Distributed tokenization using several substitution steps

US 8,745,094 B2
Filed: 03/01/2010
Issued: 06/03/2014
Est. Priority Date: 03/01/2010
Status: Active Grant

First Claim

Patent Images

1. A method for distributed tokenization of sensitive strings of characters in a local server, the method comprising:

receiving at the local server from a central server one or more token lookup tables having a plurality of tokens, each token comprising at least one character;

receiving a sensitive string of characters at the local server;

selecting a substring of the sensitive string of characters;

replacing the selected substring of the sensitive string of characters with a first token from the received token lookup tables to form an intermediate tokenized string of characters;

selecting a substring of the intermediate tokenized string of characters, the selected substring of the intermediate tokenized string of characters including at least one character replaced by the first token; and

replacing the selected substring of the intermediate tokenized string of characters with a second token from the received token lookup tables to form a final tokenized string of characters, the second token being different from the first token.

View all claims

4 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method for distributed tokenization of sensitive strings of characters, such as social security numbers, credit card numbers and the like, in a local server is disclosed. The method comprises the steps of receiving from a central server at least one, and preferably at least two, static token lookup tables, and receiving a sensitive string of characters. In a first tokenization step, a first substring of characters is substituted with a corresponding first token from the token lookup table(s) to form a first tokenized string of characters, wherein the first substring of characters is a substring of the sensitive string of characters. Thereafter, in a second step of tokenization, a second substring of characters is substituted with a corresponding second token from the token lookup table(s) to form a second tokenized string of characters, wherein the second substring of characters is a substring of the first tokenized string of characters. Optionally, one or more additional tokenization steps is/are used.

Citations

47 Claims

1. A method for distributed tokenization of sensitive strings of characters in a local server, the method comprising:
- receiving at the local server from a central server one or more token lookup tables having a plurality of tokens, each token comprising at least one character;
  
  receiving a sensitive string of characters at the local server;
  
  selecting a substring of the sensitive string of characters;
  
  replacing the selected substring of the sensitive string of characters with a first token from the received token lookup tables to form an intermediate tokenized string of characters;
  
  selecting a substring of the intermediate tokenized string of characters, the selected substring of the intermediate tokenized string of characters including at least one character replaced by the first token; and
  
  replacing the selected substring of the intermediate tokenized string of characters with a second token from the received token lookup tables to form a final tokenized string of characters, the second token being different from the first token.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15)
- - 2. The method of claim 1, wherein the final tokenized string of characters comprises characters that have not been replaced by the first and second tokens, the characters thus being identical to the corresponding characters of the sensitive string of characters.
  - 3. The method of claim 1, wherein at least two token lookup tables are received from the central server.
  - 4. The method of claim 3, wherein the first token and the second token are from different token lookup tables.
  - 5. The method of claim 1, wherein the selected substring of the intermediate tokenized string of characters further includes at least one character of the sensitive string of characters that was not replaced by the first token.
  - 6. The method of claim 1, further comprising:
    - selecting a substring of the final tokenized string of characters, the selected substring of the final tokenized string of characters including at least one character replaced by the second token; and
      
      replacing the selected substring of the final tokenized string of characters with a third token from the received token lookup tables to form a second final tokenized string of characters.
  - 7. The method of claim 1, wherein at least one of the selected substring of the sensitive string of characters and the selected substring of the intermediate tokenized string of characters comprises only numerical characters, and wherein at least one of the first and second tokens comprises alphanumerical characters.
  - 8. The method of claim 7, wherein at least one substring being replaced by a token comprising alphanumerical characters comprises more characters than the corresponding token.
  - 9. The method of claim 8, further comprising adding additional characters containing metadata to at least one of the intermediate tokenized string of characters and the final tokenized string of characters.
  - 10. The method of claim 1, further comprising the steps of:
    - transferring from the local server at least one of the sensitive string of characters, the intermediate tokenized string of characters, and the final tokenized string of characters to the central server; and
      
      canceling the sensitive string of characters from the local server within a limited time from the transferring, while maintaining at least one of the intermediate tokenized string of characters and the final tokenized string of characters in a local database connected to the local server.
  - 11. The method of claim 1, wherein the sensitive string of characters comprises at least one portion generated in a random fashion, wherein the selected substring of the sensitive string of characters is contained within a portion of random characters, the sensitive string of characters comprising at least 16 characters and the selected substring of the sensitive string of characters comprising at least 6 characters.
  - 12. The method of claim 1, wherein at least one token lookup table comprises a mapping between at least one token value and each possible character combination of the selected substring of the sensitive string of characters to be replaced.
  - 13. The method of claim 1, further comprising modifying at least one of the selected substring of the sensitive string of characters or the selected substring of the intermediate tokenized string of characters, prior to replacing the at least one selected substring with a token.
  - 14. The method of claim 13, wherein the modification of the at least one selected substring is made with an initialization vector.
  - 15. The method of claim 14, wherein the initialization vector is formed by characters or digits in the sensitive string of characters which are not to be replaced by tokens.

