Remote server encrypted data provisioning system and methods
First Claim
Patent Images
1. A method comprising:
- receiving, by a mobile application provided on a mobile device from a user of the mobile device, an account identifier associated with an account of the user; and
providing, by the mobile application to a remote mobile application server, the account identifier without storing the account identifier on the mobile device;
receiving, by the mobile application from the remote mobile application server, encrypted account identifier associated with the account of the user, wherein the encrypted account identifier is encrypted by the remote mobile application server using an encryption key shared between the remote mobile application server and a token server computer external to the mobile device;
generating, by the mobile application, a token request message, the token request message including the encrypted account identifier;
sending, by the mobile application, the token request message to the token server computer via a token module provided on the mobile device, wherein the token server computer decrypts the encrypted account identifier using the encryption key previously shared with the remote mobile application server, identifies the account associated with decrypted account identifier, generates a token associated with the account, stores the token, and sends the token to the token module provided on the mobile device, wherein the token module interfaces with the token server computer external to the mobile device;
receiving, by the token module stored on mobile device, the token associated with the encrypted account identifier from the token server computer;
storing, by the token module, the token in a secure token memory of the mobile device accessible by the token module;
determining, by the token module, a token key associated with the stored token,providing, by the token module, the token key to the mobile application for use as a token reference identifier for the token;
upon receiving the token key, initiating, by the mobile application, a transaction with a transacting entity using the token key; and
transmitting, by the token module, the token to the transacting entity to proceed with the transaction.
1 Assignment
0 Petitions
Accused Products
Abstract
Embodiments of the invention are directed to methods, systems and devices for providing sensitive user data to a mobile device using an encryption key. For example, a mobile application on a mobile device may receive encrypted sensitive user data from a mobile application server, where the user sensitive data is encrypted with a key from a token server computer. The mobile application may then request that the encrypted payment information be sent to the token server. The mobile device may then receive a payment token associated with the payment information from the token server.
570 Citations
9 Claims
-
1. A method comprising:
-
receiving, by a mobile application provided on a mobile device from a user of the mobile device, an account identifier associated with an account of the user; and providing, by the mobile application to a remote mobile application server, the account identifier without storing the account identifier on the mobile device; receiving, by the mobile application from the remote mobile application server, encrypted account identifier associated with the account of the user, wherein the encrypted account identifier is encrypted by the remote mobile application server using an encryption key shared between the remote mobile application server and a token server computer external to the mobile device; generating, by the mobile application, a token request message, the token request message including the encrypted account identifier; sending, by the mobile application, the token request message to the token server computer via a token module provided on the mobile device, wherein the token server computer decrypts the encrypted account identifier using the encryption key previously shared with the remote mobile application server, identifies the account associated with decrypted account identifier, generates a token associated with the account, stores the token, and sends the token to the token module provided on the mobile device, wherein the token module interfaces with the token server computer external to the mobile device; receiving, by the token module stored on mobile device, the token associated with the encrypted account identifier from the token server computer; storing, by the token module, the token in a secure token memory of the mobile device accessible by the token module; determining, by the token module, a token key associated with the stored token, providing, by the token module, the token key to the mobile application for use as a token reference identifier for the token; upon receiving the token key, initiating, by the mobile application, a transaction with a transacting entity using the token key; and transmitting, by the token module, the token to the transacting entity to proceed with the transaction. - View Dependent Claims (2, 3, 4, 5)
-
-
6. A mobile device comprising:
-
a processor; and a memory element comprising code, executable by the processor, for implementing a method comprising; receiving, by a mobile application provided on the mobile device from a user of the mobile device, an account identifier associated with an account of the user; and providing, by the mobile application to a remote mobile application server, the account identifier without storing the account identifier on the mobile device; receiving, by the mobile application from the remote mobile application server, encrypted account identifier associated with the account of the user, wherein the encrypted account identifier is encrypted by the remote mobile application server using an encryption key shared between the remote mobile application server and a token server computer external to the mobile device; generating, by the mobile application, a token request message, the token request message including the encrypted account identifier; sending, by the mobile application, the token request message to the token server computer via a token module provided on the mobile device, wherein the token server computer decrypts the encrypted account identifier using the encryption key previously shared with the remote mobile application server, identifies the account associated with decrypted account identifier, generates a token associated with the account, stores the token, and sends the token to the token module provided on the mobile device, wherein the token module interfaces with the token server computer external to the mobile device; receiving, by the token module stored on mobile device, the token associated with the encrypted account identifier from the token server computer; storing, by the token module, the token in a secure token memory of the mobile device accessible by the token module; determining, by the token module, a token key associated with the stored token, providing, by the token module, the token key to the mobile application for use as a token reference identifier for the token; upon receiving the token key, initiating, by the mobile application, a transaction with a transacting entity using the token key; and transmitting, by the token module, the token to the transacting entity to proceed with the transaction. - View Dependent Claims (7, 8, 9)
-
Specification