Secure data exchange
First Claim
Patent Images
1. A method comprising:
- identifying an initial request from a user, the initial request being generated at a client application;
extracting information associated with the user from the initial request;
decrypting the extracted information that is encrypted by an encryption algorithm;
storing the information in a non-transitory storage medium;
creating, by at least one processor, a token that references the stored information;
returning the token in response to the initial request;
receiving the token in a subsequent request via an API;
accessing the information stored in the non-transitory storage medium using the token; and
using, by the at least one processor, the accessed information to generate a response to the subsequent request.
5 Assignments
0 Petitions
Accused Products
Abstract
A data transfer method performed at a proxy server includes intercepting a data request from a client computer that is directed to a target server, encrypting profile information, augmenting the data request by adding the encrypted profile information to the data request, and sending the augmented data request to the target server. A data transfer method that is performed at an information server includes receiving a data request from a proxy server, extracting profile information added to the data request by the proxy server, using the extracted profile information to generate a response, and sending the response to the proxy server.
-
Citations
38 Claims
-
1. A method comprising:
-
identifying an initial request from a user, the initial request being generated at a client application; extracting information associated with the user from the initial request; decrypting the extracted information that is encrypted by an encryption algorithm; storing the information in a non-transitory storage medium; creating, by at least one processor, a token that references the stored information; returning the token in response to the initial request; receiving the token in a subsequent request via an API; accessing the information stored in the non-transitory storage medium using the token; and using, by the at least one processor, the accessed information to generate a response to the subsequent request. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13)
-
-
14. A method comprising:
-
receiving, at a first server, an initial request; obtaining, using the first server, user information from the initial request; decrypting the user information that is encrypted by an encryption algorithm; storing the user information in a non-transitory storage medium; returning an identifier in response to the initial request; receiving a subsequent request including the identifier via an API; retrieving the stored user information using the identifier; and using, by the first server, the retrieved user information to generate a response to the subsequent request. - View Dependent Claims (15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 36, 37, 38)
-
-
29. A system comprising:
-
at least one server; a non-transitory storage medium storing instructions, that when executed by the at least one server, cause the system to; identify an initial request from a user, the initial request being generated at a client device; extract information associated with the user from the initial request; decrypt the information that is encrypted by an encryption algorithm; store the information in the non-transitory storage medium; return a token that references the stored information in response to the initial request; identify the token in a subsequent request received via an API; access the information referenced by the token stored in the non-transitory storage medium; and use the accessed information to generate a response to the subsequent request. - View Dependent Claims (30, 31, 32, 33, 34, 35)
-
Specification