SYSTEMS AND METHODS FOR LOCALLY DERIVED TOKENS

US 20150269566A1
Filed: 03/18/2015
Published: 09/24/2015
Est. Priority Date: 03/18/2014
Status: Abandoned Application

First Claim

Patent Images

1. A method for generating a token, comprising:

receiving, by an access device and from a token vault computer, an encryption key and a credential identifier;

generating, by the access device, a token using the encryption key and a current time; and

transmitting, by the access device, the token, the current time, and the credential identifier to the token vault computer.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Systems and methods for generating a token are provided. An access device may receive, from a token vault computer, an encryption key and a credential identifier. The access device may generate a token using the encryption key and a current time. The access device may then transmit the token, the current time, and the credential identifier to the token vault computer. The token vault computer may receive the token, a current time, and a credential identifier. The token vault computer may retrieve an encryption key associated with the received credential identifier. The token vault computer may then validate the token based at least in part on the received current time and the retrieved encryption key.

260 Citations

20 Claims

1. A method for generating a token, comprising:
- receiving, by an access device and from a token vault computer, an encryption key and a credential identifier;
  
  generating, by the access device, a token using the encryption key and a current time; and
  
  transmitting, by the access device, the token, the current time, and the credential identifier to the token vault computer.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
- - 2. The method of claim 1, wherein after receiving the encryption key, the access device temporarily does not have communication with the token vault computer.
  - 3. The method of claim 2, wherein transmitting the token and the current time to the token vault computer is performed after communication between access device and the token vault computer is restored, wherein the token vault computer validates the token using the current time and the encryption key.
  - 4. The method of claim 3, wherein validating the token further comprises retrieving the encryption key based at least in part on the credential identifier received by the token vault computer.
  - 5. The method of claim 1, further comprising:
    - sending, by the access device, authentication credentials to the token vault computer, wherein the token vault computer validates the authentication credentials; and
      
      storing, by the access device, the credential identifier and the encryption key on the access device.
  - 6. The method of claim 1, further comprising receiving account information from a communication device, wherein the account information comprises at least a primary account number (PAN).
  - 7. The method of claim 1, wherein the token vault computer stores information pertaining to an association between the token and the account information.
  - 8. The method of claim 1, wherein generating the token comprises generating a token having a token identifier from within a predefined Bank Identification Number (BIN) range.

9. An access device for generating a token, comprising:
- a processor; and
  
  a computer readable medium coupled the processor, the computer readable medium comprising code, executable by the processor, for implementing a method comprising;
  
  receiving, by an access device and from a token vault computer, an encryption key and a credential identifier;
  
  generating, by the access device, a token using the encryption key and a current time; and
  
  transmitting, by the access device, the token, the current time, and the credential identifier to the token vault computer.
- View Dependent Claims (10, 11, 12, 13, 14, 15, 16)
- - 10. The access device of claim 9, wherein after receiving the encryption key, the access device temporarily does not have communication with the token vault computer.
  - 11. The access device of claim 10, wherein transmitting the token and the current time to the token vault computer is performed after communication between access device and the token vault computer is restored, wherein the token vault computer validates the token using the current time and the encryption key.
  - 12. The access device of claim 11, wherein validating the token further comprises retrieving the encryption key based at least in part on the credential identifier received by the token vault computer.
  - 13. The access device of claim 9, further comprising:
    - sending, by the access device, authentication credentials to the token vault computer, wherein the token vault computer validates the authentication credentials; and
      
      storing, by the access device, the credential identifier and the encryption key on the access device.
  - 14. The access device of claim 9, further comprising receiving account information from a communication device, wherein the account information comprises at least a primary account number (PAN).
  - 15. The access device of claim 9, wherein the token vault computer stores information pertaining to an association between the token and the account information.
  - 16. The access device of claim 9, wherein generating the token comprises generating a token having a token identifier from within a predefined Bank Identification Number (BIN) range.

17. A method for offline token generation, comprising:
- receiving, by a token vault computer and from an access device, a token, a current time, and a credential identifier;
  
  retrieving, by the token vault computer, an encryption key associated with the received credential identifier; and
  
  validating, by the token vault computer, the token based at least in part on the received current time and the retrieved encryption key, wherein the token is generated by the access device.
- View Dependent Claims (18)
- - 18. The method of claim 17, further comprising storing, by the token vault computer, an association between the received token and information pertaining to a user account.

19. A token vault computer, comprising:
- a processor; and
  
  a computer readable medium coupled the processor, the computer readable medium comprising code, executable by the processor, for implementing a method comprising;
  
  receiving, by a token vault computer and from an access device, a token, a current time, and a credential identifier;
  
  retrieving, by the token vault computer, an encryption key associated with the received credential identifier; and
  
  validating, by the token vault computer, the token based at least in part on the received current time and the retrieved encryption key, wherein the token is generated by the access device.
- View Dependent Claims (20)
- - 20. The token vault computer of claim 19, wherein the method further comprises storing, by the token vault computer, an association between the received token and information pertaining to a user account.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Visa International Service Association (Visa, Inc.)
Original Assignee
Visa International Service Association (Visa, Inc.)
Inventors
Gaddam, Ajit, Aissi, Selim

Application Number

US14/661,922
Publication Number

US 20150269566A1
Time in Patent Office

Days
Field of Search
US Class Current

1/1
CPC Class Codes

G06Q 20/3821 Electronic credentials

G06Q 20/385 using an alias or single-us...

SYSTEMS AND METHODS FOR LOCALLY DERIVED TOKENS

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

260 Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

SYSTEMS AND METHODS FOR LOCALLY DERIVED TOKENS

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

260 Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links