Tokenization in mobile environments
First Claim
1. A mobile device configured for operation in a mobile environment comprising a central server configured to communicatively couple to and communicate with a plurality of mobile devices, comprising:
- a hardware display configured to;
display an interface configured to enable an interaction with the mobile device by a user, the interaction generating sensitive data representative of the interaction; and
display, by the hardware display, information corresponding to the interaction;
a memory configured to store the sensitive data, one or more attributes of the interaction, and a set of token tables each mapping each of a plurality of input values to a different token value;
a token server coupled to the memory and configured to;
access, from the memory, a token table from the set of token tables in response to a request for the token table from a security engine of the mobile device; and
provide the accessed token table to the security engine; and
the security engine comprising at least one hardware processor coupled to the memory and configured to;
access the sensitive data in the memory;
request a token table from the token server via an internal communications bus coupling the token server to the security engine, the requested token table selected from the set of token tables based on one or more attributes of the interaction;
receive the selected token table from the token server via the internal communications bus;
modify the sensitive data using the selected token table by querying the selected token table with a value of a portion of the sensitive data to identify a token value mapped to the value of the portion of the sensitive data by the selected token table and replacing the portion of the sensitive data with the identified token value; and
responsive to a determination that the mobile device is communicatively coupled to the central server, providing the modified sensitive data to the central server via a communications network using the a communications interface of the mobile device.
1 Assignment
0 Petitions
Accused Products
Abstract
Data can be protected in mobile and payment environments through various tokenization operations. A mobile device can tokenize communication data based on device information and session information associated with the mobile device. A payment terminal can tokenize payment information received at the payment terminal during a transaction based on transaction information associated with the transaction. Payment data tokenized first a first set of token tables and according to a first set of tokenization parameters by a first payment entity can be detokenized or re-tokenized with a second set of token tables and according to a second set of tokenization parameters. Payment information can be tokenized and sent to a mobile device as a token card based on one or more selected use rules, and a user can request a transaction based on the token card. The transaction can be authorized if the transaction satisfies the selected use rules.
60 Citations
20 Claims
-
1. A mobile device configured for operation in a mobile environment comprising a central server configured to communicatively couple to and communicate with a plurality of mobile devices, comprising:
-
a hardware display configured to; display an interface configured to enable an interaction with the mobile device by a user, the interaction generating sensitive data representative of the interaction; and display, by the hardware display, information corresponding to the interaction; a memory configured to store the sensitive data, one or more attributes of the interaction, and a set of token tables each mapping each of a plurality of input values to a different token value; a token server coupled to the memory and configured to; access, from the memory, a token table from the set of token tables in response to a request for the token table from a security engine of the mobile device; and provide the accessed token table to the security engine; and the security engine comprising at least one hardware processor coupled to the memory and configured to; access the sensitive data in the memory; request a token table from the token server via an internal communications bus coupling the token server to the security engine, the requested token table selected from the set of token tables based on one or more attributes of the interaction; receive the selected token table from the token server via the internal communications bus; modify the sensitive data using the selected token table by querying the selected token table with a value of a portion of the sensitive data to identify a token value mapped to the value of the portion of the sensitive data by the selected token table and replacing the portion of the sensitive data with the identified token value; and responsive to a determination that the mobile device is communicatively coupled to the central server, providing the modified sensitive data to the central server via a communications network using the a communications interface of the mobile device. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
-
-
12. A method for improving the performance of a mobile device in a mobile environment comprising a central server configured to communicatively couple to and communicate with a plurality of mobile devices, comprising:
-
accessing, by the mobile device, sensitive data representative of an interaction between a user and the mobile device; storing, by a memory of the mobile device, the sensitive data, one or more attributes of the interaction, and a set of token tables each mapping each of a plurality of input values to a different token value; selecting, by a token server coupled to the memory of the mobile device, a token table from the set of token tables based on one or more attributes of the interaction; modifying, by a security engine coupled to the memory of the mobile device, the sensitive data using the selected token table by querying the selected token table with a value of a portion of the sensitive data to identify a token value mapped to the value of the portion of the sensitive data by the selected token table and replacing the portion of the sensitive data with the identified token value; and responsive to a determination that the mobile device is communicatively coupled to the central server, providing, by the mobile device, the modified sensitive data to the central server. - View Dependent Claims (13, 14, 15, 16, 17, 18, 19, 20)
-
Specification