Encryption and tokenization architectures

US 10,147,088 B2
Filed: 03/13/2015
Issued: 12/04/2018
Est. Priority Date: 10/23/2007
Status: Active Grant

First Claim

Patent Images

1. A method for using a unique token in conducting an online transaction on a website to control access to involving sensitive information, the method comprising:

generating, by a set of servers, a unique token for use in place of the sensitive information in the online transaction, wherein the sensitive information comprises a character string and is stored as encrypted data in a storage memory, and wherein the unique token is directly associated with a last four characters of the character string;

obtaining, by at least one server of the set of servers, a record for an online transaction comprising information associated with the online transaction and the unique token, wherein the unique token is included in lieu of the sensitive information;

based on the unique token, identifying, by at least one server of the set of servers, the last four characters of the character string;

retrieving, by at least one server of the set of servers, the character string stored as encrypted data based on the last four characters of the character string; and

decrypting the character string by at least one server of the set of servers, and completing the online transaction by supplying the record and the decrypted character string to at least one server associated with the website.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Various embodiments of the present invention are directed to methods, systems and computer program products for conducting an online transaction on a website involving sensitive information. Such embodiments provide methods, systems and computer program products to: (a) register at least one entity with a gate keeper module, the registering comprising associating the entity with a subscription level; (b) associate a sub-string of a character string with a unique token so that a direct link does not exist between the unique token and the character string; and (c) during processing of the online transaction: (i) using the unique token for intermediate steps during the processing of the online transaction; and (ii) only accessing the character string in storage memory to complete the online transaction after receiving a request from at least one registered entity associated with a subscription level associated with a privilege to receive the requested sensitive information.

Citations

21 Claims

1. A method for using a unique token in conducting an online transaction on a website to control access to involving sensitive information, the method comprising:
- generating, by a set of servers, a unique token for use in place of the sensitive information in the online transaction, wherein the sensitive information comprises a character string and is stored as encrypted data in a storage memory, and wherein the unique token is directly associated with a last four characters of the character string;
  
  obtaining, by at least one server of the set of servers, a record for an online transaction comprising information associated with the online transaction and the unique token, wherein the unique token is included in lieu of the sensitive information;
  
  based on the unique token, identifying, by at least one server of the set of servers, the last four characters of the character string;
  
  retrieving, by at least one server of the set of servers, the character string stored as encrypted data based on the last four characters of the character string; and
  
  decrypting the character string by at least one server of the set of servers, and completing the online transaction by supplying the record and the decrypted character string to at least one server associated with the website.
- View Dependent Claims (2, 3, 4, 5, 6, 7)
- - 2. The method of claim 1, wherein the online transaction is a purchase on the website and the character string is a credit card number.
  - 3. The method of claim 1, wherein the character string is stored as a record in a database within the storage memory.
  - 4. The method of claim 1, further comprising:
    - verifying that a computer device or a user retrieving the character string is authorized to access the character string.
  - 5. The method of claim 1, further comprising:
    - receiving a request to display the last four digits of the character string, the request comprising the unique token; and
      
      displaying the last four digits of the character string without revealing the character string.
  - 6. The method of claim 1, further comprising:
    - using the unique token to access and retrieve the last four digits of the character string without accessing the character string.
  - 7. The method of claim 1, further comprising:
    - validating the online transaction by comparing a user device providing at least a portion of the record to a set of user devices previously associated with the unique token, wherein the online transaction is validated when the user device is in the set of user devices.

8. A data processing system for using a unique token in an online transaction on a website involving sensitive information, the data processing system comprising a processor and one or more storage devices embodying computer-readable program instructions that, when executed by the processor, cause the data processing system to:
- generate a unique token for use in place of the sensitive information in the online transaction, wherein the sensitive information comprises a character string and is stored as encrypted data in a storage memory, wherein the unique token is directly associated with a last four characters of the character string;
  
  provide the unique token to a set of user devices associated with the character string;
  
  obtain a record for an online transaction from a user device, the record comprising information associated with the online transaction and the unique token, wherein the unique token is used in lieu of the sensitive information;
  
  based on the unique token identify a last four characters of the character string;
  
  retrieve the character string stored as encrypted data from the storage memory using the last four digits of the character string; and
  
