Table-connected tokenization
First Claim
1. A method for improving the security of data in a tokenization environment, comprising:
- receiving data to be tokenized, the received data comprising a first portion of received data, a second portion of received data, and a third portion of received data, the first portion, second portion, and third portion comprising different portions of the received data;
selecting, by a hardware processor, a token table from a set of token tables using a first portion of the received data, the selected token table mapping each of a plurality of input values to a different token value; and
after selecting the token table, transforming the received data to produce tokenized data by;
querying an initialization vector table with a value of the third portion of received data to obtain an initialization vector mapped to the value of the third portion of received data;
modifying, by the hardware processor, the second portion of the received data with the initialization vector;
querying, by the hardware processor, the token table with the modified second portion to identify a token value mapped to a value of the modified second portion; and
replacing, by the hardware processor, the second portion of the received data with the identified token value to produce the tokenized data.
1 Assignment
0 Petitions
Accused Products
Abstract
A tokenization system tokenizes sensitive data to prevent unauthorized entities from accessing the sensitive data. The tokenization system accesses sensitive data, and retrieves an initialization vector (IV) from an IV table using a first portion of the sensitive data. A second portion of the sensitive data is modified using the accessed initialization vector. A token table is selected from a set of token tables using a third portion of the sensitive data. The modified second portion of data is used to query the selected token table, and a token associated with the value of the modified second portion of data is accessed. The second portion of the sensitive data is replaced with the accessed token to form tokenized data.
17 Citations
20 Claims
-
1. A method for improving the security of data in a tokenization environment, comprising:
-
receiving data to be tokenized, the received data comprising a first portion of received data, a second portion of received data, and a third portion of received data, the first portion, second portion, and third portion comprising different portions of the received data; selecting, by a hardware processor, a token table from a set of token tables using a first portion of the received data, the selected token table mapping each of a plurality of input values to a different token value; and after selecting the token table, transforming the received data to produce tokenized data by; querying an initialization vector table with a value of the third portion of received data to obtain an initialization vector mapped to the value of the third portion of received data; modifying, by the hardware processor, the second portion of the received data with the initialization vector; querying, by the hardware processor, the token table with the modified second portion to identify a token value mapped to a value of the modified second portion; and replacing, by the hardware processor, the second portion of the received data with the identified token value to produce the tokenized data. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
-
-
10. A tokenization system for improving the security of data in a tokenization environment, comprising:
-
a non-transitory computer-readable storage medium storing executable instructions that, when executed by a processor, perform steps comprising; receiving data to be tokenized, the received data comprising a first portion of received data, a second portion of received data, and a third portion of received data, the first portion, second portion, and third portion comprising different portions of the received data; selecting a token table from a set of token tables using a first portion of the received data, the selected token table mapping each of a plurality of input values to a different token value; and after selecting the token table, transforming the received data to produce tokenized data by; querying an initialization vector table with a value of the third portion of received data to obtain an initialization vector mapped to the value of the third portion of received data; modifying the second portion of the received data with the initialization vector; querying the token table with the modified second portion to identify a token value mapped to a value of the modified second portion; and replacing the second portion of the received data with the identified token value to produce the tokenized data; and a hardware processor configured to execute the instructions. - View Dependent Claims (11, 12, 13, 14, 15)
-
-
16. A non-transitory computer-readable storage medium storing executable computer instructions that when executed by a hardware processor perform steps for improving the security of data in a tokenization environment, comprising:
-
receiving data to be tokenized, the received data comprising a first portion of received data, a second portion of received data, and a third portion of received data, the first portion, second portion, and third portion comprising different portions of the received data; selecting a token table from a set of token tables using a first portion of the received data, the selected token table mapping each of a plurality of input values to a different token value; and after selecting the token table, transforming the received data to produce tokenized data by; querying an initialization vector table with a value of the third portion of received data to obtain an initialization vector mapped to the value of the third portion of received data; modifying the second portion of the received data with the initialization vector; querying the token table with the modified second portion to identify a token value mapped to a value of the modified second portion; and replacing the second portion of the received data with the identified token value to produce the tokenized data. - View Dependent Claims (17, 18, 19, 20)
-
Specification