ENCRYPTION AND TOKENIZATION ARCHITECTURES

US 20160012437A1
Filed: 03/13/2015
Published: 01/14/2016
Est. Priority Date: 10/23/2007
Status: Abandoned Application

First Claim

Patent Images

1-28. -28. (canceled)

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Various embodiments of the present invention are directed to methods, systems and computer program products for conducting an online transaction on a website involving sensitive information. Such embodiments provide methods, systems and computer program products to: (a) register at least one entity with a gate keeper module, the registering comprising associating the entity with a subscription level; (b) associate a sub-string of a character string with a unique token so that a direct link does not exist between the unique token and the character string; and (c) during processing of the online transaction: (i) using the unique token for intermediate steps during the processing of the online transaction; and (ii) only accessing the character string in storage memory to complete the online transaction after receiving a request from at least one registered entity associated with a subscription level associated with a privilege to receive the requested sensitive information.

16 Citations

52 Claims

1-28. -28. (canceled)

29. A method for conducting an online transaction on a website involving sensitive information, the method comprising:
- registering an entity, the registering comprising providing a key that associates the entity with a subscription level sufficient to receive the sensitive information;
  
  associating a sub-string of a character string with a unique token so that a direct link does not exist between the unique token and the character string, the character string comprising the sensitive information and the sub-string being configured to identify the character string without revealing the character string;
  
  saving a record for the online transaction, wherein the record includes information for the online transaction and the unique token;
  
  using the unique token for intermediate steps during the processing of the online transaction; and
  
  retrieving the character string from a storage memory using the unique token and the key associated with the entity to complete the online transaction using the saved record and the sensitive information after transmission of a request for the sensitive information from the entity.
- View Dependent Claims (30, 31, 32, 33, 34, 35, 36)
- - 30. The method of claim 29, wherein the online transaction is a purchase on the website and the character string is a credit card number.
  - 31. The method of claim 30, wherein the sub-string comprises a last four digits of the credit card number.
  - 32. The method of claim 29, wherein the character string is stored as encrypted data.
  - 33. The method of claim 29, wherein the character string is stored as a record in a database within the storage memory.
  - 34. The method of claim 29, further comprising:
    - verifying that a computer device or a user retrieving the sensitive information is authorized to access the character string.
  - 35. The method of claim 29, further comprising:
    - receiving a request to display a sub-string of the character string, the request comprising the unique token; and
      
      displaying the sub-string without revealing the sensitive information.
  - 36. The method of claim 29, further comprising:
    - using the unique token to access and retrieve a sub-string of the character string without accessing the character string.

37. A data processing system for conducting an online transaction on a website involving sensitive information, the data processing system comprising a processor and one or more storage devices embodying computer-readable program instructions that, when executed by the processor, cause the data processing system to:
- register an entity, the registering comprising providing a keys that associates the entity with a subscription level sufficient to receive the sensitive information;
  
  associate a sub-string of a character string with a unique token so that a direct link does not exist between the unique token and the character string, the character string comprising the sensitive information and the sub-string being configured to identify the character string without revealing the character string;
  
  save a record for the online transaction, wherein the record includes information for the online transaction and the unique token;
  
  use the unique token for intermediate steps during the processing of the online transaction; and
  
  retrieve the character string from a storage memory using the unique token and the key associated with the entity to complete the online transaction using the saved record and the sensitive information after transmission of a request for the sensitive information from the entity.
- View Dependent Claims (38, 39, 40, 41, 42, 43, 44)
- - 38. The data processing system of claim 37, wherein the online transaction is a purchase on the website and the character string is a credit card number.
  - 39. The data processing system of claim 38, wherein the sub-string comprises a last four digits of the credit card number.
  - 40. The data processing system of claim 37, wherein the character string is stored as encrypted data.
  - 41. The data processing system of claim 37, wherein the character string is stored as a record in a database within the storage memory.
  - 42. The data processing system of claim 37, wherein the computer-readable program instructions, when executed by the processor, further cause the data processing system to:
    - verify that a computer device or a user retrieving the sensitive information is authorized to access the character string.
  - 43. The data processing system of claim 37, wherein the computer-readable program instructions, when executed by the processor, further cause the data processing system to:
    - receive a request to display a sub-string of the character string, the request comprising the unique token; and
      
      display the sub-string without revealing the sensitive information.
  - 44. The data processing system of claim 37, wherein the computer-readable program instructions, when executed by the processor, further cause the data processing system to:
    - use the unique token to access and retrieve a sub-string of the character string without accessing the character string.

45. A computer program product for conducting an online transaction on a website involving sensitive information, the computer program product comprising a computer-readable storage embodying computer-readable program instructions that, when executed by, cause a processor to:
- register an entity, the registering comprising providing a key that associates the entity with a subscription level sufficient to receive the sensitive information;
  
  associate a sub-string of a character string with a unique token so that a direct link does not exist between the unique token and the character string, the character string comprising the sensitive information and the sub-string being configured to identify the character string without revealing the character string;
  
  save a record for the online transaction, wherein the record includes information for the online transaction and the unique token;
  
  use the unique token for intermediate steps during the processing of the online transaction; and
  
  retrieve the character string from a storage memory using the unique token and the key associated with the entity to complete the online transaction using the saved record and the sensitive information after transmission of a request for the sensitive information from the entity.
- View Dependent Claims (46, 47, 48, 49, 50, 51, 52)
- - 46. The computer program product of claim 45, wherein the online transaction is a purchase on the website and the character string is a credit card number.
  - 47. The computer program product of claim 46, wherein the sub-string comprises a last four digits of the credit card number.
  - 48. The computer program product of claim 45, wherein the character string is stored as encrypted data.
  - 49. The computer program product of claim 45, wherein the character string is stored as a record in a database within the storage memory.
  - 50. The computer program product of claim 45, wherein the computer-readable program instructions, when executed, further cause the processor to:
    - verify that a computer device or a user retrieving the sensitive information is authorized to access the character string.
  - 51. The computer program product of claim 45, wherein the computer-readable program instructions, when executed, further cause the processor to:
    - receive a request to display a sub-string of the character string, the request comprising the unique token; and
      
      display the sub-string without revealing the sensitive information.
  - 52. The computer program product of claim 45, wherein the computer-readable program instructions, when executed, further cause the processor to:
    - use the unique token to access and retrieve a sub-string of the character string without accessing the character string.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
United Parcel Service Of America Incorporated (United Parcel Service Incorporated)
Original Assignee
United Parcel Service Of America Incorporated (United Parcel Service Incorporated)
Inventors
Sahasranaman, Mahesh, Plumer, Robert W.

Application Number

US14/657,135
Publication Number

US 20160012437A1
Time in Patent Office

Days
Field of Search
US Class Current

1/1
CPC Class Codes

G06Q 20/12   specially adapted for elect...

G06Q 20/24   Credit schemes, i.e. "pay a...

G06Q 20/382   insuring higher security of...

G06Q 20/38215   Use of certificates or encr...

G06Q 20/3829   involving key management

G06Q 20/385   using an alias or single-us...

G06Q 40/00   Finance; Insurance; Tax str...

H04L 2463/102   applying security measure f...

H04L 63/0807   using tickets, e.g. Kerbero...

H04L 67/02   based on web technology, e....

ENCRYPTION AND TOKENIZATION ARCHITECTURES

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

16 Citations

52 Claims

Specification

Solutions

Use Cases

Quick Links

ENCRYPTION AND TOKENIZATION ARCHITECTURES

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

16 Citations

52 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links