Patent Grant
9978094
In a tokenized payment transaction, a consumer provides a merchant with a token, which can represent an account that is associated with the consumer. In the case of credit and debit card transactions, the account may be issued and held by an issuer, which is typically a bank. The token may be a substitute account number that is associated with the real account number, but is not the real account number. Tokens can be limited in use and provide greater security for the payment transaction. If the token is obtained by an unauthorized person in a fraudulent manner, the real account number is not compromised.
While tokenized payment transactions are useful, a merchant that accepts a token may not be able to confirm that the token is valid. For example, a token may be expired, compromised, or invalid for a number of reasons. The merchant may be unaware that the payment token that is provided for payment is invalid until the token is submitted for authorization and authorization is subsequently denied. As a result, the merchant or issuer may incur unnecessary losses.
Another issue to be addressed is that there are many different parties in the payment ecosystem that can generate and/or transform tokens. Thus, it may be the case that entities including merchants, issuers, payment processors, third parties and the like might issue payment tokens and/or further tokenize or transform payment tokens. Because tokens are inherently unrecognizable substitutes for account numbers, it is difficult if not impossible for the party holding the payment token to determine which entity issued the token and check on its status. Further, even if the possessor of the token could determine the entities that actually issued the payment tokens that it received, it would be frustrating and difficult for the possessor to check with multiple entities as to the validity of the tokens that it receives. As noted above, tokens may be generated by issuers, payment processors, and even merchants.
Embodiments of the present invention solve these problems and other problems, individually and collectively.
Embodiments of the invention are directed to methods and systems for validating payment tokens using a tokenization revocation list. The token revocation list may be in a token revocation list computer system, which may include the token statuses of tokens generated by different entities. Since the token revocation list computer system can consolidate the payment tokens generated by multiple different entities, the token revocation list may serve as a single communication point for a token status requester to check on the status of a payment token, regardless of which entity actually generated the payment token.
One embodiment of the invention is directed to a method. The method comprising maintaining, by a token revocation list computer system, a status for each of a plurality of tokens issued by the server computer in a token revocation database, and then receiving, by the token revocation list computer system, a token validation request from a requester device. The token validation request includes at least one payment token of the plurality of tokens. The method further comprises determining, by the token revocation list computer system, the status of the at least one payment token of the plurality of tokens by searching the token revocation database for the status of the at least one of the plurality of tokens. After the status is determined, the token revocation list computer system sends a token validation response including the determined status of the at least one payment token of the plurality of tokens.
Another embodiment of the invention is directed to a token revocation list computer system comprising a token status list database and a token status list computer comprising a processor, and a computer readable medium coupled to the processor. The computer readable medium comprises code, executable by the processor, to implement a method. The method comprises maintaining a status for each of a plurality of tokens issued by the server computer in a token revocation database, and receiving a token validation request from a requester. The token validation request includes at least one payment token of the plurality of tokens. The method also comprises determining the status of the at least one of the plurality of tokens by searching the token revocation database for the status of the at least one payment token of the plurality of tokens, and sending a token validation response including the determined status of the at least one payment token of the plurality of tokens.
Another embodiment of the invention is directed to a token validation system. The token validation system comprises a requester device and a token revocation list computer system in communication with the requester device. The token revocation list computer system comprises (a) a token status list database and (b) a token status list computer. The token status list computer comprises a processor and a computer readable medium coupled to the processor. The computer readable medium comprises code executable by the processor to implement a method comprising (i) maintaining a status for each of a plurality of tokens issued by the server computer in a token revocation database, (ii) receiving a token validation request from a requester, wherein the token validation request includes at least one payment token of the plurality of tokens, (iii) determining the status of the at least one of the plurality of tokens by searching the token revocation database for the status of the at least one payment token of the plurality of tokens, and (iv) sending a token validation response including the determined status of the at least one payment token of the plurality of tokens.
These and other embodiments are described in further detail below with reference to the Drawings and the Detailed Description.
Embodiments of the invention are directed to methods and systems for validating tokens using a tokenization revocation list (TRL) responder, which may alternatively be referred to as a tokenization revocation list (TRL) computer system.
A “token” may include an identifier for a payment account that is a substitute for an account identifier, such as a primary account number (PAN). For example, a token may include a series of alphanumeric characters that may be used as a substitute for an original account identifier (e.g., a pseudo account number). For example, a token “4900 0000 0000 0001” may be used in place of a PAN “4147 0900 0000 1234.” In some embodiments, a token may be “format preserving” and may have a numeric format that conforms to the account identifiers used in existing payment processing networks (e.g., ISO 8583 financial transaction message format). In some embodiments, a token may be used in place of a PAN to initiate, authorize, settle or resolve a payment transaction or represent the original credential in other systems where the original credential would typically be provided. In some embodiments, a token value may be generated such that the recovery of the original PAN or other account identifier from the token value may not be computationally derived. Further, in some embodiments, the token format may be configured to allow the entity receiving the token to identify it as a token and recognize the entity that issued the token.
As noted above, in a tokenized payment transaction, a consumer may provide a payment token to a merchant instead of a real account number. The merchant processes the payment token like a credit or debit card number to obtain payment for a good or service from the consumer's account. However, these transactions can be insecure, because the token may have expired, been compromised, or rendered invalid for other reasons. If the merchant waits until a later time to authorize the transaction, the merchant may not discover that a token is invalid until authorization is denied.
It would be desirable to provide for a trusted entity such as a TRL computer system, which can verify the validity of a payment token. For example, a POS terminal at a merchant can tokenize a PAN (primary account number) to produce an initial payment token. Any upstream consumers can further tokenize the initial token to produce a subsequent payment token. This process can remove the trust chain and can make the application of value added services like risk and fraud identification difficult. Further, in the case where there is a flagged risk, there is no current method to determine if a payment token is no longer valid as a payment instrument. However, embodiments of the present invention may validate a payment token by requesting validation from an entity with access to a tokenization revocation list (TRL) computer system. The TRL computer system may provide information regarding whether one or more payment tokens have been revoked or are otherwise in poor standing with any entity in the transaction system.
Illustratively, in one embodiment of the invention, a consumer may purchase goods or services from a merchant and may provide a payment token to the merchant. If the merchant suspects that the token may not be valid for some reason, the merchant can send a token validation request to a TRL computer system. The token validation request may be transmitted from the merchant to the TRL computer system through a communications network that may be insecure. To provide security for the token validation request, the token validation request may comprise information identifying the requesting merchant such as a requester name, hashed information such as a hash of the TRL computer system name, and a hash of a public key, the payment token from the consumer, and a nonce. A hashing algorithm identifier (e.g., SHA-2 or SHA-3 identifier) may also be present in the token validation request, so that the TRL computer system knows which hashing algorithm to use to generate the hashed information. The TRL computer system may maintain a token database that indicates the revocation status of payment tokens issued to various token issuers. The TRL computer system may then locate a record of the payment token in the token validation request and may confirm that it is valid (or not valid).
After determining the validity of the payment token in the token validation request, the TRL computer system may then generate a token validation response to be transmitted from the TRL computer system to the merchant. The token validation response may comprise a response status indicating whether or not the token validation request was accepted, a responder ID such as the TRL computer system public key, a timestamp, the nonce, the hashed information, the payment token, and a TRL status code. The TRL status code may inform the merchant as to whether or not the payment token is valid or not valid. The merchant may then receive the token validation response, accept the payment token if it is valid, and complete the payment transaction with the consumer.
In some embodiments of the invention, the payment token can be used like an ordinary credit or debit card number. For example, an access device (e.g., a POS terminal or merchant Web server) at the merchant may generate an authorization request message. The authorization request message may be transmitted to an acquirer computer operated by an acquirer associated with the merchant. The acquirer computer may then transmit the authorization request message comprising the payment token to a payment processing network, which may have access to a token provider system which issued the payment token.
A payment processing network may include data processing subsystems, networks, and operations used to support and deliver authorization services, exception file services, and clearing and settlement services. An exemplary payment processing network may include VisaNet™. Payment processing networks such as VisaNet™ are able to process credit card transactions, debit card transactions, and other types of commercial transactions. VisaNet™, in particular includes a Visa Integrated Payments (VIP) system which processes authorization requests and a Base II system which performs clearing and settlement services. Furthermore, the payment processing network may include a server computer and may use any suitable wired or wireless telecommunications network, including the Internet.
After the token provider system receives the payment token, the token provider system may then provide the real account number associated with the payment token. A computer in the payment processing network can then generate a modified authorization request message with the real account number and can send the real account number to an issuer computer for authorization.
