8346666 | Lindelsee et al. | Jan 2013 | B2 |
8376225 | Hopkins, III | Feb 2013 | B1 |
8380177 | Laracey | Feb 2013 | B2 |
8381213 | Naamad et al. | Feb 2013 | B1 |
8387873 | Saunders et al. | Mar 2013 | B2 |
8401539 | Beenau et al. | Mar 2013 | B2 |
8401898 | Chien et al. | Mar 2013 | B2 |
8402555 | Grecia | Mar 2013 | B2 |
8403211 | Brooks et al. | Mar 2013 | B2 |
8412623 | Moon et al. | Apr 2013 | B2 |
8412837 | Emigh et al. | Apr 2013 | B1 |
8417642 | Oren | Apr 2013 | B2 |
8433116 | Butler et al. | Apr 2013 | B2 |
8447699 | Batada et al. | May 2013 | B2 |
8453223 | Svigals et al. | May 2013 | B2 |
8453925 | Fisher et al. | Jun 2013 | B2 |
8458487 | Palgon | Jun 2013 | B1 |
8484134 | Hobson et al. | Jul 2013 | B2 |
8485437 | Mullen et al. | Jul 2013 | B2 |
8494959 | Hathaway et al. | Jul 2013 | B2 |
8498908 | Mengerink et al. | Jul 2013 | B2 |
8504475 | Brand et al. | Aug 2013 | B2 |
8504478 | Saunders et al. | Aug 2013 | B2 |
8510816 | Quach et al. | Aug 2013 | B2 |
8528067 | Hurry et al. | Sep 2013 | B2 |
8533860 | Grecia | Sep 2013 | B1 |
8538845 | Liberty | Sep 2013 | B2 |
8555079 | Shablygin et al. | Oct 2013 | B2 |
8566168 | Bierbaum et al. | Oct 2013 | B1 |
8567670 | Stanfield et al. | Oct 2013 | B2 |
8571939 | Lindsey et al. | Oct 2013 | B2 |
8571980 | Greenwood | Oct 2013 | B1 |
8571995 | Spies et al. | Oct 2013 | B2 |
8577336 | Mechaley, Jr. | Nov 2013 | B2 |
8577803 | Chatterjee et al. | Nov 2013 | B2 |
8577813 | Weiss | Nov 2013 | B2 |
8578176 | Mattsson | Nov 2013 | B2 |
8583494 | Fisher | Nov 2013 | B2 |
8584251 | McGuire et al. | Nov 2013 | B2 |
8589237 | Fisher | Nov 2013 | B2 |
8589271 | Evans | Nov 2013 | B2 |
8589291 | Carlson et al. | Nov 2013 | B2 |
8595098 | Starai et al. | Nov 2013 | B2 |
8595812 | Bomar et al. | Nov 2013 | B2 |
8595850 | Spies et al. | Nov 2013 | B2 |
8606638 | Dragt | Dec 2013 | B2 |
8606700 | Carlson et al. | Dec 2013 | B2 |
8606720 | Baker et al. | Dec 2013 | B1 |
8615468 | Varadarajan | Dec 2013 | B2 |
8620754 | Fisher | Dec 2013 | B2 |
8635157 | Smith et al. | Jan 2014 | B2 |
8646059 | Von Behren et al. | Feb 2014 | B1 |
8651374 | Brabson et al. | Feb 2014 | B2 |
8656180 | Shablygin et al. | Feb 2014 | B2 |
8676707 | Flitcroft | Mar 2014 | B2 |
8751391 | Freund | Jun 2014 | B2 |
8762263 | Gauthier et al. | Jun 2014 | B2 |
8763142 | McGuire | Jun 2014 | B2 |
8793186 | Patterson | Jul 2014 | B2 |
8838982 | Carlson et al. | Sep 2014 | B2 |
8856539 | Weiss | Oct 2014 | B2 |
8887308 | Grecia | Nov 2014 | B2 |
9065643 | Hurry et al. | Jun 2015 | B2 |
9070129 | Sheets et al. | Jun 2015 | B2 |
9100826 | Weiss | Aug 2015 | B2 |
9160741 | Wentker et al. | Oct 2015 | B2 |
9229964 | Stevelinck | Jan 2016 | B2 |
9245267 | Singh | Jan 2016 | B2 |
9249241 | Dai et al. | Feb 2016 | B2 |
9256871 | Anderson et al. | Feb 2016 | B2 |
9280765 | Hammad | Mar 2016 | B2 |
9342832 | Basu | May 2016 | B2 |
9530137 | Weiss | Dec 2016 | B2 |
9672515 | Hogan | Jun 2017 | B2 |
10089683 | Dominguez | Oct 2018 | B2 |
10726413 | Basu | Jul 2020 | B2 |
10872343 | Keresman, III | Dec 2020 | B2 |
20010029485 | Brody et al. | Oct 2001 | A1 |
20010032878 | Tsiounis et al. | Oct 2001 | A1 |
20010034720 | Armes | Oct 2001 | A1 |
