Collision avoidance in a distributed tokenization environment
First Claim
1. A computer-implemented method for tokenizing data comprising:
- receiving, at a client, sensitive data to be tokenized;
querying a token table associated with the client with a portion of the sensitive data to determine if the token table includes a token mapped to a value of the portion of the sensitive data, the token table storing a plurality of tokens each mapped to one input value;
responsive to a determination that the token table includes at least one token mapped to the value of the portion of the sensitive data, replacing the portion of the sensitive data with one of the at least one token to form tokenized data;
responsive to a determination that the token table does not include a token mapped to the value of the portion of the sensitive data;
generating a candidate token;
querying a central token management system communicatively coupled to the client with the candidate token to determine if a collision exists between the candidate token and a token generated by or stored at another client communicatively coupled to the central token management system, the central token management system configured to query one or more clients communicatively coupled to the central token management system to determine if the queried clients include a token equivalent to the candidate token; and
responsive to a determination that no collision exists, replacing the portion of the sensitive data with the candidate token to form tokenized data and storing the candidate token in the token table associated with the client.
1 Assignment
0 Petitions
Accused Products
Abstract
A client receives sensitive data to be tokenized. The client queries a token table with a portion of the sensitive data to determine if the token table includes a token mapped to the value of the portion of the sensitive data. If the mapping table does not include a token mapped to the value of the portion of the sensitive data, a candidate token is generated. The client queries a central token management system to determine if the candidate token collides with a token generated by or stored at another client. In some embodiments, the candidate token includes a value from a unique set of values assigned by the central token management system to the client, guaranteeing that the candidate token does not cause a collision. The client then tokenizes the sensitive data with the candidate token and stores the candidate token in the token table.
15 Citations
17 Claims
-
1. A computer-implemented method for tokenizing data comprising:
-
receiving, at a client, sensitive data to be tokenized; querying a token table associated with the client with a portion of the sensitive data to determine if the token table includes a token mapped to a value of the portion of the sensitive data, the token table storing a plurality of tokens each mapped to one input value; responsive to a determination that the token table includes at least one token mapped to the value of the portion of the sensitive data, replacing the portion of the sensitive data with one of the at least one token to form tokenized data; responsive to a determination that the token table does not include a token mapped to the value of the portion of the sensitive data; generating a candidate token; querying a central token management system communicatively coupled to the client with the candidate token to determine if a collision exists between the candidate token and a token generated by or stored at another client communicatively coupled to the central token management system, the central token management system configured to query one or more clients communicatively coupled to the central token management system to determine if the queried clients include a token equivalent to the candidate token; and responsive to a determination that no collision exists, replacing the portion of the sensitive data with the candidate token to form tokenized data and storing the candidate token in the token table associated with the client. - View Dependent Claims (2, 3, 4, 5, 6)
-
-
7. A non-transitory computer-readable medium storing executable computer instructions for tokenizing data, the instructions configured to, when executed by a processor:
-
receive, at a client, sensitive data to be tokenized; query a token table associated with the client with a portion of the sensitive data to determine if the token table includes a token mapped to a value of the portion of the sensitive data, the token table storing a plurality of tokens each mapped to one input value; responsive to a determination that the token table includes at least one token mapped to the value of the portion of the sensitive data, replacing the portion of the sensitive data with one of the at least one tokens to form tokenized data; responsive to a determination that the token table does not include a token mapped to the value of the portion of the sensitive data; generate a candidate token; query a central token management system communicatively coupled to the client with the candidate token to determine if a collision exists between the candidate token and a token generated by or stored at another client communicatively coupled to the central token management system, the central token management system configured to query one or more clients communicatively coupled to the central token management system to determine if the queried clients include a token equivalent to the candidate token; and responsive to a determination that no collision exists, replace the portion of the sensitive data with the candidate token to form tokenized data and store the candidate token in the token table associated with the client. - View Dependent Claims (8, 9, 10, 11, 12)
-
-
13. A system for tokenizing data comprising:
-
a hardware processor; and a computer readable medium storing computer instructions configured to; receive, at a client, sensitive data to be tokenized; query a token table associated with the client with a portion of the sensitive data to determine if the token table includes a token mapped to a value of the portion of the sensitive data, the token table storing a plurality of tokens each mapped to one input value; responsive to a determination that the token table includes at least one token mapped to the value of the portion of the sensitive data, replacing the portion of the sensitive data with one of the at least one tokens to form tokenized data; responsive to a determination that the token table does not include a token mapped to the value of the portion of the sensitive data; generate a candidate token; query a central token management system communicatively coupled to the client with the candidate token to determine if a collision exists between the candidate token and a token generated by or stored at another client communicatively coupled to the central token management system, the central token management system configured to query one or more clients communicatively coupled to the central token management system to determine if the queried clients include a token equivalent to the candidate token; and responsive to a determination that no collision exists, replace the portion of the sensitive data with the candidate token to form tokenized data and store the candidate token in the token table associated with the client. - View Dependent Claims (14, 15, 16, 17)
-
Specification