The issuer computer may then approve or disapprove of the transaction, and may then generate an authorization response message. The authorization response message comprises the real account number and is transmitted to the payment processing network. The computer in the payment processing network may then generate a modified authorization response message comprising the payment token and may transmit this back to the access device via the acquirer computer.
At the end of the day, a clearing and settlement process using the token and the real account number may take place between the acquirer computer, the payment processing network, and the issuer computer. The payment processing network may substitute the payment token for the real account number in the clearing messages, similar to the authorization request messages described above.
The token validation method and system according to embodiments of the invention can provide merchants with greater assurance that their transactions will be processed without interruption. For example, using embodiments of the invention, merchants can decide not to use payment tokens that have not been properly validated. Higher assurance can also be provided for tokens that are generated or stored on mobile devices. Furthermore, using embodiments of the invention, merchants are encouraged to accept tokens and merchants do not have to store sensitive consumer account information. Payments are also more secure for consumers, since payment tokens are more widely accepted and trusted using embodiments of the invention.
Embodiments of the invention providing the further advantage of safeguarding token status information from unauthorized entities. In some cases, fraudsters may illicitly obtain consumers' payment tokens. However, the fraudsters may not know if the payment tokens are valid and usable to conduct transactions. Embodiments of the invention can provide a token validation method that securely validates the identity of a token status requestor. Thus, embodiments can protect against unauthorized entities determining the status of a token.
Therefore, embodiments of the invention improve transaction security for merchants, issuers, payment processors, and consumers. Payment token fraud and risk are reduced when the parties that use or process the payment tokens can be made aware of their validity status.
I. Exemplary Systems
The TRL computer system 130 may include a server computer coupled to a token database with information about flagged, revoked, or otherwise invalid payment tokens. In some embodiments, the TRL computer system 130 may also be a token issuer. Further details regarding an exemplary TRL computer system 130 are provided below with reference to
The communications network 140 may be any one and/or the combination of the following: a direct interconnection; the Internet; a Local Area Network (LAN); a Metropolitan Area Network (MAN); an Operating Missions as Nodes on the Internet (OMNI); a secured custom connection; a Wide Area Network (WAN); a wireless network (e.g., employing protocols such as, but not limited to a Wireless Application Protocol (WAP), I-mode, and/or the like); and/or the like. The communications network 140 may be insecure, and as described herein, various specific communication protocols are provided to ensure that the transmission of token validation requests and responses are secure.
In embodiments of the invention, the second entity 121, which operates the second entity device 120, may enroll in a token validation program. To enroll, the second entity 121 can provide a requester name to the TRL computer system 130 so that the TRL computer system 130 may identify the second entity 121. The TRL computer system 130 may provide information (e.g., hashing algorithms, a TRL responder name or other identifier, a public key, etc.) that will enable secure communication with the second entity 121.
In embodiments of the invention, the TRL computer system 130 may receive and manage information about the status of one more tokens. The TRL computer system 130 may maintain a TRL containing records of the status of tokens. The TRL may compile information that is provided by one or more token issuers and processors such as banks (e.g. issuers, acquirers), payment processors (e.g. Visa™, American Express™), merchants, consumers, or any other entity capable of issuing or processing tokens. The first entity device 110 operated by the first entity 111 may receive tokens from a token issuer (e.g., either of the first or second token provider systems 160, 170 in
In some embodiments, the first entity 111 operating the first entity device 110 may also enroll with TRL computer system 130. The TRL computer system 130 may be operated by a token issuer and may provide the first entity device 110 operated by the first merchant with a set of tokens or a token generating algorithm for use in transactions. In this scenario, TRL computer system 130 may update the TRL with records of tokens generated by TRL computer system 130. Alternatively, the first entity device 110 operated by the first entity 111 may be a first merchant and a token issuer. The first entity 111 may issue or generate tokens that it will use for payments, such as payments to the second entity 121, which may be a merchant. In this case, the first entity 111 may enroll with the TRL computer system 130 so that the first entity 111 may inform the TRL computer system 130 of a token generation algorithm or a set of tokens that may be used by the first entity 111. Therefore, TRL computer system 130 may be able to update the TRL with information about tokens that may be used by the first entity 111.
In an exemplary illustration, the first entity 111 may be a first merchant that wishes to purchase goods and/or services from the second entity 121, which may be a second merchant. For example, first entity 111 may be a first merchant that may sell products made by the second entity 121, which may be a second merchant. Alternatively, the first entity 111 may be a typical consumer and not a merchant. For example, the first entity 111 may be an end consumer purchasing a final product made or sold by the second entity 121. In this scenario, the first entity 111 may be a consumer that is capable of making payments with tokens. The first entity 111 may receive tokens on a portable consumer device (e.g., a smart card, a mobile phone, a key fob) from a token issuer, and provide a token at a POS device during a transaction with the second entity 121.
The first entity device 110 may be in any suitable form in including, but not limited to a mobile phone, an access device, a standalone or mobile computer, a smart card, etc. In some embodiments, the first entity device 110 may be capable of generating or receiving payment tokens. It may include a token generating algorithm, and/or may receive payment tokens from a token issuer. In some embodiments, the TRL computer system 130 may be a token issuer that provides the first entity device 110 with payment tokens.
The second entity 121 may be a merchant that receives a transaction request and a payment token from the first entity 111. The second entity 121 may operate a second entity device 120, which may have the same or different form as the first entity device 110. The second entity 121 may be an acquirer bank associated with a merchant, a merchant, a consumer, or any other suitable entity. In some embodiments, the second merchant 121 may authorize the payment token immediately, before releasing goods to the first entity 111. In one illustration, the second entity 121 may submit all payment tokens in bulk at the end of the day. The second entity 121 may also be capable to generate a token validation request message, also referred to as a TRL request, and to send the token validation request message to the TRL computer system 130.
The TRL computer system 130 may include a server computer associated with a token issuer and/or a payment processing network. Alternatively, the TRL computer system 130 may be de-centralized and associated with a third party.
The processor 130A-1 may include a CPU that comprises at least one high-speed data processor adequate to execute program components for executing user and/or system-generated requests. The CPU may be a microprocessor such as AMD's Athlon, Duron and/or Opteron; IBM and/or Motorola's PowerPC; IBM's and Sony's Cell processor; Intel's Celeron, Itanium, Pentium, Xeon, and/or XScale; and/or the like processor(s).
The computer readable medium 130A-2 may comprise code, executable by the processor 130A-1, for implementing a method comprising maintaining a status for each of a plurality of tokens issued by the server computer in a token revocation database, receiving a token validation request from a requester, wherein the token validation request includes at least one payment token of the plurality of tokens, determining the status of the at least one of the plurality of tokens by searching the token revocation database for the status of the at least one payment token of the plurality of tokens, and sending a token validation response including the determined status of the at least one payment token of the plurality of tokens.
The TRL computer system 130 may maintain a list of tokens in the token database 130B, which may include the TRL. The TRL computer system 130 may communicate whether a token or a list of payment tokens have been revoked for various reasons.
Information about the various payment tokens in the token database 130B may include a database key identifying a specific data item, a token ID which may be the payment token itself, a token status (e.g., valid, revoked, or on hold), and the provider of the payment token. This database 130B preferably does not include real account numbers associated with the payment tokens that it stores, or any other sensitive PAI (payment account information). A payment token may be revoked because it has expired, or has been reported or flagged as being fraudulent or misused (e.g., exceeding a payment boundary such as when a $10 token is used to conduct a $100 transaction). A payment token may be on hold when the token is valid and the use is not otherwise improper, but the use is temporarily suspended (e.g., due to a credit limit being temporarily exceeded).
As noted above, the TRL computer system 130 may be operated by a token issuer capable of generating tokens and providing the tokens to the first entity device 110 operated by the first entity 111. Alternatively, TRL computer system 130 may provide a token generating algorithm to the first entity device 110, or receive information about a token generating algorithm from the first entity device 110. In any case, the TRL computer system 130 can anticipate the receipt of any payment token that may be submitted by the first entity device 110 and maintain a comprehensive list of existing and possible tokens.
The computer readable medium 130A-2 of the TRL computer system 130 may further include code for one or more hashing or encryption algorithms. The TRL computer system 130 may also be configured to receive a token validation request, look up one or more tokens from the request in the token database, determine the status of the one or more tokens, generate a token validation response message indicating the status of the one or more tokens, and send the response message to the requester. Further, TRL computer system 130 can also receive notifications of compromised tokens and update the token database accordingly. For example, the TRL computer system 130 may determine that all tokens issued by a specific merchant or bank are revoked because the merchant or bank's token database was hacked, leaked, or otherwise compromised.