20010054003 | Chien et al. | Dec 2001 | A1 |
20020007320 | Hogan et al. | Jan 2002 | A1 |
20020016749 | Borecki et al. | Feb 2002 | A1 |
20020029193 | Ranjan et al. | Mar 2002 | A1 |
20020035548 | Hogan et al. | Mar 2002 | A1 |
20020059114 | Cockrill et al. | May 2002 | A1 |
20020073045 | Rubin et al. | Jun 2002 | A1 |
20020099649 | Lee et al. | Jul 2002 | A1 |
20020116341 | Hogan et al. | Aug 2002 | A1 |
20020133467 | Hobson et al. | Sep 2002 | A1 |
20020143987 | Sadler et al. | Oct 2002 | A1 |
20020147913 | Lun Yip | Oct 2002 | A1 |
20020194119 | Wright et al. | Dec 2002 | A1 |
20030028481 | Flitcroft et al. | Feb 2003 | A1 |
20030126094 | Fisher et al. | Jul 2003 | A1 |
20030130955 | Hawthorne | Jul 2003 | A1 |
20030191709 | Elston et al. | Oct 2003 | A1 |
20030191945 | Keech | Oct 2003 | A1 |
20030217099 | Bobde et al. | Nov 2003 | A1 |
20040010462 | Moon et al. | Jan 2004 | A1 |
20040050928 | Bishop et al. | Mar 2004 | A1 |
20040059682 | Hasumi et al. | Mar 2004 | A1 |
20040073688 | Sampson | Apr 2004 | A1 |
20040093281 | Silverstein et al. | May 2004 | A1 |
20040107170 | Labrou et al. | Jun 2004 | A1 |
20040139008 | Mascavage, III | Jul 2004 | A1 |
20040143532 | Lee | Jul 2004 | A1 |
20040143552 | Weichert et al. | Jul 2004 | A1 |
20040153650 | Hillmer | Aug 2004 | A1 |
20040158532 | Breck et al. | Aug 2004 | A1 |
20040210449 | Breck et al. | Oct 2004 | A1 |
20040210498 | Freund | Oct 2004 | A1 |
20040225473 | Aoki et al. | Nov 2004 | A1 |
20040232225 | Bishop et al. | Nov 2004 | A1 |
20040260646 | Berardi et al. | Dec 2004 | A1 |
20050027543 | Labrou et al. | Feb 2005 | A1 |
20050027648 | Knowles et al. | Feb 2005 | A1 |
20050037735 | Coutts | Feb 2005 | A1 |
20050080730 | Sorrentino | Apr 2005 | A1 |
20050108178 | York | May 2005 | A1 |
20050149455 | Bruesewitz et al. | Jul 2005 | A1 |
20050187873 | Labrou et al. | Aug 2005 | A1 |
20050199709 | Linlor | Sep 2005 | A1 |
20050246293 | Ong | Nov 2005 | A1 |
20050269401 | Spitzer et al. | Dec 2005 | A1 |
20050269402 | Spitzer et al. | Dec 2005 | A1 |
20060123465 | Ziegler | Jun 2006 | A1 |
20060167819 | Bhambri et al. | Jul 2006 | A1 |
20060235795 | Johnson et al. | Oct 2006 | A1 |
20060237528 | Bishop et al. | Oct 2006 | A1 |
20060277148 | Thackston | Dec 2006 | A1 |
20060278704 | Saunders et al. | Dec 2006 | A1 |
20070022058 | Labrou et al. | Jan 2007 | A1 |
20070050635 | Popp | Mar 2007 | A1 |
20070100691 | Patterson | May 2007 | A1 |
20070107044 | Yuen et al. | May 2007 | A1 |
20070125840 | Law et al. | Jun 2007 | A1 |
20070129955 | Dalmia et al. | Jun 2007 | A1 |
20070136193 | Starr | Jun 2007 | A1 |
20070136211 | Brown et al. | Jun 2007 | A1 |
20070170247 | Friedman | Jul 2007 | A1 |
20070179885 | Bird et al. | Aug 2007 | A1 |
20070192245 | Fisher et al. | Aug 2007 | A1 |
20070208671 | Brown et al. | Sep 2007 | A1 |
20070245414 | Chan et al. | Oct 2007 | A1 |
20070288377 | Shaked | Dec 2007 | A1 |
20070291995 | Rivera | Dec 2007 | A1 |
20070294539 | Shulman et al. | Dec 2007 | A1 |
20080015988 | Brown et al. | Jan 2008 | A1 |
20080029607 | Mullen | Feb 2008 | A1 |
20080035738 | Mullen | Feb 2008 | A1 |
20080052226 | Agarwal et al. | Feb 2008 | A1 |
20080054068 | Mullen | Mar 2008 | A1 |
20080054079 | Mullen | Mar 2008 | A1 |
