Generation, distribution and verification of tokens using a secure hash algorithm

US 8,224,754 B2
Filed: 12/15/2004
Issued: 07/17/2012
Est. Priority Date: 12/15/2004
Status: Expired due to Fees

First Claim

Patent Images

1. A system comprising:

a token server including;

a token generation module implemented by a processor executing first instructions stored in memory at the token server, the token generation module configured to;

receive, from an offer server via a network, a communication of an offer;

examine the offer to determine a monetary value of the offer;

calculate an alphanumeric character length that corresponds to the monetary value of the offer and corresponds to a redeem method by which the offer will be redeemed by a user;

generate, via a random number generator, a number of random bits based on the alphanumeric character length;

generate a token by converting the random bits into characters according to a base-24 conversion, to create the token using characters drawn from a 24-character set, the random bits converted into characters by encoding bits 0-63 separately from bits in excess of 64 bits and by concatenating two strings, one of fixed 14-character length and one of a variable length depending on the monetary value of the offer;

hash the random bits to generate a first hash value;

store the first hash value in a database for validation of a token received from the user; and

provide the token to a token distributor for distribution to the user in accordance with a rule specified by the offer.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Methods, systems, and apparatus for generation, distribution and verification of tokens are described. In an implementation, a method is described in which a value of an offer is determined and a token for representing the offer is generated. The token has a number of characters based on the determination of the value of the offer.

78 Citations

View as Search Results

16 Claims

1. A system comprising:
- a token server including;
  
  a token generation module implemented by a processor executing first instructions stored in memory at the token server, the token generation module configured to;
  
  receive, from an offer server via a network, a communication of an offer;
  
  examine the offer to determine a monetary value of the offer;
  
  calculate an alphanumeric character length that corresponds to the monetary value of the offer and corresponds to a redeem method by which the offer will be redeemed by a user;
  
  generate, via a random number generator, a number of random bits based on the alphanumeric character length;
  
  generate a token by converting the random bits into characters according to a base-24 conversion, to create the token using characters drawn from a 24-character set, the random bits converted into characters by encoding bits 0-63 separately from bits in excess of 64 bits and by concatenating two strings, one of fixed 14-character length and one of a variable length depending on the monetary value of the offer;
  
  hash the random bits to generate a first hash value;
  
  store the first hash value in a database for validation of a token received from the user; and
  
  provide the token to a token distributor for distribution to the user in accordance with a rule specified by the offer.
- View Dependent Claims (2, 3, 4, 5, 6, 7)
- - 2. A system as described in claim 1, further comprising a token validation module implemented by the processor executing second instructions stored in the memory at the token server, the token validation module configured to:
    - receive the token from the user;
      
      calculate a second hash value from the token entry; and
      
      compare the second hash value with the first hash value to determine a validity of the token entry.
  - 3. A system as described in claim 1, further comprising a token validation module implemented by the processor executing second instructions stored in the memory at the token server, the token validation module configured toreceive the token entry from the user;
    - calculate a second hash value from the token entry;
      
      compare the second hash value with the first hash value to determine that the token entry is invalid; and
      
      store the invalid token entry to an invalid token database when the comparing the second hash value with the first hash value determines that the token entry is invalid.
  - 4. A system as described in claim 1, wherein the token distributor distributes the token to the user by sending the token to the user'"'"'s computer in accordance with the rule specified by the offer.
  - 5. A system as described in claim 1, wherein the random alphanumeric string includes a first part encoded using a first base alphanumeric code and a second part is encoded using a second base alphanumeric code, the first base alphanumeric code being different from the second base alphanumeric code.
  - 6. A system as described in claim 5, wherein the first part is encoded using the first base alphanumeric code in accordance with the following table:
  - 7. A system as described in claim 1,wherein the token server is in communication with a plurality of offer servers.

8. Computer-readable storage media having computer-readable program code embodied therein, the computer-readable program code adapted to the executed by a processor to implement a method, the method comprising:
- implementing, by the processor, a token generation module for generating tokens;
  
  receiving, by the processor, a communication including an offer, the offer providing information for generating the token;
  
  determining, by the processor, a value of the offer based at least in part upon a monetary value of the offer;
  
  generating, by the processor, a random alphanumeric string representing a token that provides value to a user in an online commerce system, the token created by converting random bits into characters in base-24, to create the token using characters drawn from a 24-character set, the random bits converted into characters by encoding bits 0-63 separately from bits in excess of 64 bits and by concatenating two strings, one of fixed 14-character length and one of a variable length depending on the monetary value of the offer, the token having a character length that correlates to the monetary value of the offer and represents the offer to the user;
  
