Method and system for enabling merchants to share tokens
First Claim
Patent Images
1. A system for sharing cardholder data, the system comprising:
- a tokenization system configured to;
receive cardholder data (CHD) of a customer from a first merchant;
associate a token with the CHD in physical computer storage by storing a relationship between the token and the CHD in the physical storage, enabling the token to be used to represent the CHD; and
electronically transmit the token to the first merchant so as to enable the first merchant to perform a first transaction for the customer without the first merchant maintaining a copy of the CHD at a local storage system;
a token-access granting system comprising computer hardware, the token-access granting system configured to;
receive an indication from the first merchant that one or more of the token or the CHD are to be shared with a second merchant;
in response to receiving the indication, authorize the second merchant to access one or more of the token or the CHD, enabling the second merchant to perform a second transaction for the customer;
associate a first authorization factor with the token;
associate the first authorization factor with the second merchant; and
provide the first authorization factor to the second merchant;
a token provisioning system configured to;
authenticate the second merchant;
receive a second authorization factor from the second merchant;
determine whether the second authorization factor matches the first authorization factor; and
in response to determining that the second merchant is authenticated and that the second authorization factor matches the first authorization factor, provide the second merchant with access to one or more of the token or the CHD without presenting the CHD to the second merchant, anda transaction system configured to;
access a transaction request associated with the second transaction; and
perform the second transaction on behalf of the second merchant and the customer in response to the token provisioning system providing the second merchant with access to one or more of the token or the CHD,wherein the token-access granting system is further configured to remove authorization from the second merchant to access one or more of the token or the CHD by disassociating one or more of the token or the CHD from the second merchant at the physical computer storage, andwherein said removing authorization from the second merchant occurs in response to a triggering event monitored by the token-access granting system.
4 Assignments
0 Petitions
Accused Products
Abstract
One embodiment of the present disclosure provides a system and associated processes for sharing cardholder data (CHD) between a merchant that utilizes tokenization and a second merchant that may or may not utilize tokenization. In one embodiment, the merchant, or an employee of the merchant, can use the system and associated processes to reacquire CHD from a tokenization provider system. In one embodiment, the merchant identifies to the tokenization provider system a desire to share CHD, which is associated with a token, with a second merchant. The merchant and/or the tokenization provider system can then invite the second merchant to register with the tokenization provider system. Once registered with the tokenization provider system, the second merchant can access any CHD that the merchant associated with the second merchant.
38 Citations
10 Claims
-
1. A system for sharing cardholder data, the system comprising:
-
a tokenization system configured to; receive cardholder data (CHD) of a customer from a first merchant; associate a token with the CHD in physical computer storage by storing a relationship between the token and the CHD in the physical storage, enabling the token to be used to represent the CHD; and electronically transmit the token to the first merchant so as to enable the first merchant to perform a first transaction for the customer without the first merchant maintaining a copy of the CHD at a local storage system; a token-access granting system comprising computer hardware, the token-access granting system configured to; receive an indication from the first merchant that one or more of the token or the CHD are to be shared with a second merchant; in response to receiving the indication, authorize the second merchant to access one or more of the token or the CHD, enabling the second merchant to perform a second transaction for the customer; associate a first authorization factor with the token; associate the first authorization factor with the second merchant; and provide the first authorization factor to the second merchant; a token provisioning system configured to; authenticate the second merchant; receive a second authorization factor from the second merchant; determine whether the second authorization factor matches the first authorization factor; and in response to determining that the second merchant is authenticated and that the second authorization factor matches the first authorization factor, provide the second merchant with access to one or more of the token or the CHD without presenting the CHD to the second merchant, and a transaction system configured to; access a transaction request associated with the second transaction; and perform the second transaction on behalf of the second merchant and the customer in response to the token provisioning system providing the second merchant with access to one or more of the token or the CHD, wherein the token-access granting system is further configured to remove authorization from the second merchant to access one or more of the token or the CHD by disassociating one or more of the token or the CHD from the second merchant at the physical computer storage, and wherein said removing authorization from the second merchant occurs in response to a triggering event monitored by the token-access granting system. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 10)
-
-
9. A system for sharing cardholder data, the system comprising:
-
a token acquisition system configured to; provide cardholder data (CHD) of a customer to a tokenization provider system; and receive electronically a token associated with the CHD so as to enable a first merchant associated with the token acquisition system to perform a first transaction for the customer without the first merchant storing a copy of the CHD; and a token sharing system configured to; provide to the tokenization provider system an indication that one or more of the token or the CHD are to be shared with a second merchant enabling the second merchant to perform a second transaction for the customer; generate an authorization factor; provide the authorization factor to the tokenization provider system to associate with the second merchant and one or more of the token or the CHD; provide the authorization factor to the second merchant enabling the second merchant to use the authorization factor to access one or more of the token or the CHD; and instruct the tokenization provider system to remove authorization for the second merchant to access one or more of the token or the CHD, wherein removal of authorization to access one or more of the token or the CHD comprises disassociating the token or the CHD from the second merchant at a physical computer storage, and wherein the token acquisition system and the token sharing system comprise computer hardware.
-
Specification
-
- Resources
Litigation Campaign Assessment
Thank you for your request. You will receive a custom alert email when the Litigation Campaign Assessment is available.
×
-
Current AssigneeShift4 Corporation (Shift4 Payments, Inc.)
-
Original AssigneeShift4 Corporation (Shift4 Payments, Inc.)
-
InventorsCronic, Kevin James, Sommers, Steven Mark, Oder, John David II, Oder, John David, Calandrelli, Steven, Fried, Jeremy B.
-
Primary Examiner(s)Misiaszek, Michael
-
Application NumberUS13/303,983Publication NumberTime in Patent Office1,539 DaysField of Search705 261- 272US Class Current1/1CPC Class CodesG06Q 20/0855 involving a third partyG06Q 20/24 Credit schemes, i.e. "pay a...G06Q 20/3674 involving authenticationG06Q 20/38215 Use of certificates or encr...G06Q 20/4014 Identity check for transact...