20080054081 | Mullen | Mar 2008 | A1 |
20080065554 | Hogan et al. | Mar 2008 | A1 |
20080065555 | Mullen | Mar 2008 | A1 |
20080091617 | Hazel et al. | Apr 2008 | A1 |
20080091944 | von Mueller | Apr 2008 | A1 |
20080103982 | Hammad et al. | May 2008 | A1 |
20080201264 | Brown et al. | Aug 2008 | A1 |
20080201265 | Hewton | Aug 2008 | A1 |
20080228646 | Myers et al. | Sep 2008 | A1 |
20080243702 | Hart et al. | Oct 2008 | A1 |
20080245855 | Fein et al. | Oct 2008 | A1 |
20080245861 | Fein et al. | Oct 2008 | A1 |
20080283590 | Oder, II | Nov 2008 | A1 |
20080283591 | Oder, II et al. | Nov 2008 | A1 |
20080288382 | Smith et al. | Nov 2008 | A1 |
20080302869 | Mullen | Dec 2008 | A1 |
20080302876 | Mullen | Dec 2008 | A1 |
20080313264 | Pestoni | Dec 2008 | A1 |
20090006262 | Brown et al. | Jan 2009 | A1 |
20090010488 | Matsuoka et al. | Jan 2009 | A1 |
20090024908 | Kottke et al. | Jan 2009 | A1 |
20090037333 | Flitcroft et al. | Feb 2009 | A1 |
20090037388 | Cooper et al. | Feb 2009 | A1 |
20090043702 | Bennett | Feb 2009 | A1 |
20090048971 | Hathaway et al. | Feb 2009 | A1 |
20090070583 | Von Mueller et al. | Mar 2009 | A1 |
20090106112 | Dalmia et al. | Apr 2009 | A1 |
20090106160 | Skowronek | Apr 2009 | A1 |
20090134217 | Flitcroft et al. | May 2009 | A1 |
20090157555 | Biffle et al. | Jun 2009 | A1 |
20090159673 | Mullen et al. | Jun 2009 | A1 |
20090159700 | Mullen et al. | Jun 2009 | A1 |
20090159707 | Mullen et al. | Jun 2009 | A1 |
20090171778 | Powell | Jul 2009 | A1 |
20090171845 | Powell | Jul 2009 | A1 |
20090173782 | Muscato | Jul 2009 | A1 |
20090187508 | Placide | Jul 2009 | A1 |
20090200371 | Kean et al. | Aug 2009 | A1 |
20090228714 | Fiske et al. | Sep 2009 | A1 |
20090248581 | Brown | Oct 2009 | A1 |
20090248583 | Chhabra | Oct 2009 | A1 |
20090249082 | Mattsson | Oct 2009 | A1 |
20090254440 | Pharris | Oct 2009 | A1 |
20090276347 | Kargman | Nov 2009 | A1 |
20090281948 | Carlson | Nov 2009 | A1 |
20090288012 | Hertel et al. | Nov 2009 | A1 |
20090294527 | Brabson et al. | Dec 2009 | A1 |
20090307139 | Mardikar et al. | Dec 2009 | A1 |
20090308921 | Mullen | Dec 2009 | A1 |
20090319638 | Faith et al. | Dec 2009 | A1 |
20090327131 | Beenau et al. | Dec 2009 | A1 |
20100008535 | Abulafia et al. | Jan 2010 | A1 |
20100088204 | Nambiar et al. | Apr 2010 | A1 |
20100088237 | Wankmueller | Apr 2010 | A1 |
20100094755 | Kloster | Apr 2010 | A1 |
20100106644 | Annan et al. | Apr 2010 | A1 |
20100120408 | Beenau et al. | May 2010 | A1 |
20100133334 | Vadhri | Jun 2010 | A1 |
20100138347 | Chen | Jun 2010 | A1 |
20100145860 | Pelegero | Jun 2010 | A1 |
20100161433 | White | Jun 2010 | A1 |
20100185545 | Royyuru et al. | Jul 2010 | A1 |
20100185871 | Scherrer et al. | Jul 2010 | A1 |
20100211445 | Bodington | Aug 2010 | A1 |
20100211505 | Saunders et al. | Aug 2010 | A1 |
20100223186 | Hogan et al. | Sep 2010 | A1 |
20100228668 | Hogan et al. | Sep 2010 | A1 |
20100235284 | Moore | Sep 2010 | A1 |
20100257612 | McGuire | Oct 2010 | A1 |
20100258620 | Torreyson et al. | Oct 2010 | A1 |
20100268696 | Nightengale et al. | Oct 2010 | A1 |
20100291904 | Musfeldt et al. | Nov 2010 | A1 |
20100299267 | Faith et al. | Nov 2010 | A1 |