The first entity device 110 and the second entity device 120 may be included in a typical credit or debit account or card transaction processing system. For example, the second entity 121 which operates the second entity device 120 may be a merchant with an associated acquirer. In some embodiments, an acquirer computer associated with second entity 121 may employ the above described roles of second entity 121 in a token validation system. Further TRL computer system 130 may be located at any part of a typical transaction ecosystem or de-centralized and associated with a third party. For example, TRL computer system 130 may be associated with a payment processing network. In some embodiments, the first entity device 110, the second entity device 120, and TRL computer system 130 may each comprise a server computer, or be operatively coupled to a server computer.
A server computer can be a powerful computer or a cluster of computers. For example, the server computer can be a large mainframe, a minicomputer cluster, or a group of servers functioning as a unit. In one example, the server computer may be a database server coupled to a Web server.
An acquirer computer can be associated with the second entity device 120 if it is a merchant computer. The acquirer computer may be communicatively coupled to the merchant computer and a payment processing network computer and may issue and manage a financial account for the merchant. In some embodiments, the acquirer computer may receive an authorization response message and may forward it to the merchant computer during a transaction to confirm processing of a payment transaction.
Such information relating to tokens and the status of tokens may be passed between the first token provider system 160 and the TRL computer system 130 via the first communications path 60. Information relating to tokens and the status of tokens may be passed between the second token provider system 170 and the TRL computer system 130 via the second communications path 70. If either the first token provider system 160 or the second token provider system 170 has updates to the status of the tokens that it generated, then this information may be provided to the token revocation list computer system 130.
As shown in
II. Exemplary Methods
Exemplary methods according to embodiments of the invention may also be described with reference to
Before a transaction begins, between the first entity 111 and the second entity 121, the first entity 111 may select goods or services for purchase from the second entity 121. Additionally, before the transaction method shown in
At step 10, using the first entity device 110, the first entity 111 may provide a payment token to the second entity device 120 to purchase goods and/or services from the second entity 121. The payment token may be used for a one time purchase or for recurring purchases. The payment token may be provided from the first entity device 110 to the second entity device 120 in any suitable manner. For example, the first entity device 110 may be a mobile phone that stores a payment token and this payment token may be transmitted to the second entity device 120 using any suitable contact based or contactless (e.g., RF) mode of transmission. In another example, the first entity device 110 may be a client computer and may direct a virtual wallet hosted by a wallet server to provide the payment token to the second entity device 120.
At step 20, the second entity 121 may be concerned that the first entity 111 has an infrastructure or device that may have been compromised, and may wish to validate the payment token with the TRL computer system 130 before proceeding with the transaction. In some cases, the second entity 121 may not intend to authorize the transaction until a later time, but may wish to verify that the transaction will likely be authorized by validating the payment token. Instead of immediately sending the payment token in an authorization request message to a payment processing network and/or issuer, the second entity 121 may compose and send a validation request message with their digital signature to TRL computer system 130.
The token validation request message, or TRL request 20 may comprise a requester name, hashed information, one or more payment tokens, and a nonce. The requester name may be the name of the entity that sent the request message. For example, the requester name may be the name of the second entity 121 or any other indication of the identity of the requester. The hashed information may include a hashing algorithm identifier (e.g. SHA-2 or SHA-3 identifier), a hash of the TRL computer system 130 name, a hash of the token issuer public key, and/or any other suitable information. The nonce may be a one-time value, such as a unique set of characters, to prevent replay attacks. Any subsequent message with a repeated nonce may be disregarded as fraudulent. The one or more payment tokens may be payment tokens provided by one or more entities such as the first entity 111.
At step 30, TRL computer system 130 may receive and read the signed token validation request message from the second entity 121 and may validate the payment token. The token validation request message may comprise at least one payment token or an identifier associated with the payment token. TRL computer system 130 may first assess the request message. In some embodiments, assessing the token validation request message may include validating the digital signature of the request message with a public key corresponding to the requester name included in the request message, and ensuring that the requester is authorized to validate the received token. If the request is invalid (e.g. the requester is unauthorized, request is badly formatted, not signed, has an incorrect signature, etc.), the TRL computer system 130 may not validate the token, and may instead send a response indicating that the request was not accepted.
If the request is valid, the TRL computer system 130 may accept the request message 20 and determine the status of the at least one token by searching the token revocation database for the status of the at least one token. Accordingly, the TRL computer system 130 may query the token database for a status associated with the received one or more tokens. TRL computer system 130 may look up the revocation status of the payment token in the token validation request message 20 received from the second entity device 120 in the token database in the TRL computer system 130. The TRL computer system 130 may determine that the token is, for example, valid (or active), on hold, or revoked. In some embodiments, a specific status code may be associated with the payment token. In some embodiments, the database of the TRL computer system 130 may be the only trusted location that is easily accessible to various parties where a compromise of the first entity's payment token would be recorded.
At step 40, TRL computer system 130 may generate and send a token validation response message, or TRL response 40, to the second entity device 120. The token validation response message 40 may comprise a response status, responder ID, timestamp, nonce, hashed information, one or more payment tokens, and one or more TRL status codes representing the status of the one or more payment tokens. For example, if TRL computer system 130 confirms that the payment token from the first entity 111 is valid, then it may return a status code “9”, which mean that the token is valid. Alternatively, if the token validation request message was not accepted, the token validation response message may not indicate the TRL status code, but may instead indicate that the request was not accepted.
The response status may indicate whether the token validation request message was accepted. For example, the request message may be rejected because it is sent by an unauthorized requester, it is a badly formatted request, it is not signed, or for any other suitable reason.
The responder ID may be a hash value of the TRL computer system 130 public key. Alternatively, the responder ID may be any other value that may indicate the identity of TRL computer system 130.
The timestamp may indicate the time when the response was prepared and signed by the TRL computer system 130. For example, the timestamp may be the final composed portion of the message, and may indicate the time of the moment just before the message was finished and sent, or any other suitable time.
The one or more TRL status codes may indicate the status of the one or more payment tokens. For example, the payment tokens may have a status of valid (or active), on hold, or revoked. A token may be irreversible revoked if, for example, the token issuer (e.g. issuing bank or merchant, etc.) improperly issued a token, or if their token generation algorithm or any mechanisms that identify the payment instrument component of the token have been compromised. An “on hold” token may be a reversible status to mark a temporary state of the payment token. For example, the token issuing bank or merchant may not be sure if any component of their token lifecycle has been compromised, or there may be suspected fraudulent use of a token that turns out to be a false positive.
The status code may be a code representing a specific token state, and other statuses besides valid, revoked and on hold may be used. For example, in some embodiments of the invention, the number “0” may indicate that the status is unspecified, “1” may indicate that the token is suspected of fraud, “2” may indicate that the issuer of the token has been compromised, “3” may indicate that the processor of the token has been compromised, “4” may indicate that the token is expired, “5” may indicate that the token is not eligible for the type or amount of the requested transaction, and “6” may indicate that the token is valid. Any other suitable set of status code numbers that may indicate any other suitable status may also be used.
At step 50, the second entity device 120 may receive and cryptographically verify (this could be using a private key belonging to the second entity 120) the token validation response message. For example, in some embodiments, second entity device 120 may verify a digital signature of response message 40 using a public key corresponding to the responder ID received in response message 40. The second entity device 120 may then proceed to accept the payment token if it is valid, and send a message to the first entity device 110 indicating that the payment token is accepted, and complete the transaction with the first entity 111 (as described above). The second entity 121 may release the goods and/or services purchased by the first entity 110. If the token validation response message indicates that the token is revoked or on hold, the second entity 120 may reject the token. The second entity 120 may then send a message to the first entity 110 indicating that the token was rejected and the transaction is denied, or that different payment information should be provided.
Embodiments of the invention have a number of advantages. For example, by providing a token revocation list at a central location, accessible to and used by a number of different token issuing entities, the statuses of tokens that are used in a payments ecosystem can be checked before proceeding with transactions. This provides for a convenient way for entities that issue payment tokens to communicate the statuses of their tokens to various users in the ecosystem that want to use or process payment tokens. In addition, some of the specific communication protocols disclosed herein provide for a secure and efficient way for token status requesters to safely inquire about the status of payment tokens, even if the communication network that is being used is not as secure as it should be. This not only protects the status of the tokens from eavesdroppers, but can prevent unauthorized parties from requesting the status of a token.
