Remote server encrypted data provisioning system and methods

US 10,643,001 B2
Filed: 02/25/2019
Issued: 05/05/2020
Est. Priority Date: 09/26/2014
Status: Active Grant

First Claim

Patent Images

1. A method comprising:

sharing, by a token server computer, an encryption key with a remote mobile application server;

receiving, by the token server computer, a user identity cryptogram encrypted using the encryption key from the remote mobile application server;

in response to the user identity cryptogram, providing, by the token server computer, an access token to the remote mobile application server, wherein the access token enables access to the token server computer for a predetermined amount of time;

within the predetermined amount of time;

receiving, by the token server computer from a mobile application stored on a mobile device via the remote mobile application server, a token request message including encrypted user data associated with a user of the mobile device, wherein the encrypted user data includes an encrypted account identifier and is generated using the encryption key shared with the remote mobile application server;

decrypting, by the token server computer, the encrypted user data using the encryption key to obtain decrypted user data including decrypted account identifier;

identifying, by the token server computer, an account associated with the decrypted user data including the decrypted account identifier;

generating, by the token server computer, a token associated with the account;

storing, by the token server computer, the token; and

sending, by the token server computer via the remote mobile application server, the token to the mobile device, wherein the mobile device does not have a direct access to the token server computer.

View all claims

0 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Embodiments of the invention are directed to methods, systems and devices for providing sensitive user data to a mobile device using an encryption key. For example, a mobile application on a mobile device may receive encrypted sensitive user data from a mobile application server, where the user sensitive data is encrypted with a key from a token server computer. The mobile application may then request that the encrypted payment information be sent to the token server. The mobile device may then receive a payment token associated with the payment information from the token server.

558 Citations

8 Claims

1. A method comprising:
- sharing, by a token server computer, an encryption key with a remote mobile application server;
  
  receiving, by the token server computer, a user identity cryptogram encrypted using the encryption key from the remote mobile application server;
  
  in response to the user identity cryptogram, providing, by the token server computer, an access token to the remote mobile application server, wherein the access token enables access to the token server computer for a predetermined amount of time;
  
  within the predetermined amount of time;
  
  receiving, by the token server computer from a mobile application stored on a mobile device via the remote mobile application server, a token request message including encrypted user data associated with a user of the mobile device, wherein the encrypted user data includes an encrypted account identifier and is generated using the encryption key shared with the remote mobile application server;
  
  decrypting, by the token server computer, the encrypted user data using the encryption key to obtain decrypted user data including decrypted account identifier;
  
  identifying, by the token server computer, an account associated with the decrypted user data including the decrypted account identifier;
  
  generating, by the token server computer, a token associated with the account;
  
  storing, by the token server computer, the token; and
  
  sending, by the token server computer via the remote mobile application server, the token to the mobile device, wherein the mobile device does not have a direct access to the token server computer.
- View Dependent Claims (2, 3, 4)
- - 2. The method of claim 1, further comprising:
    - receiving, by the token server computer from the mobile device via the remote mobile application server, a token status inquiry message inquiring about a status of the token;
      
      retrieving, by the token server computer, the status of the token from a token database accessible by the token server computer; and
      
      sending, by the token server computer to the mobile device via the remote mobile application server, a token status response message including the status of the token.
  - 3. The method of claim 1, further comprising:
    - periodically retrieving, by the token server computer, a status of the token from a token database accessible by the token server computer; and
      
      automatically sending, by the token server computer, the status of the token to the mobile device via the remote mobile application server.
  - 4. The method of claim 1, wherein the encryption key and the decrypted user data associated with the user of the mobile device are stored by the remote mobile application server.

5. A token server computer comprising:
- a processor; and
  
  a memory element comprising code, executable by the processor, for implementing a method comprising;
  
  sharing an encryption key with a remote mobile application server;
  
  receiving a user identity cryptogram encrypted using the encryption key from the remote mobile application server;
  
  in response to the user identity cryptogram, providing an access token to the remote mobile application server, wherein the access token enables access to the token server computer for a predetermined amount of time;
  
  within the predetermined amount of time;
  
  receiving, from a mobile application stored on a mobile device via the remote mobile application server, a token request message including encrypted user data associated with a user of the mobile device, wherein the encrypted user data includes an encrypted account identifier and is generated using the encryption key shared with the remote mobile application server;
  
  decrypting the encrypted user data using the encryption key to obtain decrypted user data including decrypted account identifier;
  
  identifying an account associated with the decrypted user data including the decrypted account identifier;
  
  generating a token associated with the account;
  
  storing the token; and
  
  sending, via the remote mobile application server, the token to the mobile device, wherein the mobile device does not have a direct access to the token server computer.
- View Dependent Claims (6, 7, 8)
- - 6. The token server computer of claim 5, wherein the method further comprises:
    - receiving, from the mobile device via the remote mobile application server, a token status inquiry message inquiring about a status of the token;
      
      retrieving the status of the token from a token database accessible by the token server computer; and
      
      sending, to the mobile device via the remote mobile application server, a token status response message including the status of the token.
  - 7. The token server computer of claim 5, wherein the method further comprises:
    - periodically retrieving a status of the token from a token database accessible by the token server computer; and
      
      automatically sending the status of the token to the mobile device via the remote mobile application server.
  - 8. The token server computer of claim 5, wherein the encryption key and the decrypted user data associated with the user of the mobile device are stored by the remote mobile application server.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Visa International Service Association (Visa, Inc.)
Original Assignee
Visa International Service Association (Visa, Inc.)
Inventors
Guglani, Abhishek, Sharma, Sanjeev, Chitalia, Jalpesh, Destremps, Gerald, Mardikar, Upendra, Xu, Minghua, Trevino, Jose Luis Rios, Singh, Brijendra
Primary Examiner(s)
Mehrmanesh, Amir

Application Number

US16/285,053
Publication Number

US 20190188414A1
Time in Patent Office

435 Days
Field of Search
US Class Current
CPC Class Codes

G06F 21/335   for accessing specific reso...

G06F 21/602   Providing cryptographic fac...

G06F 21/606   by securing the transmissio...

G06F 21/6245   Protecting personal data, e...

G06F 2221/2107   File encryption

H04L 2463/102   applying security measure f...

H04L 63/0428   wherein the data content is...

H04W 12/08   Access security

H04W 12/126   Anti-theft arrangements, e....

Remote server encrypted data provisioning system and methods

First Claim

0 Assignments

0 Petitions

Accused Products

Abstract

558 Citations

8 Claims

Specification

Solutions

Use Cases

Quick Links

Remote server encrypted data provisioning system and methods

First Claim

0 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

558 Citations

8 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links