  providing the token to a token distributor for distribution to the user in accordance with a rule specified with the communication of the offer;
  
  receiving a validation communication including the token from the user; and
  
  hashing the token received from the user to determine a validity of the token received from the user.
- View Dependent Claims (9, 10, 11, 12, 13, 14, 15)
- - 9. The computer-readable storage media according to claim 8, wherein the hashing the token received from the user comprises:
    - generating a first hash value for the random alphanumeric string using a secure hash algorithm (SHA);
      
      generating a second hash value for the token received from the user; and
      
      storing an invalid token entry in a database when the first hash value is not equal to the second hash value.
  - 10. The computer-readable storage media according to claim 8, wherein the generating the token generates the token by a token server in communication with an offer server and a computer of the user via a network.
  - 11. The computer-readable storage media according to claim 8, wherein the hashing the token received from the user further comprises:
    - converting the token received from the user into a bit stream; and
      
      calculating a hash value from the bit stream using a secure hash algorithm (SHA) to determine validity of the token received from the user.
  - 12. The computer-readable storage media according to claim 8, wherein the generating the random alphanumeric string utilizes a conversion table having a number of alphanumeric characters that matches a numeric base to generate the random alphanumeric string.
  - 13. The computer-readable storage media according to claim 8, further comprising storing a hash value of the random alphanumeric string representing the token to a database.
  - 14. The computer-readable storage media according to claim 8, wherein the generating the random alphanumeric string representing the token generates a plurality of alphanumeric strings representing the token, the character length of each of the plurality of alphanumeric strings based on a number of the tokens which are generated in conjunction with the offer.
  - 15. The computer-readable storage media according to claim 8,wherein the processor is in communication with a plurality of offer providers that provide different offers, andwherein the token generation module is configured to generate a plurality of alphanumeric strings representing the different offers, each of the plurality of alphanumeric strings based upon characteristics of each of the different offers received from each of the plurality of offer providers.

16. A computing device comprising:
- a processor; and
  
  a memory coupled to the processor, the memory comprising computer-program instructions executable by the processor for;
  
  examining configuration data in an offer;
  
  computing a number of characters to be used in each of a plurality of tokens, the number of characters based on the examination;
  
  requesting a number of bits from a random number generator for each of a plurality of tokens, the number of bits sufficient to construct each of the plurality of tokens having the computed number of characters;
  
  creating each of the plurality of tokens by;
  
  segregating bits obtained from the random number generator into two groups of bits, the groups including bits 0-63 and bits 64 and onward;
  
  converting the two groups into base 24, to create the tokens using characters drawn from a 24-character set; and
  
  concatenating two strings to form a token, one string of fixed 14-character length obtained from the conversion of the group of bits 0-63 into base 24 and one string of a variable length obtained from the conversion of the group of bits 64 and onward into base 24, the variable length based on the number of characters computed and based on the examination;
  
  generating a hash value of each of the plurality of tokens;
  
  importing the hash value generated for each of the plurality of tokens into a database;
  
  distributing the plurality of tokens to a plurality of clients;
  
  receiving tokens from clients;
  
  converting each of the received tokens into a bit stream using a reverse of the base 24 conversion formula;
  
  hashing the bit streams;
  
  comparing the hashed bit streams to the imported hash values in the database;
  
  validating hashed received tokens that match hash values in the database;
  
  storing hashed received tokens that do not match hash values in the database.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Microsoft Technology Licensing LLC (Microsoft Corporation)
Original Assignee
Microsoft Corporation
Inventors
Pastusiak, Andrzej, Sacheti, Arun K., Cai, Ting, Martin, Deuane, Benaloh, Josh D., Kuppuswamy, Rajesh
Primary Examiner(s)
Reagan, James A
Assistant Examiner(s)
CHEUNG, CALVIN K

Application Number

US11/013,199
Publication Number

US 20060129501A1
Time in Patent Office

2,771 Days
Field of Search

705/14, 705/69, 705/14.1, 705/64
US Class Current

705/69
CPC Class Codes

G06Q 20/06   Private payment circuits, e...

G06Q 20/367   involving electronic purses...

G06Q 20/3678   e-cash details, e.g. blinde...

G06Q 20/382   insuring higher security of...

G06Q 30/00   Commerce

G06Q 30/0207   Discounts or incentives, e....

Generation, distribution and verification of tokens using a secure hash algorithm

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

78 Citations

16 Claims

Specification

Solutions

Use Cases

Quick Links

Generation, distribution and verification of tokens using a secure hash algorithm

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

78 Citations

16 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links