It is noted that other embodiments are also possible. For example, embodiments of the invention could be operated by an issuer, acquirer, or any other entity within a transaction processing system.
The various participants and elements in any of
Specific details regarding some of the above-described aspects are provided below. The specific details of the specific aspects may be combined in any suitable manner without departing from the spirit and scope of embodiments of the invention.
Storage media and computer readable media for containing code, or portions of code, may include any appropriate media known or used in the art, including storage media and communication media, such as but not limited to volatile and non-volatile, removable and non-removable media implemented in any method or technology for storage and/or transmission of information such as computer readable instructions, data structures, program modules, or other data, including RAM, ROM, EEPROM, flash memory or other memory technology, CD-ROM, digital versatile disk (DVD) or other optical storage, magnetic cassettes, magnetic tape, magnetic disk storage or other magnetic storage devices, data signals, data transmissions, or any other medium which may be used to store or transmit the desired information and which may be accessed by the computer. Based on the disclosure and teachings provided herein, a person of ordinary skill in the art may appreciate other ways and/or methods to implement the various embodiments.
It should be understood that the present invention as described above may be implemented in the form of control logic using computer software in a modular or integrated manner. Based on the disclosure and teachings provided herein, a person of ordinary skill in the art may know and appreciate other ways and/or methods to implement the present invention using hardware and a combination of hardware and software
Any of the software components or functions described in this application, may be implemented as software code to be executed by a processor using any suitable computer language such as, for example, Java, C++ or Perl using, for example, conventional or object-oriented techniques. The software code may be stored as a series of instructions, or commands on a computer readable medium, such as a random access memory (RAM), a read only memory (ROM), a magnetic medium such as a hard-drive or a floppy disk, or an optical medium such as a CD-ROM. Any such computer readable medium may reside on or within a single computational apparatus, and may be present on or within different computational apparatuses within a system or network.
The above description is illustrative and is not restrictive. Many variations of the invention may become apparent to those skilled in the art upon review of the disclosure. The scope of the invention should, therefore, be determined not with reference to the above description, but instead should be determined with reference to the pending claims along with their full scope or equivalents.
One or more features from any embodiment may be combined with one or more features of any other embodiment without departing from the scope of the invention.
A recitation of “a”, “an” or “the” is intended to mean “one or more” unless specifically indicated to the contrary.
This application is a non-provisional application of and claims the benefit of the filing date of U.S. Provisional Patent Application No. 61/889,987, which was filed on Oct. 11, 2013, which is herein incorporated by reference in its entirety for all purposes.
| Number | Name | Date | Kind |
|---|---|---|---|
| 5613012 | Hoffman | Mar 1997 | A |
| 5781438 | Lee | Jul 1998 | A |
| 5883810 | Franklin | Mar 1999 | A |
| 5953710 | Fleming | Sep 1999 | A |
| 5956699 | Wong | Sep 1999 | A |
| 6000832 | Franklin | Dec 1999 | A |
| 6014635 | Harris | Jan 2000 | A |
| 6044360 | Picciallo | Mar 2000 | A |
| 6163771 | Walker | Dec 2000 | A |
| 6227447 | Campisano | May 2001 | B1 |
| 6236981 | Hill | May 2001 | B1 |
| 6267292 | Walker | Jul 2001 | B1 |
| 6327578 | Linehan | Dec 2001 | B1 |
| 6341724 | Campisano | Jan 2002 | B2 |
| 6385596 | Wiser | May 2002 | B1 |
| 6422462 | Cohen | Jul 2002 | B1 |
| 6425523 | Shem Ur | Jul 2002 | B1 |
| 6592044 | Wong | Jul 2003 | B1 |
| 6636833 | Flitcroft | Oct 2003 | B1 |
| 6748367 | Lee | Jun 2004 | B1 |
| 6805287 | Bishop | Oct 2004 | B2 |
| 6879965 | Fung | Apr 2005 | B2 |
| 6891953 | DeMello | May 2005 | B1 |
| 6901387 | Wells | May 2005 | B2 |
| 6931382 | Laage | Aug 2005 | B2 |
| 6938019 | Uzo | Aug 2005 | B1 |
| 6941285 | Sarcanin | Sep 2005 | B2 |
| 6980670 | Hoffman | Dec 2005 | B1 |
| 6990470 | Hogan | Jan 2006 | B2 |
| 6991157 | Bishop | Jan 2006 | B2 |
| 7051929 | Li | May 2006 | B2 |
| 7069249 | Stolfo | Jun 2006 | B2 |
| 7103576 | Mann, III | Sep 2006 | B2 |
| 7113930 | Eccles | Sep 2006 | B2 |
| 7136835 | Flitcroft | Nov 2006 | B1 |
| 7177835 | Walker | Feb 2007 | B1 |
| 7177848 | Hogan | Feb 2007 | B2 |
| 7194437 | Britto | Mar 2007 | B1 |
| 7209561 | Shankar et al. | Apr 2007 | B1 |
| 7264154 | Harris | Sep 2007 | B2 |
| 7287692 | Patel | Oct 2007 | B1 |
| 7292999 | Hobson | Nov 2007 | B2 |
| 7350230 | Forrest | Mar 2008 | B2 |
| 7353382 | Labrou | Apr 2008 | B2 |
| 7379919 | Hogan | May 2008 | B2 |
| RE40444 | Linehan | Jul 2008 | E |
| 7415443 | Hobson | Aug 2008 | B2 |
| 7444676 | Asghari-Kamrani | Oct 2008 | B1 |
| 7469151 | Khan | Dec 2008 | B2 |
| 7548889 | Bhambri | Jun 2009 | B2 |
| 7567934 | Flitcroft | Jul 2009 | B2 |
| 7567936 | Peckover | Jul 2009 | B1 |
| 7571139 | Giordano | Aug 2009 | B1 |
| 7571142 | Flitcroft | Aug 2009 | B1 |
| 7580898 | Brown | Aug 2009 | B2 |
| 7584153 | Brown | Sep 2009 | B2 |
| 7593896 | Flitcroft | Sep 2009 | B1 |
| 7606560 | Labrou | Oct 2009 | B2 |
| 7627531 | Breck | Dec 2009 | B2 |
| 7627895 | Gifford | Dec 2009 | B2 |
| 7650314 | Saunders | Jan 2010 | B1 |
| 7685037 | Reiners | Mar 2010 | B2 |
| 7702578 | Fung | Apr 2010 | B2 |
| 7707120 | Dominguez | Apr 2010 | B2 |
