Unique token authentication cryptogram
First Claim
1. A method of processing a transaction initiated by a communication device provisioned with a token, the method comprising:
- receiving, by a service provider computer, from an application operating on the communication device, a token request message for a token authentication cryptogram;
generating, by the service provider computer, the token authentication cryptogram derived from user exclusive data, wherein the token authentication cryptogram is generated by encrypting at least the user exclusive data utilizing a triple data encryption algorithm; and
sending, by the service provider computer to the application, the token authentication cryptogram, wherein the token authentication cryptogram can be used to validate the transaction, and the user exclusive data subsequently is extracted from the token authentication cryptogram during validation by a processing computer which then uses the user exclusive data for additional analysis.
1 Assignment
0 Petitions
Accused Products
Abstract
Embodiments of the invention are directed to systems and methods for validating transactions using a cryptogram. One embodiment of the invention is directed to a method of processing a remote transaction initiated by a communication device provisioned with a token. The method comprises receiving, by a service provider computer, from an application on the communication device, a request for a token authentication cryptogram, wherein the token authentication cryptogram includes encrypted user exclusive data. The service provider computer may generate the token authentication cryptogram to include the user exclusive data. The service provider computer may send the token authentication cryptogram to the application, where the token authentication cryptogram can be used to validate the transaction, and the user exclusive data is extracted from the token authentication cryptogram during validation.
604 Citations
20 Claims
-
1. A method of processing a transaction initiated by a communication device provisioned with a token, the method comprising:
-
receiving, by a service provider computer, from an application operating on the communication device, a token request message for a token authentication cryptogram; generating, by the service provider computer, the token authentication cryptogram derived from user exclusive data, wherein the token authentication cryptogram is generated by encrypting at least the user exclusive data utilizing a triple data encryption algorithm; and sending, by the service provider computer to the application, the token authentication cryptogram, wherein the token authentication cryptogram can be used to validate the transaction, and the user exclusive data subsequently is extracted from the token authentication cryptogram during validation by a processing computer which then uses the user exclusive data for additional analysis. - View Dependent Claims (2, 3, 4, 5, 6, 18, 19, 20)
-
-
7. A method of processing a transaction initiated by a communication device, the method comprising:
-
sending, by a service provider computer, to a token provider computer, a token request message for a token authentication cryptogram, wherein the token request message comprises user exclusive data; receiving, by the service provider computer, from the token provider computer, a token and the token authentication cryptogram, the token authentication cryptogram derived from the user exclusive data, wherein the token authentication cryptogram is generated by encrypting at least the user exclusive data utilizing a triple data encryption algorithm; and sending, by the service provider computer to the communication device, the token and the token authentication cryptogram, wherein the token authentication cryptogram can be used to validate the transaction, and the user exclusive data is subsequently extracted from the token authentication cryptogram during validation by a processing computer which then uses the user exclusive data for additional analysis. - View Dependent Claims (8, 9, 10, 11, 12, 13)
-
-
14. A service provider computer comprising,
a processor, and a computer readable medium coupled to the processor, the computer readable medium comprising code for causing the processor to perform operations comprising: -
sending, to a server computer, a request for a token authentication cryptogram, wherein the request comprises user exclusive data; receiving, from the server computer, a token and the token authentication cryptogram derived from the user exclusive data, wherein the token authentication cryptogram is generated by encrypting at least the user exclusive data utilizing a triple data encryption algorithm; and sending, to an application operating on a user device, the token and the token authentication cryptogram with transaction data, wherein the token authentication cryptogram can be used to validate the transaction data, and the user exclusive data is subsequently extracted from the token authentication cryptogram during validation by a processing computer when then uses the user exclusive data for additional analysis. - View Dependent Claims (15, 16, 17)
-
Specification