Tokenization in mobile environments

US 9,785,941 B2
Filed: 05/27/2017
Issued: 10/10/2017
Est. Priority Date: 02/10/2012
Status: Active Grant

First Claim

Patent Images

1. A method for tokenizing data, comprising:

providing, by a mobile device to a central security system communicatively coupled to each of a plurality of mobile devices via a network, information to be tokenized and an identification of one or more use rules;

receiving, by the mobile device from the central security system, a token card from the central security system, the token card generated by the central security system by querying a token table selected at least part based on the identified one or more use rules with a portion of the information and replacing the portion of the information with a token value mapped to a value of the portion of the information by the selected token table;

receiving, at the mobile device, a request to use the token card in an interaction by a user of the mobile device, the mobile device configured to display a representation of the token card in response to receiving the request; and

in response to receiving a selection of the displayed representation of the token card, providing, by the mobile device, the token card to a central processing system configured to authorize the use of the token card in the interaction in response to the identified one or more use rules being satisfied by the interaction.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Data can be protected in mobile and payment environments through various tokenization operations. A mobile device can tokenize communication data based on device information and session information associated with the mobile device. A payment terminal can tokenize payment information received at the payment terminal during a transaction based on transaction information associated with the transaction. Payment data tokenized first a first set of token tables and according to a first set of tokenization parameters by a first payment entity can be detokenized or re-tokenized with a second set of token tables and according to a second set of tokenization parameters. Payment information can be tokenized and sent to a mobile device as a token card based on one or more selected use rules, and a user can request a transaction based on the token card. The transaction can be authorized if the transaction satisfies the selected use rules.

92 Citations

19 Claims

1. A method for tokenizing data, comprising:
- providing, by a mobile device to a central security system communicatively coupled to each of a plurality of mobile devices via a network, information to be tokenized and an identification of one or more use rules;
  
  receiving, by the mobile device from the central security system, a token card from the central security system, the token card generated by the central security system by querying a token table selected at least part based on the identified one or more use rules with a portion of the information and replacing the portion of the information with a token value mapped to a value of the portion of the information by the selected token table;
  
  receiving, at the mobile device, a request to use the token card in an interaction by a user of the mobile device, the mobile device configured to display a representation of the token card in response to receiving the request; and
  
  in response to receiving a selection of the displayed representation of the token card, providing, by the mobile device, the token card to a central processing system configured to authorize the use of the token card in the interaction in response to the identified one or more use rules being satisfied by the interaction.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13)
- - 2. The method of claim 1, wherein the information is associated with a user account.
  - 3. The method of claim 1, wherein the information is associated with an identity of the user.
  - 4. The method of claim 1, wherein the information is associated with the interaction.
  - 5. The method of claim 1, wherein the specified use rules comprise a rule specifying a geographic region.
  - 6. The method of claim 1, wherein the specified use rules comprise a rule specifying a business.
  - 7. The method of claim 1, wherein the token table is identified by the one or more use rules.
  - 8. The method of claim 7, where an identity of the token table is included within metadata corresponding to the one or more use rules.
  - 9. The method of claim 1, wherein the displayed representation of the token card comprises a display of description text associated with the token card entered by a user at the central security system.
  - 10. The method of claim 1, wherein determining if the identified one or more use rules are satisfied by the interaction comprises, for each use rule:
    - identifying an interaction restriction associated with each use rule; and
      
      determining if the interaction exceeds the interaction restriction.
  - 11. The method of claim 1, wherein the network is configured to authorize the interaction.
  - 12. The method of claim 11, wherein authorizing the interaction comprises:
    - sending, from the network, an authorization request to the mobile device;
      
      receiving, at the mobile device, an authorization in response to the authorization request; and
      
      sending, from the mobile device, the authorization to the network.
  - 13. The method of claim 12, wherein receiving an authorization comprises receiving user credentials at the mobile device.