20100306076 | Taveau et al. | Dec 2010 | A1 |
20100318468 | Carr et al. | Dec 2010 | A1 |
20100325041 | Berardi et al. | Dec 2010 | A1 |
20100327054 | Hammad | Dec 2010 | A1 |
20110010292 | Giordano et al. | Jan 2011 | A1 |
20110016047 | Wu et al. | Jan 2011 | A1 |
20110016052 | Scragg | Jan 2011 | A1 |
20110016320 | Bergsten et al. | Jan 2011 | A1 |
20110040640 | Erikson | Feb 2011 | A1 |
20110047076 | Carlson et al. | Feb 2011 | A1 |
20110083018 | Kesanupalli et al. | Apr 2011 | A1 |
20110087596 | Dorsey | Apr 2011 | A1 |
20110093397 | Carlson et al. | Apr 2011 | A1 |
20110106710 | Reed et al. | May 2011 | A1 |
20110125597 | Oder, II et al. | May 2011 | A1 |
20110126274 | Sadeckas | May 2011 | A1 |
20110153437 | Archer et al. | Jun 2011 | A1 |
20110153498 | Makhotin et al. | Jun 2011 | A1 |
20110154466 | Harper et al. | Jun 2011 | A1 |
20110154467 | Bomar | Jun 2011 | A1 |
20110161233 | Tieken | Jun 2011 | A1 |
20110178926 | Lindelsee et al. | Jul 2011 | A1 |
20110191244 | Dai | Aug 2011 | A1 |
20110213807 | Mattsson | Sep 2011 | A1 |
20110238511 | Park et al. | Sep 2011 | A1 |
20110238573 | Varadarajan | Sep 2011 | A1 |
20110238575 | Nightengale et al. | Sep 2011 | A1 |
20110246317 | Coppinger | Oct 2011 | A1 |
20110246369 | De Oliveira et al. | Oct 2011 | A1 |
20110258111 | Raj et al. | Oct 2011 | A1 |
20110272471 | Mullen | Nov 2011 | A1 |
20110272478 | Mullen | Nov 2011 | A1 |
20110276380 | Mullen et al. | Nov 2011 | A1 |
20110276381 | Mullen et al. | Nov 2011 | A1 |
20110276424 | Mullen | Nov 2011 | A1 |
20110276425 | Mullen | Nov 2011 | A1 |
20110276489 | Larkin | Nov 2011 | A1 |
20110295745 | White et al. | Dec 2011 | A1 |
20110302081 | Saunders et al. | Dec 2011 | A1 |
20110307714 | Comrie | Dec 2011 | A1 |
20120023567 | Hammad | Jan 2012 | A1 |
20120028609 | Hruska | Feb 2012 | A1 |
20120030047 | Fuentes | Feb 2012 | A1 |
20120035998 | Chien et al. | Feb 2012 | A1 |
20120041881 | Basu et al. | Feb 2012 | A1 |
20120047237 | Arvidsson et al. | Feb 2012 | A1 |
20120066078 | Kingston et al. | Mar 2012 | A1 |
20120072350 | Goldthwaite et al. | Mar 2012 | A1 |
20120078735 | Bauer et al. | Mar 2012 | A1 |
20120078798 | Downing et al. | Mar 2012 | A1 |
20120078799 | Jackson et al. | Mar 2012 | A1 |
20120095852 | Bauer et al. | Apr 2012 | A1 |
20120095865 | Doherty et al. | Apr 2012 | A1 |
20120116902 | Cardina et al. | May 2012 | A1 |
20120123882 | Carlson et al. | May 2012 | A1 |
20120123940 | Killian et al. | May 2012 | A1 |
20120129514 | Beenau et al. | May 2012 | A1 |
20120130898 | Snyder et al. | May 2012 | A1 |
20120136789 | Kendrick et al. | May 2012 | A1 |
20120143767 | Abadir | Jun 2012 | A1 |
20120143772 | Abadir | Jun 2012 | A1 |
20120158580 | Eram et al. | Jun 2012 | A1 |
20120158593 | Garfinkle et al. | Jun 2012 | A1 |
20120173431 | Ritchie et al. | Jul 2012 | A1 |
20120185386 | Salama et al. | Jul 2012 | A1 |
20120197807 | Schlesser et al. | Aug 2012 | A1 |
20120203664 | Torossian et al. | Aug 2012 | A1 |
20120203666 | Torossian et al. | Aug 2012 | A1 |
20120215688 | Musser et al. | Aug 2012 | A1 |
20120215696 | Salonen | Aug 2012 | A1 |
20120221421 | Hammad | Aug 2012 | A1 |
20120226582 | Hammad | Sep 2012 | A1 |
20120231844 | Coppinger | Sep 2012 | A1 |
