Remote server encrypted data provisioning system and methods
First Claim
Patent Images
1. A method comprising:
- sharing, by a token server computer, an encryption key with a remote mobile application server;
receiving, by the token server computer, a user identity cryptogram encrypted using the encryption key from the remote mobile application server;
in response to the user identity cryptogram, providing, by the token server computer, an access token to the remote mobile application server, wherein the access token enables access to the token server computer for a predetermined amount of time;
within the predetermined amount of time;
receiving, by the token server computer from a mobile application stored on a mobile device via the remote mobile application server, a token request message including encrypted user data associated with a user of the mobile device, wherein the encrypted user data includes an encrypted account identifier and is generated using the encryption key shared with the remote mobile application server;
decrypting, by the token server computer, the encrypted user data using the encryption key to obtain decrypted user data including decrypted account identifier;
identifying, by the token server computer, an account associated with the decrypted user data including the decrypted account identifier;
generating, by the token server computer, a token associated with the account;
storing, by the token server computer, the token; and
sending, by the token server computer via the remote mobile application server, the token to the mobile device, wherein the mobile device does not have a direct access to the token server computer.
0 Assignments
0 Petitions
Accused Products
Abstract
Embodiments of the invention are directed to methods, systems and devices for providing sensitive user data to a mobile device using an encryption key. For example, a mobile application on a mobile device may receive encrypted sensitive user data from a mobile application server, where the user sensitive data is encrypted with a key from a token server computer. The mobile application may then request that the encrypted payment information be sent to the token server. The mobile device may then receive a payment token associated with the payment information from the token server.
558 Citations
8 Claims
-
1. A method comprising:
-
sharing, by a token server computer, an encryption key with a remote mobile application server; receiving, by the token server computer, a user identity cryptogram encrypted using the encryption key from the remote mobile application server; in response to the user identity cryptogram, providing, by the token server computer, an access token to the remote mobile application server, wherein the access token enables access to the token server computer for a predetermined amount of time; within the predetermined amount of time; receiving, by the token server computer from a mobile application stored on a mobile device via the remote mobile application server, a token request message including encrypted user data associated with a user of the mobile device, wherein the encrypted user data includes an encrypted account identifier and is generated using the encryption key shared with the remote mobile application server; decrypting, by the token server computer, the encrypted user data using the encryption key to obtain decrypted user data including decrypted account identifier; identifying, by the token server computer, an account associated with the decrypted user data including the decrypted account identifier; generating, by the token server computer, a token associated with the account; storing, by the token server computer, the token; and sending, by the token server computer via the remote mobile application server, the token to the mobile device, wherein the mobile device does not have a direct access to the token server computer. - View Dependent Claims (2, 3, 4)
-
-
5. A token server computer comprising:
-
a processor; and a memory element comprising code, executable by the processor, for implementing a method comprising; sharing an encryption key with a remote mobile application server; receiving a user identity cryptogram encrypted using the encryption key from the remote mobile application server; in response to the user identity cryptogram, providing an access token to the remote mobile application server, wherein the access token enables access to the token server computer for a predetermined amount of time; within the predetermined amount of time; receiving, from a mobile application stored on a mobile device via the remote mobile application server, a token request message including encrypted user data associated with a user of the mobile device, wherein the encrypted user data includes an encrypted account identifier and is generated using the encryption key shared with the remote mobile application server; decrypting the encrypted user data using the encryption key to obtain decrypted user data including decrypted account identifier; identifying an account associated with the decrypted user data including the decrypted account identifier; generating a token associated with the account; storing the token; and sending, via the remote mobile application server, the token to the mobile device, wherein the mobile device does not have a direct access to the token server computer. - View Dependent Claims (6, 7, 8)
-
Specification