14. A system for tokenizing data, comprising:
- a mobile device comprising a hardware processor and a non-transitory computer-readable storage medium storing executable instructions that, when executed, perform steps comprising;
  
  providing, by the mobile device to a central security system communicatively coupled to each of a plurality of mobile devices via a network, information to be tokenized and an identification of one or more use rules;
  
  receiving, by the mobile device from the central security system, a token card from the central security system, the token card generated by the central security system by querying a token table selected at least part based on the identified one or more use rules with a portion of the information and replacing the portion of the information with a token value mapped to a value of the portion of the information by the selected token table;
  
  receiving, at the mobile device, a request to use the token card in an interaction by a user of the mobile device, the mobile device configured to display a representation of the token card in response to receiving the request; and
  
  in response to receiving a selection of the displayed representation of the token card, providing, by the mobile device, the token card to a central processing system configured to authorize the use of the token card in the interaction in response to the identified one or more use rules being satisfied by the interaction.
- View Dependent Claims (15, 16)
- - 15. The system of claim 14, wherein the information is associated with one or more of:
    - a user account, an identity of the user, and the interaction.
  - 16. The system of claim 14, wherein the specified use rules comprise a rule specifying one or more of:
    - a geographic region, a business, a time, and a date.

17. A non-transitory computer-readable storage medium storing executable computer instructions that, when executed by a hardware processor, perform steps for tokenizing data comprising:
- providing, by a mobile device to a central security system communicatively coupled to each of a plurality of mobile devices via a network, information to be tokenized and an identification of one or more use rules;
  
  receiving, by the mobile device from the central security system, a token card from the central security system, the token card generated by the central security system by querying a token table selected at least part based on the identified one or more use rules with a portion of the information and replacing the portion of the information with a token value mapped to a value of the portion of the information by the selected token table;
  
  receiving, at the mobile device, a request to use the token card in an interaction by a user of the mobile device, the mobile device configured to display a representation of the token card in response to receiving the request; and
  
  in response to receiving a selection of the displayed representation of the token card, providing, by the mobile device, the token card to a central processing system configured to authorize the use of the token card in the interaction in response to the identified one or more use rules being satisfied by the interaction.
- View Dependent Claims (18, 19)
- - 18. The non-transitory computer-readable storage medium of claim 17, wherein the information is associated with one or more of:
    - a user account, an identity of the user, and the interaction.
  - 19. The non-transitory computer-readable storage medium of claim 17, wherein the specified use rules comprise a rule specifying one or more of:
    - a geographic region, a business, a time, and a date.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Protegrity USA, Inc. (Xcelera Inc.)
Original Assignee
Protegrity USA, Inc. (Xcelera Inc.)
Inventors
Mattsson, Ulf, Rozenberg, Yigal
Primary Examiner(s)
LE, CHAU D

Application Number

US15/607,440
Publication Number

US 20170262843A1
Time in Patent Office

136 Days
Field of Search
US Class Current
CPC Class Codes

G06F 21/606   by securing the transmissio...

G06F 21/6245   Protecting personal data, e...

G06Q 20/20   Point-of-sale [POS] network...

G06Q 20/32   using wireless devices

G06Q 20/322   Aspects of commerce using m...

G06Q 20/3223   Realising banking transacti...

G06Q 20/34   using cards, e.g. integrate...

G06Q 20/367   involving electronic purses...

G06Q 20/382   insuring higher security of...

G06Q 20/3821   Electronic credentials

G06Q 20/3823   combining multiple encrypti...

G06Q 20/3829   involving key management

G06Q 20/385   using an alias or single-us...

G06Q 20/4014   Identity check for transact...

G06Q 20/405   Establishing or using trans...

G06Q 2220/00   Business processing using c...

H04L 2209/56   Financial cryptography, e.g...

H04L 63/0428   wherein the data content is...

H04W 12/02   Protecting privacy or anony...

H04W 12/03   Protecting confidentiality,...

Tokenization in mobile environments

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

92 Citations

19 Claims

Specification

Solutions

Use Cases

Quick Links

Tokenization in mobile environments

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

92 Citations

19 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links