| 7712655 | Wong | May 2010 | B2 |
| 7734527 | Uzo | Jun 2010 | B2 |
| 7753265 | Harris | Jul 2010 | B2 |
| 7770789 | Oder, II | Aug 2010 | B2 |
| 7784685 | Hopkins, III | Aug 2010 | B1 |
| 7793851 | Mullen | Sep 2010 | B2 |
| 7801826 | Labrou | Sep 2010 | B2 |
| 7805376 | Smith | Sep 2010 | B2 |
| 7805378 | Berardi | Sep 2010 | B2 |
| 7818264 | Hammad | Oct 2010 | B2 |
| 7827101 | Mascavage, III | Nov 2010 | B2 |
| 7828220 | Mullen | Nov 2010 | B2 |
| 7835960 | Breck | Nov 2010 | B2 |
| 7841523 | Oder, II | Nov 2010 | B2 |
| 7841539 | Hewton | Nov 2010 | B2 |
| 7844550 | Walker | Nov 2010 | B2 |
| 7848980 | Carlson | Dec 2010 | B2 |
| 7849020 | Johnson | Dec 2010 | B2 |
| 7853529 | Walker | Dec 2010 | B1 |
| 7853995 | Chow | Dec 2010 | B2 |
| 7865414 | Fung | Jan 2011 | B2 |
| 7873579 | Hobson | Jan 2011 | B2 |
| 7873580 | Hobson | Jan 2011 | B2 |
| 7890393 | Talbert | Feb 2011 | B2 |
| 7891563 | Oder, II | Feb 2011 | B2 |
| 7896238 | Fein | Mar 2011 | B2 |
| 7908216 | Davis et al. | Mar 2011 | B1 |
| 7922082 | Muscato | Apr 2011 | B2 |
| 7931195 | Mullen | Apr 2011 | B2 |
| 7937324 | Patterson | May 2011 | B2 |
| 7938318 | Fein | May 2011 | B2 |
| 7954705 | Mullen | Jun 2011 | B2 |
| 7959076 | Hopkins, III | Jun 2011 | B1 |
| 7996288 | Stolfo | Aug 2011 | B1 |
| 8025223 | Saunders | Sep 2011 | B2 |
| 8046256 | Chien | Oct 2011 | B2 |
| 8060448 | Jones | Nov 2011 | B2 |
| 8060449 | Zhu | Nov 2011 | B1 |
| 8074877 | Mullen | Dec 2011 | B2 |
| 8074879 | Harris | Dec 2011 | B2 |
| 8082210 | Hansen | Dec 2011 | B2 |
| 8095113 | Kean | Jan 2012 | B2 |
| 8104679 | Brown | Jan 2012 | B2 |
| RE43157 | Bishop | Feb 2012 | E |
| 8109436 | Hopkins, III | Feb 2012 | B1 |
| 8121942 | Carlson | Feb 2012 | B2 |
| 8121956 | Carlson | Feb 2012 | B2 |
| 8126449 | Beenau | Feb 2012 | B2 |
| 8171525 | Pelly | May 2012 | B1 |
| 8175973 | Davis et al. | May 2012 | B2 |
| 8190523 | Patterson | May 2012 | B2 |
| 8196813 | Vadhri | Jun 2012 | B2 |
| 8205791 | Randazza | Jun 2012 | B2 |
| 8219489 | Patterson | Jul 2012 | B2 |
| 8224702 | Mengerink | Jul 2012 | B2 |
| 8225385 | Chow | Jul 2012 | B2 |
| 8229852 | Carlson | Jul 2012 | B2 |
| 8265993 | Chien | Sep 2012 | B2 |
| 8280777 | Mengerink | Oct 2012 | B2 |
| 8281991 | Wentker et al. | Oct 2012 | B2 |
| 8328095 | Oder, II | Dec 2012 | B2 |
| 8336088 | Raj et al. | Dec 2012 | B2 |
| 8346666 | Lindelsee et al. | Jan 2013 | B2 |
| 8376225 | Hopkins, III | Feb 2013 | B1 |
| 8380177 | Laracey | Feb 2013 | B2 |
| 8387873 | Saunders | Mar 2013 | B2 |
| 8401539 | Beenau | Mar 2013 | B2 |
| 8401898 | Chien | Mar 2013 | B2 |
| 8402555 | Grecia | Mar 2013 | B2 |
| 8403211 | Brooks | Mar 2013 | B2 |
| 8412623 | Moon | Apr 2013 | B2 |
| 8412837 | Emigh | Apr 2013 | B1 |
| 8417642 | Oren | Apr 2013 | B2 |
| 8447699 | Batada | May 2013 | B2 |
| 8453223 | Svigals | May 2013 | B2 |
| 8453925 | Fisher | Jun 2013 | B2 |
| 8458487 | Palgon | Jun 2013 | B1 |
| 8484134 | Hobson | Jul 2013 | B2 |
| 8485437 | Mullen | Jul 2013 | B2 |
| 8494959 | Hathaway | Jul 2013 | B2 |
| 8498908 | Mengerink | Jul 2013 | B2 |
| 8504475 | Brand et al. | Aug 2013 | B2 |
| 8504478 | Saunders | Aug 2013 | B2 |
| 8510816 | Quach | Aug 2013 | B2 |
| 8433116 | Davis et al. | Sep 2013 | B2 |
| 8533860 | Grecia | Sep 2013 | B1 |
| 8538845 | Liberty | Sep 2013 | B2 |
| 8555079 | Shablygin | Oct 2013 | B2 |
| 8566168 | Bierbaum | Oct 2013 | B1 |
| 8567670 | Stanfield | Oct 2013 | B2 |
| 8571939 | Lindsey | Oct 2013 | B2 |
| 8577336 | Mechaley, Jr. | Nov 2013 | B2 |
| 8577803 | Chatterjee | Nov 2013 | B2 |
| 8577813 | Weiss | Nov 2013 | B2 |
| 8578176 | Mattsson | Nov 2013 | B2 |
| 8583494 | Fisher | Nov 2013 | B2 |
| 8584251 | Mcguire | Nov 2013 | B2 |
| 8589237 | Fisher | Nov 2013 | B2 |
| 8589271 | Evans | Nov 2013 | B2 |
| 8589291 | Carlson | Nov 2013 | B2 |
| 8595098 | Starai | Nov 2013 | B2 |
| 8595812 | Bomar | Nov 2013 | B2 |
| 8595850 | Spies | Nov 2013 | B2 |
| 8606638 | Dragt | Dec 2013 | B2 |
| 8606700 | Carlson | Dec 2013 | B2 |
| 8606720 | Baker | Dec 2013 | B1 |
| 8615468 | Varadarajan | Dec 2013 | B2 |
| 8620754 | Fisher | Dec 2013 | B2 |
| 8635157 | Smith | Jan 2014 | B2 |
| 8646059 | Von Behren | Feb 2014 | B1 |
| 8651374 | Brabson | Feb 2014 | B2 |
| 8656180 | Shablygin | Feb 2014 | B2 |
| 8751391 | Freund | Jun 2014 | B2 |
| 8762263 | Gauthier et al. | Jun 2014 | B2 |
| 8793186 | Patterson | Jul 2014 | B2 |
| 8838982 | Carlson et al. | Sep 2014 | B2 |
| 8856539 | Weiss | Oct 2014 | B2 |
| 8887308 | Grecia | Nov 2014 | B2 |
| 9065643 | Hurry et al. | Jun 2015 | B2 |
| 9070129 | Sheets et al. | Jun 2015 | B2 |
| 9092777 | Gaspar | Jul 2015 | B1 |
| 9100826 | Weiss | Aug 2015 | B2 |
| 9160741 | Wentker et al. | Oct 2015 | B2 |
| 9202086 | Mattsson | Dec 2015 | B1 |
| 9229964 | Stevelinck | Jan 2016 | B2 |
| 9245267 | Singh | Jan 2016 | B2 |
| 9249241 | Dai et al. | Feb 2016 | B2 |
| 9256871 | Anderson et al. | Feb 2016 | B2 |
| 9280765 | Hammad | Mar 2016 | B2 |
| 9530137 | Weiss | Dec 2016 | B2 |
| 20010029485 | Brody | Oct 2001 | A1 |
| 20010034720 | Armes | Oct 2001 | A1 |
| 20010054003 | Chien | Dec 2001 | A1 |
| 20020007320 | Hogan | Jan 2002 | A1 |
| 20020016749 | Borecki | Feb 2002 | A1 |
| 20020029193 | Ranjan | Mar 2002 | A1 |
| 20020035548 | Hogan | Mar 2002 | A1 |
| 20020073045 | Rubin | Jun 2002 | A1 |
| 20020116341 | Hogan | Aug 2002 | A1 |
| 20020133467 | Hobson | Sep 2002 | A1 |
| 20020147913 | Lun Yip | Oct 2002 | A1 |
| 20030028481 | Flitcroft | Feb 2003 | A1 |
| 20030130955 | Hawthorne | Jul 2003 | A1 |
| 20030191709 | Elston | Oct 2003 | A1 |
| 20030191945 | Keech | Oct 2003 | A1 |
| 20040010462 | Moon | Jan 2004 | A1 |
| 20040050928 | Bishop | Mar 2004 | A1 |
| 20040059682 | Hasumi | Mar 2004 | A1 |
| 20040093281 | Silverstein | May 2004 | A1 |
| 20040139008 | Mascavage | Jul 2004 | A1 |
| 20040143532 | Lee | Jul 2004 | A1 |
| 20040158532 | Breck | Aug 2004 | A1 |
| 20040210449 | Breck | Oct 2004 | A1 |
| 20040210498 | Freund | Oct 2004 | A1 |
| 20040232225 | Bishop | Nov 2004 | A1 |
