Encryption and tokenization architectures
First Claim
1. A method for lifecycle management of unique token associations that control access to sensitive information, the method comprising:
- generating, by a server device, a unique token for use in an online transaction in lieu of a character string stored as encrypted data by the server device, the character string received from a remote client computing device of a set of remote client computing devices associated with an entity registered with the server, wherein registering the entity includes associating the entity with a subscription level that provides access to the unique token;
obtaining, by the server device, a record for an online transaction comprising information associated with the online transaction and the unique token, the record generated by any remote client computing device of the set of remote client computing devices;
communicating, by the server device and to a transaction processing server device, a completed record for the online transaction including the information associated with the online transaction and the character string, wherein the character string is decrypted by the server device;
determining, by the server device, that the character string is out-dated; and
in response to determining that the character string is out-dated,disassociating, by the server device, the unique token and the character string stored as encrypted data, anddeleting, by the server device, the character string from the first memory storage.
2 Assignments
0 Petitions
Accused Products
Abstract
Various embodiments of the present invention are directed to methods, systems and computer program products for conducting an online transaction on a website involving sensitive information. Such embodiments provide methods, systems and computer program products to: (a) register at least one entity with a gate keeper module, the registering comprising associating the entity with a subscription level; (b) associate a sub-string of a character string with a unique token so that a direct link does not exist between the unique token and the character string; and (c) during processing of the online transaction: (i) using the unique token for intermediate steps during the processing of the online transaction; and (ii) only accessing the character string in storage memory to complete the online transaction after receiving a request from at least one registered entity associated with a subscription level associated with a privilege to receive the requested sensitive information.
-
Citations
21 Claims
-
1. A method for lifecycle management of unique token associations that control access to sensitive information, the method comprising:
-
generating, by a server device, a unique token for use in an online transaction in lieu of a character string stored as encrypted data by the server device, the character string received from a remote client computing device of a set of remote client computing devices associated with an entity registered with the server, wherein registering the entity includes associating the entity with a subscription level that provides access to the unique token; obtaining, by the server device, a record for an online transaction comprising information associated with the online transaction and the unique token, the record generated by any remote client computing device of the set of remote client computing devices; communicating, by the server device and to a transaction processing server device, a completed record for the online transaction including the information associated with the online transaction and the character string, wherein the character string is decrypted by the server device; determining, by the server device, that the character string is out-dated; and in response to determining that the character string is out-dated, disassociating, by the server device, the unique token and the character string stored as encrypted data, and deleting, by the server device, the character string from the first memory storage. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A data processing system for lifecycle management of unique token associations that control access to sensitive information, the data processing system comprising a processor and one or more storage devices embodying computer-readable program instructions that, when executed by the processor, cause the data processing system to:
-
generate a unique token corresponding to a received character string, the unique token for use in an online transaction in lieu of the character string stored as encrypted data, the character string received from a remote client computing device associated with an entity registered with the server, wherein registering the entity includes associating the entity with a subscription level that provides access to the unique token; obtain a record for an online transaction comprising information associated with the online transaction and the unique token, the record generated by any of the set of remote client computing devices; communicate, to a server, a completed record for the online transaction including the information associated with the online transaction and the character string, wherein the character string is decrypted; determine whether the encrypted character string is out-dated; and in response to determining that the sensitive information is out-dated; disassociate the unique token and the character string stored as encrypted data; and delete the character string stored as encrypted data. - View Dependent Claims (9, 10, 11, 12, 13, 14)
-
-
15. A computer program product for lifecycle management of unique token associations that control access to sensitive information, the computer program product comprising a non-transitory computer-readable storage embodying computer-readable program instructions that, when executed, cause a processor to:
-
associate a generated unique token to a received character string, the unique token for use in an online transaction in lieu of the character string stored as encrypted data, the character string received from a remote client computing device associated with an entity registered with the server, wherein registering the entity includes associating the entity with a subscription level that provides access to the unique token; obtain a record for an online transaction comprising information associated with the online transaction and the unique token, the record generated by any of the set of remote client computing devices; communicate, to a server, a completed record for the online transaction including the information associated with the online transaction and the character string, wherein the character string is decrypted; determine whether the encrypted character string is out-dated; and in response to determining that the sensitive information is out-dated; disassociate the unique token and the character string stored as encrypted data; and delete the character string stored as encrypted data. - View Dependent Claims (16, 17, 18, 19, 20, 21)
-
Specification