MULTIPLE TOKENIZATION FOR AUTHENTICATION

US 20160140542A1
Filed: 01/26/2016
Published: 05/19/2016
Est. Priority Date: 04/11/2011
Status: Active Grant

First Claim

Patent Images

1-25. -25. (canceled)

View all claims

0 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Embodiments of the present invention are directed generally to systems, methods, and apparatuses for authenticating a cardholder using multiple tokenization authentication. Embodiments of the invention are directed at a method. The method includes receiving at a first entity a first token from a consumer and determining a second token associated with the first token. Once the second token is determined, the second token is sent to a server computer at a second entity. The server computer then determines an account identifier associated with the second token and processes a transaction using the account identifier.

31 Citations

View as Search Results

43 Claims

1-25. -25. (canceled)

26. A method comprising:
- receiving at a first entity computer operated by a first entity, a first token from a consumer;
  
  determining, by the first entity computer, a second token associated with the first token; and
  
  sending, by the first entity computer, the second token to a server computer at a second entity, wherein the server computer determines an account identifier associated with the second token,wherein the method further comprises generating, by the first entity computer, an authorization request message comprising the second token; and
  
  wherein sending the second token to the server computer at the second entity comprisessending, by the first entity computer, the authorization request message to the server computer at the second entity, wherein the server computer receives the authorization request message, modifies the authorization request message to include the account identifier, and sends the modified authorization request message to third entity computer to authorize the transaction.
- View Dependent Claims (27, 28, 29, 30, 31, 32)
- - 27. The method of claim 26 wherein the first entity is a merchant and the second entity is an acquirer.
  - 28. The method of claim 26 wherein determining the second token associated with the first token further comprises generating the second token by altering information from the first token, wherein the second token is derived from a first entity identifier, and wherein the second entity uses the first entity identifier to determine the account identifier associated with the second token.
  - 29. The method of claim 28 wherein altering information from the first token further comprises using a predetermined algorithm to generate the second token, and wherein the second entity uses the first entity identifier to determine the predetermined algorithm.
  - 30. The method of claim 26, wherein the first token is a biometric input.
  - 31. The method of claim 26 wherein the second token is in a format of a payment card number, wherein the format of the payment card number comprises a payment processing network indicator and a check sum digit.
  - 32. The method of claim 26 wherein the first entity computer is a server computer in communication with an access device.

33. An apparatus comprising:
- a processor and a non-transitory computer-readable storage medium coupled to the processor, the computer-readable storage medium comprising code executable by the processor for implementing a method comprising;
  
  receiving a first token from a consumer;
  
  determining a second token associated with the first token; and
  
  sending the second token to a server computer at a second entity, wherein the server computer determines an account identifier associated with the second token,wherein the method further comprises generating an authorization request message comprising the second token; and
  
  wherein sending the second token to the server computer at the second entity comprisessending the authorization request message to the server computer at the second entity, wherein the server computer receives the authorization request message, modifies the authorization request message to include the account identifier, and sends the modified authorization request message to third entity computer to authorize the transaction.
- View Dependent Claims (34, 35, 36, 37, 38)
- - 34. The apparatus of claim 33, wherein determining the second token associated with the first token further comprises generating the second token by altering information from the first token, wherein the second token is derived from a first entity identifier.
  - 35. The apparatus of claim 33, wherein the second token is in a format of a payment card number, wherein the format of the payment card number comprises a payment processing network indicator and a check sum digit.
  - 36. The apparatus of claim 33, wherein the first token is a biometric input.
  - 37. The apparatus of claim 33 wherein the apparatus is a merchant computer.
  - 38. The apparatus of claim 33 wherein the first token represents an account number and a CVV value.

39. A method comprising:
- receiving at a payment processing network, a first authorization request comprising a payment account number from a first processing computer, wherein the first processing computer derived the account number from an initial merchant token specifically created for a first merchant;
  
  forwarding the first authorization request to an issuer;
  
  receiving at the payment processing network, a second authorization request comprising the payment account number from a second processing computer, wherein the second processing computer derived the account number from a subsequent merchant token specifically created for a second merchant; and
  
  forwarding the second authorization request to the issuer.
- View Dependent Claims (40, 41, 42, 43)
- - 40. The method of claim 39 wherein the payment processing network is configured to process credit and debit cards transactions.
  - 41. The method of claim 39 wherein the initial merchant token and the subsequent merchant token were previously derived from the same consumer token.
  - 42. The method of claim 41 wherein the consumer token is a phone number.
  - 43. The method of claim 39 wherein the first and second authorization request messages are ISO 8583 messages.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Ayman Hammad
Original Assignee
Ayman Hammad
Inventors
Hammad, Ayman

Granted Patent

US 10,552,828 B2
Time in Patent Office

Days
Field of Search
US Class Current

1/1
CPC Class Codes

G06F 9/30196   using decoder, e.g. decoder...

G06F 9/3822   Parallel decoding, e.g. par...

G06Q 20/12   specially adapted for elect...

G06Q 20/3674   involving authentication

G06Q 20/382   insuring higher security of...

G06Q 20/3823   combining multiple encrypti...

G06Q 20/385   using an alias or single-us...

G06Q 20/40   Authorisation, e.g. identif...

G06Q 20/401   Transaction verification

G06Q 20/405   Establishing or using trans...

H04L 9/32   including means for verifyi...

MULTIPLE TOKENIZATION FOR AUTHENTICATION

First Claim

0 Assignments

0 Petitions

Accused Products

Abstract

31 Citations

43 Claims

Specification

Solutions

Use Cases

Quick Links

MULTIPLE TOKENIZATION FOR AUTHENTICATION

First Claim

0 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

31 Citations

43 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links