| 20040260646 | Berardi | Dec 2004 | A1 |
| 20050037735 | Coutts | Feb 2005 | A1 |
| 20050080730 | Sorrentino | Apr 2005 | A1 |
| 20050108178 | York | May 2005 | A1 |
| 20050199709 | Linlor | Sep 2005 | A1 |
| 20050246293 | Ong | Nov 2005 | A1 |
| 20050269401 | Spitzer | Dec 2005 | A1 |
| 20050269402 | Spitzer | Dec 2005 | A1 |
| 20060235795 | Johnson | Oct 2006 | A1 |
| 20060237528 | Bishop | Oct 2006 | A1 |
| 20060278704 | Saunders | Dec 2006 | A1 |
| 20070107044 | Yuen | May 2007 | A1 |
| 20070129955 | Dalmia | Jun 2007 | A1 |
| 20070136193 | Starr | Jun 2007 | A1 |
| 20070136211 | Brown | Jun 2007 | A1 |
| 20070170247 | Friedman | Jul 2007 | A1 |
| 20070179885 | Bird | Aug 2007 | A1 |
| 20070208671 | Brown | Sep 2007 | A1 |
| 20070245414 | Chan | Oct 2007 | A1 |
| 20070288377 | Shaked | Dec 2007 | A1 |
| 20070291995 | Rivera | Dec 2007 | A1 |
| 20080015988 | Brown | Jan 2008 | A1 |
| 20080029607 | Mullen | Feb 2008 | A1 |
| 20080035738 | Mullen | Feb 2008 | A1 |
| 20080052226 | Agarwal | Feb 2008 | A1 |
| 20080054068 | Mullen | Mar 2008 | A1 |
| 20080054079 | Mullen | Mar 2008 | A1 |
| 20080054081 | Mullen | Mar 2008 | A1 |
| 20080065554 | Hogan | Mar 2008 | A1 |
| 20080065555 | Mullen | Mar 2008 | A1 |
| 20080201264 | Brown | Aug 2008 | A1 |
| 20080201265 | Hewton | Aug 2008 | A1 |
| 20080228646 | Myers | Sep 2008 | A1 |
| 20080243702 | Hart | Oct 2008 | A1 |
| 20080245855 | Fein | Oct 2008 | A1 |
| 20080245861 | Fein | Oct 2008 | A1 |
| 20080283591 | Oder, II | Nov 2008 | A1 |
| 20080302869 | Mullen | Dec 2008 | A1 |
| 20080302876 | Mullen | Dec 2008 | A1 |
| 20080313264 | Pestoni | Dec 2008 | A1 |
| 20090006262 | Brown | Jan 2009 | A1 |
| 20090010488 | Matsuoka | Jan 2009 | A1 |
| 20090037333 | Flitcroft | Feb 2009 | A1 |
| 20090037388 | Cooper | Feb 2009 | A1 |
| 20090043702 | Bennett | Feb 2009 | A1 |
| 20090048971 | Hathaway | Feb 2009 | A1 |
| 20090106112 | Dalmia | Apr 2009 | A1 |
| 20090106160 | Skowronek | Apr 2009 | A1 |
| 20090134217 | Flitcroft | May 2009 | A1 |
| 20090157555 | Biffle | Jun 2009 | A1 |
| 20090159673 | Mullen | Jun 2009 | A1 |
| 20090159700 | Mullen | Jun 2009 | A1 |
| 20090159707 | Mullen | Jun 2009 | A1 |
| 20090173782 | Muscato | Jul 2009 | A1 |
| 20090200371 | Kean | Aug 2009 | A1 |
| 20090248583 | Chhabra | Oct 2009 | A1 |
| 20090276347 | Kargman | Nov 2009 | A1 |
| 20090281948 | Carlson | Nov 2009 | A1 |
| 20090294527 | Brabson | Dec 2009 | A1 |
| 20090307139 | Mardikar | Dec 2009 | A1 |
| 20090308921 | Mullen | Dec 2009 | A1 |
| 20090327131 | Beenau | Dec 2009 | A1 |
| 20100008535 | Abulafia | Jan 2010 | A1 |
| 20100088237 | Wankmueller | Apr 2010 | A1 |
| 20100094755 | Kloster | Apr 2010 | A1 |
| 20100106644 | Annan | Apr 2010 | A1 |
| 20100120408 | Beenau | May 2010 | A1 |
| 20100133334 | Vadhri | Jun 2010 | A1 |
| 20100138347 | Chen | Jun 2010 | A1 |
| 20100145860 | Pelegero | Jun 2010 | A1 |
| 20100161433 | White | Jun 2010 | A1 |
| 20100185545 | Royyuru | Jul 2010 | A1 |
| 20100211505 | Saunders | Aug 2010 | A1 |
| 20100223186 | Hogan | Sep 2010 | A1 |
| 20100228668 | Hogan | Sep 2010 | A1 |
| 20100235284 | Moore | Sep 2010 | A1 |
| 20100258620 | Torreyson | Oct 2010 | A1 |
| 20100291904 | Musfeldt | Nov 2010 | A1 |
| 20100299267 | Faith et al. | Nov 2010 | A1 |
| 20100306076 | Taveau | Dec 2010 | A1 |
| 20100325041 | Berardi | Dec 2010 | A1 |
| 20110010292 | Giordano | Jan 2011 | A1 |
| 20110016047 | Wu | Jan 2011 | A1 |
| 20110016320 | Bergsten | Jan 2011 | A1 |
| 20110040640 | Erikson | Feb 2011 | A1 |
| 20110047076 | Carlson et al. | Feb 2011 | A1 |
| 20110083018 | Kesanupalli | Apr 2011 | A1 |
| 20110087596 | Dorsey | Apr 2011 | A1 |
| 20110093397 | Carlson | Apr 2011 | A1 |
| 20110125597 | Oder, II | May 2011 | A1 |
| 20110153437 | Archer | Jun 2011 | A1 |
| 20110153498 | Makhotin et al. | Jun 2011 | A1 |
| 20110154466 | Harper | Jun 2011 | A1 |
| 20110161233 | Tieken | Jun 2011 | A1 |
| 20110178926 | Lindelsee et al. | Jul 2011 | A1 |
| 20110191244 | Dai | Aug 2011 | A1 |
| 20110238511 | Park | Sep 2011 | A1 |
| 20110238573 | Varadarajan | Sep 2011 | A1 |
| 20110246317 | Coppinger | Oct 2011 | A1 |
| 20110258111 | Raj et al. | Oct 2011 | A1 |
| 20110272471 | Mullen | Nov 2011 | A1 |
| 20110272478 | Mullen | Nov 2011 | A1 |
| 20110276380 | Mullen | Nov 2011 | A1 |
| 20110276381 | Mullen | Nov 2011 | A1 |
| 20110276424 | Mullen | Nov 2011 | A1 |
| 20110276425 | Mullen | Nov 2011 | A1 |
| 20110295745 | White | Dec 2011 | A1 |
| 20110302081 | Saunders | Dec 2011 | A1 |
| 20120023567 | Hammad | Jan 2012 | A1 |
| 20120028609 | Hruska | Feb 2012 | A1 |
| 20120030047 | Fuentes et al. | Feb 2012 | A1 |
| 20120035998 | Chien | Feb 2012 | A1 |
| 20120041881 | Basu | Feb 2012 | A1 |
| 20120047237 | Arvidsson | Feb 2012 | A1 |
| 20120066078 | Kingston | Mar 2012 | A1 |
| 20120072350 | Goldthwaite | Mar 2012 | A1 |
| 20120078735 | Bauer | Mar 2012 | A1 |
| 20120078798 | Downing | Mar 2012 | A1 |
| 20120078799 | Jackson | Mar 2012 | A1 |
| 20120095852 | Bauer | Apr 2012 | A1 |
| 20120095865 | Doherty | Apr 2012 | A1 |
| 20120116902 | Cardina | May 2012 | A1 |
| 20120123882 | Carlson | May 2012 | A1 |
| 20120123940 | Killian | May 2012 | A1 |
| 20120129514 | Beenau | May 2012 | A1 |
| 20120143767 | Abadir | Jun 2012 | A1 |
| 20120143772 | Abadir | Jun 2012 | A1 |
| 20120158580 | Eram | Jun 2012 | A1 |
| 20120158593 | Garfinkle | Jun 2012 | A1 |
| 20120173431 | Ritchie | Jul 2012 | A1 |
| 20120185386 | Salama | Jul 2012 | A1 |
| 20120197807 | Schlesser | Aug 2012 | A1 |
| 20120198240 | Tie | Aug 2012 | A1 |
| 20120203664 | Torossian | Aug 2012 | A1 |
| 20120203666 | Torossian | Aug 2012 | A1 |
| 20120215688 | Musser | Aug 2012 | A1 |
| 20120215696 | Salonen | Aug 2012 | A1 |
| 20120221421 | Hammad | Aug 2012 | A1 |
| 20120226582 | Hammad | Sep 2012 | A1 |
| 20120231844 | Coppinger | Sep 2012 | A1 |
| 20120233004 | Bercaw | Sep 2012 | A1 |
| 20120246070 | Vadhri | Sep 2012 | A1 |
| 20120246071 | Jain | Sep 2012 | A1 |
| 20120246079 | Wilson et al. | Sep 2012 | A1 |