  decrypt the character string and, based on the information associated with the online transaction, complete the online transaction by transmitting the record and the decrypted character string to a server associated with the website.
- View Dependent Claims (9, 10, 11, 12, 13, 14)
- - 9. The data processing system of claim 8, wherein the online transaction is a purchase on the website and the character string is a credit card number.
  - 10. The data processing system of claim 8, wherein the character string is stored as a record in a database within the storage memory.
  - 11. The data processing system of claim 8, wherein the computer-readable program instructions, when executed by the processor, further cause the data processing system to:
    - verify that a computer device or a user retrieving the character string is authorized to access the character string.
  - 12. The data processing system of claim 8, wherein the computer-readable program instructions, when executed by the processor, further cause the data processing system to:
    - receive a request to display the last four digits of the character string, the request comprising the unique token; and
      
      display the last four digits of the character string without revealing the character string.
  - 13. The data processing system of claim 8, wherein the computer-readable program instructions, when executed by the processor, further cause the data processing system to:
    - use the unique token to access and retrieve the last four digits of the character string without accessing the character string.
  - 14. The data processing system of claim 8, wherein the computer-readable program instructions, when executed by the processor, further cause the data processing system to:
    - validate the online transaction by comparing the user device to the set of user devices associated with at least the last four digits of the character string, wherein the online transaction is validated when the user device is in the set of user devices.

15. A computer program product for using a unique token in an online transaction on a website to control access to sensitive information, the computer program product comprising a computer-readable storage embodying computer-readable program instructions that, when executed, cause at least one processor to:
- generate a unique token for use in place of the sensitive information in the online transaction, wherein the sensitive information comprises a character string and is stored as encrypted data in a storage memory, wherein the unique token is directly associated with a last four characters of the character string;
  
  provide the unique token to a set of user devices associated with the character string;
  
  obtain a record for an online transaction from a user device, the record comprising information associated with the online transaction and the unique token, the unique token included in the online transaction in lieu of the sensitive information;
  
  identify, based on the unique token, the last four characters of the character string;
  
  retrieve, based on the last four characters of the character string, the character string stored as encrypted data from a storage memory; and
  
  decrypt the character string and, based on the information associated with the online transaction, complete the online transaction by transmitting the record and the decrypted character string to a server associated with the website.
- View Dependent Claims (16, 17, 18, 19, 20, 21)
- - 16. The computer program product of claim 15, wherein the online transaction is a purchase on the website and the character string is a credit card number.
  - 17. The computer program product of claim 15, wherein the character string is stored as a record in a database within the storage memory.
  - 18. The computer program product of claim 15, wherein the computer-readable program instructions, when executed, further cause the at least one processor to:
    - verify that a computer device or a user retrieving the character string is authorized to access the character string.
  - 19. The computer program product of claim 15, wherein the computer-readable program instructions, when executed, further cause the at least one processor to:
    - receive a request to display the last four digits of the character string, the request comprising the unique token; and
      
      display the last four digits of the character string without revealing the character string.
  - 20. The computer program product of claim 15, wherein the computer-readable program instructions, when executed, further cause the at least one processor to:
    - use the unique token to access and retrieve the last four digits of the character string without accessing the character string.
  - 21. The computer program product of claim 15, wherein the computer-readable program instructions, when executed, further cause the at least one processor to:
    - validate the online transaction by comparing the user device to the set of user devices associated with at least the last four digits of the character string, wherein the online transaction is validated when the user device is in the set of user devices.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
United Parcel Service Of America Incorporated (United Parcel Service Incorporated)
Original Assignee
United Parcel Service Of America Incorporated (United Parcel Service Incorporated)
Inventors
Sahasranaman, Mahesh, Plumer, Robert W
Primary Examiner(s)
Lemieux, Jessica

Application Number

US14/657,086
Publication Number

US 20160012435A1
Time in Patent Office

1,362 Days
Field of Search

705 39
US Class Current
CPC Class Codes

G06Q 20/12   specially adapted for elect...

G06Q 20/24   Credit schemes, i.e. "pay a...

G06Q 20/382   insuring higher security of...

G06Q 20/38215   Use of certificates or encr...

G06Q 20/3829   involving key management

G06Q 20/385   using an alias or single-us...

G06Q 40/00   Finance; Insurance; Tax str...

H04L 2463/102   applying security measure f...

H04L 63/0807   using tickets, e.g. Kerbero...

H04L 67/02   based on web technology, e....

Encryption and tokenization architectures

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

Citations

21 Claims

Specification

Solutions

Use Cases

Quick Links

Encryption and tokenization architectures

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

21 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links