Method and system for utilizing authorization factor pools

US 8,688,589 B2
Filed: 03/12/2013
Issued: 04/01/2014
Est. Priority Date: 04/15/2011
Status: Active Grant

First Claim

Patent Images

1. A method of sharing a token associated with cardholder data (CHD) to enable the sharing of the CHD between users, the method comprising:

receiving, by a token access system implemented in a computing system comprising one or more processors, an identity of a token associated with CHD of a cardholder and an identity of a second merchant from a first merchant;

determining, by the token access system, from a plurality of tokenization provider systems a tokenization provider system that generated the token wherein the determination is performed by using the identity of the token;

accessing, by the token access system, an authorization factor pool associated with the determined tokenization provider system from a database storing a plurality of authorization pools, wherein each of the tokenization provider systems is associated with a different authorization factor pool from the plurality of authorization factor pools;

generating, by the token access system, an authorization factor using the accessed authorization factor pool;

associating, by the token access system, the authorization factor with the token and the second merchant;

transmitting, by the token access system, the authorization factor to the second merchant;

receiving, by the token access system, the authorization factor from the second merchant;

determining, by the token access system, a corresponding authorization factor pool based on the authorization factor received from the second merchant and determining a corresponding tokenization provider system based on the determined corresponding authorization pool;

sending, by the token access system, the identity of the token to the determined corresponding tokenization provider system;

receiving, by the token access system, information of the token from the determined corresponding tokenization provider system, wherein the information is at least one of the token and the CHD of the cardholder; and

providing, by the token access system, the information of the token to the second merchant.

View all claims

4 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

One embodiment of the present disclosure provides a system and associated processes for sharing cardholder data (CHD) between a merchant that utilizes tokenization and a second merchant that may or may not utilize tokenization. In one embodiment, the merchant, or an employee of the merchant, can use the system and associated processes to reacquire CHD from a tokenization provider system. In one embodiment, the merchant identifies to the tokenization provider system a desire to share CHD, which is associated with a token, with a second merchant. The merchant and/or the tokenization provider system can then invite the second merchant to register with the tokenization provider system. Once registered with the tokenization provider system, the second merchant can access any CHD that the merchant associated with the second merchant.

38 Citations

View as Search Results

14 Claims

1. A method of sharing a token associated with cardholder data (CHD) to enable the sharing of the CHD between users, the method comprising:
- receiving, by a token access system implemented in a computing system comprising one or more processors, an identity of a token associated with CHD of a cardholder and an identity of a second merchant from a first merchant;
  
  determining, by the token access system, from a plurality of tokenization provider systems a tokenization provider system that generated the token wherein the determination is performed by using the identity of the token;
  
  accessing, by the token access system, an authorization factor pool associated with the determined tokenization provider system from a database storing a plurality of authorization pools, wherein each of the tokenization provider systems is associated with a different authorization factor pool from the plurality of authorization factor pools;
  
  generating, by the token access system, an authorization factor using the accessed authorization factor pool;
  
  associating, by the token access system, the authorization factor with the token and the second merchant;
  
  transmitting, by the token access system, the authorization factor to the second merchant;
  
  receiving, by the token access system, the authorization factor from the second merchant;
  
  determining, by the token access system, a corresponding authorization factor pool based on the authorization factor received from the second merchant and determining a corresponding tokenization provider system based on the determined corresponding authorization pool;
  
  sending, by the token access system, the identity of the token to the determined corresponding tokenization provider system;
  
  receiving, by the token access system, information of the token from the determined corresponding tokenization provider system, wherein the information is at least one of the token and the CHD of the cardholder; and
  
  providing, by the token access system, the information of the token to the second merchant.
- View Dependent Claims (2, 3, 4, 5, 6, 7)
- - 2. The method of claim 1, wherein each of the authorization factor pools comprises a set of unique authorization factors that are unique to each authorization factor pool from the plurality of authorization factor pools.
  - 3. The method of claim 1, wherein each of the authorization factor pools comprises a unique algorithm for generating authorization factors that is unique to each authorization factor pool from the plurality of authorization factor pools.
  - 4. The method of claim 3, wherein said generating the authorization factor comprises generating the authorization factor using the unique algorithm for the authentication factor pool.
  - 5. The method of claim 1, wherein said associating the authorization factor with the token includes setting an expiration for the authorization factor.
  - 6. The method of claim 5, wherein the expiration is based on a time.
  - 7. The method of claim 5, wherein the expiration is based on a number of accesses to the token using the authorization factor.

