Systems and methods for secure detokenization
First Claim
Patent Images
1. A method comprising:
- receiving, by a token provider computer, a de-tokenization request comprising a token and a requestor certificate associated with a requestor computer, the requestor certificate indicating that the requestor computer is authorized to receive a credential associated with the token, the requestor certificate including a requestor public key, and wherein the de-tokenization request originated from the requestor computer;
determining, by the token provider computer, the credential associated with the token;
determining, by the token provider computer, that the requestor computer is authorized to receive the credential based on the requestor certificate;
encrypting, by the token provider computer, the credential with the requestor public key included in the requestor certificate; and
sending, by the token provider computer, a de-tokenization response to the requestor computer, the de-tokenization response including the encrypted credential.
0 Assignments
0 Petitions
Accused Products
Abstract
A method for requesting a credential associated with token in a multiple token layer environment is disclosed. A tokenization certificate serves to validate the identity of a credential requestor and provide information about the requestor'"'"'s authorization for de-tokenizing a token. Also, a public key in the tokenization certificate is used to encrypt the credential for secure transmission to the requestor.
536 Citations
20 Claims
-
1. A method comprising:
-
receiving, by a token provider computer, a de-tokenization request comprising a token and a requestor certificate associated with a requestor computer, the requestor certificate indicating that the requestor computer is authorized to receive a credential associated with the token, the requestor certificate including a requestor public key, and wherein the de-tokenization request originated from the requestor computer; determining, by the token provider computer, the credential associated with the token; determining, by the token provider computer, that the requestor computer is authorized to receive the credential based on the requestor certificate; encrypting, by the token provider computer, the credential with the requestor public key included in the requestor certificate; and sending, by the token provider computer, a de-tokenization response to the requestor computer, the de-tokenization response including the encrypted credential. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
-
-
11. A token provider computer comprising:
-
a processor; and a computer readable medium, the computer readable medium comprising code, executable by the processor, for implementing a method comprising; receiving a de-tokenization request comprising a token and a requestor certificate associated with a requestor computer, the requestor certificate indicating that the requestor computer is authorized to receive a credential associated with the token, the requestor certificate including a requestor public key, and wherein the de-tokenization request originated from the requestor computer; determining the credential associated with the token; determining that the requestor computer is authorized to receive the credential based on the requestor certificate; encrypting the credential with the requestor public key included in the requestor certificate; and sending a de-tokenization response to the requestor computer, the de-tokenization response including the encrypted credential. - View Dependent Claims (12, 13, 14, 15, 16)
-
-
17. A method comprising:
-
receiving, by a server computer, a de-tokenization request comprising a token and a requestor certificate associated with a requestor computer, the requestor certificate indicating that the requestor computer is authorized to receive a credential associated with the token, the requestor certificate including a requestor public key, and wherein the de-tokenization request originated from the requestor computer; forwarding, by the server computer, the de-tokenization request to a token provider computer, wherein the token provider computer determines the credential associated with the token, determines that the requestor computer is authorized to receive the credential based on the requestor certificate, and encrypts the credential with the requestor public key included in the requestor certificate; receiving, by the server computer, a de-tokenization response from the token provider computer, the de-tokenization response including the encrypted credential; and forwarding, by the server computer, the de-tokenization response including the encrypted credential to the requestor computer. - View Dependent Claims (18, 19, 20)
-
Specification