20120233004 | Bercaw | Sep 2012 | A1 |
20120246070 | Vadhri | Sep 2012 | A1 |
20120246071 | Jain et al. | Sep 2012 | A1 |
20120246079 | Wilson et al. | Sep 2012 | A1 |
20120265631 | Cronic et al. | Oct 2012 | A1 |
20120271770 | Harris et al. | Oct 2012 | A1 |
20120297446 | Webb et al. | Nov 2012 | A1 |
20120300932 | Cambridge et al. | Nov 2012 | A1 |
20120303503 | Cambridge et al. | Nov 2012 | A1 |
20120303961 | Kean et al. | Nov 2012 | A1 |
20120304273 | Bailey et al. | Nov 2012 | A1 |
20120310725 | Chien et al. | Dec 2012 | A1 |
20120310831 | Harris et al. | Dec 2012 | A1 |
20120316992 | Oborne | Dec 2012 | A1 |
20120317035 | Royyuru et al. | Dec 2012 | A1 |
20120317036 | Bower | Dec 2012 | A1 |
20130017784 | Fisher | Jan 2013 | A1 |
20130018757 | Anderson et al. | Jan 2013 | A1 |
20130019098 | Gupta et al. | Jan 2013 | A1 |
20130031006 | McCullagh et al. | Jan 2013 | A1 |
20130054337 | Brendell et al. | Feb 2013 | A1 |
20130054466 | Muscato | Feb 2013 | A1 |
20130054474 | Yeager | Feb 2013 | A1 |
20130081122 | Svigals et al. | Mar 2013 | A1 |
20130091028 | Oder (“J.D.”), II et al. | Apr 2013 | A1 |
20130110658 | Lyman et al. | May 2013 | A1 |
20130111599 | Gargiulo | May 2013 | A1 |
20130117185 | Collison et al. | May 2013 | A1 |
20130124290 | Fisher | May 2013 | A1 |
20130124291 | Fisher | May 2013 | A1 |
20130124364 | Mittal | May 2013 | A1 |
20130138525 | Bercaw | May 2013 | A1 |
20130144888 | Faith et al. | Jun 2013 | A1 |
20130145148 | Shablygin et al. | Jun 2013 | A1 |
20130145172 | Shablygin et al. | Jun 2013 | A1 |
20130159178 | Colon et al. | Jun 2013 | A1 |
20130159184 | Thaw | Jun 2013 | A1 |
20130166402 | Parento et al. | Jun 2013 | A1 |
20130166456 | Zhang et al. | Jun 2013 | A1 |
20130173736 | Krzeminski et al. | Jul 2013 | A1 |
20130185202 | Goldthwaite et al. | Jul 2013 | A1 |
20130191286 | Cronic et al. | Jul 2013 | A1 |
20130191289 | Cronic et al. | Jul 2013 | A1 |
20130198071 | Jurss | Aug 2013 | A1 |
20130198080 | Anderson et al. | Aug 2013 | A1 |
20130200146 | Moghadam | Aug 2013 | A1 |
20130204787 | Dubois | Aug 2013 | A1 |
20130204793 | Kerridge et al. | Aug 2013 | A1 |
20130212007 | Mattsson et al. | Aug 2013 | A1 |
20130212017 | Bangia | Aug 2013 | A1 |
20130212019 | Mattsson et al. | Aug 2013 | A1 |
20130212024 | Mattsson et al. | Aug 2013 | A1 |
20130212666 | Mattsson et al. | Aug 2013 | A1 |
20130218698 | Moon et al. | Aug 2013 | A1 |
20130218769 | Pourfallah et al. | Aug 2013 | A1 |
20130226799 | Raj | Aug 2013 | A1 |
20130226813 | Voltz | Aug 2013 | A1 |
20130246199 | Carlson | Sep 2013 | A1 |
20130246202 | Tobin | Sep 2013 | A1 |
20130246203 | Laracey | Sep 2013 | A1 |
20130246258 | Dessert | Sep 2013 | A1 |
20130246259 | Dessert | Sep 2013 | A1 |
20130246261 | Purves et al. | Sep 2013 | A1 |
20130246267 | Tobin | Sep 2013 | A1 |
20130254028 | Salci | Sep 2013 | A1 |
20130254052 | Royyuru et al. | Sep 2013 | A1 |
20130254102 | Royyuru | Sep 2013 | A1 |
20130254117 | Von Mueller et al. | Sep 2013 | A1 |
20130262296 | Thomas et al. | Oct 2013 | A1 |
20130262302 | Lettow et al. | Oct 2013 | A1 |
20130262315 | Hruska | Oct 2013 | A1 |
20130262316 | Hruska | Oct 2013 | A1 |
20130262317 | Collinge et al. | Oct 2013 | A1 |