16. A local server for distributed tokenization of sensitive strings of characters comprising:
- a non-transitory computer-readable storage medium comprising executable computer instructions configured to, when executed, perform steps comprising;
  
  receiving at the local server from a central server one or more token lookup tables having a plurality of tokens, each token comprising at least one character;
  
  receiving a sensitive string of characters at the local server;
  
  selecting a substring of the sensitive string of characters;
  
  replacing the selected substring of the sensitive string of characters with a first token from the received token lookup tables to form an intermediate tokenized string of characters;
  
  selecting a substring of the intermediate tokenized string of characters, the selected substring of the intermediate tokenized string of characters including at least one character replaced by the first token; and
  
  replacing the selected substring of the intermediate tokenized string of characters with a second token from the received token lookup tables to form a final tokenized string of characters, the second token being different from the first token;
  
  a processor configured to execute the computer instructions.

17. A system for distributed tokenization of sensitive strings of characters comprising:
- a central server; and
  
  at least one local server;
  
  wherein the at least one local server comprises;
  
  a non-transitory computer-readable storage medium comprising executable computer instructions configured to, when executed, perform steps comprising;
  
  receiving at the local server from the central server one or more token lookup tables having a plurality of tokens, each token comprising at least one character;
  
  receiving a sensitive string of characters at the local server;
  
  selecting a substring of the sensitive string of characters;
  
  replacing the selected substring of the sensitive string of characters with a first token from the received token lookup tables to form an intermediate tokenized string of characters;
  
  selecting a substring of the intermediate tokenized string of characters, the selected substring of the intermediate tokenized string of characters including at least one character replaced by the first token; and
  
  replacing the selected substring of the intermediate tokenized string of characters with a second token from the received token lookup tables to form a final tokenized string of characters, the second token being different from the first token;
  
  a processor configured to execute the computer instructions.

18. A method for tokenization of sensitive strings, the method comprising:
- receiving a sensitive string of characters;
  
  selecting a substring of the sensitive string of characters;
  
  forming an intermediate tokenized string of characters, by a processor, by replacing the selected substring of the sensitive string of characters with a first token;
  
  selecting a substring of the intermediate tokenized string of characters, the selected substring of the intermediate tokenized string of characters including at least one character replaced by the first token; and
  
  forming a final tokenized string of characters, by the processor, by replacing the selected substring of the intermediate tokenized string of characters with a second token, the second token being different from the first token.
- View Dependent Claims (19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36, 37, 38, 39, 40, 41, 42)
- - 19. The method of claim 18, wherein the selected substring of the sensitive string of characters comprises a subset of the sensitive string of characters and the selected substring of the intermediate tokenized string of characters comprises a subset of the intermediate tokenized string of characters.
  - 20. The method of claim 19, wherein the selected substring of the sensitive string of characters comprises a plurality of characters selected from the sensitive string of characters.
  - 21. The method of claim 18, wherein the selected substring of the intermediate tokenized string of characters comprises at least one character from the intermediate tokenized string of characters that was not replaced by the first token.
  - 22. The method of claim 18, wherein further comprising:
    - receiving a first token lookup table containing tokens including the first token; and
      
      receiving a second token lookup table containing tokens including the second token.
  - 23. The method of claim 18, further comprising:
    - selecting a substring of the final tokenized string of characters, the selected substring of the final tokenized string of characters including at least one character replaced by the second token; and
      
      forming a second final tokenized string of characters by replacing the selected substring of the final tokenized string of characters with a third token.
  - 24. The method of claim 18, wherein at least one of the selected substring of the sensitive string of characters and the selected substring of the intermediate tokenized string of characters comprises numerical characters, and wherein at least one of the first and second tokens comprises alphanumerical characters.
  - 25. The method of claim 24, further comprising replacing the at least one of the selected substring of the sensitive string of characters and the selected substring of the intermediate tokenized string of characters comprising numerical characters with a token comprising alphanumerical characters.
  - 26. The method of claim 25, wherein the replaced substring comprises more numerical characters than the token.
  - 27. The method of claim 18, further comprising adding additional characters containing metadata to at least one of the intermediate tokenized string of characters and the final tokenized string of characters.
  - 28. The method of claim 18, wherein forming the intermediate tokenized string of characters and the final tokenized string of characters occurs at a second server in communication with a first server, and wherein the method further comprises:
    - transferring to the first server at least one of the sensitive string of characters, the intermediate tokenized string of characters, and the final tokenized string of characters;
      
