Electronic authorization system and method

US 8,726,018 B2
Filed: 04/09/2013
Issued: 05/13/2014
Est. Priority Date: 04/29/2005
Status: Active Grant

First Claim

Patent Images

1. A computer implemented method of tokenizing data, the method comprising:

receiving a request from a first processor, the request comprising confidential data and a first input data portion;

receiving a second input data portion from a second processor;

generating a token based on the confidential data, the first input data portion and the second input data portion;

transmitting the token to the first processor in a field corresponding to a VISAD data format field;

generating one or more requests at the first processor based on the first input data portion;

tokenizing a response to the request at a third processor using the token;

receiving the response to the request at the first processor; and

storing the token in a non-transitory computer readable storage medium at the first processor.

View all claims

4 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

An electronic authorization system comprising a data source system configured to transmit transaction data. A secure data system is coupled to the data source system over an open network, the secure data system is configured to receive the transaction data from the data source system, generate a unique encrypted identifier for the transaction data and to transmit the unique encrypted identifier to the data source system. The data source system is configured to receive the unique encrypted identifier and replace payment card data associated with the transaction data in a database with the unique encrypted identifier.

Citations

20 Claims

1. A computer implemented method of tokenizing data, the method comprising:
- receiving a request from a first processor, the request comprising confidential data and a first input data portion;
  
  receiving a second input data portion from a second processor;
  
  generating a token based on the confidential data, the first input data portion and the second input data portion;
  
  transmitting the token to the first processor in a field corresponding to a VISAD data format field;
  
  generating one or more requests at the first processor based on the first input data portion;
  
  tokenizing a response to the request at a third processor using the token;
  
  receiving the response to the request at the first processor; and
  
  storing the token in a non-transitory computer readable storage medium at the first processor.
- View Dependent Claims (2, 3, 4, 5, 6, 7)
- - 2. The method of claim 1, wherein the confidential data comprises a predetermined structure with one or more predetermined field values and address data.
  - 3. The method of claim 1, wherein the identified token is generated by an algorithmic function.
  - 4. The method of claim 1 further comprising querying the second processor for the second input data portion using the first input data portion.
  - 5. The method of claim 1 further comprising querying the second processor for the second input data portion using the confidential data and the first input data portion.
  - 6. The method of claim 1 further comprising querying the second processor for the second input data portion using the confidential data and the first input data portion over a secure data network, wherein the request is received over an open data network.
  - 7. The method of claim 1, further comprising transmitting the token to the first processor, and wherein generating the one or more requests at the first processor based on the first input data portion further comprises including the token in the one or more requests.

8. A computer implemented method of tokenizing data, the method comprising:
- receiving input data to be tokenized at a first processor, the input data comprising confidential data in a first predefined data field, a first data portion and a second data portion;
  
  generating a token as a function of the confidential data, the first data portion and the second data portion;
  
  transmitting the token to a second processor in a field corresponding to the first predefined data field;
  
  storing the token at the second processor with the first data portion and the second data portion in a non-transitory computer readable storage medium;
  
  generating a data request at the second processor using the token;
  
  applying an encryption key to the confidential, the first data portion and the second data portion; and
  
  wherein the first predefined data field is from a VISAD data format.
- View Dependent Claims (9, 10, 11, 12)
- - 9. The computer implemented method of claim 8, wherein the token is are stored for subsequent use at the first processor.
  - 10. The computer implemented method of claim 8, further comprising retrieving the token from storage.
  - 11. The computer implemented method of claim 8, wherein generating a token comprises generating a unique encrypted identifier.
  - 12. The computer implemented method of claim 8 further comprising transmitting a settlement request from the second processor to the first processor with the token.

13. A non-transitory computer-readable storage medium having executable computer program instructions embodied therein for tokenizing data, the actions of the computer program instructions comprising:
- accessing input data to be tokenized at a first processor, the input data comprising confidential data and a first data portion from a second processor and a second data portion from a third processor;
  
  generating a token at the first processor;
  
  transmitting the token from the first processor to the second processor in a first predetermined set of data fields of a VISAD format; and
  
  storing the token at the second processor in a non-transitory computer readable storage medium.
- View Dependent Claims (14, 15, 16, 17, 18, 19, 20)
- - 14. The non-transitory computer-readable storage medium of claim 13, the actions of the computer program instructions further comprising generating the token at the first processor by using a key.
  - 15. The non-transitory computer-readable storage medium of claim 14, wherein the first predetermined set of data fields in the VISAD format comprises a credit card number field.
  - 16. The non-transitory computer-readable storage medium of claim 14, wherein the token is stored at the first processor in a non-transitory computer readable storage medium.
  - 17. The non-transitory computer-readable storage medium of claim 13, the actions of the computer program instructions further comprising:
    - retrieving the token from storage.
  - 18. The non-transitory computer-readable storage medium of claim 13, wherein generating the token comprises generating a unique encrypted identifier as a function of the confidential data, the first data portion and the second data portion.
  - 19. The non-transitory computer-readable storage medium of claim 13, wherein generating the token comprises generating a unique encrypted identifier as a function of one or more of the confidential data, the first data portion and the second data portion.
  - 20. The non-transitory computer-readable storage medium of claim 13, wherein generating the token comprises generating a unique encrypted identifier as a function of data from a data source.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Merchant-Link LLC (Shift4 Payments, Inc.)
Original Assignee
Merchant-Link LLC (Shift4 Payments, Inc.)
Inventors
Freedman, Jonathan N., Lane, Daniel J., Jaffe, Miriam, Zloth, Susan M., Marshall, Stephanie Bauer
Primary Examiner(s)
PEARSON, DAVID J

Application Number

US13/859,724
Publication Number

US 20130232077A1
Time in Patent Office

399 Days
Field of Search

None
US Class Current

713/167
CPC Class Codes

G06F 21/54   by adding security routines...

G06F 21/602   Providing cryptographic fac...

G06F 21/6227   where protection concerns t...

G06F 21/6254   by anonymising data, e.g. d...

G06F 2221/2107   File encryption

G06Q 20/20   Point-of-sale [POS] network...

G06Q 20/382   insuring higher security of...

G06Q 20/385   using an alias or single-us...

G06Q 20/401   Transaction verification

G06Q 2220/00   Business processing using c...

H04L 2209/56   Financial cryptography, e.g...

H04L 63/0428   wherein the data content is...

Electronic authorization system and method

First Claim

4 Assignments

0 Petitions

Accused Products

Abstract

Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

Electronic authorization system and method

First Claim

4 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links