| 20120265631 | Cronic | Oct 2012 | A1 |
| 20120271770 | Harris | Oct 2012 | A1 |
| 20120297446 | Webb | Nov 2012 | A1 |
| 20120300932 | Cambridge | Nov 2012 | A1 |
| 20120303503 | Cambridge | Nov 2012 | A1 |
| 20120303961 | Kean | Nov 2012 | A1 |
| 20120304273 | Bailey | Nov 2012 | A1 |
| 20120310725 | Chien | Dec 2012 | A1 |
| 20120310831 | Harris | Dec 2012 | A1 |
| 20120316992 | Oborne | Dec 2012 | A1 |
| 20120317035 | Royyuru | Dec 2012 | A1 |
| 20120317036 | Bower | Dec 2012 | A1 |
| 20130017784 | Fisher | Jan 2013 | A1 |
| 20130018757 | Anderson et al. | Jan 2013 | A1 |
| 20130019098 | Gupta | Jan 2013 | A1 |
| 20130031006 | Mccullagh et al. | Jan 2013 | A1 |
| 20130054337 | Brendell | Feb 2013 | A1 |
| 20130054466 | Muscato | Feb 2013 | A1 |
| 20130054474 | Yeager | Feb 2013 | A1 |
| 20130081122 | Svigals | Mar 2013 | A1 |
| 20130091028 | Oder, II | Apr 2013 | A1 |
| 20130110658 | Lyman | May 2013 | A1 |
| 20130111599 | Gargiulo | May 2013 | A1 |
| 20130117185 | Collison | May 2013 | A1 |
| 20130124290 | Fisher | May 2013 | A1 |
| 20130124291 | Fisher | May 2013 | A1 |
| 20130124364 | Mittal | May 2013 | A1 |
| 20130138525 | Bercaw | May 2013 | A1 |
| 20130144888 | Faith | Jun 2013 | A1 |
| 20130145148 | Shablygin | Jun 2013 | A1 |
| 20130145172 | Shablygin | Jun 2013 | A1 |
| 20130159178 | Colon | Jun 2013 | A1 |
| 20130159184 | Thaw | Jun 2013 | A1 |
| 20130166402 | Parento | Jun 2013 | A1 |
| 20130166456 | Zhang | Jun 2013 | A1 |
| 20130173736 | Krzeminski | Jul 2013 | A1 |
| 20130185202 | Goldthwaite | Jul 2013 | A1 |
| 20130191286 | Cronic | Jul 2013 | A1 |
| 20130191289 | Cronic | Jul 2013 | A1 |
| 20130198071 | Jurss | Aug 2013 | A1 |
| 20130198080 | Anderson et al. | Aug 2013 | A1 |
| 20130200146 | Moghadam | Aug 2013 | A1 |
| 20130204787 | Dubois | Aug 2013 | A1 |
| 20130204793 | Kerridge | Aug 2013 | A1 |
| 20130212007 | Mattsson | Aug 2013 | A1 |
| 20130212017 | Bangia | Aug 2013 | A1 |
| 20130212019 | Mattsson | Aug 2013 | A1 |
| 20130212024 | Mattsson | Aug 2013 | A1 |
| 20130212026 | Powell et al. | Aug 2013 | A1 |
| 20130212666 | Mattsson | Aug 2013 | A1 |
| 20130218698 | Moon | Aug 2013 | A1 |
| 20130218769 | Pourfallah et al. | Aug 2013 | A1 |
| 20130226799 | Raj | Aug 2013 | A1 |
| 20130226813 | Voltz | Aug 2013 | A1 |
| 20130246199 | Carlson | Sep 2013 | A1 |
| 20130246202 | Tobin | Sep 2013 | A1 |
| 20130246203 | Laracey | Sep 2013 | A1 |
| 20130246258 | Dessert | Sep 2013 | A1 |
| 20130246259 | Dessert | Sep 2013 | A1 |
| 20130246261 | Purves et al. | Sep 2013 | A1 |
| 20130246267 | Tobin | Sep 2013 | A1 |
| 20130254028 | Salci | Sep 2013 | A1 |
| 20130254052 | Royyuru | Sep 2013 | A1 |
| 20130254102 | Royyuru | Sep 2013 | A1 |
| 20130254117 | Von Mueller | Sep 2013 | A1 |
| 20130262296 | Thomas | Oct 2013 | A1 |
| 20130262302 | Lettow | Oct 2013 | A1 |
| 20130262315 | Hruska | Oct 2013 | A1 |
| 20130262316 | Hruska | Oct 2013 | A1 |
| 20130262317 | Collinge | Oct 2013 | A1 |
| 20130275300 | Killian | Oct 2013 | A1 |
| 20130275307 | Khan | Oct 2013 | A1 |
| 20130275308 | Paraskeva | Oct 2013 | A1 |
| 20130282502 | Jooste | Oct 2013 | A1 |
| 20130282575 | Mullen | Oct 2013 | A1 |
| 20130282588 | Hruska | Oct 2013 | A1 |
| 20130297501 | Monk et al. | Nov 2013 | A1 |
| 20130297504 | Nwokolo | Nov 2013 | A1 |
| 20130297508 | Belamant | Nov 2013 | A1 |
| 20130304649 | Cronic | Nov 2013 | A1 |
| 20130308778 | Fosmark | Nov 2013 | A1 |
| 20130311382 | Fosmark | Nov 2013 | A1 |
| 20130317982 | Mengerink | Nov 2013 | A1 |
| 20130332344 | Weber | Dec 2013 | A1 |
| 20130339253 | Sincai | Dec 2013 | A1 |
| 20130346314 | Mogollon | Dec 2013 | A1 |
| 20140007213 | Sanin | Jan 2014 | A1 |
| 20140013106 | Redpath | Jan 2014 | A1 |
| 20140013114 | Redpath | Jan 2014 | A1 |
| 20140013452 | Aissi et al. | Jan 2014 | A1 |
| 20140019352 | Shrivastava | Jan 2014 | A1 |
| 20140025581 | Calman | Jan 2014 | A1 |
| 20140025585 | Calman | Jan 2014 | A1 |
| 20140025958 | Calman | Jan 2014 | A1 |
| 20140032417 | Mattsson | Jan 2014 | A1 |
| 20140032418 | Weber | Jan 2014 | A1 |
| 20140040137 | Carlson | Feb 2014 | A1 |
| 20140040139 | Brudnicki | Feb 2014 | A1 |
| 20140040144 | Plomske | Feb 2014 | A1 |
| 20140040145 | Ozvat | Feb 2014 | A1 |
| 20140040148 | Ozvat | Feb 2014 | A1 |
| 20140040628 | Fort | Feb 2014 | A1 |
| 20140041018 | Bomar | Feb 2014 | A1 |
| 20140046853 | Spies | Feb 2014 | A1 |
| 20140047551 | Nagasundaram et al. | Feb 2014 | A1 |
| 20140052532 | Tsai | Feb 2014 | A1 |
| 20140052620 | Rogers | Feb 2014 | A1 |
| 20140052637 | Jooste | Feb 2014 | A1 |
| 20140068706 | Aissi | Mar 2014 | A1 |
| 20140074637 | Hammad | Mar 2014 | A1 |
| 20140108172 | Weber et al. | Apr 2014 | A1 |
| 20140114857 | Griggs et al. | Apr 2014 | A1 |
| 20140143137 | Carlson | May 2014 | A1 |
| 20140164243 | Aabye et al. | Jun 2014 | A1 |
| 20140188586 | Carpenter et al. | Jul 2014 | A1 |
| 20140294701 | Dai et al. | Oct 2014 | A1 |
| 20140297534 | Patterson | Oct 2014 | A1 |
| 20140310183 | Weber | Oct 2014 | A1 |
| 20140330721 | Wang | Nov 2014 | A1 |
| 20140330722 | Laxminarayanan et al. | Nov 2014 | A1 |
| 20140331265 | Mozell et al. | Nov 2014 | A1 |
| 20140337236 | Wong et al. | Nov 2014 | A1 |
| 20140344153 | Raj et al. | Nov 2014 | A1 |
| 20140372308 | Sheets | Dec 2014 | A1 |
| 20150019443 | Sheets et al. | Jan 2015 | A1 |
| 20150032625 | Dill | Jan 2015 | A1 |
| 20150032626 | Dill | Jan 2015 | A1 |
| 20150032627 | Dill | Jan 2015 | A1 |
| 20150046338 | Laxminarayanan | Feb 2015 | A1 |
| 20150046339 | Wong et al. | Feb 2015 | A1 |
| 20150052064 | Karpenko et al. | Feb 2015 | A1 |
| 20150088756 | Makhotin et al. | Mar 2015 | A1 |
| 20150112870 | Nagasundaram et al. | Apr 2015 | A1 |
| 20150112871 | Kumnick | Apr 2015 | A1 |
| 20150120472 | Aabye et al. | Apr 2015 | A1 |
| 20150127529 | Makhotin et al. | May 2015 | A1 |
| 20150127547 | Powell et al. | May 2015 | A1 |
| 20150140960 | Powell et al. | May 2015 | A1 |
| 20150142673 | Nelsen et al. | May 2015 | A1 |
| 20150161597 | Subramanian et al. | Jun 2015 | A1 |