20130275300 | Killian et al. | Oct 2013 | A1 |
20130275307 | Khan | Oct 2013 | A1 |
20130275308 | Paraskeva et al. | Oct 2013 | A1 |
20130282502 | Jooste | Oct 2013 | A1 |
20130282575 | Mullen et al. | Oct 2013 | A1 |
20130282588 | Hruska | Oct 2013 | A1 |
20130297501 | Monk et al. | Nov 2013 | A1 |
20130297504 | Nwokolo et al. | Nov 2013 | A1 |
20130297508 | Belamant | Nov 2013 | A1 |
20130304649 | Cronic et al. | Nov 2013 | A1 |
20130308778 | Fosmark et al. | Nov 2013 | A1 |
20130311382 | Fosmark et al. | Nov 2013 | A1 |
20130317982 | Mengerink et al. | Nov 2013 | A1 |
20130332344 | Weber | Dec 2013 | A1 |
20130339253 | Sincai | Dec 2013 | A1 |
20130346314 | Mogollon et al. | Dec 2013 | A1 |
20140007213 | Sanin et al. | Jan 2014 | A1 |
20140013106 | Redpath | Jan 2014 | A1 |
20140013114 | Redpath | Jan 2014 | A1 |
20140013452 | Aissi et al. | Jan 2014 | A1 |
20140019352 | Shrivastava | Jan 2014 | A1 |
20140025581 | Calman | Jan 2014 | A1 |
20140025585 | Calman | Jan 2014 | A1 |
20140025958 | Calman | Jan 2014 | A1 |
20140032417 | Mattsson | Jan 2014 | A1 |
20140032418 | Weber | Jan 2014 | A1 |
20140040137 | Carlson et al. | Feb 2014 | A1 |
20140040139 | Brudnicki et al. | Feb 2014 | A1 |
20140040144 | Plomske et al. | Feb 2014 | A1 |
20140040145 | Ozvat et al. | Feb 2014 | A1 |
20140040148 | Ozvat et al. | Feb 2014 | A1 |
20140040628 | Fort et al. | Feb 2014 | A1 |
20140041018 | Bomar et al. | Feb 2014 | A1 |
20140046853 | Spies et al. | Feb 2014 | A1 |
20140047551 | Nagasundaram et al. | Feb 2014 | A1 |
20140052532 | Tsai et al. | Feb 2014 | A1 |
20140052620 | Rogers et al. | Feb 2014 | A1 |
20140052637 | Jooste et al. | Feb 2014 | A1 |
20140068706 | Aissi | Mar 2014 | A1 |
20140074637 | Hammad | Mar 2014 | A1 |
20140108172 | Weber et al. | Apr 2014 | A1 |
20140114857 | Griggs et al. | Apr 2014 | A1 |
20140143137 | Carlson | May 2014 | A1 |
20140164243 | Aabye et al. | Jun 2014 | A1 |
20140188586 | Carpenter et al. | Jul 2014 | A1 |
20140294701 | Dai et al. | Oct 2014 | A1 |
20140297534 | Patterson | Oct 2014 | A1 |
20140310183 | Weber | Oct 2014 | A1 |
20140330721 | Wang | Nov 2014 | A1 |
20140330722 | Laxminarayanan et al. | Nov 2014 | A1 |
20140331265 | Mozell et al. | Nov 2014 | A1 |
20140337236 | Wong et al. | Nov 2014 | A1 |
20140344153 | Raj et al. | Nov 2014 | A1 |
20140372308 | Sheets | Dec 2014 | A1 |
20150019443 | Sheets et al. | Jan 2015 | A1 |
20150032625 | Dill et al. | Jan 2015 | A1 |
20150032626 | Dill et al. | Jan 2015 | A1 |
20150032627 | Dill et al. | Jan 2015 | A1 |
20150046338 | Laxminarayanan et al. | Feb 2015 | A1 |
20150046339 | Wong et al. | Feb 2015 | A1 |
20150052064 | Karpenko et al. | Feb 2015 | A1 |
20150088756 | Makhotin et al. | Mar 2015 | A1 |
20150106239 | Gaddam et al. | Apr 2015 | A1 |
20150112870 | Nagasundaram et al. | Apr 2015 | A1 |
20150112871 | Kumnick | Apr 2015 | A1 |
20150120472 | Aabye et al. | Apr 2015 | A1 |
20150127529 | Makhotin et al. | May 2015 | A1 |
20150127547 | Powell et al. | May 2015 | A1 |
20150140960 | Powell et al. | May 2015 | A1 |
20150142673 | Nelsen et al. | May 2015 | A1 |
20150161597 | Subramanian et al. | Jun 2015 | A1 |
20150178724 | Ngo et al. | Jun 2015 | A1 |