      canceling the received sensitive string of characters from the second server within a limited time from the transferring; and
      
      maintaining at least one of the intermediate tokenized string of characters and the final tokenized string of characters in a database connected to the second server.
  - 29. The method of claim 18, wherein the sensitive string of characters comprises at least one randomly generated substring.
  - 30. The method of claim 18, further comprising receiving tokens comprising at least the first token and the second token, wherein the received tokens comprise a token table mapping at least one token value to each possible character combination in a substring to be replaced.
  - 31. The method of claim 18, wherein one or more of the first token and the second token are randomly selected from a plurality of tokens.
  - 32. The method of claim 18, further comprising modifying the selected substring of the sensitive string of characters prior to replacing the selected substring with a token.
  - 33. The method of claim 32, wherein modifying the selected substring of the sensitive string of characters comprises modifying the selected substring at least in part based on an initialization vector.
  - 34. The method of claim 33, wherein the initialization vector comprises characters from the sensitive string of characters.
  - 35. The method of claim 33, wherein the initialization vector comprises predetermined characters.
  - 36. The method of claim 33, wherein the initialization vector comprises a portion of the sensitive string of characters not replaced by a token.
  - 37. The method of claim 33, wherein modifying the selected substring comprises using the initialization vector and the selected substring as operands in a logical operation.
  - 38. The method of claim 33, wherein modifying the selected substring comprises using the initialization vector as an operand in an XOR operation.
  - 39. The method of claim 33, wherein modifying the selected substring comprises using the initialization vector in an execution of a linear addition operation.
  - 40. The method of claim 18, further comprising modifying the selected substring of the intermediate tokenized string of characters prior to replacing the selected substring with a token.
  - 41. The method of claim 40, wherein modifying the selected substring of the intermediate tokenized string of characters comprises modifying the selected substring at least in part based on an initialization vector.
  - 42. The method of claim 41, wherein the initialization vector comprises one or more of:
    - characters from the sensitive string of characters, predetermined characters, and a portion of the sensitive string of characters not replaced by a token.

43. An apparatus for tokenization of sensitive strings, the apparatus comprising:
- a first data processing system, the first data processing system comprising;
  
  an input configured to;
  
  receive a sensitive string of characters; and
  
  a processor configured to;
  
  select a substring of the sensitive string of characters;
  
  replace the selected substring of the sensitive string of characters with a first token from a set of tokens to form an intermediate tokenized string of characters;
  
  select a substring of the intermediate tokenized string of characters, the selected substring of the intermediate tokenized string of characters including at least one character replaced by the first token; and
  
  replace the selected substring of the intermediate tokenized string of characters with a second token different from the first token from the set of tokens to form a final tokenized string of characters.
- View Dependent Claims (44, 45, 46, 47)
- - 44. The apparatus of claim 43, further comprising a second data processing system for providing the set of tokens to the first data processing system.
  - 45. The apparatus of claim 44, wherein the second data processing system comprises a server.
  - 46. The apparatus of claim 43, wherein the first data processing system comprises a server.
  - 47. The apparatus of claim 43, wherein the first data processing system is a local processing system.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Protegrity US Holding LLC
Original Assignee
Protegrity USA, Inc. (Xcelera Inc.)
Inventors
Mattsson, Ulf
Primary Examiner(s)
DANG, THANH HA T

Application Number

US12/659,200
Publication Number

US 20110213807A1
Time in Patent Office

1,555 Days
Field of Search

707/687, 707/763, 707/802
US Class Current

707/802
CPC Class Codes

G06F 16/90344   by using string matching te...

G06F 21/6245   Protecting personal data, e...

G07F 7/084   Additional components relat...

G07F 7/1008   Active credit-cards provide...

H04L 2209/56   Financial cryptography, e.g...

H04L 63/0428   wherein the data content is...

H04L 9/083   involving central third par...

H04L 9/0897   involving additional device...

Distributed tokenization using several substitution steps

First Claim

4 Assignments

0 Petitions

Accused Products

Abstract

Citations

47 Claims

Specification

Solutions

Use Cases

Quick Links

Distributed tokenization using several substitution steps

First Claim

4 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

47 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links