| 20150178724 | Ngo et al. | Jun 2015 | A1 |
| 20150180836 | Wong et al. | Jun 2015 | A1 |
| 20150186864 | Jones et al. | Jul 2015 | A1 |
| 20150193222 | Pirzadeh et al. | Jul 2015 | A1 |
| 20150195133 | Sheets et al. | Jul 2015 | A1 |
| 20150199679 | Palanisamy et al. | Jul 2015 | A1 |
| 20150199689 | Kumnick et al. | Jul 2015 | A1 |
| 20150220917 | Aabye et al. | Aug 2015 | A1 |
| 20150269566 | Gaddam et al. | Sep 2015 | A1 |
| 20150312038 | Palanisamy | Oct 2015 | A1 |
| 20150319158 | Kumnick | Nov 2015 | A1 |
| 20150332262 | Lingappa | Nov 2015 | A1 |
| 20150356560 | Shastry et al. | Dec 2015 | A1 |
| 20160028550 | Gaddam et al. | Jan 2016 | A1 |
| 20160042263 | Gaddam et al. | Feb 2016 | A1 |
| 20160065370 | Le Saint et al. | Mar 2016 | A1 |
| 20160092696 | Guglani et al. | Mar 2016 | A1 |
| 20160092872 | Prakash et al. | Mar 2016 | A1 |
| 20160103675 | Aabye et al. | Apr 2016 | A1 |
| 20160119296 | Laxminarayanan et al. | Apr 2016 | A1 |
| 20160224976 | Basu | Aug 2016 | A1 |
| 20170046696 | Powell et al. | Feb 2017 | A1 |
| 20170103387 | Weber | Apr 2017 | A1 |
| 20170220818 | Nagasundaram et al. | Aug 2017 | A1 |
| 20170228723 | Taylor | Aug 2017 | A1 |
| Number | Date | Country |
|---|---|---|
| 2156397 | Feb 2010 | EP |
| 2001035304 | May 2001 | WO |
| 2004042536 | May 2004 | WO |
| 2006113834 | Oct 2006 | WO |
| 2009032523 | Mar 2009 | WO |
| 2010078522 | Jul 2010 | WO |
| 2012068078 | May 2012 | WO |
| 2012098556 | Jul 2012 | WO |
| 2012142370 | Oct 2012 | WO |
| 2012167941 | Dec 2012 | WO |
| 2013048538 | Apr 2013 | WO |
| 2013056104 | Apr 2013 | WO |
| 2013119914 | Aug 2013 | WO |
| 2013179271 | Dec 2013 | WO |
| Entry |
|---|
| “5 things you need to know about new Payment Card Industry (PCI 3.0) standard, Nov. 7, 2013, Network World” (Year: 2013). |
| Petition for Inter Partes Review of U.S. Pat. No. 8,533,860 Challenging Claims 1-30 Under 35 U.S.C. § 312 and 37 C.F.R. § 42.104, filed Feb. 17, 2016, Before the USPTO Patent Trial and Appeal Board, IPR 2016-00600, 65 pages. |
| U.S. Appl. No. 14/340,444, filed Jul. 24, 2014, entitled, Systems and Methods for Interoperable Network Token Processing, 117 pages. |
| Wang, U.S. Appl. No. 62/000,288 (unpublished), Payment System Canonical Address Format filed May 19, 2014. |
| Sharma et al., U.S. Appl. No. 62/003,717 (unpublished), Mobile Merchant Application filed May 28, 2014. |
| Kalgi et al., U.S. Appl. No. 62/024,426, (unpublished) Secure Transactions Using Mobile Devices filed Jul. 14, 2014. |
| Prakash et al., U.S. Appl. No. 62/037,033 (unpublished), Sharing Payment Token filed Aug. 13, 2014. |
| Hoverson et al., U.S. Appl. No. 62/038,174 (unpublished), Customized Payment Gateway filed Aug. 15, 2014. |
| Wang, U.S. Appl. No. 62/042,050 (unpublished), Payment Device Authentication and Authorization System filed Aug. 26, 2014. |
| Gaddam et al., U.S. Appl. No. 62/053,736 (unpublished), Completing Transactions Without a User Payment Device filed Sep. 22, 2014. |
| Patterson, U.S. Appl. No. 62/054,346 (unpublished), Mirrored Token Vault filed Sep. 23, 2014. |
| Dimmick, U.S. Appl. No. 14/952,514 (unpublished), Systems Communications With Non-Sensitive Identifiers filed Nov. 25, 2015. |
| Dimmick, U.S. Appl. No. 14/952,444 (unpublished), Tokenization Request Via Access Device filed Nov. 25, 2015. |
| Prakash et al., U.S. Appl. No. 14/955,716 (unpublished), Provisioning Platform for Machine-To-Machine Devices filed Dec. 1, 2015. |
| Wong et al., U.S. Appl. No. 14/966,948 (unpublished), Automated Access Data Provisioning filed Dec. 11, 2015. |
| Stubbs et al., U.S. Appl. No. 62/103,522 (unpublished), Methods and Systems for Wallet Provider Provisioning filed Jan. 14, 2015. |
| McGuire, U.S. Appl. No. 14/600,523 (unpublished), Secure Payment Processing Using Authorization Request filed Jan. 20, 2015. |
| Flurscheim et al., U.S. Appl. No. 15/004,705 (unpublished), Cloud-Based Transactions With Magnetic Secure Transmission filed Jan. 22, 2016. |
| Flurscheim et al., U.S. Appl. No. 62/108,403 (unpublished), Wearables With NFC HCE filed Jan. 27, 2015. |
| Sabba et al., U.S. Appl. No. 15/011,366 (unpublished), Token Check Offline filed Jan. 29, 2016. |
| Patterson, U.S. Appl. No. 15/019,157 (unpublished), Token Processing Utilizing Multiple Authorizations filed Feb. 9, 2016. |
| Cash et al., U.S. Appl. No. 15/041,495 (unpublished), Peer Forward Authorization of Digital Requests filed Feb. 11, 2016. |
| Le Saint et al., U.S. Appl. No. 15/008,388 (unpublished), Methods for Secure Credential Provisioning filed Jan. 27, 2016. |
| Kinagi, U.S. Appl. No. 62/117,291 (unpublished), Token and Cryptogram Using Transaction Specific Information filed Feb. 17, 2015. |
| Galland et al. U.S. Appl. No. 62/128,709 (unpublished), Tokenizing Transaction Amounts filed Mar. 5, 2015. |
| Rangarajan et al., U.S. Appl. No. 61/751,763 (unpublished), Payments Bridge filed Jan. 11, 2013. |
| Li, U.S. Appl. No. 61/894,749 (unpublished), Methods and Systems for Authentication and Issuance of Tokens in a Secure Environment filed Oct. 23, 2013. |
| Aissi et al., U.S. Appl. No. 61/738,832 (unpublished), Management of Sensitive Data filed Dec. 18, 2012. |
| Wong et al., U.S. Appl. No. 61/879,362 (unpublished), Systems and Methods for Managing Mobile Cardholder Verification Methods filed Sep. 18, 2013. |
| Powell, U.S. Appl. No. 61/892,407 (unpublished), Issuer Over-The-Air Update Method and System filed Oct. 17, 2013. |
| Powell, U.S. Appl. No. 61/926,236 (unpublished), Methods and Systems for Provisioning Mobile Devices With Payment Credentials and Payment Token Identifiers filed Jan. 10, 2014. |
| Chipman, et al., U.S. Appl. No. 15/265,282 (Unpublished), Self-Cleaning Token Vault, filed Sep. 14, 2016. |
| Lopez, et al., U.S. Appl. No. 15/462,658 (Unpublished), Replacing Token on a Multi-Token User Device, filed Mar. 17, 2017. |
| Number | Date | Country | |
|---|---|---|---|
| 20150106239 A1 | Apr 2015 | US |
| Number | Date | Country | |
|---|---|---|---|
| 61889987 | Oct 2013 | US |