20150180836 | Wong et al. | Jun 2015 | A1 |
20150186864 | Jones et al. | Jul 2015 | A1 |
20150193222 | Pirzadeh et al. | Jul 2015 | A1 |
20150195133 | Sheets et al. | Jul 2015 | A1 |
20150199679 | Palanisamy et al. | Jul 2015 | A1 |
20150199689 | Kumnick et al. | Jul 2015 | A1 |
20150220917 | Aabye et al. | Aug 2015 | A1 |
20150269566 | Gaddam et al. | Sep 2015 | A1 |
20150312038 | Palanisamy | Oct 2015 | A1 |
20150319158 | Kumnick | Nov 2015 | A1 |
20150332262 | Lingappa | Nov 2015 | A1 |
20150356560 | Shastry et al. | Dec 2015 | A1 |
20160028550 | Gaddam et al. | Jan 2016 | A1 |
20160042263 | Gaddam et al. | Feb 2016 | A1 |
20160065370 | Le Saint et al. | Mar 2016 | A1 |
20160092696 | Guglani et al. | Mar 2016 | A1 |
20160092872 | Prakash et al. | Mar 2016 | A1 |
20160103675 | Aabye et al. | Apr 2016 | A1 |
20160119296 | Laxminarayanan et al. | Apr 2016 | A1 |
20160140545 | Flurscheim et al. | May 2016 | A1 |
20160148197 | Dimmick | May 2016 | A1 |
20160148212 | Dimmick | May 2016 | A1 |
20160171479 | Prakash et al. | Jun 2016 | A1 |
20160173483 | Wong et al. | Jun 2016 | A1 |
20160224976 | Basu et al. | Aug 2016 | A1 |
20160232520 | Singhal | Aug 2016 | A9 |
20170046696 | Powell et al. | Feb 2017 | A1 |
20170076281 | Dawkins | Mar 2017 | A1 |
20170103387 | Weber | Apr 2017 | A1 |
20170220818 | Nagasundaram et al. | Aug 2017 | A1 |
20170228723 | Taylor et al. | Aug 2017 | A1 |
Number | Date | Country |
---|---|---|
2156397 | Feb 2010 | EP |
0109855 | Feb 2001 | WO |
0135304 | May 2001 | WO |
0135304 | May 2002 | WO |
2004042536 | May 2004 | WO |
2006113834 | Oct 2006 | WO |
2009032523 | Mar 2009 | WO |
2010078522 | Jul 2010 | WO |
2012068078 | May 2012 | WO |
2012098556 | Jul 2012 | WO |
2012142370 | Oct 2012 | WO |
2012167941 | Dec 2012 | WO |
2013048538 | Apr 2013 | WO |
2013056104 | Apr 2013 | WO |
2013119914 | Aug 2013 | WO |
2013179271 | Dec 2013 | WO |
Entry |
---|
J. Liu, Y. Xiao, H. Chen, S. Ozdemir, S. Dodle and V. Singh, “A Survey of Payment Card Industry Data Security Standard,” in IEEE Communications Surveys & Tutorials, vol. 12, No. 3, pp. 287-303, Third Quarter 2010, doi: 10.1109/SURV.2010.031810.00083. |
U.S. Appl. No. 13/208,733 , Final Office Action, dated Mar. 28, 2013, 17 pages. |
U.S. Appl. No. 13/208,733 , Non-Final Office Action, dated Aug. 31, 2012, 29 pages. |
U.S. Appl. No. 13/208,733 , Notice of Allowance, dated Jan. 12, 2016, 18 pages. |
U.S. Appl. No. 15/095,984 , Final Office Action, dated Oct. 9, 2019, 20 pages. |
U.S. Appl. No. 15/095,984 , Non-Final Office Action, dated Apr. 4, 2019, 20 pages. |
U.S. Appl. No. 15/095,984 , Notice of Allowance, dated Mar. 20, 2020, 20 pages. |
Petition for Inter Partes Review of U.S. Pat. No. 8,533,860 Challenging Claims 1-30 Under 35 U.S.C. § 312 and 37 C.F.R. § 42.104, USPTO Patent Trial and Appeal Board, IPR 2016-00600, Feb. 17, 2016, 65 pages. |
U.S. Appl. No. 14/600,523, Secure Payment Processing Using Authorization Request filed Jan. 20, 2015, 42 pages. |
U.S. Appl. No. 15/008,388, Methods for Secure Credential Provisioning filed Jan. 27, 2016, 90 pages. |
U.S. Appl. No. 15/011,366, Token Check Offline filed Jan. 29, 2016, 60 pages. |
U.S. Appl. No. 15/019,157, Processing Utilizing Multiple Authorizations filed Feb. 9, 2016, 62 pages. |
