System and method for generating a service provider based secure token
First Claim
1. A method of generating an online service provider specific secure token, the method comprising:
- receiving over a network, from an online service provider and by a third party server having a processor, user account information of a user account for a user registered with the online service provider and a request to establish a secure channel between a user device and third party server;
establishing the secure channel between the user device and the third party server;
receiving over the secure channel of the network, from the online service provider and by the third party server, exchange information for an exchange between the user and the online service provider, wherein the exchange information is stored by the online service provider and includes at least one of credit card information, checking account information, bitcoin account information, loyalty point information, membership information, gaming account information and security information;
verifying, by the third party server, identification of the user based on correspondence between the received exchange information and the user account information;
generating, using the processor of the third party server and based on the exchange information, a secure token to be used for the exchange;
mapping, by the third party server, the secure token to the user account information of the user stored at the online service provider, such that the mapped secure token is usable via the user account at the mapped online service provider;
transmitting, by the third party server and to the online service provider, the secure token over the network for storage at the online service provider,wherein the secure token transmitted by the third party server is received by the online service provider and stored therein;
deleting, from the online service provider, the exchange information;
receiving over the network, by the third party server and from a requesting online service provider, the secure token for requesting an exchange using the secure token;
determining, by the third party server, whether the secure token is mapped to the requesting online service provider;
determining, by the third party server, whether the secure token is being used by the user account mapped to the secure token;
if the secure token is determined to be mapped to the requesting online service provider and the user account mapped to the secure token,determining, by the third party server, whether the exchange information mapped to the secure token has a value equal to or greater than a value required to process the exchange, andif the exchange information mapped to the secure token is determined to have the value equal to or greater than the value required to process the exchange, the third party server retrieves exchange information mapped to the secure token, and authorizes the request for the exchange using the retrieved exchange information; and
if the secure token is determined not to be mapped to the requesting online service provider, or if the secure token is determined to be mapped to the requesting online service provider and the user account is determined not to be mapped to the secure token,denying, by the third party server, the request for the exchange, andnotifying, by the third party server, the online service provider mapped to the secure token of the denied exchange.
1 Assignment
0 Petitions
Accused Products
Abstract
Devices, systems, and methods for generating a secure token specific to an online service provider are provided. User account information of a user is transmitted to a token processor from an online service provider requesting a secure token generation. The token processor also receives, from the online service provider, exchange information for an exchange between the user and the online service provider. The token processor generates, based on the exchange information and the user account information, a secure token to be used for the exchange. The generated secure token is mapped to the online service provider and transmitted to the online service provider. The exchange information is deleted from the online service provider. The stored secure token is usable only at the mapped online service provider.
33 Citations
20 Claims
-
1. A method of generating an online service provider specific secure token, the method comprising:
-
receiving over a network, from an online service provider and by a third party server having a processor, user account information of a user account for a user registered with the online service provider and a request to establish a secure channel between a user device and third party server; establishing the secure channel between the user device and the third party server; receiving over the secure channel of the network, from the online service provider and by the third party server, exchange information for an exchange between the user and the online service provider, wherein the exchange information is stored by the online service provider and includes at least one of credit card information, checking account information, bitcoin account information, loyalty point information, membership information, gaming account information and security information; verifying, by the third party server, identification of the user based on correspondence between the received exchange information and the user account information; generating, using the processor of the third party server and based on the exchange information, a secure token to be used for the exchange; mapping, by the third party server, the secure token to the user account information of the user stored at the online service provider, such that the mapped secure token is usable via the user account at the mapped online service provider; transmitting, by the third party server and to the online service provider, the secure token over the network for storage at the online service provider, wherein the secure token transmitted by the third party server is received by the online service provider and stored therein; deleting, from the online service provider, the exchange information; receiving over the network, by the third party server and from a requesting online service provider, the secure token for requesting an exchange using the secure token; determining, by the third party server, whether the secure token is mapped to the requesting online service provider; determining, by the third party server, whether the secure token is being used by the user account mapped to the secure token; if the secure token is determined to be mapped to the requesting online service provider and the user account mapped to the secure token, determining, by the third party server, whether the exchange information mapped to the secure token has a value equal to or greater than a value required to process the exchange, and if the exchange information mapped to the secure token is determined to have the value equal to or greater than the value required to process the exchange, the third party server retrieves exchange information mapped to the secure token, and authorizes the request for the exchange using the retrieved exchange information; and if the secure token is determined not to be mapped to the requesting online service provider, or if the secure token is determined to be mapped to the requesting online service provider and the user account is determined not to be mapped to the secure token, denying, by the third party server, the request for the exchange, and notifying, by the third party server, the online service provider mapped to the secure token of the denied exchange. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