8. A system for sharing a token associated with cardholder data (CHD) to enable the sharing of the CHD between users, the system comprising:
- a processor, anda memory device storing computer executable instructions which, when executed by the processor causes the processor to perform a method comprising;
  
  receiving, by a token access system implemented in a computing system comprising one or more processors, an identity of a token associated with CHD of a cardholder and an identity of a second merchant from a first merchant;
  
  determining, by the token access system, from a plurality of tokenization provider systems a tokenization provider system that generated the token wherein the determination is performed by using the identity of the token;
  
  accessing, by the token access system, an authorization factor pool associated with the determined tokenization provider system from a database storing a plurality of authorization pools, wherein each of the tokenization provider systems is associated with a different authorization factor pool from the plurality of authorization factor pools;
  
  generating, by the token access system, an authorization factor using the accessed authorization factor pool;
  
  associating, by the token access system, the authorization factor with the token and the second merchant;
  
  transmitting, by the token access system, the authorization factor to the second merchant;
  
  receiving, by the token access system, the authorization factor from the second merchant;
  
  determining, by the token access system, a corresponding authorization factor pool based on the authorization factor received from the second merchant and determining a corresponding tokenization provider system based on the determined corresponding authorization pool;
  
  sending, by the token access system, the identity of the token to the determined corresponding tokenization provider system;
  
  receiving, by the token access system, information of the token from the determined corresponding tokenization provider system, wherein the information is at least one of the token and the CHD of the cardholder; and
  
  providing, by the token access system, the information of the token to the second merchant.
- View Dependent Claims (9, 10, 11, 12, 13, 14)
- - 9. The system of claim 8, wherein each of the authorization factor pools comprises a set of unique authorization factors that are unique to each authorization factor pool from the plurality of authorization factor pools.
  - 10. The system of claim 8, wherein each of the authorization factor pools comprises a unique algorithm for generating authorization factors that is unique to each authorization factor pool from the plurality of authorization factor pools.
  - 11. The system of claim 10, wherein said generating the authorization factor comprises generating the authorization factor using the unique algorithm for the authentication factor pool.
  - 12. The system of claim 8, wherein said associating the authorization factor with the token includes setting an expiration for the authorization factor.
  - 13. The system of claim 12, wherein the expiration is based on a time.
  - 14. The system of claim 12, wherein the expiration is based on a number of accesses to the token using the authorization factor.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Shift4 Corporation (Shift4 Payments, Inc.)
Original Assignee
Shift4 Corporation (Shift4 Payments, Inc.)
Inventors
Cronic, Kevin James, Sommers, Steven Mark, Oder, John David II, Oder, John David, Calandrelli, Steven, Fried, Jeremy B.
Primary Examiner(s)
KIM, STEVEN S

Application Number

US13/797,246
Publication Number

US 20130191289A1
Time in Patent Office

385 Days
Field of Search

705/44, 705/65, 705/67
US Class Current

705/67
CPC Class Codes

G06Q 20/0855   involving a third party

G06Q 20/24   Credit schemes, i.e. "pay a...

G06Q 20/382   insuring higher security of...

G06Q 20/3821   Electronic credentials

G06Q 20/40   Authorisation, e.g. identif...

G06Q 20/4014   Identity check for transact...

Method and system for utilizing authorization factor pools

First Claim

4 Assignments

0 Petitions

Accused Products

Abstract

38 Citations

14 Claims

Specification

Solutions

Use Cases

Quick Links

Method and system for utilizing authorization factor pools

First Claim

4 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

38 Citations

14 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links