U.S. Appl. No. 15/041,495, Peer Forward Authorization of Digital Requests filed Feb. 11, 2016, 63 pages. |
U.S. Appl. No. 15/265,282, Self-Cleaning Token Valut filed Sep. 14, 2016, 52 pages. |
U.S. Appl. No. 15/462,658, Replacing Token On a Multi-Token User Device filed Mar. 17, 2017, 58 pages. |
U.S. Appl. No. 15/004,705, Cloud-Based Transactions With Magnetic Secure Transmission, filed Jan. 22, 2016, 161 pages. |
U.S. Appl. No. 61/738,832, Management of Sensitive Data filed Dec. 18, 2012, 22 pages. |
U.S. Appl. No. 61/751,763, Payments Bridge filed Jan. 11, 2013, 64 pages. |
U.S. Appl. No. 61/879,632, Systems and Methods for Managing Mobile Cardholder Verification Methods filed Sep. 18, 2013, 24 pages. |
U.S. Appl. No. 61/892,407, Issuer Over-The-Air Update Method and System filed Oct. 17, 2013, 28 pages. |
U.S. Appl. No. 61/894,749, Methods and Systems for Authentication and Issuance of Tokens in a Secure Environment filed Oct. 23, 2013, 67 pages. |
U.S. Appl. No. 61/926,236, Methods and Systems for Provisioning Mobile Devices With Payment Credentials and Payment Token Identifiers filed Jan. 10, 2014, 51 pages. |
U.S. Appl. No. 62/000,288, Payment System Canonical Address Format filed May 19, 2014, 58 pages. |
U.S. Appl. No. 62/003,717, Mobile Merchant Application filed May 28, 2014, 58 pages. |
U.S. Appl. No. 62/024,426, Secure Transactions Using Mobile Devices filed Jul. 14, 2014, 102 pages. |
U.S. Appl. No. 62/037,033, Sharing Payment Token filed Aug. 13, 2014, 36 pages. |
U.S. Appl. No. 62/038,174, Customized Payment Gateway filed Aug. 15, 2014, 42 pages. |
U.S. Appl. No. 62/042,050, Payment Device Authentication and Authorization System filed Aug. 26, 2014, 120 pages. |
U.S. Appl. No. 62/053,736, Completing Transactions Without a User Payment Device filed Sep. 22, 2014, 31 pages. |
U.S. Appl. No. 62/054,346, Mirrored Token Vault filed Sep. 23, 2014, 38 pages. |
U.S. Appl. No. 62/103,522, Methods and Systems for Wallet Provider Provisioning filed Jan. 14, 2015, 39 pages. |
U.S. Appl. No. 62/108,403, Wearables With Nfc Hce filed Jan. 27, 2015, 32 pages. |
U.S. Appl. No. 62/117,291, Token and Cryptogram Using Transaction Specific Information filed Feb. 17, 2015, 25 pages. |
U.S. Appl. No. 62/128,709, Tokenizing Transaction Amounts filed Mar. 5, 2015, 30 pages. |
Mattsson, The Difference between Tokenization and Encryption, Protegrity, Available Online at: https://www.protegrity.com/difference-tokenization-encryption/, Nov. 7, 2011, 2 pages. |
U.S. Appl. No. 17/161,599 , Non-Final Office Action, dated Feb. 9, 2023, 22 pages. |
Slominski et al., “An Extensible and Interoperable Event System Architecture Using SOAP”, Department of Computer Science, 2002. |
U.S. Appl. No. 17/161,599 , Notice of Allowance, dated Jun. 23, 2023, 9 pages. |
Number | Date | Country | |
---|---|---|---|
20200320515 A1 | Oct 2020 | US |
Number | Date | Country | |
---|---|---|---|
61381322 | Sep 2010 | US | |
61373163 | Aug 2010 | US |
Number | Date | Country | |
---|---|---|---|
Parent | 13208733 | Aug 2011 | US |
Child | 15095984 | US |
Number | Date | Country | |
---|---|---|---|
Parent | 15095984 | Apr 2016 | US |
Child | 16905815 | US |