-
-
12. A tangible non-transitory computer readable storage medium that stores a computer program, the computer program, when executed by a processor, causing a third party server to perform a process comprising:
-
receiving over a network, from an online service provider and by the third party server having the processor, user account information of a user account for a user registered with the online service provider and a request to establish a secure channel between a user device and third party server; establishing the secure channel between the user device and the third party server; receiving over the secure channel of the network, from the online service provider and by the third party server, exchange information for an exchange between the user and the online service provider, wherein the exchange information is stored by the online service provider and includes at least one of credit card information, checking account information, bitcoin account information, loyalty point information, membership information, gaming account information and security information; verifying, by the third party server, identification of the user based on correspondence between the received exchange information and the user account information; generating, using the processor of the third party server and based on the exchange information, a secure token to be used for the exchange; mapping, by the third party server, the secure token to the user account information of the user stored at the online service provider, such that the mapped secure token is usable via the user account at the mapped online service provider; transmitting, by the third party server and to the online service provider, the secure token over the network for storage at the online service provider, wherein the secure token transmitted by the third party server is received by the online service provider and stored therein; deleting, from the online service provider, the exchange information; receiving over the network, by the third party server and from a requesting online service provider, the secure token for requesting an exchange using the secure token; determining, by the third party server, whether the secure token is mapped to the requesting online service provider; determining, by the third party server, whether the secure token is being used by the user account mapped to the secure token; if the secure token is determined to be mapped to the requesting online service provider and the user account mapped to the secure token, determining, by the third party server, whether the exchange information mapped to the secure token has a value equal to or greater than a value required to process the exchange, and if the exchange information mapped to the secure token is determined to have the value equal to or greater than the value required to process the exchange, the third party server retrieves exchange information mapped to the secure token, and authorizes the request for the exchange using the retrieved exchange information; and if the secure token is determined not to be mapped to the requesting online service provider, or if the secure token is determined to be mapped to the requesting online service provider and the user account is determined not to be mapped to the secure token, denying, by the third party server, the request for the exchange, and notifying, by the third party server, the online service provider mapped to the secure token of the denied exchange.
-
-
13. A third party server, comprising:
-
a memory that stores instructions, and a processor that executes the instructions, wherein, when executed by the processor, the instructions cause the processor to perform operations comprising; receiving over a network, from an online service provider and by the third party server having the processor, user account information of a user account for a user registered with the online service provider and a request to establish a secure channel between a user device and third party server; establishing the secure channel between the user device and the third party server; receiving over the secure channel of the network, from the online service provider and by the third party server, exchange information for an exchange between the user and the online service provider, wherein the exchange information is stored by the online service provider and includes at least one of credit card information, checking account information, bitcoin account information, loyalty point information, membership information, gaming account information and security information; verifying, by the third party server, identification of the user based on correspondence between the received exchange information and the user account information; generating, using the processor of the third party server and based on the exchange information, a secure token to be used for the exchange; mapping, by the third party server, the secure token to the user account information of the user stored at the online service provider, such that the mapped secure token is usable via the user account at the mapped online service provider; transmitting, by the third party server and to the online service provider, the secure token over the network for storage at the online service provider, wherein the secure token transmitted by the third party server is received by the online service provider and stored therein; deleting, from the online service provider, the exchange information; receiving over the network, by the third party server and from a requesting online service provider, the secure token for requesting an exchange using the secure token; determining, by the third party server, whether the secure token is mapped to the requesting online service provider; determining, by the third party server, whether the secure token is being used by the user account mapped to the secure token; if the secure token is determined to be mapped to the requesting online service provider and the user account mapped to the secure token, determining, by the third party server, whether the exchange information mapped to the secure token has a value equal to or greater than a value required to process the exchange, and if the exchange information mapped to the secure token is determined to have the value equal to or greater than the value required to process the exchange, the third party server retrieves exchange information mapped to the secure token, and authorizes the request for the exchange using the retrieved exchange information; and if the secure token is determined not to be mapped to the requesting online service provider, or if the secure token is determined to be mapped to the requesting online service provider and the user account is determined not to be mapped to the secure token, denying, by the third party server, the request for the exchange, and notifying, by the third party server, the online service provider mapped to the secure token of the denied exchange. - View Dependent Claims (14, 15, 16, 17, 18, 19, 20)
-
Specification